API tools faq
paste
Advertisement
Guest User

Frst

a guest
Dec 6th, 2014
265
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 46.46 KB | None | 0 0
raw download clone embed print report
  1. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-12-2014
  2. Ran by TJ (administrator) on TROOPER on 06-12-2014 22:55:08
  3. Running from C:\Users\TJ\Desktop
  4. Loaded Profile: TJ (Available profiles: TJ)
  5. Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
  6. Internet Explorer Version 11
  7. Boot Mode: Normal
  8. Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
  9.  
  10. ==================== Processes (Whitelisted) =================
  11.  
  12. (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
  13.  
  14. (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
  15. (AMD) C:\Windows\System32\atiesrxx.exe
  16. (Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
  17. (AMD) C:\Windows\System32\atieclxx.exe
  18. (Realtek) C:\Program Files (x86)\B-Link\11n USB Wireless LAN Utility\RtlService.exe
  19. (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
  20. (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
  21. (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
  22. () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
  23. (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
  24. (MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
  25. () C:\Windows\SysWOW64\PnkBstrA.exe
  26. (Microsoft Corporation) C:\Windows\System32\rundll32.exe
  27. (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
  28. (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
  29. (Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
  30. (Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
  31. (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
  32. (Realtek Semiconductor Corp.) C:\Program Files (x86)\B-Link\11n USB Wireless LAN Utility\RtWLan.exe
  33. (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
  34. (Microsoft Corporation) C:\Windows\System32\regsvr32.exe
  35. (Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
  36. (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
  37. (Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
  38. (LOL Replay) C:\Program Files (x86)\LOLReplay\LOLRecorder.exe
  39. (Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe
  40. (Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
  41. (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
  42. (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
  43. (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
  44. (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
  45. (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
  46. (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
  47. (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
  48. (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
  49. () C:\Users\TJ\AppData\Local\Temp\WPDNSE\SID-{10001,,11398815744}\adwcleaner_4.104.exe
  50. (Microsoft Corporation) C:\Windows\System32\dllhost.exe
  51.  
  52.  
  53. ==================== Registry (Whitelisted) ==================
  54.  
  55. (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
  56.  
  57. HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
  58. HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
  59. HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
  60. HKLM-x32\...\Run: [Sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2012-11-29] (Creative Technology Ltd)
  61. HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
  62. HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
  63. HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
  64. HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-09-15] (Advanced Micro Devices, Inc.)
  65. Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
  66. HKU\S-1-5-21-372571527-1058530959-3140249921-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.)
  67. HKU\S-1-5-21-372571527-1058530959-3140249921-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3618648 2014-11-04] (Electronic Arts)
  68. HKU\S-1-5-21-372571527-1058530959-3140249921-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3095840 2014-10-27] (Nota Inc.)
  69. HKU\S-1-5-21-372571527-1058530959-3140249921-1001\...\Run: [Upvbmedia] => C:\Users\TJ\AppData\Local\Upvbmedia\tmp4990.exe [140712 2014-12-04] ()
  70. HKU\S-1-5-21-372571527-1058530959-3140249921-1001\...\Run: [YmnxPack] => regsvr32.exe C:\Users\TJ\AppData\Local\YmnxPack\ImageUI.dll <===== ATTENTION
  71. HKU\S-1-5-21-372571527-1058530959-3140249921-1001\...\Run: [Ukwlmedia] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\TJ\AppData\Local\Upvbmedia\MicromaxCtrlFactory.dll
  72. HKU\S-1-5-21-372571527-1058530959-3140249921-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7063832 2014-11-22] (Piriform Ltd)
  73. Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk
  74. ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
  75. Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk
  76. ShortcutTarget: LOLRecorder.lnk -> C:\Program Files (x86)\LOLReplay\LOLRecorder.exe (LOL Replay)
  77. ShellIconOverlayIdentifiers: [1SecureIconsProvider] -> {FC9D8189-520A-4417-AED7-9EAC810C6FBA} => C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll ()
  78.  
  79. ==================== Internet (Whitelisted) ====================
  80.  
  81. (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
  82.  
  83. HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
  84. HKU\S-1-5-21-372571527-1058530959-3140249921-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
  85. HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
  86. HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
  87. HKU\S-1-5-21-372571527-1058530959-3140249921-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
  88. HKU\S-1-5-21-372571527-1058530959-3140249921-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?ocid=U218DHP&pc=U218
  89. HKU\S-1-5-21-372571527-1058530959-3140249921-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
  90. StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
  91. BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
  92. BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
  93. BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
  94. BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
  95. Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
  96. Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
  97. Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
  98. Tcpip\..\Interfaces\{FBDF6667-4FAE-4EBD-AD0A-C17DFDD1CB74}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
  99.  
  100. FireFox:
  101. ========
  102. FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
  103. FF Plugin: @microsoft.com/GENUINE -> disabled No File
  104. FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
  105. FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
  106. FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
  107. FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
  108. FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
  109. FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
  110. FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll No File
  111. FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll No File
  112. FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
  113. FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
  114. FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
  115.  
  116. Chrome:
  117. =======
  118. CHR HomePage: Default -> hxxp://www.google.com.my/
  119. CHR StartupUrls: Default -> "hxxp://www.google.com.my/", "hxxp://malaysia.msn.com/?pc=UP97&ocid=UP97DHP"
  120. CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
  121. CHR Profile: C:\Users\TJ\AppData\Local\Google\Chrome\User Data\Default
  122. CHR Extension: (Google Slides) - C:\Users\TJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-04]
  123. CHR Extension: (Google Docs) - C:\Users\TJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-04]
  124. CHR Extension: (Google Drive) - C:\Users\TJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-04]
  125. CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\TJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-04]
  126. CHR Extension: (YouTube) - C:\Users\TJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-04]
  127. CHR Extension: (Adblock Plus) - C:\Users\TJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-10-04]
  128. CHR Extension: (Google Search) - C:\Users\TJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-04]
  129. CHR Extension: (Google Sheets) - C:\Users\TJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-04]
  130. CHR Extension: (AdBlock) - C:\Users\TJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-12-03]
  131. CHR Extension: (Planner 5D) - C:\Users\TJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjfkgdpkecnmfcgfpfibpcnkeakahllc [2014-12-03]
  132. CHR Extension: (Hola Better Internet) - C:\Users\TJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2014-12-03]
  133. CHR Extension: (Skype Click to Call) - C:\Users\TJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-10-07]
  134. CHR Extension: (Google Wallet) - C:\Users\TJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-04]
  135. CHR Extension: (Gmail) - C:\Users\TJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-04]
  136. CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - No Path
  137. CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - No Path
  138. CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - No Path
  139. CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
  140.  
  141. ==================== Services (Whitelisted) =================
  142.  
  143. (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
  144.  
  145. R2 B-Link11nCU; C:\Program Files (x86)\B-Link\11n USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek) [File not signed]
  146. R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
  147. R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
  148. R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
  149. S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
  150. R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [180200 2013-02-13] ()
  151. R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-17] (Intel Corporation)
  152. R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
  153. R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
  154. R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [29728 2013-05-28] (MICRO-STAR INTERNATIONAL CO., LTD.)
  155. R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
  156. R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
  157. S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1900400 2014-11-04] (Electronic Arts)
  158. R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-10-20] ()
  159.  
  160. ==================== Drivers (Whitelisted) ====================
  161.  
  162. (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
  163.  
  164. R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21048 2013-02-13] ()
  165. R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21048 2013-02-13] ()
  166. R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-02-13] ()
  167. R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
  168. R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-06] (Malwarebytes Corporation)
  169. R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
  170. R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
  171. R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
  172. S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
  173. S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13368 2013-03-11] ()
  174. S3 RTL8192cu; C:\Windows\System32\DRIVERS\rtwlanu.sys [1045608 2011-07-13] (Realtek Semiconductor Corporation )
  175. R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
  176. R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-12-06] ()
  177. S3 catchme; \??\C:\ComboFix\catchme.sys [X]
  178. S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
  179. S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
  180. S3 MBfilt; system32\drivers\MBfilt64.sys [X]
  181. S3 MSICDSetup; \??\D:\CDriver64.sys [X]
  182. S3 NTIOLib_1_0_3; \??\C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [X]
  183. S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
  184. S3 VGPU; System32\drivers\rdvgkmd.sys [X]
  185.  
  186. ==================== NetSvcs (Whitelisted) ===================
  187.  
  188. (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
  189.  
  190.  
  191. ==================== One Month Created Files and Folders ========
  192.  
  193. (If an entry is included in the fixlist, the file\folder will be moved.)
  194.  
  195. 2014-12-06 22:55 - 2014-12-06 22:55 - 00017897 _____ () C:\Users\TJ\Desktop\FRST.txt
  196. 2014-12-06 22:54 - 2014-12-06 22:51 - 02118144 ____N (Farbar) C:\Users\TJ\Desktop\FRST64.exe
  197. 2014-12-06 22:52 - 2014-12-06 22:55 - 00000000 ____D () C:\FRST
  198. 2014-12-06 22:51 - 2014-12-06 22:52 - 00000000 ____D () C:\AdwCleaner
  199. 2014-12-06 22:51 - 2014-12-06 22:51 - 00000055 _____ () C:\AdwCleanerDebug.txt
  200. 2014-12-06 22:34 - 2014-12-06 22:21 - 00688992 ____R (Swearware) C:\Users\TJ\Desktop\dds.com
  201. 2014-12-06 22:16 - 2014-12-06 22:35 - 00001450 _____ () C:\Users\TJ\Desktop\attach.txt
  202. 2014-12-06 22:16 - 2014-12-06 22:15 - 00688992 ____R (Swearware) C:\Users\TJ\Desktop\dds.scr
  203. 2014-12-06 21:27 - 2014-12-06 21:27 - 00000000 ____D () C:\Windows\ERUNT
  204. 2014-12-06 20:58 - 2014-12-06 22:38 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
  205. 2014-12-06 20:57 - 2014-12-06 20:57 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
  206. 2014-12-06 20:57 - 2014-12-06 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
  207. 2014-12-06 20:57 - 2014-12-06 20:57 - 00000000 ____D () C:\ProgramData\Malwarebytes
  208. 2014-12-06 20:57 - 2014-12-06 20:57 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
  209. 2014-12-06 20:57 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
  210. 2014-12-06 20:57 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
  211. 2014-12-06 20:57 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
  212. 2014-12-06 20:47 - 2014-12-06 20:48 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\TJ\Downloads\mbam-setup-2.0.4.1028.exe
  213. 2014-12-06 20:47 - 2014-12-06 20:47 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\TJ\Downloads\iExplore (1).exe
  214. 2014-12-06 20:46 - 2014-12-06 20:46 - 00025903 _____ () C:\ComboFix.txt
  215. 2014-12-06 20:41 - 2011-06-26 17:45 - 00256000 _____ () C:\Windows\PEV.exe
  216. 2014-12-06 20:41 - 2010-11-08 04:20 - 00208896 _____ () C:\Windows\MBR.exe
  217. 2014-12-06 20:41 - 2009-04-20 15:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
  218. 2014-12-06 20:41 - 2000-08-31 11:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
  219. 2014-12-06 20:41 - 2000-08-31 11:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
  220. 2014-12-06 20:41 - 2000-08-31 11:00 - 00098816 _____ () C:\Windows\sed.exe
  221. 2014-12-06 20:41 - 2000-08-31 11:00 - 00080412 _____ () C:\Windows\grep.exe
  222. 2014-12-06 20:41 - 2000-08-31 11:00 - 00068096 _____ () C:\Windows\zip.exe
  223. 2014-12-06 20:40 - 2014-12-06 20:46 - 00000000 ____D () C:\Qoobox
  224. 2014-12-06 20:40 - 2014-12-06 20:45 - 00000000 ____D () C:\Windows\erdnt
  225. 2014-12-06 20:40 - 2014-12-06 20:40 - 05600479 ____R (Swearware) C:\Users\TJ\Downloads\ComboFix.exe
  226. 2014-12-06 20:39 - 2014-12-06 20:57 - 00002276 _____ () C:\Users\TJ\Desktop\Rkill.txt
  227. 2014-12-06 20:38 - 2014-12-06 20:38 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\TJ\Downloads\iExplore.exe
  228. 2014-12-06 20:30 - 2014-12-06 20:30 - 00000358 _____ () C:\Users\TJ\Documents\cc_20141206_203014.reg
  229. 2014-12-06 20:29 - 2014-12-06 20:29 - 00075900 _____ () C:\Users\TJ\Documents\cc_20141206_202923.reg
  230. 2014-12-06 20:24 - 2014-12-06 20:24 - 00348364 _____ () C:\Users\TJ\Documents\cc_20141206_202448.reg
  231. 2014-12-06 20:19 - 2014-12-06 20:19 - 00002766 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
  232. 2014-12-06 20:19 - 2014-12-06 20:19 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
  233. 2014-12-06 20:19 - 2014-12-06 20:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
  234. 2014-12-06 20:19 - 2014-12-06 20:19 - 00000000 ____D () C:\Program Files\CCleaner
  235. 2014-12-06 20:17 - 2014-12-06 20:19 - 05162080 _____ (Piriform Ltd) C:\Users\TJ\Downloads\ccsetup500.exe
  236. 2014-12-05 19:13 - 2014-12-05 19:14 - 05090496 _____ (Wargaming.net ) C:\Users\TJ\Downloads\WoT_internet_install_asia.exe
  237. 2014-12-05 18:58 - 2014-12-05 18:58 - 00000000 ____D () C:\Users\TJ\AppData\Roaming\Wargaming.net
  238. 2014-12-04 18:35 - 2014-12-05 19:14 - 00000769 _____ () C:\Users\TJ\Desktop\World of Tanks.lnk
  239. 2014-12-04 18:35 - 2014-12-05 19:14 - 00000000 ____D () C:\Users\TJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks
  240. 2014-12-04 18:35 - 2014-12-04 18:35 - 00000000 ____D () C:\Games
  241. 2014-12-04 18:34 - 2014-12-04 18:34 - 05475440 _____ (Wargaming.net ) C:\Users\TJ\Downloads\WoT_internet_install_na.exe
  242. 2014-12-04 15:31 - 2014-12-06 15:36 - 00000761 _____ () C:\Windows\system32\Drivers\etc\hosts.txt
  243. 2014-12-04 15:18 - 2014-12-04 15:19 - 00000000 ____D () C:\Users\TJ\AppData\Local\Upvbmedia
  244. 2014-12-04 15:18 - 2014-12-04 15:18 - 00000000 ____D () C:\Users\TJ\AppData\Local\YmnxPack
  245. 2014-12-03 23:33 - 2014-12-03 23:35 - 00000000 ____D () C:\Users\TJ\Downloads\The Expendables 3 2014
  246. 2014-12-03 23:32 - 2014-12-03 23:32 - 00033053 _____ () C:\Users\TJ\Downloads\The Expendables 3 2014.torrent
  247. 2014-12-03 23:29 - 2014-12-03 23:29 - 00033928 _____ () C:\Users\TJ\Downloads\[kickass.so]the.expendables.3.dvdrip.xvid.ac3.crewsade.torrent
  248. 2014-12-03 01:37 - 2014-12-03 16:30 - 00000000 ____D () C:\Users\TJ\AppData\Roaming\vlc
  249. 2014-12-03 01:37 - 2014-12-03 01:37 - 00001066 _____ () C:\Users\Public\Desktop\VLC media player.lnk
  250. 2014-12-03 01:37 - 2014-12-03 01:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
  251. 2014-12-03 01:37 - 2014-12-03 01:37 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
  252. 2014-12-03 01:35 - 2014-12-03 01:37 - 24743106 _____ () C:\Users\TJ\Downloads\vlc-2.1.5-win32.exe
  253. 2014-12-02 00:11 - 2014-12-02 00:11 - 00000000 ____D () C:\Users\TJ\Downloads\Fury (2014) - DVDSCR - 720p - Maxillion
  254. 2014-12-02 00:09 - 2014-12-02 00:10 - 00037814 _____ () C:\Users\TJ\Downloads\[kickasstorrents.torrentdownload.link]fury.2014.dvdscr.720p.maxillion.torrent
  255. 2014-12-01 13:26 - 2014-12-01 13:26 - 00015272 _____ () C:\Users\TJ\Downloads\0DCBE58566C68770FFD2AB6905163627AF217AB3.torrent
  256. 2014-11-27 23:46 - 2014-11-27 23:46 - 00000000 ____D () C:\Users\TJ\Downloads\The Tao of Badass - Become A Badass with Women + 4 Bonus Books pdf
  257. 2014-11-27 23:45 - 2014-11-27 23:45 - 00004765 _____ () C:\Users\TJ\Downloads\[kickass.so]the.tao.of.badass.become.a.badass.with.women.4.bonus.books.pdf.gooner.torrent
  258. 2014-11-27 21:10 - 2014-11-27 21:10 - 00493689 _____ () C:\Users\TJ\Downloads\44803.zip
  259. 2014-11-27 19:31 - 2014-11-27 19:31 - 01436622 _____ () C:\Users\TJ\Downloads\32813 (2).zip
  260. 2014-11-27 19:31 - 2014-11-27 19:31 - 00000000 ____D () C:\Users\TJ\Desktop\Udyr Spirit 2
  261. 2014-11-27 19:31 - 2014-11-27 19:31 - 00000000 ____D () C:\Users\TJ\Desktop\32813 (2)
  262. 2014-11-27 19:01 - 2014-11-27 19:02 - 00171784 _____ () C:\Users\TJ\Downloads\32813 (1).zip
  263. 2014-11-27 19:01 - 2014-11-27 19:01 - 00000000 ____D () C:\Users\TJ\Desktop\32813
  264. 2014-11-27 18:59 - 2014-11-27 19:01 - 00000000 ____D () C:\Users\TJ\Desktop\SIU 4.34-Lite
  265. 2014-11-27 18:59 - 2014-11-27 18:59 - 07916654 _____ () C:\Users\TJ\Downloads\SIU 4.34-Lite.zip
  266. 2014-11-27 18:58 - 2014-11-27 19:00 - 00586424 _____ () C:\Users\TJ\Downloads\32813.zip
  267. 2014-11-26 07:03 - 2014-11-26 07:03 - 00074696 _____ () C:\Users\TJ\Desktop\netflixworking2.txt
  268. 2014-11-26 07:02 - 2014-11-26 07:02 - 00086231 _____ () C:\Users\TJ\Desktop\netflixworking1.txt
  269. 2014-11-26 07:02 - 2014-11-26 07:02 - 00039289 _____ () C:\Users\TJ\Desktop\1.2knetflix.txt
  270. 2014-11-26 02:14 - 2014-11-26 02:14 - 00014089 _____ () C:\Users\TJ\Desktop\12344555.txt
  271. 2014-11-26 02:09 - 2014-11-26 02:09 - 00259069 _____ () C:\Users\TJ\Downloads\checkers.zip
  272. 2014-11-26 02:09 - 2014-11-26 02:09 - 00000000 ____D () C:\Users\TJ\Desktop\checkers
  273. 2014-11-25 20:52 - 2014-11-25 21:02 - 00205312 _____ (mmTwWYoBew) C:\Users\TJ\Downloads\ZeroClient.exe
  274. 2014-11-24 22:56 - 2014-11-24 22:57 - 00076965 _____ () C:\Users\TJ\Desktop\New Text Document (2).txt
  275. 2014-11-24 22:55 - 2014-11-24 22:55 - 00066849 _____ () C:\Users\TJ\Desktop\New Text Document.txt
  276. 2014-11-23 19:33 - 2014-11-23 19:33 - 01365846 _____ () C:\Users\TJ\Downloads\020220852CC92B0DD481029008AB9214184AB13E.torrent
  277. 2014-11-23 19:26 - 2014-11-23 19:26 - 00121095 _____ () C:\Users\TJ\Desktop\hugeconfig.txt
  278. 2014-11-23 14:08 - 2014-11-23 14:08 - 00000000 ____D () C:\Users\TJ\Desktop\gpg4usb-0.3.3-1
  279. 2014-11-23 10:20 - 2014-11-23 10:21 - 00318243 _____ () C:\Users\TJ\Downloads\unblock-us.exe
  280. 2014-11-23 10:18 - 2014-11-23 19:49 - 00000110 _____ () C:\Users\TJ\Desktop\config.txt
  281. 2014-11-23 10:15 - 2014-11-23 10:15 - 01072640 _____ () C:\Users\TJ\Downloads\NetflixAccountChecker-64.exe
  282. 2014-11-22 21:20 - 2014-12-05 12:09 - 00000000 ____D () C:\Users\TJ\AppData\Roaming\BoL
  283. 2014-11-22 16:54 - 2014-11-22 16:54 - 00000000 __SHD () C:\Users\TJ\AppData\Local\EmieBrowserModeList
  284. 2014-11-19 23:00 - 2014-11-11 14:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
  285. 2014-11-19 23:00 - 2014-11-11 14:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
  286. 2014-11-19 23:00 - 2014-11-11 13:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
  287. 2014-11-19 23:00 - 2014-11-11 13:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
  288. 2014-11-18 15:12 - 2014-11-18 15:15 - 18330533 _____ () C:\Users\TJ\Downloads\2-loads.wmv
  289. 2014-11-18 10:14 - 2014-11-18 10:16 - 00000000 ____D () C:\Users\TJ\Desktop\HotFix
  290. 2014-11-18 10:12 - 2014-11-18 10:13 - 16109048 _____ () C:\Users\TJ\Downloads\League of Legends.exe
  291. 2014-11-18 10:12 - 2014-11-18 10:12 - 04893741 _____ () C:\Users\TJ\Downloads\HotFix.rar
  292. 2014-11-18 09:16 - 2014-11-18 09:17 - 22963230 _____ () C:\Users\TJ\Downloads\BoL.txt
  293. 2014-11-15 08:04 - 2014-12-06 21:52 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
  294. 2014-11-13 20:11 - 2014-11-13 20:11 - 00000000 ____D () C:\Users\TJ\Downloads\BaronReplays
  295. 2014-11-13 20:11 - 2014-11-13 20:11 - 00000000 ____D () C:\Users\TJ\AppData\Local\Ahri.tw
  296. 2014-11-13 20:10 - 2014-11-13 20:11 - 06683505 _____ () C:\Users\TJ\Downloads\BaronReplays.exe
  297. 2014-11-13 18:04 - 2014-11-22 09:33 - 00000000 ____D () C:\Users\TJ\AppData\Roaming\LeagueSharp
  298. 2014-11-13 18:04 - 2014-11-13 18:04 - 00000000 ____D () C:\Users\TJ\AppData\Roaming\Subversion
  299. 2014-11-13 18:03 - 2014-11-14 10:07 - 00000000 ____D () C:\Users\TJ\AppData\Local\LeagueSharp
  300. 2014-11-13 17:58 - 2014-11-20 08:13 - 00000000 ____D () C:\Users\TJ\Desktop\LeagueSharp
  301. 2014-11-13 17:51 - 2014-11-13 17:52 - 03554203 _____ ( ) C:\Users\TJ\Downloads\LeagueSharp-update.exe
  302. 2014-11-13 12:24 - 2014-11-13 12:24 - 00329216 _____ () C:\Users\TJ\Downloads\cloudrop.exe
  303. 2014-11-13 12:24 - 2014-11-13 12:24 - 00000000 ____D () C:\Users\TJ\Downloads\Strife - Custom Addons
  304. 2014-11-13 12:24 - 2014-11-13 12:24 - 00000000 ____D () C:\Users\TJ\Downloads\Smite - Custom Addons
  305. 2014-11-13 12:24 - 2014-11-13 12:24 - 00000000 ____D () C:\Users\TJ\Downloads\League of Legends - Custom Addons
  306. 2014-11-13 12:24 - 2014-11-13 12:24 - 00000000 ____D () C:\Users\TJ\Downloads\HoN - Custom Addons
  307. 2014-11-12 18:29 - 2014-11-12 18:29 - 00232789 _____ () C:\Users\TJ\Downloads\Evadeee.zip
  308. 2014-11-12 18:29 - 2014-11-12 18:29 - 00000000 ____D () C:\Users\TJ\Desktop\Evadeee
  309. 2014-11-12 15:53 - 2014-11-12 16:02 - 115825508 _____ () C:\Users\TJ\Downloads\American.Dad.S11E04.HDTV.x264-KILLERS.mp4.mp4
  310. 2014-11-12 08:19 - 2014-11-08 06:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
  311. 2014-11-12 08:19 - 2014-11-08 06:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
  312. 2014-11-12 08:19 - 2014-11-06 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
  313. 2014-11-12 08:19 - 2014-11-06 15:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
  314. 2014-11-12 08:19 - 2014-11-06 15:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
  315. 2014-11-12 08:19 - 2014-11-06 14:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
  316. 2014-11-12 08:19 - 2014-11-06 14:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
  317. 2014-11-12 08:19 - 2014-11-06 14:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
  318. 2014-11-12 08:19 - 2014-11-06 14:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
  319. 2014-11-12 08:19 - 2014-11-06 14:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
  320. 2014-11-12 08:19 - 2014-11-06 14:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
  321. 2014-11-12 08:19 - 2014-11-06 14:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
  322. 2014-11-12 08:19 - 2014-11-06 14:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
  323. 2014-11-12 08:19 - 2014-11-06 14:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
  324. 2014-11-12 08:19 - 2014-11-06 14:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
  325. 2014-11-12 08:19 - 2014-11-06 14:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
  326. 2014-11-12 08:19 - 2014-11-06 14:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
  327. 2014-11-12 08:19 - 2014-11-06 14:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
  328. 2014-11-12 08:19 - 2014-11-06 14:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
  329. 2014-11-12 08:19 - 2014-11-06 14:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
  330. 2014-11-12 08:19 - 2014-11-06 14:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
  331. 2014-11-12 08:19 - 2014-11-06 14:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
  332. 2014-11-12 08:19 - 2014-11-06 14:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
  333. 2014-11-12 08:19 - 2014-11-06 14:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
  334. 2014-11-12 08:19 - 2014-11-06 14:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
  335. 2014-11-12 08:19 - 2014-11-06 14:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
  336. 2014-11-12 08:19 - 2014-11-06 14:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
  337. 2014-11-12 08:19 - 2014-11-06 14:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
  338. 2014-11-12 08:19 - 2014-11-06 14:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
  339. 2014-11-12 08:19 - 2014-11-06 14:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
  340. 2014-11-12 08:19 - 2014-11-06 14:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
  341. 2014-11-12 08:19 - 2014-11-06 14:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
  342. 2014-11-12 08:19 - 2014-11-06 13:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
  343. 2014-11-12 08:19 - 2014-11-06 13:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
  344. 2014-11-12 08:19 - 2014-11-06 13:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
  345. 2014-11-12 08:19 - 2014-11-06 13:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
  346. 2014-11-12 08:19 - 2014-11-06 13:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
  347. 2014-11-12 08:19 - 2014-11-06 13:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
  348. 2014-11-12 08:19 - 2014-11-06 13:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
  349. 2014-11-12 08:19 - 2014-11-06 13:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
  350. 2014-11-12 08:19 - 2014-11-06 13:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
  351. 2014-11-12 08:19 - 2014-11-06 13:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
  352. 2014-11-12 08:19 - 2014-11-06 13:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
  353. 2014-11-12 08:19 - 2014-11-06 13:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
  354. 2014-11-12 08:19 - 2014-11-06 13:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
  355. 2014-11-12 08:19 - 2014-11-06 13:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
  356. 2014-11-12 08:19 - 2014-11-06 13:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
  357. 2014-11-12 08:19 - 2014-11-06 13:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
  358. 2014-11-12 08:19 - 2014-11-06 13:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
  359. 2014-11-12 08:19 - 2014-11-06 13:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
  360. 2014-11-12 08:19 - 2014-11-06 13:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
  361. 2014-11-12 08:19 - 2014-11-06 13:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
  362. 2014-11-12 08:19 - 2014-11-06 12:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
  363. 2014-11-12 08:19 - 2014-11-06 12:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
  364. 2014-11-12 08:19 - 2014-11-06 12:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
  365. 2014-11-12 08:19 - 2014-11-06 12:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
  366. 2014-11-12 08:09 - 2014-11-06 04:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
  367. 2014-11-12 08:09 - 2014-11-06 04:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
  368. 2014-11-12 08:09 - 2014-11-06 04:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
  369. 2014-11-12 08:08 - 2014-10-14 13:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
  370. 2014-11-12 08:08 - 2014-10-14 13:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
  371. 2014-11-12 08:08 - 2014-10-14 13:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
  372. 2014-11-12 08:08 - 2014-10-14 13:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
  373. 2014-11-12 08:08 - 2014-10-14 13:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
  374. 2014-11-12 08:08 - 2014-10-14 12:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
  375. 2014-11-12 08:08 - 2014-10-14 12:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
  376. 2014-11-12 08:08 - 2014-10-14 12:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
  377. 2014-11-12 08:08 - 2014-10-14 12:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
  378. 2014-11-12 08:03 - 2014-08-21 17:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
  379. 2014-11-12 08:03 - 2014-08-21 17:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
  380. 2014-11-12 08:03 - 2014-08-21 17:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
  381. 2014-11-12 08:03 - 2014-08-21 17:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
  382. 2014-11-12 08:02 - 2014-10-03 13:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
  383. 2014-11-12 08:02 - 2014-10-03 13:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
  384. 2014-11-12 08:02 - 2014-10-03 13:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
  385. 2014-11-12 08:02 - 2014-10-03 13:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
  386. 2014-11-12 08:02 - 2014-10-03 13:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
  387. 2014-11-12 08:02 - 2014-10-03 12:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
  388. 2014-11-12 08:02 - 2014-10-03 12:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
  389. 2014-11-12 08:02 - 2014-10-03 12:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
  390. 2014-11-12 08:02 - 2014-09-19 20:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
  391. 2014-11-12 08:02 - 2014-09-19 20:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
  392. 2014-11-12 08:02 - 2014-09-19 20:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
  393. 2014-11-12 08:02 - 2014-09-19 20:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
  394. 2014-11-12 08:02 - 2014-09-19 20:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
  395. 2014-11-12 08:02 - 2014-09-19 20:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
  396. 2014-11-12 08:02 - 2014-09-19 20:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
  397. 2014-11-12 08:02 - 2014-09-19 20:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
  398. 2014-11-12 08:02 - 2014-09-19 20:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
  399. 2014-11-12 08:02 - 2014-09-19 20:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
  400. 2014-11-12 08:02 - 2014-09-19 20:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
  401. 2014-11-12 08:02 - 2014-09-19 20:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
  402. 2014-11-12 08:02 - 2014-08-12 13:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
  403. 2014-11-12 08:02 - 2014-08-12 12:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
  404. 2014-11-12 08:01 - 2014-10-25 12:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
  405. 2014-11-12 08:01 - 2014-10-25 12:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
  406. 2014-11-12 08:01 - 2014-10-18 13:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
  407. 2014-11-12 08:01 - 2014-10-18 12:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
  408. 2014-11-12 08:01 - 2014-10-14 13:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
  409. 2014-11-12 08:01 - 2014-10-14 12:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
  410. 2014-11-12 08:01 - 2014-10-10 11:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
  411. 2014-11-11 15:45 - 2014-11-12 07:38 - 00000000 ____D () C:\Users\TJ\Documents\LOLReplay
  412. 2014-11-11 15:45 - 2014-11-11 15:45 - 00001913 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LOL Recorder.lnk
  413. 2014-11-11 15:45 - 2014-11-11 15:45 - 00001901 _____ () C:\Users\Public\Desktop\LOL Recorder.lnk
  414. 2014-11-11 15:45 - 2014-11-11 15:45 - 00000000 ____D () C:\Program Files (x86)\LOLReplay
  415. 2014-11-11 13:40 - 2014-11-11 13:40 - 00000000 ____D () C:\Program Files (x86)\Origin Games
  416. 2014-11-11 12:55 - 2014-11-11 12:55 - 01525854 _____ () C:\Users\TJ\Downloads\LOLReplay-0.8.9.11.exe
  417. 2014-11-10 02:33 - 2014-11-10 09:33 - 00000000 ____D () C:\Program Files (x86)\Gyazo
  418. 2014-11-10 02:33 - 2014-11-10 02:33 - 00003732 _____ () C:\Windows\System32\Tasks\GyazoUpdateTaskMachine
  419. 2014-11-10 02:33 - 2014-11-10 02:33 - 00000982 _____ () C:\Users\Public\Desktop\Gyazo.lnk
  420. 2014-11-10 02:33 - 2014-11-10 02:33 - 00000982 _____ () C:\Users\Public\Desktop\Gyazo GIF.lnk
  421. 2014-11-10 02:33 - 2014-11-10 02:33 - 00000000 ____D () C:\Users\TJ\AppData\Roaming\Gyazo
  422. 2014-11-10 02:33 - 2014-11-10 02:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo
  423. 2014-11-10 02:32 - 2014-11-10 02:33 - 09698760 _____ (Nota Inc. ) C:\Users\TJ\Downloads\Gyazo-2.3.0.exe
  424. 2014-11-06 10:05 - 2014-11-06 10:32 - 00000000 ____D () C:\Users\TJ\Desktop\OPaCIpRygh
  425. 2014-11-06 10:04 - 2014-11-06 10:05 - 02568807 _____ () C:\Users\TJ\Downloads\OPaCIpRygh.zip
  426.  
  427. ==================== One Month Modified Files and Folders =======
  428.  
  429. (If an entry is included in the fixlist, the file\folder will be moved.)
  430.  
  431. 2014-12-06 22:52 - 2014-10-06 18:22 - 00000000 ____D () C:\Users\TJ\AppData\Roaming\Skype
  432. 2014-12-06 22:46 - 2014-10-04 13:24 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
  433. 2014-12-06 22:08 - 2014-10-16 15:51 - 00000000 ____D () C:\Program Files (x86)\Origin
  434. 2014-12-06 22:08 - 2014-01-16 00:59 - 01160739 _____ () C:\Windows\WindowsUpdate.log
  435. 2014-12-06 22:08 - 2009-07-14 14:20 - 00000000 ____D () C:\Windows\system32\NDF
  436. 2014-12-06 21:59 - 2009-07-14 15:45 - 00026768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
  437. 2014-12-06 21:59 - 2009-07-14 15:45 - 00026768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
  438. 2014-12-06 21:58 - 2014-10-08 16:35 - 00000000 ____D () C:\Users\TJ\AppData\Local\CrashDumps
  439. 2014-12-06 21:56 - 2009-07-14 16:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
  440. 2014-12-06 21:52 - 2014-10-16 15:51 - 00000000 ____D () C:\ProgramData\Origin
  441. 2014-12-06 21:52 - 2014-10-04 13:24 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
  442. 2014-12-06 21:52 - 2014-01-16 02:41 - 00034752 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
  443. 2014-12-06 21:52 - 2009-07-14 16:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
  444. 2014-12-06 21:03 - 2014-08-26 12:01 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
  445. 2014-12-06 21:03 - 2009-07-14 16:32 - 00000000 ____D () C:\Windows\Performance
  446. 2014-12-06 20:46 - 2009-07-14 14:20 - 00000000 __RHD () C:\Users\Default
  447. 2014-12-06 20:45 - 2009-07-14 16:08 - 00032546 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
  448. 2014-12-06 20:45 - 2009-07-14 13:34 - 00000215 _____ () C:\Windows\system.ini
  449. 2014-12-06 20:44 - 2009-07-14 13:34 - 63963136 _____ () C:\Windows\system32\config\SOFTWARE.bak
  450. 2014-12-06 20:44 - 2009-07-14 13:34 - 38535168 _____ () C:\Windows\system32\config\SYSTEM.bak
  451. 2014-12-06 20:44 - 2009-07-14 13:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
  452. 2014-12-06 20:44 - 2009-07-14 13:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
  453. 2014-12-06 20:44 - 2009-07-14 13:34 - 00262144 _____ () C:\Windows\system32\config\DEFAULT.bak
  454. 2014-12-06 20:20 - 2014-10-14 06:15 - 00000000 ____D () C:\Users\TJ\AppData\Roaming\uTorrent
  455. 2014-12-06 20:20 - 2014-10-10 12:07 - 00000000 ____D () C:\Program Files (x86)\Steam
  456. 2014-12-06 20:20 - 2014-01-16 16:07 - 00000000 ____D () C:\Windows\Panther
  457. 2014-12-06 18:34 - 2014-11-04 00:20 - 00000000 ____D () C:\Users\TJ\Desktop\Tor Browser
  458. 2014-11-27 17:17 - 2014-10-08 18:59 - 00000000 ____D () C:\Users\TJ\Desktop\BoL
  459. 2014-11-23 09:51 - 2014-10-16 15:53 - 00000000 ____D () C:\Users\TJ\AppData\Roaming\Origin
  460. 2014-11-15 10:46 - 2009-07-14 14:20 - 00000000 ____D () C:\Windows\rescache
  461. 2014-11-15 08:04 - 2014-07-15 10:40 - 00000000 ___SD () C:\Windows\system32\CompatTel
  462. 2014-11-15 08:04 - 2009-07-14 15:45 - 00268392 _____ () C:\Windows\system32\FNTCACHE.DAT
  463. 2014-11-14 23:20 - 2014-01-20 16:02 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
  464. 2014-11-14 23:20 - 2014-01-20 16:02 - 00000000 ____D () C:\Windows\system32\MRT
  465. 2014-11-14 14:41 - 2014-10-04 13:24 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
  466. 2014-11-14 14:41 - 2014-10-04 13:24 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
  467. 2014-11-13 12:31 - 2014-10-08 18:27 - 00000000 ____D () C:\Users\TJ\AppData\Roaming\cloudrop
  468. 2014-11-11 13:40 - 2014-10-16 15:51 - 00000000 ____D () C:\ProgramData\Electronic Arts
  469. 2014-11-11 13:40 - 2009-07-14 16:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
  470. 2014-11-06 10:54 - 2014-10-20 19:31 - 00347464 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
  471. 2014-11-06 10:54 - 2014-10-20 19:07 - 00347464 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
  472. 2014-11-06 10:33 - 2014-10-20 19:07 - 00347464 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
  473.  
  474. Files to move or delete:
  475. ====================
  476. C:\ProgramData\hash.dat
  477.  
  478.  
  479. Some content of TEMP:
  480. ====================
  481. C:\Users\TJ\AppData\Local\Temp\Quarantine.exe
  482. C:\Users\TJ\AppData\Local\Temp\sqlite3.dll
  483.  
  484.  
  485. ==================== Bamital & volsnap Check =================
  486.  
  487. (There is no automatic fix for files that do not pass verification.)
  488.  
  489. C:\Windows\System32\winlogon.exe => File is digitally signed
  490. C:\Windows\System32\wininit.exe => File is digitally signed
  491. C:\Windows\SysWOW64\wininit.exe => File is digitally signed
  492. C:\Windows\explorer.exe => File is digitally signed
  493. C:\Windows\SysWOW64\explorer.exe => File is digitally signed
  494. C:\Windows\System32\svchost.exe => File is digitally signed
  495. C:\Windows\SysWOW64\svchost.exe => File is digitally signed
  496. C:\Windows\System32\services.exe => File is digitally signed
  497. C:\Windows\System32\User32.dll => File is digitally signed
  498. C:\Windows\SysWOW64\User32.dll => File is digitally signed
  499. C:\Windows\System32\userinit.exe => File is digitally signed
  500. C:\Windows\SysWOW64\userinit.exe => File is digitally signed
  501. C:\Windows\System32\rpcss.dll => File is digitally signed
  502. C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
  503.  
  504.  
  505. LastRegBack: 2014-11-25 04:52
  506.  
  507. ==================== End Of Log ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!