OCD,
Computer sounds are okay and it seems to be working fine. Please see the FRST results posted below:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-08-2014 03
Ran by PersonnelPC (administrator) on PERSONNEL on 25-08-2014 03:18:34
Running from C:\Users\TEMP.Personnel\Desktop
Platform: Windows 8 (X64) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Normal
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16683_none_62280e15510f8e79\TiWorker.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(MyPCBackup.com) C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteWMPMonitor.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Desktop.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7188552 2013-06-06] (Realtek Semiconductor)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-08] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [Yahoo Messenger] => [X]
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [377368 2013-10-23] (Power Software Ltd)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1781143609-4253824246-3402552693-1001\...\Run: [reg_svr] => "C:\Windows\SysWoW64\regsvr32.exe" /s "C:\Users\TEMP.Personnel\AppData\Roaming\glister\nvm.dll"
HKU\S-1-5-21-1781143609-4253824246-3402552693-1001\...\Run: [Google+ Auto Backup] => C:\Users\TEMP.Personnel\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3619096 2014-01-06] (Google Inc.)
HKU\S-1-5-21-1781143609-4253824246-3402552693-1001\...\MountPoints2: G - "G:\autorun.exe"
HKU\S-1-5-21-1781143609-4253824246-3402552693-1001\...\MountPoints2: H - "H:\autorun.exe"
HKU\S-1-5-21-1781143609-4253824246-3402552693-1001\...\MountPoints2: {48bf6839-1683-11e4-bf5c-d89d677f9b55} - "G:\AutoRun.exe"
Startup: C:\Users\TEMP.Personnel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
Startup: C:\Users\TEMP.Personnel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: 127.0.0.1:6006
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{01086B81-491B-473D-AADE-BB9FA298A9FF}: [NameServer] 8.8.8.8,8.8.4.4
FireFox:
========
FF ProfilePath: C:\Users\TEMP.Personnel\AppData\Roaming\Mozilla\Firefox\Profiles\qhhjxycq.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\TEMP.Personnel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Users\TEMP.Personnel\AppData\Roaming\mozilla\plugins\np-mswmp.dll (Microsoft Corporation)
FF Extension: Test Pilot - C:\Users\TEMP.Personnel\AppData\Roaming\Mozilla\Firefox\Profiles\qhhjxycq.default\Extensions\testpilot@labs.mozilla.com.xpi [2013-09-20]
FF Extension: Adblock Plus - C:\Users\TEMP.Personnel\AppData\Roaming\Mozilla\Firefox\Profiles\qhhjxycq.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-16]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-08-23]
Chrome:
=======
CHR HomePage: hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP
CHR StartupUrls: "hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP"
CHR DefaultSearchKeyword: bing.com
CHR DefaultSearchProvider: Bing
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\TEMP.Personnel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-22]
CHR Extension: (Google Wallet) - C:\Users\TEMP.Personnel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-22]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36424 2014-08-14] (Just Develop It)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
R2 HPConnectedRemote; C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35744 2012-10-13] (Hewlett-Packard)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [245832 2013-06-06] (Realtek Semiconductor)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [243200 2009-10-21] (Huawei Technologies Co., Ltd.)
S3 hwusbdev; C:\Windows\system32\DRIVERS\ewusbdev.sys [114304 2009-10-12] (Huawei Technologies Co., Ltd.)
S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [273040 2012-08-09] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-25] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-25] (Synaptics Incorporated)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-25 03:18 - 2014-08-25 03:18 - 00017012 _____ () C:\Users\TEMP.Personnel\Desktop\FRST.txt
2014-08-24 02:07 - 2014-08-24 02:07 - 00000000 ____D () C:\cd
2014-08-23 15:27 - 2014-08-23 15:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-22 04:01 - 2014-08-22 04:01 - 00001985 _____ () C:\Users\TEMP.Personnel\Desktop\ESETscan.txt
2014-08-20 03:59 - 2014-08-20 03:59 - 00042615 _____ () C:\Users\TEMP.Personnel\Downloads\captain-america-the-winter-soldier_english-960032.zip
2014-08-20 03:22 - 2014-08-20 03:22 - 01938256 _____ (BitTorrent Inc.) C:\Users\TEMP.Personnel\Downloads\uTorrent.exe
2014-08-20 03:17 - 2014-08-20 03:17 - 00004040 _____ () C:\Windows\System32\Tasks\LaunchSignup
2014-08-20 03:16 - 2014-08-20 03:17 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-08-20 03:16 - 2014-08-20 03:16 - 00000000 ____D () C:\Users\TEMP.Personnel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-08-20 03:15 - 2014-08-20 03:15 - 00000415 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-08-20 03:14 - 2014-08-21 15:29 - 00000000 ____D () C:\Users\TEMP.Personnel\AppData\Roaming\uTorrent
2014-08-19 02:45 - 2014-08-19 02:45 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-08-19 02:42 - 2014-08-19 02:43 - 02347384 _____ (ESET) C:\Users\TEMP.Personnel\Downloads\esetsmartinstaller_enu.exe
2014-08-19 02:12 - 2014-08-25 03:15 - 00000000 ____D () C:\Users\TEMP.Personnel\Desktop\FRST-OlderVersion
2014-08-18 15:56 - 2014-04-01 02:43 - 00079599 ____N () C:\Users\TEMP.Personnel\Downloads\The.Twilight.Saga.Breaking.Dawn.Part.2.2012.1080p.BRrip.x264.GAZ.YIFY.CHI.srt
2014-08-18 15:54 - 2014-08-18 15:54 - 00029477 _____ () C:\Users\TEMP.Personnel\Downloads\the-twilight-saga-5-breaking-dawn-part-2_english-887906.zip
2014-08-18 15:31 - 2013-12-20 17:34 - 00096951 ____N () C:\Users\TEMP.Personnel\Downloads\The.Twilight.Saga.Breaking.Dawn.Part.1.2011.720p.BluRay.x264.YIFY.srt
2014-08-18 15:30 - 2014-08-18 15:31 - 00033056 _____ () C:\Users\TEMP.Personnel\Downloads\the-twilight-saga-4-breaking-dawn-part-1_english-835968.zip
2014-08-17 19:40 - 2014-08-17 21:02 - 00000000 ___HD () C:\Users\TEMP.Personnel\Desktop\.picasaoriginals
2014-08-15 22:04 - 2014-08-15 22:21 - 00000000 ____D () C:\Users\TEMP.Personnel\Downloads\Singham Returns (2014) DvDScr Rip - XviD - [1CD] - Team IcTv Exclusive
2014-08-15 03:13 - 2014-07-16 03:51 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-08-15 03:10 - 2014-06-11 03:44 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-15 03:10 - 2014-06-11 03:43 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-15 02:08 - 2014-08-07 11:33 - 00712192 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-15 02:08 - 2014-08-07 08:09 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-15 00:07 - 2014-06-13 06:57 - 01453400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-15 00:07 - 2014-06-13 06:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-08-15 00:06 - 2014-07-24 17:11 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-15 00:06 - 2014-07-24 17:10 - 02240000 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-15 00:06 - 2014-07-24 17:10 - 01407488 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-15 00:06 - 2014-07-24 17:10 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-08-15 00:06 - 2014-07-24 17:10 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-08-15 00:06 - 2014-07-24 17:09 - 19279872 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-15 00:06 - 2014-07-24 17:09 - 15399936 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-15 00:06 - 2014-07-24 17:09 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-15 00:06 - 2014-07-24 17:09 - 02655232 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-15 00:06 - 2014-07-24 17:09 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-15 00:06 - 2014-07-24 17:09 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-15 00:06 - 2014-07-24 17:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-15 00:06 - 2014-07-24 17:09 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-15 00:06 - 2014-07-24 17:09 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-15 00:06 - 2014-07-24 17:09 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-15 00:06 - 2014-07-24 17:09 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-15 00:06 - 2014-07-24 17:09 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-08-15 00:06 - 2014-07-24 17:09 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-15 00:06 - 2014-07-24 17:09 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-15 00:06 - 2014-07-24 17:09 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-15 00:06 - 2014-07-24 17:09 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-15 00:06 - 2014-07-24 15:52 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-15 00:06 - 2014-07-24 15:52 - 01180672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-15 00:06 - 2014-07-24 15:52 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-08-15 00:06 - 2014-07-24 15:51 - 14371328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-15 00:06 - 2014-07-24 15:51 - 13757440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-15 00:06 - 2014-07-24 15:51 - 02861568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-15 00:06 - 2014-07-24 15:51 - 02054656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-15 00:06 - 2014-07-24 15:51 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-15 00:06 - 2014-07-24 15:51 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-08-15 00:06 - 2014-07-24 15:51 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-15 00:06 - 2014-07-24 15:51 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-15 00:06 - 2014-07-24 15:51 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-15 00:06 - 2014-07-24 15:51 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-15 00:06 - 2014-07-24 15:51 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-15 00:06 - 2014-07-24 15:51 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-08-15 00:06 - 2014-07-24 15:51 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-15 00:06 - 2014-07-24 15:51 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-15 00:06 - 2014-07-24 15:51 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-15 00:06 - 2014-07-24 15:51 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-15 00:06 - 2014-07-24 15:33 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-15 00:06 - 2014-07-24 15:29 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-15 00:06 - 2014-07-24 13:03 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-08-15 00:01 - 2014-07-16 04:03 - 01300992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-15 00:01 - 2014-07-16 03:55 - 04035072 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-15 00:01 - 2014-07-12 07:36 - 01023488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-14 23:36 - 2014-06-05 22:56 - 00112984 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-14 23:36 - 2014-06-05 22:30 - 10116608 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-08-14 23:36 - 2014-06-05 22:29 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-14 23:36 - 2014-06-05 22:29 - 00393216 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-14 23:36 - 2014-06-05 22:28 - 02306560 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-14 23:36 - 2014-06-05 22:28 - 02146304 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-08-14 23:36 - 2014-06-05 18:12 - 08857600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-08-14 23:36 - 2014-06-05 18:11 - 02416128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-14 23:36 - 2014-06-05 18:11 - 00295424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-14 23:36 - 2014-06-05 18:10 - 02037760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-14 23:36 - 2014-06-05 18:10 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-08-14 23:34 - 2014-06-20 04:35 - 01312768 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-14 23:34 - 2014-06-20 03:24 - 00694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-14 23:32 - 2014-05-29 09:04 - 00094552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2014-08-14 23:32 - 2014-05-08 06:34 - 00328024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-08-14 19:48 - 2014-08-14 19:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-14 19:48 - 2014-08-14 19:47 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-14 19:48 - 2014-08-14 19:47 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-14 19:48 - 2014-08-14 19:47 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-14 19:48 - 2014-08-14 19:47 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-12 22:55 - 2014-08-12 22:55 - 00000000 ____D () C:\Windows\ERUNT
2014-08-12 22:53 - 2014-08-12 22:53 - 01016261 _____ (Thisisu) C:\Users\TEMP.Personnel\Desktop\JRT.exe
2014-08-12 22:47 - 2014-08-21 03:40 - 00000976 _____ () C:\Windows\PFRO.log
2014-08-12 22:32 - 2014-08-25 03:15 - 02103296 _____ (Farbar) C:\Users\TEMP.Personnel\Desktop\FRST64.exe
2014-08-11 23:05 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-08-11 23:04 - 2014-08-12 22:46 - 00000000 ____D () C:\AdwCleaner
2014-08-11 22:59 - 2014-08-11 23:03 - 01366203 _____ () C:\Users\TEMP.Personnel\Downloads\AdwCleaner.exe
2014-08-08 16:28 - 2014-08-25 03:18 - 00000000 ____D () C:\FRST
2014-08-07 23:07 - 2014-08-07 23:07 - 00000000 ____D () C:\Users\TEMP.Personnel\Downloads\Just Cause [Multi2][PC]
2014-08-07 20:33 - 2014-08-07 20:33 - 00012040 _____ () C:\Users\TEMP.Personnel\Downloads\hijackthis.log
2014-08-07 20:32 - 2014-08-07 20:32 - 00388608 _____ (Trend Micro Inc.) C:\Users\TEMP.Personnel\Downloads\HiJackThis.exe
2014-08-07 20:29 - 2014-08-12 23:13 - 00000000 ____D () C:\Users\TEMP.Personnel\Desktop\Fix Tools
2014-08-06 04:34 - 2014-08-06 04:34 - 00000000 ____D () C:\Users\TEMP.Personnel\AppData\Roaming\ZqWare
2014-08-06 04:08 - 2014-08-06 04:15 - 00000000 ____D () C:\Program Files (x86)\UltraVPN
2014-08-06 04:08 - 2014-08-06 04:08 - 00000000 ____D () C:\Users\TEMP.Personnel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UltraVPN
2014-08-06 04:08 - 2014-08-06 04:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraVPN
2014-08-06 04:08 - 2014-08-06 04:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN
2014-08-06 04:07 - 2014-08-06 04:07 - 01166613 _____ () C:\Users\TEMP.Personnel\Downloads\ultravpn-install.exe
2014-08-06 03:41 - 2014-08-06 03:42 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\TEMP.Personnel\Downloads\rkill.com
2014-08-06 03:29 - 2014-08-21 15:59 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-06 03:29 - 2014-08-06 03:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-06 03:28 - 2014-08-06 03:28 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-06 03:28 - 2014-08-06 03:28 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-06 03:28 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-06 03:28 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-06 03:28 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-06 03:23 - 2014-08-06 03:27 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\TEMP.Personnel\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-06 03:09 - 2014-08-06 03:10 - 00749592 _____ () C:\Users\TEMP.Personnel\Downloads\GetPrivateSetup (1).exe
2014-08-06 03:08 - 2014-08-06 03:08 - 00000000 ____D () C:\Windows\system32\SRSLabs
2014-08-06 03:07 - 2014-08-06 03:08 - 00749592 _____ () C:\Users\TEMP.Personnel\Downloads\GetPrivateSetup.exe
2014-07-30 15:43 - 2014-07-30 15:43 - 00028629 _____ () C:\Users\TEMP.Personnel\Downloads\[kickass.to]just.cause.multi2.pc.torrent
2014-07-29 10:55 - 2014-08-17 21:14 - 00002487 _____ () C:\Windows\setupact.log
2014-07-29 10:55 - 2014-07-29 10:55 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-28 22:49 - 2014-07-28 22:49 - 00004489 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-28 16:19 - 2014-08-24 23:40 - 01886171 _____ () C:\Windows\WindowsUpdate.log
2014-07-28 04:04 - 2014-07-28 04:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-28 04:03 - 2014-07-28 04:03 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-28 04:03 - 2014-07-28 04:03 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-27 21:41 - 2014-07-27 23:12 - 839031107 ____R () C:\Users\TEMP.Personnel\Downloads\Hate.Story.2.2014.720p.DVDSCR.800MB.ShAaNiG.com.mkv
2014-07-26 01:48 - 2014-07-26 01:56 - 00000000 ____D () C:\Users\TEMP.Personnel\Downloads\KICK (2014) [1CD] DVDSCR Rip Xvid Mp3 TeamTNT Exclusive
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-25 03:19 - 2014-08-25 03:18 - 00017012 _____ () C:\Users\TEMP.Personnel\Desktop\FRST.txt
2014-08-25 03:18 - 2014-08-08 16:28 - 00000000 ____D () C:\FRST
2014-08-25 03:15 - 2014-08-19 02:12 - 00000000 ____D () C:\Users\TEMP.Personnel\Desktop\FRST-OlderVersion
2014-08-25 03:15 - 2014-08-12 22:32 - 02103296 _____ (Farbar) C:\Users\TEMP.Personnel\Desktop\FRST64.exe
2014-08-25 03:11 - 2013-03-27 18:16 - 00000928 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-25 03:10 - 2014-02-13 21:22 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-25 03:00 - 2012-07-26 13:12 - 00000000 ____D () C:\Windows\system32\sru
2014-08-25 02:51 - 2013-07-18 15:13 - 00000000 ____D () C:\Users\TEMP.Personnel\AppData\Roaming\Skype
2014-08-24 23:40 - 2014-07-28 16:19 - 01886171 _____ () C:\Windows\WindowsUpdate.log
2014-08-24 20:30 - 2014-02-05 14:45 - 00000000 ____D () C:\Users\TEMP.Personnel\AppData\Roaming\glister
2014-08-24 20:20 - 2013-03-27 18:16 - 00000924 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-24 15:23 - 2012-07-26 12:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-08-24 02:07 - 2014-08-24 02:07 - 00000000 ____D () C:\cd
2014-08-23 19:19 - 2014-02-13 20:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-23 15:28 - 2014-08-23 15:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-23 10:16 - 2013-07-18 14:30 - 00003954 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{A7143298-5460-4070-8BD2-DB84241D0F0F}
2014-08-22 04:01 - 2014-08-22 04:01 - 00001985 _____ () C:\Users\TEMP.Personnel\Desktop\ESETscan.txt
2014-08-21 16:36 - 2013-03-17 01:33 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1781143609-4253824246-3402552693-1001
2014-08-21 15:59 - 2014-08-06 03:29 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-21 15:29 - 2014-08-20 03:14 - 00000000 ____D () C:\Users\TEMP.Personnel\AppData\Roaming\uTorrent
2014-08-21 03:41 - 2014-07-13 01:38 - 00423608 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-21 03:41 - 2012-07-26 12:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-21 03:40 - 2014-08-12 22:47 - 00000976 _____ () C:\Windows\PFRO.log
2014-08-21 02:28 - 2013-08-08 18:48 - 00000000 ____D () C:\Users\TEMP.Personnel\AppData\Roaming\vlc
2014-08-20 03:59 - 2014-08-20 03:59 - 00042615 _____ () C:\Users\TEMP.Personnel\Downloads\captain-america-the-winter-soldier_english-960032.zip
2014-08-20 03:22 - 2014-08-20 03:22 - 01938256 _____ (BitTorrent Inc.) C:\Users\TEMP.Personnel\Downloads\uTorrent.exe
2014-08-20 03:17 - 2014-08-20 03:17 - 00004040 _____ () C:\Windows\System32\Tasks\LaunchSignup
2014-08-20 03:17 - 2014-08-20 03:16 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-08-20 03:16 - 2014-08-20 03:16 - 00000000 ____D () C:\Users\TEMP.Personnel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-08-20 03:15 - 2014-08-20 03:15 - 00000415 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-08-19 02:45 - 2014-08-19 02:45 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-08-19 02:43 - 2014-08-19 02:42 - 02347384 _____ (ESET) C:\Users\TEMP.Personnel\Downloads\esetsmartinstaller_enu.exe
2014-08-18 15:54 - 2014-08-18 15:54 - 00029477 _____ () C:\Users\TEMP.Personnel\Downloads\the-twilight-saga-5-breaking-dawn-part-2_english-887906.zip
2014-08-18 15:31 - 2014-08-18 15:30 - 00033056 _____ () C:\Users\TEMP.Personnel\Downloads\the-twilight-saga-4-breaking-dawn-part-1_english-835968.zip
2014-08-17 21:24 - 2012-07-26 12:28 - 00942994 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-17 21:22 - 2012-07-26 13:12 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-17 21:14 - 2014-07-29 10:55 - 00002487 _____ () C:\Windows\setupact.log
2014-08-17 21:02 - 2014-08-17 19:40 - 00000000 ___HD () C:\Users\TEMP.Personnel\Desktop\.picasaoriginals
2014-08-15 22:21 - 2014-08-15 22:04 - 00000000 ____D () C:\Users\TEMP.Personnel\Downloads\Singham Returns (2014) DvDScr Rip - XviD - [1CD] - Team IcTv Exclusive
2014-08-15 03:37 - 2014-07-11 06:16 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-15 03:37 - 2012-07-26 13:12 - 00000000 ___RD () C:\Windows\ToastData
2014-08-15 03:36 - 2013-10-28 21:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-15 03:35 - 2013-07-26 20:49 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-15 03:28 - 2013-03-30 01:49 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-14 23:30 - 2012-07-26 13:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-08-14 19:48 - 2014-08-14 19:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-14 19:48 - 2013-11-27 13:42 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-14 19:47 - 2014-08-14 19:48 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-14 19:47 - 2014-08-14 19:48 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-14 19:47 - 2014-08-14 19:48 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-14 19:47 - 2014-08-14 19:48 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-14 19:47 - 2013-08-10 23:42 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-14 18:15 - 2014-02-19 19:13 - 00002143 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-14 01:44 - 2014-03-31 19:16 - 00000654 ____H () C:\Users\TEMP.Personnel\Downloads\.picasa.ini
2014-08-12 23:42 - 2014-02-28 00:03 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-08-12 23:41 - 2013-03-27 22:18 - 00000000 ____D () C:\ProgramData\Skype
2014-08-12 23:13 - 2014-08-07 20:29 - 00000000 ____D () C:\Users\TEMP.Personnel\Desktop\Fix Tools
2014-08-12 22:55 - 2014-08-12 22:55 - 00000000 ____D () C:\Windows\ERUNT
2014-08-12 22:53 - 2014-08-12 22:53 - 01016261 _____ (Thisisu) C:\Users\TEMP.Personnel\Desktop\JRT.exe
2014-08-12 22:47 - 2012-07-26 10:26 - 00524288 ___SH () C:\Windows\system32\config\BBI
2014-08-12 22:46 - 2014-08-11 23:04 - 00000000 ____D () C:\AdwCleaner
2014-08-11 23:03 - 2014-08-11 22:59 - 01366203 _____ () C:\Users\TEMP.Personnel\Downloads\AdwCleaner.exe
2014-08-10 02:35 - 2013-07-18 14:26 - 00000000 ____D () C:\Users\TEMP.Personnel
2014-08-08 09:14 - 2013-03-17 01:23 - 00000000 ____D () C:\Users\PersonnelPC
2014-08-08 09:13 - 2012-07-26 13:12 - 00000000 ____D () C:\Windows\registration
2014-08-07 23:07 - 2014-08-07 23:07 - 00000000 ____D () C:\Users\TEMP.Personnel\Downloads\Just Cause [Multi2][PC]
2014-08-07 20:54 - 2013-08-17 01:34 - 00001062 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk
2014-08-07 20:54 - 2013-08-17 01:34 - 00001050 _____ () C:\Users\Public\Desktop\TeamViewer 8.lnk
2014-08-07 20:33 - 2014-08-07 20:33 - 00012040 _____ () C:\Users\TEMP.Personnel\Downloads\hijackthis.log
2014-08-07 20:33 - 2013-07-18 14:30 - 00000000 ____D () C:\Users\TEMP.Personnel\AppData\Local\VirtualStore
2014-08-07 20:32 - 2014-08-07 20:32 - 00388608 _____ (Trend Micro Inc.) C:\Users\TEMP.Personnel\Downloads\HiJackThis.exe
2014-08-07 18:02 - 2014-06-06 16:20 - 00000000 ___HD () C:\Users\TEMP.Personnel\Downloads\.picasaoriginals
2014-08-07 11:33 - 2014-08-15 02:08 - 00712192 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 08:09 - 2014-08-15 02:08 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 04:34 - 2014-08-06 04:34 - 00000000 ____D () C:\Users\TEMP.Personnel\AppData\Roaming\ZqWare
2014-08-06 04:15 - 2014-08-06 04:08 - 00000000 ____D () C:\Program Files (x86)\UltraVPN
2014-08-06 04:08 - 2014-08-06 04:08 - 00000000 ____D () C:\Users\TEMP.Personnel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UltraVPN
2014-08-06 04:08 - 2014-08-06 04:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraVPN
2014-08-06 04:08 - 2014-08-06 04:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN
2014-08-06 04:07 - 2014-08-06 04:07 - 01166613 _____ () C:\Users\TEMP.Personnel\Downloads\ultravpn-install.exe
2014-08-06 03:42 - 2014-08-06 03:41 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\TEMP.Personnel\Downloads\rkill.com
2014-08-06 03:29 - 2014-08-06 03:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-06 03:28 - 2014-08-06 03:28 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-06 03:28 - 2014-08-06 03:28 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-06 03:27 - 2014-08-06 03:23 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\TEMP.Personnel\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-06 03:27 - 2013-04-23 18:23 - 00000871 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-08-06 03:27 - 2013-04-23 18:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-08-06 03:10 - 2014-08-06 03:09 - 00749592 _____ () C:\Users\TEMP.Personnel\Downloads\GetPrivateSetup (1).exe
2014-08-06 03:08 - 2014-08-06 03:08 - 00000000 ____D () C:\Windows\system32\SRSLabs
2014-08-06 03:08 - 2014-08-06 03:07 - 00749592 _____ () C:\Users\TEMP.Personnel\Downloads\GetPrivateSetup.exe
2014-08-06 03:08 - 2013-01-29 17:03 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-08-02 05:15 - 2014-07-11 06:20 - 00704480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-02 05:15 - 2014-07-11 06:20 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-30 15:43 - 2014-07-30 15:43 - 00028629 _____ () C:\Users\TEMP.Personnel\Downloads\[kickass.to]just.cause.multi2.pc.torrent
2014-07-29 10:55 - 2014-07-29 10:55 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-28 22:49 - 2014-07-28 22:49 - 00004489 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-28 04:04 - 2014-07-28 04:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-28 04:03 - 2014-07-28 04:03 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-28 04:03 - 2014-07-28 04:03 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-28 01:36 - 2014-03-24 16:41 - 00000000 ____D () C:\Users\TEMP.Personnel\Downloads\Updated CV with address
2014-07-27 23:12 - 2014-07-27 21:41 - 839031107 ____R () C:\Users\TEMP.Personnel\Downloads\Hate.Story.2.2014.720p.DVDSCR.800MB.ShAaNiG.com.mkv
2014-07-27 01:37 - 2012-07-26 13:12 - 00000000 ____D () C:\Windows\rescache
2014-07-26 01:56 - 2014-07-26 01:48 - 00000000 ____D () C:\Users\TEMP.Personnel\Downloads\KICK (2014) [1CD] DVDSCR Rip Xvid Mp3 TeamTNT Exclusive
Some content of TEMP:
====================
C:\Users\PersonnelPC\AppData\Local\Temp\SkypeSetup.exe
C:\Users\TEMP.Personnel\AppData\Local\Temp\CloudBackup8030.exe
C:\Users\TEMP.Personnel\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\TEMP.Personnel\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\TEMP.Personnel\AppData\Local\Temp\Quarantine.exe
C:\Users\TEMP.Personnel\AppData\Local\Temp\SkypeSetup.exe
C:\Users\TEMP.Personnel\AppData\Local\Temp\SRLDetectionLibrary3613883571079857827.dll
C:\Users\TEMP.Personnel\AppData\Local\Temp\Uninstall.exe
C:\Users\TEMP.Personnel\AppData\Local\Temp\vcredist_x64.exe
C:\Users\TEMP.Personnel\AppData\Local\Temp\vlc-2.1.5-win64.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-21 03:28
==================== End Of Log ============================
Regards,
galaxy