Here is my FRST.txt
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-05-2015
Ran by Max (administrator) on LEVIATHAN on 25-05-2015 12:13:58
Running from C:\Users\Max\Desktop
Loaded Profiles: Max (Available Profiles: Max)
Platform: Windows 8.1 Pro (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/33 ... scan-tool/==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files\shopperz\Anneliese.exe
( ) C:\Windows\Temp\mrt6FE0.tmp\stdrt.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\shopperz\csrcc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Program Files\shopperz\Grubb.exe
() C:\Program Files (x86)\Edu App\updateEduApp.exe
() C:\Program Files (x86)\Edu App\bin\utilEduApp.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
() C:\Program Files (x86)\Edu App\bin\EduApp.PurBrowse64.exe
() C:\Program Files (x86)\Edu App\bin\EduApp.BrowserAdapter64.exe
() C:\Program Files (x86)\Edu App\bin\EduApp.BrowserAdapter.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files\shopperz\Brito.exe
() C:\Program Files\shopperz\Brito64.exe
() C:\Program Files (x86)\Edu App\bin\EduApp.expext.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\FRST\Quarantine\C\Program Files (x86)\RapidMediaConverter\RapidMediaConverterApp.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(SoftBrain Technologies Ltd.) C:\FRST\Quarantine\C\Users\Max\AppData\Local\SmartWeb\SmartWeb\SmartWebHelper.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(SoftBrain Technologies Ltd.) C:\FRST\Quarantine\C\Users\Max\AppData\Local\SmartWeb\SmartWeb\SmartWebApp.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM\...\Run: [shopperz] => C:\Program Files\shopperz\Brito.exe [431976 2015-05-20] ()
HKLM\...\Run: [shopperz64] => C:\Program Files\shopperz\Brito64.exe [462696 2015-05-20] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-09-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [gmsd_us_585] => "C:\Program Files (x86)\gmsd_us_585\gmsd_us_585.exe"
HKLM-x32\...\Run: [SmartWeb] => C:\Users\Max\AppData\Local\SmartWeb\SmartWebHelper.exe
HKLM-x32\...\Run: [gmsd_us_608] => "C:\Program Files (x86)\gmsd_us_608\gmsd_us_608.exe"
HKU\S-1-5-21-3369700690-3850376273-3648611264-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31280256 2015-04-17] (Skype Technologies S.A.)
HKU\S-1-5-21-3369700690-3850376273-3648611264-1001\...\Run: [GoogleChromeAutoLaunch_3D1EE8F760F37097E3AF05CAB8B9C5AC] => "C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe" --no-startup-window
HKU\S-1-5-21-3369700690-3850376273-3648611264-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\PhotoScreensaver.scr [589312 2014-10-28] (Microsoft Corporation)
AppInit_DLLs-x32: C:\ProgramData\LolliScan\LolliScan32.dll => "C:\ProgramData\LolliScan\LolliScan32.dll" File not found
Startup: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RapidMediaConverterApp.lnk [2015-05-16]
ShortcutTarget: RapidMediaConverterApp.lnk -> C:\FRST\Quarantine\C\Program Files (x86)\RapidMediaConverter\RapidMediaConverterApp.exe ()
Startup: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartWeb.lnk [2015-05-22]
ShortcutTarget: SmartWeb.lnk -> C:\FRST\Quarantine\C\Users\Max\AppData\Local\SmartWeb\SmartWeb\SmartWebHelper.exe (SoftBrain Technologies Ltd.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-3369700690-3850376273-3648611264-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
http://start.iminent.com/?appId=28f88e0 ... 87fa16661bHKU\S-1-5-21-3369700690-3850376273-3648611264-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://t.msn.com/URLSearchHook: HKU\S-1-5-21-3369700690-3850376273-3648611264-1001 - (No Name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No File
SearchScopes: HKLM-x32 -> {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL =
http://start.iminent.com/?appId=28f88e0 ... toolbox&q={searchTerms}
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3369700690-3850376273-3648611264-1001 -> {89804BA5-1501-4E4F-8667-82EDEE5D6F77} URL =
https://search.yahoo.com/search?fr=chr- ... =667671&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3369700690-3850376273-3648611264-1001 -> {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL =
http://start.iminent.com/?appId=28f88e0 ... toolbox&q={searchTerms}
BHO: shopperz -> {2395B860-45E4-42fd-96E6-50BA597C1C42} -> C:\Program Files\shopperz\Sorensen64.dll [2015-05-20] ()
BHO: IMinent WebBooster (BHO) -> {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} -> C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx64.dll No File
BHO-x32: shopperz -> {2395B860-45E4-42fd-96E6-50BA597C1C42} -> C:\Program Files\shopperz\Sorensen32.dll [2015-05-20] ()
BHO-x32: No Name -> {84FF7BD6-B47F-46F8-9130-01B2696B36CB} -> No File
BHO-x32: IMinent WebBooster (BHO) -> {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} -> C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx86.dll No File
BHO-x32: Edu App 1.0.0.7 -> {ebfbdd44-c0e0-4f63-a8e6-ee5f34765238} -> C:\Program Files (x86)\Edu App\EduAppbho.dll [2015-05-22] (Edu App)
Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{1FD4CAA7-EB74-4F00-8A1E-887D577F4861}: [NameServer] 31.168.228.251,82.166.96.251
Tcpip\..\Interfaces\{67C2E777-3C2A-440A-8BDE-083FEBFD7A85}: [NameServer] 31.168.228.251,82.166.96.251
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\174u8fal.default
FF NewTab:
hxxp://start.iminent.com/?ref=NewTab&ap ... 87fa16661bFF DefaultSearchEngine.US: StartWeb
FF SelectedSearchEngine: StartWeb
FF Homepage:
hxxp://start.iminent.com/?appId=28f88e0 ... 87fa16661bFF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\174u8fal.default\user.js [2015-05-22]
FF SearchPlugin: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\174u8fal.default\searchplugins\firefox-add-ons.xml [2014-11-11]
FF SearchPlugin: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\174u8fal.default\searchplugins\youtube.xml [2014-11-09]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\StartWeb.xml [2015-05-20]
FF Extension: ColorZilla - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\174u8fal.default\Extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326} [2015-01-03]
FF Extension: Zoom It - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\174u8fal.default\Extensions\{7859af48-8c14-af2d-7933-c21a908d3b92} [2015-05-17]
FF Extension: Add to Search Bar - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\174u8fal.default\Extensions\add-to-searchbox@maltekraus.de.xpi [2014-11-27]
FF Extension: IMDb ratings for watchever - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\174u8fal.default\Extensions\jid1-FpyZ8qozEHjs2A@jetpack.xpi [2014-11-11]
FF Extension: Minibar - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\174u8fal.default\Extensions\minibar@go.im.xpi [2015-05-22]
FF Extension: Edu App 1.0.1 - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\174u8fal.default\Extensions\{6dd55e9a-3d06-4d70-b5e7-05fc3e0a3d66}.xpi [2015-05-22]
FF Extension: IMDB Search - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\174u8fal.default\Extensions\{c4080853-c699-4120-b8e0-618bff8a4474}.xpi [2014-11-11]
FF Extension: Web Developer - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\174u8fal.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2015-01-03]
FF Extension: Adblock Plus - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\174u8fal.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-03]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\healthcare@healthcaregovtool.com.xpi [2015-03-31]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\healthcare@healthcaregovtool.com.xpi [2015-03-31]
FF HKLM\...\Firefox\Extensions: [{2395B860-45E4-42fd-96E6-50BA597C1C42}] - C:\Program Files\shopperz\Firefox
FF Extension: shopperz - C:\Program Files\shopperz\Firefox [2015-05-22]
FF HKLM-x32\...\Firefox\Extensions: [{2395B860-45E4-42fd-96E6-50BA597C1C42}] - C:\Program Files\shopperz\Firefox
StartMenuInternet: FIREFOX.EXE - firefox.exe
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\all-iminent.js [2015-05-22]
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 1DEA2C4A-8529-46b5-ACC0-C3873ED068E6; C:\Program Files\shopperz\Anneliese.exe [283496 2015-05-20] ()
S2 Adobe Licensing Console; C:\Windows\SysWOW64\lnsecsl.exe [1202396 2015-04-16] ( ) [] <==== ATTENTION
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)
R2 csrcc; C:\Program Files\shopperz\csrcc.exe [1447272 2015-05-20] ()
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1429504 2015-03-04] (Microsoft Corporation)
R2 shopperz Updater; C:\Program Files\shopperz\Grubb.exe [172392 2015-05-20] ()
R2 Update Edu App; C:\Program Files (x86)\Edu App\updateEduApp.exe [651496 2015-05-25] ()
R2 Util Edu App; C:\Program Files (x86)\Edu App\bin\utilEduApp.exe [651496 2015-05-25] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
S2 GlobalUpdater; C:\Program Files (x86)\Common Files\IMGUpdater\IMGUpdater.exe [X]
S2 lipypiwe; C:\Users\Max\AppData\Roaming\00000000-1431792690-0000-0000-6C626DB6DAC3\nss4EDB.tmp [X]
S2 SProtection; C:\Program Files (x86)\Common Files\Umbrella\Umbrella221.exe [X]
S2 xixynyko; C:\Users\Max\AppData\Roaming\00000000-1431792690-0000-0000-6C626DB6DAC3\jnse7CDF.tmp [X]
S2 xygefuzu; C:\Users\Max\AppData\Roaming\00000000-1431792690-0000-0000-6C626DB6DAC3\hnse94BF.tmp [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-22] (Advanced Micro Devices, Inc.)
R3 athr; C:\Windows\system32\DRIVERS\athwnx.sys [3680256 2013-06-18] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [223232 2014-06-21] (Advanced Micro Devices)
R1 cherimoya; C:\Windows\System32\drivers\cherimoya.sys [61336 2015-05-20] (Cherimoya Ltd)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
S0 xymc; C:\Windows\SysWOW64\drivers\gprmjo.sys [61440 2015-05-21] () []
R1 {3f1219df-4a4d-40a3-9537-f2a95f4016b3}Gw64; C:\Windows\System32\drivers\{3f1219df-4a4d-40a3-9537-f2a95f4016b3}Gw64.sys [48776 2015-05-22] (StdLib)
R1 {6dd55e9a-3d06-4d70-b5e7-05fc3e0a3d66}Gw64; C:\Windows\System32\drivers\{6dd55e9a-3d06-4d70-b5e7-05fc3e0a3d66}Gw64.sys [48776 2015-05-25] (StdLib)
R1 {6dd55e9a-3d06-4d70-b5e7-05fc3e0a3d66}w64; C:\Windows\System32\drivers\{6dd55e9a-3d06-4d70-b5e7-05fc3e0a3d66}w64.sys [48776 2015-05-25] (StdLib)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-05-25 12:00 - 2015-05-25 04:50 - 00048776 _____ (StdLib) C:\WINDOWS\system32\Drivers\{6dd55e9a-3d06-4d70-b5e7-05fc3e0a3d66}w64.sys
2015-05-25 11:59 - 2015-05-25 04:50 - 00048776 _____ (StdLib) C:\WINDOWS\system32\Drivers\{6dd55e9a-3d06-4d70-b5e7-05fc3e0a3d66}Gw64.sys
2015-05-22 19:27 - 2015-05-22 11:52 - 00048776 _____ (StdLib) C:\WINDOWS\system32\Drivers\{3f1219df-4a4d-40a3-9537-f2a95f4016b3}Gw64.sys
2015-05-22 19:25 - 2015-05-25 12:07 - 00000000 ____D () C:\Program Files (x86)\Edu App
2015-05-22 19:25 - 2015-05-22 19:25 - 00001132 _____ () C:\Users\Max\Desktop\Continue Live Installation.lnk
2015-05-22 19:24 - 2015-05-22 19:24 - 00003614 _____ () C:\WINDOWS\System32\Tasks\Norwood
2015-05-22 19:24 - 2015-05-20 10:42 - 00061336 _____ (Cherimoya Ltd) C:\WINDOWS\system32\Drivers\cherimoya.sys
2015-05-22 19:23 - 2015-05-22 19:24 - 00000000 ____D () C:\Program Files\shopperz
2015-05-22 19:23 - 2015-05-22 19:23 - 00004028 _____ () C:\WINDOWS\System32\Tasks\SmartWeb Upgrade Trigger Task
2015-05-22 19:05 - 2015-05-25 12:12 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3369700690-3850376273-3648611264-1001
2015-05-22 19:00 - 2015-05-22 19:00 - 00003896 _____ () C:\Users\Max\Desktop\JRT.txt
2015-05-22 18:47 - 2015-05-22 18:47 - 02223104 _____ () C:\Users\Max\Downloads\adwcleaner_4.205.exe
2015-05-21 21:50 - 2015-05-21 21:50 - 00061440 _____ () C:\WINDOWS\SysWOW64\Drivers\gprmjo.sys
2015-05-21 21:50 - 2015-05-21 21:50 - 00000116 _____ () C:\WINDOWS\SysWOW64\apeg.txt
2015-05-21 21:49 - 2015-05-21 21:49 - 00003114 _____ () C:\WINDOWS\System32\Tasks\{F95CB74F-A6A7-4FD5-96ED-5C70683B1B2F}
2015-05-21 21:41 - 2015-05-21 21:41 - 00003454 _____ () C:\WINDOWS\System32\Tasks\avabvbxvh
2015-05-16 10:17 - 2015-05-19 19:33 - 00000112 _____ () C:\ProgramData\A8OL14R.dat
2015-05-16 09:37 - 2015-05-16 09:37 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-05-16 09:35 - 2015-05-16 09:37 - 02347384 _____ (ESET) C:\Users\Max\Downloads\esetsmartinstaller_enu.exe
2015-05-16 09:28 - 2015-05-16 09:28 - 00000000 ____D () C:\Users\Public\Documents\ShopperPro
2015-05-16 09:12 - 2015-05-17 11:38 - 00000000 ____D () C:\Users\Max\AppData\Local\RapidMediaConverter
2015-05-16 09:12 - 2015-05-16 09:12 - 00000000 ____D () C:\Users\Max\AppData\Roaming\RapidMediaConverter
2015-05-16 09:12 - 2015-05-16 09:12 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rapid Media Converter
2015-05-16 09:12 - 2015-05-16 09:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rapid Media Converter
2015-05-16 09:12 - 2013-08-22 06:25 - 00000824 _____ () C:\WINDOWS\system32\Drivers\etc\hp.bak
2015-05-16 09:11 - 2015-05-25 12:07 - 00000346 _____ () C:\WINDOWS\Tasks\EMAUAH1.job
2015-05-16 09:11 - 2015-05-25 12:03 - 00000000 ____D () C:\Users\Max\AppData\Roaming\00000000-1431792690-0000-0000-6C626DB6DAC3
2015-05-16 09:11 - 2015-05-16 09:11 - 00003552 _____ () C:\WINDOWS\System32\Tasks\HJPQXRTER
2015-05-16 09:11 - 2015-05-16 09:11 - 00002860 _____ () C:\WINDOWS\System32\Tasks\EMAUAH1
2015-05-16 09:11 - 2015-05-16 09:11 - 00000000 ____D () C:\ProgramData\7c0535b143fc4671b6ebd202fbffe066
2015-05-14 20:03 - 2015-05-14 20:03 - 00034660 _____ () C:\Users\Max\Desktop\AdwCleaner[S1].txt
2015-05-14 20:02 - 2015-05-14 20:02 - 00015878 _____ () C:\Users\Max\Desktop\Search.txt
2015-05-14 19:43 - 2015-05-16 09:13 - 00000000 ____D () C:\WINDOWS\system32\MpEngineStore
2015-05-14 19:39 - 2015-04-30 13:35 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 19:39 - 2015-04-30 13:35 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 19:19 - 2015-04-24 14:32 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-05-14 19:19 - 2015-04-09 17:34 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-05-14 19:19 - 2015-04-09 17:11 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-05-14 19:19 - 2015-04-08 15:55 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-05-14 19:19 - 2015-04-01 15:22 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2015-05-14 19:19 - 2015-04-01 15:20 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-05-14 19:19 - 2015-03-31 20:45 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2015-05-14 19:19 - 2015-03-31 19:31 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2015-05-14 19:19 - 2015-03-29 22:47 - 00561928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-05-14 19:19 - 2015-03-26 20:27 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-05-14 19:19 - 2015-03-26 19:50 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-05-14 19:19 - 2015-03-26 19:48 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-05-14 19:19 - 2015-03-19 18:56 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-05-14 19:19 - 2015-03-17 10:26 - 00467776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-05-14 19:19 - 2015-03-12 21:03 - 00239424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-05-14 19:19 - 2015-03-12 21:03 - 00154432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-05-14 19:19 - 2015-03-12 18:11 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-05-14 19:19 - 2015-03-12 17:39 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-05-14 19:19 - 2015-03-12 17:29 - 00410017 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-05-14 19:19 - 2015-03-10 18:49 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-05-14 19:19 - 2015-03-10 18:09 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2015-05-14 19:19 - 2015-03-08 19:02 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-05-14 19:19 - 2015-03-05 20:08 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2015-05-14 19:19 - 2015-03-05 19:47 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2015-05-14 19:19 - 2015-03-05 19:43 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2015-05-14 19:19 - 2015-03-04 16:09 - 01429504 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-05-14 19:19 - 2015-03-03 18:32 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-05-14 19:19 - 2015-03-03 18:12 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-14 19:19 - 2015-02-17 16:19 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-05-14 19:19 - 2015-01-29 17:53 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-05-14 19:19 - 2014-11-13 23:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-05-14 19:18 - 2015-04-30 16:05 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-05-14 19:18 - 2015-04-30 15:48 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-05-14 19:18 - 2015-04-21 10:14 - 24971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-05-14 19:18 - 2015-04-21 09:50 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-05-14 19:18 - 2015-04-21 09:50 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-05-14 19:18 - 2015-04-21 09:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-05-14 19:18 - 2015-04-21 09:37 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-05-14 19:18 - 2015-04-21 09:35 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-05-14 19:18 - 2015-04-21 09:31 - 06025728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-05-14 19:18 - 2015-04-21 09:24 - 19691008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-05-14 19:18 - 2015-04-21 09:13 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2015-05-14 19:18 - 2015-04-21 09:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-05-14 19:18 - 2015-04-21 09:09 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-05-14 19:18 - 2015-04-21 09:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-05-14 19:18 - 2015-04-21 09:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-05-14 19:18 - 2015-04-21 09:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-05-14 19:18 - 2015-04-21 09:04 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-05-14 19:18 - 2015-04-21 08:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-05-14 19:18 - 2015-04-21 08:58 - 00664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-05-14 19:18 - 2015-04-21 08:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-05-14 19:18 - 2015-04-21 08:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-05-14 19:18 - 2015-04-21 08:49 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-05-14 19:18 - 2015-04-21 08:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-05-14 19:18 - 2015-04-21 08:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-05-14 19:18 - 2015-04-21 08:40 - 14401536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-05-14 19:18 - 2015-04-21 08:38 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-05-14 19:18 - 2015-04-21 08:37 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-05-14 19:18 - 2015-04-21 08:36 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-05-14 19:18 - 2015-04-21 08:32 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-05-14 19:18 - 2015-04-21 08:31 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-05-14 19:18 - 2015-04-21 08:28 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-05-14 19:18 - 2015-04-21 08:27 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-05-14 19:18 - 2015-04-21 08:26 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-05-14 19:18 - 2015-04-21 08:26 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-05-14 19:18 - 2015-04-21 08:25 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-05-14 19:18 - 2015-04-21 08:17 - 12828672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-05-14 19:18 - 2015-04-21 08:15 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-05-14 19:18 - 2015-04-21 08:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-05-14 19:18 - 2015-04-21 08:02 - 01882112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-05-14 19:18 - 2015-04-21 07:58 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-05-14 19:18 - 2015-04-21 07:56 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-05-14 19:18 - 2015-04-13 15:48 - 04180480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-05-14 19:18 - 2015-04-09 18:00 - 01996800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-05-14 19:18 - 2015-04-09 17:50 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-05-14 19:18 - 2015-04-09 17:26 - 01560576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-05-14 19:18 - 2015-04-02 17:35 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-05-14 19:18 - 2015-04-02 17:14 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2015-05-14 19:18 - 2015-03-12 19:02 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2015-05-08 18:42 - 2015-05-14 20:05 - 00031709 _____ () C:\Users\Max\Desktop\Addition.txt
2015-05-08 18:41 - 2015-05-25 12:13 - 00015573 _____ () C:\Users\Max\Desktop\FRST.txt
2015-05-08 18:41 - 2015-05-16 09:11 - 00000000 ____D () C:\ProgramData\11277746069964851351
2015-05-08 18:35 - 2015-05-08 18:35 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_webTinstMKTN84_01009.Wdf
2015-04-27 21:03 - 2015-04-27 21:03 - 00000000 _____ () C:\WINDOWS\SysWOW64\Number of results
2015-04-27 20:52 - 2015-04-27 20:52 - 00000000 ____D () C:\Users\Max\Documents\FRST
2015-04-27 20:32 - 2015-04-27 20:32 - 00688992 _____ (Swearware) C:\Users\Max\Downloads\dds(1).scr
2015-04-27 20:29 - 2015-05-25 11:56 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Skype
2015-04-27 20:29 - 2015-05-22 19:24 - 00002731 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-04-27 20:29 - 2015-04-27 20:29 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-27 20:29 - 2015-04-27 20:29 - 00000000 ____D () C:\Users\Max\AppData\Local\Skype
2015-04-27 20:29 - 2015-04-27 20:29 - 00000000 ____D () C:\ProgramData\Skype
2015-04-27 20:29 - 2015-04-27 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-04-27 20:28 - 2015-05-22 19:24 - 00002211 _____ () C:\Users\Max\Desktop\Continue GamesDesktop Uninstaller.lnk
2015-04-27 20:28 - 2015-05-22 19:24 - 00001041 _____ () C:\Users\Max\Desktop\GUPlayer.lnk
2015-04-27 20:24 - 2015-05-25 12:06 - 00000784 _____ () C:\WINDOWS\Tasks\Taplika mite.job
2015-04-27 20:24 - 2015-04-27 20:24 - 00000000 ____D () C:\ProgramData\{3807D0C4-6885-0142-D903-71C00981A24E}
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-05-25 12:14 - 2015-02-10 19:53 - 00000000 ____D () C:\FRST
2015-05-25 12:09 - 2014-11-07 22:01 - 01927688 _____ () C:\WINDOWS\WindowsUpdate.log
2015-05-25 12:08 - 2015-04-16 21:17 - 00000105 _____ () C:\WINDOWS\SysWOW64\get.dat
2015-05-25 12:07 - 2014-11-07 22:19 - 00000000 ___RD () C:\Users\Max\OneDrive
2015-05-25 12:07 - 2013-08-22 06:25 - 00000194 _____ () C:\WINDOWS\win.ini
2015-05-25 12:06 - 2014-12-19 08:28 - 00000464 __RSH () C:\ProgramData\ntuser.pol
2015-05-25 12:06 - 2014-09-24 00:03 - 00036426 _____ () C:\WINDOWS\PFRO.log
2015-05-25 12:06 - 2013-08-22 07:46 - 00310150 _____ () C:\WINDOWS\setupact.log
2015-05-25 12:06 - 2013-08-22 07:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-05-25 12:05 - 2013-08-22 06:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-05-25 12:03 - 2015-02-12 19:44 - 00000000 ____D () C:\Users\Max\Desktop\FRST-OlderVersion
2015-05-25 12:03 - 2015-02-12 19:39 - 02108928 _____ (Farbar) C:\Users\Max\Desktop\FRST64.exe
2015-05-25 12:02 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-05-25 11:44 - 2013-11-22 17:58 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-05-22 19:24 - 2015-04-16 20:40 - 00001405 _____ () C:\Users\Max\Desktop\Continue installation .lnk
2015-05-22 19:24 - 2015-04-15 21:25 - 00001795 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-05-22 19:24 - 2015-02-12 19:24 - 00002273 _____ () C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2015-05-22 19:24 - 2015-02-10 19:40 - 00002077 _____ () C:\Users\Public\Desktop\Komodo Edit 8.lnk
2015-05-22 19:24 - 2014-12-14 19:54 - 00000866 _____ () C:\Users\Max\Desktop\CDisplayEx.lnk
2015-05-22 19:24 - 2014-11-07 22:18 - 00001317 _____ () C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-05-22 19:24 - 2014-11-07 22:07 - 00000551 _____ () C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-05-22 19:24 - 2014-11-07 22:07 - 00000549 _____ () C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-05-22 19:24 - 2014-11-06 00:02 - 00001863 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2015-05-22 19:24 - 2014-11-05 20:28 - 00001029 _____ () C:\Users\Public\Desktop\Audacity.lnk
2015-05-22 19:24 - 2014-09-24 00:25 - 00000551 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-05-22 19:24 - 2014-09-24 00:25 - 00000551 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-05-22 19:24 - 2014-09-24 00:25 - 00000549 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-05-22 19:24 - 2014-09-24 00:25 - 00000549 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-05-22 19:24 - 2014-01-15 16:39 - 00002037 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2015-05-22 19:24 - 2014-01-15 16:36 - 00001104 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2015-05-22 18:51 - 2015-02-12 19:51 - 00000000 ____D () C:\AdwCleaner
2015-05-22 18:43 - 2015-01-18 18:25 - 00003922 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{CE950254-3CFE-4BFD-968B-A2856722D332}
2015-05-22 18:42 - 2012-07-26 00:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-05-22 18:41 - 2015-04-03 20:21 - 00000000 ___SD () C:\WINDOWS\SysWOW64\GWX
2015-05-22 18:41 - 2015-04-03 20:21 - 00000000 ___SD () C:\WINDOWS\system32\GWX
2015-05-22 18:39 - 2015-04-16 21:54 - 00000004 _____ () C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-05-19 19:39 - 2015-04-16 20:41 - 00000000 ____D () C:\WINDOWS\SysHealthController
2015-05-19 19:39 - 2015-04-16 20:41 - 00000000 ____D () C:\WINDOWS\SysFilesController
2015-05-19 19:38 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files\Common Files\System
2015-05-17 01:57 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-05-16 21:29 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-05-16 10:16 - 2014-11-07 22:01 - 00000000 ____D () C:\ProgramData\Package Cache
2015-05-16 09:22 - 2014-09-24 00:17 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-05-14 19:46 - 2014-11-14 22:41 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-14 19:46 - 2014-11-14 22:41 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-05-14 19:46 - 2013-08-22 07:44 - 00337840 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-05-14 19:44 - 2013-08-22 08:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-05-14 19:44 - 2013-08-22 06:36 - 00000000 ____D () C:\WINDOWS\system32\AdvancedInstallers
2015-05-14 19:37 - 2014-01-15 16:53 - 140425016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-05-14 19:37 - 2014-01-15 16:53 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-05-14 19:33 - 2014-01-15 16:39 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-14 19:32 - 2014-11-14 22:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-14 19:26 - 2014-09-23 23:53 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-08 18:49 - 2014-11-07 22:07 - 00000000 ____D () C:\Users\Max
2015-05-08 18:39 - 2015-02-25 19:29 - 00000000 ____D () C:\Users\Max\AppData\Roaming\uTorrent
2015-05-05 10:59 - 2014-09-24 03:03 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-05-05 10:59 - 2014-09-24 03:03 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
==================== Files in the root of some directories =======
2015-05-16 10:17 - 2015-05-19 19:33 - 0000112 _____ () C:\ProgramData\A8OL14R.dat
Files to move or delete:
====================
C:\ProgramData\A8OL14R.dat
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-22 19:12
==================== End of log ============================