API tools faq
paste
Advertisement
Guest User

FRST.txt

a guest
Aug 6th, 2016
61
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 26.70 KB | None | 0 0
raw download clone embed print report
  1. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03-08-2016
  2. Ran by SYSTEM on MININT-85B3B45 (06-08-2016 15:46:28)
  3. Running from H:\
  4. Platform: Windows 7 Home Premium (X64) Language: English (United States)
  5. Internet Explorer Version 11
  6. Boot Mode: Recovery
  7. Default: ControlSet001
  8. [b]ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.[/b]
  9.  
  10. Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
  11.  
  12. ==================== Registry (Whitelisted) ===========================
  13.  
  14. (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
  15.  
  16. HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-04-11] (Intel Corporation)
  17. HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [14601160 2015-07-01] (Logitech Inc.)
  18. HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation)
  19. HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
  20. HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7408312 2016-06-27] (AVAST Software)
  21. HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-02-20] (Intel Corporation)
  22. HKLM-x32\...\Run: [Corsair Utility Engine] => C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe [14885552 2016-03-23] (Corsair Components, Inc.)
  23. HKLM-x32\...\Run: [CAM] => D:\Program Files\NZXT\CAM\CAMLauncher.exe [47216 2016-08-04] ()
  24. HKLM\...\RunOnce: [*Restore] => C:\Windows\system32\rstrui.exe [296960 2016-04-08] (Microsoft Corporation)
  25. HKLM-x32\...\RunOnce: [PreRun] => C:\Program Files (x86)\Gigabyte\AppCenter\PreRun.exe [8192 2013-04-29] ()
  26. HKU\Admin\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [568904 2015-03-29] ()
  27. HKU\Admin\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2852128 2016-08-02] (Valve Corporation)
  28. HKU\Admin\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3639280 2016-06-10] (Electronic Arts)
  29. HKU\Admin\...\Run: [AudioSwitcher] => D:\My st00f\AudioSwitcher\AudioSwitcher.exe [458240 2016-03-15] (Forty One Ltd.)
  30. HKU\Admin\...\Run: [uTorrent] => C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe [2133504 2016-05-21] (BitTorrent Inc.)
  31. HKU\Admin\...\Run: [Battle.net] => D:\Program Files\Battle.net\Battle.net Launcher.exe [3122152 2016-06-21] (Blizzard Entertainment)
  32. HKU\Admin\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-24] (Microsoft Corporation) <==== ATTENTION
  33. HKU\Admin\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [242688 2010-11-20] (Microsoft Corporation)
  34.  
  35. ==================== Services (Whitelisted) ========================
  36.  
  37. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  38.  
  39. S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
  40. S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-06-04] (AVAST Software)
  41. S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [5570272 2016-06-04] (Avast Software)
  42. S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1392648 2016-07-12] ()
  43. S3 Disc Soft Lite Bus Service; D:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1277680 2015-03-30] (Disc Soft Ltd)
  44. S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342240 2015-11-05] (Futuremark)
  45. S2 gadjservice; C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe [16896 2015-04-14] ()
  46. S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-14] (NVIDIA Corporation)
  47. S3 HwmRecordService; C:\Program Files (x86)\GIGABYTE\SIV\HwmRecordService.exe [62784 2015-07-01] (GIGA-BYTE TECHNOLOGY CO., LTD.)
  48. S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-04-11] (Intel Corporation)
  49. S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation)
  50. S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation)
  51. S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation)
  52. S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-06-10] (Electronic Arts)
  53. S2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-02-06] ()
  54. S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2016-01-08] ()
  55. S4 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2014-04-17] (Qualcomm Atheros)
  56. S2 TeamViewer; D:\Program Files\TeamViewer\TeamViewer_Service.exe [5448464 2015-03-30] (TeamViewer GmbH)
  57. S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
  58. S4 MSI_Trigger_Service; "C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe" [X]
  59.  
  60. ===================== Drivers (Whitelisted) ==========================
  61.  
  62. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  63.  
  64. S3 AcpiCtlDrv; C:\Windows\System32\DRIVERS\AcpiCtlDrv.sys [25848 2011-06-28] (Intel Corporation)
  65. S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-06-04] (AVAST Software)
  66. S1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-06-04] (AVAST Software)
  67. S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-06-04] (AVAST Software)
  68. S1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-06-04] (AVAST Software)
  69. S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-06-04] (AVAST Software)
  70. S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-06-04] (AVAST Software)
  71. S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-06-04] (AVAST Software)
  72. S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-06-04] (AVAST Software)
  73. S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-05] ()
  74. S1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [82096 2014-04-10] (Qualcomm Atheros, Inc.)
  75. S3 CorsairVBusDriver; C:\Windows\System32\DRIVERS\CorsairVBusDriver.sys [47840 2015-05-18] (Corsair)
  76. S3 CorsairVHidDriver; C:\Windows\System32\DRIVERS\CorsairVHidDriver.sys [21728 2015-05-18] (Corsair)
  77. S3 cpuz138; D:\Users\Victor\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [27320 2016-08-05] (CPUID)
  78. S3 cpuz139; D:\Users\Victor\AppData\Local\Temp\cpuz139\cpuz139_x64.sys [43328 2016-08-05] (CPUID)
  79. S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-04-18] (Disc Soft Ltd)
  80. S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
  81. S0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [296736 2015-12-01] (Acronis International GmbH)
  82. S0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2014-04-11] (Intel Corporation)
  83. S3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-01-18] ()
  84. S3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [129200 2014-03-27] (Qualcomm Atheros, Inc.)
  85. S2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
  86. S3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [68384 2015-06-10] (Logitech Inc.)
  87. S3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
  88. S0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [161760 2016-06-04] (AVAST Software)
  89. S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation)
  90. S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-04-13] (NVIDIA Corporation)
  91. S3 rkion; C:\Windows\system32\rakon64.sys [86352 2015-01-30] ()
  92. S3 RTCore64; D:\Program Files\MSI Afterburner\RTCore64.sys [13512 2015-12-08] ()
  93. S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [1528976 2013-03-05] (Realtek Semiconductor Corporation )
  94. S3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39592 2014-12-30] (Razer Inc)
  95. S2 tib; C:\Windows\System32\DRIVERS\tib.sys [1058632 2015-12-01] (Acronis International GmbH)
  96. S2 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [248648 2015-12-01] (Acronis International GmbH)
  97. S2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [323392 2016-06-04] (Avast Software)
  98. S3 ALSysIO; \??\D:\Users\Victor\AppData\Local\Temp\ALSysIO64.sys [X]
  99. S3 DIRECTIO; \??\D:\Program Files\PerformanceTest\DirectIo64.sys [X]
  100. S2 iocbios2; \??\C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [X]
  101. S3 MSICDSetup; \??\Z:\CDriver64.sys [X]
  102. S3 NTIOLib_1_0_4; \??\C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [X]
  103. S3 NTIOLib_1_0_C; \??\Z:\NTIOLib_X64.sys [X]
  104. S3 NTIOLib_MSIClock_CC; \??\C:\Program Files (x86)\MSI\Command Center\ClockGen\NTIOLib_X64.sys [X]
  105. S3 NTIOLib_MSICOMM_CC; \??\C:\Program Files (x86)\MSI\Command Center\NTIOLib_X64.sys [X]
  106. S3 NTIOLib_MSICPU_CC; \??\C:\Program Files (x86)\MSI\Command Center\CPU\NTIOLib_X64.sys [X]
  107. S3 NTIOLib_MSIDDR_CC; \??\C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [X]
  108. S3 NTIOLib_MSIFrequency_CC; \??\C:\Program Files (x86)\MSI\Command Center\ClockGen\CPU_Frequency\NTIOLib_X64.sys [X]
  109. S3 NTIOLib_MSIRatio_CC; \??\C:\Program Files (x86)\MSI\Command Center\CPU\CPU_Ratio\NTIOLib_X64.sys [X]
  110. S3 NTIOLib_MSISMB_CC; \??\C:\Program Files (x86)\MSI\Command Center\SMBus\NTIOLib_X64.sys [X]
  111. S3 NTIOLib_MSISuperIO_CC; \??\C:\Program Files (x86)\MSI\Command Center\SuperIO\NTIOLib_X64.sys [X]
  112. S3 WinRing0_1_2_0; \??\D:\Program Files\NZXT\CAM\CAM_Client_V3.sys [X]
  113.  
  114. ==================== NetSvcs (Whitelisted) ===================
  115.  
  116. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  117.  
  118.  
  119. ==================== One Month Created files and folders ========
  120.  
  121. (If an entry is included in the fixlist, the file/folder will be moved.)
  122.  
  123. 2016-08-06 15:46 - 2016-08-06 15:46 - 00000000 ____D C:\FRST
  124. 2016-08-01 13:01 - 2016-08-01 13:01 - 00004536 _____ C:\Users\Admin\.recently-used.xbel
  125. 2016-07-16 17:41 - 2016-07-16 17:41 - 00000053 _____ C:\Users\Admin\camguest.id
  126. 2016-07-12 22:56 - 2016-06-10 22:57 - 00394448 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
  127. 2016-07-12 22:56 - 2016-06-10 20:48 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
  128. 2016-07-12 22:56 - 2016-06-10 13:38 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
  129. 2016-07-12 22:56 - 2016-06-10 13:38 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
  130. 2016-07-12 22:56 - 2016-06-10 13:19 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
  131. 2016-07-12 22:56 - 2016-06-10 13:08 - 00034304 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
  132. 2016-07-12 22:56 - 2016-06-10 13:03 - 00114688 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
  133. 2016-07-12 22:56 - 2016-06-10 12:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
  134. 2016-07-12 22:56 - 2016-06-10 12:38 - 00107520 _____ (Microsoft Corporation) C:\Windows\System32\inseng.dll
  135. 2016-07-12 22:56 - 2016-06-10 12:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\System32\occache.dll
  136. 2016-07-12 22:56 - 2016-06-10 12:13 - 00724992 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
  137. 2016-07-12 22:56 - 2016-06-10 11:30 - 01550848 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
  138. 2016-07-12 22:56 - 2016-06-10 10:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
  139. 2016-07-12 22:56 - 2016-06-10 10:53 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
  140. 2016-07-12 22:56 - 2016-06-10 10:53 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
  141. 2016-07-12 22:56 - 2016-06-10 10:52 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
  142. 2016-07-12 22:56 - 2016-06-10 10:47 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
  143. 2016-07-12 22:56 - 2016-06-10 10:46 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
  144. 2016-07-12 22:56 - 2016-06-10 10:45 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
  145. 2016-07-12 22:56 - 2016-06-10 10:42 - 20348928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
  146. 2016-07-12 22:56 - 2016-06-10 10:41 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
  147. 2016-07-12 22:56 - 2016-06-10 10:41 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
  148. 2016-07-12 22:56 - 2016-06-10 10:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
  149. 2016-07-12 22:56 - 2016-06-10 10:26 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
  150. 2016-07-12 22:56 - 2016-06-10 10:23 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
  151. 2016-07-12 22:56 - 2016-06-10 10:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
  152. 2016-07-12 22:56 - 2016-06-10 10:19 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
  153. 2016-07-12 22:56 - 2016-06-10 10:10 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
  154. 2016-07-12 22:56 - 2016-06-10 10:09 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
  155. 2016-07-12 22:56 - 2016-06-10 09:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
  156. 2016-07-12 22:56 - 2016-06-10 09:41 - 01315840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
  157. 2016-07-12 22:55 - 2016-06-25 16:27 - 00970240 _____ (Microsoft Corporation) C:\Windows\System32\localspl.dll
  158. 2016-07-12 22:55 - 2016-06-25 16:27 - 00756736 _____ (Microsoft Corporation) C:\Windows\System32\win32spl.dll
  159. 2016-07-12 22:55 - 2016-06-25 16:27 - 00344576 _____ (Microsoft Corporation) C:\Windows\System32\ntprint.dll
  160. 2016-07-12 22:55 - 2016-06-25 16:27 - 00166400 _____ (Microsoft Corporation) C:\Windows\System32\inetpp.dll
  161. 2016-07-12 22:55 - 2016-06-25 16:27 - 00022528 _____ (Microsoft Corporation) C:\Windows\System32\inetppui.dll
  162. 2016-07-12 22:55 - 2016-06-25 11:54 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
  163. 2016-07-12 22:55 - 2016-06-25 11:53 - 00297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
  164. 2016-07-12 22:55 - 2016-06-25 11:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\System32\ntprint.exe
  165. 2016-07-12 22:55 - 2016-06-25 11:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\wpnpinst.exe
  166. 2016-07-12 22:55 - 2016-06-25 11:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
  167. 2016-07-12 22:55 - 2016-06-14 07:03 - 03217408 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
  168. 2016-07-12 22:55 - 2016-06-10 13:20 - 00066560 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
  169. 2016-07-12 22:55 - 2016-06-10 13:19 - 00417792 _____ (Microsoft Corporation) C:\Windows\System32\html.iec
  170. 2016-07-12 22:55 - 2016-06-10 13:18 - 00572416 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
  171. 2016-07-12 22:55 - 2016-06-10 13:18 - 00088064 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
  172. 2016-07-12 22:55 - 2016-06-10 13:17 - 02895360 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
  173. 2016-07-12 22:55 - 2016-06-10 13:10 - 00054784 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
  174. 2016-07-12 22:55 - 2016-06-10 13:05 - 25814016 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
  175. 2016-07-12 22:55 - 2016-06-10 13:04 - 00615936 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
  176. 2016-07-12 22:55 - 2016-06-10 13:03 - 00144384 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
  177. 2016-07-12 22:55 - 2016-06-10 13:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
  178. 2016-07-12 22:55 - 2016-06-10 13:02 - 00814080 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
  179. 2016-07-12 22:55 - 2016-06-10 12:53 - 00968704 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
  180. 2016-07-12 22:55 - 2016-06-10 12:50 - 00489984 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
  181. 2016-07-12 22:55 - 2016-06-10 12:49 - 06047744 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
  182. 2016-07-12 22:55 - 2016-06-10 12:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
  183. 2016-07-12 22:55 - 2016-06-10 12:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
  184. 2016-07-12 22:55 - 2016-06-10 12:31 - 00315392 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
  185. 2016-07-12 22:55 - 2016-06-10 12:15 - 00262144 _____ (Microsoft Corporation) C:\Windows\System32\webcheck.dll
  186. 2016-07-12 22:55 - 2016-06-10 12:12 - 00806400 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
  187. 2016-07-12 22:55 - 2016-06-10 12:11 - 01359360 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
  188. 2016-07-12 22:55 - 2016-06-10 12:10 - 02131456 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
  189. 2016-07-12 22:55 - 2016-06-10 11:45 - 15409664 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
  190. 2016-07-12 22:55 - 2016-06-10 11:44 - 02869248 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
  191. 2016-07-12 22:55 - 2016-06-10 11:21 - 00800768 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
  192. 2016-07-12 22:55 - 2016-06-10 11:09 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
  193. 2016-07-12 22:55 - 2016-06-10 10:53 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
  194. 2016-07-12 22:55 - 2016-06-10 10:42 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
  195. 2016-07-12 22:55 - 2016-06-10 10:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
  196. 2016-07-12 22:55 - 2016-06-10 10:32 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
  197. 2016-07-12 22:55 - 2016-06-10 10:24 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
  198. 2016-07-12 22:55 - 2016-06-10 10:14 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
  199. 2016-07-12 22:55 - 2016-06-10 10:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
  200. 2016-07-12 22:55 - 2016-06-10 10:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
  201. 2016-07-12 22:55 - 2016-06-10 09:58 - 13806080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
  202. 2016-07-12 22:55 - 2016-06-10 09:45 - 02392576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
  203.  
  204. ==================== One Month Modified files and folders ========
  205.  
  206. (If an entry is included in the fixlist, the file/folder will be moved.)
  207.  
  208. 2016-08-06 00:24 - 2016-01-07 18:54 - 00003012 _____ C:\Windows\System32\Tasks\MSIAfterburner
  209. 2016-08-06 00:24 - 2014-12-26 23:45 - 00000000 ____D C:\Users\Admin\AppData\Roaming\uTorrent
  210. 2016-08-06 00:21 - 2016-06-16 01:40 - 00000000 ____D C:\Users\Admin\AppData\Local\Battle.net
  211. 2016-08-06 00:09 - 2014-12-04 04:15 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
  212. 2016-08-05 23:36 - 2014-12-04 04:31 - 00000000 ____D C:\Program Files (x86)\Steam
  213. 2016-08-05 22:09 - 2014-12-04 04:15 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
  214. 2016-08-05 22:00 - 2015-02-02 22:39 - 00000000 ____D C:\Users\Admin\AppData\Local\Adobe
  215. 2016-08-05 08:29 - 2009-07-13 21:13 - 00788524 _____ C:\Windows\System32\PerfStringBackup.INI
  216. 2016-08-05 08:29 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\inf
  217. 2016-08-05 08:28 - 2009-07-13 20:45 - 00024592 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
  218. 2016-08-05 08:28 - 2009-07-13 20:45 - 00024592 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
  219. 2016-08-05 08:21 - 2016-06-04 22:21 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS
  220. 2016-08-05 08:21 - 2016-01-07 21:41 - 00003168 _____ C:\Windows\System32\Tasks\FRAPS
  221. 2016-08-05 08:21 - 2014-12-20 23:37 - 00000000 ____D C:\users\Admin
  222. 2016-08-05 08:20 - 2016-04-28 14:27 - 00003194 _____ C:\Windows\System32\Tasks\CAM
  223. 2016-08-05 08:20 - 2015-09-27 10:43 - 00000000 ____D C:\Users\Admin\AppData\LocalLow\uTorrent
  224. 2016-08-05 08:20 - 2015-05-23 01:49 - 00026192 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
  225. 2016-08-05 08:20 - 2015-01-12 18:57 - 00000000 ____D C:\ProgramData\NVIDIA
  226. 2016-08-05 08:20 - 2014-12-07 03:42 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
  227. 2016-08-05 08:20 - 2014-12-04 04:51 - 00000000 ____D C:\ProgramData\Origin
  228. 2016-08-05 08:20 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
  229. 2016-08-05 08:19 - 2014-12-07 03:42 - 00292704 _____ C:\Windows\System32\Drivers\aswvmm.sys
  230. 2016-08-03 20:01 - 2016-03-09 22:11 - 00000000 ____D C:\Users\Admin\AppData\Local\Arma 3
  231. 2016-08-03 18:20 - 2015-04-30 23:50 - 00000000 ____D C:\Users\Admin\AppData\Roaming\vlc
  232. 2016-08-03 16:00 - 2016-03-09 22:08 - 00000000 ____D C:\Users\Admin\AppData\Local\Arma 3 Launcher
  233. 2016-08-01 13:01 - 2015-02-02 22:49 - 00000000 ____D C:\Users\Admin\AppData\Roaming\gtk-2.0
  234. 2016-08-01 13:01 - 2015-02-02 22:45 - 00000000 ____D C:\Users\Admin\.gimp-2.6
  235. 2016-07-28 22:04 - 2014-12-04 04:15 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
  236. 2016-07-28 22:04 - 2014-12-04 04:15 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
  237. 2016-07-27 10:05 - 2016-06-14 09:04 - 00000000 ___RD C:\Program Files (x86)\Skype
  238. 2016-07-27 10:05 - 2014-12-30 22:58 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Skype
  239. 2016-07-27 10:05 - 2014-12-04 04:31 - 00000000 ____D C:\ProgramData\Skype
  240. 2016-07-26 10:24 - 2014-12-04 03:41 - 00504488 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
  241. 2016-07-21 18:07 - 2014-12-04 04:49 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
  242. 2016-07-20 15:44 - 2016-06-08 12:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
  243. 2016-07-20 15:43 - 2014-12-04 04:49 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
  244. 2016-07-20 15:43 - 2014-12-04 04:49 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
  245. 2016-07-20 15:43 - 2014-12-04 04:49 - 00003770 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
  246. 2016-07-20 15:43 - 2014-12-04 04:49 - 00000000 ____D C:\Windows\SysWOW64\Macromed
  247. 2016-07-20 15:43 - 2014-12-04 04:49 - 00000000 ____D C:\Windows\System32\Macromed
  248. 2016-07-16 21:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
  249. 2016-07-14 03:09 - 2015-04-18 22:39 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
  250. 2016-07-13 09:44 - 2009-07-13 20:45 - 05170696 _____ C:\Windows\System32\FNTCACHE.DAT
  251. 2016-07-12 23:04 - 2014-12-05 03:01 - 00000000 ____D C:\Windows\System32\MRT
  252. 2016-07-12 23:01 - 2014-12-05 03:01 - 144749672 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
  253. 2016-07-12 23:00 - 2009-07-13 18:34 - 00000478 _____ C:\Windows\win.ini
  254. 2016-07-09 08:59 - 2009-07-13 21:08 - 00032606 _____ C:\Windows\Tasks\SCHEDLGU.TXT
  255.  
  256. ==================== Known DLLs (Whitelisted) =========================
  257.  
  258.  
  259. ==================== Bamital & volsnap =================
  260.  
  261. (There is no automatic fix for files that do not pass verification.)
  262.  
  263. C:\Windows\System32\winlogon.exe => MD5 is legit
  264. C:\Windows\System32\wininit.exe => MD5 is legit
  265. C:\Windows\SysWOW64\wininit.exe => MD5 is legit
  266. C:\Windows\explorer.exe => MD5 is legit
  267. C:\Windows\SysWOW64\explorer.exe => MD5 is legit
  268. C:\Windows\System32\svchost.exe => MD5 is legit
  269. C:\Windows\SysWOW64\svchost.exe => MD5 is legit
  270. C:\Windows\System32\services.exe => MD5 is legit
  271. C:\Windows\System32\User32.dll => MD5 is legit
  272. C:\Windows\SysWOW64\User32.dll => MD5 is legit
  273. C:\Windows\System32\userinit.exe => MD5 is legit
  274. C:\Windows\SysWOW64\userinit.exe => MD5 is legit
  275. C:\Windows\System32\rpcss.dll => MD5 is legit
  276. C:\Windows\System32\dnsapi.dll => MD5 is legit
  277. C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit
  278. C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
  279.  
  280. ==================== Association (Whitelisted) =============
  281.  
  282.  
  283. ==================== Restore Points =========================
  284.  
  285. Restore point date: 2016-07-18 19:27
  286. Restore point date: 2016-07-19 13:39
  287. Restore point date: 2016-07-21 18:46
  288. Restore point date: 2016-07-25 21:14
  289. Restore point date: 2016-07-26 10:50
  290. Restore point date: 2016-07-26 10:50
  291. Restore point date: 2016-07-27 10:04
  292. Restore point date: 2016-07-28 21:21
  293. Restore point date: 2016-08-01 21:45
  294. Restore point date: 2016-08-05 08:25
  295. Restore point date: 2016-08-06 14:30
  296.  
  297. ==================== Memory info ===========================
  298.  
  299. Percentage of memory in use: 7%
  300. Total physical RAM: 16311 MB
  301. Available physical RAM: 15074.11 MB
  302. Total Virtual: 16309.14 MB
  303. Available Virtual: 15110.04 MB
  304.  
  305. ==================== Drives ================================
  306.  
  307. Drive c: (250GB Samsung 850 EVO) (Fixed) (Total:232.79 GB) (Free:146.71 GB) NTFS
  308. Drive d: (2TB Western Digital Black) (Fixed) (Total:1863.02 GB) (Free:614.57 GB) NTFS
  309. Drive e: (4TB Western Digital Blue) (Fixed) (Total:3725.87 GB) (Free:1346.3 GB) NTFS
  310. Drive h: (FLASH DRIVE) (Removable) (Total:1.87 GB) (Free:1.51 GB) FAT
  311. Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
  312. Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from drive)]
  313.  
  314. ==================== MBR & Partition Table ==================
  315.  
  316. ========================================================
  317. Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: AABF74A1)
  318. Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
  319. Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)
  320.  
  321. ========================================================
  322. Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: C72E9A38)
  323. Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)
  324.  
  325. ========================================================
  326. Disk: 2 (Size: 1678 GB) (Disk ID: DB4BF07B)
  327.  
  328. Partition: GPT.
  329.  
  330. ========================================================
  331. Disk: 3 (Size: 1.9 GB) (Disk ID: 00048C76)
  332. Partition 1: (Not Active) - (Size=1.9 GB) - (Type=06)
  333.  
  334.  
  335. LastRegBack: 2016-08-05 20:15
  336.  
  337. ==================== End of FRST.txt ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!