API tools faq
paste
Advertisement
Guest User

FRST

a guest
Jul 8th, 2015
308
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 30.68 KB | None | 0 0
raw download clone embed print report
  1. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-07-2015
  2. Ran by bigbabybauer (administrator) on BIGBABYBAUER-PC on 08-07-2015 01:34:30
  3. Running from C:\Users\bigbabybauer\Desktop
  4. Loaded Profiles: bigbabybauer (Available Profiles: bigbabybauer & Breanna & Guest)
  5. Platform: Windows 7 Home Premium (X64) OS Language: English (United States)
  6. Internet Explorer Version 8 (Default browser: Opera)
  7. Boot Mode: Normal
  8. Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
  9.  
  10. ==================== Processes (Whitelisted) =================
  11.  
  12. (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
  13.  
  14. (Microsoft Corporation) C:\Windows\System32\wlanext.exe
  15. (ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
  16. (ASUS) C:\Program Files (x86)\Asus\ATK Package\ATK Hotkey\AsLdrSrv.exe
  17. (ASUS) C:\Program Files (x86)\Asus\ATK Package\ATKGFNEX\GFNEXSrv.exe
  18. (ASUSTek Computer Inc.) C:\Program Files (x86)\Asus\ATK Package\ATK Hotkey\HControl.exe
  19. (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
  20. (ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
  21. (ASUSTek Computer Inc.) C:\Program Files (x86)\Asus\ATK Package\ATKOSD2\ATKOSD2.exe
  22. (ASUSTek Computer Inc.) C:\Program Files (x86)\Asus\FaceLogon\sensorsrv.exe
  23. (ASUS) C:\Windows\AsScrPro.exe
  24. (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
  25. (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
  26. (Intel Corporation) C:\Windows\System32\igfxpers.exe
  27. (Intel Corporation) C:\Windows\System32\hkcmd.exe
  28. (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
  29. (ASUS) C:\Program Files (x86)\Asus\InstantOn for NB\InsOnSrv.exe
  30. (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
  31. (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
  32. (ASUS) C:\Program Files (x86)\Asus\InstantOn for NB\InsOnWMI.exe
  33. (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
  34. (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
  35. (SRS Labs, Inc.) C:\Users\bigbabybauer\Downloads\SRS\x64\SRS Audio Sandbox Vista 64\Cracked exe\SRSSSC.exe
  36. (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
  37. (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
  38. (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
  39. (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
  40. (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
  41. (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
  42. (ASUSTeK Computer Inc.) C:\Program Files (x86)\Asus\ASUS Live Update\LiveUpdate.exe
  43. (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
  44. (ASUS) C:\Program Files (x86)\Asus\ATK Package\ATK Hotkey\ATKOSD.exe
  45. (ASUS) C:\Program Files (x86)\Asus\ATK Package\ATK Hotkey\KBFiltr.exe
  46. (ASUS) C:\Program Files (x86)\Asus\ATK Package\ATK Hotkey\WDC.exe
  47. (Microsoft Corporation) C:\Windows\System32\alg.exe
  48. (Microsoft Corporation) C:\Windows\System32\dllhost.exe
  49. (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
  50. (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
  51. (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
  52. (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
  53. (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
  54. (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
  55. (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
  56. (Opera Software) C:\Program Files (x86)\Opera\30.0.1835.88\opera.exe
  57. (Opera Software) C:\Program Files (x86)\Opera\30.0.1835.88\opera_crashreporter.exe
  58. (Opera Software) C:\Program Files (x86)\Opera\30.0.1835.88\opera.exe
  59. (Opera Software) C:\Program Files (x86)\Opera\30.0.1835.88\opera.exe
  60. (Opera Software) C:\Program Files (x86)\Opera\30.0.1835.88\opera.exe
  61. (Opera Software) C:\Program Files (x86)\Opera\30.0.1835.88\opera.exe
  62. (Opera Software) C:\Program Files (x86)\Opera\30.0.1835.88\opera.exe
  63. (Opera Software) C:\Program Files (x86)\Opera\30.0.1835.88\opera.exe
  64. (Opera Software) C:\Program Files (x86)\Opera\30.0.1835.88\opera.exe
  65. (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
  66. (Opera Software) C:\Program Files (x86)\Opera\30.0.1835.88\opera.exe
  67. (Opera Software) C:\Program Files (x86)\Opera\30.0.1835.88\opera.exe
  68. (Opera Software) C:\Program Files (x86)\Opera\30.0.1835.88\opera.exe
  69. (Intel Corporation) C:\Windows\System32\igfxsrvc.exe
  70.  
  71.  
  72. ==================== Registry (Whitelisted) ==================
  73.  
  74. (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
  75.  
  76. HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2785064 2011-05-05] (Synaptics Incorporated)
  77. HKLM\...\Run: [SynAsusAcpi] => C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [97064 2011-05-05] (Synaptics Incorporated)
  78. HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277480 2011-08-16] (Realtek Semiconductor)
  79. Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
  80. HKU\S-1-5-21-3724984598-424098314-2994088863-1000\...\Run: [SRS Audio Sandbox] => C:\Users\bigbabybauer\Downloads\SRS\x64\SRS Audio Sandbox Vista 64\Cracked exe\SRSSSC.exe [4354048 2013-11-17] (SRS Labs, Inc.)
  81. ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => No File
  82. ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => No File
  83. ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => No File
  84. ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => No File
  85. ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => No File
  86. ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => No File
  87. CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
  88. CHR HKU\S-1-5-21-3724984598-424098314-2994088863-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
  89.  
  90. ==================== Internet (Whitelisted) ====================
  91.  
  92. (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
  93.  
  94. HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
  95. HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://www.google.com
  96. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://go.microsoft.com/fwlink/p/?LinkId=255141
  97. HKU\S-1-5-21-3724984598-424098314-2994088863-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
  98. HKU\S-1-5-21-3724984598-424098314-2994088863-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://go.microsoft.com/fwlink/p/?LinkId=255141
  99. SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2463} URL = http://isearch.fantastigames.com/web?src=ieb&gct=ds&appid=103&systemid=463&q={searchTerms}
  100. SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
  101. SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2463} URL = http://isearch.fantastigames.com/web?src=ieb&gct=ds&appid=103&systemid=463&q={searchTerms}
  102. SearchScopes: HKLM-x32 -> DefaultScope {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL =
  103. SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
  104. SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2463} URL = http://isearch.fantastigames.com/web?src=ieb&gct=ds&appid=103&systemid=463&q={searchTerms}
  105. SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
  106. SearchScopes: HKU\S-1-5-21-3724984598-424098314-2994088863-1000 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2463} URL = http://isearch.fantastigames.com/web?src=ieb&gct=ds&appid=103&systemid=463&q={searchTerms}
  107. SearchScopes: HKU\S-1-5-21-3724984598-424098314-2994088863-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  108. SearchScopes: HKU\S-1-5-21-3724984598-424098314-2994088863-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2463} URL = http://isearch.fantastigames.com/web?src=ieb&gct=ds&appid=103&systemid=463&q={searchTerms}
  109. BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
  110. BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
  111. BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-22] (Oracle Corporation)
  112. BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
  113. BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-09-23] (Microsoft Corporation)
  114. BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
  115. BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-22] (Oracle Corporation)
  116. Toolbar: HKU\S-1-5-21-3724984598-424098314-2994088863-1000 -> No Name - {46575637-0076-A76A-76A7-7A786E7484D7} - No File
  117. DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}
  118. Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
  119. Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
  120. Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
  121. Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2013-03-02] (Microsoft Corporation)
  122. Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2013-03-02] (Microsoft Corporation)
  123. Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2013-03-02] (Microsoft Corporation)
  124. Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2013-03-02] (Microsoft Corporation)
  125. Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
  126. Tcpip\..\Interfaces\{D11B65D6-87E2-4EBD-A3CB-63161A911575}: [DhcpNameServer] 192.168.1.1
  127.  
  128. FireFox:
  129. ========
  130. FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_190.dll [2015-06-23] ()
  131. FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2012-10-20] (Microsoft Corporation)
  132. FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
  133. FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_190.dll [2015-06-23] ()
  134. FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
  135. FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll No File
  136. FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-22] (Oracle Corporation)
  137. FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-22] (Oracle Corporation)
  138. FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2012-10-20] (Microsoft Corporation)
  139. FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
  140. FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
  141. FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
  142. FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
  143. FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
  144. FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
  145. FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
  146. FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
  147. FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
  148. FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
  149. FF Plugin HKU\S-1-5-21-3724984598-424098314-2994088863-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\bigbabybauer\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-10-08] (Unity Technologies ApS)
  150. FF HKLM-x32\...\Firefox\Extensions: [infoatoms@infoatoms.com] - C:\Program Files (x86)\Mozilla Firefox\extensions\infoatoms@infoatoms.com
  151.  
  152. Chrome:
  153. =======
  154. CHR Profile: C:\Users\bigbabybauer\AppData\Local\Google\Chrome\User Data\Profile 2
  155. CHR Extension: (Google Drive) - C:\Users\bigbabybauer\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-08]
  156. CHR Extension: (YouTube) - C:\Users\bigbabybauer\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-08]
  157. CHR Extension: (Google Search) - C:\Users\bigbabybauer\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-08]
  158. CHR Extension: (Gmail) - C:\Users\bigbabybauer\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-08]
  159. CHR Profile: C:\Users\bigbabybauer\AppData\Local\Google\Chrome\User Data\Profile 3
  160. CHR Extension: (Google Drive) - C:\Users\bigbabybauer\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-08]
  161. CHR Extension: (YouTube) - C:\Users\bigbabybauer\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-08]
  162. CHR Extension: (Google Search) - C:\Users\bigbabybauer\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-08]
  163. CHR Extension: (BitTorrent Surf Beta) - C:\Users\bigbabybauer\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ibpbofogepkkeoockhkfcgngjkimndlp [2015-02-13]
  164. CHR Extension: (Foxish live RSS) - C:\Users\bigbabybauer\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\jpgagcapnkccceppgljfpoadahaopjdb [2015-02-13]
  165. CHR Extension: (Announcify) - C:\Users\bigbabybauer\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\mmiolkcfamcbpoandjpnefiegkcpeoan [2015-02-20]
  166. CHR Extension: (Gmail) - C:\Users\bigbabybauer\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-08]
  167.  
  168. Opera:
  169. =======
  170. OPR Extension: (honestbleeps) - C:\Users\bigbabybauer\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfdcmdcpehpkengmkhkbpifajmbhfgae [2015-03-05]
  171. OPR Extension: (Adblock Plus) - C:\Users\bigbabybauer\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2015-01-12]
  172. OPR Extension: (fucuxa) - C:\Users\bigbabybauer\AppData\Roaming\Opera Software\Opera Stable\Extensions\pcfaommkmdjacdkbaoohklbccfmbnnod [2015-06-27]
  173.  
  174. ==================== Services (Whitelisted) =================
  175.  
  176. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  177.  
  178. S3 Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDevice.exe [55336 2015-06-27] ()
  179. R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
  180. R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-02-16] (ASUS)
  181. R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
  182. R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
  183. S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
  184. R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
  185. R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
  186. R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
  187.  
  188. ==================== Drivers (Whitelisted) ====================
  189.  
  190. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  191.  
  192. R1 ATKWMIACPIIO_; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [17536 2011-09-07] (ASUS)
  193. R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
  194. R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
  195. R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-07-07] (Malwarebytes Corporation)
  196. R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
  197. R3 SRS_SSCFilter; C:\Windows\System32\drivers\srs_sscfilter_amd64.sys [346992 2009-12-15] ()
  198. S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-20] (Anchorfree Inc.)
  199.  
  200. ==================== NetSvcs (Whitelisted) ===================
  201.  
  202. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  203.  
  204.  
  205. ==================== One Month Created files and folders ========
  206.  
  207. (If an entry is included in the fixlist, the file/folder will be moved.)
  208.  
  209. 2015-07-08 01:34 - 2015-07-08 01:34 - 00019583 _____ C:\Users\bigbabybauer\Desktop\FRST.txt
  210. 2015-07-08 01:02 - 2015-07-08 01:34 - 00000000 ____D C:\FRST
  211. 2015-07-08 01:01 - 2015-07-08 01:01 - 02112512 _____ (Farbar) C:\Users\bigbabybauer\Desktop\FRST64.exe
  212. 2015-07-06 15:13 - 2015-07-02 22:42 - 73420288 _____ (taig tools) C:\Users\bigbabybauer\Desktop\TaiGJBreak_EN_2300.exe
  213. 2015-07-06 14:50 - 2015-07-06 14:55 - 71731922 _____ C:\Users\bigbabybauer\Downloads\TaiGJBreak_EN_2300.zip
  214. 2015-07-04 19:28 - 2015-05-19 22:52 - 00000000 ____D C:\Users\bigbabybauer\Desktop\data
  215. 2015-07-04 19:23 - 2015-07-04 19:26 - 191155416 _____ C:\Users\bigbabybauer\Downloads\SSF2DemoV0_9b1982.zip
  216. 2015-07-01 18:09 - 2015-07-01 18:30 - 1905728395 _____ C:\Users\bigbabybauer\Downloads\iPhone6,1_8.3_12F70_Restore.ipsw
  217. 2015-06-27 14:10 - 2015-06-27 14:10 - 00000964 _____ C:\Users\bigbabybauer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\osu!.lnk
  218. 2015-06-27 14:10 - 2015-06-27 14:10 - 00000956 _____ C:\Users\bigbabybauer\Desktop\osu!.lnk
  219. 2015-06-27 14:09 - 2015-07-06 16:28 - 00000000 ____D C:\Users\bigbabybauer\AppData\Local\osu!
  220. 2015-06-27 14:08 - 2015-06-27 14:08 - 03262024 _____ (ppy) C:\Users\bigbabybauer\Downloads\osu!install.exe
  221. 2015-06-27 12:16 - 2015-06-27 12:19 - 52266712 _____ (悠然天地科技有限公司) C:\Users\bigbabybauer\Downloads\iTunesDriver64_0205.exe
  222. 2015-06-27 11:26 - 2015-06-27 11:26 - 00000000 ____D C:\Users\bigbabybauer\AppData\Roaming\TaiG
  223. 2015-06-25 20:31 - 2015-06-25 20:31 - 00174110 _____ C:\Users\bigbabybauer\Downloads\Package Control.sublime-package
  224. 2015-06-25 20:26 - 2015-06-25 20:26 - 00000000 ____D C:\Users\bigbabybauer\AppData\Roaming\Sublime Text 2
  225. 2015-06-25 20:19 - 2015-06-25 20:19 - 06513608 _____ ( ) C:\Users\bigbabybauer\Downloads\Sublime Text 2.0.2 x64 Setup.exe
  226. 2015-06-25 20:14 - 2015-06-25 20:14 - 00282401 _____ C:\Users\bigbabybauer\Downloads\lua-5.3.1.tar.gz
  227. 2015-06-25 20:14 - 2015-06-25 20:14 - 00000000 ____D C:\Users\bigbabybauer\Desktop\lua-5.3.1
  228. 2015-06-25 20:10 - 2015-06-25 20:11 - 00000000 ____D C:\Users\bigbabybauer\Documents\Corona Projects
  229. 2015-06-25 20:09 - 2015-06-25 20:09 - 00001205 _____ C:\Users\Public\Desktop\Corona Simulator.lnk
  230. 2015-06-25 20:09 - 2015-06-25 20:09 - 00000000 ____D C:\Users\bigbabybauer\AppData\Roaming\Corona Labs
  231. 2015-06-25 20:08 - 2015-06-25 20:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corona SDK
  232. 2015-06-25 20:08 - 2015-06-25 20:08 - 00000000 ____D C:\Program Files (x86)\Corona Labs
  233. 2015-06-25 20:03 - 2015-06-25 20:03 - 54493184 _____ C:\Users\bigbabybauer\Downloads\CoronaSDK-2015.2646.msi
  234. 2015-06-17 01:23 - 2015-06-17 01:23 - 00000000 ____D C:\Users\Guest\AppData\Local\Macromedia
  235. 2015-06-16 17:33 - 2015-06-16 17:33 - 00000000 ____D C:\Users\Guest\AppData\Roaming\Mozilla
  236. 2015-06-16 17:33 - 2015-06-16 17:33 - 00000000 ____D C:\Users\Guest\AppData\Local\Mozilla
  237. 2015-06-09 23:35 - 2015-06-09 23:35 - 00000000 ____D C:\Users\Breanna\AppData\Local\Macromedia
  238. 2015-06-09 23:34 - 2015-06-09 23:35 - 00000000 ____D C:\Users\Breanna\AppData\Roaming\Mozilla
  239. 2015-06-09 23:34 - 2015-06-09 23:35 - 00000000 ____D C:\Users\Breanna\AppData\Local\Mozilla
  240. 2015-06-09 23:34 - 2015-06-09 23:34 - 00001121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
  241. 2015-06-09 23:34 - 2015-06-09 23:34 - 00001109 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
  242. 2015-06-09 23:34 - 2015-06-09 23:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
  243. 2015-06-09 23:34 - 2015-06-09 23:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
  244. 2015-06-09 23:12 - 2015-05-22 11:47 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
  245. 2015-06-09 23:12 - 2015-05-22 11:47 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
  246. 2015-06-09 23:12 - 2015-05-22 11:47 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
  247. 2015-06-09 23:12 - 2015-05-22 11:47 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
  248. 2015-06-09 23:12 - 2015-05-22 11:47 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
  249. 2015-06-09 23:12 - 2015-05-22 11:47 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
  250. 2015-06-09 23:12 - 2015-05-22 11:42 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
  251. 2015-06-09 23:12 - 2015-05-21 08:12 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
  252.  
  253. ==================== One Month Modified files and folders ========
  254.  
  255. (If an entry is included in the fixlist, the file/folder will be moved.)
  256.  
  257. 2015-07-08 01:18 - 2012-10-19 00:34 - 00000000 ____D C:\Users\bigbabybauer\AppData\Roaming\Skype
  258. 2015-07-08 00:55 - 2013-03-26 23:03 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
  259. 2015-07-07 23:46 - 2014-09-15 14:46 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
  260. 2015-07-07 23:05 - 2012-09-27 12:53 - 01707198 ____N C:\Windows\WindowsUpdate.log
  261. 2015-07-07 02:14 - 2012-10-23 13:36 - 00003982 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{6660F8DC-7A3D-4524-B7E7-6F48D8190125}
  262. 2015-07-06 19:19 - 2009-07-13 23:45 - 00023520 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
  263. 2015-07-06 19:19 - 2009-07-13 23:45 - 00023520 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
  264. 2015-07-06 19:12 - 2013-12-24 02:12 - 00000443 _____ C:\Windows\system32\Drivers\etc\hosts.ics
  265. 2015-07-06 19:11 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
  266. 2015-07-04 19:50 - 2014-11-05 16:30 - 00000000 ____D C:\Users\bigbabybauer\AppData\Local\Spotify
  267. 2015-07-04 19:27 - 2014-11-05 16:29 - 00000000 ____D C:\Users\bigbabybauer\AppData\Roaming\Spotify
  268. 2015-07-04 13:25 - 2014-09-15 14:46 - 00001064 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
  269. 2015-07-04 13:25 - 2014-09-15 14:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
  270. 2015-07-04 13:25 - 2014-09-15 14:46 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
  271. 2015-07-03 15:14 - 2013-02-18 17:01 - 00000000 ____D C:\Users\bigbabybauer\AppData\Roaming\SoftGrid Client
  272. 2015-07-02 13:57 - 2015-04-30 08:18 - 00000000 ____D C:\Users\Guest\AppData\Roaming\SoftGrid Client
  273. 2015-06-28 17:33 - 2014-07-25 02:56 - 00000000 ____D C:\Users\bigbabybauer\AppData\Roaming\uTorrent
  274. 2015-06-28 17:32 - 2015-03-07 17:20 - 00000000 ____D C:\Users\bigbabybauer\AppData\Local\CrashDumps
  275. 2015-06-28 17:32 - 2012-10-19 00:08 - 00000000 ____D C:\Windows\Minidump
  276. 2015-06-27 12:23 - 2012-10-30 17:14 - 00000000 ____D C:\Program Files\Common Files\Apple
  277. 2015-06-27 12:07 - 2013-04-05 19:31 - 00000000 ____D C:\Users\bigbabybauer\Desktop\Movies
  278. 2015-06-25 21:55 - 2014-12-26 14:41 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
  279. 2015-06-25 11:36 - 2015-01-12 21:56 - 00003844 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1421117794
  280. 2015-06-25 11:36 - 2015-01-12 21:56 - 00000000 ____D C:\Program Files (x86)\Opera
  281. 2015-06-23 18:55 - 2013-03-26 23:03 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
  282. 2015-06-23 18:55 - 2013-03-26 23:03 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
  283. 2015-06-23 18:55 - 2013-03-26 23:03 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
  284. 2015-06-23 13:30 - 2013-11-13 19:11 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
  285. 2015-06-18 08:41 - 2014-09-15 14:46 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
  286. 2015-06-18 08:41 - 2014-09-15 14:46 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
  287. 2015-06-18 08:41 - 2014-09-15 14:46 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
  288. 2015-06-13 23:56 - 2013-04-05 19:48 - 00000000 ____D C:\Users\bigbabybauer\AppData\Roaming\vlc
  289. 2015-06-13 13:47 - 2014-12-15 16:26 - 00000000 ____D C:\Windows\system32\appraiser
  290. 2015-06-13 13:47 - 2014-07-12 03:07 - 00000000 ___SD C:\Windows\system32\CompatTel
  291. 2015-06-13 03:09 - 2013-08-14 03:02 - 00000000 ____D C:\Windows\system32\MRT
  292. 2015-06-13 03:00 - 2012-10-26 08:22 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
  293. 2015-06-10 11:32 - 2013-07-08 14:12 - 00000000 ____D C:\Users\Breanna\AppData\Roaming\Skype
  294.  
  295. ==================== Files in the root of some directories =======
  296.  
  297. 2013-07-11 07:12 - 2013-07-11 07:12 - 0000046 _____ () C:\Users\bigbabybauer\AppData\Roaming\Camdata.ini
  298. 2013-07-11 07:12 - 2013-07-11 07:12 - 0000408 _____ () C:\Users\bigbabybauer\AppData\Roaming\CamLayout.ini
  299. 2013-07-11 07:12 - 2013-07-11 07:12 - 0000408 _____ () C:\Users\bigbabybauer\AppData\Roaming\CamShapes.ini
  300. 2013-07-11 07:12 - 2013-07-11 07:12 - 0004510 _____ () C:\Users\bigbabybauer\AppData\Roaming\CamStudio.cfg
  301. 2015-01-12 23:24 - 2015-01-12 23:24 - 0000000 _____ () C:\Users\bigbabybauer\AppData\Roaming\libiconv
  302. 2015-01-12 23:24 - 2015-01-12 23:24 - 0000000 _____ () C:\Users\bigbabybauer\AppData\Roaming\programs
  303. 2013-08-31 00:50 - 2013-08-31 00:56 - 0000600 _____ () C:\Users\bigbabybauer\AppData\Local\PUTTY.RND
  304. 2015-01-12 20:40 - 2015-01-13 19:32 - 0007601 _____ () C:\Users\bigbabybauer\AppData\Local\Resmon.ResmonCfg
  305. 2014-02-23 22:28 - 2014-02-23 22:28 - 0000268 ___RH () C:\ProgramData\AccountTypes
  306. 2014-02-23 22:24 - 2014-02-23 22:24 - 0000268 ___RH () C:\ProgramData\Application
  307. 2014-02-23 22:24 - 2014-02-23 22:24 - 0000020 ____H () C:\ProgramData\PKP_DLeo.DAT
  308. 2014-02-23 22:28 - 2014-02-23 22:28 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
  309. 2014-02-23 22:26 - 2015-01-12 23:24 - 0000000 ____H () C:\ProgramData\PKP_DLet.DAT
  310. 2014-02-23 22:26 - 2015-01-12 23:24 - 0000000 ____H () C:\ProgramData\PKP_DLev.DAT
  311. 2009-07-29 00:21 - 2009-07-28 13:31 - 0000223 _____ () C:\ProgramData\setwallpaper.cmd
  312. 2009-07-29 00:21 - 2009-07-22 20:04 - 0024576 _____ () C:\ProgramData\SetWallpaper.exe
  313. 2011-02-03 08:22 - 2011-02-03 08:22 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
  314. 2011-02-03 08:21 - 2011-02-03 08:21 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
  315.  
  316. Files to move or delete:
  317. ====================
  318. C:\ProgramData\SetWallpaper.exe
  319.  
  320.  
  321. Some files in TEMP:
  322. ====================
  323. C:\Users\Breanna\AppData\Local\Temp\SkypeSetup.exe
  324.  
  325.  
  326. ==================== Bamital & volsnap Check =================
  327.  
  328. (There is no automatic fix for files that do not pass verification.)
  329.  
  330. C:\Windows\System32\winlogon.exe => File is digitally signed
  331. C:\Windows\System32\wininit.exe => File is digitally signed
  332. C:\Windows\SysWOW64\wininit.exe => File is digitally signed
  333. C:\Windows\explorer.exe => File is digitally signed
  334. C:\Windows\SysWOW64\explorer.exe => File is digitally signed
  335. C:\Windows\System32\svchost.exe => File is digitally signed
  336. C:\Windows\SysWOW64\svchost.exe => File is digitally signed
  337. C:\Windows\System32\services.exe => File is digitally signed
  338. C:\Windows\System32\User32.dll => File is digitally signed
  339. C:\Windows\SysWOW64\User32.dll => File is digitally signed
  340. C:\Windows\System32\userinit.exe => File is digitally signed
  341. C:\Windows\SysWOW64\userinit.exe => File is digitally signed
  342. C:\Windows\System32\rpcss.dll => File is digitally signed
  343. C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
  344.  
  345.  
  346. LastRegBack: 2015-07-04 14:18
  347.  
  348. ==================== End of log ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!