API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Oct 9th, 2015
153
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 34.42 KB | None | 0 0
raw download clone embed print report
  1. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:08-10-2015
  2. Ran by Conner (administrator) on CONNER-PC (09-10-2015 14:25:30)
  3. Running from C:\Users\Conner\Desktop
  4. Loaded Profiles: Conner (Available Profiles: Conner)
  5. Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
  6. Internet Explorer Version 9 (Default browser: Chrome)
  7. Boot Mode: Normal
  8. Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
  9.  
  10. ==================== Processes (Whitelisted) =================
  11.  
  12. (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
  13.  
  14. (AMD) C:\Windows\System32\atiesrxx.exe
  15. (AMD) C:\Windows\System32\atieclxx.exe
  16. (Microsoft Corporation) C:\Windows\System32\wlanext.exe
  17. (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
  18. (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
  19. (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
  20. (MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
  21. (Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\ns.exe
  22. (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
  23. (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
  24. (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
  25. (MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
  26. (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
  27. (Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\ns.exe
  28. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  29. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  30. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  31. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  32. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  33. (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
  34. (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
  35.  
  36.  
  37. ==================== Registry (Whitelisted) ===========================
  38.  
  39. (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
  40.  
  41. HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7506136 2014-04-11] (Realtek Semiconductor)
  42. HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-19] (Advanced Micro Devices, Inc.)
  43. HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
  44. HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [490480 2013-09-09] (MSI)
  45. HKU\S-1-5-21-3144416939-2421594402-137492813-1000\...\MountPoints2: E - E:\VZW_Software_upgrade_assistant.exe
  46. HKU\S-1-5-21-3144416939-2421594402-137492813-1000\...\MountPoints2: {21a21992-c165-11e3-99db-806e6f6e6963} - D:\DVDSetup.exe
  47. HKU\S-1-5-21-3144416939-2421594402-137492813-1000\...\MountPoints2: {67eaf584-c176-11e3-8324-448a5b6115ed} - E:\VZW_Software_upgrade_assistant.exe
  48. HKU\S-1-5-21-3144416939-2421594402-137492813-1000\...\MountPoints2: {8006f6be-c14f-11e3-9a42-806e6f6e6963} - D:\setup.exe
  49. HKU\S-1-5-18\...\Run: [GoogleChromeAutoLaunch_4158A702DE94E8F002D78386467F1B31] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [815944 2015-09-23] (Google Inc.)
  50. HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2015-01-14] (Microsoft Corporation)
  51. AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll => No File
  52. ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
  53. ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
  54. ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
  55. ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
  56. GroupPolicy: Restriction - Chrome <======= ATTENTION
  57. CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
  58.  
  59. ==================== Internet (Whitelisted) ====================
  60.  
  61. (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
  62.  
  63. ProxyServer: [S-1-5-21-3144416939-2421594402-137492813-1000] => http=127.0.0.1:13001
  64. Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
  65. Tcpip\..\Interfaces\{01418C48-C22D-4291-9861-1AF42E4D9A57}: [DhcpNameServer] 192.168.1.1
  66.  
  67. Internet Explorer:
  68. ==================
  69. HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://go.microsoft.com/fwlink/?LinkId=69157
  70. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NS&pvid=22.1.0.9
  71. HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NS&pvid=22.5.4.24
  72. HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NS&pvid=22.5.4.24
  73. HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NS&pvid=22.5.4.24
  74. HKU\S-1-5-21-3144416939-2421594402-137492813-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbQlzfY2uPTYeQjAjEDkq4w6O7BEwWot70sldsFqghGWL_tj4X1RI0uLGuNl10eybAY8lI3ovdCrXU4hCuCvAdktNCK4mjcvDpGxupo6jXe0AZ8pjfTxMiBTRENnR-doO3X4i7fJ1T01FGmgHtVpHFSpdEUqKqC384l8zxf0QGMpK-I4XA,,&q={searchTerms}
  75. HKU\S-1-5-21-3144416939-2421594402-137492813-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NS&pvid=22.5.4.24
  76. HKU\S-1-5-21-3144416939-2421594402-137492813-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://search.conduit.com/?gd=&ctid=ct3325286&octid=eb_original_ctid&isid=m60087815-f195-473b-a527-aa1b6dbe5c9c&searchsource=55&cui=&um=5&up=sp32f94329-5101-47ed-9722-9918b8e6314c&sspv=
  77. SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = hxxp://www.default-search.net/search?sid=492&aid=100&itype=a&ver=15005&tm=315&src=ds&p={searchTerms}
  78. SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbQlzfY2uPTYeQjAjEDkq4w6O7BEwWot70sldsFqghGWL_tj4X1RI0uLGuNl10eybAY8lI3ovdCrXU4hCuCvAdktNCK4mjcvDpGxupo6jXe0AZ8pjfTxMiBTRENnR-doO3X4i7fJ1T01FGmgHtVpHFSpdEUqKqC384l8zxf0QGMpK-I4Ww,,&q={searchTerms}
  79. SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbQlzfY2uPTYeQjAjEDkq4w6O7BEwWot70sldsFqghGWL_tj4X1RI0uLGuNl10eybAY8lI3ovdCrXU4hCuCvAdktNCK4mjcvDpGxupo6jXe0AZ8pjfTxMiBTRENnR-doO3X4i7fJ1T01FGmgHtVpHFSpdEUqKqC384l8zxf0QGMpK-I4Ww,,&q={searchTerms}
  80. SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = hxxp://www.default-search.net/search?sid=492&aid=100&itype=a&ver=15005&tm=315&src=ds&p={searchTerms}
  81. SearchScopes: HKU\S-1-5-21-3144416939-2421594402-137492813-1000 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbQlzfY2uPTYeQjAjEDkq4w6O7BEwWot70sldsFqghGWL_tj4X1RI0uLGuNl10eybAY8lI3ovdCrXU4hCuCvAdktNCK4mjcvDpGxupo6jXe0AZ8pjfTxMiBTRENnR-doO3X4i7fJ1T01FGmgHtVpHFSpdEUqKqC384l8zxf0QGMpK-I4XA,,&q={searchTerms}
  82. SearchScopes: HKU\S-1-5-21-3144416939-2421594402-137492813-1000 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbQlzfY2uPTYeQjAjEDkq4w6O7BEwWot70sldsFqghGWL_tj4X1RI0uLGuNl10eybAY8lI3ovdCrXU4hCuCvAdktNCK4mjcvDpGxupo6jXe0AZ8pjfTxMiBTRENnR-doO3X4i7fJ1T01FGmgHtVpHFSpdEUqKqC384l8zxf0QGMpK-I4XA,,&q={searchTerms}
  83. SearchScopes: HKU\S-1-5-21-3144416939-2421594402-137492813-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = hxxp://www.default-search.net/search?sid=492&aid=100&itype=a&ver=15005&tm=315&src=ds&p={searchTerms}
  84. SearchScopes: HKU\S-1-5-21-3144416939-2421594402-137492813-1000 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=NS&chn=retail&geo=US&ver=22&locale=en_US&gct=kwd&qsrc=2869
  85. BHO: MediaPlayerplus -> {11111111-1111-1111-1111-110511421146} -> C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-bho64.dll [2014-04-12] (Freeven)
  86. BHO: Quiknowledge -> {323C6E6D-1621-470F-8A52-4FDEC4E75E40} -> C:\Program Files\Quiknowledge\IE\QuiknowledgeClientIE.dll No File
  87. BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine64\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
  88. BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll No File
  89. BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-22] (Google Inc.)
  90. BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
  91. BHO-x32: PriceGong - Price Comparison -> {1631550F-191D-4826-B069-D9439253D926} -> C:\Program Files (x86)\PriceGong\2.6.11\PriceGongIE.dll No File
  92. BHO-x32: No Name -> {59A062A1-5ECA-4a1a-BC44-B2A9283A8ACB} -> No File
  93. BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
  94. BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
  95. BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-09-26] (Oracle Corporation)
  96. BHO-x32: Re-Markable -> {A62BF774-18B1-2C80-0363-9AD7072BB9A8} -> C:\Program Files (x86)\Re-Markable-soft\171.dll No File
  97. BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-22] (Google Inc.)
  98. BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
  99. BHO-x32: IEExtension.Extension -> {d40c654d-7c51-4eb3-95b2-1e23905c2a2d} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-04] (Microsoft Corporation)
  100. BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-09-26] (Oracle Corporation)
  101. Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
  102. Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine64\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
  103. Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-22] (Google Inc.)
  104. Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
  105. Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
  106. Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-22] (Google Inc.)
  107. Toolbar: HKU\S-1-5-21-3144416939-2421594402-137492813-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-22] (Google Inc.)
  108. Toolbar: HKU\S-1-5-21-3144416939-2421594402-137492813-1000 -> No Name - {25E2E5C9-C43C-4EE8-B23E-4383915F2BCE} - No File
  109. Toolbar: HKU\S-1-5-21-3144416939-2421594402-137492813-1000 -> No Name - {4F524A2D-5637-4300-76A7-7A786E7484D7} - No File
  110. Toolbar: HKU\S-1-5-21-3144416939-2421594402-137492813-1000 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine64\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
  111. Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
  112. Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
  113. Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
  114. Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
  115.  
  116. FireFox:
  117. ========
  118. FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-21] ()
  119. FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-21] ()
  120. FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-26] (Oracle Corporation)
  121. FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-09-26] (Oracle Corporation)
  122. FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll [2014-05-17] (Nexon)
  123. FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc.)
  124. FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc.)
  125. FF HKLM-x32\...\Firefox\Extensions: [{EBA722F5-038F-4CAF-9EE2-545A221628BC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.1.0.9\coFFPlgn
  126. FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.1.0.9\coFFPlgn [2015-10-09]
  127. FF HKU\S-1-5-21-3144416939-2421594402-137492813-1000\...\Firefox\Extensions: [{C8A7850F-CCA1-ACD7-8CAF-562C883D9F80}] - C:\Program Files (x86)\Re-Markable-soft\171.xpi => not found
  128.  
  129. Chrome:
  130. =======
  131. CHR Profile: C:\Users\Conner\AppData\Local\Google\Chrome\User Data\Default
  132. CHR Extension: (Google Slides) - C:\Users\Conner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-14]
  133. CHR Extension: (Google Docs) - C:\Users\Conner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-14]
  134. CHR Extension: (Google Drive) - C:\Users\Conner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-14]
  135. CHR Extension: (YouTube) - C:\Users\Conner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-14]
  136. CHR Extension: (Adblock Plus) - C:\Users\Conner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-10-09]
  137. CHR Extension: (Norton Security Toolbar) - C:\Users\Conner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2015-07-11]
  138. CHR Extension: (Google Search) - C:\Users\Conner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-14]
  139. CHR Extension: (Google Sheets) - C:\Users\Conner\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-14]
  140. CHR Extension: (Google Docs Offline) - C:\Users\Conner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-04]
  141. CHR Extension: (Norton Identity Safe) - C:\Users\Conner\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-01-14]
  142. CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Conner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-26]
  143. CHR Extension: (Skype Click to Call) - C:\Users\Conner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-01-14]
  144. CHR Extension: (Chrome Web Store Payments) - C:\Users\Conner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-14]
  145. CHR Extension: (Gmail) - C:\Users\Conner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-14]
  146. CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\Exts\Chrome.crx [2015-10-06]
  147. CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
  148. CHR HKLM-x32\...\Chrome\Extension: [acfoobbgoakpihljnfedbcfaipcdlfhk] - hxxps://clients2.google.com/service/update2/crx
  149. CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\Exts\Chrome.crx [2015-10-06]
  150. CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
  151. CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
  152.  
  153. ==================== Services (Whitelisted) ========================
  154.  
  155. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  156.  
  157. R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-08-19] (Advanced Micro Devices, Inc.) [File not signed]
  158. S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [782208 2015-01-19] ()
  159. R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
  160. R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
  161. R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161776 2013-09-09] (MSI)
  162. R2 NS; C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\NS.exe [282016 2015-09-24] (Symantec Corporation)
  163. S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
  164. S2 3010859aeca4507.exe; C:\Users\Conner\AppData\Local\62b7abbdd1dd891801818168dbf983f4\3010859aeca4507.exe [X]
  165. S2 77854be4be65e07afcf61541e60bdd79.exe; C:\Users\Conner\AppData\Local\77854be4be65e07afcf61541e60bdd79\77854be4be65e07afcf61541e60bdd79.exe [X]
  166. S2 935163118729163.exe; C:\Users\Conner\AppData\Local\f16100ccb3472d157d90c1d3816fad92\935163118729163.exe [X]
  167. S2 a37af3405cfe910.exe; C:\Users\Conner\AppData\Local\db7b2d584efdc2710cd94ae4f27c8abb\a37af3405cfe910.exe [X]
  168. S2 ASUSWireless; "C:\Program Files (x86)\ASUS\PCE-N53 WLAN Card Utilities\Common\ASUSService.exe" [X]
  169. S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [X] <==== ATTENTION
  170. S4 ControlProgramSchema.exe; C:\Users\Conner\AppData\Local\ArchiveCursorSDK\ArchiveCursorSDK.exe [X]
  171. S2 ee3327228c51020.exe; C:\Users\Conner\AppData\Local\48274b3ff1ca2ff16f2077c894bea374\ee3327228c51020.exe [X]
  172. S2 EncondingRepositoryThumbnail.exe; C:\Users\Conner\AppData\Local\e2fad099f894dd30b50f090b0ab6e51b\EncondingRepositoryThumbnail.exe [X]
  173. S2 FirmwareMBRRegister.exe; C:\Users\Conner\AppData\Local\FirmwareMBRRegister\FirmwareMBRRegister.exe [X]
  174. S2 InteractivePrivacyWizard.exe; C:\Users\Conner\AppData\Local\InteractivePrivacyWizard\InteractivePrivacyWizard.exe [X]
  175. S2 PirritDesktop; C:\Users\Conner\AppData\Local\PirritSuggestor\PirritService.exe [X]
  176. S2 RalinkRegistryWriter; "C:\Program Files (x86)\ASUS\PCE-N53 WLAN Card Utilities\Common\RaRegistry.exe" [X]
  177. S2 Re-Markable; C:\Program Files (x86)\Re-Markable Corp\Re-Markable158.exe [X]
  178. S2 schemathumbnailapi.exe; C:\Users\Conner\AppData\Local\schemathumbnailapi\schemathumbnailapi.exe [X]
  179. S2 sharewareracengnGUI.exe; C:\Users\Conner\AppData\Local\sharewareracengnGUI\sharewareracengnGUI.exe [X]
  180. S2 SystemkService; C:\Program Files (x86)\Settings Manager\systemk\SystemkService.exe [X]
  181. S2 wbsvc; "C:\Program Files\WebBar\wbsvc.exe" --service [X]
  182.  
  183. ===================== Drivers (Whitelisted) ==========================
  184.  
  185. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  186.  
  187. R1 BHDrvx64; C:\Program Files (x86)\Norton Security\NortonData\22.1.0.9\Definitions\BASHDefs\20151005.001_7da\BHDrvx64.sys [1650936 2015-10-05] (Symantec Corporation)
  188. R1 ccSet_NS; C:\Windows\system32\drivers\NSx64\1605040.018\ccSetx64.sys [173808 2015-07-10] (Symantec Corporation)
  189. S3 cocippsz; C:\Windows\System32\Drivers\cocippsz.sys [423240 2014-04-13] (AVAST Software)
  190. S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
  191. R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-07-28] (Symantec Corporation)
  192. R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [155456 2015-10-08] (Symantec Corporation)
  193. R1 IDSVia64; C:\Program Files (x86)\Norton Security\NortonData\22.1.0.9\Definitions\IPSDefs\20151008.001\IDSvia64.sys [767216 2015-10-05] (Symantec Corporation)
  194. R3 NAVENG; C:\Program Files (x86)\Norton Security\NortonData\22.1.0.9\Definitions\VirusDefs\20151008.002\ENG64.SYS [138488 2015-10-08] (Symantec Corporation)
  195. R3 NAVEX15; C:\Program Files (x86)\Norton Security\NortonData\22.1.0.9\Definitions\VirusDefs\20151008.002\EX64.SYS [2146040 2015-10-08] (Symantec Corporation)
  196. R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2014-04-28] (Riverbed Technology, Inc.)
  197. R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
  198. S3 qjsliszn; C:\Windows\System32\Drivers\qjsliszn.sys [421704 2014-04-13] (AVAST Software)
  199. R3 SRTSP; C:\Windows\System32\Drivers\NSx64\1605040.018\SRTSP64.SYS [930024 2015-09-23] (Symantec Corporation)
  200. R1 SRTSPX; C:\Windows\system32\drivers\NSx64\1605040.018\SRTSPX64.SYS [50936 2015-07-10] (Symantec Corporation)
  201. R0 SymEFASI; C:\Windows\System32\drivers\NSx64\1605040.018\SYMEFASI64.SYS [1620720 2015-07-10] (Symantec Corporation)
  202. R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-07-22] (Symantec Corporation)
  203. R1 SymIRON; C:\Windows\system32\drivers\NSx64\1605040.018\Ironx64.SYS [297720 2015-07-10] (Symantec Corporation)
  204. R1 SymNetS; C:\Windows\System32\Drivers\NSx64\1605040.018\SYMNETS.SYS [577768 2015-09-23] (Symantec Corporation)
  205. R2 webinstr; C:\Windows\system32\Drivers\webinstr.sys [57528 2014-05-28] (Corsica)
  206. S3 xnribqit; C:\Windows\System32\Drivers\xnribqit.sys [423240 2014-05-01] (AVAST Software)
  207. S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
  208. S1 F06DEFF2-5B9C-490D-910F-35D3A91196222; \??\C:\Program Files (x86)\Settings Manager\systemk\x64\systemkmgrc1.cfg [X]
  209. S1 F06DEFF2-5B9C-490D-910F-35D3A91196223; \??\C:\Program Files (x86)\Settings Manager\smdmf\x64\smdmfmgrc3.cfg [X]
  210. S3 MSICDSetup; \??\D:\CDriver64.sys [X]
  211. S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
  212. S1 qknfd; system32\drivers\qknfd.sys [X]
  213. S3 RgFltX64; \??\C:\Users\Conner\AppData\Local\ArchiveCursorSDK\RgFltX64.sys [X]
  214.  
  215. ==================== NetSvcs (Whitelisted) ===================
  216.  
  217. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  218.  
  219.  
  220. ==================== One Month Created files and folders ========
  221.  
  222. (If an entry is included in the fixlist, the file/folder will be moved.)
  223.  
  224. 2015-10-09 14:25 - 2015-10-09 14:26 - 00024716 _____ C:\Users\Conner\Desktop\FRST.txt
  225. 2015-10-09 14:20 - 2015-10-09 14:25 - 00000000 ____D C:\FRST
  226. 2015-10-09 14:20 - 2015-10-09 14:20 - 02194944 _____ (Farbar) C:\Users\Conner\Desktop\FRST64.exe
  227. 2015-10-09 02:24 - 2015-10-09 02:24 - 00745721 _____ ( ) C:\Program Files (x86)\popappsetup.exe
  228. 2015-10-09 01:27 - 2015-10-09 01:27 - 00008909 _____ C:\Windows\system32\Drivers\etc\hosts.bak
  229. 2015-10-09 01:15 - 2015-10-09 01:16 - 00000000 ____D C:\NPE
  230. 2015-10-09 00:30 - 2015-10-09 00:30 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Conner\Downloads\mbam-setup-2.1.8.1057.exe
  231. 2015-10-09 00:30 - 2015-10-09 00:30 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Conner\Downloads\mbam-setup-2.1.8.1057 (1).exe
  232. 2015-10-09 00:27 - 2015-10-09 01:15 - 00000000 ____D C:\ProgramData\ASUS Driver
  233. 2015-10-09 00:27 - 2015-10-09 00:27 - 00003992 _____ C:\Windows\system32\RaCoInst.log
  234. 2015-10-09 00:27 - 2015-10-09 00:27 - 00000000 ____D C:\ProgramData\Ralink
  235. 2015-10-09 00:27 - 2015-10-09 00:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Utility
  236. 2015-10-09 00:27 - 2015-10-09 00:27 - 00000000 ____D C:\Program Files (x86)\Cisco
  237. 2015-10-09 00:27 - 2012-09-13 11:22 - 01808448 _____ (Ralink Technology, Corp.) C:\Windows\system32\Drivers\netr28x.sys
  238. 2015-10-09 00:27 - 2012-07-05 21:10 - 00327008 _____ (Ralink Technology, Inc.) C:\Windows\system32\RaCoInstx.dll
  239. 2015-10-09 00:27 - 2012-07-05 21:10 - 00014119 ____N C:\Windows\SysWOW64\RaCoInst.dat
  240. 2015-10-09 00:27 - 2012-07-05 21:10 - 00014119 _____ C:\Windows\system32\RaCoInst.dat
  241. 2015-10-09 00:26 - 2015-10-09 00:26 - 00000000 ____D C:\Windows\system32\RaLanguages
  242. 2015-10-09 00:26 - 2015-10-09 00:26 - 00000000 ____D C:\Users\Conner\AppData\Roaming\InstallShield
  243. 2015-10-09 00:26 - 2015-10-09 00:26 - 00000000 ____D C:\Program Files (x86)\ASUS
  244. 2015-10-09 00:26 - 2012-03-21 06:48 - 02399584 _____ (Ralink Technology, Corp.) C:\Windows\system32\RaCertMgr.dll
  245. 2015-10-09 00:26 - 2012-03-21 06:48 - 01607008 ____N (Ralink Technology, Corp.) C:\Windows\SysWOW64\RaCertMgr.dll
  246. 2015-10-09 00:26 - 2012-03-21 06:48 - 01112928 ____N (Ralink Technology, Corp.) C:\Windows\SysWOW64\RAIHV.dll
  247. 2015-10-09 00:26 - 2012-03-21 06:48 - 01112928 _____ (Ralink Technology, Corp.) C:\Windows\system32\RAIHV.dll
  248. 2015-10-09 00:26 - 2012-03-21 06:48 - 00792416 ____N C:\Windows\SysWOW64\DiagFunc.dll
  249. 2015-10-09 00:26 - 2012-03-21 06:48 - 00792416 _____ C:\Windows\system32\DiagFunc.dll
  250. 2015-10-09 00:26 - 2012-03-21 06:48 - 00128864 ____N (Ralink Technology, Corp.) C:\Windows\SysWOW64\RAEXTUI.dll
  251. 2015-10-09 00:26 - 2012-03-21 06:48 - 00128864 _____ (Ralink Technology, Corp.) C:\Windows\system32\RAEXTUI.dll
  252. 2015-10-09 00:26 - 2012-03-21 06:48 - 00000451 ____N C:\Windows\SysWOW64\DiagFunc.ini
  253. 2015-10-09 00:26 - 2012-03-21 06:48 - 00000451 _____ C:\Windows\system32\DiagFunc.ini
  254. 2015-10-09 00:15 - 2015-10-09 00:15 - 00000739 _____ C:\Users\Conner\Desktop\ReleaseNote_PCE-N53_V1012 - Shortcut.lnk
  255. 2015-10-09 00:15 - 2015-10-09 00:15 - 00000363 _____ C:\Users\Conner\Desktop\ASUS_PCE-N53_V1.0.1.2_09192015 - Shortcut.lnk
  256. 2015-10-08 23:07 - 2015-10-09 00:18 - 00007600 _____ C:\Users\Conner\AppData\Local\Resmon.ResmonCfg
  257. 2015-10-08 23:00 - 2015-10-08 23:00 - 00000000 ____D C:\Windows\{1607E3B3-7E5C-42AD-86D7-83DF0ABF116E}
  258. 2015-10-07 21:52 - 2015-10-07 21:52 - 00000000 _____ C:\Users\Conner\AppData\Local\{27916B05-7DEB-416D-A6FB-15A028FF5413}
  259. 2015-10-06 00:19 - 2015-10-06 00:19 - 00000000 ____D C:\ProgramData\Celavimus
  260. 2015-10-06 00:16 - 2015-10-08 22:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CEVO Client
  261. 2015-10-06 00:16 - 2015-10-06 00:16 - 00001197 _____ C:\Users\Public\Desktop\CEVO Client (CSGO).lnk
  262. 2015-10-06 00:16 - 2015-10-06 00:16 - 00000000 ____D C:\Program Files (x86)\CEVO
  263. 2015-10-06 00:15 - 2015-10-06 00:16 - 24003197 _____ C:\Users\Conner\Downloads\CEVO CSGO Client.zip
  264. 2015-10-06 00:06 - 2015-10-06 00:06 - 00000000 ____D C:\Windows\System32\Tasks\Norton Security
  265. 2015-10-05 23:52 - 2015-10-05 23:52 - 00000000 __SHD C:\found.000
  266. 2015-09-21 16:22 - 2015-10-05 23:51 - 00000000 ____D C:\Users\Conner\AppData\Local\scriptsoftwareBckp
  267.  
  268. ==================== One Month Modified files and folders ========
  269.  
  270. (If an entry is included in the fixlist, the file/folder will be moved.)
  271.  
  272. 2015-10-09 14:19 - 2009-07-14 00:45 - 00014224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
  273. 2015-10-09 14:19 - 2009-07-14 00:45 - 00014224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
  274. 2015-10-09 14:15 - 2014-04-11 03:43 - 01626775 _____ C:\Windows\WindowsUpdate.log
  275. 2015-10-09 14:12 - 2014-04-12 15:14 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
  276. 2015-10-09 14:11 - 2014-04-11 04:01 - 00566440 _____ C:\Windows\PFRO.log
  277. 2015-10-09 14:11 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
  278. 2015-10-09 14:11 - 2009-07-14 00:51 - 00068882 _____ C:\Windows\setupact.log
  279. 2015-10-09 02:40 - 2014-04-11 11:08 - 00000000 ____D C:\Program Files (x86)\Steam
  280. 2015-10-09 02:30 - 2014-04-11 13:26 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
  281. 2015-10-09 01:53 - 2014-04-12 15:14 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
  282. 2015-10-09 01:38 - 2014-04-11 03:45 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
  283. 2015-10-09 01:33 - 2015-01-14 18:25 - 00000000 ____D C:\Users\Conner\AppData\Local\NPE
  284. 2015-10-09 01:12 - 2014-04-11 03:48 - 00000000 ____D C:\ProgramData\Norton
  285. 2015-10-09 01:00 - 2014-07-21 02:08 - 00000000 ____D C:\ProgramData\CLickFaorSaaLe
  286. 2015-10-09 00:27 - 2014-04-12 02:54 - 00000000 ____D C:\Users\Conner\AppData\Local\CrashDumps
  287. 2015-10-09 00:26 - 2009-07-13 22:34 - 00000588 _____ C:\Windows\win.ini
  288. 2015-10-09 00:15 - 2009-07-14 01:13 - 00781298 _____ C:\Windows\system32\PerfStringBackup.INI
  289. 2015-10-09 00:00 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\NDF
  290. 2015-10-08 22:08 - 2014-04-11 03:47 - 00000000 ____D C:\Program Files (x86)\Google
  291. 2015-10-08 22:03 - 2014-04-11 03:41 - 00000000 ____D C:\Users\Conner
  292. 2015-10-08 22:02 - 2014-05-26 00:48 - 00000000 ____D C:\Windows\Minidump
  293. 2015-10-08 22:02 - 2014-04-11 03:55 - 00000000 ____D C:\ProgramData\Package Cache
  294. 2015-10-08 22:02 - 2014-04-11 03:48 - 00000000 ___HD C:\SuperChargerProfile
  295. 2015-10-08 22:02 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\registration
  296. 2015-10-08 22:02 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\AppCompat
  297. 2015-10-07 21:38 - 2015-02-21 13:33 - 00000000 ____D C:\Users\Conner\AppData\Local\Steam
  298. 2015-10-06 00:06 - 2015-01-14 17:16 - 00003216 _____ C:\Windows\System32\Tasks\Norton WSC Integration
  299. 2015-10-06 00:06 - 2015-01-14 17:10 - 00002292 _____ C:\Users\Public\Desktop\Norton Security.LNK
  300. 2015-10-06 00:06 - 2015-01-14 17:09 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
  301. 2015-10-06 00:06 - 2015-01-14 17:09 - 00000000 ____D C:\Windows\system32\Drivers\NSx64
  302. 2015-10-04 11:00 - 2014-04-12 15:35 - 00000302 _____ C:\Windows\Tasks\PCHelpers_period.job
  303. 2015-09-26 01:01 - 2015-01-14 19:06 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
  304. 2015-09-23 15:41 - 2009-07-14 01:08 - 00032576 _____ C:\Windows\Tasks\SCHEDLGU.TXT
  305. 2015-09-21 19:30 - 2014-04-11 13:26 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
  306. 2015-09-21 19:30 - 2014-04-11 13:26 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
  307. 2015-09-21 19:30 - 2014-04-11 13:26 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
  308. 2015-09-14 22:55 - 2014-04-11 03:47 - 00000000 ____D C:\Users\Conner\AppData\Local\Google
  309. 2015-09-14 22:48 - 2014-04-12 15:14 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
  310. 2015-09-14 22:48 - 2014-04-12 15:14 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
  311.  
  312. ==================== Files in the root of some directories =======
  313.  
  314. 2015-10-09 02:24 - 2015-10-09 02:24 - 0745721 _____ ( ) C:\Program Files (x86)\popappsetup.exe
  315. 2014-04-12 15:36 - 2014-04-12 15:36 - 0000314 _____ () C:\Users\Conner\AppData\Roaming\aps.uninstall.scan.results
  316. 2014-04-12 15:40 - 2014-04-12 15:40 - 0005265 _____ () C:\Users\Conner\AppData\Roaming\callbanner.png
  317. 2014-04-12 15:20 - 2015-01-14 16:45 - 6086656 _____ () C:\Users\Conner\AppData\Local\ChromeHitoryDB
  318. 2015-10-08 23:07 - 2015-10-09 00:18 - 0007600 _____ () C:\Users\Conner\AppData\Local\Resmon.ResmonCfg
  319. 2015-10-07 21:52 - 2015-10-07 21:52 - 0000000 _____ () C:\Users\Conner\AppData\Local\{27916B05-7DEB-416D-A6FB-15A028FF5413}
  320. 2014-04-11 06:25 - 2014-04-11 06:25 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
  321.  
  322. Some files in TEMP:
  323. ====================
  324. C:\Users\Conner\AppData\Local\Temp\devcon64.exe
  325. C:\Users\Conner\AppData\Local\Temp\NGM.exe
  326. C:\Users\Conner\AppData\Local\Temp\NGMDll.dll
  327. C:\Users\Conner\AppData\Local\Temp\NGMResource.dll
  328.  
  329.  
  330. ==================== Bamital & volsnap =================
  331.  
  332. (There is no automatic fix for files that do not pass verification.)
  333.  
  334. C:\Windows\system32\winlogon.exe => File is digitally signed
  335. C:\Windows\system32\wininit.exe => File is digitally signed
  336. C:\Windows\SysWOW64\wininit.exe => File is digitally signed
  337. C:\Windows\explorer.exe => File is digitally signed
  338. C:\Windows\SysWOW64\explorer.exe => File is digitally signed
  339. C:\Windows\system32\svchost.exe => File is digitally signed
  340. C:\Windows\SysWOW64\svchost.exe => File is digitally signed
  341. C:\Windows\system32\services.exe => File is digitally signed
  342. C:\Windows\system32\User32.dll => File is digitally signed
  343. C:\Windows\SysWOW64\User32.dll => File is digitally signed
  344. C:\Windows\system32\userinit.exe => File is digitally signed
  345. C:\Windows\SysWOW64\userinit.exe => File is digitally signed
  346. C:\Windows\system32\rpcss.dll => File is digitally signed
  347. C:\Windows\system32\dnsapi.dll => File is digitally signed
  348. C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
  349. C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
  350.  
  351.  
  352. LastRegBack: 2015-10-01 15:37
  353.  
  354. ==================== End of FRST.txt ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!