API tools faq
paste
Pentraksil

Untitled

Pentraksil
Apr 30th, 2015
51
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 29.47 KB | None | 0 0
raw download clone embed print report
  1. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-04-2015 01
  2. Ran by Danilo (administrator) on VOJVODA on 30-04-2015 17:41:53
  3. Running from C:\Users\Danilo\Desktop
  4. Loaded Profiles: Danilo (Available profiles: Danilo)
  5. Platform: Windows 7 Ultimate (X64) OS Language: English (United States)
  6. Internet Explorer Version 8 (Default browser: Chrome)
  7. Boot Mode: Normal
  8. Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
  9.  
  10. ==================== Processes (Whitelisted) =================
  11.  
  12. (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
  13.  
  14. (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
  15. (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
  16. (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
  17. (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
  18. (AMD) C:\Windows\System32\atiesrxx.exe
  19. (AMD) C:\Windows\System32\atieclxx.exe
  20. (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
  21. (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
  22. (ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
  23. (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
  24. (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
  25. (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
  26. (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
  27. (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
  28. (Vimicro) C:\Windows\vmsnap3.exe
  29. (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
  30. (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
  31. () C:\Windows\Domino.exe
  32. (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
  33. (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
  34. (GRETECH) C:\Program Files (x86)\GRETECH\GOMTray\GomTray.exe
  35. (Akamai Technologies, Inc.) C:\Users\Danilo\AppData\Local\Akamai\netsession_win.exe
  36. () C:\Windows\SysWOW64\PnkBstrA.exe
  37. (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
  38. (Akamai Technologies, Inc.) C:\Users\Danilo\AppData\Local\Akamai\netsession_win.exe
  39. (AVG) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
  40. (ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\HP Webcam Software Suite\Magic-i Visual Effects 2\uCamMonitor.exe
  41. (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
  42. (Company) C:\Program Files (x86)\Popcorn Time\Updater.exe
  43. (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
  44. (AVG) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
  45. (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
  46. (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
  47. (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
  48.  
  49.  
  50. ==================== Registry (Whitelisted) ==================
  51.  
  52. (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
  53.  
  54. HKLM\...\Run: [VMSnap3] => C:\Windows\VMSnap3.exe [49152 2006-07-18] (Vimicro)
  55. HKLM\...\Run: [Domino] => C:\Windows\Domino.exe [49152 2006-07-04] ()
  56. HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-28] (NVIDIA Corporation)
  57. HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
  58. HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13774040 2015-02-09] (Realtek Semiconductor)
  59. HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5188112 2014-12-16] (AVG Technologies CZ, s.r.o.)
  60. HKU\S-1-5-21-202121130-3967424727-4139935956-1000\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3108480 2012-10-23] (DT Soft Ltd)
  61. HKU\S-1-5-21-202121130-3967424727-4139935956-1000\...\Run: [GomTray] => C:\Program Files (x86)\GRETECH\GOMTray\GomTray.exe [2384472 2013-07-04] (GRETECH)
  62. HKU\S-1-5-21-202121130-3967424727-4139935956-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Danilo\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)
  63. HKU\S-1-5-21-202121130-3967424727-4139935956-1000\...\Run: [MP3 Skype recorder] => C:\Users\Danilo\AppData\Local\MP3 Skype recorder\MP3SkypeRecorder.exe [1561472 2015-02-11] ()
  64. Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Button Manager.lnk [2015-02-12]
  65. ShortcutTarget: HP Button Manager.lnk -> C:\Program Files (x86)\HP Button Manager\BM.exe ()
  66. CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
  67.  
  68. ==================== Internet (Whitelisted) ====================
  69.  
  70. (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
  71.  
  72. SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  73. SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  74. SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  75. SearchScopes: HKU\S-1-5-21-202121130-3967424727-4139935956-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
  76. BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-09-14] (Oracle Corporation)
  77. BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-09-14] (Oracle Corporation)
  78. Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2013-03-02] (Microsoft Corporation)
  79. Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2013-03-02] (Microsoft Corporation)
  80. Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2013-03-02] (Microsoft Corporation)
  81. Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2013-03-02] (Microsoft Corporation)
  82. Tcpip\Parameters: [DhcpNameServer] 89.216.1.40 89.216.1.50
  83.  
  84. FireFox:
  85. ========
  86. FF ProfilePath: C:\Users\Danilo\AppData\Roaming\Mozilla\Firefox\Profiles\5kqv6ue2.default
  87. FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
  88. FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-14] (Oracle Corporation)
  89. FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-09-14] (Oracle Corporation)
  90. FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll [2014-08-16] (Nexon)
  91. FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-04-08] (NVIDIA Corporation)
  92. FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-04-08] (NVIDIA Corporation)
  93. FF Plugin-x32: @verimatrix.com/ViewRightWeb -> C:\Program Files (x86)\Verimatrix\ViewRight Web\\npViewRight.dll [2014-06-10] (Verimatrix, Inc.)
  94. FF Plugin HKU\S-1-5-21-202121130-3967424727-4139935956-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Danilo\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
  95. FF Plugin HKU\S-1-5-21-202121130-3967424727-4139935956-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Danilo\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
  96. FF Plugin HKU\S-1-5-21-202121130-3967424727-4139935956-1000: @verimatrix.com/ViewRightWeb -> C:\Program Files (x86)\Verimatrix\ViewRight Web\\npViewRight.dll [2014-06-10] (Verimatrix, Inc.)
  97. FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\pogodakyu.xml [2015-04-16]
  98. FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\vokabular.xml [2015-04-16]
  99.  
  100. Chrome:
  101. =======
  102. CHR dev: Chrome dev build detected! <======= ATTENTION
  103. CHR Profile: C:\Users\Danilo\AppData\Local\Google\Chrome\User Data\Default
  104. CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Danilo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-29]
  105. CHR Extension: (Google Wallet) - C:\Users\Danilo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-21]
  106. StartMenuInternet: Google Chrome.Q2K3RCXMLP45W3A64UUHMA5O7I - C:\Users\Danilo\AppData\Local\Google\Chrome\Application\chrome.exe
  107.  
  108. ==================== Services (Whitelisted) =================
  109.  
  110. (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
  111.  
  112. R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
  113. R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3247120 2014-12-16] (AVG Technologies CZ, s.r.o.)
  114. R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-12-16] (AVG Technologies CZ, s.r.o.)
  115. R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation)
  116. S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
  117. S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
  118. R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-28] (NVIDIA Corporation)
  119. R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation)
  120. S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-18] (Electronic Arts)
  121. R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-06-29] ()
  122. R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2099512 2013-09-23] (AVG)
  123. R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\HP Webcam Software Suite\Magic-i Visual Effects 2\uCamMonitor.exe [145984 2012-01-18] (ArcSoft, Inc.)
  124. R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [335360 2014-12-17] (Company) [File not signed]
  125. S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
  126.  
  127. ==================== Drivers (Whitelisted) ====================
  128.  
  129. (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
  130.  
  131. R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11944 2015-02-09] (Advanced Micro Devices Inc.)
  132. R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2008-04-24] (ArcSoft, Inc.)
  133. R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2014-06-21] ()
  134. R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
  135. R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [244504 2014-07-21] (AVG Technologies CZ, s.r.o.)
  136. R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
  137. R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [237848 2014-10-24] (AVG Technologies CZ, s.r.o.)
  138. R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
  139. R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-10-29] (AVG Technologies CZ, s.r.o.)
  140. R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
  141. R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-10-20] (AVG Technologies CZ, s.r.o.)
  142. R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2014-06-21] (DT Soft Ltd)
  143. R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-02-09] (REALiX(tm))
  144. R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2014-06-21] ()
  145. S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
  146. S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
  147. R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation)
  148. R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
  149. R1 RsProxy; C:\Windows\system32\drivers\RsProxy.sys [15976 2015-04-30] ()
  150. R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2013-09-18] (TuneUp Software)
  151. S3 vvftav303; C:\Windows\System32\drivers\vvftav303.sys [308096 2007-06-23] (Vimicro Corporation)
  152. S3 ZSMC0303; C:\Windows\System32\Drivers\usbVM303.sys [1494656 2007-03-25] (Vimicro Corporation)
  153. U4 Avgfwfd; system32\DRIVERS\avgfwd6a.sys [X]
  154. S3 cpuz137; \??\C:\Users\Danilo\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]
  155. S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
  156.  
  157. ==================== NetSvcs (Whitelisted) ===================
  158.  
  159. (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
  160.  
  161.  
  162. ==================== One Month Created Files and Folders ========
  163.  
  164. (If an entry is included in the fixlist, the file\folder will be moved.)
  165.  
  166. 2015-04-30 17:41 - 2015-04-30 17:42 - 00013850 _____ () C:\Users\Danilo\Desktop\FRST.txt
  167. 2015-04-30 17:41 - 2015-04-30 17:41 - 00000000 ____D () C:\FRST
  168. 2015-04-30 14:07 - 2015-04-30 14:07 - 02101248 _____ (Farbar) C:\Users\Danilo\Desktop\FRST64.exe
  169. 2015-04-30 12:18 - 2015-04-30 12:18 - 00000583 _____ () C:\Users\Danilo\Desktop\Kerbal Space Program.lnk
  170. 2015-04-30 12:18 - 2015-04-30 12:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kerbal Space Program
  171. 2015-04-29 19:47 - 2015-04-29 19:47 - 00000000 ____D () C:\Users\Danilo\AppData\Roaming\Kalypso Media
  172. 2015-04-29 19:45 - 2015-04-29 19:45 - 00000557 _____ () C:\Users\Danilo\Desktop\Dungeons 2.lnk
  173. 2015-04-29 19:45 - 2015-04-29 19:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dungeons 2
  174. 2015-04-26 20:49 - 2015-04-26 20:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
  175. 2015-04-24 15:19 - 2015-04-24 15:19 - 00000000 ____D () C:\Users\Danilo\AppData\Roaming\.mono
  176. 2015-04-24 15:19 - 2015-04-24 15:19 - 00000000 ____D () C:\ProgramData\.mono
  177. 2015-04-24 00:15 - 2015-04-24 00:15 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
  178. 2015-04-24 00:15 - 2015-04-24 00:15 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
  179. 2015-04-24 00:15 - 2015-04-24 00:15 - 00000000 ____D () C:\Users\Danilo\AppData\Roaming\Mozilla
  180. 2015-04-24 00:15 - 2015-04-24 00:15 - 00000000 ____D () C:\Users\Danilo\AppData\Local\Mozilla
  181. 2015-04-24 00:15 - 2015-04-24 00:15 - 00000000 ____D () C:\ProgramData\Mozilla
  182. 2015-04-24 00:15 - 2015-04-24 00:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
  183. 2015-04-24 00:15 - 2015-04-24 00:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
  184. 2015-04-21 19:53 - 2015-04-21 19:53 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-VOJVODA-Windows-7-Ultimate-(64-bit).dat
  185. 2015-04-21 19:53 - 2015-04-21 19:53 - 00000000 ____D () C:\RegBackup
  186. 2015-04-21 19:46 - 2015-04-29 20:43 - 00000020 _____ () C:\Users\Danilo\AppData\Roaming\appdataFr3.bin
  187. 2015-04-21 19:42 - 2015-04-21 19:26 - 00024064 _____ () C:\Windows\zoek-delete.exe
  188. 2015-04-21 19:29 - 2015-04-21 19:44 - 00009616 _____ () C:\zoek-results.log
  189. 2015-04-21 19:26 - 2015-04-21 19:40 - 00000000 ____D () C:\zoek_backup
  190. 2015-04-21 13:59 - 2015-04-30 17:37 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
  191. 2015-04-21 13:59 - 2015-04-29 23:12 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
  192. 2015-04-21 13:59 - 2015-04-29 23:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
  193. 2015-04-21 13:59 - 2015-04-29 23:12 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
  194. 2015-04-21 13:59 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
  195. 2015-04-21 13:59 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
  196. 2015-04-21 13:59 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
  197. 2015-04-17 23:54 - 2015-04-17 23:54 - 00000000 ____D () C:\Users\Danilo\AppData\Local\spacegame
  198. 2015-04-16 01:19 - 2015-04-21 00:12 - 00000881 _____ () C:\Users\Danilo\Desktop\Launcher.exe - Shortcut.lnk
  199. 2015-04-15 20:38 - 2015-04-21 00:11 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games
  200. 2015-04-15 19:54 - 2015-04-15 19:54 - 00000000 ____D () C:\Users\Danilo\Documents\Rockstar Games
  201. 2015-04-15 19:51 - 2015-04-21 00:11 - 00000000 ____D () C:\Program Files\Rockstar Games
  202. 2015-04-15 10:59 - 2015-04-18 13:41 - 00000000 ____D () C:\Users\Danilo\Desktop\x360ce_lib64_r848_VS2010
  203. 2015-04-14 17:09 - 2015-04-14 17:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
  204. 2015-04-14 14:27 - 2015-04-14 14:27 - 00000000 ____D () C:\Users\Danilo\AppData\Roaming\MK10
  205. 2015-04-14 00:45 - 2015-04-30 17:36 - 00000000 ____D () C:\ProgramData\NVIDIA
  206. 2015-04-14 00:45 - 2015-04-08 23:30 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
  207. 2015-04-14 00:45 - 2015-04-08 22:32 - 00560968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
  208. 2015-04-14 00:44 - 2015-04-09 02:58 - 00078480 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
  209. 2015-04-14 00:44 - 2015-04-09 02:58 - 00066704 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
  210. 2015-04-14 00:44 - 2015-04-08 23:30 - 06841488 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
  211. 2015-04-14 00:44 - 2015-04-08 23:30 - 03478344 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
  212. 2015-04-14 00:44 - 2015-04-08 23:30 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
  213. 2015-04-14 00:44 - 2015-04-08 23:30 - 00936264 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
  214. 2015-04-14 00:44 - 2015-04-08 23:30 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
  215. 2015-04-14 00:44 - 2015-04-08 19:52 - 04336074 _____ () C:\Windows\system32\nvcoproc.bin
  216. 2015-04-14 00:42 - 2015-04-09 02:58 - 31570064 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
  217. 2015-04-14 00:42 - 2015-04-09 02:58 - 30397072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
  218. 2015-04-14 00:42 - 2015-04-09 02:58 - 25375048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
  219. 2015-04-14 00:42 - 2015-04-09 02:58 - 24053576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
  220. 2015-04-14 00:42 - 2015-04-09 02:58 - 17176128 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
  221. 2015-04-14 00:42 - 2015-04-09 02:58 - 15818528 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
  222. 2015-04-14 00:42 - 2015-04-09 02:58 - 15716232 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
  223. 2015-04-14 00:42 - 2015-04-09 02:58 - 14617288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
  224. 2015-04-14 00:42 - 2015-04-09 02:58 - 14006752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
  225. 2015-04-14 00:42 - 2015-04-09 02:58 - 12852784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
  226. 2015-04-14 00:42 - 2015-04-09 02:58 - 12689592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
  227. 2015-04-14 00:42 - 2015-04-09 02:58 - 11380728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
  228. 2015-04-14 00:42 - 2015-04-09 02:58 - 10423952 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
  229. 2015-04-14 00:42 - 2015-04-09 02:58 - 03317344 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
  230. 2015-04-14 00:42 - 2015-04-09 02:58 - 02935416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
  231. 2015-04-14 00:42 - 2015-04-09 02:58 - 02896528 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
  232. 2015-04-14 00:42 - 2015-04-09 02:58 - 02573456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
  233. 2015-04-14 00:42 - 2015-04-09 02:58 - 01895568 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435012.dll
  234. 2015-04-14 00:42 - 2015-04-09 02:58 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435012.dll
  235. 2015-04-14 00:42 - 2015-04-09 02:58 - 01540240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
  236. 2015-04-14 00:42 - 2015-04-09 02:58 - 01086424 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
  237. 2015-04-14 00:42 - 2015-04-09 02:58 - 01047368 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
  238. 2015-04-14 00:42 - 2015-04-09 02:58 - 01037640 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
  239. 2015-04-14 00:42 - 2015-04-09 02:58 - 00970568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
  240. 2015-04-14 00:42 - 2015-04-09 02:58 - 00962192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
  241. 2015-04-14 00:42 - 2015-04-09 02:58 - 00927440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
  242. 2015-04-14 00:42 - 2015-04-09 02:58 - 00195728 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
  243. 2015-04-14 00:42 - 2015-04-09 02:58 - 00175880 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
  244. 2015-04-14 00:42 - 2015-04-09 02:58 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
  245. 2015-04-14 00:42 - 2015-04-09 02:58 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
  246. 2015-04-14 00:42 - 2015-04-09 02:58 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
  247. 2015-04-14 00:42 - 2015-04-09 02:58 - 00030536 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
  248. 2015-04-14 00:42 - 2015-04-09 02:58 - 00029329 _____ () C:\Windows\system32\nvinfo.pb
  249. 2015-04-11 12:22 - 2015-04-21 16:38 - 00000000 ____D () C:\AdwCleaner
  250. 2015-04-11 00:26 - 2015-04-11 00:26 - 00000000 ____D () C:\Windows\SysWOW64\face
  251. 2015-04-08 19:18 - 2015-04-08 19:18 - 00466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
  252. 2015-04-08 19:18 - 2015-04-08 19:18 - 00444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
  253. 2015-04-08 19:18 - 2015-04-08 19:18 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
  254. 2015-04-08 19:18 - 2015-04-08 19:18 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
  255. 2015-04-08 19:18 - 2015-04-08 19:18 - 00000000 ____D () C:\Program Files (x86)\OpenAL
  256. 2015-04-08 17:17 - 2015-04-08 19:21 - 00000000 ____D () C:\Users\Danilo\AppData\Roaming\Running with rifles
  257. 2015-04-05 19:50 - 2015-04-05 19:58 - 00000000 ____D () C:\Users\Danilo\AppData\Roaming\SmartSteamEmu
  258. 2015-04-02 11:31 - 2015-04-02 11:31 - 00000792 _____ () C:\Users\Danilo\Desktop\Dark Souls II Scholar of the First Sin.lnk
  259. 2015-04-02 11:31 - 2015-04-02 11:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dark Souls II Scholar of the First Sin
  260.  
  261. ==================== One Month Modified Files and Folders =======
  262.  
  263. (If an entry is included in the fixlist, the file\folder will be moved.)
  264.  
  265. 2015-04-30 17:41 - 2009-07-14 06:45 - 00018016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
  266. 2015-04-30 17:41 - 2009-07-14 06:45 - 00018016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
  267. 2015-04-30 17:39 - 2014-06-21 21:24 - 01996035 _____ () C:\Windows\WindowsUpdate.log
  268. 2015-04-30 17:36 - 2014-06-21 15:18 - 00249978 _____ () C:\Windows\PFRO.log
  269. 2015-04-30 17:36 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
  270. 2015-04-30 17:36 - 2009-07-14 06:51 - 00158766 _____ () C:\Windows\setupact.log
  271. 2015-04-30 17:28 - 2014-06-21 14:30 - 00000000 ____D () C:\Users\Danilo\AppData\Roaming\uTorrent
  272. 2015-04-30 17:26 - 2014-11-04 14:46 - 00000000 ____D () C:\Users\Danilo\AppData\Local\Battle.net
  273. 2015-04-30 17:26 - 2014-07-31 15:02 - 00000000 ____D () C:\Users\Danilo\AppData\Roaming\Skype
  274. 2015-04-30 16:57 - 2014-06-21 12:36 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-202121130-3967424727-4139935956-1000UA.job
  275. 2015-04-30 16:26 - 2015-02-12 14:31 - 00015976 _____ () C:\Windows\system32\Drivers\RsProxy.sys
  276. 2015-04-30 09:12 - 2014-06-21 22:01 - 00000000 ____D () C:\ProgramData\MFAData
  277. 2015-04-30 07:51 - 2014-07-31 15:02 - 00000000 ____D () C:\ProgramData\Skype
  278. 2015-04-30 00:57 - 2014-06-21 12:36 - 00000860 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-202121130-3967424727-4139935956-1000Core.job
  279. 2015-04-29 18:52 - 2015-01-23 20:59 - 00001275 _____ () C:\Users\Danilo\Desktop\BIBO.txt
  280. 2015-04-29 12:36 - 2014-06-21 12:35 - 00000000 ____D () C:\Users\Danilo\AppData\Local\Deployment
  281. 2015-04-27 02:12 - 2014-06-21 12:32 - 00000000 ____D () C:\Users\Danilo
  282. 2015-04-22 14:13 - 2015-03-26 16:03 - 00001456 _____ () C:\Users\Danilo\Desktop\Blic.txt
  283. 2015-04-21 19:44 - 2014-11-20 13:15 - 00000008 __RSH () C:\ProgramData\ntuser.pol
  284. 2015-04-21 19:40 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
  285. 2015-04-18 18:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\LiveKernelReports
  286. 2015-04-18 00:41 - 2014-06-21 21:23 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
  287. 2015-04-18 00:04 - 2014-06-21 15:59 - 00000000 ____D () C:\Program Files (x86)\Steam
  288. 2015-04-17 23:53 - 2014-06-21 21:46 - 00493091 _____ () C:\Windows\DirectX.log
  289. 2015-04-16 00:16 - 2014-06-21 15:54 - 00000000 ____D () C:\Users\Danilo\AppData\Local\JDownloader v2.0
  290. 2015-04-15 21:01 - 2014-07-18 21:27 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner
  291. 2015-04-15 19:54 - 2014-09-22 01:29 - 00000000 ____D () C:\Users\Danilo\AppData\Local\Rockstar Games
  292. 2015-04-15 09:36 - 2014-06-21 22:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
  293. 2015-04-14 00:46 - 2014-06-21 12:40 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
  294. 2015-04-14 00:45 - 2014-10-01 15:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
  295. 2015-04-14 00:44 - 2014-06-21 12:43 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
  296. 2015-04-14 00:44 - 2014-06-21 12:40 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
  297. 2015-04-14 00:44 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
  298. 2015-04-11 11:22 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\IME
  299. 2015-04-09 19:25 - 2014-07-13 18:44 - 00000000 ____D () C:\Users\Danilo\AppData\Roaming\vlc
  300. 2015-04-08 19:18 - 2014-06-22 18:54 - 00000000 ____D () C:\Windows\SysWOW64\directx
  301. 2015-04-08 18:59 - 2014-06-21 12:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
  302. 2015-04-08 18:59 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
  303. 2015-04-08 18:51 - 2014-06-21 15:57 - 00000000 ____D () C:\Users\Danilo\Documents\My Games
  304. 2015-04-04 19:42 - 2009-07-14 07:13 - 00796934 _____ () C:\Windows\system32\PerfStringBackup.INI
  305. 2015-04-02 19:44 - 2014-07-24 00:18 - 00000000 ____D () C:\Users\Danilo\AppData\Roaming\Origin
  306. 2015-04-02 19:30 - 2014-06-21 15:31 - 00000000 ____D () C:\Users\Danilo\AppData\Roaming\WinRAR
  307. 2015-04-02 13:17 - 2014-08-01 02:21 - 00000000 ____D () C:\Users\Danilo\AppData\Roaming\DarkSoulsII
  308. 2015-03-31 00:01 - 2015-02-11 01:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razor 1911
  309.  
  310. ==================== Files in the root of some directories =======
  311.  
  312. 2014-10-31 21:57 - 2003-09-03 08:46 - 0010960 _____ () C:\Program Files (x86)\EULA.txt
  313. 2014-10-31 21:57 - 2014-11-01 00:38 - 0000714 _____ () C:\Program Files (x86)\INSTALL.LOG
  314. 2014-10-31 21:57 - 2003-12-18 12:33 - 0020102 _____ () C:\Program Files (x86)\Readme.txt
  315. 2015-04-21 19:46 - 2015-04-29 20:43 - 0000020 _____ () C:\Users\Danilo\AppData\Roaming\appdataFr3.bin
  316. 2014-08-25 23:22 - 2014-08-26 20:29 - 0000099 _____ () C:\Users\Danilo\AppData\Roaming\LauncherSettings_live.cfg
  317. 2014-08-26 01:14 - 2014-08-26 01:14 - 0000040 _____ () C:\Users\Danilo\AppData\Roaming\TheHunterSettings_live.cfg
  318.  
  319. ==================== Bamital & volsnap Check =================
  320.  
  321. (There is no automatic fix for files that do not pass verification.)
  322.  
  323. C:\Windows\System32\winlogon.exe => File is digitally signed
  324. C:\Windows\System32\wininit.exe => File is digitally signed
  325. C:\Windows\SysWOW64\wininit.exe => File is digitally signed
  326. C:\Windows\explorer.exe => File is digitally signed
  327. C:\Windows\SysWOW64\explorer.exe => File is digitally signed
  328. C:\Windows\System32\svchost.exe => File is digitally signed
  329. C:\Windows\SysWOW64\svchost.exe => File is digitally signed
  330. C:\Windows\System32\services.exe => File is digitally signed
  331. C:\Windows\System32\User32.dll => File is digitally signed
  332. C:\Windows\SysWOW64\User32.dll => File is digitally signed
  333. C:\Windows\System32\userinit.exe => File is digitally signed
  334. C:\Windows\SysWOW64\userinit.exe => File is digitally signed
  335. C:\Windows\System32\rpcss.dll => File is digitally signed
  336. C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
  337.  
  338.  
  339. LastRegBack: 2015-04-27 17:05
  340.  
  341. ==================== End Of Log ============================
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!