Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-07-2013 01 Ran by SYSTEM on 27-07-2013 23:20:01 Running from G:\ Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 10 Boot Mode: Recovery The current controlset is ControlSet001 [b]ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.[/b] ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RunDLLEntry_THXCfg] - C:\Windows\system32\RunDLL32.exe [45568 2009-07-13] (Microsoft Corporation) HKLM\...\Run: [RunDLLEntry_EptMon] - C:\Windows\system32\RunDLL32.exe [45568 2009-07-13] (Microsoft Corporation) HKLM\...\Run: [Zune Launcher] - C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation) HKLM-x32\...\Runonce: [AvgUninstallURL] - cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OUEtTkdNQk0tTjRGMlAtRTNTTVItUFpSMk4tSFFZS0s"&"inst=NzYtOTUzNTY1NjA1LVU5MCsxLVhPMzYrMS1TVDErMi1OMUQrMS1QTCs5LUREVCs1MjQ3My1ERDkwKzEtU1Q5MEFQUCsxLVNUMTJPSSsxLVNUMTJBUFArMQ"&"prod=92"&"ver=2012.0.1831"&"mid=a790970bd40e47d19bd669e5291b0441-5983a0c77cc996a4fe62f5b959b490a12c856971 [x] HKLM-x32\...\Runonce: [Malwarebytes Anti-Malware (cleanup)] - rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript [x] HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe, HKLM-x32\...\Winlogon: [Userinit] userinit.exe, [x] HKLM-x32\...\Winlogon: [Shell] explorer.exe [x ] () Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\822\G2AWinLogon_x64.dll (Citrix Online, a division of Citrix Systems, Inc.) HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation) HKLM-x32\...\Run: [THX Audio Control Panel] - C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe [963584 2009-12-01] (Creative Technology Ltd) HKLM-x32\...\Run: [UpdReg] - C:\Windows\UpdReg.EXE [x] HKLM-x32\...\Run: [BDRegion] - C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe [75048 2011-08-11] (cyberlink) HKLM-x32\...\Run: [Dell DataSafe Online] - C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.) HKLM-x32\...\Run: [] - [x] HKLM-x32\...\Run: [EEventManager] - C:\PROGRA~2\EPSONS~1\EVENTM~1\EEventManager.exe [673616 2009-04-07] (SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [LifeCam] - "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe" [x] HKLM-x32\...\Run: [AccuWeatherWidget] - C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj [2835443 2012-02-01] () HKLM-x32\...\Run: [Info Center] - C:\Program Files (x86)\PCPitstop\Info Center\InfoCenter.exe [26264 2012-01-31] (PC Pitstop LLC) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start [x] HKLM-x32\...\Run: [PC MaticRT] - C:\Program Files (x86)\PCPitstop\SuperShield\PCMaticRT.exe [1105672 2013-01-02] (PC Pitstop LLC) HKU\Administrator\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [x] HKU\Administrator\...\Run: [StartUp This] - C:\Program Files (x86)\Laplink\PCmover\LaunchSt.exe [251256 2010-06-16] (Laplink Software, Inc.) HKU\Administrator\...\Run: [Epson Stylus NX510(Network) (Copy 1)] - C:\Windows\SysWOW64\spool\DRIVERS\W32X86\3\E_FATIFIA.EXE /FU "C:\WINDOWS\TEMP\E_S4F.tmp" /EF "HKCU" [x] <===== ATTENTION HKU\Administrator\...\Run: [Download Nitro] - C:\Program Files (x86)\PCPitstop\Download Nitro\pcpitstop-nitro.exe [3597520 2011-06-30] (PC Pitstop, LLC) HKU\Administrator\...\Run: [EPSON NX510 Series] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFIA.EXE /FU "C:\Windows\TEMP\E_SEFD9.tmp" /EF "HKCU" [x] <===== ATTENTION HKU\Administrator\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [18678376 2013-04-19] (Skype Technologies S.A.) HKU\Administrator\...\RunOnce: [mctadmin] - C:\Windows\System32\mctadmin.exe [x] HKU\Administrator\...\RunOnce: [avg_spchecker] - "C:\Program Files (x86)\AVG\AVG9\Notification\SPChecker1.exe" /start [x] HKU\Default\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [x] HKU\Default\...\RunOnce: [mctadmin] - C:\Windows\System32\mctadmin.exe [x] HKU\Default\...\RunOnce: [NeroHomeFirstStart] - C:\Program Files (x86)\Common Files\Ahead\Lib\NMFirstStart.exe [x] HKU\Default User\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [x] HKU\Default User\...\RunOnce: [mctadmin] - C:\Windows\System32\mctadmin.exe [x] HKU\Default User\...\RunOnce: [NeroHomeFirstStart] - C:\Program Files (x86)\Common Files\Ahead\Lib\NMFirstStart.exe [x] HKU\Oze\...\Run: [EPSON NX510 Series] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFIA.EXE /FU "C:\Windows\TEMP\E_SB4EE.tmp" /EF "HKCU" [x] <===== ATTENTION HKU\Oze\...\Run: [Download Nitro] - C:\Program Files (x86)\PCPitstop\Download Nitro\pcpitstop-nitro.exe [3597520 2011-06-30] (PC Pitstop, LLC) HKU\Oze\...\Run: [Speech Recognition] - C:\Windows\Speech\Common\sapisvr.exe [44544 2009-07-13] (Microsoft Corporation) HKU\Oze\...\Run: [Dxtory Update Checker 2.0] - C:\Program Files (x86)\Dxtory Software\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software) HKU\Oze\...\Run: [HydraVisionDesktopManager] - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2012-12-19] (AMD) Startup: C:\Users\Oze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Caller ID.lnk ShortcutTarget: Caller ID.lnk -> C:\Program Files (x86)\Caller ID\Caller ID.exe () SSODL-x32: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - No File SSODL-x32: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - No File SSODL-x32: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - No File SSODL-x32: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - No File ==================== Services (Whitelisted) ================= S2 AudioSrv; C:\Windows\SysWow64\Audiosrv.dll [42496 2008-04-13] (Microsoft Corporation) S2 BITS; C:\Windows\SysWow64\qmgr.dll [409088 2008-04-13] (Microsoft Corporation) S2 CLKMSVC10_9EC60124; c:\Program Files (x86)\Cyberlink\PowerDVD9\NavFilter\kmsvc.exe [248304 2011-08-11] (CyberLink) S2 LanmanServer; C:\Windows\SysWow64\srvsvc.dll [99840 2010-08-27] (Microsoft Corporation) S2 PCPitstop Scheduling; C:\Program Files (x86)\PCPitstop\PCPitstopScheduleService.exe [86216 2013-02-02] (PC Pitstop LLC) S2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2012-12-15] () S2 PnkBstrB; C:\Windows\SysWow64\PnkBstrB.exe [189248 2012-12-15] () S3 RasAuto; C:\Windows\SysWow64\rasauto.dll [88576 2008-04-13] (Microsoft Corporation) S3 RasMan; C:\Windows\SysWow64\rasmans.dll [186368 2008-04-13] (Microsoft Corporation) S2 Schedule; C:\Windows\SysWow64\schedsvc.dll [192512 2008-04-13] (Microsoft Corporation) S3 TermService; C:\Windows\SysWow64\termsrv.dll [295424 2008-04-13] (Microsoft Corporation) S2 wuauserv; C:\Windows\SysWow64\wuaueng.dll [1929952 2009-08-06] (Microsoft Corporation) S2 !SASCORE; "C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE" [x] S2 AdobeARMservice; "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" [x] S2 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [x] S3 ALG; %SystemRoot%\System32\alg.exe [x] S2 AMD External Events Utility; %SystemRoot%\system32\atiesrxx.exe [x] S3 aspnet_state; %SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [x] S3 clr_optimization_v2.0.50727_32; %systemroot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [x] S3 clr_optimization_v2.0.50727_64; %systemroot%\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [x] S2 clr_optimization_v4.0.30319_32; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [x] S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] S2 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} [x] S2 cvhsvc; "C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE" [x] S3 ehSched; %systemroot%\ehome\ehsched.exe [x] S2 EPSON_EB_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE [x] S2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [x] S3 Fax; %systemroot%\system32\fxssvc.exe [x] S2 FLEXnet Licensing Service; "C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe" [x] S2 GoToAssist; "C:\Program Files (x86)\Citrix\GoToAssist\822\g2aservice.exe" Start=service [x] S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [x] S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [x] S2 Hamachi2Svc; "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s [x] S2 MozillaMaintenance; "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe" [x] S2 MSCamSvc; "C:\Program Files\Microsoft LifeCam\MSCamS64.exe" [x] S3 MSDTC; %SystemRoot%\System32\msdtc.exe [x] S2 msiserver; %systemroot%\system32\msiexec.exe /V [x] S2 NOBU; "C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe" SERVICE [x] S2 ose; "C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE" [x] S3 osppsvc; "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE" [x] S2 PCPitstop Realtime; C:\Program Files (x86)\PCPitstop\SuperShield\PCPitstopRTService.exe [x] S2 RoxMediaDB12OEM; "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe" [x] S2 RoxWatch12; "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe" [x] S2 sftlist; "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe" [x] S2 sftvsa; "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe" [x] S3 SNMPTRAP; %SystemRoot%\System32\snmptrap.exe [x] S2 sppsvc; %SystemRoot%\system32\sppsvc.exe [x] S2 Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService [x] S2 UI0Detect; %SystemRoot%\system32\UI0Detect.exe [x] S2 vds; %SystemRoot%\System32\vds.exe [x] S2 VSS; %systemroot%\system32\vssvc.exe [x] S2 WatAdminSvc; %SystemRoot%\system32\Wat\WatAdminSvc.exe [x] S2 wbengine; "%systemroot%\system32\wbengine.exe" [x] S2 wlcrasvc; "C:\Program Files\Windows Live\Mesh\wlcrasvc.exe" [x] S2 wlidsvc; "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" [x] S2 wmiApSrv; %systemroot%\system32\wbem\WmiApSrv.exe [x] S3 WMZuneComm; "C:\Program Files\Zune\WMZuneComm.exe" [x] S3 ZuneNetworkSvc; "C:\Program Files\Zune\ZuneNss.exe" [x] S2 ZuneWlanCfgSvc; "C:\Program Files\Zune\ZuneWlanCfgSvc.exe" [x] ==================== Drivers (Whitelisted) ==================== S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [39504 2013-04-11] (ThreatTrack Security) S1 mbmiodrvr; C:\Windows\syswow64\mbmiodrvr.sys [4608 2004-04-10] (cansoft@livewiredev.com) S1 mbmiodrvr; C:\Windows\syswow64\mbmiodrvr.sys [4608 2004-04-10] (cansoft@livewiredev.com) S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com) S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com) S3 SASENUM; C:\Program Files (x86)\SUPERAntiSpyware\SASENUM.SYS [7408 2009-03-23] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) S1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com) S3 dfg; System32\DRIVERS\dfg.sys [x] S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x] S3 FTD2XX; System32\Drivers\FTD2XX.sys [x] S1 fwdrv; \SystemRoot\system32\drivers\fwdrv.sys [x] S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [x] S3 PCDSRVC{D3412D80-CF3B4A27-06020200}_0; \??\c:\program files\my dell\pcdsrvc_x64.pkms [x] S0 PxHelp20; System32\DRIVERS\PxHelp20.sys [x] S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-07-27 23:19 - 2013-07-27 23:19 - 00000000 ____D C:\FRST 2013-07-26 13:11 - 2013-07-26 13:11 - 00000000 _____ C:\Windows\SysWOW64\SBRC.dat 2013-07-26 11:30 - 2013-07-26 11:30 - 00000030 _____ C:\Users\Oze\AppData\Roaming\mbam.context.scan 2013-07-26 09:16 - 2013-07-26 09:16 - 21840856 _____ (Mozilla) C:\Users\Oze\Downloads\Firefox_Setup [1].exe 2013-07-25 19:00 - 2013-07-25 19:00 - 00002036 _____ C:\Users\Oze\Desktop\PC Matic (2).lnk 2013-07-25 18:35 - 2012-10-24 12:39 - 00082872 _____ (GFI Software) C:\Windows\System32\Drivers\sbapifs.sys 2013-07-25 18:09 - 2013-07-25 18:09 - 01488520 _____ (PC Pitstop LLC ) C:\Users\Oze\Downloads\pcmatic-setup-0002.exe 2013-07-25 16:58 - 2013-07-25 16:58 - 00000000 ____D C:\Users\Oze\AppData\Local\VS Revo Group 2013-07-25 16:58 - 2013-07-25 16:58 - 00000000 ____D C:\ProgramData\VS Revo Group 2013-07-25 16:58 - 2013-07-25 16:58 - 00000000 ____D C:\Program Files\VS Revo Group 2013-07-25 16:58 - 2009-12-30 10:21 - 00031800 _____ (VS Revo Group) C:\Windows\System32\Drivers\revoflt.sys 2013-07-25 16:33 - 2013-07-26 12:45 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-07-25 16:33 - 2013-07-26 12:38 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-07-25 16:33 - 2013-07-25 16:33 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2013-07-25 16:33 - 2013-07-25 16:33 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2013-07-25 16:16 - 2013-07-26 13:01 - 00000003 _____ C:\Users\Oze\AppData\Local\dafccegc28.nls 2013-07-23 04:17 - 2013-07-26 13:26 - 00000003 _____ C:\ProgramData\dafccegc28.nls 2013-07-22 20:32 - 2013-07-22 20:33 - 00000000 ____D C:\Users\Oze\AppData\Local\Smartbar 2013-07-22 20:32 - 2013-07-22 20:32 - 00000000 ____D C:\Users\Oze\Documents\My Cheat Tables 2013-07-22 20:32 - 2013-07-22 20:32 - 00000000 ____D C:\Users\Oze\AppData\Roaming\OpenCandy 2013-07-22 20:32 - 2013-07-22 20:32 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.3 2013-07-22 19:56 - 2013-07-26 13:05 - 00512221 _____ C:\Users\Oze\AppData\Local\dfl28z32.dll 2013-07-20 13:58 - 2013-07-20 13:58 - 00123323 _____ C:\Users\Oze\Desktop\Zune_chat..xps 2013-07-20 09:06 - 2013-07-20 09:06 - 00000889 _____ C:\Users\Public\Desktop\Zune.lnk 2013-07-20 09:06 - 2013-07-20 09:06 - 00000889 _____ C:\ProgramData\Desktop\Zune.lnk 2013-07-17 19:28 - 2013-07-17 19:28 - 00227070 _____ C:\Users\Oze\Downloads\League of Legends Modifier 1.00 IP plus RP Adder.rar 2013-07-16 15:05 - 2013-07-16 15:07 - 00000000 ____D C:\Users\Oze\AppData\Roaming\.technic 2013-07-11 14:52 - 2013-07-25 19:01 - 00002119 _____ C:\Users\Oze\Desktop\vba.ini 2013-07-11 02:05 - 2013-06-11 18:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-07-11 02:05 - 2013-06-11 18:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-07-11 02:05 - 2013-06-11 18:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-07-11 02:05 - 2013-06-11 18:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-07-11 02:05 - 2013-06-11 18:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-07-11 02:05 - 2013-06-11 18:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-07-11 02:05 - 2013-06-11 18:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-07-11 02:05 - 2013-06-11 18:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-07-11 02:05 - 2013-06-11 18:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-07-11 02:05 - 2013-06-11 18:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2013-07-11 02:05 - 2013-06-11 18:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2013-07-11 02:05 - 2013-06-11 18:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2013-07-11 02:05 - 2013-06-11 18:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll 2013-07-11 02:05 - 2013-06-11 18:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2013-07-11 02:05 - 2013-06-11 18:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll 2013-07-11 02:05 - 2013-06-11 18:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll 2013-07-11 02:05 - 2013-06-11 18:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll 2013-07-11 02:05 - 2013-06-11 18:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll 2013-07-11 02:05 - 2013-06-06 22:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2013-07-11 02:05 - 2013-06-06 21:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-07-11 02:04 - 2013-06-11 18:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-07-11 02:04 - 2013-06-11 18:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-07-11 02:04 - 2013-06-11 18:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-07-11 02:04 - 2013-06-11 18:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-07-11 02:04 - 2013-06-11 18:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll 2013-07-11 02:04 - 2013-06-11 18:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2013-07-11 02:04 - 2013-06-11 18:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2013-07-11 02:04 - 2013-06-11 18:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2013-07-11 01:07 - 2013-06-04 22:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys 2013-07-11 01:07 - 2013-06-04 01:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\System32\qedit.dll 2013-07-11 01:07 - 2013-06-03 23:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2013-07-11 01:07 - 2013-05-06 01:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\System32\WMVDECOD.DLL 2013-07-11 01:07 - 2013-05-05 23:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL 2013-07-11 01:07 - 2013-04-09 18:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2013-07-11 01:07 - 2013-04-02 17:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\System32\DWrite.dll 2013-07-08 22:07 - 2013-07-08 22:07 - 00108968 _____ (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge-64.dll 2013-07-08 22:07 - 2013-07-08 22:07 - 00000000 ____D C:\Program Files\Java 2013-07-07 18:54 - 2013-07-07 18:54 - 00587906 _____ C:\Users\Oze\Desktop\azh_dell.xps 2013-07-07 17:37 - 2013-07-26 18:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-07-07 16:43 - 2013-07-26 18:10 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi ==================== One Month Modified Files and Folders ======= 2013-07-27 23:19 - 2013-07-27 23:19 - 00000000 ____D C:\FRST 2013-07-26 18:23 - 2011-09-18 00:05 - 00000000 ____D C:\I386 2013-07-26 18:22 - 2013-05-22 10:04 - 00000000 ____D C:\Program Files\My Dell 2013-07-26 18:22 - 2012-11-11 09:07 - 00000000 ____D C:\Program Files\SUPERAntiSpyware 2013-07-26 18:22 - 2012-11-08 13:58 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2013-07-26 18:22 - 2012-03-24 21:23 - 00000000 ____D C:\GameCQ 2013-07-26 18:22 - 2012-01-04 14:31 - 00000000 ____D C:\Program Files\Microsoft LifeCam 2013-07-26 18:22 - 2011-10-31 20:29 - 00000000 ____D C:\Program Files\CCleaner 2013-07-26 18:22 - 2011-09-27 22:27 - 00000000 ____D C:\Program Files\Zune 2013-07-26 18:22 - 2011-09-18 06:33 - 00000000 ____D C:\Users\Oze\Desktop\Malware 2013-07-26 18:22 - 2011-09-18 06:32 - 00000000 ___RD C:\Users\Oze\Desktop\TOOLS 2013-07-26 18:22 - 2011-09-18 06:14 - 00000000 ___RD C:\Users\Oze\Desktop\Games 2013-07-26 18:22 - 2011-09-17 19:01 - 00000000 ____D C:\Drive_F 2013-07-26 18:22 - 2011-09-14 16:40 - 00000000 ____D C:\Program Files\Dell Support Center 2013-07-26 18:22 - 2010-11-21 02:17 - 00000000 ____D C:\Program Files\Windows Journal 2013-07-26 18:22 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\Windows Sidebar 2013-07-26 18:22 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2013-07-26 18:22 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\Windows Defender 2013-07-26 18:22 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\DVD Maker 2013-07-26 18:21 - 2011-09-17 23:57 - 00000000 ____D C:\DOSBox-0.73 2013-07-26 18:21 - 2011-09-17 18:47 - 00000000 ___HD C:\Windows\ie8 2013-07-26 18:21 - 2011-09-17 18:46 - 00000000 ___HD C:\Windows\ie7 2013-07-26 18:21 - 2011-09-17 18:40 - 00000000 ____D C:\Windows\I386 2013-07-26 18:18 - 2011-09-17 18:49 - 00000000 ____D C:\Windows\V58 2013-07-26 18:18 - 2011-09-17 18:49 - 00000000 ____D C:\Windows\network diagnostic 2013-07-26 18:18 - 2011-09-17 18:48 - 00000000 ____D C:\Windows\msagent 2013-07-26 18:18 - 2011-09-17 18:14 - 00000000 ____D C:\Windows\SysWOW64\npp 2013-07-26 18:18 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\oobe 2013-07-26 18:17 - 2011-09-17 18:19 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer 2013-07-26 18:17 - 2011-09-17 18:13 - 00000000 ____D C:\Windows\SysWOW64\hpintro 2013-07-26 18:17 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\InstallShield 2013-07-26 18:16 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\migwiz 2013-07-26 18:14 - 2011-09-17 18:09 - 00000000 ____D C:\Windows\SysWOW64\Aod 2013-07-26 18:14 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\Dism 2013-07-26 18:14 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\oobe 2013-07-26 18:13 - 2013-04-22 22:10 - 00000000 ____D C:\Program Files (x86)\program 2013-07-26 18:13 - 2013-01-12 21:02 - 00000000 ____D C:\Program Files (x86)\War Inc Battlezone 2013-07-26 18:13 - 2012-08-18 18:13 - 00000000 ____D C:\Python27 2013-07-26 18:13 - 2012-03-26 15:45 - 00000000 ____D C:\Program Files (x86)\Vgrabber 2013-07-26 18:13 - 2011-11-22 13:03 - 00000000 ____D C:\SBS 2013-07-26 18:13 - 2011-09-18 00:43 - 00000000 ____D C:\Rooter$ 2013-07-26 18:13 - 2011-09-17 18:36 - 00000000 ____D C:\Windows\Corel 2013-07-26 18:13 - 2011-09-17 17:53 - 00000000 ____D C:\Program Files (x86)\V CAST Media Manager 2013-07-26 18:13 - 2011-09-17 17:35 - 00000000 ____D C:\Program Files (x86)\QuickTime 2013-07-26 18:13 - 2011-09-17 17:34 - 00000000 ____D C:\Program Files (x86)\Quicken WillMaker Plus 2006 2013-07-26 18:13 - 2011-09-17 17:34 - 00000000 ____D C:\Program Files (x86)\PMP DV 2013-07-26 18:13 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\migwiz 2013-07-26 18:13 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\Dism 2013-07-26 18:13 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\com 2013-07-26 18:13 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system 2013-07-26 18:12 - 2013-02-22 11:54 - 00000000 ____D C:\Program Files (x86)\wot test 2013-07-26 18:12 - 2011-12-25 12:16 - 00000000 ____D C:\Program Files (x86)\Steam 2013-07-26 18:12 - 2011-09-17 17:51 - 00000000 ____D C:\Program Files (x86)\SUPERAntiSpyware 2013-07-26 18:12 - 2011-09-14 16:46 - 00000000 ____D C:\Program Files (x86)\Zinio Reader 4 2013-07-26 18:12 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar 2013-07-26 18:11 - 2013-06-04 16:03 - 00000000 ____D C:\Program Files (x86)\StarCraft II 2013-07-26 18:11 - 2011-09-17 17:55 - 00000000 ____D C:\Program Files (x86)\Windows Media Connect 2 2013-07-26 18:11 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2013-07-26 18:10 - 2013-07-07 17:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-07-26 18:10 - 2013-07-07 16:43 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi 2013-07-26 18:10 - 2013-04-20 13:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2013-07-26 18:10 - 2012-08-21 07:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-07-26 18:10 - 2012-04-02 16:23 - 00000000 ____D C:\Program Files (x86)\OpenAL 2013-07-26 18:10 - 2011-09-17 17:55 - 00000000 ____D C:\Program Files (x86)\Windows Live Safety Center 2013-07-26 18:10 - 2011-09-17 17:55 - 00000000 ____D C:\Program Files (x86)\Windows Installer Clean Up 2013-07-26 18:10 - 2011-09-17 17:28 - 00000000 ____D C:\Program Files (x86)\OverDrive Media Console 2013-07-26 18:10 - 2011-09-17 17:23 - 00000000 ____D C:\Program Files (x86)\OpenDNS Updater 2013-07-26 18:10 - 2011-09-17 17:12 - 00000000 ____D C:\Program Files (x86)\Nikon Firmware 2013-07-26 18:10 - 2011-09-17 17:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 12 2013-07-26 18:10 - 2011-09-17 17:09 - 00000000 ____D C:\Program Files (x86)\Movie Maker 2013-07-26 18:10 - 2011-09-17 17:08 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-07-26 18:09 - 2012-11-08 13:58 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2013-07-26 18:08 - 2012-08-28 14:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Application Virtualization Client 2013-07-26 18:08 - 2012-01-04 14:31 - 00000000 ____D C:\Program Files (x86)\Microsoft LifeCam 2013-07-26 18:08 - 2011-09-17 17:52 - 00000000 ____D C:\Program Files (x86)\TrueSwitchEsaya 2013-07-26 18:08 - 2011-09-17 17:09 - 00000000 ____D C:\Program Files (x86)\Microsoft IntelliPoint 5.5 2013-07-26 18:08 - 2011-09-17 17:09 - 00000000 ____D C:\Program Files (x86)\Microsoft IntelliPoint 2013-07-26 18:08 - 2011-09-17 17:09 - 00000000 ____D C:\Program Files (x86)\Messenger 2013-07-26 18:08 - 2011-09-17 15:30 - 00000000 ____D C:\Program Files (x86)\CrossLoop 2013-07-26 18:08 - 2011-09-17 15:16 - 00000000 ____D C:\Program Files (x86)\Audible 2013-07-26 18:08 - 2011-09-14 16:28 - 00000000 ____D C:\Program Files (x86)\Cozi Express 2013-07-26 18:08 - 2011-09-14 16:26 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup 2013-07-26 18:06 - 2011-10-29 18:23 - 00000000 ____D C:\Program Files (x86)\Bandicam 2013-07-26 18:06 - 2011-09-17 16:02 - 00000000 ____D C:\Program Files (x86)\Finale NotePad 2003a 2013-07-26 18:06 - 2011-09-17 15:16 - 00000000 ____D C:\Program Files (x86)\Audacity 2013-07-26 18:06 - 2011-09-17 14:57 - 00000000 ____D C:\Program Files (x86)\AIM95 2013-07-26 13:27 - 2011-12-23 18:41 - 00097640 _____ C:\Windows\PFRO.log 2013-07-26 13:27 - 2011-09-14 16:12 - 01596440 _____ C:\Windows\WindowsUpdate.log 2013-07-26 13:26 - 2013-07-23 04:17 - 00000003 _____ C:\ProgramData\dafccegc28.nls 2013-07-26 13:26 - 2012-09-14 05:44 - 00000000 ____D C:\Users\Oze\AppData\Roaming\Free Download Manager 2013-07-26 13:26 - 2012-03-06 10:09 - 00000000 ____D C:\ProgramData\PCPitstopDat 2013-07-26 13:26 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\com 2013-07-26 13:11 - 2013-07-26 13:11 - 00000000 _____ C:\Windows\SysWOW64\SBRC.dat 2013-07-26 13:10 - 2012-03-07 00:08 - 00000000 ____D C:\ProgramData\PCPitstop 2013-07-26 13:05 - 2013-07-22 19:56 - 00512221 _____ C:\Users\Oze\AppData\Local\dfl28z32.dll 2013-07-26 13:01 - 2013-07-25 16:16 - 00000003 _____ C:\Users\Oze\AppData\Local\dafccegc28.nls 2013-07-26 12:53 - 2009-07-13 23:45 - 00021296 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-07-26 12:53 - 2009-07-13 23:45 - 00021296 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-07-26 12:51 - 2009-07-14 00:13 - 00779788 _____ C:\Windows\System32\PerfStringBackup.INI 2013-07-26 12:46 - 2012-03-19 17:42 - 00000000 ____D C:\Users\Oze\AppData\Local\LogMeIn Hamachi 2013-07-26 12:46 - 2011-09-14 16:44 - 00000000 ____D C:\ProgramData\Sonic 2013-07-26 12:45 - 2013-07-25 16:33 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-07-26 12:45 - 2011-09-14 16:52 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks 2013-07-26 12:45 - 2011-09-14 16:52 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks 2013-07-26 12:44 - 2013-03-29 12:36 - 00005775 _____ C:\Windows\setupact.log 2013-07-26 12:44 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-07-26 12:44 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\registration 2013-07-26 12:43 - 2012-10-16 13:46 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-07-26 12:38 - 2013-07-25 16:33 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-07-26 12:32 - 2013-01-26 14:31 - 00000000 ___RD C:\Users\Oze\Desktop\azhie 2013-07-26 11:36 - 2011-09-18 06:15 - 00000000 ____D C:\Users\Oze\Desktop\Kids 2013-07-26 11:30 - 2013-07-26 11:30 - 00000030 _____ C:\Users\Oze\AppData\Roaming\mbam.context.scan 2013-07-26 09:16 - 2013-07-26 09:16 - 21840856 _____ (Mozilla) C:\Users\Oze\Downloads\Firefox_Setup [1].exe 2013-07-26 06:09 - 2011-10-23 19:26 - 00003910 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{6C79EAD0-30A9-4F51-AF18-53C5A208D247} 2013-07-25 19:01 - 2013-07-11 14:52 - 00002119 _____ C:\Users\Oze\Desktop\vba.ini 2013-07-25 19:00 - 2013-07-25 19:00 - 00002036 _____ C:\Users\Oze\Desktop\PC Matic (2).lnk 2013-07-25 18:55 - 2013-06-22 22:53 - 00000000 ____D C:\Users\Oze\AppData\Roaming\.minecraft 2013-07-25 18:55 - 2011-09-17 18:27 - 00000000 ____D C:\ProgramData\NoteBurner 2013-07-25 18:09 - 2013-07-25 18:09 - 01488520 _____ (PC Pitstop LLC ) C:\Users\Oze\Downloads\pcmatic-setup-0002.exe 2013-07-25 17:08 - 2011-09-17 17:51 - 00000000 ____D C:\Program Files (x86)\Sunbelt Software 2013-07-25 16:58 - 2013-07-25 16:58 - 00000000 ____D C:\Users\Oze\AppData\Local\VS Revo Group 2013-07-25 16:58 - 2013-07-25 16:58 - 00000000 ____D C:\ProgramData\VS Revo Group 2013-07-25 16:58 - 2013-07-25 16:58 - 00000000 ____D C:\Program Files\VS Revo Group 2013-07-25 16:33 - 2013-07-25 16:33 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2013-07-25 16:33 - 2013-07-25 16:33 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2013-07-25 16:30 - 2011-09-17 13:01 - 00000000 ____D C:\users\Oze 2013-07-25 16:29 - 2011-10-14 13:08 - 00000000 ____D C:\Users\Oze\AppData\Roaming\Skype 2013-07-25 16:29 - 2011-09-17 17:55 - 00000000 ____D C:\Program Files (x86)\WinZip 2013-07-25 16:29 - 2011-09-17 17:33 - 00000000 ____D C:\Program Files (x86)\PCPitstop 2013-07-25 16:29 - 2011-09-17 14:18 - 00000000 ____D C:\users\Administrator 2013-07-25 16:29 - 2011-09-14 16:24 - 00000000 ____D C:\Program Files (x86)\Citrix 2013-07-24 15:01 - 2013-05-22 10:04 - 00003440 _____ C:\Windows\System32\Tasks\PCDEventLauncherTask 2013-07-22 22:11 - 2012-10-16 13:46 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-07-22 22:11 - 2011-09-14 16:14 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-07-22 22:10 - 2010-11-20 22:24 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe 2013-07-22 22:10 - 2009-07-13 19:13 - 01397248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Utilman.exe 2013-07-22 22:10 - 2009-07-13 18:43 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe 2013-07-22 22:10 - 2009-07-13 18:41 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe 2013-07-22 22:10 - 2009-07-13 18:37 - 00046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\net.exe 2013-07-22 22:10 - 2009-07-13 18:19 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe 2013-07-22 22:09 - 2012-07-11 16:38 - 02684416 _____ (Sysinternals - www.sysinternals.com) C:\Users\Oze\Desktop\ CPAP SD Card (1).exe 2013-07-22 22:09 - 2010-02-09 09:49 - 17231872 _____ (Microsoft Corporation) C:\Users\Oze\Desktop\LMSetup.exe 2013-07-22 21:13 - 2012-01-28 20:26 - 00000000 ____D C:\Users\Oze\AppData\Local\PMB Files 2013-07-22 21:13 - 2012-01-28 20:26 - 00000000 ____D C:\ProgramData\PMB Files 2013-07-22 20:33 - 2013-07-22 20:32 - 00000000 ____D C:\Users\Oze\AppData\Local\Smartbar 2013-07-22 20:32 - 2013-07-22 20:32 - 00000000 ____D C:\Users\Oze\Documents\My Cheat Tables 2013-07-22 20:32 - 2013-07-22 20:32 - 00000000 ____D C:\Users\Oze\AppData\Roaming\OpenCandy 2013-07-22 20:32 - 2013-07-22 20:32 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.3 2013-07-22 19:43 - 2012-08-14 14:21 - 00000000 ____D C:\Program Files (x86)\Caller ID 2013-07-22 19:43 - 2011-09-17 15:17 - 00000000 ____D C:\Program Files (x86)\Bonjour 2013-07-22 15:04 - 2011-09-17 15:00 - 00000000 ____D C:\ProgramData\PCDr 2013-07-20 13:58 - 2013-07-20 13:58 - 00123323 _____ C:\Users\Oze\Desktop\Zune_chat..xps 2013-07-20 09:06 - 2013-07-20 09:06 - 00000889 _____ C:\Users\Public\Desktop\Zune.lnk 2013-07-20 09:06 - 2013-07-20 09:06 - 00000889 _____ C:\ProgramData\Desktop\Zune.lnk 2013-07-19 19:00 - 2013-03-07 17:05 - 00585216 ___SH C:\Users\Oze\Downloads\Thumbs.db 2013-07-17 19:28 - 2013-07-17 19:28 - 00227070 _____ C:\Users\Oze\Downloads\League of Legends Modifier 1.00 IP plus RP Adder.rar 2013-07-17 19:23 - 2013-01-25 06:41 - 00000000 ____D C:\ProgramData\VisualBee 2013-07-17 19:22 - 2013-01-25 06:41 - 00000000 ____D C:\Users\Oze\AppData\Local\VisualBeeExe 2013-07-17 01:29 - 2012-01-10 11:52 - 00000000 ____D C:\Windows\System32\Tasks\Games 2013-07-16 15:07 - 2013-07-16 15:05 - 00000000 ____D C:\Users\Oze\AppData\Roaming\.technic 2013-07-16 15:04 - 2012-08-05 15:19 - 00000000 ____D C:\Users\Oze\AppData\Roaming\.techniclauncher 2013-07-11 08:16 - 2008-06-02 17:45 - 00253952 ___SH C:\Users\Oze\Desktop\Thumbs.db 2013-07-11 02:27 - 2009-07-13 23:45 - 00534760 _____ C:\Windows\System32\FNTCACHE.DAT 2013-07-11 02:25 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2013-07-08 22:07 - 2013-07-08 22:07 - 00108968 _____ (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge-64.dll 2013-07-08 22:07 - 2013-07-08 22:07 - 00000000 ____D C:\Program Files\Java 2013-07-08 22:07 - 2012-11-02 10:23 - 01093032 _____ (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll 2013-07-08 22:07 - 2011-09-14 16:21 - 00972712 _____ (Oracle Corporation) C:\Windows\System32\deployJava1.dll 2013-07-07 19:03 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\NDF 2013-07-07 18:54 - 2013-07-07 18:54 - 00587906 _____ C:\Users\Oze\Desktop\azh_dell.xps 2013-07-07 16:47 - 2011-09-18 01:04 - 00000000 ____D C:\Users\Oze\AppData\Roaming\wsInspector 2013-06-28 05:39 - 2011-09-18 06:37 - 00000000 ____D C:\Users\Oze\Desktop\Yard Sale 2013-06-28 02:03 - 2011-02-10 11:10 - 00773512 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2013-06-27 12:13 - 2012-09-24 10:01 - 00000000 ____D C:\Users\Oze\Desktop\Scanned Docs 2013-06-27 12:13 - 2012-08-17 15:26 - 00000000 ____D C:\Users\Oze\Desktop\Anna College Files to move or delete: ==================== C:\Users\Oze\GoToAssistDownloadHelper.exe C:\ProgramData\hash.dat C:\ProgramData\winiml.dat ==================== Known DLLs (Whitelisted) ================ ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe IS MISSING <==== ATTENTION!. C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe IS MISSING <==== ATTENTION!. C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe [2009-07-13 18:19] - [2013-07-22 22:10] - 0020992 ____A (Microsoft Corporation) 1630B7CCFA1307C1E8A314E4BD20E8ED C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe IS MISSING <==== ATTENTION!. C:\Windows\SysWOW64\userinit.exe IS MISSING <==== ATTENTION!. C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== EXE ASSOCIATION ===================== HKLM\...\.exe: exefile => OK HKLM\...\exefile\DefaultIcon: %1 => OK HKLM\...\exefile\open\command: "%1" %* => OK ==================== Restore Points ========================= Restore point made on: 2013-07-24 23:00:06 Restore point made on: 2013-07-25 16:26:55 Restore point made on: 2013-07-25 16:33:50 Restore point made on: 2013-07-25 16:48:15 Restore point made on: 2013-07-25 16:55:06 Restore point made on: 2013-07-25 17:01:29 Restore point made on: 2013-07-25 17:01:57 ==================== Memory info =========================== Percentage of memory in use: 8% Total physical RAM: 12278.93 MB Available physical RAM: 11251.07 MB Total Pagefile: 12277.13 MB Available Pagefile: 11246.25 MB Total Virtual: 8192 MB Available Virtual: 8191.85 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:1849.73 GB) (Free:1442.26 GB) NTFS (Disk=0 Partition=3) Drive e: (RECOVERY) (Fixed) (Total:13.25 GB) (Free:5.34 GB) NTFS (Disk=0 Partition=2) ==>[System with boot components (obtained from reading drive)] Drive f: (FreeAgent Drive) (Fixed) (Total:465.76 GB) (Free:75.68 GB) NTFS (Disk=2 Partition=1) Drive g: () (Removable) (Total:0.99 GB) (Free:0.99 GB) FAT (Disk=1 Partition=1) Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 1863 GB) (Disk ID: CB59CF0B) Partition 1: (Not Active) - (Size=39 MB) - (Type=DE) Partition 2: (Active) - (Size=13 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=-212892385280) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 1019 MB) (Disk ID: 3C813E58) Partition 1: (Active) - (Size=1012 MB) - (Type=06) ======================================================== Disk: 2 (Size: 466 GB) (Disk ID: A4B57300) Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS) LastRegBack: 2013-07-22 23:26 ==================== End Of Log ============================