API tools faq
paste
Guest User

Untitled

a guest
Dec 9th, 2018
46
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 22.09 KB | None | 0 0
raw download clone embed print report
  1. Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09.12.2018
  2. Ran by Ciborki (administrator) on CIBORKI-PC (09-12-2018 14:52:34)
  3. Running from C:\Users\Ciborki\Desktop
  4. Loaded Profiles: Ciborki (Available Profiles: Ciborki)
  5. Platform: Microsoft Windows 7 Ultimate (X86) Language: Angielski (Stany Zjednoczone)
  6. Internet Explorer Version 8 (Default browser: Chrome)
  7. Boot Mode: Normal
  8. Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
  9.  
  10. ==================== Processes (Whitelisted) =================
  11.  
  12. (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
  13.  
  14. (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
  15. (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
  16. (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
  17. (Teruten) C:\Windows\System32\FsUsbExService.Exe
  18. (ALCPU) C:\Program Files\Core Temp\Core Temp.exe
  19. (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
  20. (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
  21. (Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
  22. (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
  23. (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
  24. (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
  25. (AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
  26. (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
  27.  
  28. ==================== Registry (Whitelisted) ===========================
  29.  
  30. (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
  31.  
  32. HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1537320 2009-06-18] (Synaptics Incorporated)
  33. HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
  34. HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation)
  35. HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-12-08] (AVAST Software)
  36. HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
  37. HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => "C:\Program Files\Garmin\Express Tray\ExpressTray.exe"
  38.  
  39. ==================== Internet (Whitelisted) ====================
  40.  
  41. (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
  42.  
  43. Tcpip\Parameters: [DhcpNameServer] 62.179.1.61 62.179.1.63
  44. Tcpip\..\Interfaces\{B4AA397C-0BD1-4E15-83D5-6ED42DD9D1E7}: [DhcpNameServer] 62.179.1.61 62.179.1.63
  45. Tcpip\..\Interfaces\{D56B5EAC-B885-4189-A7A5-1C9167996322}: [DhcpNameServer] 62.179.1.61 62.179.1.63
  46.  
  47. Internet Explorer:
  48. ==================
  49. HKU\S-1-5-21-1888222736-2957073895-2253413786-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://search.babylon.com/?babsrc=HP_ss&affID=100488&mntrId=4c2974f300000000000000265e2e8623
  50. BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_71\bin\ssv.dll [2016-01-25] (Oracle Corporation)
  51. BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
  52. BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-25] (Oracle Corporation)
  53. DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
  54.  
  55. FireFox:
  56. ========
  57. FF ProfilePath: C:\Users\Ciborki\AppData\Roaming\TomTom\HOME\Profiles\2zu4qlbu.default [2011-11-05]
  58. FF Extension: (No Name) - C:\Program Files\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [not found]
  59. FF ProfilePath: C:\Users\Ciborki\AppData\Roaming\Mozilla\Firefox\Profiles\5q0z72bx.default [2018-12-09]
  60. FF Homepage: Mozilla\Firefox\Profiles\5q0z72bx.default -> hxxp://www.google.pl/ig?hl=pl
  61. FF Extension: (Babylon) - C:\Users\Ciborki\AppData\Roaming\Mozilla\Firefox\Profiles\5q0z72bx.default\Extensions\ffxtlbr@babylon.com [2012-03-20] [Legacy] [not signed]
  62. FF Extension: (DownloadHelper) - C:\Users\Ciborki\AppData\Roaming\Mozilla\Firefox\Profiles\5q0z72bx.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2015-08-18] [Legacy]
  63. FF Extension: (Address Bar Search) - C:\Users\Ciborki\AppData\Roaming\Mozilla\Firefox\Profiles\5q0z72bx.default\Extensions\{badea1ae-72ed-4f6a-8c37-4db9a4ac7bc9}.xpi [2014-01-09] [Legacy] [not signed]
  64. FF Extension: (uTorrentBar Community Toolbar) - C:\Users\Ciborki\AppData\Roaming\Mozilla\Firefox\Profiles\5q0z72bx.default\Extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} [2013-02-09] [Legacy] [not signed]
  65. FF Extension: (Adblock Plus) - C:\Users\Ciborki\AppData\Roaming\Mozilla\Firefox\Profiles\5q0z72bx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-08-18] [Legacy]
  66. FF Extension: (Smiley Bar for Facebook) - C:\Users\Ciborki\AppData\Roaming\Mozilla\Extensions\statuswinks@StatusWinks [2013-01-24] [Legacy] [not signed]
  67. FF Extension: (Special Savings) - C:\Users\Ciborki\AppData\Roaming\Mozilla\Extensions\specialsavings@vshsolutions.com [2013-01-24] [Legacy] [not signed]
  68. FF HKLM\...\Firefox\Extensions: [statuswinks@StatusWinks] - C:\Users\Ciborki\AppData\Roaming\Mozilla\Extensions\statuswinks@StatusWinks
  69. FF HKU\S-1-5-21-1888222736-2957073895-2253413786-1000\...\Firefox\Extensions: [statuswinks@StatusWinks] - C:\Users\Ciborki\AppData\Roaming\Mozilla\Extensions\statuswinks@StatusWinks
  70. FF HKU\S-1-5-21-1888222736-2957073895-2253413786-1000\...\Firefox\Extensions: [specialsavings@vshsolutions.com] - C:\Users\Ciborki\AppData\Roaming\Mozilla\Extensions\specialsavings@vshsolutions.com
  71. FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_101.dll [2018-12-08] ()
  72. FF Plugin: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-01-25] (Oracle Corporation)
  73. FF Plugin: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-01-25] (Oracle Corporation)
  74. FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-09-09] (Google Inc.)
  75. FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-09-09] (Google Inc.)
  76. FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-08-02] (Adobe Systems Inc.)
  77.  
  78. Chrome:
  79. =======
  80. CHR HomePage: Default -> mysearch.avg.com
  81. CHR StartupUrls: Default -> "hxxps://www.google.pl/"
  82. CHR DefaultSearchURL: Default -> hxxps://ch.search.yahoo.com/search?fr=chr-yo_gc&ei=utf-8&ilc=12&type=501549&p={searchTerms}
  83. CHR DefaultSearchKeyword: Default -> yahoo.com search
  84. CHR DefaultSuggestURL: Default -> hxxps://ff.search.yahoo.com/gossip?output=fxjson&command={searchTerms}
  85. CHR Profile: C:\Users\Ciborki\AppData\Local\Google\Chrome\User Data\Default [2018-12-09]
  86. CHR Extension: (Prezentacje) - C:\Users\Ciborki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-21]
  87. CHR Extension: (Dokumenty) - C:\Users\Ciborki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-14]
  88. CHR Extension: (Dysk Google) - C:\Users\Ciborki\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-13]
  89. CHR Extension: (YouTube) - C:\Users\Ciborki\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-13]
  90. CHR Extension: (uBlock Origin) - C:\Users\Ciborki\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-12-08]
  91. CHR Extension: (Google Search) - C:\Users\Ciborki\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-13]
  92. CHR Extension: (Arkusze) - C:\Users\Ciborki\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-14]
  93. CHR Extension: (Dokumenty Google offline) - C:\Users\Ciborki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-11-19]
  94. CHR Extension: (Porsche) - C:\Users\Ciborki\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkclphmapdcppbmekmbkcjfanpmoidpg [2015-08-18]
  95. CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Ciborki\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-11-19]
  96. CHR Extension: (Gmail) - C:\Users\Ciborki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-18]
  97. CHR Extension: (Chrome Media Router) - C:\Users\Ciborki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-08]
  98. CHR HKLM\...\Chrome\Extension: [aaaaojmikegpiepcfdkkjaplodkpfmlo] - C:\Users\Ciborki\AppData\Local\APN\GoogleCRXs\apnorjtoolbar.crx <not found>
  99. CHR HKLM\...\Chrome\Extension: [aidbbndgjnlaclnmhkdimcdjiebjpdel] - C:\Users\Ciborki\AppData\Roaming\SpecialSavings\SpecialSavings_2.0.0.crx <not found>
  100. CHR HKLM\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonChrome.crx <not found>
  101. CHR HKLM\...\Chrome\Extension: [hgojaaaiddhmiiakpejiklijbalpckih] - C:\Users\Ciborki\AppData\Roaming\StatusWinks\statuswinks.crx <not found>
  102. CHR HKLM\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files\Common Files\Spigot\GC\ErrorAssistant_1.3.crx <not found>
  103. CHR HKLM\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files\Common Files\Spigot\GC\coupons_2.4.crx <not found>
  104.  
  105. ==================== Services (Whitelisted) ====================
  106.  
  107. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  108.  
  109. R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6799632 2018-12-08] (AVAST Software)
  110. R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [324000 2018-12-08] (AVAST Software)
  111. R2 FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [233472 2013-07-18] (Teruten) [File not signed]
  112. S4 GoogleChromeElevationService; C:\Program Files\Google\Chrome\Application\71.0.3578.80\elevation_service.exe [375776 2018-11-30] (Google Inc.)
  113. S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation)
  114.  
  115. ===================== Drivers (Whitelisted) ======================
  116.  
  117. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  118.  
  119. R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [167480 2018-12-08] (AVAST Software)
  120. R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriverx.sys [188976 2018-12-08] (AVAST Software)
  121. R0 aswbidsh; C:\Windows\System32\drivers\aswbidshx.sys [165384 2018-12-08] (AVAST Software)
  122. R0 aswblog; C:\Windows\System32\drivers\aswblogx.sys [284256 2018-12-08] (AVAST Software)
  123. R0 aswbuniv; C:\Windows\System32\drivers\aswbunivx.sys [57904 2018-12-08] (AVAST Software)
  124. S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [42736 2018-12-08] (AVAST Software)
  125. R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [40688 2018-12-08] (AVAST Software)
  126. R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [135200 2018-12-08] (AVAST Software)
  127. R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [100984 2018-12-08] (AVAST Software)
  128. R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [72800 2018-12-08] (AVAST Software)
  129. R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [784560 2018-12-08] (AVAST Software)
  130. R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [397992 2018-12-08] (AVAST Software)
  131. R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [156936 2018-12-08] (AVAST Software)
  132. R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [310200 2018-12-08] (AVAST Software)
  133. R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2013-07-18] () [File not signed]
  134. S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [47249 2006-05-18] (FTDI Ltd.)
  135. R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2018-12-08] (REALiX(tm))
  136. R0 sptd; C:\Windows\System32\Drivers\sptd.sys [436792 2012-03-25] ()
  137. S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [98432 2011-07-20] (MCCI)
  138. S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14848 2011-07-20] (MCCI Corporation)
  139. S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [123648 2011-07-20] (MCCI Corporation)
  140. S3 ss_bserd; C:\Windows\System32\DRIVERS\ss_bserd.sys [100224 2011-07-20] (MCCI Corporation)
  141. R3 ALSysIO; \??\C:\Users\Ciborki\AppData\Local\Temp\ALSysIO.sys [X] <==== ATTENTION
  142.  
  143. ==================== NetSvcs (Whitelisted) ===================
  144.  
  145. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  146.  
  147.  
  148. ==================== One Month Created files and folders ========
  149.  
  150. (If an entry is included in the fixlist, the file/folder will be moved.)
  151.  
  152. 2018-12-09 14:52 - 2018-12-09 14:53 - 000013240 _____ C:\Users\Ciborki\Desktop\FRST.txt
  153. 2018-12-09 01:00 - 2018-12-09 14:52 - 000000000 ____D C:\FRST
  154. 2018-12-09 01:00 - 2018-12-09 14:46 - 001776640 _____ (Farbar) C:\Users\Ciborki\Desktop\FRST.exe
  155. 2018-12-09 00:27 - 2018-12-09 00:29 - 000000000 ____D C:\AdwCleaner
  156. 2018-12-08 22:57 - 2018-12-08 22:57 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
  157. 2018-12-08 21:33 - 2018-12-09 08:44 - 000000000 ____D C:\ProgramData\ProductData
  158. 2018-12-08 21:12 - 2018-12-09 08:44 - 000000000 ____D C:\Users\Ciborki\AppData\LocalLow\IObit
  159. 2018-12-08 21:11 - 2018-12-09 08:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 6
  160. 2018-12-08 21:11 - 2018-12-09 08:43 - 000000000 ____D C:\Users\Ciborki\AppData\Roaming\IObit
  161. 2018-12-08 21:11 - 2018-12-08 21:11 - 000023840 _____ (REALiX(tm)) C:\Windows\system32\Drivers\HWiNFO32.SYS
  162. 2018-12-08 21:06 - 2018-12-08 21:06 - 000000000 ____D C:\Users\Ciborki\AppData\Roaming\AVAST Software
  163. 2018-12-08 21:06 - 2018-12-08 21:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
  164. 2018-12-08 21:03 - 2018-12-08 21:03 - 000397992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
  165. 2018-12-08 21:03 - 2018-12-08 21:03 - 000310200 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
  166. 2018-12-08 21:03 - 2018-12-08 21:03 - 000167480 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
  167. 2018-12-08 21:03 - 2018-12-08 21:03 - 000156936 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
  168. 2018-12-08 21:03 - 2018-12-08 21:03 - 000135200 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
  169. 2018-12-08 21:03 - 2018-12-08 21:03 - 000100984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
  170. 2018-12-08 21:03 - 2018-12-08 21:03 - 000072800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
  171. 2018-12-08 21:03 - 2018-12-08 21:03 - 000042736 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
  172. 2018-12-08 21:03 - 2018-12-08 21:03 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
  173. 2018-12-08 21:03 - 2018-12-08 21:02 - 000784560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
  174. 2018-12-08 21:03 - 2018-12-08 21:02 - 000323288 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
  175. 2018-12-08 21:03 - 2018-12-08 21:02 - 000284256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblogx.sys
  176. 2018-12-08 21:03 - 2018-12-08 21:02 - 000188976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriverx.sys
  177. 2018-12-08 21:03 - 2018-12-08 21:02 - 000165384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidshx.sys
  178. 2018-12-08 21:03 - 2018-12-08 21:02 - 000057904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbunivx.sys
  179. 2018-12-08 21:03 - 2018-12-08 21:02 - 000040688 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
  180. 2018-12-08 21:02 - 2018-12-08 21:02 - 000000000 ____D C:\Program Files\AVAST Software
  181. 2018-12-08 21:01 - 2018-12-08 21:03 - 000000000 ____D C:\ProgramData\AVAST Software
  182. 2018-12-08 20:57 - 2009-02-26 18:32 - 000038224 ____N (CANON INC.) C:\Windows\system32\IJRMF.exe
  183. 2018-12-08 20:41 - 2018-12-08 20:41 - 000000969 _____ C:\Users\Public\Desktop\CCleaner.lnk
  184. 2018-12-08 20:41 - 2018-12-08 20:41 - 000000000 ____D C:\Program Files\CCleaner
  185. 2018-12-08 20:35 - 2018-12-08 20:35 - 000000000 ____D C:\Windows\pss
  186. 2018-12-08 20:25 - 2018-12-08 23:49 - 000000000 ____D C:\Program Files\Core Temp
  187. 2018-12-08 20:25 - 2018-12-08 20:25 - 000001105 _____ C:\Users\Ciborki\Desktop\Core Temp.lnk
  188. 2018-12-08 20:25 - 2018-12-08 20:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
  189.  
  190. ==================== One Month Modified files and folders ========
  191.  
  192. (If an entry is included in the fixlist, the file/folder will be moved.)
  193.  
  194. 2018-12-09 14:50 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
  195. 2018-12-09 14:49 - 2009-07-14 05:34 - 000020352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
  196. 2018-12-09 14:49 - 2009-07-14 05:34 - 000020352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
  197. 2018-12-09 14:48 - 2011-06-05 20:52 - 000000000 ____D C:\Users\Ciborki\AppData\LocalLow\Temp
  198. 2018-12-09 14:47 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
  199. 2018-12-09 08:45 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\PolicyDefinitions
  200. 2018-12-09 08:44 - 2011-09-23 18:02 - 000000000 ____D C:\Windows\WindowsMobile
  201. 2018-12-09 08:44 - 2011-06-07 22:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
  202. 2018-12-09 08:44 - 2011-06-07 22:42 - 000000000 ____D C:\Program Files\WinRAR
  203. 2018-12-09 08:44 - 2011-06-05 20:06 - 000000000 ____D C:\ProgramData\Temp
  204. 2018-12-09 08:44 - 2011-06-05 19:54 - 000000000 ___HD C:\Program Files\InstallShield Installation Information
  205. 2018-12-09 08:44 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\registration
  206. 2018-12-09 08:44 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\Help
  207. 2018-12-09 08:42 - 2009-07-14 03:37 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
  208. 2018-12-09 01:25 - 2011-06-05 16:34 - 000739916 _____ C:\Windows\system32\perfh015.dat
  209. 2018-12-09 01:25 - 2011-06-05 16:34 - 000155458 _____ C:\Windows\system32\perfc015.dat
  210. 2018-12-09 01:25 - 2011-06-05 15:52 - 001668226 _____ C:\Windows\system32\PerfStringBackup.INI
  211. 2018-12-08 23:47 - 2011-06-05 16:22 - 000000000 ____D C:\ProgramData\NVIDIA
  212. 2018-12-08 23:46 - 2012-04-09 18:25 - 000001032 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
  213. 2018-12-08 23:46 - 2011-06-05 15:50 - 000000000 ____D C:\Users\Ciborki
  214. 2018-12-08 23:46 - 2009-07-14 05:33 - 000382768 _____ C:\Windows\system32\FNTCACHE.DAT
  215. 2018-12-08 22:58 - 2011-07-29 20:30 - 000000000 ____D C:\Temp
  216. 2018-12-08 20:58 - 2011-06-05 16:11 - 000094976 _____ C:\Users\Ciborki\AppData\Local\GDIPFONTCACHEV1.DAT
  217. 2018-12-08 20:57 - 2011-07-29 20:06 - 000000000 ____D C:\Users\Ciborki\AppData\Roaming\Samsung
  218. 2018-12-08 20:54 - 2011-06-07 22:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft
  219. 2018-12-08 20:54 - 2011-06-07 22:41 - 000000000 ____D C:\Program Files\AnvSoft
  220. 2018-12-08 20:52 - 2015-12-13 18:56 - 000000000 ____D C:\Users\Ciborki\AppData\Roaming\AVG
  221. 2018-12-08 20:52 - 2015-12-13 18:56 - 000000000 ____D C:\Users\Ciborki\AppData\Local\Avg
  222. 2018-12-08 20:47 - 2012-01-29 14:33 - 000000000 ____D C:\Windows\Minidump
  223. 2018-12-08 20:47 - 2011-06-06 01:41 - 000000000 ____D C:\Windows\Panther
  224. 2018-12-08 20:28 - 2014-03-20 17:10 - 000000000 ____D C:\Program Files\Mozilla Firefox
  225. 2018-12-08 20:21 - 2012-04-11 23:09 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
  226. 2018-12-08 20:21 - 2011-06-05 16:10 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
  227. 2018-12-08 20:21 - 2011-06-05 16:10 - 000000000 ____D C:\Windows\system32\Macromed
  228. 2018-12-08 19:40 - 2015-08-18 19:01 - 000002176 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
  229.  
  230. ==================== Files in the root of some directories =======
  231.  
  232. 2015-08-18 12:41 - 2015-08-18 12:41 - 006420480 _____ () C:\Program Files\GUT816F.tmp
  233. 2013-06-26 18:09 - 2014-03-21 20:32 - 000003730 _____ () C:\Program Files\Mozilla Firefoxavg-secure-search.xml
  234. 2013-02-03 21:37 - 2013-02-03 21:37 - 000087608 _____ () C:\Users\Ciborki\AppData\Roaming\inst.exe
  235. 2013-02-03 21:37 - 2013-02-03 21:37 - 000007887 _____ () C:\Users\Ciborki\AppData\Roaming\pcouffin.cat
  236. 2013-02-03 21:37 - 2013-02-03 21:37 - 000001144 _____ () C:\Users\Ciborki\AppData\Roaming\pcouffin.inf
  237. 2013-02-03 21:37 - 2013-02-03 21:37 - 000000055 _____ () C:\Users\Ciborki\AppData\Roaming\pcouffin.log
  238. 2013-02-03 21:37 - 2013-02-03 21:37 - 000047360 _____ (VSO Software) C:\Users\Ciborki\AppData\Roaming\pcouffin.sys
  239. 2011-06-05 20:11 - 2011-06-05 20:11 - 000000000 _____ () C:\Users\Ciborki\AppData\Local\AtStart.txt
  240. 2011-06-05 20:11 - 2011-06-05 20:11 - 000000000 _____ () C:\Users\Ciborki\AppData\Local\DSwitch.txt
  241. 2011-06-05 20:11 - 2011-06-05 20:11 - 000000000 _____ () C:\Users\Ciborki\AppData\Local\QSwitch.txt
  242. 2011-07-07 23:29 - 2011-07-08 15:43 - 000007598 _____ () C:\Users\Ciborki\AppData\Local\Resmon.ResmonCfg
  243.  
  244. ==================== Bamital & volsnap ======================
  245.  
  246. (There is no automatic fix for files that do not pass verification.)
  247.  
  248. C:\Windows\explorer.exe => File is digitally signed
  249. C:\Windows\system32\winlogon.exe => File is digitally signed
  250. C:\Windows\system32\wininit.exe => File is digitally signed
  251. C:\Windows\system32\svchost.exe => File is digitally signed
  252. C:\Windows\system32\services.exe => File is digitally signed
  253. C:\Windows\system32\User32.dll => File is digitally signed
  254. C:\Windows\system32\userinit.exe => File is digitally signed
  255. C:\Windows\system32\rpcss.dll => File is digitally signed
  256. C:\Windows\system32\dnsapi.dll => File is digitally signed
  257. C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
  258.  
  259. LastRegBack: 2017-11-08 19:02
  260.  
  261. ==================== End of FRST.txt ============================
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!