API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Sep 5th, 2015
173
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 17.57 KB | None | 0 0
raw download clone embed print report
  1. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:04-09-2015
  2. Ran by Ana (administrator) on ANA-PC (05-09-2015 11:07:21)
  3. Running from C:\Windows\SysWOW64\config\systemprofile\Downloads
  4. Loaded Profiles: Ana (Available Profiles: Ana)
  5. Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
  6. Internet Explorer Version 10 (Default browser: Chrome)
  7. Boot Mode: Normal
  8. Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
  9.  
  10. ==================== Processes (Whitelisted) =================
  11.  
  12. (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
  13.  
  14. (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
  15. (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
  16. (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
  17. (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
  18. (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
  19. (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
  20. (Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
  21. () C:\Windows\SysWOW64\PnkBstrA.exe
  22. (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
  23. (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
  24. (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
  25. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  26. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  27. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  28. () C:\Windows\SysWOW64\config\systemprofile\Downloads\AdwCleaner.exe
  29. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  30. (Microsoft Corporation) C:\Windows\System32\dllhost.exe
  31.  
  32.  
  33. ==================== Registry (Whitelisted) ===========================
  34.  
  35. (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
  36.  
  37. HKLM-x32\...\Run: [NBKeyScan] => C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [1828136 2007-08-08] (Nero AG)
  38. HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
  39. HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5212072 2015-07-29] (AVG Technologies CZ, s.r.o.)
  40. HKLM-x32\...\Run: [ApnUpdater] => C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1574176 2012-12-20] (Ask)
  41. HKU\S-1-5-21-3213780009-1502929339-2394357857-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe [202024 2007-08-03] (Nero AG)
  42. HKU\S-1-5-21-3213780009-1502929339-2394357857-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53288576 2015-06-29] (Skype Technologies S.A.)
  43. ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
  44. ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
  45. ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
  46. ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File
  47. GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
  48. CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
  49.  
  50. ==================== Internet (Whitelisted) ====================
  51.  
  52. (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
  53.  
  54. Tcpip\Parameters: [DhcpNameServer] 194.146.109.223 194.146.109.224
  55. Tcpip\..\Interfaces\{22EABBAF-C91A-4923-B339-2918FEB5C398}: [DhcpNameServer] 194.146.109.223 194.146.109.224
  56. Tcpip\..\Interfaces\{8723830B-43AB-4082-AA21-0F0D2A9A3945}: [DhcpNameServer] 194.146.109.223 194.146.109.224
  57.  
  58. Internet Explorer:
  59. ==================
  60. HKU\S-1-5-21-3213780009-1502929339-2394357857-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com?cid={6DD643D7-8946-4CDA-8B30-A886A4B5DAEC}&mid=6e28343dec3347d3a810d15775e29d3d-4858674be08d48045fe4718d7e2078d4dfacdd11&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-11-14 10:36:47&v=4.1.0.411&pid=wtu&sg=&sap=hp
  61. HKU\S-1-5-21-3213780009-1502929339-2394357857-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/
  62. URLSearchHook: HKLM-x32 - BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player\tbBS_P.dll No File
  63. URLSearchHook: HKU\S-1-5-21-3213780009-1502929339-2394357857-1000 - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
  64. SearchScopes: HKLM-x32 -> DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431400&CUI=UN22783523872612323
  65. SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431400&CUI=UN22783523872612323
  66. SearchScopes: HKU\S-1-5-21-3213780009-1502929339-2394357857-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={6DD643D7-8946-4CDA-8B30-A886A4B5DAEC}&mid=6e28343dec3347d3a810d15775e29d3d-4858674be08d48045fe4718d7e2078d4dfacdd11&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-11-14 10:36:47&v=4.0.0.19&pid=wtu&sg=&sap=dsp&q={searchTerms}
  67. SearchScopes: HKU\S-1-5-21-3213780009-1502929339-2394357857-1000 -> {F0D35F79-EDAE-4861-920A-7BB8EFEC8588} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10267&src=kw&q={searchTerms}&locale=en_HR&apn_ptnrs=^AGY&apn_dtid=^YYYYYY^YY^HR&apn_uid=2dd02524-4f5d-4f18-9320-43eb4e013029&apn_sauid=396AC986-7A99-4086-A558-EC4393A74806
  68. BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
  69. BHO-x32: Conduit Engine -> {30F9B915-B755-4826-820B-08FBA6BD249D} -> C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll No File
  70. BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
  71. BHO-x32: Ask Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2012-12-20] (Ask)
  72. BHO-x32: BS Player Toolbar -> {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} -> C:\Program Files (x86)\BS_Player\tbBS_P.dll No File
  73. Toolbar: HKLM-x32 - BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player\tbBS_P.dll No File
  74. Toolbar: HKLM-x32 - Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll No File
  75. Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2012-12-20] (Ask)
  76. Toolbar: HKU\S-1-5-21-3213780009-1502929339-2394357857-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
  77. Toolbar: HKU\S-1-5-21-3213780009-1502929339-2394357857-1000 -> No Name - {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - No File
  78. Toolbar: HKU\S-1-5-21-3213780009-1502929339-2394357857-1000 -> No Name - {30F9B915-B755-4826-820B-08FBA6BD249D} - No File
  79. Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
  80. Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
  81.  
  82. FireFox:
  83. ========
  84. FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-12] ()
  85. FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2011-08-09] (Microsoft Corporation)
  86. FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] ()
  87. FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2011-08-09] (Microsoft Corporation)
  88. FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.)
  89. FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.)
  90. FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-27] (Adobe Systems Inc.)
  91. FF Extension: No Name - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2505\ff [not found]
  92. FF Extension: No Name - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home792\ff [not found]
  93.  
  94. Chrome:
  95. =======
  96. CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
  97.  
  98. ==================== Services (Whitelisted) ========================
  99.  
  100. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  101.  
  102. R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3259304 2015-07-29] (AVG Technologies CZ, s.r.o.)
  103. R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [301896 2015-07-29] (AVG Technologies CZ, s.r.o.)
  104. R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
  105. R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
  106. R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [836904 2007-08-08] (Nero AG)
  107. S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-08-03] (Nero AG)
  108. R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-05-14] ()
  109. S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
  110.  
  111. ===================== Drivers (Whitelisted) ==========================
  112.  
  113. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  114.  
  115. R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
  116. R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [244504 2014-07-21] (AVG Technologies CZ, s.r.o.)
  117. R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [237536 2015-05-26] (AVG Technologies CZ, s.r.o.)
  118. R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [237848 2014-10-24] (AVG Technologies CZ, s.r.o.)
  119. R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [369120 2015-05-26] (AVG Technologies CZ, s.r.o.)
  120. R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [211936 2015-05-26] (AVG Technologies CZ, s.r.o.)
  121. R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
  122. R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [276960 2015-05-18] (AVG Technologies CZ, s.r.o.)
  123. R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-05-13] (DT Soft Ltd)
  124. S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
  125. S3 s116bus; C:\Windows\System32\DRIVERS\s116bus.sys [108296 2007-04-03] (MCCI Corporation)
  126. S3 s116mdfl; C:\Windows\System32\DRIVERS\s116mdfl.sys [19720 2007-04-03] (MCCI Corporation)
  127. S3 s116mdm; C:\Windows\System32\DRIVERS\s116mdm.sys [144648 2007-04-03] (MCCI Corporation)
  128. S3 s116mgmt; C:\Windows\System32\DRIVERS\s116mgmt.sys [126216 2007-04-03] (MCCI Corporation)
  129. S3 s116nd5; C:\Windows\System32\DRIVERS\s116nd5.sys [31496 2007-04-03] (MCCI Corporation)
  130. S3 s116obex; C:\Windows\System32\DRIVERS\s116obex.sys [123656 2007-04-03] (MCCI Corporation)
  131. S3 s116unic; C:\Windows\System32\DRIVERS\s116unic.sys [130824 2007-04-03] (MCCI Corporation)
  132. R3 SiS6350; C:\Windows\System32\DRIVERS\SISGRKMD.sys [553984 2008-12-29] (Silicon Integrated Systems Corporation)
  133. R3 smserial; C:\Windows\System32\DRIVERS\SmSerl64.sys [1227776 2009-06-10] (Motorola Inc.)
  134. S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
  135. S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
  136. S3 VGPU; System32\drivers\rdvgkmd.sys [X]
  137.  
  138. ==================== NetSvcs (Whitelisted) ===================
  139.  
  140. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  141.  
  142.  
  143. ==================== One Month Created files and folders ========
  144.  
  145. (If an entry is included in the fixlist, the file/folder will be moved.)
  146.  
  147. 2015-09-05 11:07 - 2015-09-05 11:07 - 00000000 ____D C:\FRST
  148. 2015-09-05 10:51 - 2015-09-05 10:52 - 00000000 ____D C:\AdwCleaner
  149.  
  150. ==================== One Month Modified files and folders ========
  151.  
  152. (If an entry is included in the fixlist, the file/folder will be moved.)
  153.  
  154. 2015-09-05 11:03 - 2011-08-08 18:15 - 01180769 _____ C:\Windows\WindowsUpdate.log
  155. 2015-09-05 10:24 - 2013-05-11 10:59 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
  156. 2015-09-05 10:21 - 2013-05-11 11:21 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
  157. 2015-09-05 10:17 - 2013-05-10 14:20 - 00000950 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3213780009-1502929339-2394357857-1000UA.job
  158. 2015-09-05 09:48 - 2013-05-11 13:52 - 00000000 ____D C:\ProgramData\MFAData
  159. 2015-09-05 07:17 - 2013-05-11 11:21 - 00000944 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
  160. 2015-09-05 07:16 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
  161. 2015-09-05 07:16 - 2009-07-14 06:51 - 00076148 _____ C:\Windows\setupact.log
  162. 2015-09-03 12:50 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
  163. 2015-09-03 12:13 - 2015-05-26 23:03 - 00002179 _____ C:\Users\Public\Desktop\Google Chrome.lnk
  164. 2015-09-02 21:54 - 2009-07-14 07:13 - 00730384 _____ C:\Windows\system32\PerfStringBackup.INI
  165. 2015-08-30 19:16 - 2013-05-11 11:21 - 00003944 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
  166. 2015-08-30 19:16 - 2013-05-11 11:21 - 00003692 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
  167. 2015-08-30 19:13 - 2013-05-10 14:19 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3213780009-1502929339-2394357857-1000Core.job
  168. 2015-08-29 18:32 - 2014-03-15 19:43 - 00000670 __RSH C:\ProgramData\ntuser.pol
  169. 2015-08-29 08:50 - 2013-05-11 11:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
  170. 2015-08-16 16:10 - 2009-07-14 06:45 - 00010240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
  171. 2015-08-16 16:10 - 2009-07-14 06:45 - 00010240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
  172. 2015-08-16 16:09 - 2011-08-11 16:58 - 00000000 ____D C:\Users\Ana\AppData\Roaming\uTorrent
  173. 2015-08-12 19:25 - 2013-05-11 10:59 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
  174. 2015-08-12 19:25 - 2013-05-11 10:58 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
  175. 2015-08-12 19:25 - 2011-09-01 22:24 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
  176. 2015-08-12 19:24 - 2015-07-08 20:24 - 18744520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
  177. 2015-08-11 11:49 - 2014-03-31 11:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
  178. 2015-08-11 11:49 - 2014-03-23 10:07 - 00000965 _____ C:\Users\Public\Desktop\AVG 2014.lnk
  179. 2015-08-07 21:39 - 2011-08-11 18:27 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
  180.  
  181. Some files in TEMP:
  182. ====================
  183. C:\Users\Ana\AppData\Local\Temp\AutoRun.exe
  184. C:\Users\Ana\AppData\Local\Temp\AutoRunGUI.dll
  185. C:\Users\Ana\AppData\Local\Temp\eauninstall.exe
  186. C:\Users\Ana\AppData\Local\Temp\oew94ubz.dll
  187. C:\Users\Ana\AppData\Local\Temp\Tsu8F83FC6E.dll
  188. C:\Users\Ana\AppData\Local\Temp\uninst1.exe
  189. C:\Users\Ana\AppData\Local\Temp\utt933C.tmp.exe
  190. C:\Users\Ana\AppData\Local\Temp\vcredist_x64.exe
  191. C:\Users\Ana\AppData\Local\Temp\vcredist_x86.exe
  192.  
  193.  
  194. ==================== Bamital & volsnap =================
  195.  
  196. (There is no automatic fix for files that do not pass verification.)
  197.  
  198. C:\Windows\system32\winlogon.exe => File is digitally signed
  199. C:\Windows\system32\wininit.exe => File is digitally signed
  200. C:\Windows\SysWOW64\wininit.exe => File is digitally signed
  201. C:\Windows\explorer.exe => File is digitally signed
  202. C:\Windows\SysWOW64\explorer.exe => File is digitally signed
  203. C:\Windows\system32\svchost.exe => File is digitally signed
  204. C:\Windows\SysWOW64\svchost.exe => File is digitally signed
  205. C:\Windows\system32\services.exe => File is digitally signed
  206. C:\Windows\system32\User32.dll => MD5 is legit
  207. C:\Windows\SysWOW64\User32.dll => MD5 is legit
  208. C:\Windows\system32\userinit.exe => File is digitally signed
  209. C:\Windows\SysWOW64\userinit.exe => File is digitally signed
  210. C:\Windows\system32\rpcss.dll => File is digitally signed
  211. C:\Windows\system32\dnsapi.dll => File is digitally signed
  212. C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
  213. C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
  214.  
  215.  
  216. LastRegBack: 2015-08-29 21:42
  217.  
  218. ==================== End of FRST.txt ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!