API tools faq
paste
Advertisement
Aconcagua

FRST

Aconcagua
Mar 7th, 2015
265
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 23.01 KB | None | 0 0
raw download clone embed print report
  1. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-03-2015 01
  2. Ran by Armwrestling (administrator) on SHREK on 07-03-2015 16:08:58
  3. Running from C:\Users\Armwrestling\Downloads
  4. Loaded Profiles: Armwrestling (Available profiles: Armwrestling)
  5. Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Polski (Polska)
  6. Internet Explorer Version 11 (Default browser: FF)
  7. Boot Mode: Normal
  8. Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
  9.  
  10. ==================== Processes (Whitelisted) =================
  11.  
  12. (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
  13.  
  14. (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
  15. (Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
  16. (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
  17. (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
  18. () C:\Windows\SysWOW64\PnkBstrA.exe
  19. (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
  20. (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
  21. (Microsoft Corporation) C:\Windows\System32\dllhost.exe
  22. (Microsoft Corporation) C:\Windows\System32\dllhost.exe
  23. (Microsoft Corporation) C:\Windows\System32\dllhost.exe
  24.  
  25.  
  26. ==================== Registry (Whitelisted) ==================
  27.  
  28. (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
  29.  
  30. HKLM-x32\...\Run: [P17RunE] => RunDll32 P17RunE.dll,RunDLLEntry
  31. HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-26] (AVAST Software)
  32. ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
  33. BootExecute: autocheck autochk /k:I /k:J *
  34.  
  35. ==================== Internet (Whitelisted) ====================
  36.  
  37. (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
  38.  
  39. HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
  40. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
  41. HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds&ts=1409756246&from=smt&uid=WDCXWD10EZEX-00BN5A0_WD-WMC3F229396993969&q={searchTerms}
  42. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds&ts=1409756246&from=smt&uid=WDCXWD10EZEX-00BN5A0_WD-WMC3F229396993969&q={searchTerms}
  43. HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
  44. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
  45. HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
  46. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
  47. HKU\S-1-5-21-3203351795-688609376-3033500021-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
  48. SearchScopes: HKU\S-1-5-21-3203351795-688609376-3033500021-1000 -> DefaultScope {9C833882-489A-442C-931E-55166DBD4AEC} URL = https://www.google.com/search?q={searchTerms}
  49. SearchScopes: HKU\S-1-5-21-3203351795-688609376-3033500021-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  50. SearchScopes: HKU\S-1-5-21-3203351795-688609376-3033500021-1000 -> {9C833882-489A-442C-931E-55166DBD4AEC} URL = https://www.google.com/search?q={searchTerms}
  51. BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-12-12] (Oracle Corporation)
  52. BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-12] (Oracle Corporation)
  53. DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
  54. DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
  55. DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
  56. Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
  57. StartMenuInternet: IEXPLORE.EXE - iexplore.exe
  58.  
  59. FireFox:
  60. ========
  61. FF ProfilePath: C:\Users\Armwrestling\AppData\Roaming\Mozilla\Firefox\Profiles\ce8j0zs7.default
  62. FF Homepage: chrome://fastdial/content/fastdial.html
  63. FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-07] ()
  64. FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [2014-09-01] (EA Digital Illusions CE AB)
  65. FF Plugin: @microsoft.com/GENUINE -> disabled No File
  66. FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
  67. FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-07] ()
  68. FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [2014-09-01] (EA Digital Illusions CE AB)
  69. FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-12-12] (Oracle Corporation)
  70. FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-12-12] (Oracle Corporation)
  71. FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
  72. FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
  73. FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-07-02] (NVIDIA Corporation)
  74. FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-07-02] (NVIDIA Corporation)
  75. FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
  76. FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
  77. FF user.js: detected! => C:\Users\Armwrestling\AppData\Roaming\Mozilla\Firefox\Profiles\ce8j0zs7.default\user.js [2014-09-03]
  78. FF Extension: Fast Dial - C:\Users\Armwrestling\AppData\Roaming\Mozilla\Firefox\Profiles\ce8j0zs7.default\Extensions\fastdial@telega.phpnet.us [2014-09-23]
  79. FF Extension: NetVideoHunter - C:\Users\Armwrestling\AppData\Roaming\Mozilla\Firefox\Profiles\ce8j0zs7.default\Extensions\netvideohunter@netvideohunter.com [2014-08-09]
  80. FF Extension: LastPass - C:\Users\Armwrestling\AppData\Roaming\Mozilla\Firefox\Profiles\ce8j0zs7.default\Extensions\support@lastpass.com [2014-08-03]
  81. FF Extension: Brief - C:\Users\Armwrestling\AppData\Roaming\Mozilla\Firefox\Profiles\ce8j0zs7.default\Extensions\brief@mozdev.org.xpi [2014-10-02]
  82. FF Extension: Element Hiding Helper for Adblock Plus - C:\Users\Armwrestling\AppData\Roaming\Mozilla\Firefox\Profiles\ce8j0zs7.default\Extensions\elemhidehelper@adblockplus.org.xpi [2014-12-28]
  83. FF Extension: Firebug - C:\Users\Armwrestling\AppData\Roaming\Mozilla\Firefox\Profiles\ce8j0zs7.default\Extensions\firebug@software.joehewitt.com.xpi [2014-08-03]
  84. FF Extension: Autofill - C:\Users\Armwrestling\AppData\Roaming\Mozilla\Firefox\Profiles\ce8j0zs7.default\Extensions\firefox-autofill@googlegroups.com.xpi [2014-08-03]
  85. FF Extension: Imgur Uploader - C:\Users\Armwrestling\AppData\Roaming\Mozilla\Firefox\Profiles\ce8j0zs7.default\Extensions\giorgio@gilestro.tk.xpi [2014-08-03]
  86. FF Extension: Ratings Preview for YouTube™ - C:\Users\Armwrestling\AppData\Roaming\Mozilla\Firefox\Profiles\ce8j0zs7.default\Extensions\jid0-G6461UajDjhNAwSukoedlkhD0XA@jetpack.xpi [2014-08-03]
  87. FF Extension: YouTube Center - C:\Users\Armwrestling\AppData\Roaming\Mozilla\Firefox\Profiles\ce8j0zs7.default\Extensions\jid1-cwbvBTE216jjpg@jetpack.xpi [2014-08-03]
  88. FF Extension: YouTube™ Flash® Player - C:\Users\Armwrestling\AppData\Roaming\Mozilla\Firefox\Profiles\ce8j0zs7.default\Extensions\jid1-HAV2inXAnQPIeA@jetpack.xpi [2015-02-18]
  89. FF Extension: Secure Login - C:\Users\Armwrestling\AppData\Roaming\Mozilla\Firefox\Profiles\ce8j0zs7.default\Extensions\secureLogin@blueimp.net.xpi [2014-08-03]
  90. FF Extension: Unseen - C:\Users\Armwrestling\AppData\Roaming\Mozilla\Firefox\Profiles\ce8j0zs7.default\Extensions\unseen@tangrs.xpi [2014-08-03]
  91. FF Extension: RefControl - C:\Users\Armwrestling\AppData\Roaming\Mozilla\Firefox\Profiles\ce8j0zs7.default\Extensions\{455D905A-D37C-4643-A9E2-F6FEFAA0424A}.xpi [2015-01-28]
  92. FF Extension: YouTube High Definition - C:\Users\Armwrestling\AppData\Roaming\Mozilla\Firefox\Profiles\ce8j0zs7.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2014-12-29]
  93. FF Extension: Search By Image (by Google) - C:\Users\Armwrestling\AppData\Roaming\Mozilla\Firefox\Profiles\ce8j0zs7.default\Extensions\{ce7e73df-6a44-4028-8079-5927a588c948}.xpi [2014-08-06]
  94. FF Extension: Adblock Plus - C:\Users\Armwrestling\AppData\Roaming\Mozilla\Firefox\Profiles\ce8j0zs7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-03]
  95. FF Extension: Greasemonkey - C:\Users\Armwrestling\AppData\Roaming\Mozilla\Firefox\Profiles\ce8j0zs7.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2014-08-03]
  96.  
  97. Chrome:
  98. =======
  99. CHR HomePage: Default -> hxxp://www.google.pl/
  100. CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
  101. CHR Profile: C:\Users\Armwrestling\AppData\Local\Google\Chrome\User Data\Default
  102. CHR Extension: (Google Docs) - C:\Users\Armwrestling\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-03]
  103. CHR Extension: (Google Drive) - C:\Users\Armwrestling\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-03]
  104. CHR Extension: (YouTube) - C:\Users\Armwrestling\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-03]
  105. CHR Extension: (Google Search) - C:\Users\Armwrestling\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-03]
  106. CHR Extension: (Tampermonkey) - C:\Users\Armwrestling\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-01-12]
  107. CHR Extension: (AdBlock) - C:\Users\Armwrestling\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-08-03]
  108. CHR Extension: (LastPass: Free Password Manager) - C:\Users\Armwrestling\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2014-08-03]
  109. CHR Extension: (YePpHa Center for YouTube) - C:\Users\Armwrestling\AppData\Local\Google\Chrome\User Data\Default\Extensions\iggnaiafdfnjpjanhfndcafhdiampgpb [2014-08-07]
  110. CHR Extension: (No Name) - C:\Users\Armwrestling\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-03]
  111. CHR Extension: (Gmail) - C:\Users\Armwrestling\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-03]
  112.  
  113. ==================== Services (Whitelisted) =================
  114.  
  115. (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
  116.  
  117. S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-18] (AVAST Software)
  118. S2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [104416 2015-01-18] (AVAST Software)
  119. S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2015-01-18] (Avast Software)
  120. S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2014-08-03] (Creative Labs) [File not signed]
  121. R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2008-11-18] (Creative Technology Ltd) [File not signed]
  122. S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-01-28] (Electronic Arts)
  123. R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-11-11] ()
  124. S3 Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [833728 2014-11-18] (Valve Corporation) [File not signed]
  125. R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-07-10] (Microsoft Corporation)
  126.  
  127. ==================== Drivers (Whitelisted) ====================
  128.  
  129. (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
  130.  
  131. S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-18] () [File not signed]
  132. S1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2015-01-18] () [File not signed]
  133. S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2015-01-18] () [File not signed]
  134. S1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-01-18] () [File not signed]
  135. R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-18] ()
  136. S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-01-18] () [File not signed]
  137. S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-18] () [File not signed]
  138. S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-01-18] () [File not signed]
  139. R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [267632 2015-01-18] () [File not signed]
  140. R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-09-03] (Disc Soft Ltd)
  141. R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2014-05-02] (Intel Corporation)
  142. R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2015-01-18] (Avast Software)
  143. S0 aswNdisFlt; system32\DRIVERS\aswNdisFlt.sys [X]
  144. S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
  145. S3 VGPU; System32\drivers\rdvgkmd.sys [X]
  146.  
  147. ==================== NetSvcs (Whitelisted) ===================
  148.  
  149. (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
  150.  
  151.  
  152. ==================== One Month Created Files and Folders ========
  153.  
  154. (If an entry is included in the fixlist, the file\folder will be moved.)
  155.  
  156. 2015-03-07 15:50 - 2015-03-07 16:09 - 00014795 _____ () C:\Users\Armwrestling\Downloads\FRST.txt
  157. 2015-03-07 15:49 - 2015-03-07 16:08 - 00000000 ____D () C:\FRST
  158. 2015-03-07 15:49 - 2015-03-07 15:30 - 02094592 _____ (Farbar) C:\Users\Armwrestling\Downloads\FRST64.exe
  159. 2015-03-07 13:03 - 2015-03-07 13:04 - 00000000 ____D () C:\Users\Armwrestling\Downloads\CrystalDiskInfo6_1_13
  160. 2015-03-07 13:03 - 2015-03-07 13:03 - 00000000 ____D () C:\Users\Armwrestling\Downloads\Portable HDTune
  161. 2015-03-06 21:18 - 2015-03-07 13:51 - 00000224 _____ () C:\Windows\setupact.log
  162. 2015-03-06 21:18 - 2015-03-07 13:02 - 00001028 _____ () C:\Windows\PFRO.log
  163. 2015-03-06 21:18 - 2015-03-06 21:18 - 00000000 _____ () C:\Windows\setuperr.log
  164. 2015-03-06 19:12 - 2015-03-07 13:57 - 00137111 _____ () C:\Windows\WindowsUpdate.log
  165. 2015-03-06 18:01 - 2015-03-07 13:07 - 00009150 _____ () C:\Users\Armwrestling\Desktop\372d3b.txt
  166. 2015-03-06 16:59 - 2015-01-18 11:54 - 00364512 _____ () C:\Windows\system32\aswBoot.exe
  167. 2015-03-05 18:37 - 2015-03-05 18:37 - 00000197 _____ () C:\Windows\system32\2015-03-05-17-37-18.048-AvastVBoxSVC.exe-3180.log
  168. 2015-02-20 20:07 - 2015-02-20 20:08 - 19195514 _____ () C:\Users\Armwrestling\Downloads\allahy.webm
  169. 2015-02-18 16:49 - 2015-02-18 16:49 - 00000197 _____ () C:\Windows\system32\2015-02-18-15-49-45.010-AvastVBoxSVC.exe-2556.log
  170. 2015-02-17 18:45 - 2015-02-17 18:46 - 00000197 _____ () C:\Windows\system32\2015-02-17-17-45-29.048-AvastVBoxSVC.exe-3288.log
  171. 2015-02-16 18:27 - 2015-02-16 18:27 - 00000197 _____ () C:\Windows\system32\2015-02-16-17-27-09.023-AvastVBoxSVC.exe-3080.log
  172. 2015-02-14 15:23 - 2015-02-14 15:24 - 00000197 _____ () C:\Windows\system32\2015-02-14-14-23-55.086-AvastVBoxSVC.exe-2356.log
  173. 2015-02-14 12:34 - 2015-02-14 12:34 - 00000197 _____ () C:\Windows\system32\2015-02-14-11-34-17.057-AvastVBoxSVC.exe-972.log
  174. 2015-02-13 18:31 - 2015-02-13 18:31 - 00000197 _____ () C:\Windows\system32\2015-02-13-17-31-07.056-AvastVBoxSVC.exe-2500.log
  175. 2015-02-13 07:53 - 2015-02-13 07:53 - 00000197 _____ () C:\Windows\system32\2015-02-13-06-53-29.033-AvastVBoxSVC.exe-1868.log
  176. 2015-02-12 16:58 - 2015-02-12 16:58 - 00000197 _____ () C:\Windows\system32\2015-02-12-15-58-21.084-AvastVBoxSVC.exe-3516.log
  177. 2015-02-11 19:13 - 2015-02-11 19:13 - 00000000 ____D () C:\Users\Armwrestling\Downloads\asfs
  178. 2015-02-11 18:38 - 2015-02-11 18:39 - 00000197 _____ () C:\Windows\system32\2015-02-11-17-38-52.096-AvastVBoxSVC.exe-3024.log
  179. 2015-02-10 17:16 - 2015-02-10 17:17 - 00000197 _____ () C:\Windows\system32\2015-02-10-16-16-53.064-AvastVBoxSVC.exe-2576.log
  180. 2015-02-09 19:25 - 2015-02-09 19:26 - 00000197 _____ () C:\Windows\system32\2015-02-09-18-25-46.001-AvastVBoxSVC.exe-2636.log
  181. 2015-02-08 12:46 - 2015-02-08 12:46 - 00000197 _____ () C:\Windows\system32\2015-02-08-11-46-07.001-AvastVBoxSVC.exe-3376.log
  182. 2015-02-07 14:36 - 2015-02-07 14:36 - 00000000 ____D () C:\Users\Armwrestling\Downloads\ticketpig - Imgur
  183. 2015-02-07 12:50 - 2015-02-07 12:50 - 00000197 _____ () C:\Windows\system32\2015-02-07-11-50-20.045-AvastVBoxSVC.exe-2656.log
  184. 2015-02-07 11:23 - 2015-02-07 11:23 - 00000197 _____ () C:\Windows\system32\2015-02-07-10-23-42.023-AvastVBoxSVC.exe-2688.log
  185. 2015-02-07 11:17 - 2015-02-07 11:17 - 00000000 ____D () C:\Users\Public\Documents\NativeFus_Log
  186. 2015-02-07 11:16 - 2015-02-07 11:17 - 00000000 ____D () C:\Users\Armwrestling\AppData\Roaming\Samsung
  187. 2015-02-07 11:16 - 2015-02-07 11:16 - 00000000 ____D () C:\Users\Armwrestling\Documents\SelfMV
  188. 2015-02-07 11:16 - 2015-02-07 11:16 - 00000000 ____D () C:\Users\Armwrestling\Documents\samsung
  189. 2015-02-07 11:16 - 2015-02-07 11:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
  190. 2015-02-07 11:16 - 2015-02-07 11:16 - 00000000 ____D () C:\Program Files (x86)\Samsung
  191. 2015-02-07 11:16 - 2014-05-07 17:42 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll
  192. 2015-02-07 10:54 - 2015-02-07 10:54 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
  193. 2015-02-07 10:51 - 2015-02-07 10:51 - 00000197 _____ () C:\Windows\system32\2015-02-07-09-51-36.008-AvastVBoxSVC.exe-2784.log
  194. 2015-02-06 17:08 - 2015-02-06 17:08 - 00000000 ____D () C:\Users\Armwrestling\Downloads\SGN14.6.8C
  195. 2015-02-06 16:55 - 2015-02-06 16:55 - 00000197 _____ () C:\Windows\system32\2015-02-06-15-55-32.072-AvastVBoxSVC.exe-3040.log
  196. 2015-02-05 18:44 - 2015-02-05 18:45 - 00000197 _____ () C:\Windows\system32\2015-02-05-17-44-24.043-AvastVBoxSVC.exe-2896.log
  197.  
  198. ==================== One Month Modified Files and Folders =======
  199.  
  200. (If an entry is included in the fixlist, the file\folder will be moved.)
  201.  
  202. 2015-03-07 15:49 - 2014-08-06 19:53 - 00000000 ____D () C:\Users\Armwrestling\AppData\Roaming\AIMP3
  203. 2015-03-07 15:26 - 2014-08-03 18:01 - 00001048 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
  204. 2015-03-07 13:58 - 2009-07-14 05:45 - 00026576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
  205. 2015-03-07 13:58 - 2009-07-14 05:45 - 00026576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
  206. 2015-03-07 13:51 - 2014-08-03 18:01 - 00001044 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
  207. 2015-03-07 13:51 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
  208. 2015-03-07 13:04 - 2011-04-12 14:21 - 00739694 _____ () C:\Windows\system32\perfh015.dat
  209. 2015-03-07 13:04 - 2011-04-12 14:21 - 00155268 _____ () C:\Windows\system32\perfc015.dat
  210. 2015-03-07 13:04 - 2009-07-14 06:13 - 01668226 _____ () C:\Windows\system32\PerfStringBackup.INI
  211. 2015-03-06 21:19 - 2014-11-26 17:44 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
  212. 2015-03-06 19:10 - 2014-11-11 18:08 - 00000000 ____D () C:\Windows\Minidump
  213. 2015-03-06 18:45 - 2014-11-11 21:31 - 00000000 ____D () C:\Users\Armwrestling\AppData\Roaming\Skype
  214. 2015-03-06 18:14 - 2014-08-03 21:57 - 00000000 ____D () C:\ProgramData\Origin
  215. 2015-03-06 18:12 - 2015-01-18 11:55 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
  216. 2015-03-06 17:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
  217. 2015-03-06 16:57 - 2014-08-03 15:37 - 00000000 ____D () C:\Users\Armwrestling
  218. 2015-03-06 16:56 - 2014-11-11 15:02 - 00000000 ____D () C:\Users\Armwrestling\Documents\FIFA 14
  219. 2015-03-06 16:56 - 2014-09-01 19:28 - 00000000 ____D () C:\Users\Armwrestling\AppData\Roaming\GHISLER
  220. 2015-03-06 16:56 - 2014-08-03 21:57 - 00000000 ____D () C:\Program Files (x86)\Origin
  221. 2015-03-06 16:56 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
  222. 2015-03-06 16:56 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
  223. 2015-02-07 21:47 - 2014-11-28 21:47 - 00000079 _____ () C:\Users\Armwrestling\Desktop\origin.txt
  224. 2015-02-07 14:13 - 2014-10-21 16:28 - 00000000 ____D () C:\Users\Armwrestling\AppData\Local\Adobe
  225. 2015-02-07 14:10 - 2015-01-05 18:13 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
  226. 2015-02-07 14:10 - 2015-01-05 18:13 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
  227. 2015-02-07 11:16 - 2014-08-03 15:51 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
  228. 2015-02-06 00:20 - 2014-08-03 18:01 - 00004044 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
  229. 2015-02-06 00:20 - 2014-08-03 18:01 - 00003792 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
  230.  
  231. ==================== Bamital & volsnap Check =================
  232.  
  233. (There is no automatic fix for files that do not pass verification.)
  234.  
  235. C:\Windows\System32\winlogon.exe => File is digitally signed
  236. C:\Windows\System32\wininit.exe => File is digitally signed
  237. C:\Windows\SysWOW64\wininit.exe => File is digitally signed
  238. C:\Windows\explorer.exe => File is digitally signed
  239. C:\Windows\SysWOW64\explorer.exe => File is digitally signed
  240. C:\Windows\System32\svchost.exe => File is digitally signed
  241. C:\Windows\SysWOW64\svchost.exe => File is digitally signed
  242. C:\Windows\System32\services.exe => File is digitally signed
  243. C:\Windows\System32\User32.dll => File is digitally signed
  244. C:\Windows\SysWOW64\User32.dll => File is digitally signed
  245. C:\Windows\System32\userinit.exe => File is digitally signed
  246. C:\Windows\SysWOW64\userinit.exe => File is digitally signed
  247. C:\Windows\System32\rpcss.dll => File is digitally signed
  248. C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
  249.  
  250.  
  251. LastRegBack: 2015-02-25 20:22
  252.  
  253. ==================== End Of Log ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!