Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-10-2013 01 Ran by Computer (administrator) on COMPUTER-PC on 24-10-2013 20:03:56 Running from C:\Users\Computer\Downloads Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: English(US) Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) =================== (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe () C:\Program Files\D-Link\DWA-160\ANIWConnService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Yahoo! Inc.) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Lavasoft) C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (D-Link Corp.) C:\Program Files\D-Link\DWA-160\AirNCFG.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung) C:\Program Files\Samsung\Kies\Kies.exe (Samsung Electronics) C:\Program Files\Samsung\Kies\KiesAirMessage.exe (Samsung) C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Google) C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe (Microsoft Corporation) C:\Windows\system32\wuauclt.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Intuit Inc.) C:\Program Files\Quicken\qw.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM\...\Run: [avast5] - C:\Program Files\Alwil Software\Avast5\avastUI.exe [4858968 2013-05-09] (AVAST Software) HKLM\...\Run: [SDTray] - C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [3830224 2013-05-16] (Safer-Networking Ltd.) HKLM\...\Run: [Ad-Aware Browsing Protection] - C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [554408 2013-05-15] (Lavasoft) HKLM\...\Run: [D-Link D-Link Wireless N Dual Band DWA-160 ] - C:\Program Files\D-Link\DWA-160\AirNCFG.exe [1078592 2011-11-02] (D-Link Corp.) HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation) HKLM\...\Run: [KiesTrayAgent] - C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311152 2013-05-23] (Samsung Electronics Co., Ltd.) Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X] HKCU\...\Run: [KiesPreload] - C:\Program Files\Samsung\Kies\Kies.exe [1561968 2013-05-23] (Samsung) HKCU\...\Run: [KiesAirMessage] - C:\Program Files\Samsung\Kies\KiesAirMessage.exe [578560 2013-05-22] (Samsung Electronics) HKCU\...\Run: [] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1106288 2013-05-23] (Samsung) HKCU\...\Policies\system: [LogonHoursAction] 2 HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 MountPoints2: {2070bdbf-f5b4-11e1-9748-00248c9d2640} - F:\LaunchU3.exe -a HKU\Chris\...\Run: [] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [ 2013-05-23] (Samsung) HKU\Chris\...\Run: [SearchProtect] - C:\Users\Chris\AppData\Roaming\SearchProtect\bin\cltmng.exe HKU\Chris\...\Run: [Steam] - C:\Program Files\Steam\Steam.exe [ 2013-10-08] (Valve Corporation) HKU\Chris\...\Policies\system: [LogonHoursAction] 2 HKU\Chris\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\Dean\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [ 2013-10-02] (Skype Technologies S.A.) HKU\Dean\...\Policies\system: [LogonHoursAction] 2 HKU\Dean\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 Startup: C:\Users\Dean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\Computer\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File) BootExecute: autocheck autochk * sdnclean.exe ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/ HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US SearchScopes: HKLM - DefaultScope value is missing. BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) Winsock: Catalog5 01 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll" Winsock: Catalog5 05 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll" Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76 FireFox: ======== FF ProfilePath: C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\wevy5ckh.default FF Homepage: www.google.com FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll () FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @yahoo.com/BrowserPlus,version=2.9.8 - C:\Users\Computer\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.) FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Extension: Yahoo! Toolbar - C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\wevy5ckh.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} FF Extension: autofillForms - C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\wevy5ckh.default\Extensions\autofillForms@blueimp.net.xpi FF Extension: No Name - C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\wevy5ckh.default\Extensions\{ff356687-aa08-463d-a46c-11c451824939}.xpi FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} Chrome: ======= CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding} CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter} CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\29.0.1547.66\pdf.dll () CHR Plugin: (2007 Microsoft Office system) - C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation) CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (BrowserPlus (from Yahoo!) v2.9.8) - C:\Users\Computer\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.) CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll No File CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File CHR Extension: (Chrome In-App Payments service) - C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0 CHR HKLM\...\Chrome\Extension: [phegaokedjdajgnfphbnpkcfdgjbidko] - C:\ProgramData\adawaretb\toolbar\chrome\toolbar.crx CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ========================== Services (Whitelisted) ================= R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [46808 2013-05-09] (AVAST Software) R2 D-Link Wireless N Dual Band DWA-160 _WPS; C:\Program Files\D-Link\DWA-160\ANIWConnService.exe [53248 2010-07-12] () S2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.) S2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.) ==================== Drivers (Whitelisted) ==================== R1 anodlwf; C:\Windows\System32\DRIVERS\anodlwf.sys [12800 2010-05-29] () R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-05-09] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [66336 2013-05-09] (AVAST Software) R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [61680 2013-05-09] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-05-09] () R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [770344 2013-06-27] (AVAST Software) R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [369584 2013-06-27] (AVAST Software) R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-05-09] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [175176 2013-06-27] () R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-13] (Microsoft Corporation) R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [13560 2013-05-31] (GFI Software) S3 ivusb; C:\Windows\System32\DRIVERS\ivusb.sys [25112 2010-07-29] (Initio Corporation) R3 netr28u; C:\Windows\System32\DRIVERS\Dnetr28u.sys [1265216 2011-09-09] (Ralink Technology Corp.) S0 is3srv; system32\drivers\is3srv.sys [x] S1 NetBT; System32\DRIVERS\netbt.sys [x] S0 szkg5; system32\DRIVERS\szkg.sys [x] S0 szkgfs; system32\drivers\szkgfs.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-10-24 20:03 - 2013-10-24 20:03 - 01088113 _____ (Farbar) C:\Users\Computer\Downloads\FRST.exe 2013-10-24 20:03 - 2013-10-24 20:03 - 00000000 ____D C:\FRST 2013-10-24 20:02 - 2013-10-24 20:02 - 01955412 _____ (Farbar) C:\Users\Computer\Downloads\FRST64.exe 2013-10-24 19:33 - 2013-10-24 19:33 - 00000056 _____ C:\Windows\setupact.log 2013-10-24 19:33 - 2013-10-24 19:33 - 00000000 _____ C:\Windows\setuperr.log 2013-10-18 23:20 - 2013-10-18 23:20 - 00819136 _____ (Google Inc.) C:\Users\Chris\Downloads\googledrivesync.exe 2013-10-18 14:23 - 2013-10-18 14:23 - 13831464 _____ C:\Users\Chris\Downloads\This-is-my-Biome-Map.zip 2013-10-18 14:11 - 2013-10-18 14:14 - 19188669 _____ C:\Users\Chris\Downloads\EmpirePolis-March 2013.zip 2013-10-18 13:40 - 2013-10-18 13:41 - 00001324 _____ C:\Users\Chris\Desktop\desmume.ini 2013-10-18 13:40 - 2013-10-18 13:40 - 00000000 ____D C:\Users\Chris\Desktop\States 2013-10-18 13:40 - 2013-10-18 13:40 - 00000000 ____D C:\Users\Chris\Desktop\Roms 2013-10-18 13:40 - 2013-10-18 13:40 - 00000000 ____D C:\Users\Chris\Desktop\Cheats 2013-10-18 13:40 - 2013-10-18 13:40 - 00000000 ____D C:\Users\Chris\Desktop\Battery 2013-10-18 10:35 - 2013-10-19 12:02 - 00000000 ____D C:\Program Files\Steam 2013-10-18 10:35 - 2013-10-18 10:35 - 00000000 _____ C:\Users\Chris\Documents\.crash 2013-10-18 10:34 - 2013-10-18 10:34 - 01669632 _____ C:\Users\Chris\Downloads\SteamInstall.msi 2013-10-18 00:15 - 2013-10-18 00:15 - 00000000 ____D C:\Users\Chris\Documents\Minecraft Parodies 2013-10-17 18:02 - 2013-10-17 18:04 - 96615938 _____ C:\Users\Guest\Downloads\Knights in the Nightmare.zip 2013-10-16 20:52 - 2013-10-16 20:52 - 00009671 _____ C:\Users\Guest\AppData\Local\recently-used.xbel 2013-10-16 18:49 - 2013-10-16 18:49 - 00291854 _____ C:\Users\Chris\Downloads\1.6.4 DamageIndicators v2.9.0.9.zip 2013-10-16 18:49 - 2013-10-16 18:49 - 00110893 _____ C:\Users\Chris\Downloads\TooManyItems2013_09_20_1.6.4.zip 2013-10-16 18:47 - 2013-10-16 18:47 - 00396089 _____ C:\Users\Chris\Downloads\zanMap164g3.zip 2013-10-15 19:41 - 2013-10-15 19:41 - 00000000 ____D C:\Users\Chris\Documents\Dolphin Emulator 2013-10-15 19:05 - 2013-10-15 19:06 - 00000000 ____D C:\Program Files\Dolphin x86 4.0 2013-10-15 19:05 - 2013-10-15 19:05 - 00001013 _____ C:\Users\Public\Desktop\Dolphin x86.lnk 2013-10-15 15:57 - 2013-10-15 15:57 - 00000000 ____D C:\Users\Dean\Documents\My Cheat Tables 2013-10-15 15:56 - 2013-10-15 15:56 - 00000000 ____D C:\Program Files\Cheat Engine 6 2013-10-15 15:55 - 2013-10-15 15:55 - 05184389 _____ (Dark Byte ) C:\Users\Guest\Downloads\CheatEngine60.exe 2013-10-14 20:26 - 2013-10-14 20:26 - 00747941 _____ C:\Users\Chris\Downloads\Contra III - The Alien Wars.zip 2013-10-14 20:24 - 2013-10-14 20:24 - 04924158 _____ C:\Users\Chris\Downloads\dolphin-4.0-x86.exe 2013-10-14 19:05 - 2013-10-19 09:40 - 00020911 _____ C:\Users\Chris\Desktop\zsnesw.cfg 2013-10-14 19:05 - 2013-10-19 09:40 - 00003818 _____ C:\Users\Chris\Desktop\zinput.cfg 2013-10-14 19:05 - 2013-10-19 09:36 - 00000252 _____ C:\Users\Chris\Desktop\rominfo.txt 2013-10-14 19:05 - 2013-10-19 09:35 - 00002480 _____ C:\Users\Chris\Desktop\zmovie.cfg 2013-10-14 19:05 - 2013-10-14 19:05 - 00008952 _____ C:\Users\Chris\Desktop\zfont.txt 2013-10-13 19:34 - 2013-10-13 19:34 - 00846864 _____ (Microsoft Corporation) C:\Users\Chris\Downloads\IE10-Windows6.1-en-us.exe 2013-10-13 19:02 - 2013-10-19 09:27 - 00000000 ____D C:\Users\Chris\Desktop\Mine-imator v0.6.2 - Copy 2013-10-05 21:11 - 2013-10-05 21:11 - 00000000 ____D C:\Program Files\Mozilla Firefox 2013-10-04 23:59 - 2013-10-04 23:59 - 04924158 _____ C:\Users\Guest\Downloads\dolphin-4.0-x86.exe 2013-10-04 23:13 - 2013-10-15 16:37 - 00000000 ____D C:\Users\Guest\AppData\Roaming\.minecraft 2013-10-04 23:13 - 2013-10-04 23:13 - 00675988 _____ C:\Users\Guest\Documents\Minecraft.exe 2013-10-04 20:55 - 2013-10-04 20:55 - 00675988 _____ C:\Users\Chris\Downloads\Minecraft(1).exe 2013-10-04 20:24 - 2013-10-04 20:27 - 00000000 ____D C:\Users\Chris\.gimp-2.8 2013-10-04 20:24 - 2013-10-04 20:24 - 00000000 ____D C:\Users\Chris\AppData\Local\gegl-0.2 2013-10-04 18:10 - 2013-10-05 09:56 - 00000000 ____D C:\Users\Chris\Desktop\Mine-imator v0.6.2 2013-10-04 18:09 - 2013-01-20 23:06 - 04961937 _____ (David "Davve" Norgren) C:\Users\Chris\Desktop\Mine-imator.exe 2013-10-03 20:20 - 2013-10-16 20:52 - 00000000 ____D C:\Users\Guest\AppData\Local\gtk-2.0 2013-10-03 20:20 - 2013-10-03 20:20 - 00000000 ____D C:\Users\Guest\.thumbnails 2013-10-03 19:42 - 2013-10-16 20:52 - 00000000 ____D C:\Users\Guest\.gimp-2.8 2013-10-03 19:42 - 2013-10-03 19:42 - 00000000 ____D C:\Users\Guest\AppData\Local\gegl-0.2 2013-10-03 19:38 - 2013-10-03 19:41 - 00000000 ____D C:\Program Files\GIMP 2 2013-09-30 18:04 - 2013-10-03 20:41 - 00077900 _____ C:\Users\Guest\Documents\Chapter III.III.pptx 2013-09-30 17:45 - 2013-09-30 17:45 - 00109280 _____ C:\Users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT 2013-09-30 17:38 - 2013-10-18 12:53 - 00000000 ____D C:\Users\Guest\AppData\Roaming\Skype 2013-09-30 17:04 - 2013-10-19 15:24 - 00000000 ____D C:\Users\Guest\Documents\DeSmuME 2013-09-30 16:24 - 2013-09-30 16:24 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log 2013-09-30 16:24 - 2013-09-30 16:24 - 00000000 ____D C:\Users\Public\Documents\CrashDump 2013-09-29 20:09 - 2013-09-29 20:09 - 00000000 ____D C:\Users\Guest\AppData\Roaming\WinRAR 2013-09-29 19:58 - 2013-09-29 19:58 - 00000000 ____D C:\Users\Guest\AppData\Roaming\Mozilla 2013-09-29 19:58 - 2013-09-29 19:58 - 00000000 ____D C:\Users\Guest\AppData\Local\Mozilla 2013-09-29 19:58 - 2013-09-29 19:58 - 00000000 ____D C:\Users\Guest\AppData\Local\Macromedia 2013-09-29 16:31 - 2013-09-29 16:31 - 00547530 _____ C:\Users\Chris\Downloads\FlansMod-3.1.1.jar 2013-09-29 16:29 - 2013-09-29 16:29 - 00236216 _____ (Tuguu S.L.U) C:\Users\Chris\Downloads\Player_Setup.exe 2013-09-26 11:13 - 2013-09-26 11:13 - 00000000 ____D C:\Users\Computer\AppData\Local\adawarebp ==================== One Month Modified Files and Folders ======= 2013-10-24 20:03 - 2013-10-24 20:03 - 01088113 _____ (Farbar) C:\Users\Computer\Downloads\FRST.exe 2013-10-24 20:03 - 2013-10-24 20:03 - 00000000 ____D C:\FRST 2013-10-24 20:03 - 2011-10-18 15:20 - 00000000 ____D C:\Users\Dean 2013-10-24 20:02 - 2013-10-24 20:02 - 01955412 _____ (Farbar) C:\Users\Computer\Downloads\FRST64.exe 2013-10-24 20:02 - 2013-09-20 16:44 - 00000000 ____D C:\Users\Computer\Desktop\New computer fix 2013-10-24 19:58 - 2013-05-29 15:33 - 00000878 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-10-24 19:58 - 2011-10-15 17:21 - 01243400 _____ C:\Windows\WindowsUpdate.log 2013-10-24 19:57 - 2012-04-29 14:14 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-10-24 19:49 - 2013-05-29 15:33 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-10-24 19:41 - 2009-07-14 00:34 - 00018816 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-10-24 19:41 - 2009-07-14 00:34 - 00018816 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-10-24 19:33 - 2013-10-24 19:33 - 00000056 _____ C:\Windows\setupact.log 2013-10-24 19:33 - 2013-10-24 19:33 - 00000000 _____ C:\Windows\setuperr.log 2013-10-24 19:33 - 2009-07-14 00:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-10-24 19:31 - 2013-09-06 23:38 - 00000000 ____D C:\Program Files\privoxy 2013-10-24 19:30 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\tracing 2013-10-22 12:42 - 2013-06-02 10:35 - 00080642 _____ C:\Users\Computer\Downloads\OTL.Txt 2013-10-21 10:55 - 2012-08-09 21:53 - 00000000 ____D C:\Users\Computer\Desktop\Word 2013-10-21 10:50 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\system32\NDF 2013-10-19 15:24 - 2013-09-30 17:04 - 00000000 ____D C:\Users\Guest\Documents\DeSmuME 2013-10-19 15:22 - 2011-10-15 17:32 - 00726444 _____ C:\Windows\system32\PerfStringBackup.INI 2013-10-19 13:15 - 2013-05-04 07:12 - 00000000 ____D C:\Users\Chris\AppData\Roaming\.minecraft 2013-10-19 12:19 - 2013-09-06 22:30 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Spotify 2013-10-19 12:02 - 2013-10-18 10:35 - 00000000 ____D C:\Program Files\Steam 2013-10-19 09:40 - 2013-10-14 19:05 - 00020911 _____ C:\Users\Chris\Desktop\zsnesw.cfg 2013-10-19 09:40 - 2013-10-14 19:05 - 00003818 _____ C:\Users\Chris\Desktop\zinput.cfg 2013-10-19 09:36 - 2013-10-14 19:05 - 00000252 _____ C:\Users\Chris\Desktop\rominfo.txt 2013-10-19 09:35 - 2013-10-14 19:05 - 00002480 _____ C:\Users\Chris\Desktop\zmovie.cfg 2013-10-19 09:27 - 2013-10-13 19:02 - 00000000 ____D C:\Users\Chris\Desktop\Mine-imator v0.6.2 - Copy 2013-10-18 23:20 - 2013-10-18 23:20 - 00819136 _____ (Google Inc.) C:\Users\Chris\Downloads\googledrivesync.exe 2013-10-18 14:23 - 2013-10-18 14:23 - 13831464 _____ C:\Users\Chris\Downloads\This-is-my-Biome-Map.zip 2013-10-18 14:14 - 2013-10-18 14:11 - 19188669 _____ C:\Users\Chris\Downloads\EmpirePolis-March 2013.zip 2013-10-18 13:41 - 2013-10-18 13:40 - 00001324 _____ C:\Users\Chris\Desktop\desmume.ini 2013-10-18 13:40 - 2013-10-18 13:40 - 00000000 ____D C:\Users\Chris\Desktop\States 2013-10-18 13:40 - 2013-10-18 13:40 - 00000000 ____D C:\Users\Chris\Desktop\Roms 2013-10-18 13:40 - 2013-10-18 13:40 - 00000000 ____D C:\Users\Chris\Desktop\Cheats 2013-10-18 13:40 - 2013-10-18 13:40 - 00000000 ____D C:\Users\Chris\Desktop\Battery 2013-10-18 12:59 - 2013-05-13 15:42 - 00000000 ____D C:\Users\Dean\AppData\Roaming\Skype 2013-10-18 12:59 - 2013-02-20 19:05 - 00000000 ___RD C:\Users\Dean\Dropbox 2013-10-18 12:59 - 2013-02-20 19:02 - 00000000 ____D C:\Users\Dean\AppData\Roaming\Dropbox 2013-10-18 12:53 - 2013-09-30 17:38 - 00000000 ____D C:\Users\Guest\AppData\Roaming\Skype 2013-10-18 10:54 - 2013-05-13 15:42 - 00000000 ___RD C:\Program Files\Skype 2013-10-18 10:54 - 2013-05-13 15:42 - 00000000 ____D C:\ProgramData\Skype 2013-10-18 10:36 - 2013-08-08 10:38 - 03814961 _____ C:\Users\Chris\Documents\ClientRegistry.blob 2013-10-18 10:35 - 2013-10-18 10:35 - 00000000 _____ C:\Users\Chris\Documents\.crash 2013-10-18 10:35 - 2013-08-08 10:38 - 00012610 _____ C:\Users\Chris\Documents\debug.log 2013-10-18 10:35 - 2013-08-08 10:38 - 00004246 _____ C:\Users\Chris\Documents\steam.log 2013-10-18 10:35 - 2011-10-18 17:50 - 00000000 ____D C:\Users\Chris 2013-10-18 10:34 - 2013-10-18 10:34 - 01669632 _____ C:\Users\Chris\Downloads\SteamInstall.msi 2013-10-18 00:15 - 2013-10-18 00:15 - 00000000 ____D C:\Users\Chris\Documents\Minecraft Parodies 2013-10-17 19:30 - 2013-09-06 22:30 - 00000000 ____D C:\Users\Chris\AppData\Local\Spotify 2013-10-17 19:27 - 2013-06-14 17:16 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2013-10-17 19:27 - 2012-05-08 12:46 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2013-10-17 18:04 - 2013-10-17 18:02 - 96615938 _____ C:\Users\Guest\Downloads\Knights in the Nightmare.zip 2013-10-16 20:52 - 2013-10-16 20:52 - 00009671 _____ C:\Users\Guest\AppData\Local\recently-used.xbel 2013-10-16 20:52 - 2013-10-03 20:20 - 00000000 ____D C:\Users\Guest\AppData\Local\gtk-2.0 2013-10-16 20:52 - 2013-10-03 19:42 - 00000000 ____D C:\Users\Guest\.gimp-2.8 2013-10-16 18:49 - 2013-10-16 18:49 - 00291854 _____ C:\Users\Chris\Downloads\1.6.4 DamageIndicators v2.9.0.9.zip 2013-10-16 18:49 - 2013-10-16 18:49 - 00110893 _____ C:\Users\Chris\Downloads\TooManyItems2013_09_20_1.6.4.zip 2013-10-16 18:47 - 2013-10-16 18:47 - 00396089 _____ C:\Users\Chris\Downloads\zanMap164g3.zip 2013-10-15 19:41 - 2013-10-15 19:41 - 00000000 ____D C:\Users\Chris\Documents\Dolphin Emulator 2013-10-15 19:06 - 2013-10-15 19:05 - 00000000 ____D C:\Program Files\Dolphin x86 4.0 2013-10-15 19:05 - 2013-10-15 19:05 - 00001013 _____ C:\Users\Public\Desktop\Dolphin x86.lnk 2013-10-15 16:37 - 2013-10-04 23:13 - 00000000 ____D C:\Users\Guest\AppData\Roaming\.minecraft 2013-10-15 15:57 - 2013-10-15 15:57 - 00000000 ____D C:\Users\Dean\Documents\My Cheat Tables 2013-10-15 15:56 - 2013-10-15 15:56 - 00000000 ____D C:\Program Files\Cheat Engine 6 2013-10-15 15:55 - 2013-10-15 15:55 - 05184389 _____ (Dark Byte ) C:\Users\Guest\Downloads\CheatEngine60.exe 2013-10-15 14:23 - 2011-10-18 15:20 - 00000000 ____D C:\Users\Dean\AppData\Local\Mozilla 2013-10-14 20:26 - 2013-10-14 20:26 - 00747941 _____ C:\Users\Chris\Downloads\Contra III - The Alien Wars.zip 2013-10-14 20:24 - 2013-10-14 20:24 - 04924158 _____ C:\Users\Chris\Downloads\dolphin-4.0-x86.exe 2013-10-14 19:05 - 2013-10-14 19:05 - 00008952 _____ C:\Users\Chris\Desktop\zfont.txt 2013-10-14 16:15 - 2013-06-22 14:57 - 00000258 _____ C:\Users\Computer\AppData\Roaming\ANICONFIG_{F355BF47-CF84-48BF-AD2B-A72F6B586315}.ini 2013-10-13 19:40 - 2013-07-21 14:52 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Skype 2013-10-13 19:34 - 2013-10-13 19:34 - 00846864 _____ (Microsoft Corporation) C:\Users\Chris\Downloads\IE10-Windows6.1-en-us.exe 2013-10-13 19:30 - 2013-08-08 10:39 - 00000000 ____D C:\Users\Chris\Documents\userdata 2013-10-13 19:30 - 2013-08-08 10:38 - 00000000 ____D C:\Users\Chris\Documents\dumps 2013-10-13 19:17 - 2011-10-18 17:55 - 00000000 ____D C:\Users\Chris\AppData\Local\Mozilla 2013-10-11 03:22 - 2011-11-03 08:21 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-10-11 03:20 - 2013-08-15 03:13 - 00000000 ____D C:\Windows\system32\MRT 2013-10-11 03:20 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\Microsoft.NET 2013-10-11 03:17 - 2011-11-03 10:09 - 78106760 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-10-09 09:57 - 2012-04-29 14:14 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2013-10-09 09:57 - 2011-10-18 14:20 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2013-10-06 05:42 - 2011-10-18 13:34 - 00000000 ____D C:\Users\Computer\AppData\Local\Mozilla 2013-10-05 21:11 - 2013-10-05 21:11 - 00000000 ____D C:\Program Files\Mozilla Firefox 2013-10-05 09:56 - 2013-10-04 18:10 - 00000000 ____D C:\Users\Chris\Desktop\Mine-imator v0.6.2 2013-10-04 23:59 - 2013-10-04 23:59 - 04924158 _____ C:\Users\Guest\Downloads\dolphin-4.0-x86.exe 2013-10-04 23:13 - 2013-10-04 23:13 - 00675988 _____ C:\Users\Guest\Documents\Minecraft.exe 2013-10-04 20:55 - 2013-10-04 20:55 - 00675988 _____ C:\Users\Chris\Downloads\Minecraft(1).exe 2013-10-04 20:27 - 2013-10-04 20:24 - 00000000 ____D C:\Users\Chris\.gimp-2.8 2013-10-04 20:24 - 2013-10-04 20:24 - 00000000 ____D C:\Users\Chris\AppData\Local\gegl-0.2 2013-10-04 16:36 - 2013-06-26 11:43 - 00000000 ____D C:\Users\Chris\AppData\Local\Screencast-O-Matic 2013-10-03 20:56 - 2013-08-25 10:50 - 00000000 ____D C:\Users\Chris\Desktop\Desktop junk 2013-10-03 20:41 - 2013-09-30 18:04 - 00077900 _____ C:\Users\Guest\Documents\Chapter III.III.pptx 2013-10-03 20:20 - 2013-10-03 20:20 - 00000000 ____D C:\Users\Guest\.thumbnails 2013-10-03 20:20 - 2013-05-27 11:03 - 00000000 ____D C:\Users\Guest 2013-10-03 19:42 - 2013-10-03 19:42 - 00000000 ____D C:\Users\Guest\AppData\Local\gegl-0.2 2013-10-03 19:41 - 2013-10-03 19:38 - 00000000 ____D C:\Program Files\GIMP 2 2013-10-01 06:21 - 2013-05-13 18:53 - 00000000 ____D C:\Users\Chris\Documents\School 2013-09-30 17:45 - 2013-09-30 17:45 - 00109280 _____ C:\Users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT 2013-09-30 16:24 - 2013-09-30 16:24 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log 2013-09-30 16:24 - 2013-09-30 16:24 - 00000000 ____D C:\Users\Public\Documents\CrashDump 2013-09-29 20:09 - 2013-09-29 20:09 - 00000000 ____D C:\Users\Guest\AppData\Roaming\WinRAR 2013-09-29 19:58 - 2013-09-29 19:58 - 00000000 ____D C:\Users\Guest\AppData\Roaming\Mozilla 2013-09-29 19:58 - 2013-09-29 19:58 - 00000000 ____D C:\Users\Guest\AppData\Local\Mozilla 2013-09-29 19:58 - 2013-09-29 19:58 - 00000000 ____D C:\Users\Guest\AppData\Local\Macromedia 2013-09-29 16:31 - 2013-09-29 16:31 - 00547530 _____ C:\Users\Chris\Downloads\FlansMod-3.1.1.jar 2013-09-29 16:29 - 2013-09-29 16:29 - 00236216 _____ (Tuguu S.L.U) C:\Users\Chris\Downloads\Player_Setup.exe 2013-09-26 11:13 - 2013-09-26 11:13 - 00000000 ____D C:\Users\Computer\AppData\Local\adawarebp 2013-09-26 11:12 - 2011-10-15 17:21 - 00000000 ____D C:\Users\Computer Files to move or delete: ==================== C:\ProgramData\hash.dat C:\Users\Chris\jagex_cl_runescape_LIVE.dat C:\Users\Chris\random.dat C:\Users\Dean\jagex_cl_runescape_LIVE.dat C:\Users\Dean\random.dat Some content of TEMP: ==================== C:\Users\Guest\AppData\Local\Temp\SkypeSetup.exe ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-10-21 12:27 ==================== End Of Log ============================