API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jan 7th, 2015
344
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 45.15 KB | None | 0 0
raw download clone embed print report
  1. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-01-2015
  2. Ran by OEM (administrator) on KOMP-SEBSKA on 07-01-2015 21:29:53
  3. Running from C:\Users\OEM\Downloads
  4. Loaded Profiles: OEM & UpdatusUser (Available profiles: OEM & UpdatusUser)
  5. Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Polish (Poland)
  6. Internet Explorer Version 11 (Default browser: Chrome)
  7. Boot Mode: Normal
  8. Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
  9.  
  10. ==================== Processes (Whitelisted) =================
  11.  
  12. (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
  13.  
  14. (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
  15. (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
  16. (AVAST Software) C:\Avast\AvastSvc.exe
  17. (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
  18. (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
  19. (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
  20. (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
  21. (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
  22. (Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
  23. (Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
  24. (Spotify Ltd) C:\Users\OEM\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
  25. (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
  26. (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
  27. (Google Inc.) C:\Users\OEM\AppData\Local\Google\Chrome\Application\chrome.exe
  28. (Google Inc.) C:\Users\OEM\AppData\Local\Google\Chrome\Application\chrome.exe
  29. (Google Inc.) C:\Users\OEM\AppData\Local\Google\Chrome\Application\chrome.exe
  30. (Google Inc.) C:\Users\OEM\AppData\Local\Google\Chrome\Application\chrome.exe
  31. (AVAST Software) C:\Avast\avastui.exe
  32. (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
  33. (Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
  34. (Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
  35. (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
  36. (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
  37. (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
  38. (Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
  39. (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
  40. (Google Inc.) C:\Users\OEM\AppData\Local\Google\Chrome\Application\chrome.exe
  41. (TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
  42. (Google Inc.) C:\Users\OEM\AppData\Local\Google\Chrome\Application\chrome.exe
  43. (Microsoft Corporation) C:\Windows\System32\taskmgr.exe
  44. (Google Inc.) C:\Users\OEM\AppData\Local\Google\Chrome\Application\chrome.exe
  45. (Google Inc.) C:\Users\OEM\AppData\Local\Google\Chrome\Application\chrome.exe
  46. (Google Inc.) C:\Users\OEM\AppData\Local\Google\Chrome\Application\chrome.exe
  47. (Google Inc.) C:\Users\OEM\AppData\Local\Google\Chrome\Application\chrome.exe
  48. (Google Inc.) C:\Users\OEM\AppData\Local\Google\Chrome\Application\chrome.exe
  49. (Google Inc.) C:\Users\OEM\AppData\Local\Google\Chrome\Application\chrome.exe
  50. (OldTimer Tools) C:\Users\OEM\Downloads\OTL.exe
  51. () C:\Users\OEM\Downloads\setup_11.0.3.8.x01_2015_01_07_21_35.exe
  52. () C:\Users\OEM\AppData\Local\Temp\RarSFX0\7867916.exe
  53. (Kaspersky Lab) C:\Users\OEM\AppData\Local\Temp\9457449\7867916.exe
  54. (Google Inc.) C:\Users\OEM\AppData\Local\Google\Chrome\Application\chrome.exe
  55. (Google Inc.) C:\Users\OEM\AppData\Local\Google\Chrome\Application\chrome.exe
  56. (Google Inc.) C:\Users\OEM\AppData\Local\Google\Chrome\Application\chrome.exe
  57. (Google Inc.) C:\Users\OEM\AppData\Local\Google\Chrome\Application\chrome.exe
  58. (Microsoft Corporation) C:\Windows\System32\mobsync.exe
  59. (Microsoft Corporation) C:\Windows\System32\dllhost.exe
  60. (Google Inc.) C:\Users\OEM\AppData\Local\Google\Chrome\Application\chrome.exe
  61. (Microsoft Corporation) C:\Windows\System32\dllhost.exe
  62.  
  63.  
  64. ==================== Registry (Whitelisted) ==================
  65.  
  66. (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
  67.  
  68. HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12681320 2011-08-25] (Realtek Semiconductor)
  69. HKLM\...\Run: [Monitor] => C:\Windows\PixArt\PAC207\Monitor.exe
  70. HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-12-10] (Adobe Systems Incorporated)
  71. HKLM\...\Run: [ctfmon] => cftmon
  72. HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
  73. HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
  74. HKLM-x32\...\Run: [NBKeyScan] => C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2213160 2007-12-03] (Nero AG)
  75. HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
  76. HKLM-x32\...\Run: [USB Gamepad] => C:\Windows\USB Vibration\dr100&110\USB Gamepad.exe -boot
  77. HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2239376 2013-12-19] (Adobe Systems Incorporated)
  78. HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
  79. HKLM-x32\...\Run: [] => [X]
  80. HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)
  81. HKLM-x32\...\Run: [AvastUI.exe] => C:\Avast\AvastUI.exe [5227112 2014-12-12] (AVAST Software)
  82. HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3838800 2014-12-13] (LogMeIn Inc.)
  83. HKLM-x32\...\RunOnce: [GrpConv] => grpconv -o
  84. HKU\S-1-5-21-1594613888-1835592070-1742538978-1000\...\Run: [Google Update] => C:\Users\OEM\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-20] (Google Inc.)
  85. HKU\S-1-5-21-1594613888-1835592070-1742538978-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3477312 2012-01-19] (DT Soft Ltd)
  86. HKU\S-1-5-21-1594613888-1835592070-1742538978-1000\...\Run: [Akamai NetSession Interface] => "C:\Users\OEM\AppData\Local\Akamai\netsession_win.exe"
  87. HKU\S-1-5-21-1594613888-1835592070-1742538978-1000\...\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [1688872 2007-12-13] (Nero AG)
  88. HKU\S-1-5-21-1594613888-1835592070-1742538978-1000\...\Run: [Mkwowa] => C:\Users\OEM\AppData\Roaming\Mkwowa.exe
  89. HKU\S-1-5-21-1594613888-1835592070-1742538978-1000\...\Run: [AdobeBridge] => [X]
  90. HKU\S-1-5-21-1594613888-1835592070-1742538978-1000\...\Run: [screenSHU] => C:\Program Files (x86)\screenSHU\screenSHU.exe [2112000 2013-09-04] ()
  91. HKU\S-1-5-21-1594613888-1835592070-1742538978-1000\...\Run: [Speech Recognition] => C:\Windows\Speech\Common\sapisvr.exe [44544 2009-07-14] (Microsoft Corporation)
  92. HKU\S-1-5-21-1594613888-1835592070-1742538978-1000\...\Run: [BitTorrent] => C:\Users\OEM\AppData\Roaming\BitTorrent\BitTorrent.exe [1388888 2014-11-26] (BitTorrent Inc.)
  93. HKU\S-1-5-21-1594613888-1835592070-1742538978-1000\...\Run: [Spotify Web Helper] => C:\Users\OEM\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1514040 2014-10-17] (Spotify Ltd)
  94. HKU\S-1-5-21-1594613888-1835592070-1742538978-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30872168 2014-12-11] (Skype Technologies S.A.)
  95. HKU\S-1-5-21-1594613888-1835592070-1742538978-1000\...\Run: [GoogleChromeAutoLaunch_344DDB7B60937B1E369F7AD19F7CD062] => C:\Users\OEM\AppData\Local\Google\Chrome\Application\chrome.exe [856904 2014-12-06] (Google Inc.)
  96. HKU\S-1-5-21-1594613888-1835592070-1742538978-1000\...\MountPoints2: {3db98ed7-ad3b-11e1-9e2b-5404a68493e4} - I:\LGAutoRun.exe
  97. Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NCdownloader.lnk
  98. ShortcutTarget: NCdownloader.lnk -> C:\Program Files (x86)\Solibo Ltd\NCdownloader\NCdownloader.exe (No File)
  99. Startup: C:\Users\OEM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_11793020.lnk
  100. ShortcutTarget: _uninst_11793020.lnk -> C:\Users\OEM\AppData\Local\Temp\_uninst_11793020.bat ()
  101. ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
  102. ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
  103. ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
  104. ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Avast\ashShA64.dll (AVAST Software)
  105. ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\OEM\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
  106. ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\OEM\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
  107. ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\OEM\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
  108. ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\OEM\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
  109. ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.)
  110. ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.)
  111. ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.)
  112. ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.)
  113. ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\OEM\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
  114. ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\OEM\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
  115. ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\OEM\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
  116. ShellIconOverlayIdentifiers-x32: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\OEM\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
  117. CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
  118.  
  119. ==================== Internet (Whitelisted) ====================
  120.  
  121. (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
  122.  
  123. HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
  124. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
  125. HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
  126. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
  127. HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
  128. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
  129. HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
  130. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
  131. URLSearchHook: HKLM-x32 - (No Name) - {79b8e308-95a2-4044-932d-80e833a863cc} - No File
  132. StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
  133. SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  134. SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  135. SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  136. SearchScopes: HKU\S-1-5-21-1594613888-1835592070-1742538978-1007 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  137. BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
  138. BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Avast\aswWebRepIE64.dll (AVAST Software)
  139. BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
  140. BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
  141. BHO-x32: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx No File
  142. BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll No File
  143. BHO-x32: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> D:\Gry\GTA SA\Patch'e do mojego filmu\BitComet\tools\BitCometBHO_1.5.4.11.dll No File
  144. BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
  145. BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll No File
  146. BHO-x32: No Name -> {79b8e308-95a2-4044-932d-80e833a863cc} -> No File
  147. BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Avast\aswWebRepIE.dll (AVAST Software)
  148. BHO-x32: Pomocnik logowania za pomocą identyfikatora Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll No File
  149. BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll No File
  150. Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
  151. Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\\mscoree.dll (Microsoft Corporation)
  152. Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\\mscoree.dll (Microsoft Corporation)
  153. Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\\mscoree.dll (Microsoft Corporation)
  154. Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\\mscoree.dll (Microsoft Corporation)
  155. Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\\mscoree.dll (Microsoft Corporation)
  156. Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\\mscoree.dll (Microsoft Corporation)
  157. Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
  158.  
  159. FireFox:
  160. ========
  161. FF ProfilePath: C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\ksvriy42.default
  162. FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
  163. FF Plugin: @java.com/DTPlugin,version=10.72.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
  164. FF Plugin: @java.com/JavaPlugin,version=10.72.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
  165. FF Plugin: @microsoft.com/GENUINE -> disabled No File
  166. FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
  167. FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
  168. FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll No File
  169. FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
  170. FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
  171. FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
  172. FF Plugin-x32: @esn/esnlaunch,version=1.116.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll No File
  173. FF Plugin-x32: @esn/esnlaunch,version=1.122.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll No File
  174. FF Plugin-x32: @esn/esnlaunch,version=1.138.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll No File
  175. FF Plugin-x32: @esn/esnlaunch,version=2.1.3 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll No File
  176. FF Plugin-x32: @esn/esnlaunch,version=2.1.7 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll No File
  177. FF Plugin-x32: @esn/npbattlelog,version=2.3.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll (EA Digital Illusions CE AB)
  178. FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
  179. FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
  180. FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
  181. FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
  182. FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
  183. FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
  184. FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
  185. FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
  186. FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll No File
  187. FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
  188. FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
  189. FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
  190. FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
  191. FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
  192. FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
  193. FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
  194. FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll No File
  195. FF Plugin HKU\S-1-5-21-1594613888-1835592070-1742538978-1000: @eximion.com/KalydoPlayer -> C:\Users\OEM\AppData\Roaming\Kalydo\KalydoPlayer\bin2\npkalydo.dll (Eximion B.V.)
  196. FF Plugin HKU\S-1-5-21-1594613888-1835592070-1742538978-1000: @tools.google.com/Google Update;version=3 -> C:\Users\OEM\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
  197. FF Plugin HKU\S-1-5-21-1594613888-1835592070-1742538978-1000: @tools.google.com/Google Update;version=9 -> C:\Users\OEM\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
  198. FF Plugin HKU\S-1-5-21-1594613888-1835592070-1742538978-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\OEM\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
  199. FF Plugin HKU\S-1-5-21-1594613888-1835592070-1742538978-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
  200. FF Extension: TheTorntv V10 - C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\ksvriy42.default\Extensions\a338c5448f724f94af2f11@cc4cdd6788a64e7ca7d83cb2cd.com [2014-09-07]
  201. FF Extension: Total-1.8 - C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\ksvriy42.default\Extensions\randlphtim@hotmail.com [2014-09-07]
  202. FF Extension: SearchNewTab - C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\ksvriy42.default\Extensions\rrtayi@suhyai.edu [2014-02-21]
  203. FF Extension: Address Bar Search - C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\ksvriy42.default\Extensions\{badea1ae-72ed-4f6a-8c37-4db9a4ac7bc9} [2013-08-30]
  204. FF Extension: Cyti Web 1.0.1 - C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\ksvriy42.default\Extensions\{7b7db604-54eb-492b-a629-19e0f0c6ac57}.xpi [2015-01-02]
  205. FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
  206. FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Avast\WebRep\FF
  207. FF Extension: Avast Online Security - C:\Avast\WebRep\FF [2014-09-29]
  208. FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
  209.  
  210. Chrome:
  211. =======
  212. CHR HomePage: Default -> hxxp://www.google.com/
  213. CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
  214. CHR Profile: C:\Users\OEM\AppData\Local\Google\Chrome\User Data\Default
  215. CHR Extension: (Oslo) - C:\Users\OEM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgakcphlmhcjokgoiofdmgdcnbjnllcb [2014-10-05]
  216. CHR Extension: (Adblock Plus) - C:\Users\OEM\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-06-20]
  217. CHR Extension: (PanicButton) - C:\Users\OEM\AppData\Local\Google\Chrome\User Data\Default\Extensions\faminaibgiklngmfpfbhmokfmnglamcm [2014-10-21]
  218. CHR Extension: (Avast Online Security) - C:\Users\OEM\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-09-30]
  219. CHR Extension: (Voice Recognition) - C:\Users\OEM\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikjmfindklfaonkodbnidahohdfbdhkn [2014-09-24]
  220. CHR Extension: (Disconnect) - C:\Users\OEM\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2014-06-20]
  221. CHR Extension: (Ghostery) - C:\Users\OEM\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2014-06-20]
  222. CHR Extension: (Google Wallet) - C:\Users\OEM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
  223. CHR Extension: (Google Publisher Toolbar) - C:\Users\OEM\AppData\Local\Google\Chrome\User Data\Default\Extensions\omioeahgfecgfpfldejlnideemfidnkc [2014-11-15]
  224. CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-17]
  225. CHR HKLM-x32\...\Chrome\Extension: [liibpejlpebkfpddljfpipkpjhphifon] - C:\Program Files (x86)\Savevid\SavevidChrome.crx [Not Found]
  226. CHR StartMenuInternet: Google Chrome - C:\Users\OEM\AppData\Local\Google\Chrome\Application\chrome.exe
  227.  
  228. ==================== Services (Whitelisted) =================
  229.  
  230. (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
  231.  
  232. R2 avast! Antivirus; C:\Avast\AvastSvc.exe [50344 2014-11-17] (AVAST Software)
  233. S2 HiPatchService; E:\Smite\HiPatchService.exe [9216 2014-08-22] (Hi-Rez Studios) [File not signed]
  234. S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
  235. S2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe [22768 2014-03-22] (Microsoft Corporation)
  236. R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2014-12-02] (LogMeIn, Inc.)
  237. S3 MSSQL$SONY_MEDIAMGR; C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [7520337 2002-12-17] (Microsoft Corporation) [File not signed]
  238. S3 MSSQLServerADHelper; C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [66112 2002-12-17] (Microsoft Corporation) [File not signed]
  239. R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [869672 2007-12-03] (Nero AG)
  240. R3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [447784 2007-12-13] (Nero AG)
  241. S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-05-16] ()
  242. R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.)
  243. S3 SQLAgent$SONY_MEDIAMGR; C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [311872 2002-12-17] (Microsoft Corporation) [File not signed]
  244. S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
  245. R3 WinHttpAutoProxySvc; C:\Windows\System32\\winhttp.dll [444416 2010-11-20] (Microsoft Corporation)
  246. R3 WinHttpAutoProxySvc; C:\Windows\SysWOW64\\winhttp.dll [351232 2010-11-20] (Microsoft Corporation)
  247. S2 XapcnPhoneService; C:\Program Files (x86)\爱应用PC版\wp8svc.exe [34608 2014-01-26] () [File not signed]
  248. S2 8ffb8f2d; "C:\Windows\system32\rundll32.exe" "c:\progra~3\winsys~1\WinsysfilterSvc.dll",service
  249. S3 BITCOMET_HELPER_SERVICE; D:\Gry\GTA SA\Patch'e do mojego filmu\BitComet\tools\BitCometService.exe -service [X]
  250. S3 McComponentHostService; "C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe" [X]
  251. S3 MozillaMaintenance; "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe" [X]
  252. S2 MsgPlusService; "C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe" [X]
  253. S2 PowerMon; cmd /c start cmd /c "ping -n 300 127.0.0.1 & C:\Windows\Temp\PowerMon\PowerMon.exe -o stratum+tcp://stratum.mining.eligius.st:3334 -O 12jgfM7qaFhKBYEz7KRjqdjBcz22d48bNh" [X]
  254.  
  255. ==================== Drivers (Whitelisted) ====================
  256.  
  257. (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
  258.  
  259. R0 11793020; C:\Windows\System32\DRIVERS\11793020.sys [458336 2015-01-07] (Kaspersky Lab ZAO)
  260. R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
  261. R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-17] ()
  262. R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-17] (AVAST Software)
  263. R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-17] (AVAST Software)
  264. R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-17] ()
  265. R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-23] (AVAST Software)
  266. R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-17] (AVAST Software)
  267. R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-17] (AVAST Software)
  268. R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-17] ()
  269. R1 CSN5PDCapsax64; C:\Windows\System32\Drivers\CSN5PDCapsax64.sys [36024 2014-02-18] (Colasoft Co., Ltd.)
  270. R1 CSN5PDTS82x64; C:\Windows\System32\Drivers\CSN5PDTS82x64.sys [34840 2012-10-24] (Colasoft Co., Ltd.)
  271. R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-01-28] (DT Soft Ltd)
  272. S2 DVDRIVER; C:\Windows\System32\DRIVERS\dvdriver.sys [39240 2009-11-18] (Eagletron Inc.)
  273. S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [13088 2011-03-02] ()
  274. S3 h647906; C:\Windows\System32\drivers\h647906.sys [63856 2008-08-08] (Your Corporation)
  275. S3 h648101; C:\Windows\System32\drivers\h648101.sys [65776 2008-08-08] (Your Corporation)
  276. S3 h648103; C:\Windows\System32\drivers\h648103.sys [62960 2008-08-08] (Your Corporation)
  277. S3 hid7906; C:\Windows\SysWOW64\drivers\hid7906.sys [41272 2008-08-08] (Your Corporation)
  278. S3 hid8101; C:\Windows\SysWOW64\drivers\hid8101.sys [43192 2008-08-08] (Your Corporation)
  279. S3 hid8103; C:\Windows\SysWOW64\drivers\hid8103.sys [40856 2008-08-08] (Your Corporation)
  280. R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2014-10-15] (REALiX(tm))
  281. R3 LgBttPort; C:\Windows\System32\DRIVERS\lgbtpt64.sys [16384 2009-09-29] (LG Electronics Inc.)
  282. R3 lgbusenum; C:\Windows\System32\DRIVERS\lgbtbs64.sys [14848 2009-09-29] (LG Electronics Inc.)
  283. R3 LGVMODEM; C:\Windows\System32\DRIVERS\lgvmdm64.sys [17408 2009-09-29] (LG Electronics Inc.)
  284. R3 MsgPlusDriver; C:\Windows\System32\DRIVERS\MsgPlusDriver.sys [125392 2013-05-07] (Yune Software)
  285. R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-17] ()
  286. S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [572416 2006-12-05] (PixArt Imaging Inc.)
  287. S3 PAC207; C:\Windows\SysWOW64\DRIVERS\PFC027.SYS [617088 2007-10-25] (PixArt Imaging Inc.)
  288. S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2010-01-21] (LG Electronics Inc.)
  289. S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [27648 2010-01-21] (LG Electronics Inc.)
  290. S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [33280 2010-01-21] (LG Electronics Inc.)
  291. S3 VCSVADHWSer; C:\Windows\System32\DRIVERS\vcsvad.sys [21504 2008-12-26] (Avnex) [File not signed]
  292. U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
  293. S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
  294. S1 CSN5PDTS82; System32\Drivers\CSN5PDTS82.sys [X]
  295. S1 CsNdisLWF; System32\Drivers\CsNdisLWF.sys [X]
  296. S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
  297. S3 FairplayKD1; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
  298. S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
  299. S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
  300. S3 VGPU; System32\drivers\rdvgkmd.sys [X]
  301. S3 WinRing0_1_2_0; \??\E:\BEST-TORRENTS.NET\Driver\WinRing0x64.sys [X]
  302. S3 X6va008; \??\C:\Windows\SysWOW64\Drivers\X6va008 [X]
  303. S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
  304.  
  305. ==================== NetSvcs (Whitelisted) ===================
  306.  
  307. (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
  308.  
  309.  
  310. ==================== One Month Created Files and Folders ========
  311.  
  312. (If an entry is included in the fixlist, the file\folder will be moved.)
  313.  
  314. 2015-01-07 21:29 - 2015-01-07 21:30 - 00031607 _____ () C:\Users\OEM\Downloads\FRST.txt
  315. 2015-01-07 21:29 - 2015-01-07 21:29 - 00380416 _____ () C:\Users\OEM\Downloads\5jp7zsc6.exe
  316. 2015-01-07 21:29 - 2015-01-07 21:29 - 00000000 ____D () C:\FRST
  317. 2015-01-07 21:27 - 2015-01-07 21:28 - 02124288 _____ (Farbar) C:\Users\OEM\Downloads\FRST64.exe
  318. 2015-01-07 21:06 - 2015-01-07 21:06 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
  319. 2015-01-07 21:04 - 2015-01-07 21:34 - 00458336 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\11793020.sys
  320. 2015-01-07 21:00 - 2015-01-07 21:02 - 168242448 _____ () C:\Users\OEM\Downloads\setup_11.0.3.8.x01_2015_01_07_21_35.exe
  321. 2015-01-07 20:56 - 2015-01-07 20:56 - 00299658 _____ () C:\Users\OEM\Downloads\Extras.Txt
  322. 2015-01-07 20:54 - 2015-01-07 20:54 - 00140608 _____ () C:\Users\OEM\Downloads\OTL.Txt
  323. 2015-01-07 20:34 - 2015-01-07 20:34 - 00602112 _____ (OldTimer Tools) C:\Users\OEM\Downloads\OTL.exe
  324. 2015-01-06 19:09 - 2015-01-06 22:33 - 01244672 _____ () C:\Users\OEM\Downloads\SEBSK prezentacja.ppt
  325. 2015-01-05 22:20 - 2015-01-05 22:20 - 00056325 _____ (Chime Softwares) C:\Users\OEM\Downloads\Glass2k.exe
  326. 2015-01-04 18:24 - 2015-01-06 14:48 - 01001063 _____ () C:\Users\OEM\Desktop\prezentacja.pptx
  327. 2015-01-03 00:22 - 2015-01-03 00:22 - 02173952 _____ () C:\Users\OEM\Downloads\AdwCleaner.exe
  328. 2015-01-02 18:12 - 2015-01-02 18:12 - 00011222 _____ () C:\Users\OEM\Downloads\[kickass.so]audiosurf.english.torrent
  329. 2015-01-02 18:12 - 2015-01-02 18:12 - 00011222 _____ () C:\Users\OEM\Downloads\[kickass.so]audiosurf.english (1).torrent
  330. 2015-01-02 18:03 - 2015-01-02 18:03 - 00012946 _____ () C:\Users\OEM\Downloads\[kickass.so]audiosurf.2.beta.v12.10.2013.torrent
  331. 2015-01-02 17:52 - 2015-01-02 17:52 - 00025312 _____ () C:\Users\OEM\Downloads\Audiosurf_2_Early_Access_-_full_game_(04.10.2013).torrent
  332. 2015-01-02 17:48 - 2015-01-02 17:48 - 00062879 _____ () C:\Users\OEM\Downloads\AudioSurf_Detonation_[ENG]_[FULL][Torrenty.org].torrent
  333. 2015-01-02 17:48 - 2015-01-02 17:48 - 00062879 _____ () C:\Users\OEM\Downloads\AudioSurf_Detonation_[ENG]_[FULL][Torrenty.org] (2).torrent
  334. 2015-01-02 17:48 - 2015-01-02 17:48 - 00062879 _____ () C:\Users\OEM\Downloads\AudioSurf_Detonation_[ENG]_[FULL][Torrenty.org] (1).torrent
  335. 2015-01-02 17:46 - 2015-01-02 17:46 - 00017437 _____ () C:\Users\OEM\Downloads\Audiosurf_[ENG]_[FULL]_[DETONATiON][Torrenty.org].torrent
  336. 2015-01-02 17:38 - 2015-01-02 17:38 - 00010813 _____ () C:\Users\OEM\Downloads\AudioSurf_[ENG]_[FULL][Torrenty.org].torrent
  337. 2015-01-02 14:44 - 2015-01-02 14:44 - 00000572 _____ () C:\Users\OEM\Desktop\osu!.lnk
  338. 2015-01-02 14:44 - 2015-01-02 14:44 - 00000572 _____ () C:\Users\OEM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\osu!.lnk
  339. 2015-01-02 14:42 - 2015-01-02 14:43 - 03181128 _____ (ppy) C:\Users\OEM\Downloads\osu!install.exe
  340. 2014-12-30 18:33 - 2014-12-30 18:33 - 00000509 _____ () C:\Users\Public\Desktop\CPUID CPU-Z.lnk
  341. 2014-12-30 18:33 - 2014-12-30 18:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
  342. 2014-12-30 18:32 - 2014-12-30 18:33 - 01577512 _____ ( ) C:\Users\OEM\Downloads\cpu-z_1.71-setup-en.exe
  343. 2014-12-29 14:07 - 2014-12-29 14:07 - 00000863 _____ () C:\Users\OEM\Desktop\dBpoweramp Batch Converter.lnk
  344. 2014-12-29 14:07 - 2014-12-29 14:07 - 00000858 _____ () C:\Users\OEM\Desktop\dBpoweramp Music Converter.lnk
  345. 2014-12-29 14:07 - 2014-12-29 14:07 - 00000816 _____ () C:\Users\OEM\Desktop\dBpoweramp CD Ripper.lnk
  346. 2014-12-29 14:00 - 2014-12-29 14:00 - 00015849 _____ () C:\Windows\SysWOW64\SpoonUninstall-dBpoweramp.dat
  347. 2014-12-29 14:00 - 2014-12-29 14:00 - 00014618 _____ () C:\Windows\SysWOW64\SpoonUninstall-dBpoweramp DSP Effects.dat
  348. 2014-12-29 14:00 - 2014-12-29 14:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\dBpoweramp
  349. 2014-12-29 13:59 - 2014-12-29 14:00 - 00000000 ____D () C:\Program Files\dBpoweramp
  350. 2014-12-29 13:59 - 2014-12-29 13:59 - 25782208 _____ () C:\Users\OEM\Downloads\dMC-R15.1-Ref-Trial.exe
  351. 2014-12-29 13:42 - 2014-12-29 13:42 - 01855815 _____ () C:\Users\OEM\Downloads\hldj64_1.6.02.zip
  352. 2014-12-29 13:42 - 2014-12-29 13:42 - 01844142 _____ () C:\Users\OEM\Downloads\hldj32_1.6.02.zip
  353. 2014-12-27 13:05 - 2014-12-27 13:05 - 00181774 _____ () C:\Users\OEM\Downloads\ClownfishVoiceChanger-v1.16.ts3_plugin
  354. 2014-12-22 20:46 - 2014-12-22 20:46 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
  355. 2014-12-22 20:46 - 2014-12-22 20:46 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
  356. 2014-12-22 20:46 - 2014-12-22 20:46 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
  357. 2014-12-22 20:46 - 2014-12-22 20:46 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
  358. 2014-12-22 20:44 - 2014-12-22 20:44 - 31036328 _____ (Oracle Corporation) C:\Users\OEM\Downloads\jre-7u72-windows-x64.exe
  359. 2014-12-22 20:10 - 2014-12-24 12:16 - 00000068 _____ () C:\Users\OEM\.atl.properties
  360. 2014-12-22 20:09 - 2014-12-23 11:21 - 00000000 ____D () C:\Users\OEM\Desktop\Servers
  361. 2014-12-22 20:09 - 2014-12-22 20:11 - 00000000 ____D () C:\Users\OEM\Desktop\Configs
  362. 2014-12-22 20:07 - 2014-12-22 20:07 - 01578300 _____ () C:\Users\OEM\Desktop\ATLauncher.exe
  363. 2014-12-19 20:44 - 2014-12-19 20:46 - 323125248 _____ () C:\Users\OEM\Downloads\M2U01692.MPG
  364. 2014-12-18 21:28 - 2014-12-18 21:28 - 00001972 _____ () C:\Users\OEM\Desktop\Drakensang Online.lnk
  365. 2014-12-18 21:28 - 2014-12-18 21:28 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Drakensang Online
  366. 2014-12-18 21:28 - 2014-12-18 21:28 - 00000000 ____D () C:\Program Files (x86)\Drakensang Online
  367. 2014-12-18 17:29 - 2014-12-21 11:50 - 00000000 ____D () C:\Program Files (x86)\Metin2 Ravia.eu
  368. 2014-12-18 17:29 - 2014-12-18 17:29 - 00001072 _____ () C:\Users\Public\Desktop\Metin2 Ravia.eu - Uruchom.lnk
  369. 2014-12-18 17:29 - 2014-12-18 17:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metin2 Ravia.eu
  370. 2014-12-18 17:13 - 2014-12-18 17:29 - 531329493 _____ () C:\Users\OEM\Downloads\Ravia_GameClient_2014-09-19.exe
  371. 2014-12-17 18:44 - 2014-12-17 18:44 - 00000000 _____ () C:\Users\OEM\Desktop\Edite la' Valette.txt
  372. 2014-12-17 17:24 - 2014-12-17 17:24 - 00000608 _____ () C:\Users\OEM\Desktop\Any Audio Converter.lnk
  373. 2014-12-17 17:24 - 2014-12-17 17:24 - 00000000 ____D () C:\Users\OEM\Documents\Temp
  374. 2014-12-17 17:24 - 2014-12-17 17:24 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\AnvSoft
  375. 2014-12-17 17:24 - 2014-12-17 17:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft
  376. 2014-12-15 15:25 - 2014-12-15 15:33 - 00276696 _____ () C:\Users\OEM\Downloads\Instrumental Core-The Angels Among Demons camaya klubnaya muzyka tolko u nas, zahodi k nam http---vk.com-clubmusictlt (www.myfreesongs.cc).mp3.sfk
  377. 2014-12-15 13:03 - 2014-12-15 13:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
  378. 2014-12-15 13:03 - 2014-12-15 13:03 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
  379. 2014-12-12 15:23 - 2014-12-12 15:23 - 531329493 _____ () C:\Users\OEM\Downloads\Niepotwierdzony 156778.crdownload
  380. 2014-12-10 22:07 - 2014-12-16 20:09 - 02385908 _____ () C:\Users\OEM\Documents\Coś o mnie.pptx
  381. 2014-12-09 16:46 - 2014-12-09 16:48 - 06571359 _____ () C:\Users\OEM\Downloads\Metin2Mod_PL_0912014.exe
  382.  
  383. ==================== One Month Modified Files and Folders =======
  384.  
  385. (If an entry is included in the fixlist, the file\folder will be moved.)
  386.  
  387. 2015-01-07 21:27 - 2012-10-06 10:43 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\Skype
  388. 2015-01-07 21:22 - 2013-01-25 17:43 - 00000020 _____ () C:\Windows\capsys184523.log
  389. 2015-01-07 21:16 - 2012-03-24 16:32 - 00001048 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
  390. 2015-01-07 21:09 - 2012-06-30 06:04 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
  391. 2015-01-07 21:06 - 2011-12-26 17:55 - 00001050 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1594613888-1835592070-1742538978-1000UA.job
  392. 2015-01-07 20:02 - 2012-12-03 19:02 - 00000000 ____D () C:\Users\OEM\AppData\Local\CrashDumps
  393. 2015-01-07 19:49 - 2012-02-23 13:27 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\TS3Client
  394. 2015-01-07 19:06 - 2011-12-26 17:55 - 00000998 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1594613888-1835592070-1742538978-1000Core.job
  395. 2015-01-07 18:30 - 2011-12-19 18:56 - 01377263 _____ () C:\Windows\WindowsUpdate.log
  396. 2015-01-07 17:55 - 2013-10-13 19:50 - 00000000 ____D () C:\Users\OEM\AppData\Local\screenSHU
  397. 2015-01-07 17:44 - 2014-03-30 09:18 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\BitTorrent
  398. 2015-01-07 17:30 - 2014-09-07 16:30 - 00001324 _____ () C:\Windows\Tasks\VIL.job
  399. 2015-01-07 17:29 - 2014-09-07 16:29 - 00001326 _____ () C:\Windows\Tasks\KXUR.job
  400. 2015-01-07 17:27 - 2013-11-20 20:21 - 00000000 ____D () C:\Users\OEM\AppData\Local\LogMeIn Hamachi
  401. 2015-01-07 17:26 - 2009-07-14 05:45 - 05138896 _____ () C:\Windows\system32\FNTCACHE.DAT
  402. 2015-01-07 17:23 - 2014-09-07 16:22 - 00001330 _____ () C:\Windows\Tasks\YNYESL.job
  403. 2015-01-07 17:23 - 2014-04-09 15:24 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
  404. 2015-01-07 17:23 - 2012-03-24 16:32 - 00001044 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
  405. 2015-01-07 17:22 - 2011-12-19 12:17 - 00000000 ____D () C:\ProgramData\NVIDIA
  406. 2015-01-07 17:22 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
  407. 2015-01-07 17:22 - 2009-07-14 05:51 - 00318862 _____ () C:\Windows\setupact.log
  408. 2015-01-07 17:16 - 2009-07-14 05:45 - 00010240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
  409. 2015-01-07 17:16 - 2009-07-14 05:45 - 00010240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
  410. 2015-01-07 17:13 - 2009-07-14 18:55 - 00772066 _____ () C:\Windows\system32\perfh015.dat
  411. 2015-01-07 17:13 - 2009-07-14 18:55 - 00171280 _____ () C:\Windows\system32\perfc015.dat
  412. 2015-01-07 17:13 - 2009-07-14 06:13 - 01763844 _____ () C:\Windows\system32\PerfStringBackup.INI
  413. 2015-01-07 14:13 - 2012-10-04 05:49 - 00000000 ____D () C:\Users\OEM\AppData\Local\Adobe
  414. 2015-01-07 14:05 - 2014-09-29 19:38 - 00004124 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
  415. 2015-01-06 11:40 - 2014-12-03 17:36 - 00000000 ____D () C:\Program Files (x86)\Cryptic Studios
  416. 2015-01-04 23:14 - 2013-09-22 20:09 - 00000000 ____D () C:\Users\OEM\AppData\Local\Battle.net
  417. 2015-01-03 14:20 - 2014-01-07 20:09 - 00000000 ____D () C:\Users\OEM\Documents\FIFA 14
  418. 2015-01-03 00:34 - 2011-12-27 08:23 - 01870474 _____ () C:\Windows\PFRO.log
  419. 2015-01-03 00:33 - 2014-08-29 09:24 - 00000000 ____D () C:\AdwCleaner
  420. 2015-01-02 22:09 - 2009-07-14 03:34 - 00000881 _____ () C:\Windows\win.ini
  421. 2015-01-02 20:14 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
  422. 2015-01-02 15:29 - 2013-04-16 17:07 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\OBS
  423. 2014-12-31 18:33 - 2013-01-25 17:43 - 00003924 _____ () C:\Windows\windefendam.log
  424. 2014-12-29 14:00 - 2013-05-22 10:10 - 05530560 _____ () C:\Windows\SysWOW64\SpoonUninstall.exe
  425. 2014-12-29 13:51 - 2012-11-13 15:54 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\Audacity
  426. 2014-12-23 19:24 - 2013-02-19 09:30 - 00000000 ___RD () C:\Program Files (x86)\Skype
  427. 2014-12-23 19:24 - 2012-10-06 11:49 - 00000000 ____D () C:\ProgramData\Skype
  428. 2014-12-23 15:50 - 2014-09-07 14:53 - 00000036 _____ () C:\Users\OEM\Desktop\yay.txt
  429. 2014-12-22 20:10 - 2011-12-19 12:02 - 00000000 ____D () C:\Users\OEM
  430. 2014-12-22 20:03 - 2014-06-16 13:57 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\.minecraft
  431. 2014-12-17 15:55 - 2014-09-29 19:33 - 00000000 ____D () C:\Avast
  432. 2014-12-15 20:15 - 2014-11-16 18:16 - 00000598 _____ () C:\Users\OEM\Desktop\Ucze sie.txt
  433. 2014-12-12 16:21 - 2014-04-07 19:49 - 00000000 ____D () C:\Program Files (x86)\Battle.net
  434. 2014-12-12 15:11 - 2012-09-23 11:29 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
  435. 2014-12-12 14:57 - 2012-06-30 06:04 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
  436. 2014-12-12 14:57 - 2012-06-30 06:04 - 00003868 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
  437. 2014-12-12 14:57 - 2011-12-26 17:54 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
  438.  
  439. Files to move or delete:
  440. ====================
  441. C:\Windows\System32\mctadmin.exe
  442. C:\ProgramData\hash.dat
  443.  
  444.  
  445. Some content of TEMP:
  446. ====================
  447. C:\Users\OEM\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmppmr6jx.dll
  448. C:\Users\OEM\AppData\Local\Temp\HiPatchSelfUpdateWindow.exe
  449. C:\Users\OEM\AppData\Local\Temp\HiRezLauncherControls.dll
  450. C:\Users\OEM\AppData\Local\Temp\ICReinstall_SevenZip_9.20.x.exe
  451. C:\Users\OEM\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
  452. C:\Users\OEM\AppData\Local\Temp\NGM.exe
  453. C:\Users\OEM\AppData\Local\Temp\NGMDll.dll
  454. C:\Users\OEM\AppData\Local\Temp\NGMResource.dll
  455. C:\Users\OEM\AppData\Local\Temp\qflucgtl.b3d.exe
  456. C:\Users\OEM\AppData\Local\Temp\Quarantine.exe
  457. C:\Users\OEM\AppData\Local\Temp\rzer3hqo.f2s.exe
  458. C:\Users\OEM\AppData\Local\Temp\sfamcc00001.dll
  459. C:\Users\OEM\AppData\Local\Temp\SkypeSetup.exe
  460. C:\Users\OEM\AppData\Local\Temp\sqlite3.dll
  461.  
  462.  
  463. ==================== Bamital & volsnap Check =================
  464.  
  465. (There is no automatic fix for files that do not pass verification.)
  466.  
  467. C:\Windows\System32\winlogon.exe => File is digitally signed
  468. C:\Windows\System32\wininit.exe => File is digitally signed
  469. C:\Windows\SysWOW64\wininit.exe => File is digitally signed
  470. C:\Windows\explorer.exe => File is digitally signed
  471. C:\Windows\SysWOW64\explorer.exe => File is digitally signed
  472. C:\Windows\System32\svchost.exe => File is digitally signed
  473. C:\Windows\SysWOW64\svchost.exe => File is digitally signed
  474. C:\Windows\System32\services.exe => File is digitally signed
  475. C:\Windows\System32\User32.dll => File is digitally signed
  476. C:\Windows\SysWOW64\User32.dll => File is digitally signed
  477. C:\Windows\System32\userinit.exe => File is digitally signed
  478. C:\Windows\SysWOW64\userinit.exe => File is digitally signed
  479. C:\Windows\System32\rpcss.dll => File is digitally signed
  480. C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
  481.  
  482.  
  483. LastRegBack: 2015-01-07 19:26
  484.  
  485. ==================== End Of Log ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!