Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-05-2014 Ran by Yommie (administrator) on YOMMIE-I7_WIN7 on 10-05-2014 23:44:30 Running from C:\_antysyf Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe () C:\Windows\System32\JulaPAN.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Avid Technology, Inc.) C:\Windows\System32\M-AudioTaskBarIcon.exe (Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe (Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe (Spotify Ltd) C:\Users\Yommie\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (NovaStor) C:\Program Files (x86)\NovaStor\NovaStor NovaBACKUP\nsService.exe (NovaStor) C:\Program Files (x86)\NovaStor\NovaStor NovaBACKUP\nsCtrl.exe (Nektar) C:\Program Files\Nektar\P4\apps\nklauncher.exe (Dropbox, Inc.) C:\Users\Yommie\AppData\Roaming\Dropbox\bin\Dropbox.exe (Almico Software (www.almico.com)) C:\Program Files (x86)\SpeedFan\speedfan.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe (Raxco Software, Inc.) C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe (pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe (pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe () C:\Windows\SysWOW64\PnkBstrA.exe () C:\Program Files\Focusrite\VRM Box\VRMService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Raxco Software, Inc.) C:\Program Files\Raxco\PerfectDisk10\PDAgentS1.exe (Opera Software) C:\Program Files (x86)\Opera\opera.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [JulaPAN.exe] => C:\Windows\system32\JulaPAN.exe [535824 2012-07-30] () HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7981088 2009-07-20] (Realtek Semiconductor) HKLM\...\Run: [M-Audio Taskbar Icon] => C:\Windows\system32\M-AudioTaskBarIcon.exe [798728 2010-12-07] (Avid Technology, Inc.) HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKU\S-1-5-21-3726653572-1022866384-1697973359-1001\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [196608 2004-04-17] (InstallShield Software Corporation) HKU\S-1-5-21-3726653572-1022866384-1697973359-1001\...\Run: [Spotify Web Helper] => C:\Users\Yommie\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-17] (Spotify Ltd) HKU\S-1-5-21-3726653572-1022866384-1697973359-1001\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-09-04] (Samsung) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NovaBACKUP Tray Control.lnk ShortcutTarget: NovaBACKUP Tray Control.lnk -> C:\Program Files (x86)\NovaStor\NovaStor NovaBACKUP\nsCtrl.exe (NovaStor) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\P4 Launcher.lnk ShortcutTarget: P4 Launcher.lnk -> C:\Program Files\Nektar\P4\apps\nklauncher.exe (Nektar) Startup: C:\Users\Yommie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\Yommie\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\Yommie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SpeedFan.lnk ShortcutTarget: SpeedFan.lnk -> C:\Program Files (x86)\SpeedFan\speedfan.exe (Almico Software (www.almico.com)) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH) DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Users\Yommie\AppData\Roaming\Mozilla\Firefox\Profiles\qkkpbfun.default FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll () FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @torrentstream.net/tsplugin,version=2.0.8.5.1 - C:\Users\Yommie\AppData\Roaming\TorrentStream\player\npts_plugin.dll (Innovative Digital Technologies) FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-07-21] Chrome: ======= CHR HomePage: hxxp://www.google.pl/ CHR DefaultSearchKeyword: google.co.uk CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll No File CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll No File CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll No File CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () CHR Plugin: (Torrent Stream P2P Multimedia Plug-in 2) - C:\Users\Yommie\AppData\Roaming\TorrentStream\player\npts_plugin.dll (Innovative Digital Technologies) CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll No File CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll No File CHR Extension: (Google Docs) - C:\Users\Yommie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-07-30] CHR Extension: (Google Drive) - C:\Users\Yommie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-07-30] CHR Extension: (YouTube) - C:\Users\Yommie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-07-30] CHR Extension: (Google Search) - C:\Users\Yommie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-07-30] CHR Extension: (Google Wallet) - C:\Users\Yommie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-18] CHR Extension: (Gmail) - C:\Users\Yommie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-07-30] ==================== Services (Whitelisted) ================= S3 Backup Client Agent Service; C:\Program Files (x86)\NovaStor\NovaStor NovaBACKUP\ManagementServer.Agent.Service.exe [179200 2010-11-22] () R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [69368 2013-10-23] (Bitdefender) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 nsService; C:\Program Files (x86)\NovaStor\NovaStor NovaBACKUP\nsService.exe [365704 2010-12-07] (NovaStor) R2 PDAgent; C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe [1503496 2010-01-26] (Raxco Software, Inc.) S3 PDEngine; C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe [1486088 2010-01-26] (Raxco Software, Inc.) R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH) R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2012-03-25] () R2 VRMService; C:\Program Files\Focusrite\VRM Box\VRMService.exe [194048 2013-05-30] () ==================== Drivers (Whitelisted) ==================== R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [138360 2012-03-27] (SlySoft, Inc.) R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [138360 2012-03-27] (SlySoft, Inc.) R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2013-04-17] (BitDefender) U5 avchv; C:\Windows\System32\Drivers\avchv.sys [261056 2012-11-02] (BitDefender) R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-04-17] (BitDefender) R1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [121928 2013-07-02] (Bitdefender SRL) S3 COMMONFX.DLL; C:\Windows\System32\COMMONFX.DLL [151296 2007-04-12] (Creative Technology Ltd) S3 CT20XUT.DLL; C:\Windows\System32\CT20XUT.DLL [252712 2007-04-10] (Creative Technology Ltd.) S3 CTAUDFX.DLL; C:\Windows\System32\CTAUDFX.DLL [700200 2007-04-10] (Creative Technology Ltd) S3 CTEAPSFX.DLL; C:\Windows\System32\CTEAPSFX.DLL [219432 2007-04-10] (Creative Technology Ltd) S3 CTEDSPFX.DLL; C:\Windows\System32\CTEDSPFX.DLL [321832 2007-04-10] (Creative Technology Ltd) S3 CTEDSPIO.DLL; C:\Windows\System32\CTEDSPIO.DLL [190248 2007-04-10] (Creative Technology Ltd) S3 CTEDSPSY.DLL; C:\Windows\System32\CTEDSPSY.DLL [363304 2007-04-10] (Creative Technology Ltd) S3 CTERFXFX.DLL; C:\Windows\System32\CTERFXFX.DLL [142120 2007-04-10] (Creative Technology Ltd) S3 CTEXFIFX.DLL; C:\Windows\System32\CTEXFIFX.DLL [1571112 2007-04-10] (Creative Technology Ltd.) S3 CTHWIUT.DLL; C:\Windows\System32\CTHWIUT.DLL [123688 2007-04-10] (Creative Technology Ltd.) S3 CTSBLFX.DLL; C:\Windows\System32\CTSBLFX.DLL [681256 2007-04-10] (Creative Technology Ltd) R1 Eve; C:\Windows\System32\DRIVERS\eve.sys [39064 2013-01-04] () S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-07-18] () R1 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [148696 2013-04-22] (BitDefender LLC) R1 Jula.sys; C:\Windows\System32\DRIVERS\Jula.sys [60176 2012-07-30] () R3 JulaWDM.sys; C:\Windows\System32\DRIVERS\JulaWDM.sys [44304 2012-07-30] () S3 LGDDCDevice; C:\Program Files (x86)\LG Soft India\forteManager\bin\I2CDriver.sys [14336 2009-04-24] () S3 LGII2CDevice; C:\Program Files (x86)\LG Soft India\forteManager\bin\PII2CDriver.sys [18432 2009-04-24] () R3 MAUSBFASTTRACKPRO; C:\Windows\System32\DRIVERS\MAudioFastTrackPro.sys [187912 2010-12-07] (Avid Technology, Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 NIWinCDEmu; C:\Windows\System32\DRIVERS\NIWinCDEmu.sys [111696 2012-08-01] () S3 nkfilter; C:\Windows\System32\DRIVERS\nkfilter.sys [26896 2013-12-19] (Nektar Technology, Inc.) R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2010-07-16] (CACE Technologies, Inc.) S3 ssceserd; C:\Windows\System32\DRIVERS\ssceserd.sys [158024 2013-06-21] (MCCI Corporation) S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [203672 2013-06-21] (DEVGURU Co., LTD.(www.devguru.co.kr)) R3 synusb64; C:\Windows\System32\DRIVERS\synusb64.sys [30352 2010-09-17] (Steinberg Media Technologies GmbH) R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-05-28] (BitDefender S.R.L.) S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation) S3 vrm; C:\Windows\System32\DRIVERS\vrm.sys [228864 2013-05-30] (Focusrite Audio Engineering Ltd.) S3 dgderdrv; System32\drivers\dgderdrv.sys [X] S3 DualCoreCenter; \??\C:\Program Files (x86)\MSI\OverclockingCenter\NTGLM7X64.sys [X] S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X] S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X] S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X] S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X] S3 kxwdmdrv; system32\drivers\kx.sys [X] S3 NTIOLib_1_0_5; \??\C:\Program Files (x86)\MSI\OverclockingCenter\NTIOLib_X64.sys [X] S3 RushTopDevice2; \??\C:\Program Files (x86)\MSI\OverclockingCenter\RushTop64.sys [X] S3 RushTopDevice_J; \??\C:\Program Files (x86)\MSI\OverclockingCenter\RushJ64.sys [X] S4 sptd; \SystemRoot\System32\Drivers\sptd.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-05-10 23:43 - 2014-05-10 23:44 - 00000000 ____D () C:\FRST 2014-05-10 23:43 - 2014-05-10 23:44 - 00000000 ____D () C:\_antysyf 2014-05-10 00:25 - 2014-05-10 00:25 - 00000968 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Broken Sword 5 - the Serpents Curse.lnk 2014-05-10 00:18 - 2014-05-10 23:16 - 00000000 ____D () C:\Program Files (x86)\Broken Sword 5 - the Serpents Curse 2014-05-09 23:18 - 2014-05-09 23:18 - 00000000 __SHD () C:\Users\Yommie\AppData\Local\EmieUserList 2014-05-09 23:18 - 2014-05-09 23:18 - 00000000 __SHD () C:\Users\Yommie\AppData\Local\EmieSiteList 2014-05-08 00:06 - 2014-04-29 15:01 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-08 00:06 - 2014-04-29 14:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-08 00:06 - 2014-04-29 13:48 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-05-08 00:06 - 2014-04-29 13:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-05-06 23:53 - 2014-03-06 10:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-05-06 23:53 - 2014-03-06 09:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-05-06 23:53 - 2014-03-06 09:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-05-06 23:53 - 2014-03-06 09:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-05-06 23:53 - 2014-03-06 09:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-05-06 23:53 - 2014-03-06 09:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-05-06 23:53 - 2014-03-06 09:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-05-06 23:53 - 2014-03-06 09:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-05-06 23:53 - 2014-03-06 09:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-05-06 23:53 - 2014-03-06 09:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-05-06 23:53 - 2014-03-06 09:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-05-06 23:53 - 2014-03-06 09:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-05-06 23:53 - 2014-03-06 08:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-05-06 23:53 - 2014-03-06 08:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-05-06 23:53 - 2014-03-06 08:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-05-06 23:53 - 2014-03-06 08:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-05-06 23:53 - 2014-03-06 08:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-05-06 23:53 - 2014-03-06 08:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-05-06 23:53 - 2014-03-06 08:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-05-06 23:53 - 2014-03-06 08:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-05-06 23:53 - 2014-03-06 08:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-05-06 23:53 - 2014-03-06 08:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-05-06 23:53 - 2014-03-06 08:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-05-06 23:53 - 2014-03-06 08:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-05-06 23:53 - 2014-03-06 07:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-05-06 23:52 - 2014-05-06 23:52 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-05-06 23:52 - 2014-03-06 09:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-05-06 23:52 - 2014-03-06 09:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-05-06 23:52 - 2014-03-06 09:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-05-06 23:52 - 2014-03-06 09:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-05-06 23:52 - 2014-03-06 09:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-05-06 23:52 - 2014-03-06 09:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-05-06 23:52 - 2014-03-06 08:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-05-06 23:52 - 2014-03-06 08:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-05-06 23:52 - 2014-03-06 08:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-05-06 23:52 - 2014-03-06 08:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-05-06 23:52 - 2014-03-06 07:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-05-06 23:52 - 2014-03-06 07:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-05-06 23:52 - 2014-03-06 07:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-05-06 23:52 - 2014-03-06 07:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-05-06 23:52 - 2014-03-06 06:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-05-06 23:52 - 2014-03-06 06:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-05-06 23:52 - 2014-03-06 06:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-05-06 23:52 - 2014-03-06 06:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-05-06 23:52 - 2014-03-06 06:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-05-06 20:34 - 2014-04-14 03:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-05-06 20:34 - 2014-04-14 03:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-05-05 18:22 - 2014-05-05 18:22 - 00002999 _____ () C:\README.txt 2014-05-05 18:20 - 2014-05-10 00:02 - 00000000 ____D () C:\Program Files\Perforce 2014-05-05 18:20 - 2014-05-05 18:20 - 00000000 ____D () C:\Users\Yommie\.p4merge 2014-05-05 18:18 - 2014-05-05 18:18 - 00000000 ____D () C:\Users\Yommie\AppData\Local\{22F2F29A-2B09-4773-A063-073E3429309F} 2014-05-05 17:27 - 2014-05-05 17:27 - 00000000 ____D () C:\Users\Yommie\.subversion 2014-05-05 11:56 - 2014-05-05 11:56 - 00002255 _____ () C:\Users\Yommie\.kdiff3rc 2014-05-05 10:23 - 2014-05-08 23:55 - 00000000 ____D () C:\Users\Yommie\AppData\Local\TSVNCache 2014-05-04 21:27 - 2014-05-05 11:38 - 00000000 ____D () C:\Users\Yommie\AppData\Roaming\TortoiseGit 2014-05-04 21:17 - 2014-05-08 18:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TortoiseSVN 2014-05-04 21:17 - 2014-05-04 21:17 - 00000000 ____D () C:\Users\Yommie\AppData\Roaming\Subversion 2014-05-04 21:15 - 2014-05-06 00:23 - 00000000 ____D () C:\Users\Yommie\AppData\Local\TGitCache 2014-05-04 20:36 - 2014-05-04 20:36 - 00627600 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll 2014-05-04 20:36 - 2014-05-04 20:36 - 00252296 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2014-05-04 20:36 - 2014-05-04 20:36 - 00188808 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2014-05-04 20:36 - 2014-05-04 20:36 - 00188808 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2014-05-04 20:36 - 2014-05-04 20:36 - 00000000 ____D () C:\Users\Yommie\AppData\Local\GitEye 2014-05-04 20:36 - 2014-05-04 20:36 - 00000000 ____D () C:\Users\Yommie\.giteye 2014-05-04 20:36 - 2014-05-04 20:36 - 00000000 ____D () C:\Program Files\Java 2014-05-04 20:31 - 2014-05-04 20:32 - 00000000 ____D () C:\Users\Yommie\Documents\gittest 2014-05-04 20:28 - 2014-05-04 20:28 - 00000000 ____D () C:\Users\Yommie\AppData\Local\Atlassian 2014-05-04 20:28 - 2014-05-04 20:28 - 00000000 ____D () C:\ProgramData\Caphyon 2014-05-04 20:27 - 2014-05-04 20:30 - 00000000 ____D () C:\ProgramData\Atlassian 2014-05-04 20:23 - 2014-05-04 20:26 - 00000000 ____D () C:\Users\Yommie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc 2014-05-04 20:23 - 2014-05-04 20:26 - 00000000 ____D () C:\Users\Yommie\AppData\Local\GitHub 2014-05-04 20:23 - 2014-05-04 20:24 - 00000000 ____D () C:\Users\Yommie\AppData\Roaming\GitHub 2014-05-04 20:21 - 2014-05-04 20:26 - 00000000 ____D () C:\Users\Yommie\AppData\Local\Deployment 2014-05-04 20:17 - 2014-05-04 20:17 - 00000000 ____D () C:\Users\Yommie\AppData\Local\GitExtensions 2014-05-04 20:14 - 2014-05-04 20:14 - 00000000 ____D () C:\Users\Yommie\AppData\Roaming\GitExtensions 2014-05-04 20:11 - 2014-05-04 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KDiff3 2014-05-04 20:11 - 2014-05-04 20:12 - 00000000 ____D () C:\Program Files (x86)\KDiff3 2014-05-04 19:43 - 2014-05-04 19:43 - 00000600 _____ () C:\Users\Yommie\AppData\Local\PUTTY.RND 2014-05-03 01:54 - 2014-05-03 01:54 - 00000000 ____D () C:\Users\Yommie\AppData\Roaming\DropboxMaster 2014-05-01 20:34 - 2013-12-04 00:54 - 00097326 _____ () C:\stylers.xml 2014-04-28 15:46 - 2014-04-28 15:46 - 00000000 ____D () C:\ProgramData\bdch 2014-04-18 04:35 - 2014-04-18 04:35 - 00004129 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log 2014-04-18 04:35 - 2014-04-18 04:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-04-18 04:35 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-04-18 04:35 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-04-18 04:35 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-04-18 04:35 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-04-10 18:22 - 2014-03-04 10:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2014-04-10 18:22 - 2014-03-04 10:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2014-04-10 18:22 - 2014-03-04 10:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2014-04-10 18:22 - 2014-03-04 10:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2014-04-10 18:22 - 2014-03-04 10:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2014-04-10 18:22 - 2014-03-04 10:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2014-04-10 18:22 - 2014-03-04 10:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2014-04-10 18:22 - 2014-03-04 10:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2014-04-10 18:22 - 2014-03-04 10:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2014-04-10 18:22 - 2014-03-04 09:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2014-04-10 18:22 - 2014-03-04 09:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2014-04-10 18:22 - 2014-02-04 03:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys 2014-04-10 18:22 - 2014-02-04 03:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys 2014-04-10 18:22 - 2014-02-04 03:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys 2014-04-10 18:22 - 2014-02-04 03:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll 2014-04-10 18:22 - 2014-02-04 03:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll 2014-04-10 18:22 - 2014-01-24 03:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys ==================== One Month Modified Files and Folders ======= 2014-05-10 23:44 - 2014-05-10 23:43 - 00000000 ____D () C:\FRST 2014-05-10 23:44 - 2014-05-10 23:43 - 00000000 ____D () C:\_antysyf 2014-05-10 23:43 - 2009-07-14 05:45 - 00013808 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-05-10 23:43 - 2009-07-14 05:45 - 00013808 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-05-10 23:39 - 2009-11-03 18:17 - 01554403 _____ () C:\Windows\WindowsUpdate.log 2014-05-10 23:37 - 2010-11-20 12:38 - 00000000 ____D () C:\Users\Yommie\AppData\Roaming\Dropbox 2014-05-10 23:36 - 2010-11-20 12:40 - 00000000 ___RD () C:\Users\Yommie\Documents\My Dropbox 2014-05-10 23:35 - 2014-03-17 08:21 - 00000000 ____D () C:\ProgramData\PACE 2014-05-10 23:34 - 2013-07-30 02:11 - 00001044 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-05-10 23:34 - 2012-01-23 17:31 - 00000000 ____D () C:\Program Files (x86)\SpeedFan 2014-05-10 23:33 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-05-10 23:33 - 2009-07-14 05:51 - 00419170 _____ () C:\Windows\setupact.log 2014-05-10 23:23 - 2009-07-14 05:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2014-05-10 23:21 - 2009-11-03 20:45 - 00336948 _____ () C:\Windows\PFRO.log 2014-05-10 23:18 - 2013-11-11 20:40 - 00000000 ____D () C:\Users\Yommie\AppData\Roaming\Spotify 2014-05-10 23:18 - 2011-01-03 08:51 - 00000000 ____D () C:\Users\Yommie\AppData\Roaming\Skype 2014-05-10 23:16 - 2014-05-10 00:18 - 00000000 ____D () C:\Program Files (x86)\Broken Sword 5 - the Serpents Curse 2014-05-10 22:47 - 2013-07-30 02:11 - 00001048 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-05-10 22:45 - 2012-11-21 15:11 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-05-10 19:54 - 2009-12-07 15:39 - 00000132 _____ () C:\Windows\winamp.ini 2014-05-10 19:02 - 2009-07-14 06:13 - 00782510 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-05-10 10:18 - 2013-09-27 18:19 - 00000000 ____D () C:\Users\Yommie\Desktop\New folder 2014-05-10 01:18 - 2009-11-08 15:28 - 00000000 ____D () C:\Users\Yommie\AppData\Roaming\uTorrent 2014-05-10 01:18 - 2009-11-03 18:29 - 00466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll 2014-05-10 01:18 - 2009-11-03 18:29 - 00444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll 2014-05-10 01:18 - 2009-11-03 18:29 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll 2014-05-10 01:18 - 2009-11-03 18:29 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll 2014-05-10 00:25 - 2014-05-10 00:25 - 00000968 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Broken Sword 5 - the Serpents Curse.lnk 2014-05-10 00:02 - 2014-05-05 18:20 - 00000000 ____D () C:\Program Files\Perforce 2014-05-09 23:18 - 2014-05-09 23:18 - 00000000 __SHD () C:\Users\Yommie\AppData\Local\EmieUserList 2014-05-09 23:18 - 2014-05-09 23:18 - 00000000 __SHD () C:\Users\Yommie\AppData\Local\EmieSiteList 2014-05-08 23:55 - 2014-05-05 10:23 - 00000000 ____D () C:\Users\Yommie\AppData\Local\TSVNCache 2014-05-08 18:42 - 2013-07-30 02:11 - 00004044 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-05-08 18:42 - 2013-07-30 02:11 - 00003792 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-05-08 18:21 - 2014-05-04 21:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TortoiseSVN 2014-05-07 07:01 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-05-06 23:52 - 2014-05-06 23:52 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-05-06 08:17 - 2013-11-11 20:40 - 00000000 ____D () C:\Users\Yommie\AppData\Local\Spotify 2014-05-06 00:23 - 2014-05-04 21:15 - 00000000 ____D () C:\Users\Yommie\AppData\Local\TGitCache 2014-05-05 20:18 - 2013-08-29 19:16 - 00000000 ____D () C:\Program Files (x86)\Battle for Wesnoth 1.10.7 2014-05-05 18:22 - 2014-05-05 18:22 - 00002999 _____ () C:\README.txt 2014-05-05 18:21 - 2009-11-03 18:26 - 00000000 ____D () C:\Users\Yommie 2014-05-05 18:20 - 2014-05-05 18:20 - 00000000 ____D () C:\Users\Yommie\.p4merge 2014-05-05 18:18 - 2014-05-05 18:18 - 00000000 ____D () C:\Users\Yommie\AppData\Local\{22F2F29A-2B09-4773-A063-073E3429309F} 2014-05-05 17:27 - 2014-05-05 17:27 - 00000000 ____D () C:\Users\Yommie\.subversion 2014-05-05 11:56 - 2014-05-05 11:56 - 00002255 _____ () C:\Users\Yommie\.kdiff3rc 2014-05-05 11:38 - 2014-05-04 21:27 - 00000000 ____D () C:\Users\Yommie\AppData\Roaming\TortoiseGit 2014-05-04 21:17 - 2014-05-04 21:17 - 00000000 ____D () C:\Users\Yommie\AppData\Roaming\Subversion 2014-05-04 20:36 - 2014-05-04 20:36 - 00627600 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll 2014-05-04 20:36 - 2014-05-04 20:36 - 00252296 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2014-05-04 20:36 - 2014-05-04 20:36 - 00188808 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2014-05-04 20:36 - 2014-05-04 20:36 - 00188808 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2014-05-04 20:36 - 2014-05-04 20:36 - 00000000 ____D () C:\Users\Yommie\AppData\Local\GitEye 2014-05-04 20:36 - 2014-05-04 20:36 - 00000000 ____D () C:\Users\Yommie\.giteye 2014-05-04 20:36 - 2014-05-04 20:36 - 00000000 ____D () C:\Program Files\Java 2014-05-04 20:32 - 2014-05-04 20:31 - 00000000 ____D () C:\Users\Yommie\Documents\gittest 2014-05-04 20:30 - 2014-05-04 20:27 - 00000000 ____D () C:\ProgramData\Atlassian 2014-05-04 20:28 - 2014-05-04 20:28 - 00000000 ____D () C:\Users\Yommie\AppData\Local\Atlassian 2014-05-04 20:28 - 2014-05-04 20:28 - 00000000 ____D () C:\ProgramData\Caphyon 2014-05-04 20:26 - 2014-05-04 20:23 - 00000000 ____D () C:\Users\Yommie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc 2014-05-04 20:26 - 2014-05-04 20:23 - 00000000 ____D () C:\Users\Yommie\AppData\Local\GitHub 2014-05-04 20:26 - 2014-05-04 20:21 - 00000000 ____D () C:\Users\Yommie\AppData\Local\Deployment 2014-05-04 20:24 - 2014-05-04 20:23 - 00000000 ____D () C:\Users\Yommie\AppData\Roaming\GitHub 2014-05-04 20:21 - 2009-11-04 16:07 - 00000000 ____D () C:\Users\Yommie\AppData\Local\Apps\2.0 2014-05-04 20:17 - 2014-05-04 20:17 - 00000000 ____D () C:\Users\Yommie\AppData\Local\GitExtensions 2014-05-04 20:14 - 2014-05-04 20:14 - 00000000 ____D () C:\Users\Yommie\AppData\Roaming\GitExtensions 2014-05-04 20:12 - 2014-05-04 20:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KDiff3 2014-05-04 20:12 - 2014-05-04 20:11 - 00000000 ____D () C:\Program Files (x86)\KDiff3 2014-05-04 19:43 - 2014-05-04 19:43 - 00000600 _____ () C:\Users\Yommie\AppData\Local\PUTTY.RND 2014-05-04 00:38 - 2013-12-14 11:42 - 00000000 ____D () C:\Windows\rescache 2014-05-03 01:54 - 2014-05-03 01:54 - 00000000 ____D () C:\Users\Yommie\AppData\Roaming\DropboxMaster 2014-05-03 01:54 - 2010-11-20 12:38 - 00000000 ____D () C:\Users\Yommie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-05-03 01:54 - 2009-11-03 18:26 - 00000000 ___RD () C:\Users\Yommie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-04-30 18:45 - 2012-11-21 15:11 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-04-30 18:45 - 2012-03-30 00:56 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-04-30 18:45 - 2011-05-18 19:58 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-04-29 15:01 - 2014-05-08 00:06 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-04-29 14:40 - 2014-05-08 00:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-04-29 13:48 - 2014-05-08 00:06 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-04-29 13:34 - 2014-05-08 00:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-04-28 15:46 - 2014-04-28 15:46 - 00000000 ____D () C:\ProgramData\bdch 2014-04-18 04:36 - 2013-10-17 21:10 - 00000000 ____D () C:\ProgramData\Oracle 2014-04-18 04:35 - 2014-04-18 04:35 - 00004129 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log 2014-04-18 04:35 - 2014-04-18 04:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-04-18 04:35 - 2011-01-01 22:46 - 00000000 ____D () C:\Program Files (x86)\Java 2014-04-15 15:38 - 2010-01-16 14:59 - 00000000 ____D () C:\Users\Yommie\AppData\Local\Adobe 2014-04-14 20:13 - 2014-04-18 04:35 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-04-14 20:05 - 2014-04-18 04:35 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-04-14 20:05 - 2014-04-18 04:35 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-04-14 20:04 - 2014-04-18 04:35 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-04-14 03:24 - 2014-05-06 20:34 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-04-14 03:19 - 2014-05-06 20:34 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-04-10 20:32 - 2013-08-14 23:29 - 00000000 ____D () C:\Windows\system32\MRT 2014-04-10 20:30 - 2009-11-03 19:44 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe Files to move or delete: ==================== C:\Users\Yommie\TicketToRide_1.6.0-435-1aab3641.exe C:\Users\Yommie\TicketToRide_1.6.1-445-60b61ed1.exe Some content of TEMP: ==================== C:\Users\Yommie\AppData\Local\Temp\24clvftu.dll C:\Users\Yommie\AppData\Local\Temp\AskSLib.dll C:\Users\Yommie\AppData\Local\Temp\avgnt.exe C:\Users\Yommie\AppData\Local\Temp\binkw32.dll C:\Users\Yommie\AppData\Local\Temp\bridj.dll114284905590124877.dll C:\Users\Yommie\AppData\Local\Temp\bridj.dll2143678776831909493.dll C:\Users\Yommie\AppData\Local\Temp\bridj.dll2276924827004846265.dll C:\Users\Yommie\AppData\Local\Temp\bridj.dll5941616283114748362.dll C:\Users\Yommie\AppData\Local\Temp\bridj.dll6546553091883069577.dll C:\Users\Yommie\AppData\Local\Temp\bridj.dll748877581153788980.dll C:\Users\Yommie\AppData\Local\Temp\bridj.dll8194391036001637116.dll C:\Users\Yommie\AppData\Local\Temp\d2l_Install.exe C:\Users\Yommie\AppData\Local\Temp\drm_dialogs.dll C:\Users\Yommie\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphyfqbm.dll C:\Users\Yommie\AppData\Local\Temp\install_flashplayer12x32au_mssd_awb_aih.exe C:\Users\Yommie\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe C:\Users\Yommie\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe C:\Users\Yommie\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe C:\Users\Yommie\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe C:\Users\Yommie\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe C:\Users\Yommie\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe C:\Users\Yommie\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe C:\Users\Yommie\AppData\Local\Temp\jre-7u5-windows-i586-iftw.exe C:\Users\Yommie\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe C:\Users\Yommie\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe C:\Users\Yommie\AppData\Local\Temp\jre-7u6-windows-i586-iftw.exe C:\Users\Yommie\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe C:\Users\Yommie\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe C:\Users\Yommie\AppData\Local\Temp\msvcr80.dll C:\Users\Yommie\AppData\Local\Temp\sfamcc00001.dll C:\Users\Yommie\AppData\Local\Temp\sfamcc00002.dll C:\Users\Yommie\AppData\Local\Temp\sfareca00001.dll C:\Users\Yommie\AppData\Local\Temp\SimPack.exe C:\Users\Yommie\AppData\Local\Temp\SIntf16.dll C:\Users\Yommie\AppData\Local\Temp\SIntf32.dll C:\Users\Yommie\AppData\Local\Temp\SIntfNT.dll C:\Users\Yommie\AppData\Local\Temp\SkypeSetup.exe C:\Users\Yommie\AppData\Local\Temp\uninst.exe C:\Users\Yommie\AppData\Local\Temp\Uninstall.exe C:\Users\Yommie\AppData\Local\Temp\zlib1.dll C:\Users\Yommie\AppData\Local\Temp\_is1188.exe C:\Users\Yommie\AppData\Local\Temp\_is6559.exe C:\Users\Yommie\AppData\Local\Temp\_isCA87.exe C:\Users\Yommie\AppData\Local\Temp\_unps.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-05-10 15:59 ==================== End Of Log ============================