Jump to content

Possible JRat


Recommended Posts

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:08-06-2015

Ran by EfeAkca (administrator) on EFEAKCA-PC on 11-06-2015 11:24:50

Running from C:\Users\EfeAkca\Downloads

Loaded Profiles: EfeAkca &  (Available Profiles: EfeAkca)

Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)

Internet Explorer Version 8 (Default browser: Chrome)

Boot Mode: Normal


 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(Enigma Software Group USA, LLC.) C:\Program Files (x86)\Enigma Software Group\SpyHunter\SH4Service.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

(Apple Inc.) C:\Program Files\Boot Camp\Bootcamp.exe

(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe

(Microsoft Corporation) C:\Program Files (x86)\Windows Sidebar\sidebar.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

() C:\Windows\System32\AppleOSSMgr.exe

(Apple Inc.) C:\Windows\System32\AppleTimeSrv.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Steganos Software GmbH) C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe

() C:\Windows\SysWOW64\PnkBstrA.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

 

 

==================== Registry (Whitelisted) ==================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [Apple_KbdMgr] => C:\Program Files\Boot Camp\Bootcamp.exe [746816 2014-02-06] (Apple Inc.)

HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [12697368 2014-10-14] (Logitech Inc.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-08] (NVIDIA Corporation)

HKLM\...\Run: [shadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)

HKLM-x32\...\Run: [uSB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-02-01] (Intel Corporation)

HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [705840 2015-06-09] (Avira Operations GmbH & Co. KG)

HKLM-x32\...\runonceex: [blueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [855768 2015-03-11] (BlueStack Systems, Inc.)

HKU\S-1-5-21-2254829322-3966917860-1990833790-1000\...\Run: [uTorrent] => "C:\Users\EfeAkca\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED

HKU\S-1-5-21-2254829322-3966917860-1990833790-1000\...\Run: [OKAYFREEDOM_Agent] => C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe [6590888 2015-05-08] (Steganos Software GmbH)

HKU\S-1-5-21-2254829322-3966917860-1990833790-1000\...\Run: [com.Main14340094119341118526478865022266.jar] => C:\Users\EfeAkca\com.Main14340094119341118526478865022266.jar [3338229 2015-06-11] ()

HKU\S-1-5-21-2254829322-3966917860-1990833790-1000\...\Run: [com.Main14340094219387871963471319506952.jar] => C:\Users\EfeAkca\com.Main14340094219387871963471319506952.jar [3338229 2015-06-11] ()

HKU\S-1-5-21-2254829322-3966917860-1990833790-1000\...\Run: [com.Main14340094351148088098779149798754.jar] => C:\Users\EfeAkca\com.Main14340094351148088098779149798754.jar [3338229 2015-06-11] ()

HKU\S-1-5-21-2254829322-3966917860-1990833790-1000\...\Run: [com.Main14340096790503578776154093216753.jar] => C:\Users\EfeAkca\com.Main14340096790503578776154093216753.jar [3338229 2015-06-11] ()

HKU\S-1-5-21-2254829322-3966917860-1990833790-1000\...\Run: [com.Main14340097112079057563348047471746.jar] => C:\Users\EfeAkca\com.Main14340097112079057563348047471746.jar [3338229 2015-06-11] ()

HKU\S-1-5-21-2254829322-3966917860-1990833790-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [uTorrent] => "C:\Users\EfeAkca\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED

HKU\S-1-5-21-2254829322-3966917860-1990833790-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [OKAYFREEDOM_Agent] => C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe [6590888 2015-05-08] (Steganos Software GmbH)

HKU\S-1-5-21-2254829322-3966917860-1990833790-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [com.Main14340094119341118526478865022266.jar] => C:\Users\EfeAkca\com.Main14340094119341118526478865022266.jar [3338229 2015-06-11] ()

HKU\S-1-5-21-2254829322-3966917860-1990833790-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [com.Main14340094219387871963471319506952.jar] => C:\Users\EfeAkca\com.Main14340094219387871963471319506952.jar [3338229 2015-06-11] ()

HKU\S-1-5-21-2254829322-3966917860-1990833790-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [com.Main14340094351148088098779149798754.jar] => C:\Users\EfeAkca\com.Main14340094351148088098779149798754.jar [3338229 2015-06-11] ()

HKU\S-1-5-21-2254829322-3966917860-1990833790-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [com.Main14340096790503578776154093216753.jar] => C:\Users\EfeAkca\com.Main14340096790503578776154093216753.jar [3338229 2015-06-11] ()

HKU\S-1-5-21-2254829322-3966917860-1990833790-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [com.Main14340097112079057563348047471746.jar] => C:\Users\EfeAkca\com.Main14340097112079057563348047471746.jar [3338229 2015-06-11] ()

Startup: C:\Users\EfeAkca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\1434009412999-com.Main14340094119341118526478865022266.jar [2015-06-11] ()

Startup: C:\Users\EfeAkca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\1434009414901-com.Main14340094119341118526478865022266.jar [2015-06-11] ()

Startup: C:\Users\EfeAkca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\1434009422367-com.Main14340094219387871963471319506952.jar [2015-06-11] ()

Startup: C:\Users\EfeAkca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\1434009422675-com.Main14340094219387871963471319506952.jar [2015-06-11] ()

Startup: C:\Users\EfeAkca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\1434009435620-com.Main14340094351148088098779149798754.jar [2015-06-11] ()

Startup: C:\Users\EfeAkca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\1434009435902-com.Main14340094351148088098779149798754.jar [2015-06-11] ()

Startup: C:\Users\EfeAkca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\1434009679659-com.Main14340096790503578776154093216753.jar [2015-06-11] ()

Startup: C:\Users\EfeAkca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\1434009679944-com.Main14340096790503578776154093216753.jar [2015-06-11] ()

Startup: C:\Users\EfeAkca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\1434009711694-com.Main14340097112079057563348047471746.jar [2015-06-11] ()

Startup: C:\Users\EfeAkca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\1434009711999-com.Main14340097112079057563348047471746.jar [2015-06-11] ()

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-26] (Oracle Corporation)

BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-26] (Oracle Corporation)

BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-26] (Oracle Corporation)

BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-26] (Oracle Corporation)

Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)

Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)

Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)

Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

Tcpip\..\Interfaces\{17302B53-A57E-47BC-9D82-E1581B503F74}: [NameServer] 209.244.0.3,209.244.0.4

Tcpip\..\Interfaces\{4583690C-3201-40CA-B26A-C20C3CC967D4}: [NameServer] 209.244.0.3,209.244.0.4

 

FireFox:

========

FF Plugin: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelogx64.dll [2015-04-23] (EA Digital Illusions CE AB)

FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-26] (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-26] (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()

FF Plugin-x32: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelog.dll [2015-04-23] (EA Digital Illusions CE AB)

FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-26] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-26] (Oracle Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)

FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll [2015-04-02] (Nexon)

FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-04-08] (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-04-08] (NVIDIA Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)

FF Plugin HKU\S-1-5-21-2254829322-3966917860-1990833790-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\EfeAkca\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-03-27] (Unity Technologies ApS)

FF Plugin HKU\S-1-5-21-2254829322-3966917860-1990833790-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\EfeAkca\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-03-27] (Unity Technologies ApS)

 

Chrome: 

=======

CHR Profile: C:\Users\EfeAkca\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (OkayFreedom) - C:\Users\EfeAkca\AppData\Local\Google\Chrome\User Data\Default\Extensions\bckipplcmnfhblnpibpbehenelnkpecd [2015-05-24]

CHR Extension: (Agar.io Mods) - C:\Users\EfeAkca\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmofencpfjfladdmoiflekmblmhflbkp [2015-06-07]

CHR Extension: (Adblock Plus) - C:\Users\EfeAkca\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-05-24]

CHR Extension: (Tampermonkey) - C:\Users\EfeAkca\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-05-25]

CHR Extension: (Google Wallet) - C:\Users\EfeAkca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-03]

CHR Extension: (AdF.ly Skipper ★WORKING★) - C:\Users\EfeAkca\AppData\Local\Google\Chrome\User Data\Default\Extensions\obnfifcganohemahpomajbhocfkdgmjb [2015-06-04]

 

==================== Services (Whitelisted) =================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

S2 AntiVirFirewallService; C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe [1044728 2015-06-09] (Avira Operations GmbH & Co. KG)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [806192 2015-06-09] (Avira Operations GmbH & Co. KG)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [448304 2015-06-09] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [448304 2015-06-09] (Avira Operations GmbH & Co. KG)

S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [996600 2015-06-09] (Avira Operations GmbH & Co. KG)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)

R2 AppleOSSMgr; C:\Windows\system32\AppleOSSMgr.exe [226112 2014-02-06] ()

S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [392192 2015-03-13] (BlueStack Systems, Inc.) [File not signed]

R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [388824 2015-03-11] (BlueStack Systems, Inc.)

R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [794328 2015-03-11] (BlueStack Systems, Inc.)

R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-08] (NVIDIA Corporation)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)

R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1884304 2015-05-08] (NVIDIA Corporation)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22997648 2015-05-08] (NVIDIA Corporation)

R2 OkayFreedom VPN Starter Service; C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe [330168 2015-05-08] (Steganos Software GmbH)

S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1997168 2015-06-02] (Electronic Arts)

R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-06-06] ()

R2 SpyHunter 4 Service; C:\Program Files (x86)\Enigma Software Group\SpyHunter\SH4Service.exe [770432 2014-01-09] (Enigma Software Group USA, LLC.)

S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [762320 2014-11-04] (Tunngle.net GmbH)

S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

S2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [X]

 

==================== Drivers (Whitelisted) ====================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

R3 applebmt; C:\Windows\System32\DRIVERS\applebmt.sys [52736 2012-12-22] (Apple Inc.)

R3 avfwim; C:\Windows\System32\DRIVERS\avfwim.sys [114608 2014-11-24] (Avira GmbH)

R1 avfwot; C:\Windows\System32\DRIVERS\avfwot.sys [141376 2014-11-24] (Avira GmbH)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [153256 2015-06-09] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132656 2015-06-09] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-11-24] (Avira Operations GmbH & Co. KG)

R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-05] (Avira Operations GmbH & Co. KG)

R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2015-03-11] (BlueStack Systems)

S3 CM_VENDER_CMD; C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys [17104 2014-07-31] (Windows ® Win 7 DDK provider)

R3 esgiguard; C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [14872 2014-01-07] ()

S3 EsgScanner; C:\Windows\SysWOW64\DRIVERS\EsgScanner.sys [19984 2012-06-22] ()

R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)

R3 LGSUsbFilt; C:\Windows\System32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-11] (Malwarebytes Corporation)

R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)

R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2014-01-31] (Intel Corporation)

R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-08] (NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)

R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)

S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2015-02-04] (Anchorfree Inc.)

S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

S3 VGPU; System32\drivers\rdvgkmd.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

 

==================== One Month Created files and folders ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2015-06-11 11:24 - 2015-06-11 11:25 - 00021663 _____ C:\Users\EfeAkca\Downloads\FRST.txt

2015-06-11 11:24 - 2015-06-11 11:24 - 00000000 ____D C:\FRST

2015-06-11 11:13 - 2015-06-11 11:13 - 02108928 _____ (Farbar) C:\Users\EfeAkca\Downloads\FRST64.exe

2015-06-11 11:12 - 2015-06-11 11:12 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2015-06-11 11:12 - 2015-06-11 11:12 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2015-06-11 11:12 - 2015-06-11 11:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2015-06-11 11:12 - 2015-06-11 11:12 - 00000000 ____D C:\ProgramData\Malwarebytes

2015-06-11 11:12 - 2015-06-11 11:12 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware

2015-06-11 11:12 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2015-06-11 11:12 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2015-06-11 11:12 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2015-06-11 11:11 - 2015-06-11 11:11 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\EfeAkca\Downloads\mbam-setup-2.1.6.1022.exe

2015-06-11 11:01 - 2015-06-11 11:01 - 03338229 _____ C:\Users\EfeAkca\com.Main14340097112079057563348047471746.jar

2015-06-11 11:01 - 2015-06-11 11:01 - 03338229 _____ C:\Users\EfeAkca\com.Main14340096790503578776154093216753.jar

2015-06-11 10:57 - 2015-06-11 10:57 - 03338229 _____ C:\Users\EfeAkca\com.Main14340094351148088098779149798754.jar

2015-06-11 10:57 - 2015-06-11 10:57 - 03338229 _____ C:\Users\EfeAkca\com.Main14340094219387871963471319506952.jar

2015-06-11 10:56 - 2015-06-11 11:01 - 00000000 ____D C:\Users\EfeAkca\osc_files

2015-06-11 10:56 - 2015-06-11 10:56 - 03338229 _____ C:\Users\EfeAkca\com.Main14340094119341118526478865022266.jar

2015-06-11 10:52 - 2015-06-11 10:52 - 06200902 _____ C:\Users\EfeAkca\Downloads\Flare 3.3 Cracked by Saladman.rar

2015-06-11 09:38 - 2011-06-20 21:47 - 00083017 _____ C:\Users\EfeAkca\Desktop\10k most common.txt

2015-06-11 09:37 - 2015-06-11 09:37 - 00039416 _____ C:\Users\EfeAkca\Downloads\10kmostcommon.txt.gz

2015-06-10 17:54 - 2015-06-10 17:54 - 00000000 ____D C:\Users\EfeAkca\Documents\SimCity

2015-06-09 22:45 - 2015-06-09 22:45 - 00001283 _____ C:\Users\Public\Desktop\SimCity™.lnk

2015-06-09 22:45 - 2015-06-09 22:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimCity™

2015-06-09 21:55 - 2015-06-09 21:57 - 29415386 _____ C:\Users\EfeAkca\Downloads\_b_IsmetRG_Pack_v5.zip

2015-06-09 20:02 - 2015-06-09 20:03 - 09449054 _____ C:\Users\EfeAkca\Downloads\wolfram-3.0.3.zip

2015-06-09 16:07 - 2015-03-17 00:39 - 00007095 _____ C:\Users\EfeAkca\Downloads\SkinFix-1.0.jar

2015-06-09 11:49 - 2015-06-09 11:50 - 05950663 _____ C:\Users\EfeAkca\Downloads\Wurst 1.3.1.zip

2015-06-09 11:25 - 2015-06-09 11:44 - 00000000 ____D C:\Users\EfeAkca\Documents\Updated_MC_Crack_Pack

2015-06-09 11:25 - 2015-06-09 11:25 - 01861273 _____ C:\Users\EfeAkca\Documents\Updated_MC_Crack_Pack.rar

2015-06-09 11:03 - 2015-06-09 11:03 - 12872596 _____ C:\Users\EfeAkca\Downloads\Wurst-Client-v1.14.1.zip

2015-06-09 10:37 - 2015-06-09 10:37 - 00000000 ____D C:\Program Files\Common Files\AV

2015-06-08 18:29 - 2015-06-08 18:32 - 00000065 _____ C:\Users\EfeAkca\Desktop\leakforums.txt

2015-06-08 09:41 - 2015-06-08 09:57 - 687600021 _____ C:\Users\EfeAkca\Downloads\ceta.bes.duzgunilac.EK-SpAwN.rar

2015-06-07 20:46 - 2015-06-07 20:46 - 00000000 ____D C:\Users\EfeAkca\AppData\Local\CEF

2015-06-07 20:43 - 2015-06-07 20:47 - 00000000 ____D C:\Users\EfeAkca\Desktop\fivem

2015-06-07 20:43 - 2015-06-07 20:42 - 00416521 _____ C:\Users\EfeAkca\Desktop\fivem.zip

2015-06-07 15:47 - 2015-06-07 15:47 - 09454704 _____ C:\Users\EfeAkca\Downloads\wolfram-3.0.1.zip

2015-06-06 13:49 - 2015-06-06 13:49 - 00000000 ____D C:\Users\EfeAkca\AppData\Roaming\Warner Bros. Interactive Entertainment

2015-06-06 13:48 - 2015-06-06 13:48 - 00000000 ____D C:\Users\EfeAkca\Downloads\LEGO.Worlds.Early.Access-ALI213

2015-06-06 12:21 - 2015-06-06 12:22 - 00356864 _____ C:\Users\EfeAkca\Desktop\Minecraft.exe

2015-06-06 10:44 - 2015-06-07 23:12 - 00348672 _____ C:\Windows\SysWOW64\PnkBstrB.xtr

2015-06-06 10:44 - 2015-06-06 10:44 - 00000000 ____D C:\Users\EfeAkca\Documents\Battlefield 3

2015-06-06 10:44 - 2015-06-06 10:44 - 00000000 ____D C:\Users\EfeAkca\AppData\Local\PunkBuster

2015-06-06 10:40 - 2015-06-06 10:40 - 00000000 ____D C:\Users\EfeAkca\AppData\Local\ESN

2015-06-06 10:38 - 2015-06-06 10:38 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins

2015-06-06 10:37 - 2015-06-06 10:37 - 00000000 ____D C:\ProgramData\EA Core

2015-06-06 09:52 - 2015-06-09 11:22 - 00000000 ____D C:\Users\EfeAkca\Documents\mc check

2015-06-06 06:25 - 2015-06-06 06:25 - 00001181 _____ C:\Users\Public\Desktop\Battlefield 3.lnk

2015-06-06 06:25 - 2015-06-06 06:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3

2015-06-06 06:24 - 2015-06-07 23:12 - 00348672 _____ C:\Windows\SysWOW64\PnkBstrB.exe

2015-06-06 06:24 - 2015-06-07 23:11 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.ex0

2015-06-06 06:24 - 2015-06-06 10:51 - 00076152 _____ C:\Windows\SysWOW64\PnkBstrA.exe

2015-06-05 11:39 - 2015-06-05 11:39 - 07844058 _____ C:\Users\EfeAkca\Downloads\1.8-Flare_3.2.zip

2015-06-05 11:08 - 2015-06-05 11:08 - 07672409 _____ C:\Users\EfeAkca\Downloads\1.8-Flare_3.1_cracked.7z

2015-06-04 19:05 - 2015-06-04 19:06 - 33490026 _____ C:\Users\EfeAkca\Downloads\Plugins.zip

2015-05-31 14:13 - 2015-05-31 14:13 - 00002450 _____ C:\Users\Public\Desktop\Life is Strange.lnk

2015-05-31 14:13 - 2015-05-31 14:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Life is Strange

2015-05-31 14:04 - 2015-05-31 14:04 - 00000000 ____D C:\Program Files (x86)\R.G. Freedom

2015-05-30 13:40 - 2015-05-30 13:40 - 00006670 _____ C:\Users\EfeAkca\Desktop\AccountChecker.jar

2015-05-29 15:03 - 2015-06-09 21:40 - 00000000 ____D C:\Program Files (x86)\Origin Games

2015-05-29 15:02 - 2015-06-06 06:25 - 00000000 ____D C:\Users\EfeAkca\AppData\Local\Origin

2015-05-29 15:02 - 2015-06-04 17:38 - 00000000 ____D C:\Users\EfeAkca\AppData\Roaming\Origin

2015-05-29 14:56 - 2015-06-10 17:54 - 00000000 ____D C:\ProgramData\Origin

2015-05-29 14:56 - 2015-06-06 10:37 - 00000000 ____D C:\ProgramData\Electronic Arts

2015-05-29 14:56 - 2015-06-02 15:52 - 00000000 ____D C:\Program Files (x86)\Origin

2015-05-29 14:56 - 2015-05-29 14:56 - 00000990 _____ C:\Users\Public\Desktop\Origin.lnk

2015-05-29 14:56 - 2015-05-29 14:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin

2015-05-29 11:18 - 2015-05-29 11:18 - 00000000 ____D C:\Users\EfeAkca\AppData\Local\secrethq

2015-05-29 11:16 - 2015-05-29 11:16 - 00001018 _____ C:\Users\Public\Desktop\Buildbox.lnk

2015-05-29 11:16 - 2015-05-29 11:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Buildbox

2015-05-29 11:16 - 2015-05-29 11:16 - 00000000 ____D C:\Program Files (x86)\Buildbox

2015-05-27 21:03 - 2015-05-27 21:03 - 00000222 _____ C:\Users\EfeAkca\Desktop\Space Hack.url

2015-05-25 17:58 - 2015-05-30 11:35 - 00000387 _____ C:\Users\EfeAkca\Desktop\beleş pre.txt

2015-05-25 14:15 - 2015-05-25 14:31 - 00000000 ____D C:\Users\EfeAkca\AppData\Roaming\Apple Computer

2015-05-25 14:15 - 2015-05-25 14:15 - 00001760 _____ C:\Users\Public\Desktop\iTunes.lnk

2015-05-25 14:15 - 2015-05-25 14:15 - 00000000 ____D C:\Users\EfeAkca\AppData\Local\Apple Computer

2015-05-25 14:15 - 2015-05-25 14:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2015-05-25 14:15 - 2012-10-03 16:14 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys

2015-05-25 14:14 - 2015-05-25 14:15 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7

2015-05-25 14:14 - 2015-05-25 14:15 - 00000000 ____D C:\Program Files\iTunes

2015-05-25 14:14 - 2015-05-25 14:14 - 00000000 ____D C:\ProgramData\Apple Computer

2015-05-25 14:14 - 2015-05-25 14:14 - 00000000 ____D C:\Program Files\iPod

2015-05-25 14:14 - 2015-05-25 14:14 - 00000000 ____D C:\Program Files (x86)\iTunes

2015-05-25 14:13 - 2015-05-25 14:13 - 00000000 ____D C:\Program Files\Bonjour

2015-05-25 14:13 - 2015-05-25 14:13 - 00000000 ____D C:\Program Files (x86)\Bonjour

2015-05-25 12:34 - 2015-05-25 12:34 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_netaapl64_01009.Wdf

2015-05-25 12:32 - 2015-05-25 14:14 - 00000000 ____D C:\Program Files\Common Files\Apple

2015-05-25 12:29 - 2015-06-11 11:01 - 00000322 _____ C:\Windows\Tasks\iToolsDaemon.job

2015-05-25 12:29 - 2015-05-25 12:35 - 00000000 ____D C:\Program Files (x86)\ThinkSky

2015-05-25 12:29 - 2015-05-25 12:29 - 00003304 _____ C:\Windows\System32\Tasks\iToolsDaemon

2015-05-25 12:29 - 2015-05-25 12:29 - 00000000 ____D C:\ProgramData\ThinkSky

2015-05-25 12:11 - 2015-05-25 12:11 - 00000000 _____ C:\Users\EfeAkca\Desktop\VPN IPleri.txt

2015-05-25 12:02 - 2015-05-29 15:46 - 00015552 _____ C:\Users\EfeAkca\Desktop\originhesap.txt

2015-05-24 15:14 - 2015-05-24 15:14 - 00001140 _____ C:\Users\Public\Desktop\OkayFreedom.lnk

2015-05-24 15:13 - 2015-05-24 15:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OkayFreedom

2015-05-24 15:13 - 2015-05-24 15:13 - 00000000 ____D C:\Users\EfeAkca\AppData\Roaming\Steganos Updates

2015-05-24 15:12 - 2015-06-11 09:36 - 00000000 ____D C:\Users\EfeAkca\AppData\Roaming\Steganos VPN

2015-05-24 15:12 - 2015-05-25 20:44 - 00000000 ____D C:\Users\EfeAkca\AppData\Roaming\Steganos

2015-05-24 15:12 - 2015-05-24 15:14 - 00000000 ____D C:\Program Files (x86)\OkayFreedom

2015-05-24 15:05 - 2015-05-24 15:05 - 00000000 ____D C:\Users\EfeAkca\AppData\Roaming\SuperHideIP

2015-05-24 15:05 - 2015-05-24 15:05 - 00000000 ____D C:\ProgramData\SuperHideIP

2015-05-24 13:35 - 2015-05-24 13:35 - 00000000 ____D C:\Users\EfeAkca\AppData\Local\Geckofx

2015-05-24 13:09 - 2015-05-24 15:01 - 00000000 ____D C:\Program Files\CyberGhost 5

2015-05-24 13:09 - 2015-05-24 13:11 - 00000000 ____D C:\Program Files\TAP-Windows

2015-05-21 16:08 - 2015-05-21 16:08 - 00000901 _____ C:\Users\EfeAkca\Desktop\server.properties

2015-05-21 14:46 - 2015-05-21 14:47 - 21145877 _____ C:\Users\EfeAkca\Desktop\Hotspot.Shield.4.15.1.rar

2015-05-19 20:53 - 2015-05-19 20:53 - 551780983 _____ C:\Windows\MEMORY.DMP

2015-05-19 20:45 - 2015-05-19 20:48 - 00000000 ____D C:\Users\EfeAkca\AppData\Roaming\.technic

2015-05-19 20:45 - 2015-05-19 20:44 - 04697768 _____ () C:\Users\EfeAkca\Desktop\TechnicLauncher.exe

2015-05-19 20:42 - 2015-05-19 20:42 - 00000000 ____D C:\Program Files\Echobit

2015-05-19 20:41 - 2015-05-19 20:41 - 00000000 ____D C:\Users\EfeAkca\AppData\Local\Echobit

2015-05-19 20:41 - 2015-05-19 20:41 - 00000000 ____D C:\ProgramData\Echobit

2015-05-19 20:39 - 2015-05-19 20:40 - 00000000 ____D C:\Users\EfeAkca\AppData\Roaming\skyz

2015-05-19 20:38 - 2015-05-19 20:38 - 00000000 ____D C:\Users\EfeAkca\Desktop\Herobrine Mod Installer 1.7.2

2015-05-19 20:38 - 2015-05-19 20:38 - 00000000 ____D C:\Users\EfeAkca\Desktop\Base Defense Mod Installer 1.7.2

2015-05-19 20:38 - 2015-05-19 20:35 - 00588670 _____ C:\Users\EfeAkca\Desktop\Base Defense Mod Installer 1.7.2.zip

2015-05-15 19:28 - 2015-05-15 19:28 - 00021769 _____ C:\Users\EfeAkca\Desktop\OpenSpadesCrash2537590.dmp

2015-05-13 13:33 - 2015-06-07 20:52 - 00000000 ____D C:\Users\EfeAkca\AppData\Roaming\CitizenFX

 

==================== One Month Modified files and folders ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2015-06-11 11:09 - 2015-01-03 12:52 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2015-06-11 11:01 - 2015-01-03 10:37 - 00000000 ____D C:\Users\EfeAkca

2015-06-11 10:56 - 2015-01-03 13:40 - 00000000 ____D C:\Users\EfeAkca\AppData\Roaming\.minecraft

2015-06-11 10:50 - 2015-01-03 13:07 - 00000000 ____D C:\Users\EfeAkca\AppData\Roaming\Skype

2015-06-11 10:46 - 2015-01-03 20:32 - 00688429 _____ C:\Windows\WindowsUpdate.log

2015-06-11 10:46 - 2015-01-03 12:52 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2015-06-11 09:15 - 2009-07-14 07:45 - 00029168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2015-06-11 09:15 - 2009-07-14 07:45 - 00029168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2015-06-11 09:07 - 2009-07-14 07:51 - 00060550 _____ C:\Windows\setupact.log

2015-06-11 09:06 - 2015-01-03 10:41 - 00000000 ____D C:\ProgramData\NVIDIA

2015-06-11 09:06 - 2009-07-14 08:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2015-06-10 22:52 - 2015-02-02 17:09 - 00000000 ____D C:\Users\EfeAkca\AppData\Roaming\TS3Client

2015-06-09 22:45 - 2009-07-14 08:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games

2015-06-09 10:33 - 2015-01-31 12:24 - 00153256 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys

2015-06-09 10:33 - 2015-01-31 12:24 - 00132656 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys

2015-06-06 06:23 - 2015-01-10 13:36 - 00046608 _____ C:\Windows\DirectX.log

2015-06-04 18:16 - 2015-01-03 13:07 - 00000000 ____D C:\ProgramData\Skype

2015-06-02 18:18 - 2015-01-03 19:29 - 00000000 ____D C:\Program Files (x86)\Steam

2015-05-30 11:57 - 2015-03-15 18:01 - 00000500 _____ C:\Users\EfeAkca\Desktop\accounts.wolfram

2015-05-30 07:42 - 2010-11-21 06:47 - 00771436 _____ C:\Windows\PFRO.log

2015-05-29 14:56 - 2009-07-14 06:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared

2015-05-27 21:03 - 2015-02-03 14:10 - 00000000 ____D C:\Users\EfeAkca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam

2015-05-27 20:40 - 2015-01-16 22:45 - 00000000 ____D C:\Users\EfeAkca\AppData\Roaming\OBS

2015-05-26 21:26 - 2015-01-25 11:06 - 00000000 ____D C:\Users\EfeAkca\AppData\Roaming\vlc

2015-05-25 17:55 - 2015-02-06 18:58 - 00000000 ____D C:\Users\EfeAkca\AppData\Roaming\FileZilla

2015-05-25 14:12 - 2015-01-03 10:39 - 00000000 ____D C:\ProgramData\Apple

2015-05-20 08:28 - 2009-07-14 08:13 - 00779724 _____ C:\Windows\system32\PerfStringBackup.INI

2015-05-19 21:17 - 2015-04-02 19:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon

2015-05-19 21:17 - 2015-04-02 19:55 - 00000000 ____D C:\Nexon

2015-05-18 10:04 - 2015-01-03 12:52 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2015-05-18 10:04 - 2015-01-03 12:52 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2015-05-17 10:40 - 2015-01-16 22:44 - 00000000 ____D C:\Program Files\OBS

2015-05-17 10:37 - 2015-04-17 09:04 - 00000000 ____D C:\Program Files (x86)\Grand Theft Auto V

2015-05-17 10:10 - 2015-01-03 13:00 - 00771962 _____ C:\Windows\SysWOW64\PerfStringBackup.INI

 

==================== Files in the root of some directories =======

 

2015-02-06 19:03 - 2015-02-08 23:07 - 0000600 _____ () C:\Users\EfeAkca\AppData\Local\PUTTY.RND

2015-01-05 21:49 - 2015-01-05 21:51 - 0000368 _____ () C:\ProgramData\hpzinstall.log

 

Some files in TEMP:

====================

C:\Users\EfeAkca\AppData\Local\Temp\avgnt.exe

C:\Users\EfeAkca\AppData\Local\Temp\unins000.exe

 

 

==================== Bamital & volsnap Check =================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2015-06-05 09:33

 

==================== End of log ============================

Link to post
Share on other sites

  • Root Admin

2015-06-11 10:52 - 2015-06-11 10:52 - 06200902 _____ C:\Users\EfeAkca\Downloads\Flare 3.3 Cracked by Saladman.rar

2015-06-09 11:25 - 2015-06-09 11:44 - 00000000 ____D C:\Users\EfeAkca\Documents\Updated_MC_Crack_Pack
2015-06-09 11:25 - 2015-06-09 11:25 - 01861273 _____ C:\Users\EfeAkca\Documents\Updated_MC_Crack_Pack.rar
2015-06-05 11:39 - 2015-06-05 11:39 - 07844058 _____ C:\Users\EfeAkca\Downloads\1.8-Flare_3.2.zip
2015-06-05 11:08 - 2015-06-05 11:08 - 07672409 _____ C:\Users\EfeAkca\Downloads\1.8-Flare_3.1_cracked.7z
Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.