API tools faq
paste
Advertisement
Guest User

FRST.txt

a guest
Jul 6th, 2015
368
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 43.31 KB | None | 0 0
raw download clone embed print report
  1. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-07-2015
  2. Ran by Whiskas (administrator) on DEVONSPC on 06-07-2015 15:55:13
  3. Running from C:\Users\Devon\Desktop\Sort
  4. Loaded Profiles: Whiskas (Available Profiles: Whiskas)
  5. Platform: Windows 8.1 Pro (X64) OS Language: English (United States)
  6. Internet Explorer Version 11 (Default browser: Opera)
  7. Boot Mode: Normal
  8. Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
  9.  
  10. ==================== Processes (Whitelisted) =================
  11.  
  12. (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
  13.  
  14. (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
  15. (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
  16. (AMD) C:\Windows\System32\atiesrxx.exe
  17. (AMD) C:\Windows\System32\atieclxx.exe
  18. (DTools LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
  19. (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
  20. (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
  21. (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
  22. (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
  23. (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
  24. (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
  25. (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
  26. (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
  27. (Microsoft Corporation) C:\Windows\System32\dasHost.exe
  28. (DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
  29. (CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
  30. (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
  31. (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
  32. (AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AMDQuickStream.exe
  33. (Microsoft Corporation) C:\Windows\System32\dllhost.exe
  34. (Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
  35. (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
  36. (Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.2.1.1\Lightshot.exe
  37. (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
  38. (ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
  39. (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
  40. (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
  41. (Opera Software) C:\Program Files (x86)\Opera\30.0.1835.88\opera.exe
  42. (Opera Software) C:\Program Files (x86)\Opera\30.0.1835.88\opera_crashreporter.exe
  43. (Opera Software) C:\Program Files (x86)\Opera\30.0.1835.88\opera.exe
  44. (Opera Software) C:\Program Files (x86)\Opera\30.0.1835.88\opera.exe
  45. (Opera Software) C:\Program Files (x86)\Opera\30.0.1835.88\opera.exe
  46. (Opera Software) C:\Program Files (x86)\Opera\30.0.1835.88\opera.exe
  47. (Opera Software) C:\Program Files (x86)\Opera\30.0.1835.88\opera.exe
  48. (Opera Software) C:\Program Files (x86)\Opera\30.0.1835.88\opera.exe
  49. (Opera Software) C:\Program Files (x86)\Opera\30.0.1835.88\opera.exe
  50. (Opera Software) C:\Program Files (x86)\Opera\30.0.1835.88\opera.exe
  51.  
  52.  
  53. ==================== Registry (Whitelisted) ==================
  54.  
  55. (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
  56.  
  57. HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [12697368 2014-10-15] (Logitech Inc.)
  58. HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
  59. HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2015-05-15] (Raptr, Inc)
  60. HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3727824 2015-06-16] (AVG Technologies CZ, s.r.o.)
  61. HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-04-28] (Samsung Electronics Co., Ltd.)
  62. HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()
  63. HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
  64. HKU\S-1-5-21-923158318-2833904607-1772505841-1001\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [482528 2014-03-31] (AppEx Networks Corporation)
  65. HKU\S-1-5-21-923158318-2833904607-1772505841-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-05] (Valve Corporation)
  66. HKU\S-1-5-21-923158318-2833904607-1772505841-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8202008 2015-04-09] (Piriform Ltd)
  67. HKU\S-1-5-21-923158318-2833904607-1772505841-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28785792 2015-06-02] (Skype Technologies S.A.)
  68. HKU\S-1-5-21-923158318-2833904607-1772505841-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [41200 2015-06-21] (Overwolf LTD)
  69. HKU\S-1-5-21-923158318-2833904607-1772505841-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.exe [430048 2015-05-21] (CyberGhost S.R.L.)
  70.  
  71. ==================== Internet (Whitelisted) ====================
  72.  
  73. (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
  74.  
  75. HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.oursurfing.com/?type=hp&ts=1433508203&z=aa2c3ae98d39c8f3d2f4a2bg3zdc2c6wceabagaqem&from=2sq&uid=TOSHIBAXDT01ACA050_Y4I1GGAASXXY4I1GGAASX
  76. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.oursurfing.com/?type=hp&ts=1433508203&z=aa2c3ae98d39c8f3d2f4a2bg3zdc2c6wceabagaqem&from=2sq&uid=TOSHIBAXDT01ACA050_Y4I1GGAASXXY4I1GGAASX
  77. HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.oursurfing.com/web/?type=ds&ts=1433508203&z=aa2c3ae98d39c8f3d2f4a2bg3zdc2c6wceabagaqem&from=2sq&uid=TOSHIBAXDT01ACA050_Y4I1GGAASXXY4I1GGAASX&q={searchTerms}
  78. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.oursurfing.com/web/?type=ds&ts=1433508203&z=aa2c3ae98d39c8f3d2f4a2bg3zdc2c6wceabagaqem&from=2sq&uid=TOSHIBAXDT01ACA050_Y4I1GGAASXXY4I1GGAASX&q={searchTerms}
  79. HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.oursurfing.com/?type=hp&ts=1433508203&z=aa2c3ae98d39c8f3d2f4a2bg3zdc2c6wceabagaqem&from=2sq&uid=TOSHIBAXDT01ACA050_Y4I1GGAASXXY4I1GGAASX
  80. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.oursurfing.com/?type=hp&ts=1433508203&z=aa2c3ae98d39c8f3d2f4a2bg3zdc2c6wceabagaqem&from=2sq&uid=TOSHIBAXDT01ACA050_Y4I1GGAASXXY4I1GGAASX
  81. HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.oursurfing.com/web/?type=ds&ts=1433508203&z=aa2c3ae98d39c8f3d2f4a2bg3zdc2c6wceabagaqem&from=2sq&uid=TOSHIBAXDT01ACA050_Y4I1GGAASXXY4I1GGAASX&q={searchTerms}
  82. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.oursurfing.com/web/?type=ds&ts=1433508203&z=aa2c3ae98d39c8f3d2f4a2bg3zdc2c6wceabagaqem&from=2sq&uid=TOSHIBAXDT01ACA050_Y4I1GGAASXXY4I1GGAASX&q={searchTerms}
  83. HKU\S-1-5-21-923158318-2833904607-1772505841-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.oursurfing.com/?type=hp&ts=1433508203&z=aa2c3ae98d39c8f3d2f4a2bg3zdc2c6wceabagaqem&from=2sq&uid=TOSHIBAXDT01ACA050_Y4I1GGAASXXY4I1GGAASX
  84. HKU\S-1-5-21-923158318-2833904607-1772505841-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.oursurfing.com/?type=hp&ts=1433508203&z=aa2c3ae98d39c8f3d2f4a2bg3zdc2c6wceabagaqem&from=2sq&uid=TOSHIBAXDT01ACA050_Y4I1GGAASXXY4I1GGAASX
  85. SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.oursurfing.com/web/?type=ds&ts=1433508203&z=aa2c3ae98d39c8f3d2f4a2bg3zdc2c6wceabagaqem&from=2sq&uid=TOSHIBAXDT01ACA050_Y4I1GGAASXXY4I1GGAASX&q={searchTerms}
  86. SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.oursurfing.com/web/?type=ds&ts=1433508203&z=aa2c3ae98d39c8f3d2f4a2bg3zdc2c6wceabagaqem&from=2sq&uid=TOSHIBAXDT01ACA050_Y4I1GGAASXXY4I1GGAASX&q={searchTerms}
  87. SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.oursurfing.com/web/?type=ds&ts=1433508203&z=aa2c3ae98d39c8f3d2f4a2bg3zdc2c6wceabagaqem&from=2sq&uid=TOSHIBAXDT01ACA050_Y4I1GGAASXXY4I1GGAASX&q={searchTerms}
  88. SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.oursurfing.com/web/?type=ds&ts=1433508203&z=aa2c3ae98d39c8f3d2f4a2bg3zdc2c6wceabagaqem&from=2sq&uid=TOSHIBAXDT01ACA050_Y4I1GGAASXXY4I1GGAASX&q={searchTerms}
  89. SearchScopes: HKU\S-1-5-21-923158318-2833904607-1772505841-1001 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.oursurfing.com/web/?utm_source=b&utm_medium=2sq&utm_campaign=install_ie&utm_content=ds&from=2sq&uid=TOSHIBAXDT01ACA050_Y4I1GGAASXXY4I1GGAASX&ts=1433508227&type=default&q={searchTerms}
  90. SearchScopes: HKU\S-1-5-21-923158318-2833904607-1772505841-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.oursurfing.com/web/?utm_source=b&utm_medium=2sq&utm_campaign=install_ie&utm_content=ds&from=2sq&uid=TOSHIBAXDT01ACA050_Y4I1GGAASXXY4I1GGAASX&ts=1433508227&type=default&q={searchTerms}
  91. SearchScopes: HKU\S-1-5-21-923158318-2833904607-1772505841-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.oursurfing.com/web/?utm_source=b&utm_medium=2sq&utm_campaign=install_ie&utm_content=ds&from=2sq&uid=TOSHIBAXDT01ACA050_Y4I1GGAASXXY4I1GGAASX&ts=1433508227&type=default&q={searchTerms}
  92. SearchScopes: HKU\S-1-5-21-923158318-2833904607-1772505841-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.oursurfing.com/web/?utm_source=b&utm_medium=2sq&utm_campaign=install_ie&utm_content=ds&from=2sq&uid=TOSHIBAXDT01ACA050_Y4I1GGAASXXY4I1GGAASX&ts=1433508227&type=default&q={searchTerms}
  93. SearchScopes: HKU\S-1-5-21-923158318-2833904607-1772505841-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://www.oursurfing.com/web/?utm_source=b&utm_medium=2sq&utm_campaign=install_ie&utm_content=ds&from=2sq&uid=TOSHIBAXDT01ACA050_Y4I1GGAASXXY4I1GGAASX&ts=1433508227&type=default&q={searchTerms}
  94. BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-06-28] (Oracle Corporation)
  95. BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
  96. BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-28] (Oracle Corporation)
  97. BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-06-24] (Oracle Corporation)
  98. BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
  99. BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-24] (Oracle Corporation)
  100. Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
  101. Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
  102. Hosts: Hosts file not detected in the default directory
  103. Tcpip\..\Interfaces\{D7C1BA71-2325-4E56-817C-4D00A87D6DCF}: [DhcpNameServer] 192.168.0.1
  104. StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.oursurfing.com/?type=sc&ts=1433508203&z=aa2c3ae98d39c8f3d2f4a2bg3zdc2c6wceabagaqem&from=2sq&uid=TOSHIBAXDT01ACA050_Y4I1GGAASXXY4I1GGAASX
  105.  
  106. FireFox:
  107. ========
  108. FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-28] (Oracle Corporation)
  109. FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-28] (Oracle Corporation)
  110. FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
  111. FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-24] (Oracle Corporation)
  112. FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-24] (Oracle Corporation)
  113. FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
  114. FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-04] (Google Inc.)
  115. FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-04] (Google Inc.)
  116. FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
  117.  
  118. Chrome:
  119. =======
  120. CHR Profile: C:\Users\Devon\AppData\Local\Google\Chrome\User Data\Default
  121. CHR Extension: (Google Slides) - C:\Users\Devon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-04]
  122. CHR Extension: (Google Docs) - C:\Users\Devon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-04]
  123. CHR Extension: (Google Drive) - C:\Users\Devon\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-04]
  124. CHR Extension: (YouTube) - C:\Users\Devon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-04]
  125. CHR Extension: (Google Search) - C:\Users\Devon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-04]
  126. CHR Extension: (Google Sheets) - C:\Users\Devon\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-04]
  127. CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Devon\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-04]
  128. CHR Extension: (Skype Click to Call) - C:\Users\Devon\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-06-04]
  129. CHR Extension: (Google Wallet) - C:\Users\Devon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-04]
  130. CHR Extension: (Gmail) - C:\Users\Devon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-04]
  131. CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
  132.  
  133. Opera:
  134. =======
  135. OPR Extension: (theprovider) - C:\Users\Devon\AppData\Roaming\Opera Software\Opera Stable\Extensions\kipjbhgniklcnglfaldilecjomjaddfi [2015-06-23]
  136. OPR Extension: (Premiumize.me) - C:\Users\Devon\AppData\Roaming\Opera Software\Opera Stable\Extensions\lojbjecfjcnaledoelddkcjlifhhfebm [2015-06-23]
  137.  
  138. ==================== Services (Whitelisted) =================
  139.  
  140. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  141.  
  142. R2 avgfws; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [1526936 2015-06-16] (AVG Technologies CZ, s.r.o.)
  143. R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3461072 2015-06-16] (AVG Technologies CZ, s.r.o.)
  144. R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [312816 2015-06-16] (AVG Technologies CZ, s.r.o.)
  145. S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1141248 2015-06-10] ()
  146. S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
  147. R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
  148. R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
  149. R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [63968 2015-05-21] (CyberGhost S.R.L)
  150. S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1000688 2015-06-21] (Overwolf LTD)
  151. R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
  152. S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
  153. S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
  154. R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [695976 2015-06-05] (DTools LIMITED) <==== ATTENTION
  155. S2 caa89563; "C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\Optimizer Pro 3.95\OptProMon.dll",ENT <==== ATTENTION
  156. S2 wbsvc; "C:\Program Files\WebBar\wbsvc.exe" [X]
  157.  
  158. ==================== Drivers (Whitelisted) ====================
  159.  
  160. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  161.  
  162. S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
  163. R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [229056 2014-10-28] (AppEx Networks Corporation)
  164. R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [223232 2014-06-22] (Advanced Micro Devices)
  165. S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21152 2015-03-27] (AVG Technologies CZ, s.r.o.)
  166. R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
  167. R1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [67552 2015-04-14] (AVG Technologies CZ, s.r.o.)
  168. R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [287200 2015-05-19] (AVG Technologies CZ, s.r.o.)
  169. R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [253408 2015-05-12] (AVG Technologies CZ, s.r.o.)
  170. R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [256992 2015-04-15] (AVG Technologies CZ, s.r.o.)
  171. R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)
  172. R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [224224 2015-05-12] (AVG Technologies CZ, s.r.o.)
  173. R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
  174. R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [285152 2015-05-12] (AVG Technologies CZ, s.r.o.)
  175. S3 DrvAgent64; C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [13824 2015-06-22] (Phoenix Technologies) [File not signed]
  176. S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
  177. S1 scfd_1_10_0_16; system32\drivers\scfd_1_10_0_16.sys [X]
  178. S1 wsfd_1_10_0_17; system32\drivers\wsfd_1_10_0_17.sys [X]
  179.  
  180. ==================== NetSvcs (Whitelisted) ===================
  181.  
  182. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  183.  
  184.  
  185. ==================== One Month Created files and folders ========
  186.  
  187. (If an entry is included in the fixlist, the file/folder will be moved.)
  188.  
  189. 2015-07-06 15:55 - 2015-07-06 15:56 - 21692664 _____ C:\Users\Devon\Downloads\RogueKillerX64.exe
  190. 2015-07-06 15:53 - 2015-07-06 15:53 - 02112512 _____ (Farbar) C:\Users\Devon\Downloads\FRST64.exe
  191. 2015-07-06 15:50 - 2015-07-06 15:55 - 00000000 ____D C:\Users\Devon\Desktop\Sort
  192. 2015-07-06 01:22 - 2015-07-06 01:22 - 00562434 _____ C:\Users\Devon\Downloads\Stage3000 Loader.zip
  193. 2015-07-05 11:45 - 2015-07-05 11:45 - 00001647 _____ C:\Users\Devon\Downloads\uploadcloud.pro.rar
  194. 2015-07-04 21:32 - 2015-07-04 21:32 - 00021084 _____ C:\Users\Devon\Downloads\[kat.cr]teen.wolf.s05e02.hdtv.x264.2hd.ettv.torrent
  195. 2015-07-04 20:51 - 2015-07-06 15:46 - 00002436 _____ C:\Windows\setupact.log
  196. 2015-07-04 20:51 - 2015-07-04 20:51 - 00000000 _____ C:\Windows\setuperr.log
  197. 2015-07-01 02:31 - 2015-07-01 02:31 - 00051776 _____ C:\Users\Devon\Downloads\7e7bdd_7dee578be9c14cf38b6eb7ffb30be87d.jpg_srz_915_610_75_22_0.5_1.2_75_jpg_srz
  198. 2015-06-30 18:16 - 2015-07-06 15:50 - 00374766 _____ C:\Windows\WindowsUpdate.log
  199. 2015-06-30 15:52 - 2015-06-30 15:52 - 00021830 _____ C:\Users\Devon\Downloads\[kat.cr]teen.wolf.s05e01.creatures.of.the.night.webrip.x264.aac.torrent
  200. 2015-06-29 17:25 - 2015-06-29 17:25 - 00000580 _____ C:\Users\Devon\Desktop\Fraps.lnk
  201. 2015-06-29 17:25 - 2015-06-29 17:25 - 00000000 ____D C:\Users\Devon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps
  202. 2015-06-29 17:25 - 2015-06-29 17:25 - 00000000 ____D C:\Fraps
  203. 2015-06-29 15:14 - 2015-06-29 15:14 - 00000000 ____D C:\Users\Devon\Downloads\Fraps Files
  204. 2015-06-29 15:13 - 2015-06-29 15:13 - 02607013 _____ C:\Users\Devon\Downloads\Fraps Files.rar
  205. 2015-06-29 14:48 - 2015-06-29 14:49 - 00000000 ____D C:\Users\Devon\AppData\Local\CyberGhost
  206. 2015-06-29 14:47 - 2015-06-29 14:48 - 00000000 ____D C:\Program Files\CyberGhost 5
  207. 2015-06-29 14:47 - 2015-06-29 14:47 - 00001750 _____ C:\Users\Devon\Desktop\CyberGhost 5.lnk
  208. 2015-06-29 14:47 - 2015-06-29 14:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 5
  209. 2015-06-29 14:46 - 2015-06-29 14:47 - 09741888 _____ (CyberGhost S.R.L. ) C:\Users\Devon\Downloads\CG_5.0.15.14.exe
  210. 2015-06-28 23:26 - 2015-06-28 23:26 - 00736006 _____ C:\Users\Devon\Downloads\Bukkit-JavaDoc-master.zip
  211. 2015-06-28 23:17 - 2015-06-28 23:17 - 00000000 ____D C:\Users\Devon\Downloads\work
  212. 2015-06-28 23:17 - 2015-06-28 23:17 - 00000000 ____D C:\Users\Devon\Downloads\Bukkit
  213. 2015-06-28 23:14 - 2015-06-28 23:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
  214. 2015-06-28 23:14 - 2015-06-28 23:14 - 00000000 ____D C:\Program Files (x86)\Git
  215. 2015-06-28 23:13 - 2015-06-28 23:14 - 17935569 _____ (The Git Development Community ) C:\Users\Devon\Downloads\Git-1.9.5-preview20150319.exe
  216. 2015-06-28 22:13 - 2015-06-29 00:14 - 00003852 _____ C:\Users\Devon\Desktop\JAVA.txt
  217. 2015-06-28 21:42 - 2015-06-29 11:08 - 00000000 ____D C:\Users\Devon\AppData\Local\Eclipse
  218. 2015-06-28 21:41 - 2015-06-28 21:40 - 00110688 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
  219. 2015-06-28 21:40 - 2015-06-28 21:40 - 00000000 ____D C:\Program Files\Java
  220. 2015-06-28 21:37 - 2015-06-28 21:40 - 43189344 _____ (Oracle Corporation) C:\Users\Devon\Downloads\jre-8u45-windows-x64.exe
  221. 2015-06-28 21:29 - 2015-06-29 11:08 - 00000000 ____D C:\Users\Devon\.p2
  222. 2015-06-28 21:29 - 2015-06-28 23:59 - 00000000 ____D C:\Users\Devon\.eclipse
  223. 2015-06-28 20:42 - 2015-06-28 21:07 - 282533464 _____ C:\Users\Devon\Downloads\eclipse-jee-mars-R-win32-x86_64 (1).zip
  224. 2015-06-28 20:33 - 2015-06-28 20:41 - 45233814 _____ C:\Users\Devon\Downloads\eclipse-jee-mars-R-win32-x86_64.zip
  225. 2015-06-26 19:16 - 2015-07-06 01:23 - 00000000 ____D C:\Users\Devon\Downloads\Stage3000 loader
  226. 2015-06-26 19:16 - 2015-06-26 19:16 - 00548919 _____ C:\Users\Devon\Downloads\Stage3000 loader.rar
  227. 2015-06-25 21:55 - 2015-06-25 21:59 - 00000000 ____D C:\Users\Devon\AppData\Roaming\TrueCrypt
  228. 2015-06-25 21:55 - 2015-06-25 21:55 - 00231376 _____ (TrueCrypt Foundation) C:\Windows\system32\Drivers\truecrypt.sys
  229. 2015-06-25 21:55 - 2015-06-25 21:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrueCrypt
  230. 2015-06-25 21:54 - 2015-06-25 21:55 - 00000000 ____D C:\Program Files\TrueCrypt
  231. 2015-06-25 21:40 - 2015-06-25 21:40 - 00000000 ____D C:\Program Files\TAP-Windows
  232. 2015-06-25 20:38 - 2015-06-25 20:38 - 03466248 _____ (TrueCrypt Foundation) C:\Users\Devon\Downloads\truecrypt_setup_7.1a.exe
  233. 2015-06-25 20:29 - 2015-06-25 20:30 - 01474048 _____ C:\Users\Devon\Downloads\pELexnol1jLZ8.exe
  234. 2015-06-25 20:01 - 2015-06-25 20:01 - 00000000 ____D C:\Users\Devon\Downloads\Astros Font Pack
  235. 2015-06-25 19:57 - 2015-06-25 19:57 - 01781126 _____ C:\Users\Devon\Downloads\QUEBUIK DESIGNERS FONTS.rar
  236. 2015-06-25 19:54 - 2015-06-25 20:00 - 26402908 _____ C:\Users\Devon\Downloads\Astros Font Pack.rar
  237. 2015-06-25 19:50 - 2015-06-25 19:50 - 00000000 ____D C:\Users\Devon\Downloads\pro_fonts_by_softboxindia-d54ec17
  238. 2015-06-25 19:50 - 2015-06-25 19:50 - 00000000 ____D C:\Users\Devon\Downloads\Designography
  239. 2015-06-25 19:48 - 2015-06-25 19:49 - 16147128 _____ C:\Users\Devon\Downloads\pro_fonts_by_softboxindia-d54ec17.rar
  240. 2015-06-25 19:47 - 2015-06-25 19:48 - 02183949 _____ C:\Users\Devon\Downloads\Designography.rar
  241. 2015-06-25 17:07 - 2015-06-25 17:28 - 00000000 ____D C:\Users\Devon\.idlerc
  242. 2015-06-25 17:04 - 2015-06-25 17:46 - 00000000 ____D C:\Python27
  243. 2015-06-25 17:04 - 2015-06-25 17:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7
  244. 2015-06-25 17:00 - 2015-06-25 17:02 - 16333824 _____ C:\Users\Devon\Downloads\python-2.7.1.amd64.msi
  245. 2015-06-25 16:47 - 2015-06-25 16:47 - 00000000 ____D C:\Users\Devon\Downloads\HNSVPNClient
  246. 2015-06-25 16:43 - 2015-06-25 17:08 - 214038168 _____ C:\Users\Devon\Downloads\netbeans-8.0.2-windows.exe
  247. 2015-06-25 06:28 - 2015-06-25 06:28 - 00000000 ____D C:\Users\Devon\Desktop\HNSVPNClient
  248. 2015-06-25 06:27 - 2015-06-25 06:27 - 02893517 _____ C:\Users\Devon\Downloads\HNSVPNClient (1).rar
  249. 2015-06-24 21:58 - 2015-06-24 21:57 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
  250. 2015-06-24 21:57 - 2015-06-24 21:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
  251. 2015-06-24 21:51 - 2015-06-24 21:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
  252. 2015-06-24 21:50 - 2015-06-24 21:57 - 00000000 ____D C:\Program Files (x86)\Java
  253. 2015-06-24 20:59 - 2015-06-24 21:48 - 184527448 _____ (Oracle Corporation) C:\Users\Devon\Downloads\jdk-8u45-windows-i586.exe
  254. 2015-06-24 18:52 - 2015-06-24 18:53 - 00049227 _____ C:\Users\Devon\Downloads\Addition.txt
  255. 2015-06-24 18:50 - 2015-06-24 18:53 - 00062231 _____ C:\Users\Devon\Downloads\FRST.txt
  256. 2015-06-24 18:47 - 2015-07-06 15:55 - 00000000 ____D C:\FRST
  257. 2015-06-24 18:19 - 2015-06-24 18:19 - 00234196 _____ C:\Users\Devon\Downloads\kali-linux-1.1.0a-amd64.torrent
  258. 2015-06-23 21:39 - 2015-06-23 21:39 - 00061537 _____ C:\Users\Devon\Downloads\Fast Traffic Code.rar
  259. 2015-06-23 17:43 - 2015-06-23 17:43 - 01591791 _____ C:\Users\Devon\Downloads\DDUv1271-[Guru3D.com].exe
  260. 2015-06-22 21:10 - 2015-06-22 21:10 - 00000000 ____D C:\ProgramData\InstallSightSDK
  261. 2015-06-22 21:09 - 2015-06-22 21:09 - 00003784 _____ C:\Windows\System32\Tasks\WebBarUpdateTask
  262. 2015-06-22 21:09 - 2015-06-22 21:09 - 00003258 _____ C:\Windows\System32\Tasks\WebBarLaunchTask
  263. 2015-06-22 21:09 - 2015-06-22 21:09 - 00000000 ____D C:\Users\Devon\AppData\Local\WebBar
  264. 2015-06-22 20:12 - 2015-07-06 13:49 - 00000406 _____ C:\Windows\Tasks\update-sys.job
  265. 2015-06-22 20:12 - 2015-07-06 12:02 - 00000406 _____ C:\Windows\Tasks\update-S-1-5-21-923158318-2833904607-1772505841-1001.job
  266. 2015-06-22 20:12 - 2015-06-22 20:13 - 00000000 ____D C:\Users\Devon\Documents\Lightshot
  267. 2015-06-22 20:12 - 2015-06-22 20:12 - 00003276 _____ C:\Windows\System32\Tasks\update-sys
  268. 2015-06-22 20:12 - 2015-06-22 20:12 - 00003254 _____ C:\Windows\System32\Tasks\update-S-1-5-21-923158318-2833904607-1772505841-1001
  269. 2015-06-22 20:12 - 2015-06-22 20:12 - 00000424 _____ C:\Users\Devon\AppData\Local\UserProducts.xml
  270. 2015-06-22 20:12 - 2015-06-22 20:12 - 00000003 _____ C:\Users\Devon\AppData\Local\updater.log
  271. 2015-06-22 20:12 - 2015-06-22 20:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot
  272. 2015-06-22 20:12 - 2015-06-22 20:12 - 00000000 ____D C:\Program Files (x86)\Skillbrains
  273. 2015-06-22 20:11 - 2015-06-22 20:11 - 02511360 _____ (Skillbrains ) C:\Users\Devon\Downloads\setup-lightshot.exe
  274. 2015-06-22 16:55 - 2015-06-22 16:55 - 00013824 _____ (Phoenix Technologies) C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
  275. 2015-06-22 16:55 - 2015-06-22 16:55 - 00000000 ____D C:\Users\Devon\AppData\Local\eSupport.com
  276. 2015-06-22 16:54 - 2015-06-22 16:55 - 01208432 _____ (Copyright © 2015 eSupport.com, Inc • All Rights Reserved ) C:\Users\Devon\Downloads\driveragent-setup-1213.exe
  277. 2015-06-21 16:45 - 2015-06-21 16:45 - 09415407 _____ C:\Users\Devon\Downloads\Liquid$moke.rar
  278. 2015-06-20 23:01 - 2015-06-20 23:01 - 00461428 _____ C:\Users\Devon\Downloads\ppr_v0.98.rar
  279. 2015-06-18 18:55 - 2015-06-18 18:56 - 00000000 ____D C:\Users\Devon\Downloads\PD2 MVP v2.8_mpgh.net
  280. 2015-06-18 18:48 - 2015-06-18 18:48 - 00415780 _____ C:\Users\Devon\Downloads\PD2 MVP v2.8_mpgh.net.rar
  281. 2015-06-17 06:18 - 2015-06-17 06:18 - 00002713 _____ C:\Users\Devon\Desktop\Skype.lnk
  282. 2015-06-16 06:39 - 2015-06-16 06:40 - 00000000 ____D C:\Users\Devon\AppData\Local\PAYDAY 2
  283. 2015-06-16 06:39 - 2015-06-16 06:39 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
  284. 2015-06-16 06:39 - 2015-06-16 06:39 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
  285. 2015-06-15 18:49 - 2015-06-15 18:49 - 00034526 _____ C:\Users\Devon\Downloads\[kat.cr]game.of.thrones.s05e10.hdtv.x264.killers.ettv.torrent
  286. 2015-06-15 18:47 - 2015-06-15 18:47 - 00000222 _____ C:\Users\Devon\Desktop\Dirty Bomb.url
  287. 2015-06-15 06:38 - 2015-06-15 06:38 - 00000222 _____ C:\Users\Devon\Desktop\PAYDAY 2.url
  288. 2015-06-14 17:21 - 2015-06-14 17:22 - 06666699 _____ C:\Users\Devon\Downloads\FactionsPlusPack 2.0.zip
  289. 2015-06-14 12:10 - 2015-06-14 12:10 - 00018924 _____ C:\Users\Devon\Downloads\@DayzOverwatch.zip.torrent
  290. 2015-06-14 12:10 - 2015-06-14 12:10 - 00018924 _____ C:\Users\Devon\Downloads\@DayzOverwatch.zip (1).torrent
  291. 2015-06-14 12:09 - 2015-06-14 12:09 - 00000000 ____D C:\Users\Devon\Downloads\runtime
  292. 2015-06-14 12:06 - 2015-06-14 12:09 - 00000000 ____D C:\Users\Devon\Downloads\game
  293. 2015-06-14 12:06 - 2015-06-14 12:06 - 01294088 _____ (Mojang) C:\Users\Devon\Downloads\Minecraft.exe
  294. 2015-06-14 12:06 - 2015-06-14 12:06 - 00001366 _____ C:\Users\Public\Desktop\DayZ Commander.lnk
  295. 2015-06-14 12:06 - 2015-06-14 12:06 - 00000000 ____D C:\Users\Devon\AppData\Local\DayZCommander
  296. 2015-06-14 12:06 - 2015-06-14 12:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dotjosh Studios
  297. 2015-06-14 12:06 - 2015-06-14 12:06 - 00000000 ____D C:\Program Files (x86)\Dotjosh Studios
  298. 2015-06-14 12:05 - 2015-06-14 12:06 - 02932736 _____ C:\Users\Devon\Downloads\Dotjosh.DayZCommander.Installer.msi
  299. 2015-06-14 10:50 - 2015-07-06 15:13 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
  300. 2015-06-14 10:50 - 2015-06-24 22:16 - 00003718 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
  301. 2015-06-13 17:28 - 2015-06-13 17:28 - 00000498 _____ C:\Users\Devon\Downloads\Setup (2).website
  302. 2015-06-13 17:20 - 2015-06-13 17:21 - 00000498 _____ C:\Users\Devon\Downloads\Setup (1).website
  303. 2015-06-13 16:08 - 2015-06-13 16:08 - 00000494 _____ C:\Users\Devon\Downloads\Setup.website
  304. 2015-06-13 14:46 - 2015-06-13 14:46 - 00000000 ____D C:\Users\Devon\.cache
  305. 2015-06-13 12:39 - 2015-06-22 20:29 - 00000000 ____D C:\Program Files\Common Files\AV
  306. 2015-06-13 12:38 - 2015-06-13 12:38 - 00000000 ____D C:\Users\Devon\AppData\Local\Avg
  307. 2015-06-12 20:50 - 2015-06-13 00:50 - 00003442 _____ C:\Windows\System32\Tasks\Oinvrela
  308. 2015-06-12 20:50 - 2015-06-12 20:50 - 00000000 ____D C:\ProgramData\Oinvrela
  309. 2015-06-12 20:45 - 2015-06-13 17:36 - 00000000 ____D C:\ProgramData\FinanceAlert
  310. 2015-06-12 20:45 - 2015-06-13 15:05 - 00000000 ____D C:\ProgramData\AgtYcl
  311. 2015-06-12 20:45 - 2015-06-13 12:36 - 00000000 ____D C:\Users\Devon\AppData\Local\FinanceAlert
  312. 2015-06-12 13:01 - 2015-06-12 13:01 - 00000000 ____D C:\Users\Devon\Downloads\Your ANZ Internet Banking Guide
  313. 2015-06-12 13:00 - 2015-06-12 13:00 - 00025903 _____ C:\Users\Devon\Downloads\Your ANZ Internet Banking Guide.zip
  314. 2015-06-11 22:29 - 2015-06-11 22:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
  315. 2015-06-11 22:28 - 2015-06-11 22:28 - 00000000 ____D C:\Program Files\CPUID
  316. 2015-06-11 22:27 - 2015-06-11 22:28 - 01586848 _____ ( ) C:\Users\Devon\Downloads\cpu-z_1.72.1-en.exe
  317. 2015-06-10 14:41 - 2015-06-10 14:49 - 102109213 _____ C:\Users\Devon\Downloads\@Dayz-1.7.7.1-Patch.rar
  318. 2015-06-10 14:27 - 2015-06-10 14:28 - 00546700 _____ C:\Users\Devon\Downloads\@Dayz-1.7.7.1-Patch.rar.crdownload
  319. 2015-06-10 13:56 - 2015-06-10 13:57 - 00000000 ____D C:\Users\Devon\AppData\Local\ArmA 2
  320. 2015-06-10 13:50 - 2015-06-14 19:47 - 00000000 ____D C:\Users\Devon\AppData\Local\ArmA 2 OA
  321. 2015-06-10 13:50 - 2015-06-12 14:23 - 00000000 ____D C:\Users\Devon\Documents\ArmA 2
  322. 2015-06-10 13:50 - 2015-06-10 13:50 - 00000000 ____D C:\ProgramData\Bohemia Interactive Studio
  323. 2015-06-10 13:45 - 2015-06-10 13:45 - 00000221 _____ C:\Users\Devon\Desktop\Arma 2.url
  324. 2015-06-10 13:39 - 2015-06-10 13:39 - 00000221 _____ C:\Users\Devon\Desktop\Arma 2 Operation Arrowhead.url
  325. 2015-06-10 13:30 - 2015-06-10 13:30 - 00000222 _____ C:\Users\Devon\Desktop\Arma 2 Operation Arrowhead Beta (Obsolete).url
  326. 2015-06-10 13:05 - 2015-06-10 13:05 - 00039080 _____ C:\Windows\system32\cc_20150610_130524.reg
  327. 2015-06-10 01:00 - 2015-06-13 01:02 - 00000112 _____ C:\ProgramData\D2w5dYxp7.dat
  328. 2015-06-10 00:46 - 2015-06-13 01:25 - 00000000 ____D C:\ProgramData\abc
  329. 2015-06-10 00:44 - 2015-06-13 12:30 - 00000000 ____D C:\Program Files (x86)\Coupoon
  330. 2015-06-09 22:13 - 2015-06-09 22:13 - 00000000 ____D C:\Users\Devon\AppData\Local\fabi.me
  331. 2015-06-09 22:12 - 2015-06-09 22:12 - 00008704 _____ (fabi.me) C:\Users\Devon\Downloads\ClickCounter.exe
  332. 2015-06-09 22:11 - 2015-06-09 22:14 - 00000000 ____D C:\Users\Devon\Downloads\SpeedAutoClicker
  333. 2015-06-09 22:11 - 2015-06-09 22:11 - 00094899 _____ C:\Users\Devon\Downloads\SpeedAutoClicker.zip
  334. 2015-06-09 19:28 - 2015-06-09 19:28 - 00020600 _____ C:\Users\Devon\Downloads\AutumnApple.veg
  335. 2015-06-09 13:47 - 2015-06-09 13:51 - 00000000 ____D C:\Users\Devon\AppData\Roaming\Red Giant Link
  336. 2015-06-09 13:47 - 2015-06-09 13:47 - 00004200 _____ C:\Windows\System32\Tasks\Red Giant Link
  337. 2015-06-09 13:47 - 2015-06-09 13:47 - 00000000 ____D C:\Users\Devon\AppData\Local\LooksBuilder
  338. 2015-06-09 13:47 - 2015-06-09 13:47 - 00000000 ____D C:\temp
  339. 2015-06-09 13:46 - 2015-06-09 13:46 - 00000000 ____D C:\ProgramData\RedGiant
  340. 2015-06-09 13:46 - 2015-06-09 13:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Giant
  341. 2015-06-09 13:46 - 2015-06-09 13:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magic Bullet Looks
  342. 2015-06-09 13:46 - 2015-06-09 13:46 - 00000000 ____D C:\Program Files\Magic Bullet Looks Vegas
  343. 2015-06-09 13:46 - 2015-06-09 13:46 - 00000000 ____D C:\Program Files (x86)\Red Giant Link
  344. 2015-06-09 13:46 - 2015-06-09 13:46 - 00000000 ____D C:\Program Files (x86)\LooksBuilder
  345. 2015-06-09 13:34 - 2015-06-09 13:34 - 00000000 ____D C:\Users\Devon\AppData\Roaming\Publish Providers
  346. 2015-06-09 13:32 - 2015-06-09 13:34 - 00000000 ____D C:\Users\Devon\AppData\Local\Sony
  347. 2015-06-09 13:32 - 2015-06-09 13:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
  348. 2015-06-09 13:32 - 2015-06-09 13:32 - 00000000 ____D C:\Program Files\Sony
  349. 2015-06-09 13:32 - 2015-06-09 13:32 - 00000000 ____D C:\Program Files (x86)\Sony
  350. 2015-06-09 13:31 - 2015-06-10 12:58 - 00000000 ____D C:\Users\Devon\AppData\Roaming\Sony
  351. 2015-06-09 13:31 - 2015-06-09 13:32 - 00000000 ____D C:\ProgramData\Sony
  352. 2015-06-08 22:14 - 2015-06-08 22:14 - 00000000 ____D C:\Users\Devon\AppData\Roaming\Notepad++
  353. 2015-06-08 22:14 - 2015-06-08 22:14 - 00000000 ____D C:\Users\Devon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
  354. 2015-06-08 22:14 - 2015-06-08 22:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
  355. 2015-06-08 22:14 - 2015-06-08 22:14 - 00000000 ____D C:\Program Files (x86)\Notepad++
  356. 2015-06-08 22:13 - 2015-06-08 22:13 - 06944290 _____ C:\Users\Devon\Downloads\npp.6.7.8.2.Installer.exe
  357.  
  358. ==================== One Month Modified files and folders ========
  359.  
  360. (If an entry is included in the fixlist, the file/folder will be moved.)
  361.  
  362. 2015-07-06 15:48 - 2015-05-30 21:48 - 00000000 ____D C:\Users\Devon\AppData\Local\Overwolf
  363. 2015-07-06 15:48 - 2015-05-18 21:44 - 00000000 ____D C:\Users\Devon\AppData\Roaming\Skype
  364. 2015-07-06 15:47 - 2015-06-05 22:43 - 00000354 _____ C:\Windows\Tasks\VQLLDDHK1.job
  365. 2015-07-06 15:47 - 2015-06-04 18:20 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
  366. 2015-07-06 15:47 - 2015-05-18 18:28 - 00000000 ____D C:\Users\Devon\AppData\Roaming\Raptr
  367. 2015-07-06 15:46 - 2013-08-23 00:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
  368. 2015-07-06 15:45 - 2015-05-18 19:07 - 00000000 ____D C:\Program Files (x86)\Steam
  369. 2015-07-06 15:45 - 2015-05-18 18:31 - 00065536 _____ C:\Windows\system32\spu_storage.bin
  370. 2015-07-06 15:30 - 2015-06-04 18:20 - 00000924 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
  371. 2015-07-06 15:29 - 2015-05-18 18:38 - 00000000 ____D C:\Users\Devon\AppData\Roaming\.minecraft
  372. 2015-07-06 15:00 - 2013-08-23 01:36 - 00000000 ____D C:\Windows\system32\sru
  373. 2015-07-06 14:42 - 2015-05-25 19:43 - 00000000 ____D C:\ProgramData\MFAData
  374. 2015-07-06 14:14 - 2013-09-30 14:14 - 00863592 _____ C:\Windows\system32\PerfStringBackup.INI
  375. 2015-07-06 10:41 - 2015-06-05 22:41 - 00000358 _____ C:\Windows\Tasks\Bidaily Synchronize Task[3c32].job
  376. 2015-07-06 01:14 - 2013-08-22 23:25 - 00262144 ___SH C:\Windows\system32\config\BBI
  377. 2015-07-05 14:43 - 2015-05-19 07:53 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-923158318-2833904607-1772505841-1001
  378. 2015-07-05 11:57 - 2013-08-23 01:36 - 00000000 ____D C:\Windows\AppReadiness
  379. 2015-07-05 02:08 - 2015-06-04 18:19 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
  380. 2015-07-05 01:36 - 2015-05-19 17:08 - 00028176 _____ C:\Windows\system32\lvcoinst.log
  381. 2015-07-05 00:33 - 2013-08-22 23:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
  382. 2015-07-05 00:11 - 2015-05-18 22:26 - 00000000 ____D C:\Users\Devon\AppData\Roaming\vlc
  383. 2015-07-04 23:16 - 2015-05-18 19:29 - 00000000 ____D C:\Users\Devon\AppData\Roaming\Azureus
  384. 2015-07-01 01:16 - 2015-05-19 17:16 - 00087552 ___SH C:\Users\Devon\Downloads\Thumbs.db
  385. 2015-06-30 15:05 - 2015-05-22 16:35 - 00000000 ____D C:\Users\Devon\AppData\Roaming\TS3Client
  386. 2015-06-30 09:48 - 2015-05-25 19:46 - 00000991 _____ C:\Users\Public\Desktop\AVG 2015.lnk
  387. 2015-06-30 09:48 - 2015-05-25 19:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
  388. 2015-06-29 16:20 - 2015-05-30 22:19 - 00000000 ____D C:\Program Files (x86)\Overwolf
  389. 2015-06-29 14:49 - 2015-05-19 07:41 - 00000000 ____D C:\Users\Devon\AppData\Local\VirtualStore
  390. 2015-06-29 12:43 - 2015-06-05 22:43 - 00000000 ____D C:\ProgramData\2fc7ad4981e44e5e9cd938c744ee5bc0
  391. 2015-06-28 23:17 - 2015-05-19 07:41 - 00000000 ____D C:\Users\Devon
  392. 2015-06-28 09:17 - 2013-08-23 00:44 - 00788408 _____ C:\Windows\system32\FNTCACHE.DAT
  393. 2015-06-26 14:34 - 2015-06-04 07:21 - 00003830 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1433366442
  394. 2015-06-26 14:34 - 2015-06-04 07:20 - 00001073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
  395. 2015-06-26 14:34 - 2015-06-04 07:19 - 00000000 ____D C:\Program Files (x86)\Opera
  396. 2015-06-24 19:01 - 2015-05-18 19:33 - 00002794 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
  397. 2015-06-24 16:54 - 2015-05-19 07:51 - 00003926 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{A508D528-DD0C-4B33-AD83-BA42A4DCE81D}
  398. 2015-06-24 16:53 - 2015-05-19 07:49 - 00000000 ___DO C:\Users\Devon\SkyDrive
  399. 2015-06-23 17:32 - 2015-06-04 18:20 - 00002213 _____ C:\Users\Public\Desktop\Google Chrome.lnk
  400. 2015-06-23 16:48 - 2015-06-05 22:42 - 00000000 ____D C:\ProgramData\EpsanDrive
  401. 2015-06-22 21:07 - 2015-06-04 19:12 - 00000000 ____D C:\Users\Devon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
  402. 2015-06-22 20:28 - 2015-06-04 19:13 - 00000000 ____D C:\Users\Devon\Documents\ArmAWork
  403. 2015-06-17 21:30 - 2015-05-19 07:41 - 00000000 ____D C:\Users\Devon\AppData\Local\Packages
  404. 2015-06-17 16:35 - 2015-05-18 21:44 - 00000000 ____D C:\ProgramData\Skype
  405. 2015-06-15 18:47 - 2015-05-18 21:46 - 00000000 ____D C:\Users\Devon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
  406. 2015-06-14 10:50 - 2015-06-04 18:19 - 00003856 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
  407. 2015-06-13 17:41 - 2015-05-25 19:43 - 00000000 ____D C:\Users\Devon\AppData\Local\Avg2015
  408. 2015-06-13 17:36 - 2015-06-05 22:43 - 00000000 ____D C:\Users\Devon\AppData\Local\03000200-1433544217-0500-0006-000700080009
  409. 2015-06-12 20:05 - 2013-08-23 01:36 - 00000000 ____D C:\Windows\system32\NDF
  410. 2015-06-12 11:25 - 2015-05-20 06:35 - 00000000 ____D C:\Users\Devon\Documents\Arma 3
  411. 2015-06-10 13:56 - 2015-06-04 19:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
  412. 2015-06-10 12:16 - 2015-05-20 06:34 - 00000000 ____D C:\Users\Devon\AppData\Local\Arma 3 Launcher
  413. 2015-06-10 12:10 - 2015-05-20 06:35 - 00000000 ____D C:\Users\Devon\AppData\Local\Arma 3
  414. 2015-06-09 21:19 - 2015-06-01 07:25 - 00000000 ____D C:\Users\Devon\Desktop\Season 6
  415. 2015-06-09 13:46 - 2015-06-05 22:34 - 00000000 ____D C:\Program Files (x86)\InstallShield Installation Information
  416. 2015-06-09 13:45 - 2015-06-05 22:28 - 00000000 ____D C:\Users\Devon\AppData\Local\Downloaded Installations
  417. 2015-06-09 13:43 - 2015-06-05 22:42 - 00000000 ____D C:\Users\Devon\AppData\Roaming\03000200-1433508174-0500-0006-000700080009
  418. 2015-06-08 22:57 - 2015-06-05 22:51 - 00000000 ____D C:\Users\Devon\Downloads\Odin-V3.07.sfx
  419. 2015-06-06 09:24 - 2015-06-05 22:42 - 00000000 ____D C:\Users\Devon\AppData\Roaming\VOPackage
  420. 2015-06-06 09:24 - 2015-05-25 19:44 - 00000000 ____D C:\ProgramData\AVG2015
  421.  
  422. ==================== Files in the root of some directories =======
  423.  
  424. 2015-06-05 22:52 - 2015-06-05 22:52 - 0260876 _____ (VuuPC Limited) C:\Users\Devon\AppData\Local\nsh4920.tmp
  425. 2015-05-28 18:11 - 2015-05-28 18:11 - 0013767 _____ () C:\Users\Devon\AppData\Local\recently-used.xbel
  426. 2015-06-22 20:12 - 2015-06-22 20:12 - 0000003 _____ () C:\Users\Devon\AppData\Local\updater.log
  427. 2015-06-22 20:12 - 2015-06-22 20:12 - 0000424 _____ () C:\Users\Devon\AppData\Local\UserProducts.xml
  428. 2015-06-10 01:00 - 2015-06-13 01:02 - 0000112 _____ () C:\ProgramData\D2w5dYxp7.dat
  429.  
  430. Files to move or delete:
  431. ====================
  432. C:\ProgramData\D2w5dYxp7.dat
  433. C:\Users\Devon\ent_ikov_preferences.dat
  434.  
  435.  
  436. Some files in TEMP:
  437. ====================
  438. C:\Users\Devon\AppData\Local\Temp\i4jdel0.exe
  439.  
  440.  
  441. ==================== Bamital & volsnap Check =================
  442.  
  443. (There is no automatic fix for files that do not pass verification.)
  444.  
  445. C:\Windows\System32\winlogon.exe => File is digitally signed
  446. C:\Windows\System32\wininit.exe => File is digitally signed
  447. C:\Windows\explorer.exe => File is digitally signed
  448. C:\Windows\SysWOW64\explorer.exe => File is digitally signed
  449. C:\Windows\System32\svchost.exe => File is digitally signed
  450. C:\Windows\SysWOW64\svchost.exe => File is digitally signed
  451. C:\Windows\System32\services.exe => File is digitally signed
  452. C:\Windows\System32\User32.dll => File is digitally signed
  453. C:\Windows\SysWOW64\User32.dll => File is digitally signed
  454. C:\Windows\System32\userinit.exe => File is digitally signed
  455. C:\Windows\SysWOW64\userinit.exe => File is digitally signed
  456. C:\Windows\System32\rpcss.dll => File is digitally signed
  457. C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
  458.  
  459.  
  460. LastRegBack: 2015-07-01 04:45
  461.  
  462. ==================== End of log ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!