1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

scan result

Discussion in 'Windows - Virus and spyware problems' started by joannmac, Sep 10, 2014.

  1. joannmac

    joannmac Member

    Joined:
    Dec 7, 2007
    Messages:
    11
    Likes Received:
    0
    Trophy Points:
    11
    ==================== One Month Created Files and Folders ========
    (If an entry is included in the fixlist, the file\folder will be moved.)
    2014-09-10 23:26 - 2014-09-10 23:26 - 00015105 _____ () C:\Users\sharon's\Downloads\FRST.txt
    2014-09-10 23:25 - 2014-09-10 23:25 - 02105856 _____ (Farbar) C:\Users\sharon's\Downloads\FRST64.exe
    2014-09-10 23:20 - 2014-09-10 23:20 - 00022039 _____ () C:\Users\sharon's\Documents\Addition.txt
    2014-09-10 23:17 - 2014-09-10 23:26 - 00000000 ____D () C:\FRST
    2014-09-10 20:37 - 2014-09-10 20:41 - 00000000 ____D () C:\Program Files (x86)\DriverUpdate
    2014-09-10 20:37 - 2014-09-10 20:37 - 00016152 _____ () C:\Windows\system32\Drivers\SWDUMon.sys
    2014-09-10 20:37 - 2014-09-10 20:37 - 00000000 ____D () C:\Users\sharon's\AppData\Local\SlimWare Utilities Inc
    2014-09-10 20:37 - 2014-09-10 20:37 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
    2014-09-10 16:43 - 2014-09-10 19:45 - 00000280 _____ () C:\Windows\setupact.log
    2014-09-10 16:43 - 2014-09-10 16:43 - 00000000 _____ () C:\Windows\setuperr.log
    2014-09-10 16:42 - 2014-09-10 16:42 - 00000828 _____ () C:\Windows\PFRO.log
    2014-09-10 16:15 - 2014-09-10 16:15 - 00329306 _____ () C:\Users\sharon's\Documents\cc_20140910_161501.reg
    2014-09-10 15:57 - 2014-09-10 15:57 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk
    2014-09-10 15:57 - 2014-09-10 15:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
    2014-09-10 15:57 - 2014-09-10 15:57 - 00000000 ____D () C:\Program Files\CCleaner
    2014-09-10 00:12 - 2014-09-10 00:12 - 00000000 _____ () C:\Windows\SysWOW64\shoB56B.tmp
    2014-09-09 16:59 - 2014-09-09 16:59 - 00000000 _____ () C:\Windows\SysWOW64\sho6D25.tmp
    2014-09-09 16:54 - 2014-09-09 16:54 - 00000000 ____D () C:\Users\sharon's\AppData\Roaming\ParetoLogic
    2014-09-09 16:54 - 2014-09-09 16:54 - 00000000 ____D () C:\Users\sharon's\AppData\Roaming\DriverCure
    2014-09-09 16:40 - 2014-09-09 17:07 - 00000000 ____D () C:\ProgramData\ParetoLogic
    2014-09-09 11:41 - 2014-09-09 11:41 - 00000000 ____D () C:\Users\sharon's\AppData\Local\Deployment
    2014-09-09 11:41 - 2014-09-09 11:41 - 00000000 ____D () C:\Users\sharon's\AppData\Local\Apps\2.0
    2014-09-07 20:10 - 2014-09-07 20:10 - 04874632 _____ (LionSea Software co., ltd ) C:\Users\sharon's\Downloads\setup.exe
    2014-09-07 18:06 - 2014-09-07 18:06 - 00000000 ____D () C:\Windows\pss
    2014-09-07 17:54 - 2014-09-07 17:54 - 00000000 __SHD () C:\found.016
    2014-09-07 17:10 - 2014-09-10 19:48 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2014-09-07 17:10 - 2014-09-07 17:10 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2014-09-07 17:10 - 2014-09-07 17:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2014-09-07 17:10 - 2014-09-07 17:10 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-09-07 17:10 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
    2014-09-07 17:10 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
    2014-09-07 17:10 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
    2014-09-07 16:53 - 2014-09-10 16:40 - 00002119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
    2014-09-07 16:53 - 2014-09-10 16:40 - 00001945 _____ () C:\Windows\epplauncher.mif
    2014-09-07 16:53 - 2014-09-10 16:40 - 00000000 ____D () C:\Program Files\Microsoft Security Client
    2014-09-07 16:53 - 2014-09-10 16:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
    2014-09-07 15:37 - 2014-07-25 12:49 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
    2014-09-07 15:36 - 2014-09-07 15:36 - 00004489 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
    2014-09-07 15:36 - 2014-07-25 12:55 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
    2014-09-07 15:36 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
    2014-09-07 15:36 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
    2014-09-03 17:14 - 2014-09-03 17:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
    2014-09-01 18:59 - 2014-09-01 18:59 - 00000000 __SHD () C:\found.015
    2014-08-31 20:10 - 2014-08-31 20:10 - 00000000 ____D () C:\Users\sharon's\AppData\Roaming\Macrovision
    ==================== One Month Modified Files and Folders =======
    (If an entry is included in the fixlist, the file\folder will be moved.)
    2014-09-10 23:26 - 2014-09-10 23:26 - 00015105 _____ () C:\Users\sharon's\Downloads\FRST.txt
    2014-09-10 23:26 - 2014-09-10 23:17 - 00000000 ____D () C:\FRST
    2014-09-10 23:25 - 2014-09-10 23:25 - 02105856 _____ (Farbar) C:\Users\sharon's\Downloads\FRST64.exe
    2014-09-10 23:20 - 2014-09-10 23:20 - 00022039 _____ () C:\Users\sharon's\Documents\Addition.txt
    2014-09-10 23:00 - 2010-10-24 02:43 - 01572587 _____ () C:\Windows\WindowsUpdate.log
    2014-09-10 20:41 - 2014-09-10 20:37 - 00000000 ____D () C:\Program Files (x86)\DriverUpdate
    2014-09-10 20:37 - 2014-09-10 20:37 - 00016152 _____ () C:\Windows\system32\Drivers\SWDUMon.sys
    2014-09-10 20:37 - 2014-09-10 20:37 - 00000000 ____D () C:\Users\sharon's\AppData\Local\SlimWare Utilities Inc
    2014-09-10 20:37 - 2014-09-10 20:37 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
    2014-09-10 19:54 - 2009-07-14 01:45 - 00013872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2014-09-10 19:54 - 2009-07-14 01:45 - 00013872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2014-09-10 19:48 - 2014-09-07 17:10 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2014-09-10 19:46 - 2013-06-06 11:13 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
    2014-09-10 19:45 - 2014-09-10 16:43 - 00000280 _____ () C:\Windows\setupact.log
    2014-09-10 19:45 - 2009-07-14 02:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2014-09-10 16:43 - 2014-09-10 16:43 - 00000000 _____ () C:\Windows\setuperr.log
    2014-09-10 16:42 - 2014-09-10 16:42 - 00000828 _____ () C:\Windows\PFRO.log
    2014-09-10 16:40 - 2014-09-07 16:53 - 00002119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
    2014-09-10 16:40 - 2014-09-07 16:53 - 00001945 _____ () C:\Windows\epplauncher.mif
    2014-09-10 16:40 - 2014-09-07 16:53 - 00000000 ____D () C:\Program Files\Microsoft Security Client
    2014-09-10 16:40 - 2014-09-07 16:53 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
    2014-09-10 16:38 - 2010-10-24 03:33 - 00000000 ____D () C:\ProgramData\WildTangent
    2014-09-10 16:38 - 2009-07-14 02:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
    2014-09-10 16:15 - 2014-09-10 16:15 - 00329306 _____ () C:\Users\sharon's\Documents\cc_20140910_161501.reg
    2014-09-10 16:11 - 2012-11-22 13:46 - 00000000 ____D () C:\Windows\Minidump
    2014-09-10 16:11 - 2009-04-28 13:27 - 00000000 ____D () C:\Windows\Panther
    2014-09-10 15:57 - 2014-09-10 15:57 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk
    2014-09-10 15:57 - 2014-09-10 15:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
    2014-09-10 15:57 - 2014-09-10 15:57 - 00000000 ____D () C:\Program Files\CCleaner
    2014-09-10 00:12 - 2014-09-10 00:12 - 00000000 _____ () C:\Windows\SysWOW64\shoB56B.tmp
    2014-09-09 22:08 - 2009-07-14 02:08 - 00032600 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
    2014-09-09 21:26 - 2012-09-14 21:46 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2014-09-09 19:55 - 2013-04-25 21:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
    2014-09-09 19:55 - 2009-07-14 02:13 - 00006450 _____ () C:\Windows\system32\PerfStringBackup.INI
    2014-09-09 17:07 - 2014-09-09 16:40 - 00000000 ____D () C:\ProgramData\ParetoLogic
    2014-09-09 16:59 - 2014-09-09 16:59 - 00000000 _____ () C:\Windows\SysWOW64\sho6D25.tmp
    2014-09-09 16:54 - 2014-09-09 16:54 - 00000000 ____D () C:\Users\sharon's\AppData\Roaming\ParetoLogic
    2014-09-09 16:54 - 2014-09-09 16:54 - 00000000 ____D () C:\Users\sharon's\AppData\Roaming\DriverCure
    2014-09-09 12:57 - 2012-09-14 21:46 - 00000000 ____D () C:\Program Files (x86)\Google
    2014-09-09 12:56 - 2012-09-21 09:09 - 00000000 ____D () C:\Users\sharon's\AppData\Roaming\Skype
    2014-09-09 12:56 - 2010-10-24 03:46 - 00000000 ____D () C:\ProgramData\Skype
    2014-09-09 11:42 - 2012-09-14 21:46 - 00000000 ____D () C:\Users\sharon's\AppData\Local\Google
    2014-09-09 11:41 - 2014-09-09 11:41 - 00000000 ____D () C:\Users\sharon's\AppData\Local\Deployment
    2014-09-09 11:41 - 2014-09-09 11:41 - 00000000 ____D () C:\Users\sharon's\AppData\Local\Apps\2.0
    2014-09-09 11:37 - 2010-10-24 03:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
    2014-09-09 11:34 - 2012-12-11 01:21 - 00000000 ____D () C:\Users\sharon's\Tracing
    2014-09-07 20:32 - 2012-09-18 20:48 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
    2014-09-07 20:32 - 2012-09-18 20:48 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
    2014-09-07 20:10 - 2014-09-07 20:10 - 04874632 _____ (LionSea Software co., ltd ) C:\Users\sharon's\Downloads\setup.exe
    2014-09-07 20:08 - 2012-09-18 20:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
    2014-09-07 18:06 - 2014-09-07 18:06 - 00000000 ____D () C:\Windows\pss
    2014-09-07 17:59 - 2014-02-14 13:18 - 00000000 ____D () C:\ProgramData\SSaiverPro
    2014-09-07 17:59 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\Cursors
    2014-09-07 17:54 - 2014-09-07 17:54 - 00000000 __SHD () C:\found.016
    2014-09-07 17:13 - 2014-01-30 21:13 - 00000000 ____D () C:\ProgramData\jmonjjpklephlpklfiicckefanpmjidk
    2014-09-07 17:10 - 2014-09-07 17:10 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2014-09-07 17:10 - 2014-09-07 17:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2014-09-07 17:10 - 2014-09-07 17:10 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-09-07 16:53 - 2012-09-13 19:34 - 00000000 ____D () C:\ProgramData\MFAData
    2014-09-07 16:52 - 2012-09-13 19:37 - 00000000 ___HD () C:\$AVG
    2014-09-07 16:52 - 2012-09-13 19:37 - 00000000 ____D () C:\ProgramData\AVG2013
    2014-09-07 15:37 - 2013-10-21 20:23 - 00000000 ____D () C:\ProgramData\Oracle
    2014-09-07 15:36 - 2014-09-07 15:36 - 00004489 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
    2014-09-07 15:36 - 2013-06-25 11:27 - 00000000 ____D () C:\Program Files (x86)\Java
    2014-09-07 13:42 - 2012-09-13 20:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2014-09-03 20:37 - 2012-09-18 20:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
    2014-09-03 17:14 - 2014-09-03 17:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
    2014-09-01 18:59 - 2014-09-01 18:59 - 00000000 __SHD () C:\found.015
    2014-08-31 20:10 - 2014-08-31 20:10 - 00000000 ____D () C:\Users\sharon's\AppData\Roaming\Macrovision
    2014-08-25 18:02 - 2012-09-13 19:37 - 00000000 ____D () C:\Program Files (x86)\AVG Secure Search
    2014-08-14 13:32 - 2012-09-13 19:37 - 00050976 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
    Files to move or delete:
    ====================
    C:\Users\sharon's\jagex_cl_loginapplet_LIVE.dat
    C:\Users\sharon's\jagex_cl_runescape_LIVE.dat
    C:\Users\sharon's\jagex_cl_runescape_LIVE1.dat
    C:\Users\sharon's\random.dat

    Some content of TEMP:
    ====================
    C:\Users\sharon's\AppData\Local\Temp\UNINSTALL.exe

    ==================== Bamital & volsnap Check =================
    (There is no automatic fix for files that do not pass verification.)
    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

    LastRegBack: 2014-09-07 14:30
    ==================== End Of Log ============================
     
  2. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,658
    Likes Received:
    38
    Trophy Points:
    78

Share This Page