FRST Log
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by Tingler (administrator) on TINGLER-PC (18-03-2016 05:22:39)
Running from C:\Users\Tingler\Downloads
Loaded Profiles: Tingler (Available Profiles: Tingler)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\stacsv64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\AESTSr64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\ksu.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [444416 2009-06-29] (IDT, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7137664 2016-03-09] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-03-09] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Kaspersky Software Updater Beta.lnk [2016-03-09]
ShortcutTarget: Kaspersky Software Updater Beta.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\ksu.exe (AO Kaspersky Lab)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{29E1561A-ACB0-49F3-B8DF-AD2EF0522867}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2621528677-2587945157-656946973-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://
www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://
www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2621528677-2587945157-656946973-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://
www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-03-09] (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-03-09] (AVAST Software)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation)
FireFox:
========
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-12] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-03-09]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-03-09]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
Chrome:
=======
CHR Profile: C:\Users\Tingler\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Snooker) - C:\Users\Tingler\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjohiacoelemalmancnccjggomjnkfod [2016-03-12]
CHR Extension: (YouTube) - C:\Users\Tingler\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-29]
CHR Extension: (Adblock Plus) - C:\Users\Tingler\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-18]
CHR Extension: (Google Search) - C:\Users\Tingler\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-29]
CHR Extension: (AdBlock) - C:\Users\Tingler\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-03-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Tingler\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-29]
CHR Extension: (Gmail) - C:\Users\Tingler\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-29]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-03-09]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-03-09] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [119128 2016-03-09] (AVAST Software)
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe [240128 2009-06-29] (IDT, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-03-09] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-03-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-03-09] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [478128 2016-03-09] (AVAST Software)
S1 aswNetSec; C:\Windows\system32\drivers\aswNetSec.sys [552880 2016-03-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-03-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-03-09] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-03-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [463744 2016-03-09] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [165344 2016-03-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287016 2016-03-09] (AVAST Software)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-03-16] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [24688 2016-03-16] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U0 Partizan; system32\drivers\Partizan.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-03-18 05:22 - 2016-03-18 05:23 - 00011298 _____ C:\Users\Tingler\Downloads\FRST.txt
2016-03-18 05:22 - 2016-03-18 05:22 - 02374144 _____ (Farbar) C:\Users\Tingler\Downloads\FRST64.exe
2016-03-17 20:09 - 2016-03-17 20:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape
2016-03-17 20:09 - 2016-03-17 20:09 - 00000000 ____D C:\Program Files (x86)\PhotoScape
2016-03-17 20:08 - 2016-03-17 20:09 - 21025552 _____ (Mooii) C:\Users\Tingler\Downloads\PhotoScapeSetup_V3.7.exe
2016-03-17 19:58 - 2016-03-17 19:58 - 00000836 _____ C:\Users\Tingler\AppData\Local\recently-used.xbel
2016-03-17 19:45 - 2016-03-17 19:58 - 00000000 ____D C:\Users\Tingler\AppData\Local\gtk-2.0
2016-03-17 19:45 - 2016-03-17 19:45 - 00000000 ____D C:\Users\Tingler\.thumbnails
2016-03-17 19:42 - 2016-03-17 19:58 - 00000000 ____D C:\Users\Tingler\.gimp-2.8
2016-03-17 19:42 - 2016-03-17 19:42 - 00000000 ____D C:\Users\Tingler\AppData\Local\gegl-0.2
2016-03-17 19:42 - 2016-03-17 19:42 - 00000000 ____D C:\Users\Tingler\AppData\Local\fontconfig
2016-03-17 19:39 - 2016-03-17 19:40 - 96823808 _____ (The GIMP Team ) C:\Users\Tingler\Downloads\gimp-2.8.16-setup-1.exe
2016-03-17 17:41 - 2016-03-17 17:41 - 00000000 ____D C:\Users\Tingler\AppData\Roaming\Serif
2016-03-17 17:37 - 2016-03-17 17:38 - 118250544 _____ (Serif (Europe) Ltd.,
support@serif.co.uk) C:\Users\Tingler\Downloads\HLX5-PhotoPlus-SE-Installer-EN (1).exe
2016-03-17 17:35 - 2016-03-17 17:36 - 118250544 _____ (Serif (Europe) Ltd.,
support@serif.co.uk) C:\Users\Tingler\Downloads\HLX5-PhotoPlus-SE-Installer-EN.exe
2016-03-17 16:36 - 2016-03-17 16:36 - 00044538 _____ C:\ComboFix.txt
2016-03-17 16:24 - 2016-03-17 16:36 - 00000000 ____D C:\Qoobox
2016-03-17 16:24 - 2011-06-26 06:45 - 00256000 _____ C:\Windows\PEV.exe
2016-03-17 16:24 - 2010-11-07 17:20 - 00208896 _____ C:\Windows\MBR.exe
2016-03-17 16:24 - 2009-04-20 04:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2016-03-17 16:24 - 2000-08-31 00:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2016-03-17 16:24 - 2000-08-31 00:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2016-03-17 16:24 - 2000-08-31 00:00 - 00098816 _____ C:\Windows\sed.exe
2016-03-17 16:24 - 2000-08-31 00:00 - 00080412 _____ C:\Windows\grep.exe
2016-03-17 16:24 - 2000-08-31 00:00 - 00068096 _____ C:\Windows\zip.exe
2016-03-17 16:23 - 2016-03-17 16:34 - 00000000 ____D C:\Windows\erdnt
2016-03-17 16:22 - 2016-03-17 16:22 - 05658423 ____R (Swearware) C:\Users\Tingler\Downloads\ComboFix.exe
2016-03-16 17:35 - 2016-03-16 17:35 - 00000000 ____D C:\Users\Tingler\AppData\Roaming\Macromedia
2016-03-16 16:15 - 2016-03-16 16:15 - 00028667 _____ C:\Users\Tingler\Downloads\[kat.cr]the.new.statesman.complete.series.torrent
2016-03-16 12:14 - 2016-03-16 12:14 - 00000598 _____ C:\Windows\SysWOW64\Partizan.RRI
2016-03-16 12:14 - 2016-03-16 12:14 - 00000000 ____D C:\@RestoreQuarantine
2016-03-16 12:09 - 2016-03-16 12:09 - 00000000 ____D C:\ProgramData\RegRun
2016-03-16 12:07 - 2016-03-16 12:52 - 00000000 ____D C:\Program Files (x86)\UnHackMe
2016-03-16 12:07 - 2016-03-16 12:12 - 00000000 ____D C:\Users\Tingler\Documents\RegRun2
2016-03-16 12:07 - 2016-03-16 12:07 - 00000002 RSHOT C:\Windows\winstart.bat
2016-03-16 12:07 - 2016-03-16 12:07 - 00000002 RSHOT C:\Windows\SysWOW64\CONFIG.NT
2016-03-16 12:07 - 2016-03-16 12:07 - 00000002 RSHOT C:\Windows\SysWOW64\AUTOEXEC.NT
2016-03-16 11:57 - 2016-03-16 11:57 - 00001796 _____ C:\Users\Public\Desktop\Vuze.lnk
2016-03-16 11:57 - 2016-03-16 11:57 - 00001796 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vuze.lnk
2016-03-16 11:57 - 2016-03-16 11:57 - 00000000 ____D C:\Users\Tingler\.swt
2016-03-16 11:56 - 2016-03-16 18:10 - 00000000 ____D C:\Users\Tingler\AppData\Roaming\Azureus
2016-03-16 11:56 - 2016-03-16 18:05 - 00000000 ____D C:\Users\Tingler\Documents\Vuze Downloads
2016-03-16 11:56 - 2016-03-16 11:56 - 00000000 ____D C:\Program Files\Vuze
2016-03-16 11:54 - 2016-03-16 11:57 - 00000000 ____D C:\Users\Tingler\.oracle_jre_usage
2016-03-16 11:53 - 2016-03-16 11:53 - 00091808 _____ (Azureus Software, Inc.) C:\Users\Tingler\Downloads\VuzeBittorrentClientInstaller.exe
2016-03-16 08:11 - 2016-03-16 08:11 - 00000000 ____D C:\Users\Tingler\AppData\Roaming\CleanMyPC Software
2016-03-16 07:14 - 2016-03-16 07:14 - 01610352 _____ (Malwarebytes) C:\Users\Tingler\Downloads\JRT.exe
2016-03-16 06:10 - 2016-03-16 06:18 - 00024688 _____ C:\Windows\system32\Drivers\TrueSight.sys
2016-03-16 05:52 - 2016-03-16 05:53 - 00000000 ____D C:\ProgramData\RogueKiller
2016-03-13 09:41 - 2016-03-17 17:28 - 00000000 ____D C:\Users\Tingler\Desktop\Log files
2016-03-13 07:02 - 2016-03-18 05:22 - 00000000 ____D C:\FRST
2016-03-12 21:22 - 2016-03-12 21:22 - 00000017 _____ C:\Users\Tingler\AppData\Local\resmon.resmoncfg
2016-03-12 17:55 - 2016-03-12 17:55 - 00002269 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-12 17:54 - 2016-03-18 05:07 - 00000896 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-12 17:54 - 2016-03-17 20:59 - 00000900 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-12 17:54 - 2016-03-12 17:54 - 00003896 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-03-12 17:54 - 2016-03-12 17:54 - 00003644 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-03-10 17:20 - 2016-03-17 21:54 - 00000000 ____D C:\Program Files (x86)\AdwCleaner
2016-03-10 09:29 - 2016-03-10 09:30 - 00191992 _____ C:\TDSSKiller.3.1.0.9_10.03.2016_09.29.22_log.txt
2016-03-09 18:08 - 2016-03-09 18:08 - 00552880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswnetsec.sys
2016-03-09 18:08 - 2016-03-09 18:08 - 00398152 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-03-09 18:08 - 2016-03-09 18:08 - 00052184 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-03-09 18:07 - 2016-03-09 18:07 - 00478128 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2016-03-09 18:01 - 2016-03-09 18:01 - 00000000 ____D C:\Users\Tingler\AppData\Roaming\AVAST Software
2016-03-09 18:01 - 2016-03-09 18:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-03-09 18:00 - 2016-03-09 18:14 - 00003052 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1457546441
2016-03-09 18:00 - 2016-03-09 18:00 - 00001039 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-03-09 17:57 - 2016-03-18 05:08 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-03-09 17:57 - 2016-03-09 18:09 - 01070904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2016-03-09 17:57 - 2016-03-09 18:09 - 00107792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2016-03-09 17:57 - 2016-03-09 18:08 - 00463744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2016-03-09 17:57 - 2016-03-09 18:08 - 00287016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-03-09 17:57 - 2016-03-09 18:08 - 00165344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-03-09 17:57 - 2016-03-09 18:08 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-03-09 17:57 - 2016-03-09 18:08 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-03-09 17:57 - 2016-03-09 18:08 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-03-09 17:57 - 2016-03-09 18:08 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-03-09 17:55 - 2016-03-09 17:56 - 00000000 ____D C:\Program Files\AVAST Software
2016-03-09 17:54 - 2016-03-09 17:54 - 00450504 _____ (AVAST Software) C:\Windows\system32\Drivers\uofqjsfl.sys
2016-03-09 17:45 - 2016-03-09 17:45 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2016-03-09 17:35 - 2016-03-09 17:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Software Updater Beta
2016-03-09 17:35 - 2016-03-09 17:35 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-03-09 05:45 - 2016-03-13 19:21 - 00005074 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-03-09 05:40 - 2016-03-09 17:35 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2016-03-09 05:40 - 2016-03-09 05:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Cleaner
2016-03-09 05:38 - 2016-03-09 05:39 - 00190660 _____ C:\TDSSKiller.3.1.0.9_09.03.2016_05.38.01_log.txt
2016-03-08 09:42 - 2016-03-08 09:43 - 00000000 ____D C:\Program Files\IDT
2016-03-08 07:32 - 2016-03-08 07:32 - 00001104 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-03-06 06:36 - 2016-03-06 06:36 - 00450504 _____ (AVAST Software) C:\Windows\system32\Drivers\pcineovz.sys
2016-03-03 20:36 - 2016-03-11 05:54 - 00000000 ____D C:\Users\Tingler\AppData\Roaming\Adobe
2016-03-03 20:35 - 2016-03-17 21:45 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-03 20:35 - 2016-03-10 20:45 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-03-03 20:35 - 2016-03-10 20:45 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-03 20:35 - 2016-03-10 20:45 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-03-03 20:35 - 2016-03-03 20:35 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-03-03 20:35 - 2016-03-03 20:35 - 00000000 ____D C:\Windows\system32\Macromed
2016-03-03 19:25 - 2016-03-03 19:25 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2016-03-03 19:22 - 2016-03-04 11:37 - 00000000 ____D C:\Users\Tingler\AppData\Local\Samsung
2016-03-03 19:21 - 2016-03-04 07:29 - 00000000 ____D C:\Users\Tingler\Documents\samsung
2016-03-03 19:19 - 2013-12-30 10:53 - 04659712 _____ (Dmitry Streblechenko) C:\Windows\SysWOW64\Redemption.dll
2016-03-03 18:57 - 2016-03-03 18:57 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2016-03-03 18:57 - 2016-01-08 08:51 - 00213088 _____ (DEVGURU Co., LTD.(
www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2016-03-03 18:57 - 2016-01-08 08:51 - 00120416 _____ (DEVGURU Co., LTD.(
www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2016-03-03 18:56 - 2016-03-04 11:37 - 00000000 ____D C:\Users\Tingler\AppData\Roaming\Samsung
2016-03-03 18:56 - 2016-03-04 11:37 - 00000000 ____D C:\ProgramData\Samsung
2016-03-03 18:56 - 2016-02-03 09:29 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll
2016-03-03 18:55 - 2016-03-04 11:26 - 00000000 ____D C:\Program Files (x86)\Samsung
2016-03-03 14:34 - 2016-03-03 14:34 - 00000193 _____ C:\Windows\WORDPAD.INI
2016-03-03 12:40 - 2016-03-05 07:21 - 00000000 ____D C:\Users\Tingler\AppData\Local\Kingsoft
2016-03-03 12:17 - 2016-03-03 12:17 - 00000000 ____D C:\ProgramData\Kingsoft
2016-03-03 12:16 - 2016-03-03 12:42 - 00000000 ____D C:\Users\Tingler\AppData\Roaming\Kingsoft
2016-03-02 09:56 - 2014-05-14 16:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-03-02 09:56 - 2014-05-14 16:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-03-02 09:56 - 2014-05-14 16:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-03-02 09:56 - 2014-05-14 16:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-03-02 09:55 - 2014-05-14 16:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-03-02 09:55 - 2014-05-14 16:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-03-02 09:55 - 2014-05-14 16:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-03-02 09:55 - 2014-05-14 16:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-03-02 09:55 - 2014-05-14 16:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-03-02 09:55 - 2014-05-14 16:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-03-02 09:55 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-03-02 09:55 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-03-02 09:55 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-03-02 09:55 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-03-01 14:19 - 2016-03-01 14:20 - 00000000 ____D C:\Windows\system32\SPReview
2016-03-01 14:19 - 2016-03-01 14:19 - 00000000 ____D C:\Windows\system32\EventProviders
2016-03-01 13:06 - 2010-11-20 13:33 - 01924480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-03-01 13:06 - 2010-11-20 13:28 - 01731936 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-03-01 13:06 - 2010-11-20 13:27 - 14633472 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-03-01 13:06 - 2010-11-20 13:27 - 14174208 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-03-01 13:06 - 2010-11-20 13:27 - 08988160 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-03-01 13:06 - 2010-11-20 13:27 - 03715584 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2016-03-01 13:06 - 2010-11-20 13:27 - 03650560 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-03-01 13:06 - 2010-11-20 13:27 - 03008000 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll
2016-03-01 13:06 - 2010-11-20 13:27 - 02314752 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2016-03-01 13:06 - 2010-11-20 13:27 - 02223616 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2016-03-01 13:06 - 2010-11-20 13:27 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2016-03-01 13:06 - 2010-11-20 13:27 - 01465344 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2016-03-01 13:06 - 2010-11-20 13:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2016-03-01 13:06 - 2010-11-20 13:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2016-03-01 13:06 - 2010-11-20 13:27 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2016-03-01 13:06 - 2010-11-20 13:26 - 12260864 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-03-01 13:06 - 2010-11-20 13:26 - 04120064 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-03-01 13:06 - 2010-11-20 13:26 - 03205120 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2016-03-01 13:06 - 2010-11-20 13:26 - 01838080 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2016-03-01 13:06 - 2010-11-20 13:25 - 00902144 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2016-03-01 13:06 - 2010-11-20 13:25 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2016-03-01 13:06 - 2010-11-20 13:25 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2016-03-01 13:06 - 2010-11-20 12:21 - 12872192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-03-01 13:06 - 2010-11-20 12:21 - 00870912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2016-03-01 13:06 - 2010-11-20 12:21 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2016-03-01 13:06 - 2010-11-20 12:19 - 05977600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-03-01 13:06 - 2010-11-20 12:19 - 03215872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2016-03-01 13:06 - 2010-11-20 12:19 - 00954752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc40.dll
2016-03-01 13:06 - 2010-11-20 12:19 - 00954288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc40u.dll
2016-03-01 13:06 - 2010-11-20 12:18 - 01171456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2016-03-01 13:06 - 2010-11-20 12:18 - 00739840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2016-03-01 13:06 - 2010-11-20 11:07 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2016-03-01 13:06 - 2010-11-05 01:58 - 01130824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2016-03-01 13:06 - 2010-11-05 01:57 - 01942856 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2016-03-01 13:06 - 2010-11-05 01:57 - 00444752 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2016-03-01 13:06 - 2010-11-05 01:57 - 00048976 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2016-03-01 13:05 - 2010-11-20 13:39 - 05066752 _____ (Microsoft Corporation) C:\Windows\system32\AuthFWSnapin.dll
2016-03-01 13:05 - 2010-11-20 13:34 - 00215936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2016-03-01 13:05 - 2010-11-20 13:33 - 01659776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-03-01 13:05 - 2010-11-20 13:33 - 00982912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-03-01 13:05 - 2010-11-20 13:33 - 00951680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2016-03-01 13:05 - 2010-11-20 13:33 - 00376192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2016-03-01 13:05 - 2010-11-20 13:33 - 00299392 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2016-03-01 13:05 - 2010-11-20 13:33 - 00273792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2016-03-01 13:05 - 2010-11-20 13:33 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2016-03-01 13:05 - 2010-11-20 13:33 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2016-03-01 13:05 - 2010-11-20 13:32 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2016-03-01 13:05 - 2010-11-20 13:28 - 00605552 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-03-01 13:05 - 2010-11-20 13:28 - 00566208 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-03-01 13:05 - 2010-11-20 13:28 - 00459248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-03-01 13:05 - 2010-11-20 13:27 - 03860992 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll
2016-03-01 13:05 - 2010-11-20 13:27 - 03027968 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL
2016-03-01 13:05 - 2010-11-20 13:27 - 02652160 _____ (Microsoft Corporation) C:\Windows\system32\netshell.dll
2016-03-01 13:05 - 2010-11-20 13:27 - 02543616 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll