Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-07-2016
- Ran by X-Gaming (administrator) on X-GAMING-PC (20-07-2016 20:51:31)
- Running from C:\Users\X-Gaming\Desktop
- Loaded Profiles: X-Gaming (Available Profiles: X-Gaming & Administrator)
- Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Anglais (États-Unis)
- Internet Explorer Version 11 (Default browser: Chrome)
- Boot Mode: Normal
- Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
- ==================== Processes (Whitelisted) =================
- (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
- (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
- (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
- (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
- (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
- (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
- (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
- (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
- (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
- (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
- (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
- (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
- (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
- (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
- (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
- (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
- (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
- (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
- (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
- (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
- (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
- (Microsoft Corporation) C:\Windows\System32\msiexec.exe
- (Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Microsoft Corporation) C:\Windows\System32\rundll32.exe
- ==================== Registry (Whitelisted) ===========================
- (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
- HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation)
- HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
- HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7575256 2014-05-12] (Realtek Semiconductor)
- HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
- HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [630912 2012-05-04] (Advanced Micro Devices, Inc.)
- HKLM-x32\...\Run: [win_en_77] => [X]
- HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
- ShellExecuteHooks: - {6710C780-E20E-4C49-A87D-321850ED3D7C} - C:\Users\X-Gaming\AppData\Roaming\Microsoft\Windows\Cookies\sasersh.dll [375296 2016-07-20] ()
- GroupPolicy: Restriction - Chrome <======= ATTENTION
- GroupPolicyScripts: Restriction <======= ATTENTION
- GroupPolicyScripts\User: Restriction <======= ATTENTION
- CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
- ==================== Internet (Whitelisted) ====================
- (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
- Winsock: Catalog5 09 C:\Windows\SysWOW64\PrxerNsp.dll [84040 2015-03-28] ()
- Winsock: Catalog5-x64 09 C:\Windows\system32\PrxerNsp.dll [96840 2015-03-28] ()
- Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
- Tcpip\..\Interfaces\{AE70ECFC-85CE-4EA7-A8B0-ED856A9F465A}: [DhcpNameServer] 192.168.1.1 192.168.1.1
- Internet Explorer:
- ==================
- HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
- HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
- HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
- HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
- HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
- HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
- HKU\S-1-5-21-1717493791-2988471067-4108899974-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
- SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
- SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
- SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
- SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
- SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
- SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
- SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
- SearchScopes: HKU\S-1-5-21-1717493791-2988471067-4108899974-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
- BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_77\bin\ssv.dll [2016-03-26] (Oracle Corporation)
- BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
- BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-26] (Oracle Corporation)
- BHO-x32: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-11-03] (Adobe Systems Incorporated)
- BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
- FireFox:
- ========
- FF ProfilePath: C:\Users\X-Gaming\AppData\Roaming\Profiles\mhycvud8.default
- FF Keyword.URL: user_pref("keyword.URL", true);
- FF Plugin: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-26] (Oracle Corporation)
- FF Plugin: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-26] (Oracle Corporation)
- FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2014-12-10] (Microsoft Corporation)
- FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
- FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2014-12-10] (Microsoft Corporation)
- FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-01-23] (NVIDIA Corporation)
- FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-01-23] (NVIDIA Corporation)
- FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
- FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
- FF Plugin HKU\S-1-5-21-1717493791-2988471067-4108899974-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\X-Gaming\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-10-20] (Unity Technologies ApS)
- FF SearchPlugin: C:\Users\X-Gaming\AppData\Roaming\Mozilla\Firefox\Profiles\mHAUJtGT.default\searchplugins\pecg7ben.xml [2016-07-20]
- FF SearchPlugin: C:\Users\X-Gaming\AppData\Roaming\Mozilla\Firefox\Profiles\mHAUJtGT.default\searchplugins\yahoo! powered.xml [2016-07-11]
- FF SearchPlugin: C:\Users\X-Gaming\AppData\Roaming\Profiles\n4h105nv.default\searchplugins\mkyp3q38.xml [2016-07-19]
- FF SearchPlugin: C:\Users\X-Gaming\AppData\Roaming\Profiles\n4h105nv.default\searchplugins\yahoo! powered.xml [2016-07-11]
- FF SearchPlugin: C:\Users\X-Gaming\AppData\Roaming\Profiles\mhycvud8.default\searchplugins\mkyp3q38.xml [2016-07-19]
- FF SearchPlugin: C:\Users\X-Gaming\AppData\Roaming\Profiles\mhycvud8.default\searchplugins\pecg7ben.xml [2016-07-20]
- FF SearchPlugin: C:\Users\X-Gaming\AppData\Roaming\Profiles\mhycvud8.default\searchplugins\yahoo! powered.xml [2016-07-11]
- FF Extension: Steam Inventory Helper - C:\Users\X-Gaming\AppData\Roaming\Mozilla\Firefox\Profiles\mHAUJtGT.default\Extensions\sih@vplghost.xpi [2015-10-19] [not signed]
- FF Extension: Steam Inventory Helper - C:\Users\X-Gaming\AppData\Roaming\Profiles\n4h105nv.default\Extensions\sih@vplghost.xpi [2015-10-19] [not signed]
- FF Extension: Steam Inventory Helper - C:\Users\X-Gaming\AppData\Roaming\Profiles\mhycvud8.default\Extensions\sih@vplghost.xpi [2015-10-19] [not signed]
- Chrome:
- =======
- CHR HomePage: Profile 1 -> hxxp://www.google.com
- CHR StartupUrls: Profile 1 -> "hxxp://www.google.com/"
- CHR Profile: C:\Users\X-Gaming\AppData\Local\Google\Chrome\User Data\Default
- CHR Extension: (YouTube) - C:\Users\X-Gaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
- CHR Extension: (Adblock Plus) - C:\Users\X-Gaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-06-30]
- CHR Extension: (Tanki Online) - C:\Users\X-Gaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\chnamgoimgnbgkabfjkikldbfdhhfhdo [2015-06-23] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
- CHR Extension: (Google Search) - C:\Users\X-Gaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
- CHR Extension: (Google Docs Offline) - C:\Users\X-Gaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-24]
- CHR Extension: (Cryptocat) - C:\Users\X-Gaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\gonbigodpnfghidmnphnadhepmbabhij [2015-06-23] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
- CHR Extension: (Google Wallet) - C:\Users\X-Gaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-23] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
- CHR Extension: (Bitdefender QuickScan) - C:\Users\X-Gaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2015-06-23] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
- CHR Extension: (Gmail) - C:\Users\X-Gaming\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
- CHR Profile: C:\Users\X-Gaming\AppData\Local\Google\Chrome\User Data\Profile 1
- CHR Extension: (Adblock Plus) - C:\Users\X-Gaming\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-07-20]
- CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
- ==================== Services (Whitelisted) ========================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1863688 2016-04-09] ()
- S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [233776 2015-05-17] (EasyAntiCheat Ltd) [File not signed]
- R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-14] (NVIDIA Corporation)
- R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2554376 2016-07-20] (LogMeIn Inc.)
- R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-07-20] (LogMeIn, Inc.)
- R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation)
- R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation)
- R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation)
- S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1900400 2014-12-10] (Electronic Arts)
- S4 rakeryomarymntNqs.exe; C:\Program Files (x86)\Grakat\rakeryomarymntNqs.exe [710368 2016-07-19] ()
- R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6942480 2016-03-02] (TeamViewer GmbH)
- S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [818672 2016-05-11] (Tunngle.net GmbH)
- S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-07] (Microsoft Corporation)
- S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
- S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe /launchService [X]
- ===================== Drivers (Whitelisted) ==========================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
- R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-07-19] (REALiX(tm))
- R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation)
- R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
- R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [39464 2016-04-27] (Tunngle.net GmbH)
- U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2016-07-19] ()
- R1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [117768 2015-11-10] (Oracle Corporation)
- R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [194976 2015-11-10] (Oracle Corporation)
- S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [125008 2015-11-10] (Oracle Corporation)
- S2 AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
- S3 MSICDSetup; \??\F:\CDriver64.sys [X]
- S3 NTIOLib_1_0_C; \??\F:\NTIOLib_X64.sys [X]
- S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
- S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
- S3 VGPU; System32\drivers\rdvgkmd.sys [X]
- ==================== NetSvcs (Whitelisted) ===================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- ==================== One Month Created files and folders ========
- (If an entry is included in the fixlist, the file/folder will be moved.)
- 2016-07-20 20:51 - 2016-07-20 20:52 - 00016853 _____ C:\Users\X-Gaming\Desktop\FRST.txt
- 2016-07-20 20:48 - 2016-07-20 20:51 - 00000000 ____D C:\FRST
- 2016-07-20 20:45 - 2016-07-20 20:45 - 00003040 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe
- 2016-07-20 20:45 - 2016-07-20 20:45 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_point64_01009.Wdf
- 2016-07-20 20:45 - 2016-07-20 20:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Souris Microsoft
- 2016-07-20 20:44 - 2016-07-20 20:44 - 00000000 ____D C:\Program Files\Microsoft IntelliPoint
- 2016-07-20 20:43 - 2016-07-20 20:43 - 22363520 _____ (Microsoft Corporation) C:\Users\X-Gaming\Downloads\IPx64_1036_8.20.468.0.exe
- 2016-07-20 20:27 - 2016-07-20 20:17 - 02393600 _____ (Farbar) C:\Users\X-Gaming\Desktop\FRST64.exe
- 2016-07-20 20:17 - 2016-07-20 20:17 - 02393600 _____ (Farbar) C:\Users\X-Gaming\Downloads\FRST64.exe
- 2016-07-20 16:03 - 2016-07-20 16:03 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\X-Gaming\Downloads\iExplore.exe
- 2016-07-20 16:03 - 2016-07-20 16:03 - 01106888 _____ (Bleeping Computer, LLC) C:\Users\X-Gaming\Downloads\iExplore64.exe
- 2016-07-20 15:55 - 2016-07-20 15:55 - 00002269 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
- 2016-07-20 15:55 - 2016-07-20 15:55 - 00002257 _____ C:\Users\Public\Desktop\Google Chrome.lnk
- 2016-07-20 15:52 - 2016-07-20 15:52 - 03482800 _____ (Enigma Software Group USA, LLC.) C:\Users\X-Gaming\Downloads\SpyHunter-Installer.exe
- 2016-07-20 15:16 - 2016-07-20 15:16 - 00290304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\subinacl.exe
- 2016-07-20 15:16 - 2016-07-20 15:16 - 00000000 ____D C:\Program Files (x86)\Adware Removal Tool by TSA
- 2016-07-20 15:15 - 2016-07-20 15:15 - 00752296 _____ C:\Users\X-Gaming\Downloads\Adware Removal Tool by TSA.exe
- 2016-07-20 15:08 - 2016-07-20 15:08 - 01610560 _____ (Malwarebytes) C:\Users\X-Gaming\Downloads\JRT.exe
- 2016-07-20 15:04 - 2016-07-20 15:04 - 03712064 _____ C:\Users\X-Gaming\Downloads\adwcleaner_5.201.exe
- 2016-07-20 14:53 - 2016-07-20 14:53 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
- 2016-07-20 14:52 - 2016-07-20 14:52 - 00002283 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
- 2016-07-20 14:52 - 2016-07-20 14:52 - 00002253 _____ C:\Users\Administrator\Desktop\Google Chrome.lnk
- 2016-07-20 14:52 - 2016-07-20 14:52 - 00001413 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
- 2016-07-20 14:52 - 2016-07-20 14:52 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
- 2016-07-20 14:52 - 2016-07-20 14:52 - 00000000 ____D C:\Users\Administrator\AppData\Local\Google
- 2016-07-20 14:51 - 2016-07-20 14:52 - 00000000 ____D C:\Users\Administrator
- 2016-07-20 14:51 - 2016-07-20 14:51 - 00000258 __RSH C:\Users\Administrator\ntuser.pol
- 2016-07-20 14:51 - 2016-07-20 14:51 - 00000020 ___SH C:\Users\Administrator\ntuser.ini
- 2016-07-20 14:51 - 2016-07-20 14:51 - 00000000 _SHDL C:\Users\Administrator\My Documents
- 2016-07-20 14:51 - 2016-07-20 14:51 - 00000000 _SHDL C:\Users\Administrator\Documents\My Videos
- 2016-07-20 14:51 - 2016-07-20 14:51 - 00000000 _SHDL C:\Users\Administrator\Documents\My Pictures
- 2016-07-20 14:51 - 2016-07-20 14:51 - 00000000 _SHDL C:\Users\Administrator\Documents\My Music
- 2016-07-20 14:51 - 2016-07-20 14:51 - 00000000 ____D C:\Users\Administrator\AppData\Local\NVIDIA Corporation
- 2016-07-20 14:51 - 2016-07-20 14:51 - 00000000 ____D C:\Users\Administrator\AppData\Local\NVIDIA
- 2016-07-20 14:51 - 2016-07-19 15:32 - 00000000 ____D C:\Users\Administrator\AppData\Local\LogMeIn Hamachi
- 2016-07-20 14:51 - 2015-01-07 22:56 - 00000000 ____D C:\Users\Administrator\Documents\Visual Studio 2010
- 2016-07-20 14:51 - 2009-07-14 09:45 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Media Center Programs
- 2016-07-20 14:39 - 2016-07-20 14:40 - 00000000 ____D C:\Program Files (x86)\Teneentgratuck
- 2016-07-20 14:39 - 2016-07-20 14:39 - 00000000 ____D C:\Users\X-Gaming\AppData\Local\sikadomzukidomreireward
- 2016-07-20 14:38 - 2016-07-20 14:38 - 00001994 _____ C:\Windows\System32\Tasks\vwe3034
- 2016-07-20 14:37 - 2016-07-20 14:37 - 00000000 ____D C:\Program Files\2be819a87a33db2b5cb2aebefe53c727
- 2016-07-20 14:30 - 2016-07-20 14:29 - 00001215 _____ C:\Windows\system32\Drivers\etc\hp.bak
- 2016-07-20 14:27 - 2016-07-20 14:27 - 00000165 _____ C:\Windows\SysWOW64\MUpdater.exe.config
- 2016-07-20 14:27 - 2016-07-20 14:27 - 00000165 _____ C:\Windows\SysWOW64\GameCenter.exe.config
- 2016-07-20 12:40 - 2016-07-20 13:24 - 322122547 _____ C:\Users\X-Gaming\Downloads\plaza-company.of.heroes.2.master.collection.part6.rar
- 2016-07-19 17:26 - 2016-07-19 17:27 - 02691853 _____ C:\Users\X-Gaming\Downloads\Luminosity Link.rar
- 2016-07-19 15:26 - 2016-07-20 20:30 - 00000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
- 2016-07-19 15:26 - 2016-07-20 20:30 - 00000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
- 2016-07-19 15:10 - 2016-07-19 15:10 - 00003586 _____ C:\Windows\System32\Tasks\klcp_update
- 2016-07-19 15:10 - 2016-07-19 15:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
- 2016-07-19 15:10 - 2016-07-19 15:10 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
- 2016-07-19 15:08 - 2016-07-19 15:09 - 25353288 _____ C:\Users\X-Gaming\Downloads\RogueKillerX64.exe
- 2016-07-19 15:04 - 2016-07-19 15:05 - 36207790 _____ (KLCP ) C:\Users\X-Gaming\Downloads\K-Lite_Codec_Pack_1225_Full.exe
- 2016-07-19 14:47 - 2016-07-19 20:05 - 00000000 ____D C:\Users\X-Gaming\AppData\Roaming\HandBrake
- 2016-07-19 14:47 - 2016-07-19 14:47 - 00000000 ____D C:\Users\X-Gaming\AppData\Roaming\HandBrake Team
- 2016-07-19 14:45 - 2016-07-19 14:45 - 00000000 ____D C:\Users\X-Gaming\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Handbrake
- 2016-07-19 14:45 - 2016-07-19 14:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Handbrake
- 2016-07-19 14:45 - 2016-07-19 14:45 - 00000000 ____D C:\Program Files\Handbrake
- 2016-07-19 14:44 - 2016-07-19 14:44 - 00000000 ____D C:\Users\X-Gaming\AppData\Local\Apps\2.0
- 2016-07-19 14:43 - 2016-07-19 14:44 - 16520043 _____ C:\Users\X-Gaming\Downloads\HandBrake-0.10.5-x86_64-Win_GUI-1.exe
- 2016-07-19 14:41 - 2016-07-19 14:41 - 00637017 _____ C:\Users\X-Gaming\Downloads\FreeMake Serial Keys.txt.rar
- 2016-07-19 14:27 - 2016-07-19 14:27 - 00000290 __RSH C:\Users\X-Gaming\ntuser.pol
- 2016-07-19 14:14 - 2016-07-19 14:16 - 25353288 _____ C:\Users\X-Gaming\Downloads\RogueKillerX64 (1).exe
- 2016-07-19 13:33 - 2016-07-19 13:33 - 00987728 _____ (Google Inc.) C:\Users\X-Gaming\Downloads\ChromeSetup.exe
- 2016-07-19 13:28 - 2016-07-19 13:32 - 00000000 ____D C:\Users\X-Gaming\AppData\Local\uhitghojotypcsp
- 2016-07-19 13:28 - 2016-07-19 13:30 - 00000000 ____D C:\ProgramData\ProductData
- 2016-07-19 13:27 - 2016-07-19 13:30 - 00000000 ____D C:\Users\X-Gaming\AppData\LocalLow\IObit
- 2016-07-19 13:27 - 2016-07-19 13:30 - 00000000 ____D C:\Program Files (x86)\DiskPower
- 2016-07-19 13:27 - 2016-07-19 13:27 - 00963232 _____ (Microsoft Corporation) C:\Windows\msvcr120.dll
- 2016-07-19 13:27 - 2016-07-19 13:27 - 00082944 _____ (Open Source Software community LGPL) C:\Windows\pthreadVC2.dll
- 2016-07-19 13:27 - 2016-07-19 13:27 - 00027552 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
- 2016-07-19 13:27 - 2016-07-19 13:27 - 00000000 ____D C:\Windows\IObit
- 2016-07-19 13:27 - 2016-07-19 13:27 - 00000000 ____D C:\Windows\Azart
- 2016-07-19 13:27 - 2016-07-19 13:27 - 00000000 ____D C:\Users\X-Gaming\AppData\Roaming\IObit
- 2016-07-19 13:27 - 2016-07-19 13:27 - 00000000 ____D C:\ProgramData\IObit
- 2016-07-19 13:26 - 2016-07-19 13:26 - 00073216 _____ C:\Windows\taskmgr.exe
- 2016-07-19 13:26 - 2016-07-19 13:26 - 00028819 _____ C:\Windows\decred.cl
- 2016-07-19 13:25 - 2016-07-19 15:24 - 00000000 ____D C:\Program Files (x86)\Grakat
- 2016-07-19 13:24 - 2016-07-19 13:24 - 02240851 _____ C:\Users\X-Gaming\Downloads\4Free_Video_Converter_3.rar
- 2016-07-19 13:19 - 2016-07-19 13:19 - 00000000 ____D C:\Users\X-Gaming\AppData\Roaming\4Free
- 2016-07-19 13:14 - 2016-07-19 13:17 - 34184010 _____ (4Free Studio ) C:\Users\X-Gaming\Downloads\4free_video_converter.exe
- 2016-07-18 15:51 - 2016-07-18 15:51 - 00128159 _____ C:\Windows\aba9dd70b5f784d44d7600995d6f89c6.exe
- 2016-07-18 15:50 - 2016-07-18 15:50 - 00079952 _____ C:\Windows\system32\Drivers\0bdcd12df071200af564fe98d1a8b3b5.sys
- 2016-07-15 20:04 - 2016-07-15 20:04 - 00000000 ____D C:\Users\X-Gaming\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Five Nights at Freddy's
- 2016-07-15 20:04 - 2016-07-15 20:04 - 00000000 ____D C:\Program Files (x86)\Five Nights at Freddy's
- 2016-07-15 19:53 - 2016-07-15 19:53 - 466404675 _____ C:\Users\X-Gaming\Downloads\Five Nights At Freddy's 4.exe
- 2016-07-15 19:30 - 2016-07-15 19:30 - 229915398 _____ () C:\Users\X-Gaming\Downloads\Five_Nights_at_Freddys_1.exe
- 2016-07-15 15:18 - 2016-07-15 15:18 - 00000000 ____D C:\Users\X-Gaming\aTubeCatcher
- 2016-07-15 15:16 - 2016-07-15 15:16 - 00001190 _____ C:\Users\Public\Desktop\aTube Catcher.lnk
- 2016-07-15 15:16 - 2008-08-18 19:18 - 00077824 _____ (Fox Magic Software) C:\Windows\SysWOW64\fmcodec.DLL
- 2016-07-14 22:32 - 2016-07-14 22:36 - 17463680 _____ (DsNET Corp ) C:\Users\X-Gaming\Downloads\aTubeCatcher.exe
- 2016-07-14 17:38 - 2015-07-23 21:25 - 00000000 ____D C:\Users\X-Gaming\Downloads\Five.Nights.at.Freddys.4
- 2016-07-14 17:29 - 2016-07-14 17:33 - 468391320 _____ C:\Users\X-Gaming\Downloads\Five.Nights.at.Freddys.4.rar
- 2016-07-14 17:24 - 2016-07-15 20:04 - 00000000 ____D C:\Users\X-Gaming\AppData\Roaming\MMFApplications
- 2016-07-14 17:23 - 2015-03-13 18:03 - 00000000 ____D C:\Users\X-Gaming\Downloads\Five.Nights.at.Freddys.3.v1.02
- 2016-07-14 17:14 - 2016-07-14 17:16 - 118801816 _____ C:\Users\X-Gaming\Downloads\Five.Nights.at.Freddys.3.v1.02.zip
- 2016-07-14 16:32 - 2016-07-14 16:54 - 627458406 _____ C:\Users\X-Gaming\Downloads\Mr.Robot.S02E01.FASTSUB.VOSTFR.720p.HDTV.x264-ZT.www.Zone-Telechargement.com.mkv
- 2016-07-13 16:15 - 2016-07-13 16:15 - 00000000 ____D C:\Users\X-Gaming\AppData\LocalLow\Blizzard Entertainment
- 2016-07-07 21:40 - 2016-07-07 21:42 - 00000000 ____D C:\Program Files (x86)\Driver Checker
- 2016-07-03 18:22 - 2016-07-07 13:33 - 00000000 ____D C:\Program Files (x86)\Half Life 2
- 2016-07-03 18:22 - 2016-07-03 18:22 - 00000000 ____D C:\Users\X-Gaming\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Half Life Source
- 2016-07-03 18:22 - 2016-07-03 18:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Half Life Source
- 2016-07-01 20:20 - 2016-07-01 20:20 - 00000000 ____D C:\Program Files (x86)\MSECache
- 2016-06-27 19:26 - 2016-06-27 19:27 - 00000000 ____D C:\Users\X-Gaming\AppData\Local\Chromium
- 2016-06-23 14:35 - 2016-06-23 14:35 - 00000000 ____D C:\Users\X-Gaming\AppData\Roaming\The Creative Assembly
- 2016-06-23 12:28 - 2016-06-23 13:04 - 00000000 ____D C:\ProgramData\Tunngle
- 2016-06-23 12:28 - 2016-04-27 00:49 - 00039464 _____ (Tunngle.net GmbH) C:\Windows\system32\Drivers\tap0901t.sys
- 2016-06-21 12:50 - 2016-06-21 12:50 - 00000569 _____ C:\Users\Public\Desktop\Total War Attila.lnk
- 2016-06-21 12:50 - 2016-06-21 12:50 - 00000569 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total War Attila.lnk
- ==================== One Month Modified files and folders ========
- (If an entry is included in the fixlist, the file/folder will be moved.)
- 2016-07-20 20:51 - 2014-12-10 16:09 - 00000000 ____D C:\Program Files (x86)\Steam
- 2016-07-20 20:45 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
- 2016-07-20 20:44 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
- 2016-07-20 20:41 - 2009-07-14 06:45 - 00017168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
- 2016-07-20 20:41 - 2009-07-14 06:45 - 00017168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
- 2016-07-20 20:40 - 2015-06-07 13:52 - 00000000 ____D C:\Users\X-Gaming\AppData\Local\ElevatedDiagnostics
- 2016-07-20 20:33 - 2015-06-18 17:33 - 00065536 _____ C:\Windows\system32\Ikeext.etl
- 2016-07-20 20:33 - 2014-12-22 16:58 - 00000000 ____D C:\Users\X-Gaming\AppData\Local\LogMeIn Hamachi
- 2016-07-20 20:32 - 2014-12-10 18:07 - 00000000 ____D C:\ProgramData\NVIDIA
- 2016-07-20 20:32 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
- 2016-07-20 20:11 - 2013-10-03 04:48 - 00000000 ____D C:\AdwCleaner
- 2016-07-20 15:11 - 2015-01-21 14:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
- 2016-07-20 15:11 - 2015-01-21 14:37 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
- 2016-07-20 14:52 - 2009-07-14 06:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
- 2016-07-20 14:50 - 2014-12-10 16:13 - 00000000 ____D C:\Users\X-Gaming\AppData\Roaming\Skype
- 2016-07-20 14:34 - 2014-12-17 14:45 - 00000000 ____D C:\Users\X-Gaming\AppData\Local\CrashDumps
- 2016-07-20 13:22 - 2015-10-22 18:44 - 00000000 ____D C:\Users\X-Gaming\Documents\Visual Studio 2015
- 2016-07-20 12:32 - 2014-12-10 20:57 - 00000000 ____D C:\Users\X-Gaming\AppData\Roaming\TS3Client
- 2016-07-20 12:08 - 2015-01-21 14:37 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
- 2016-07-19 19:29 - 2014-12-17 22:02 - 00000000 ____D C:\Users\X-Gaming\.VirtualBox
- 2016-07-19 17:27 - 2015-06-02 19:12 - 00000000 ____D C:\Users\X-Gaming\Documents\Zenith
- 2016-07-19 16:38 - 2014-12-17 22:04 - 00000000 ____D C:\Users\X-Gaming\VirtualBox VMs
- 2016-07-19 16:08 - 2014-12-15 21:31 - 00028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
- 2016-07-19 15:58 - 2015-05-03 12:59 - 00000000 ____D C:\Program Files (x86)\SpeedFan
- 2016-07-19 14:43 - 2015-05-13 20:59 - 00000000 ____D C:\ProgramData\Freemake
- 2016-07-19 14:43 - 2015-05-13 20:59 - 00000000 ____D C:\Program Files (x86)\Freemake
- 2016-07-19 14:27 - 2014-12-10 15:53 - 00000000 ____D C:\Users\X-Gaming
- 2016-07-19 13:27 - 2014-12-11 18:48 - 00000000 ____D C:\Users\X-Gaming\AppData\Roaming\Adobe
- 2016-07-19 13:26 - 2015-08-18 21:32 - 00002826 __RSH C:\ProgramData\ntuser.pol
- 2016-07-19 13:25 - 2009-07-14 05:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
- 2016-07-19 13:11 - 2014-12-10 17:01 - 00745440 _____ C:\Windows\system32\perfh00C.dat
- 2016-07-19 13:11 - 2014-12-10 17:01 - 00149364 _____ C:\Windows\system32\perfc00C.dat
- 2016-07-19 13:11 - 2009-07-14 07:13 - 01668256 _____ C:\Windows\system32\PerfStringBackup.INI
- 2016-07-18 19:22 - 2014-12-12 17:52 - 00000000 ____D C:\Users\X-Gaming\AppData\Roaming\.minecraft
- 2016-07-15 15:16 - 2015-05-13 18:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
- 2016-07-15 15:07 - 2015-12-12 22:54 - 00000000 ____D C:\Users\X-Gaming\AppData\Local\Battle.net
- 2016-07-15 14:23 - 2015-12-12 23:20 - 00000000 ____D C:\Program Files (x86)\Hearthstone
- 2016-07-15 14:12 - 2015-12-12 22:53 - 00000000 ____D C:\Program Files (x86)\Battle.net
- 2016-07-14 14:58 - 2015-03-27 16:31 - 00000000 ____D C:\Users\X-Gaming\AppData\LocalLow\Heroes and Generals
- 2016-07-11 20:33 - 2014-12-10 16:13 - 00000000 ____D C:\ProgramData\Skype
- 2016-07-04 09:16 - 2009-07-14 07:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
- 2016-07-03 18:26 - 2015-05-09 20:57 - 00000000 ____D C:\Users\X-Gaming\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
- 2016-07-03 11:56 - 2015-12-22 17:27 - 00000000 ____D C:\Users\X-Gaming\Documents\Iso Linux
- 2016-07-02 13:57 - 2016-05-16 15:16 - 00000000 ____D C:\Users\X-Gaming\Documents\Command & Conquer 3 Les guerres du Tiberium
- 2016-07-01 20:33 - 2015-08-10 22:15 - 00000000 ____D C:\Users\X-Gaming\Documents\Tor Browser
- 2016-07-01 20:16 - 2015-06-07 14:06 - 00000000 ____D C:\Users\X-Gaming\Documents\Backup verbatim
- 2016-06-27 19:26 - 2015-05-13 20:59 - 00000000 ____D C:\Users\X-Gaming\Documents\Freemake
- 2016-06-27 19:26 - 2014-12-24 11:37 - 00000000 ___HD C:\Windows\msdownld.tmp
- 2016-06-23 17:51 - 2016-02-12 17:57 - 00000000 ____D C:\Users\X-Gaming\BrawlhallaReplays
- 2016-06-23 13:13 - 2015-09-05 21:43 - 00000000 ____D C:\Users\X-Gaming\AppData\Roaming\Tunngle
- 2016-06-23 12:32 - 2015-09-05 21:43 - 00000000 ____D C:\Program Files (x86)\Tunngle
- 2016-06-23 12:28 - 2015-09-05 21:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
- 2016-06-22 13:51 - 2014-12-10 21:36 - 00000000 ____D C:\ProgramData\Steam
- ==================== Files in the root of some directories =======
- 2015-09-15 21:00 - 2015-09-15 21:00 - 0000132 _____ () C:\Users\X-Gaming\AppData\Roaming\Adobe AIFF Format CS5 Prefs
- 2015-08-31 11:02 - 2015-08-31 11:50 - 0000132 _____ () C:\Users\X-Gaming\AppData\Roaming\Adobe BMP Format CS5 Prefs
- 2015-11-14 19:57 - 2015-12-02 22:42 - 0000132 _____ () C:\Users\X-Gaming\AppData\Roaming\Adobe GIF Format CS5 Prefs
- 2015-09-15 21:01 - 2015-11-02 19:13 - 0000132 _____ () C:\Users\X-Gaming\AppData\Roaming\Adobe PNG Format CS5 Prefs
- 2015-04-18 17:22 - 2016-03-17 17:51 - 0000297 _____ () C:\Users\X-Gaming\AppData\Roaming\BreakingPoint_Login.ini
- 2015-04-18 17:23 - 2016-03-17 17:54 - 0001465 _____ () C:\Users\X-Gaming\AppData\Roaming\BreakingPoint_Options.ini
- 2014-12-16 19:11 - 2014-03-21 00:49 - 1170056 _____ (Microsoft Corporation) C:\Users\X-Gaming\AppData\Roaming\cftmons.exe
- 2005-04-08 04:16 - 2014-12-16 23:00 - 0044399 ____H () C:\Users\X-Gaming\AppData\Roaming\logs.dat
- 2015-01-17 17:27 - 2015-01-17 17:27 - 0001262 _____ () C:\Users\X-Gaming\AppData\Roaming\Roaming - Raccourci.lnk
- 2015-08-06 21:46 - 2015-08-06 21:49 - 0105658 ___SH () C:\Users\X-Gaming\AppData\Local\CSIDL_
- 2015-06-27 22:31 - 2015-06-27 22:31 - 0459264 ____H (mNyPSVNlP) C:\Users\X-Gaming\AppData\Local\Microsoft.exe
- 2015-07-23 18:15 - 2016-01-06 15:07 - 0007601 _____ () C:\Users\X-Gaming\AppData\Local\Resmon.ResmonCfg
- 2014-12-10 16:03 - 2014-12-10 16:03 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
- Some files in TEMP:
- ====================
- C:\Users\X-Gaming\AppData\Local\Temp\183B.tmp.exe
- C:\Users\X-Gaming\AppData\Local\Temp\63MMTSGD8G.exe
- C:\Users\X-Gaming\AppData\Local\Temp\6RU3A6AKWS.exe
- C:\Users\X-Gaming\AppData\Local\Temp\A27.tmp.exe
- C:\Users\X-Gaming\AppData\Local\Temp\AB35.tmp.exe
- C:\Users\X-Gaming\AppData\Local\Temp\B3.exe
- C:\Users\X-Gaming\AppData\Local\Temp\ContentPushSetup.exe
- C:\Users\X-Gaming\AppData\Local\Temp\D0D9.tmp.exe
- C:\Users\X-Gaming\AppData\Local\Temp\diskpower-installer.exe
- C:\Users\X-Gaming\AppData\Local\Temp\DLFFL2WXA4.exe
- C:\Users\X-Gaming\AppData\Local\Temp\dllnt_dump.dll
- C:\Users\X-Gaming\AppData\Local\Temp\DriverBoosterSetup.exe
- C:\Users\X-Gaming\AppData\Local\Temp\lbQUdEGdYrAAvGUx.exe
- C:\Users\X-Gaming\AppData\Local\Temp\M530XAUKQU.exe
- C:\Users\X-Gaming\AppData\Local\Temp\MPC_Setup.exe
- C:\Users\X-Gaming\AppData\Local\Temp\nsv5529.tmp.exe
- C:\Users\X-Gaming\AppData\Local\Temp\nszC85.tmp.exe
- C:\Users\X-Gaming\AppData\Local\Temp\OZRN68F4P1.exe
- C:\Users\X-Gaming\AppData\Local\Temp\prepreinstaller_win.exe
- C:\Users\X-Gaming\AppData\Local\Temp\sdf480D.exe
- C:\Users\X-Gaming\AppData\Local\Temp\sdfEC37.exe
- C:\Users\X-Gaming\AppData\Local\Temp\setup (1).exe
- C:\Users\X-Gaming\AppData\Local\Temp\setup (2).exe
- C:\Users\X-Gaming\AppData\Local\Temp\setup.exe
- C:\Users\X-Gaming\AppData\Local\Temp\setupfa_4435.exe
- C:\Users\X-Gaming\AppData\Local\Temp\sfamcc00001.dll
- C:\Users\X-Gaming\AppData\Local\Temp\SkypeSetup.exe
- C:\Users\X-Gaming\AppData\Local\Temp\trotux.exe
- C:\Users\X-Gaming\AppData\Local\Temp\ts.exe
- C:\Users\X-Gaming\AppData\Local\Temp\vk_ok_adblock.exe
- C:\Users\X-Gaming\AppData\Local\Temp\wajam_install.exe
- C:\Users\X-Gaming\AppData\Local\Temp\WeatherChicknInstaller.exe
- ==================== Bamital & volsnap =================
- (There is no automatic fix for files that do not pass verification.)
- C:\Windows\system32\winlogon.exe => File is digitally signed
- C:\Windows\system32\wininit.exe => File is digitally signed
- C:\Windows\SysWOW64\wininit.exe => File is digitally signed
- C:\Windows\explorer.exe => File is digitally signed
- C:\Windows\SysWOW64\explorer.exe => File is digitally signed
- C:\Windows\system32\svchost.exe => File is digitally signed
- C:\Windows\SysWOW64\svchost.exe => File is digitally signed
- C:\Windows\system32\services.exe => File is digitally signed
- C:\Windows\system32\User32.dll => File is digitally signed
- C:\Windows\SysWOW64\User32.dll => File is digitally signed
- C:\Windows\system32\userinit.exe => File is digitally signed
- C:\Windows\SysWOW64\userinit.exe => File is digitally signed
- C:\Windows\system32\rpcss.dll => File is digitally signed
- C:\Windows\system32\dnsapi.dll => File is digitally signed
- C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
- C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
- LastRegBack: 2016-07-17 13:14
- ==================== End of FRST.txt ============================
Add Comment
Please, Sign In to add comment