Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-01-2015 01 Ran by Clockwork (administrator) on CLOCKWORK-PC on 26-01-2015 09:59:16 Running from C:\Users\Clockwork\Desktop Loaded Profiles: Clockwork (Available profiles: Clockwork) Platform: Windows 7 Ultimate (X64) OS Language: English (United States) Internet Explorer Version 8 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [12697368 2014-10-14] (Logitech Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-1414089619-1553986795-2700891581-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-1414089619-1553986795-2700891581-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation) DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\Clockwork\AppData\Roaming\Mozilla\Firefox\Profiles\u3jstsw3.default FF DefaultSearchEngine: DuckDuckGo FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_257.dll () FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll () FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [802688 2015-01-21] () S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [174112 2015-01-01] (EasyAntiCheat Ltd) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.) S3 PCAMp50a64; C:\Windows\System32\Drivers\PCAMp50a64.sys [43328 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA)) S3 PCASp50a64; C:\Windows\System32\Drivers\PCASp50a64.sys [41280 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA)) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2015-01-25] (Duplex Secure Ltd.) R3 XSplit_Dummy; C:\Windows\System32\drivers\xspltspk.sys [26200 2014-07-02] (SplitmediaLabs Limited) U3 acg6p4o2; C:\Windows\System32\Drivers\acg6p4o2.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero size file/folder) S3 catchme; \??\C:\ComboFix\catchme.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-26 09:59 - 2015-01-26 09:59 - 00005883 _____ () C:\Users\Clockwork\Desktop\FRST.txt 2015-01-26 09:55 - 2015-01-26 09:56 - 02480312 _____ (Sysinternals - www.sysinternals.com) C:\Users\Clockwork\Downloads\procexp.exe 2015-01-26 09:55 - 2015-01-26 09:56 - 02480312 _____ (Sysinternals - www.sysinternals.com) C:\Users\Clockwork\Desktop\procexp.exe 2015-01-25 22:09 - 2015-01-25 22:09 - 00000000 ____D () C:\Users\Clockwork\AppData\Roaming\RenPy 2015-01-25 22:09 - 2015-01-25 22:09 - 00000000 ____D () C:\Users\Clockwork\AppData\Roaming\NVIDIA 2015-01-25 21:53 - 2015-01-25 21:53 - 00000467 _____ () C:\Users\Clockwork\Desktop\VEW applicationtest.txt 2015-01-25 21:52 - 2015-01-25 21:52 - 00000467 _____ () C:\VEW applicationtest.txt 2015-01-25 21:51 - 2015-01-25 21:52 - 00000467 _____ () C:\VEW.txt 2015-01-25 21:51 - 2015-01-25 21:51 - 00000636 _____ () C:\Users\Clockwork\Desktop\VEW systemtest.txt 2015-01-25 21:49 - 2015-01-25 21:49 - 00061440 _____ ( ) C:\Users\Clockwork\Downloads\VEW.exe 2015-01-25 21:49 - 2015-01-25 21:49 - 00061440 _____ ( ) C:\Users\Clockwork\Desktop\VEW.exe 2015-01-25 21:32 - 2015-01-25 21:32 - 00011552 _____ () C:\ComboFix.txt 2015-01-25 19:40 - 2015-01-25 21:32 - 00000000 ____D () C:\Qoobox 2015-01-25 19:40 - 2015-01-25 19:45 - 00000000 ____D () C:\Windows\erdnt 2015-01-25 19:40 - 2011-06-25 22:45 - 00256000 _____ () C:\Windows\PEV.exe 2015-01-25 19:40 - 2010-11-07 09:20 - 00208896 _____ () C:\Windows\MBR.exe 2015-01-25 19:40 - 2009-04-19 20:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2015-01-25 19:40 - 2000-08-30 16:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2015-01-25 19:40 - 2000-08-30 16:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2015-01-25 19:40 - 2000-08-30 16:00 - 00098816 _____ () C:\Windows\sed.exe 2015-01-25 19:40 - 2000-08-30 16:00 - 00080412 _____ () C:\Windows\grep.exe 2015-01-25 19:40 - 2000-08-30 16:00 - 00068096 _____ () C:\Windows\zip.exe 2015-01-25 19:39 - 2015-01-25 19:39 - 00000512 _____ () C:\Users\Clockwork\Desktop\MBR.dat 2015-01-25 19:13 - 2015-01-25 19:14 - 05609462 ____R (Swearware) C:\Users\Clockwork\Desktop\ComboFix.exe 2015-01-25 19:12 - 2015-01-25 19:12 - 05200384 _____ (AVAST Software) C:\Users\Clockwork\Desktop\aswmbr.exe 2015-01-25 16:57 - 2015-01-25 16:57 - 00001112 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk 2015-01-25 16:57 - 2015-01-25 16:57 - 00001112 _____ () C:\ProgramData\Desktop\OpenOffice 4.1.1.lnk 2015-01-25 16:57 - 2015-01-25 16:57 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1 2015-01-25 16:57 - 2015-01-25 16:57 - 00000000 ____D () C:\Users\Clockwork\AppData\Roaming\OpenOffice 2015-01-25 16:56 - 2015-01-25 16:56 - 00000000 ____D () C:\Users\Clockwork\Desktop\OpenOffice 4.1.1 (en-US) Installation Files 2015-01-25 16:56 - 2015-01-25 16:56 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4 2015-01-25 16:23 - 2015-01-25 16:23 - 00014530 _____ () C:\Users\Clockwork\Downloads\Addition.txt 2015-01-25 16:22 - 2015-01-26 09:59 - 00000000 ____D () C:\FRST 2015-01-25 16:22 - 2015-01-25 16:23 - 00019880 _____ () C:\Users\Clockwork\Downloads\FRST.txt 2015-01-25 16:16 - 2015-01-25 16:16 - 00000000 ____D () C:\Windows\ERUNT 2015-01-25 16:11 - 2015-01-25 16:13 - 00000000 ____D () C:\AdwCleaner 2015-01-25 16:05 - 2015-01-25 16:05 - 02129920 _____ (Farbar) C:\Users\Clockwork\Desktop\FRST64.exe 2015-01-25 16:04 - 2015-01-25 16:04 - 01707939 _____ (Thisisu) C:\Users\Clockwork\Downloads\JRT.exe 2015-01-25 16:03 - 2015-01-25 16:03 - 02194432 _____ () C:\Users\Clockwork\Downloads\AdwCleaner.exe 2015-01-25 15:54 - 2015-01-25 15:54 - 00000000 ____D () C:\_OTL 2015-01-25 15:16 - 2015-01-25 15:39 - 140852175 _____ () C:\Users\Clockwork\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_en-US.exe 2015-01-25 14:48 - 2015-01-25 14:48 - 00069662 _____ () C:\Users\Clockwork\Downloads\OTL.Txt 2015-01-25 14:48 - 2015-01-25 14:48 - 00065446 _____ () C:\Users\Clockwork\Downloads\Extras.Txt 2015-01-25 14:44 - 2015-01-25 14:44 - 00602112 _____ (OldTimer Tools) C:\Users\Clockwork\Downloads\OTL.exe 2015-01-25 14:44 - 2015-01-25 14:44 - 00602112 _____ (OldTimer Tools) C:\Users\Clockwork\Desktop\OTL.exe 2015-01-25 14:29 - 2015-01-25 14:29 - 00000000 ____D () C:\Windows\pss 2015-01-25 14:22 - 2015-01-25 14:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-01-25 14:22 - 2015-01-25 14:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2015-01-25 13:56 - 2015-01-25 13:56 - 00001070 _____ () C:\Users\Public\Desktop\VLC media player.lnk 2015-01-25 13:56 - 2015-01-25 13:56 - 00001070 _____ () C:\ProgramData\Desktop\VLC media player.lnk 2015-01-25 13:56 - 2015-01-25 13:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2015-01-25 13:55 - 2015-01-25 13:55 - 00000000 ____D () C:\Program Files (x86)\VideoLAN 2015-01-25 13:12 - 2015-01-25 13:12 - 00001954 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk 2015-01-25 13:12 - 2015-01-25 13:12 - 00001954 _____ () C:\ProgramData\Desktop\DAEMON Tools Lite.lnk 2015-01-25 13:11 - 2015-01-25 13:50 - 00000000 ____D () C:\Users\Clockwork\AppData\Roaming\DAEMON Tools Lite 2015-01-25 13:11 - 2015-01-25 13:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite 2015-01-25 13:11 - 2015-01-25 13:11 - 00386680 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys 2015-01-25 13:11 - 2015-01-25 13:11 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite 2015-01-25 13:10 - 2015-01-25 13:50 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite 2015-01-25 13:10 - 2015-01-25 13:10 - 13429504 _____ (Disc Soft Ltd) C:\Users\Clockwork\Downloads\DTLite4491-0356.exe 2015-01-24 14:53 - 2015-01-24 14:55 - 00000000 ____D () C:\Users\Clockwork\Downloads\Event_ZEDS_V14 2015-01-24 14:52 - 2015-01-24 14:53 - 28570892 _____ () C:\Users\Clockwork\Downloads\Event_ZEDS_V14.rar 2015-01-17 17:40 - 2015-01-17 17:40 - 00291728 _____ () C:\Windows\Minidump\011715-20826-01.dmp 2015-01-17 03:52 - 2015-01-17 03:52 - 00030720 ____H () C:\Users\Clockwork\Desktop\photothumb.db 2015-01-17 03:51 - 2015-01-17 03:51 - 21360800 _____ (Mooii) C:\Users\Clockwork\Downloads\PhotoScape_V3.7.exe 2015-01-17 03:51 - 2015-01-17 03:51 - 00000000 ____D () C:\Users\Clockwork\AppData\Roaming\PhotoScape 2015-01-13 21:50 - 2015-01-18 01:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird 2015-01-13 11:43 - 2015-01-25 13:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-01-13 01:47 - 2015-01-13 01:47 - 00000000 ____D () C:\Users\Clockwork\AppData\Roaming\Yahoo! 2015-01-13 01:45 - 2015-01-21 23:02 - 00000000 ____D () C:\Program Files (x86)\Yahoo! 2015-01-13 01:44 - 2015-01-13 01:44 - 00691576 _____ (Yahoo! Inc.) C:\Users\Clockwork\Downloads\msgr11us.exe 2015-01-06 13:24 - 2011-01-21 14:30 - 00000000 ____D () C:\Users\Clockwork\Downloads\The Screwtape Letters - C.S. Lewis - Focus on the Family's Radio Theatre 2015-01-04 19:20 - 2015-01-04 19:20 - 00291728 _____ () C:\Windows\Minidump\010415-14102-01.dmp 2015-01-04 12:30 - 2015-01-04 13:11 - 125341713 _____ () C:\Users\Clockwork\Downloads\The Screwtape Letters - C.S. Lewis - Focus on the Family's Radio Theatre.part4.rar 2015-01-03 21:55 - 2015-01-03 22:46 - 157286400 _____ () C:\Users\Clockwork\Downloads\The Screwtape Letters - C.S. Lewis - Focus on the Family's Radio Theatre.part3.rar 2015-01-03 17:48 - 2015-01-03 18:49 - 157286400 _____ () C:\Users\Clockwork\Downloads\The Screwtape Letters - C.S. Lewis - Focus on the Family's Radio Theatre.part2.rar 2015-01-03 13:37 - 2015-01-03 14:28 - 157286400 _____ () C:\Users\Clockwork\Downloads\The Screwtape Letters - C.S. Lewis - Focus on the Family's Radio Theatre.part1.rar 2015-01-01 17:46 - 2015-01-01 17:16 - 00174112 _____ (EasyAntiCheat Ltd) C:\Windows\SysWOW64\EasyAntiCheat.exe 2015-01-01 12:16 - 2015-01-01 12:16 - 00000000 ____D () C:\Users\Clockwork\AppData\Local\capcom 2014-12-30 10:13 - 2015-01-17 17:40 - 00000000 ____D () C:\Windows\Minidump 2014-12-30 10:13 - 2015-01-17 17:39 - 488662232 _____ () C:\Windows\MEMORY.DMP 2014-12-30 10:13 - 2014-12-30 10:13 - 00291728 _____ () C:\Windows\Minidump\123014-19952-01.dmp 2014-12-29 21:09 - 2014-12-29 21:09 - 00000000 ____D () C:\Users\Clockwork\Documents\Larian Studios 2014-12-29 21:09 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll 2014-12-29 21:09 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll 2014-12-29 21:09 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll 2014-12-29 21:09 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll 2014-12-29 21:09 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll 2014-12-29 21:09 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll 2014-12-29 21:09 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll 2014-12-29 21:09 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll 2014-12-29 21:09 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll 2014-12-29 21:09 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll 2014-12-29 11:48 - 2014-12-29 11:48 - 00000222 _____ () C:\Users\Clockwork\Desktop\Divinity Original Sin.url 2014-12-27 21:13 - 2014-12-27 21:13 - 00000859 _____ () C:\Users\Clockwork\Desktop\µTorrent.lnk 2014-12-27 21:13 - 2014-12-27 21:13 - 00000839 _____ () C:\Users\Clockwork\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk 2014-12-27 21:11 - 2014-12-27 21:11 - 01688656 _____ (BitTorrent Inc.) C:\Users\Clockwork\Downloads\uTorrent.exe ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-26 09:56 - 2014-11-18 13:55 - 00000000 ____D () C:\Program Files (x86)\Steam 2015-01-26 09:56 - 2014-11-14 23:58 - 00000000 ____D () C:\Users\Clockwork\AppData\Roaming\Skype 2015-01-26 08:15 - 2014-11-17 17:32 - 00276617 _____ () C:\Windows\WindowsUpdate.log 2015-01-26 08:14 - 2014-11-18 09:02 - 00009671 _____ () C:\Windows\setupact.log 2015-01-25 21:43 - 2009-07-13 21:13 - 00778150 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-01-25 21:42 - 2009-07-13 20:45 - 00014192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-01-25 21:42 - 2009-07-13 20:45 - 00014192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-01-25 21:37 - 2014-12-16 10:14 - 00057248 _____ () C:\Windows\PFRO.log 2015-01-25 21:37 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-01-25 21:37 - 2009-07-13 20:45 - 00293176 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-01-25 21:36 - 2014-11-18 08:08 - 00063568 _____ () C:\Users\Clockwork\AppData\Local\GDIPFONTCACHEV1.DAT 2015-01-25 21:31 - 2009-07-13 18:34 - 00000215 _____ () C:\Windows\system.ini 2015-01-25 19:46 - 2009-07-13 19:20 - 00000000 __RHD () C:\Users\Default 2015-01-25 16:56 - 2009-07-13 19:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared 2015-01-25 16:13 - 2014-11-18 08:38 - 00000815 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-01-25 16:13 - 2014-11-17 17:34 - 00000931 _____ () C:\Users\Clockwork\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-01-25 16:13 - 2014-11-17 17:34 - 00000863 _____ () C:\Users\Clockwork\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk 2015-01-25 14:22 - 2009-07-13 19:20 - 00000000 ____D () C:\Program Files\Common Files\System 2015-01-25 13:41 - 2014-11-18 14:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2015-01-25 13:13 - 2014-11-18 17:06 - 00000000 ____D () C:\Users\Clockwork\AppData\Roaming\uTorrent 2015-01-24 17:37 - 2014-11-18 14:59 - 00000000 ____D () C:\Users\Clockwork\AppData\Roaming\TS3Client 2015-01-23 16:34 - 2014-11-18 18:07 - 00000000 ____D () C:\Users\Clockwork\AppData\Local\ArmA 2 OA 2015-01-21 09:27 - 2014-12-12 20:04 - 00000000 ____D () C:\ProgramData\Oracle 2015-01-21 09:26 - 2014-12-12 20:05 - 00000000 ____D () C:\Program Files\Java 2015-01-21 09:26 - 2014-12-12 20:04 - 00000000 ____D () C:\Program Files (x86)\Java 2015-01-21 09:25 - 2014-12-12 20:05 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2015-01-21 09:25 - 2014-12-12 20:04 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2015-01-17 21:07 - 2014-11-17 22:35 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-01-17 21:07 - 2014-11-17 22:35 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-01-13 01:46 - 2014-11-18 16:48 - 00000000 ____D () C:\Users\Clockwork\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive 2015-01-13 01:46 - 2014-11-17 17:34 - 00000000 ____D () C:\Users\Clockwork\AppData\Local\VirtualStore 2014-12-29 21:09 - 2014-11-18 16:48 - 00045339 _____ () C:\Windows\DirectX.log 2014-12-29 11:48 - 2014-11-18 15:52 - 00000000 ____D () C:\Users\Clockwork\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-01-24 11:31 ==================== End Of Log ============================