Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013 Ran by milenka21 (administrator) on MILENKA21-TOSH on 14-10-2013 20:50:25 Running from C:\Users\milenka21\Downloads Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\system32\atiesrxx.exe (AMD) C:\Windows\system32\atieclxx.exe (TOSHIBA Corporation) C:\Windows\system32\TODDSrv.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated) HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10134560 2010-03-22] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [896032 2010-03-22] (Realtek Semiconductor) HKLM\...\Run: [HSON] - C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation) HKLM\...\Run: [TosWaitSrv] - C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [705368 2010-02-23] (TOSHIBA Corporation) HKLM\...\Run: [TosReelTimeMonitor] - C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [35672 2010-03-03] (TOSHIBA Corporation) HKLM\...\Run: [TosVolRegulator] - C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation) Winlogon\Notify\klogon: %SystemRoot%\System32\klogon.dll [X] HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20684656 2013-07-25] (Skype Technologies S.A.) HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-03-15] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [HWSetup] - C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [423936 2010-03-04] (TOSHIBA Electronics, Inc.) HKLM-x32\...\Run: [KeNotify] - C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2009-12-25] (TOSHIBA CORPORATION) HKLM-x32\...\Run: [SVPWUTIL] - C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [352256 2010-02-22] (TOSHIBA CORPORATION) HKLM-x32\...\Run: [TWebCamera] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2010-02-24] (TOSHIBA CORPORATION.) HKLM-x32\...\Run: [ToshibaServiceStation] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1295736 2011-02-11] (TOSHIBA Corporation) HKU\bioly1234\...\Run: [TOSHIBA Online Product Information] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [4581280 2010-03-03] (TOSHIBA) HKU\Default\...\Run: [TOSHIBA Online Product Information] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [4581280 2010-03-03] (TOSHIBA) HKU\Default User\...\Run: [TOSHIBA Online Product Information] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [4581280 2010-03-03] (TOSHIBA) Startup: C:\Users\bioly1234\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba.msn.com HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {1C5A6E89-53FD-4D25-9751-EB424C9F872D} URL = http://rover.ebay.com/rover/1/710-44557-9400-9/4?satitle={searchTerms} SearchScopes: HKCU - {218D75C0-708E-4089-A9F4-094B1CC35F88} URL = http://www.amazon.co.uk/gp/search?ie=UTF8&keywords={searchTerms}&tag=tochibauk-win7-ie-search-21&index=blended&linkCode=ur2 BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll () DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Chrome: ======= CHR RestoreOnStartup: "hxxp://www.google.com/" CHR Plugin: (Shockwave Flash) - C:\Users\milenka21\AppData\Local\Google\Chrome\User Data\PepperFlash\11.9.900.117\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.69\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.69\pdf.dll () CHR Plugin: (Skype Click to Call) - C:\Users\milenka21\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.9.0.12585_0\npSkypeChromePlugin.dll (Skype Technologies S.A.) CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Extension: (RealDownloader) - C:\Users\MILENK~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.0_0 CHR Extension: (Skype Click to Call) - C:\Users\MILENK~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.9.0.12585_0 CHR Extension: (Chrome In-App Payments service) - C:\Users\MILENK~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0 CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx ==================== Services (Whitelisted) ================= S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [240736 2013-10-07] (WildTangent) S4 PuranDefrag; C:\Windows\system32\PuranDefragS.exe [292736 2013-08-15] (Puran Software) S2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] () ==================== Drivers (Whitelisted) ==================== ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-10-14 20:48 - 2013-10-14 20:49 - 00000059 _____ C:\Users\milenka21\Desktop\tmp.txt 2013-10-14 20:45 - 2013-10-14 20:45 - 00000000 ____D C:\Users\milenka21\Downloads\spacesniffer_1_1_4_0 2013-10-14 20:44 - 2013-10-14 20:44 - 01536858 _____ C:\Users\milenka21\Downloads\spacesniffer_1_1_4_0.zip 2013-10-14 20:41 - 2013-10-14 20:41 - 00448512 _____ (OldTimer Tools) C:\Users\milenka21\Downloads\TFC.exe 2013-10-14 20:37 - 2013-10-14 20:39 - 00000000 ____D C:\AdwCleaner 2013-10-14 20:36 - 2013-10-14 20:36 - 01048960 _____ C:\Users\milenka21\Downloads\adwcleaner.exe 2013-10-14 20:18 - 2013-10-14 20:19 - 01425019 _____ C:\Users\milenka21\Downloads\kavremvr 2013-10-14 20-18-00 (pid 1404).log 2013-10-14 19:57 - 2013-10-14 19:57 - 04870584 _____ (Kaspersky Lab ZAO) C:\Users\milenka21\Downloads\kavremover.exe 2013-10-14 19:41 - 2013-10-14 19:41 - 00025098 _____ C:\Users\milenka21\Desktop\Minidump.zip 2013-10-14 19:41 - 2013-10-14 19:41 - 00000000 ____D C:\Users\milenka21\AppData\Roaming\WinRAR 2013-10-14 19:41 - 2013-10-14 19:41 - 00000000 ____D C:\Users\milenka21\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2013-10-14 19:41 - 2013-10-14 19:41 - 00000000 ____D C:\Program Files (x86)\WinRAR 2013-10-14 19:40 - 2013-10-14 19:40 - 01761296 _____ C:\Users\milenka21\Downloads\wrar500.exe 2013-10-14 19:39 - 2013-10-14 19:39 - 00000000 ____D C:\Users\milenka21\Desktop\Minidump 2013-10-10 21:11 - 2013-10-10 21:13 - 00000000 ____D C:\Program Files\Puran Defrag 2013-10-10 21:11 - 2013-08-15 16:39 - 01367424 _____ (Puran Software) C:\Windows\system32\PuranFD.exe 2013-10-10 21:11 - 2013-08-15 16:39 - 00292736 _____ (Puran Software) C:\Windows\system32\PuranDefragS.exe 2013-10-10 21:11 - 2013-08-15 16:39 - 00287616 _____ (Puran Software) C:\Windows\system32\PuranDC.exe 2013-10-10 21:11 - 2013-08-15 16:39 - 00256896 _____ (Puran Software) C:\Windows\system32\PuranDefrag.dll 2013-10-10 21:11 - 2013-08-15 16:39 - 00132480 _____ (Puran Software) C:\Windows\system32\PuranDefragBT.exe 2013-10-10 21:08 - 2013-10-10 21:08 - 03496064 _____ (Puran Software ) C:\Users\milenka21\Downloads\PuranDefragSetup.exe 2013-10-06 17:03 - 2013-10-06 17:03 - 00377856 _____ C:\Users\milenka21\Downloads\ui0okhez.exe 2013-10-06 16:59 - 2013-10-06 16:59 - 00077360 _____ C:\Users\milenka21\Downloads\Extras.Txt 2013-10-06 16:52 - 2013-10-06 16:52 - 00147402 _____ C:\Users\milenka21\Downloads\OTL.Txt 2013-10-06 16:34 - 2013-10-06 16:35 - 00000728 _____ C:\Users\milenka21\Desktop\blue-screen-info.txt 2013-10-06 16:30 - 2013-10-14 20:39 - 00002872 _____ C:\Windows\PFRO.log 2013-10-06 16:30 - 2013-10-06 16:31 - 00283024 _____ C:\Windows\Minidump\100613-20732-01.dmp 2013-10-06 16:30 - 2013-10-06 16:30 - 408551953 _____ C:\Windows\MEMORY.DMP 2013-10-06 16:28 - 2013-10-06 16:29 - 00025943 _____ C:\Users\milenka21\Downloads\Addition.txt 2013-10-06 16:25 - 2013-10-14 20:25 - 00000000 ____D C:\FRST 2013-10-06 16:23 - 2013-10-06 16:23 - 00377856 _____ C:\Users\milenka21\Downloads\sfwdm4vy.exe 2013-10-06 16:22 - 2013-10-06 16:23 - 00602112 _____ (OldTimer Tools) C:\Users\milenka21\Downloads\OTL.exe 2013-10-06 16:22 - 2013-10-06 16:22 - 01954124 _____ (Farbar) C:\Users\milenka21\Downloads\FRST64.exe 2013-10-05 05:59 - 2013-10-05 05:59 - 00000000 ____D C:\Windows\system32\ljkb_old 2013-09-29 17:35 - 2013-10-14 20:40 - 00000728 _____ C:\Windows\setupact.log 2013-09-29 17:35 - 2013-09-29 17:35 - 00000000 _____ C:\Windows\setuperr.log 2013-09-29 16:59 - 2013-09-29 16:59 - 00000000 ____D C:\Users\milenka21\AppData\Local\Apps\2.0 2013-09-29 13:14 - 2013-09-29 13:14 - 00000000 ____D C:\Windows\pss 2013-09-21 22:49 - 2012-06-04 13:11 - 2771691520 _____ C:\Users\milenka21\Desktop\Act.of.Valor.2012.AC3.BRRip.720p.XViD.PL.Subbed - TaCa.avi 2013-09-17 20:53 - 2013-09-17 20:53 - 00617444 _____ C:\Users\milenka21\Downloads\zip ==================== One Month Modified Files and Folders ======= 2013-10-14 20:49 - 2013-10-14 20:48 - 00000059 _____ C:\Users\milenka21\Desktop\tmp.txt 2013-10-14 20:47 - 2009-07-14 06:45 - 00016304 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-10-14 20:47 - 2009-07-14 06:45 - 00016304 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-10-14 20:45 - 2013-10-14 20:45 - 00000000 ____D C:\Users\milenka21\Downloads\spacesniffer_1_1_4_0 2013-10-14 20:44 - 2013-10-14 20:44 - 01536858 _____ C:\Users\milenka21\Downloads\spacesniffer_1_1_4_0.zip 2013-10-14 20:41 - 2013-10-14 20:41 - 00448512 _____ (OldTimer Tools) C:\Users\milenka21\Downloads\TFC.exe 2013-10-14 20:40 - 2013-09-29 17:35 - 00000728 _____ C:\Windows\setupact.log 2013-10-14 20:40 - 2013-09-13 23:16 - 00003360 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-563923690-1430289891-1657166694-1000 2013-10-14 20:40 - 2013-04-06 15:06 - 00003234 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-563923690-1430289891-1657166694-1000 2013-10-14 20:40 - 2010-09-06 17:27 - 00000000 ___HD C:\Users\milenka21\AppData\Roaming\Skype 2013-10-14 20:40 - 2010-08-18 18:46 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-10-14 20:40 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-10-14 20:39 - 2013-10-14 20:37 - 00000000 ____D C:\AdwCleaner 2013-10-14 20:39 - 2013-10-06 16:30 - 00002872 _____ C:\Windows\PFRO.log 2013-10-14 20:36 - 2013-10-14 20:36 - 01048960 _____ C:\Users\milenka21\Downloads\adwcleaner.exe 2013-10-14 20:25 - 2013-10-06 16:25 - 00000000 ____D C:\FRST 2013-10-14 20:25 - 2012-08-21 19:45 - 00000000 ____D C:\Users\milenka21\AppData\Local\CRE 2013-10-14 20:19 - 2013-10-14 20:18 - 01425019 _____ C:\Users\milenka21\Downloads\kavremvr 2013-10-14 20-18-00 (pid 1404).log 2013-10-14 19:57 - 2013-10-14 19:57 - 04870584 _____ (Kaspersky Lab ZAO) C:\Users\milenka21\Downloads\kavremover.exe 2013-10-14 19:55 - 2012-06-18 23:40 - 00000000 _____ C:\Windows\SysWOW64\config.nt 2013-10-14 19:48 - 2012-06-18 23:39 - 00000000 ____D C:\ProgramData\AVAST Software 2013-10-14 19:41 - 2013-10-14 19:41 - 00025098 _____ C:\Users\milenka21\Desktop\Minidump.zip 2013-10-14 19:41 - 2013-10-14 19:41 - 00000000 ____D C:\Users\milenka21\AppData\Roaming\WinRAR 2013-10-14 19:41 - 2013-10-14 19:41 - 00000000 ____D C:\Users\milenka21\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2013-10-14 19:41 - 2013-10-14 19:41 - 00000000 ____D C:\Program Files (x86)\WinRAR 2013-10-14 19:40 - 2013-10-14 19:40 - 01761296 _____ C:\Users\milenka21\Downloads\wrar500.exe 2013-10-14 19:39 - 2013-10-14 19:39 - 00000000 ____D C:\Users\milenka21\Desktop\Minidump 2013-10-14 19:35 - 2010-08-18 18:46 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-10-14 01:54 - 2010-08-18 18:04 - 00003966 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{E94306F1-C200-41E3-A7CD-364518272BDF} 2013-10-13 23:46 - 2011-04-18 20:52 - 00000000 ____D C:\Program Files (x86)\WildTangent Games 2013-10-13 13:02 - 2010-08-18 18:46 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2013-10-13 13:02 - 2010-08-18 18:46 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2013-10-10 21:13 - 2013-10-10 21:11 - 00000000 ____D C:\Program Files\Puran Defrag 2013-10-10 21:08 - 2013-10-10 21:08 - 03496064 _____ (Puran Software ) C:\Users\milenka21\Downloads\PuranDefragSetup.exe 2013-10-06 21:20 - 2011-06-30 20:43 - 00002150 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2013-10-06 19:40 - 2010-08-18 20:16 - 00000000 ____D C:\Windows\System32\Tasks\Games 2013-10-06 17:03 - 2013-10-06 17:03 - 00377856 _____ C:\Users\milenka21\Downloads\ui0okhez.exe 2013-10-06 16:59 - 2013-10-06 16:59 - 00077360 _____ C:\Users\milenka21\Downloads\Extras.Txt 2013-10-06 16:52 - 2013-10-06 16:52 - 00147402 _____ C:\Users\milenka21\Downloads\OTL.Txt 2013-10-06 16:35 - 2013-10-06 16:34 - 00000728 _____ C:\Users\milenka21\Desktop\blue-screen-info.txt 2013-10-06 16:31 - 2013-10-06 16:30 - 00283024 _____ C:\Windows\Minidump\100613-20732-01.dmp 2013-10-06 16:30 - 2013-10-06 16:30 - 408551953 _____ C:\Windows\MEMORY.DMP 2013-10-06 16:30 - 2010-08-28 19:20 - 00000000 ____D C:\Windows\Minidump 2013-10-06 16:29 - 2013-10-06 16:28 - 00025943 _____ C:\Users\milenka21\Downloads\Addition.txt 2013-10-06 16:23 - 2013-10-06 16:23 - 00377856 _____ C:\Users\milenka21\Downloads\sfwdm4vy.exe 2013-10-06 16:23 - 2013-10-06 16:22 - 00602112 _____ (OldTimer Tools) C:\Users\milenka21\Downloads\OTL.exe 2013-10-06 16:22 - 2013-10-06 16:22 - 01954124 _____ (Farbar) C:\Users\milenka21\Downloads\FRST64.exe 2013-10-05 05:59 - 2013-10-05 05:59 - 00000000 ____D C:\Windows\system32\ljkb_old 2013-09-29 17:35 - 2013-09-29 17:35 - 00000000 _____ C:\Windows\setuperr.log 2013-09-29 16:59 - 2013-09-29 16:59 - 00000000 ____D C:\Users\milenka21\AppData\Local\Apps\2.0 2013-09-29 16:47 - 2010-04-14 09:12 - 00000000 ____D C:\Program Files (x86)\Toshiba TEMPRO 2013-09-29 16:46 - 2010-04-14 09:05 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-09-29 16:41 - 2012-08-29 22:02 - 00079608 _____ C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT 2013-09-29 13:14 - 2013-09-29 13:14 - 00000000 ____D C:\Windows\pss 2013-09-29 13:14 - 2010-08-18 17:52 - 00000000 ___RD C:\Users\milenka21\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-09-29 12:56 - 2011-03-07 23:33 - 00196608 _____ C:\Windows\system32\Ikeext.etl 2013-09-29 12:54 - 2009-07-14 05:20 - 00000000 ___HD C:\Windows\tracing 2013-09-27 22:31 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache 2013-09-26 03:42 - 2009-07-14 07:13 - 00735524 _____ C:\Windows\system32\PerfStringBackup.INI 2013-09-21 00:20 - 2011-08-29 17:17 - 00000000 ____D C:\New folder 2013-09-21 00:15 - 2012-06-11 19:40 - 00000000 ____D C:\Users\milenka21\AppData\Local\CrashDumps 2013-09-17 20:53 - 2013-09-17 20:53 - 00617444 _____ C:\Users\milenka21\Downloads\zip 2013-09-17 15:39 - 2010-04-14 09:12 - 00000000 ___RD C:\Program Files (x86)\Skype 2013-09-17 15:39 - 2010-04-14 09:12 - 00000000 ___HD C:\ProgramData\Skype ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-10-11 04:08 ==================== End Of Log ============================