API tools faq
paste
Advertisement
LitePenguins

FRST.txt

LitePenguins
Sep 14th, 2014
492
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 47.33 KB | None | 0 0
raw download clone embed print report
  1. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
  2. Ran by Penguins (administrator) on PENGUINS-PC on 14-09-2014 19:01:00
  3. Running from C:\Users\Penguins\Desktop
  4. Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
  5. Internet Explorer Version 11
  6. Boot Mode: Normal
  7. Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
  8.  
  9. ==================== Processes (Whitelisted) =================
  10.  
  11. (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
  12.  
  13. (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
  14. (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
  15. (AMD) C:\Windows\System32\atiesrxx.exe
  16. (AMD) C:\Windows\System32\atieclxx.exe
  17. (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
  18. (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
  19. (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
  20. () C:\Windows\SysWOW64\ASGT.exe
  21. (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
  22. (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
  23. (Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\37.0.2062.28\remoting_host.exe
  24. (Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
  25. (Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\37.0.2062.28\remoting_host.exe
  26. (Hi-Rez Studios) F:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
  27. (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
  28. (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
  29. (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
  30. (Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
  31. (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
  32. (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
  33. () C:\Windows\SysWOW64\PnkBstrA.exe
  34. (Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
  35. (Razer, Inc.) C:\Program Files (x86)\Razer\Core\64bit\RzOvlMon.exe
  36. (SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
  37. (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
  38. (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
  39. (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
  40. (VMware, Inc.) F:\Program Files (x86)\VMware\MWare Workstation\vmware-authd.exe
  41. (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
  42. (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
  43. (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
  44. (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
  45. (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
  46. (DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
  47. (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
  48. (KoshyJohn.com) C:\Users\Penguins\AppData\Roaming\KoshyJohn.com\MemClean\MemClean.exe
  49. (Flux Software LLC) C:\Users\Penguins\AppData\Local\FluxSoftware\Flux\flux.exe
  50. (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
  51. (Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe
  52. (BitTorrent Inc.) C:\Users\Penguins\AppData\Roaming\uTorrent\uTorrent.exe
  53. () F:\Program Files (x86)\Rainmeter\Rainmeter.exe
  54. (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
  55. (Intel(R) Corporation) C:\Program Files\Intel\NCS2\WMIProv\ncs2prov.exe
  56. (Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
  57. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  58. (VMware, Inc.) F:\Program Files (x86)\VMware\MWare Workstation\vmware-tray.exe
  59. (Apple Inc.) F:\Program Files (x86)\iTunes\iTunesHelper.exe
  60. (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
  61. (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
  62. (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
  63. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  64. (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
  65. (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
  66. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  67. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  68. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  69. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  70. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  71. (Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6032.exe
  72. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  73. (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
  74. (Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6064.exe
  75. (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
  76. (Microsoft Corporation) C:\Windows\System32\dllhost.exe
  77. (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
  78. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  79. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  80. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  81. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  82. (Google) C:\Users\Penguins\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
  83. (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
  84. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  85.  
  86.  
  87. ==================== Registry (Whitelisted) ==================
  88.  
  89. (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
  90.  
  91. HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
  92. HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.)
  93. HKLM\...\Run: [Fences] => F:\Program Files (x86)\Stardock\Fences\Fences.exe [4017368 2012-10-29] (Stardock Corporation)
  94. HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
  95. HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
  96. HKLM-x32\...\Run: [] => [X]
  97. HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585560 2014-06-23] (Razer Inc.)
  98. HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
  99. HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
  100. HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-07-09] (Intel Corporation)
  101. HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
  102. HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation)
  103. HKLM-x32\...\Run: [vmware-tray.exe] => F:\Program Files (x86)\VMware\MWare Workstation\vmware-tray.exe [111696 2013-08-27] (VMware, Inc.)
  104. HKLM-x32\...\Run: [QuickTime Task] => F:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
  105. HKLM-x32\...\Run: [iTunesHelper] => F:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
  106. HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [811792 2014-01-20] (BlueStack Systems, Inc.)
  107. HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
  108. HKLM-x32\...\Run: [vmware-tray] => F:\Program Files (x86)\VMware\MWare Workstation\vmware-tray.exe [111696 2013-08-27] (VMware, Inc.)
  109. HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1
  110. HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1
  111. HKU\S-1-5-21-247090103-2529244993-3234675208-1000\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3108480 2012-10-23] (DT Soft Ltd)
  112. HKU\S-1-5-21-247090103-2529244993-3234675208-1000\...\Run: [Memory Cleaner] => C:\Users\Penguins\AppData\Roaming\KoshyJohn.com\MemClean\MemClean.exe [791560 2013-02-03] (KoshyJohn.com)
  113. HKU\S-1-5-21-247090103-2529244993-3234675208-1000\...\Run: [AdobeBridge] => [X]
  114. HKU\S-1-5-21-247090103-2529244993-3234675208-1000\...\Run: [Dargon] => F:\Dargon\DargonD.exe [410624 2013-09-27] ()
  115. HKU\S-1-5-21-247090103-2529244993-3234675208-1000\...\Run: [f.lux] => C:\Users\Penguins\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
  116. HKU\S-1-5-21-247090103-2529244993-3234675208-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21652064 2014-07-24] (Skype Technologies S.A.)
  117. HKU\S-1-5-21-247090103-2529244993-3234675208-1000\...\Run: [DisplayFusion] => C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe [8718176 2014-06-18] (Binary Fortress Software)
  118. HKU\S-1-5-21-247090103-2529244993-3234675208-1000\...\Run: [CMD] => cmd.exe /c start http://extendedunlimited.org && exit <===== ATTENTION
  119. HKU\S-1-5-21-247090103-2529244993-3234675208-1000\...\Run: [uTorrent] => C:\Users\Penguins\AppData\Roaming\uTorrent\uTorrent.exe [3248720 2014-09-10] (BitTorrent Inc.)
  120. HKU\S-1-5-21-247090103-2529244993-3234675208-1000\...\MountPoints2: I - I:\HTC_Sync_Manager_PC.exe
  121. HKU\S-1-5-21-247090103-2529244993-3234675208-1000\...\MountPoints2: {39d27851-3250-11e4-b78e-00acb733e755} - I:\HTC_Sync_Manager_PC.exe
  122. HKU\S-1-5-21-247090103-2529244993-3234675208-1000\...\MountPoints2: {39d27a04-3250-11e4-b78e-00acb733e755} - I:\HTC_Sync_Manager_PC.exe
  123. Startup: C:\Users\Penguins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Fences.lnk
  124. ShortcutTarget: Fences.lnk -> F:\Program Files (x86)\Stardock\Fences\Fences.exe (Stardock Corporation)
  125. Startup: C:\Users\Penguins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
  126. ShortcutTarget: Rainmeter.lnk -> F:\Program Files (x86)\Rainmeter\Rainmeter.exe ()
  127. ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
  128.  
  129. ==================== Internet (Whitelisted) ====================
  130.  
  131. (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
  132.  
  133. HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
  134. HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x8E93641A739FCE01
  135. HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
  136. SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
  137. SearchScopes: HKCU - {FEEB503B-CD20-4A89-B9D3-85740B3C06CA} URL = https://www.google.com/search?q={searchTerms}
  138. BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
  139. BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
  140. BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
  141. BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
  142. BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
  143. BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
  144. BHO-x32: ͬ²½Ò»¼ü°²×°Ö§³Ö -> {F72C8153-7140-4FEE-8F69-CA4579D71195} -> F:\Program Files (x86)\Tongbu\Addin\tbIEAddin.dll (同步网络平台)
  145. Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
  146. Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - F:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
  147. Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
  148. Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
  149. Tcpip\..\Interfaces\{338D56DF-6962-49F3-94BA-045E5DE7C1AE}: [NameServer] 8.8.8.8
  150.  
  151. FireFox:
  152. ========
  153. FF ProfilePath: C:\Users\Penguins\AppData\Roaming\Mozilla\Firefox\Profiles\fk9iae0i.default
  154. FF SelectedSearchEngine: Google
  155. FF Homepage: about:home
  156. FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
  157. FF Plugin: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
  158. FF Plugin: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
  159. FF Plugin: @microsoft.com/GENUINE -> disabled No File
  160. FF Plugin: @microsoft.com/SharePoint,version=14.0 -> F:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
  161. FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
  162. FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> F:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
  163. FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
  164. FF Plugin-x32: @esn/esnlaunch,version=2.1.7 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
  165. FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
  166. FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
  167. FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
  168. FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
  169. FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
  170. FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
  171. FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
  172. FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
  173. FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
  174. FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
  175. FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Penguins\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
  176. FF Plugin-x32: @tongbu.com/tongbu,version=0.1 -> F:\Program Files (x86)\Tongbu\Addin\npTongbuAddin.dll (同步网络平台)
  177. FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
  178. FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
  179. FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
  180. FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\Penguins\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
  181. FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\Penguins\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
  182. FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Penguins\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
  183. FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Penguins\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
  184. FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Penguins\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
  185. FF Plugin HKCU: thehappycloud.com/HappyCloudPlugin -> C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)
  186. FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
  187. FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
  188. FF Plugin ProgramFiles/Appdata: C:\Users\Penguins\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
  189. FF Plugin ProgramFiles/Appdata: C:\Users\Penguins\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
  190. FF Extension: Firebug - C:\Users\Penguins\AppData\Roaming\Mozilla\Firefox\Profiles\fk9iae0i.default\Extensions\firebug@software.joehewitt.com.xpi [2014-08-13]
  191. FF Extension: Translate This! - C:\Users\Penguins\AppData\Roaming\Mozilla\Firefox\Profiles\fk9iae0i.default\Extensions\jid0-k75TfRGfOXPHfEZmJ9cKu5eCgLc@jetpack.xpi [2014-01-08]
  192. FF Extension: Adblock Plus - C:\Users\Penguins\AppData\Roaming\Mozilla\Firefox\Profiles\fk9iae0i.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-08-04]
  193.  
  194. Chrome:
  195. =======
  196. CHR HomePage: Default -> hxxp://search.conduit.com/?gd=&ctid=CT3321561&octid=EB_ORIGINAL_CTID&ISID=MD830B353-CF58-496D-97D7-C3B3DF19D525&SearchSource=55&CUI=&UM=5&UP=SPECD7D215-0940-4AA6-95DD-D348E9D51CB2&SSPV=
  197. CHR StartupUrls: Default -> "", "https://www.google.com/"
  198. CHR NewTab: Default -> "chrome-extension://oogmkbpkoblajkomflhkkdmbfggdmefd/inicio.html"
  199. CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}sugkey={google:suggestAPIKeyParameter}
  200. CHR Profile: C:\Users\Penguins\AppData\Local\Google\Chrome\User Data\Default
  201. CHR Extension: (Magic Actions for YouTube™) - C:\Users\Penguins\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2014-04-24]
  202. CHR Extension: (BetterTTV) - C:\Users\Penguins\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2014-05-12]
  203. CHR Extension: (Google Docs) - C:\Users\Penguins\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-06]
  204. CHR Extension: (Google Drive) - C:\Users\Penguins\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-05]
  205. CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Penguins\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-20]
  206. CHR Extension: (YouTube) - C:\Users\Penguins\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-05]
  207. CHR Extension: (Google Cast) - C:\Users\Penguins\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-04-04]
  208. CHR Extension: (FEK (Forum Enhancer Kit)) - C:\Users\Penguins\AppData\Local\Google\Chrome\User Data\Default\Extensions\caahinlikcofppimdhepebafbejjbbfj [2014-01-19]
  209. CHR Extension: (Google Search) - C:\Users\Penguins\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-05]
  210. CHR Extension: (Pandora) - C:\Users\Penguins\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbangkleohkafngihneedemihgfeikcl [2014-07-22]
  211. CHR Extension: (Chrome Remote Desktop) - C:\Users\Penguins\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2014-09-07]
  212. CHR Extension: (AdBlock) - C:\Users\Penguins\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-08-16]
  213. CHR Extension: (TweetDeck by Twitter) - C:\Users\Penguins\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2014-04-13]
  214. CHR Extension: (Herp Derp for YouTube™) - C:\Users\Penguins\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioomnmgjblnnolpdgdhebainmfbipjoh [2014-09-08]
  215. CHR Extension: (Reddit Enhancement Suite) - C:\Users\Penguins\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2014-01-22]
  216. CHR Extension: (Google Wallet) - C:\Users\Penguins\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-29]
  217. CHR Extension: (new metroTab) - C:\Users\Penguins\AppData\Local\Google\Chrome\User Data\Default\Extensions\oogmkbpkoblajkomflhkkdmbfggdmefd [2014-07-01]
  218. CHR Extension: (Gmail) - C:\Users\Penguins\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-05]
  219.  
  220. ==================== Services (Whitelisted) =================
  221.  
  222. (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
  223.  
  224. S3 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe [922240 2011-10-07] ()
  225. R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed]
  226. S3 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [915584 2011-10-07] ()
  227. S4 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2011-10-07] ()
  228. S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-01-20] (BlueStack Systems, Inc.)
  229. R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-01-20] (BlueStack Systems, Inc.)
  230. R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\37.0.2062.28\remoting_host.exe [51016 2014-07-17] (Google Inc.)
  231. R2 DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [5179760 2014-06-18] (Binary Fortress Software)
  232. R2 HiPatchService; F:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-08-22] (Hi-Rez Studios) [File not signed]
  233. R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-07-09] (Intel Corporation) [File not signed]
  234. R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
  235. R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
  236. S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)
  237. R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
  238. R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
  239. R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-06-17] ()
  240. S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.)
  241. R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [106472 2013-09-18] (Razer Inc.)
  242. R2 RzOvlMon; C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe [32960 2014-04-18] (Razer, Inc.)
  243. R2 SEVPNCLIENT; C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [4352568 2014-08-27] (SoftEther VPN Project at University of Tsukuba, Japan.)
  244. S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
  245. S3 TunngleService; F:\Program Files (x86)\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH)
  246. R2 VMAuthdService; F:\Program Files (x86)\VMware\MWare Workstation\vmware-authd.exe [86096 2013-08-27] (VMware, Inc.)
  247. S2 VMwareHostd; F:\Program Files (x86)\VMware\MWare Workstation\vmware-hostd.exe [14401104 2013-08-27] ()
  248.  
  249. ==================== Drivers (Whitelisted) ====================
  250.  
  251. (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
  252.  
  253. R3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [33872 2011-11-28] (AnvSoft Inc.)
  254. R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2011-10-07] ()
  255. R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2011-06-08] ()
  256. R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-10-07] (MCCI Corporation)
  257. S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [138280 2012-03-02] (Broadcom Corporation.)
  258. R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [115472 2014-01-20] (BlueStack Systems)
  259. R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-06-06] (DT Soft Ltd)
  260. S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-08] (QUALCOMM Incorporated)
  261. R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [27456 2012-07-09] (Intel Corporation)
  262. R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
  263. R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-14] (Malwarebytes Corporation)
  264. R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
  265. R3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0091.sys [28768 2014-08-27] (SoftEther VPN Project at University of Tsukuba, Japan.)
  266. R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
  267. R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
  268. R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
  269. S3 RTL8192cu; C:\Windows\System32\DRIVERS\WNA1000M.sys [855144 2011-02-21] (Realtek Semiconductor Corporation )
  270. R3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [129472 2014-04-10] (Razer, Inc.)
  271. R1 RzFilter; C:\Windows\system32\drivers\RzFilter.sys [74432 2014-04-10] (Razer, Inc.)
  272. S3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
  273. R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-08-15] (VMware, Inc.)
  274. R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-02-22] (VMware, Inc.)
  275. S3 WinRing0_1_2_0; F:\Users\Sylux\Downloads\RealTemp_370\WinRing0x64.sys [14544 2012-03-19] (OpenLibSys.org)
  276. S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
  277.  
  278. ==================== NetSvcs (Whitelisted) ===================
  279.  
  280. (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
  281.  
  282.  
  283. ==================== One Month Created Files and Folders ========
  284.  
  285. (If an entry is included in the fixlist, the file\folder will be moved.)
  286.  
  287. 2014-09-14 19:01 - 2014-09-14 19:01 - 00027866 _____ () C:\Users\Penguins\Desktop\FRST.txt
  288. 2014-09-14 18:47 - 2014-09-14 19:01 - 00000000 ____D () C:\FRST
  289. 2014-09-14 18:47 - 2014-09-14 18:47 - 02105856 _____ (Farbar) C:\Users\Penguins\Desktop\FRST64.exe
  290. 2014-09-14 18:40 - 2014-09-14 18:40 - 00000000 ____D () C:\Windows\ERUNT
  291. 2014-09-14 18:39 - 2014-09-14 18:43 - 00000000 ____D () C:\ProgramData\HitmanPro
  292. 2014-09-14 18:39 - 2014-09-14 18:39 - 00000000 ____D () C:\Program Files\HitmanPro
  293. 2014-09-14 18:35 - 2014-09-14 18:57 - 00007462 _____ () C:\Windows\PFRO.log
  294. 2014-09-14 18:34 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
  295. 2014-09-14 18:33 - 2014-09-14 18:35 - 00000000 ____D () C:\AdwCleaner
  296. 2014-09-14 18:30 - 2014-09-14 18:57 - 00000672 _____ () C:\Windows\setupact.log
  297. 2014-09-14 18:30 - 2014-09-14 18:30 - 00000000 _____ () C:\Windows\setuperr.log
  298. 2014-09-14 18:18 - 2014-09-14 18:08 - 00024064 _____ () C:\Windows\zoek-delete.exe
  299. 2014-09-14 18:09 - 2014-09-14 18:19 - 00010672 _____ () C:\zoek-results.log
  300. 2014-09-14 18:07 - 2014-09-14 18:15 - 00000000 ____D () C:\zoek_backup
  301. 2014-09-14 18:07 - 2014-09-14 18:07 - 01290240 _____ () C:\Users\Penguins\Desktop\zoek.exe
  302. 2014-09-14 10:05 - 2014-09-14 10:05 - 00001091 _____ () C:\Users\Penguins\Desktop\TS4-Launcher.exe - Shortcut.lnk
  303. 2014-09-11 18:35 - 2014-09-11 18:35 - 00000000 ____D () C:\Users\Penguins\Documents\Strife
  304. 2014-09-11 18:34 - 2014-09-11 18:34 - 00000896 _____ () C:\Users\Penguins\Desktop\Strife.lnk
  305. 2014-09-11 18:34 - 2014-09-11 18:34 - 00000000 ____D () C:\Users\Penguins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Strife
  306. 2014-09-11 18:34 - 2014-09-11 18:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Strife
  307. 2014-09-10 21:45 - 2014-09-10 21:45 - 00000000 ____D () C:\Users\Penguins\Desktop\BoL Studio
  308. 2014-09-10 21:43 - 2014-09-14 12:39 - 00000000 ____D () C:\Users\Penguins\AppData\Roaming\BoL
  309. 2014-09-10 18:42 - 2014-09-10 18:42 - 00000837 _____ () C:\Users\Penguins\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
  310. 2014-09-08 19:35 - 2014-09-08 19:58 - 00000000 ____D () C:\Users\Penguins\Desktop\lsharp
  311. 2014-09-08 18:59 - 2014-09-08 19:29 - 00000000 ____D () C:\Users\Penguins\Desktop\Leaguesharp
  312. 2014-09-08 17:33 - 2014-09-08 17:33 - 00000000 ____D () C:\Users\Penguins\Desktop\New folder
  313. 2014-09-07 16:38 - 2014-09-07 16:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flvto Youtube Downloader
  314. 2014-09-07 16:38 - 2014-09-07 16:38 - 00000000 ____D () C:\Program Files (x86)\Flvto Youtube Downloader
  315. 2014-09-07 15:35 - 2014-09-07 15:40 - 00000000 ____D () C:\Users\Penguins\Desktop\VoliBot
  316. 2014-09-07 03:29 - 2014-09-07 03:29 - 00000000 ____D () C:\ProgramData\Google
  317. 2014-09-03 18:31 - 2014-09-03 18:31 - 00000000 ____D () C:\Users\Penguins\Documents\Electronic Arts
  318. 2014-09-03 18:29 - 2011-02-18 16:07 - 00447752 _____ (On2.com) C:\Windows\SysWOW64\vp6vfw.dll
  319. 2014-09-03 18:22 - 2014-09-03 18:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The SIMS 4 Deluxe Edition
  320. 2014-08-29 22:05 - 2014-09-14 18:29 - 00000000 ____D () C:\Users\Penguins\AppData\Roaming\Everything
  321. 2014-08-29 22:05 - 2014-08-29 22:05 - 00000000 ____D () C:\Users\Penguins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Everything
  322. 2014-08-29 22:05 - 2014-08-29 22:05 - 00000000 ____D () C:\Program Files\Everything
  323. 2014-08-28 09:35 - 2014-08-22 21:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
  324. 2014-08-28 09:35 - 2014-08-22 20:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
  325. 2014-08-28 09:35 - 2014-08-22 19:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
  326. 2014-08-27 14:16 - 2014-08-27 14:16 - 00028768 _____ (SoftEther VPN Project at University of Tsukuba, Japan.) C:\Windows\system32\Drivers\Neo_0091.sys
  327. 2014-08-27 14:15 - 2014-08-27 14:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftEther VPN Client
  328. 2014-08-27 14:12 - 2014-08-27 14:12 - 00135736 _____ (SoftEther VPN Project at University of Tsukuba, Japan.) C:\Windows\system32\vpncmd.exe
  329. 2014-08-27 14:12 - 2014-08-27 14:12 - 00028768 _____ (SoftEther VPN Project at University of Tsukuba, Japan.) C:\Windows\system32\Drivers\Neo_0080.sys
  330. 2014-08-27 14:11 - 2014-09-14 18:58 - 00000000 ____D () C:\Program Files\SoftEther VPN Client
  331. 2014-08-27 14:11 - 2014-08-27 14:15 - 00001939 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\SoftEther VPN Client Manager.lnk
  332. 2014-08-27 01:46 - 2014-08-27 01:46 - 00000000 ____D () C:\Users\Penguins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AutoAccepter
  333. 2014-08-22 18:53 - 2014-08-22 18:53 - 00000003 _____ () C:\Windows\system32\HRUPPROG.EXIT
  334. 2014-08-21 17:57 - 2014-08-22 18:53 - 00000003 _____ () C:\Windows\system32\HRUPPROG.TXT
  335. 2014-08-21 17:57 - 2014-08-21 17:57 - 00000003 _____ () C:\Windows\system32\HRUPPROG.DIE.NOW
  336. 2014-08-16 23:33 - 2010-02-23 03:16 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe
  337. 2014-08-16 21:55 - 2014-08-16 21:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
  338. 2014-08-16 21:50 - 2014-08-16 21:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
  339. 2014-08-16 21:20 - 2014-08-16 21:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClearType Switch
  340. 2014-08-16 20:41 - 2014-08-16 21:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBrains dotPeek version 1.2
  341. 2014-08-16 20:41 - 2014-08-16 20:42 - 00000000 ____D () C:\Users\Penguins\AppData\Roaming\JetBrains
  342. 2014-08-16 20:41 - 2014-08-16 20:41 - 00000000 ____D () C:\Users\Penguins\AppData\Local\SymbolSourceSymbols
  343. 2014-08-16 20:41 - 2014-08-16 20:41 - 00000000 ____D () C:\Users\Penguins\AppData\Local\RefSrcSymbols
  344. 2014-08-16 20:41 - 2014-08-16 20:41 - 00000000 ____D () C:\Users\Penguins\AppData\Local\JetBrains
  345. 2014-08-15 09:46 - 2014-08-15 09:46 - 00000000 ____D () C:\Users\Penguins\AppData\Local\Sun
  346.  
  347. ==================== One Month Modified Files and Folders =======
  348.  
  349. (If an entry is included in the fixlist, the file\folder will be moved.)
  350.  
  351. 2014-09-14 19:01 - 2014-09-14 19:01 - 00027866 _____ () C:\Users\Penguins\Desktop\FRST.txt
  352. 2014-09-14 19:01 - 2014-09-14 18:47 - 00000000 ____D () C:\FRST
  353. 2014-09-14 19:01 - 2014-08-14 12:11 - 00000000 ____D () C:\Users\Penguins\AppData\Roaming\Skype
  354. 2014-09-14 19:00 - 2013-06-05 19:59 - 01731590 _____ () C:\Windows\WindowsUpdate.log
  355. 2014-09-14 18:58 - 2014-08-27 14:11 - 00000000 ____D () C:\Program Files\SoftEther VPN Client
  356. 2014-09-14 18:58 - 2014-04-15 10:34 - 00003758 _____ () C:\Windows\System32\Tasks\AutoKMS
  357. 2014-09-14 18:57 - 2014-09-14 18:35 - 00007462 _____ () C:\Windows\PFRO.log
  358. 2014-09-14 18:57 - 2014-09-14 18:30 - 00000672 _____ () C:\Windows\setupact.log
  359. 2014-09-14 18:57 - 2014-08-14 14:06 - 00000000 ____D () C:\Users\Penguins\AppData\Local\CrashDumps
  360. 2014-09-14 18:57 - 2014-08-12 12:08 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
  361. 2014-09-14 18:57 - 2013-12-23 12:43 - 00000000 ____D () C:\ProgramData\NVIDIA
  362. 2014-09-14 18:57 - 2013-10-20 13:14 - 00000000 ____D () C:\ProgramData\VMware
  363. 2014-09-14 18:57 - 2013-06-06 17:17 - 00000000 ____D () C:\Users\Penguins\AppData\Roaming\uTorrent
  364. 2014-09-14 18:57 - 2013-06-05 20:15 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
  365. 2014-09-14 18:57 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
  366. 2014-09-14 18:56 - 2009-07-13 23:45 - 00029136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
  367. 2014-09-14 18:56 - 2009-07-13 23:45 - 00029136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
  368. 2014-09-14 18:54 - 2013-07-24 17:34 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
  369. 2014-09-14 18:47 - 2014-09-14 18:47 - 02105856 _____ (Farbar) C:\Users\Penguins\Desktop\FRST64.exe
  370. 2014-09-14 18:45 - 2014-03-07 22:08 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-247090103-2529244993-3234675208-1000UA.job
  371. 2014-09-14 18:44 - 2009-07-14 00:13 - 00792734 _____ () C:\Windows\system32\PerfStringBackup.INI
  372. 2014-09-14 18:43 - 2014-09-14 18:39 - 00000000 ____D () C:\ProgramData\HitmanPro
  373. 2014-09-14 18:40 - 2014-09-14 18:40 - 00000000 ____D () C:\Windows\ERUNT
  374. 2014-09-14 18:39 - 2014-09-14 18:39 - 00000000 ____D () C:\Program Files\HitmanPro
  375. 2014-09-14 18:35 - 2014-09-14 18:33 - 00000000 ____D () C:\AdwCleaner
  376. 2014-09-14 18:34 - 2013-12-16 00:12 - 00000000 ____D () C:\Windows\system32\log
  377. 2014-09-14 18:30 - 2014-09-14 18:30 - 00000000 _____ () C:\Windows\setuperr.log
  378. 2014-09-14 18:29 - 2014-08-29 22:05 - 00000000 ____D () C:\Users\Penguins\AppData\Roaming\Everything
  379. 2014-09-14 18:29 - 2013-06-05 22:54 - 00000000 ____D () C:\Windows\Panther
  380. 2014-09-14 18:19 - 2014-09-14 18:09 - 00010672 _____ () C:\zoek-results.log
  381. 2014-09-14 18:15 - 2014-09-14 18:07 - 00000000 ____D () C:\zoek_backup
  382. 2014-09-14 18:15 - 2013-06-05 19:59 - 00000000 ____D () C:\Users\Penguins
  383. 2014-09-14 18:08 - 2014-09-14 18:18 - 00024064 _____ () C:\Windows\zoek-delete.exe
  384. 2014-09-14 18:07 - 2014-09-14 18:07 - 01290240 _____ () C:\Users\Penguins\Desktop\zoek.exe
  385. 2014-09-14 18:06 - 2013-06-05 20:15 - 00000902 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
  386. 2014-09-14 17:59 - 2013-10-20 13:17 - 00000000 ____D () C:\Users\Penguins\AppData\Roaming\VMware
  387. 2014-09-14 17:59 - 2013-10-20 13:17 - 00000000 ____D () C:\Users\Penguins\AppData\Local\VMware
  388. 2014-09-14 12:39 - 2014-09-10 21:43 - 00000000 ____D () C:\Users\Penguins\AppData\Roaming\BoL
  389. 2014-09-14 12:39 - 2014-04-04 18:34 - 00000000 ____D () C:\Users\Penguins\BoL Revamped
  390. 2014-09-14 10:05 - 2014-09-14 10:05 - 00001091 _____ () C:\Users\Penguins\Desktop\TS4-Launcher.exe - Shortcut.lnk
  391. 2014-09-14 05:45 - 2014-03-07 22:08 - 00000868 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-247090103-2529244993-3234675208-1000Core.job
  392. 2014-09-14 02:00 - 2014-06-23 18:44 - 00000000 ____D () C:\Users\Penguins\AppData\Local\Adobe
  393. 2014-09-13 11:25 - 2009-07-14 00:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
  394. 2014-09-12 22:13 - 2013-06-10 20:37 - 00007604 _____ () C:\Users\Penguins\AppData\Local\Resmon.ResmonCfg
  395. 2014-09-11 19:38 - 2014-06-11 16:04 - 00000000 ____D () C:\Users\Penguins\AppData\Roaming\cloudrop
  396. 2014-09-11 18:35 - 2014-09-11 18:35 - 00000000 ____D () C:\Users\Penguins\Documents\Strife
  397. 2014-09-11 18:34 - 2014-09-11 18:34 - 00000896 _____ () C:\Users\Penguins\Desktop\Strife.lnk
  398. 2014-09-11 18:34 - 2014-09-11 18:34 - 00000000 ____D () C:\Users\Penguins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Strife
  399. 2014-09-11 18:34 - 2014-09-11 18:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Strife
  400. 2014-09-10 21:47 - 2014-07-31 21:30 - 00000000 ____D () C:\Users\Penguins\Desktop\Soraka Bot
  401. 2014-09-10 21:45 - 2014-09-10 21:45 - 00000000 ____D () C:\Users\Penguins\Desktop\BoL Studio
  402. 2014-09-10 18:42 - 2014-09-10 18:42 - 00000837 _____ () C:\Users\Penguins\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
  403. 2014-09-10 01:24 - 2013-06-08 17:21 - 00000157 _____ () C:\Windows\SysWOW64\SystemPreferences.xml
  404. 2014-09-09 22:54 - 2013-07-24 17:34 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
  405. 2014-09-09 22:54 - 2013-07-24 17:34 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
  406. 2014-09-09 22:54 - 2013-07-24 17:34 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
  407. 2014-09-08 22:06 - 2013-06-13 16:53 - 00000000 ____D () C:\ProgramData\Origin
  408. 2014-09-08 19:58 - 2014-09-08 19:35 - 00000000 ____D () C:\Users\Penguins\Desktop\lsharp
  409. 2014-09-08 19:29 - 2014-09-08 18:59 - 00000000 ____D () C:\Users\Penguins\Desktop\Leaguesharp
  410. 2014-09-08 17:33 - 2014-09-08 17:33 - 00000000 ____D () C:\Users\Penguins\Desktop\New folder
  411. 2014-09-08 17:03 - 2013-06-13 16:54 - 00000000 ____D () C:\Users\Penguins\AppData\Roaming\Origin
  412. 2014-09-07 16:43 - 2014-09-07 16:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flvto Youtube Downloader
  413. 2014-09-07 16:38 - 2014-09-07 16:38 - 00000000 ____D () C:\Program Files (x86)\Flvto Youtube Downloader
  414. 2014-09-07 16:38 - 2013-12-15 15:22 - 00000000 ____D () C:\Users\Penguins\AppData\Local\FlvtoYoutubeDownloader
  415. 2014-09-07 15:40 - 2014-09-07 15:35 - 00000000 ____D () C:\Users\Penguins\Desktop\VoliBot
  416. 2014-09-07 03:29 - 2014-09-07 03:29 - 00000000 ____D () C:\ProgramData\Google
  417. 2014-09-07 03:27 - 2013-06-05 20:15 - 00000000 ____D () C:\Program Files (x86)\Google
  418. 2014-09-06 17:17 - 2014-08-14 13:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DisplayFusion
  419. 2014-09-06 17:17 - 2014-08-14 13:37 - 00000000 ____D () C:\Program Files (x86)\DisplayFusion
  420. 2014-09-06 17:17 - 2014-08-14 13:25 - 00000000 ____D () C:\Users\Penguins\Documents\DisplayFusion Backups
  421. 2014-09-06 13:51 - 2014-08-14 13:37 - 00000000 ____D () C:\Users\Penguins\AppData\Roaming\DisplayFusion
  422. 2014-09-05 19:51 - 2014-01-05 13:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
  423. 2014-09-03 18:31 - 2014-09-03 18:31 - 00000000 ____D () C:\Users\Penguins\Documents\Electronic Arts
  424. 2014-09-03 18:22 - 2014-09-03 18:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The SIMS 4 Deluxe Edition
  425. 2014-08-31 11:23 - 2009-07-13 23:45 - 05073520 _____ () C:\Windows\system32\FNTCACHE.DAT
  426. 2014-08-29 22:05 - 2014-08-29 22:05 - 00000000 ____D () C:\Users\Penguins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Everything
  427. 2014-08-29 22:05 - 2014-08-29 22:05 - 00000000 ____D () C:\Program Files\Everything
  428. 2014-08-27 14:22 - 2014-05-07 18:36 - 00000600 _____ () C:\Users\Penguins\PUTTY.RND
  429. 2014-08-27 14:16 - 2014-08-27 14:16 - 00028768 _____ (SoftEther VPN Project at University of Tsukuba, Japan.) C:\Windows\system32\Drivers\Neo_0091.sys
  430. 2014-08-27 14:15 - 2014-08-27 14:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftEther VPN Client
  431. 2014-08-27 14:15 - 2014-08-27 14:11 - 00001939 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\SoftEther VPN Client Manager.lnk
  432. 2014-08-27 14:12 - 2014-08-27 14:12 - 00135736 _____ (SoftEther VPN Project at University of Tsukuba, Japan.) C:\Windows\system32\vpncmd.exe
  433. 2014-08-27 14:12 - 2014-08-27 14:12 - 00028768 _____ (SoftEther VPN Project at University of Tsukuba, Japan.) C:\Windows\system32\Drivers\Neo_0080.sys
  434. 2014-08-27 01:46 - 2014-08-27 01:46 - 00000000 ____D () C:\Users\Penguins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AutoAccepter
  435. 2014-08-24 14:02 - 2014-05-18 13:37 - 00000000 ____D () C:\Simba
  436. 2014-08-24 13:18 - 2013-06-10 22:27 - 00000047 _____ () C:\Users\Penguins\jagex_cl_runescape_LIVE.dat
  437. 2014-08-23 16:40 - 2013-06-10 23:05 - 00000048 _____ () C:\Users\Penguins\jagex_cl_runescape_LIVE1.dat
  438. 2014-08-22 21:07 - 2014-08-28 09:35 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
  439. 2014-08-22 20:45 - 2014-08-28 09:35 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
  440. 2014-08-22 19:59 - 2014-08-28 09:35 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
  441. 2014-08-22 18:53 - 2014-08-22 18:53 - 00000003 _____ () C:\Windows\system32\HRUPPROG.EXIT
  442. 2014-08-22 18:53 - 2014-08-21 17:57 - 00000003 _____ () C:\Windows\system32\HRUPPROG.TXT
  443. 2014-08-21 23:57 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
  444. 2014-08-21 17:57 - 2014-08-21 17:57 - 00000003 _____ () C:\Windows\system32\HRUPPROG.DIE.NOW
  445. 2014-08-18 22:54 - 2013-08-23 19:02 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
  446. 2014-08-18 22:54 - 2013-06-06 21:49 - 00000000 ____D () C:\ProgramData\Microsoft Help
  447. 2014-08-18 15:57 - 2014-06-09 11:19 - 00000000 ____D () C:\Users\Penguins\Free BoL
  448. 2014-08-18 15:42 - 2014-07-28 14:03 - 00003170 _____ () C:\Windows\System32\Tasks\Private Internet Access Startup
  449. 2014-08-18 15:42 - 2014-07-28 14:03 - 00000000 ____D () C:\Program Files\pia_manager
  450. 2014-08-18 11:09 - 2013-06-06 18:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
  451. 2014-08-16 22:03 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
  452. 2014-08-16 21:55 - 2014-08-16 21:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
  453. 2014-08-16 21:55 - 2014-08-14 12:11 - 00000000 ___RD () C:\Program Files (x86)\Skype
  454. 2014-08-16 21:55 - 2013-06-05 21:36 - 00000000 ____D () C:\ProgramData\Skype
  455. 2014-08-16 21:50 - 2014-08-16 21:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
  456. 2014-08-16 21:40 - 2014-08-16 21:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClearType Switch
  457. 2014-08-16 21:40 - 2014-08-16 20:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBrains dotPeek version 1.2
  458. 2014-08-16 21:40 - 2014-08-12 12:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
  459. 2014-08-16 21:40 - 2014-03-16 10:26 - 00000000 ____D () C:\Windows\AutoKMS
  460. 2014-08-16 21:40 - 2013-10-29 22:32 - 00000000 ____D () C:\Users\Penguins\AppData\Roaming\Rainmeter
  461. 2014-08-16 21:40 - 2013-07-18 21:53 - 00000000 ____D () C:\Users\Penguins\Documents\Euro Truck Simulator 2
  462. 2014-08-16 21:40 - 2013-06-24 16:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
  463. 2014-08-16 21:40 - 2013-06-06 21:50 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
  464. 2014-08-16 21:40 - 2013-06-05 20:08 - 00000000 ____D () C:\Users\Penguins\AppData\Local\Akamai
  465. 2014-08-16 21:40 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\registration
  466. 2014-08-16 21:40 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\AppCompat
  467. 2014-08-16 21:39 - 2013-06-05 20:15 - 00000000 ____D () C:\Users\Penguins\AppData\Local\Google
  468. 2014-08-16 20:42 - 2014-08-16 20:41 - 00000000 ____D () C:\Users\Penguins\AppData\Roaming\JetBrains
  469. 2014-08-16 20:41 - 2014-08-16 20:41 - 00000000 ____D () C:\Users\Penguins\AppData\Local\SymbolSourceSymbols
  470. 2014-08-16 20:41 - 2014-08-16 20:41 - 00000000 ____D () C:\Users\Penguins\AppData\Local\RefSrcSymbols
  471. 2014-08-16 20:41 - 2014-08-16 20:41 - 00000000 ____D () C:\Users\Penguins\AppData\Local\JetBrains
  472. 2014-08-15 09:46 - 2014-08-15 09:46 - 00000000 ____D () C:\Users\Penguins\AppData\Local\Sun
  473.  
  474. Files to move or delete:
  475. ====================
  476. C:\Users\Penguins\jagex_cl_oldschool_LIVE.dat
  477. C:\Users\Penguins\jagex_cl_runescape_LIVE.dat
  478. C:\Users\Penguins\jagex_cl_runescape_LIVE1.dat
  479. C:\Users\Penguins\jagex_cl_runescape_LIVE2.dat
  480. C:\Users\Penguins\jagex_cl_runescape_LIVE_BETA.dat
  481. C:\Users\Penguins\jagex_cl_speccollect_LIVE.dat
  482. C:\Users\Penguins\random.dat
  483. C:\Users\Penguins\random_1474b3dc.dat
  484. C:\Users\Penguins\random_1ae6c334.dat
  485. C:\Users\Penguins\random_1b1f5899.dat
  486. C:\Users\Penguins\random_2452b46e.dat
  487. C:\Users\Penguins\random_2983d883.dat
  488. C:\Users\Penguins\random_33f4f0d5.dat
  489. C:\Users\Penguins\random_58378847.dat
  490.  
  491.  
  492. ==================== Bamital & volsnap Check =================
  493.  
  494. (There is no automatic fix for files that do not pass verification.)
  495.  
  496. C:\Windows\System32\winlogon.exe => File is digitally signed
  497. C:\Windows\System32\wininit.exe => File is digitally signed
  498. C:\Windows\SysWOW64\wininit.exe => File is digitally signed
  499. C:\Windows\explorer.exe => File is digitally signed
  500. C:\Windows\SysWOW64\explorer.exe => File is digitally signed
  501. C:\Windows\System32\svchost.exe => File is digitally signed
  502. C:\Windows\SysWOW64\svchost.exe => File is digitally signed
  503. C:\Windows\System32\services.exe => File is digitally signed
  504. C:\Windows\System32\User32.dll => File is digitally signed
  505. C:\Windows\SysWOW64\User32.dll => File is digitally signed
  506. C:\Windows\System32\userinit.exe => File is digitally signed
  507. C:\Windows\SysWOW64\userinit.exe => File is digitally signed
  508. C:\Windows\System32\rpcss.dll => File is digitally signed
  509. C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
  510.  
  511.  
  512. LastRegBack: 2014-09-07 01:55
  513.  
  514. ==================== End Of Log ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!