Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-01-2014 03 Ran by Asus (administrator) on ASUS-KOMPUTER on 18-01-2014 22:05:55 Running from C:\Users\Asus\Desktop Windows 7 Ultimate Service Pack 1 (X64) OS Language: Polish Internet Explorer Version 9 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (ATK) C:\Program Files\P4G\BatteryLife.exe (ASUS) C:\Program Files (x86)\ASUS\ASUS CopyProtect\ASPG.exe () C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe (ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe (ASUS) C:\Program Files\ASUS\Net4Switch\Net4Switch.exe (AlcorMicro Co., Ltd.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDECK.EXE (ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS) C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe () C:\Program Files\ATKGFNEX\GFNEXSrv.exe (ASUS) C:\Windows\AsScrPro.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe () C:\ProgramData\DatacardService\HWDeviceService64.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe () C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe () C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe (ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe (Microsoft Corporation) C:\Windows\System32\taskmgr.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE (Microsoft Corporation) C:\Windows\splwow64.exe (Microsoft Corporation) C:\Windows\System32\perfmon.exe (Microsoft Corporation) C:\Windows\System32\audiodg.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323072 2009-08-12] (AlcorMicro Co., Ltd.) HKLM\...\Run: [ETDWare] - C:\Program Files\Elantech\ETDCtrl.exe [617856 2009-07-30] (ELAN Microelectronic Corp.) HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2244096 2009-07-13] (VIA) HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS) HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [6859392 2009-08-17] (ASUS) HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [170624 2009-08-19] (ASUS) HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) Winlogon\Notify\igfxcui: C:\Windows\SYSTEM32\igfxdev.dll (Intel Corporation) HKU\Gość\...\Run: [Gadu-Gadu] - C:\Program Files (x86)\Gadu-Gadu\gg.exe [2127296 2008-03-20] (Gadu-Gadu S.A.) ==================== Internet (Whitelisted) ==================== SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: HKLM-x32 {25336921-03F9-11CF-8FD0-00AA00686F13} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4 Tcpip\..\Interfaces\{B4ABD38B-0C82-4443-830D-E477E6AEC4A8}: [NameServer]213.158.199.1 213.158.199.5 Chrome: ======= CHR Extension: (RealDownloader) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.0_1 [2014-01-16] CHR Extension: (Google Wallet) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0 [2014-01-16] CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2012-11-29] ==================== Services (Whitelisted) ================= R3 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-07] () R2 FastBootAgent; C:\Windows\system32\FBAgent.exe [356480 2009-08-21] (ASUSTeK Computer Inc.) R3 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] () S3 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [224096 2014-01-16] () R3 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R3 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 MSSQL$ELISOFT; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation) R3 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] () S3 spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [125496 2007-08-03] () ==================== Drivers (Whitelisted) ==================== R2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] () R0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [16512 2014-01-16] (Bytemobile, Inc.) S2 DgiVecp; C:\Windows\System32\Drivers\DgiVecp.sys [53816 2009-10-06] (Samsung Electronics Co., Ltd.) S2 DgiVecp; C:\Windows\SysWOW64\Drivers\DgiVecp.sys [41984 2004-05-17] (DeviceGuys, Inc.) R2 ghaio; C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [17464 2007-08-03] () S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [212992 2014-01-16] (Huawei Technologies Co., Ltd.) R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( ) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2010-07-16] (CACE Technologies, Inc.) S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [113704 2008-10-21] (MCCI Corporation) S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [19496 2008-10-21] (MCCI Corporation) S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [152616 2008-10-21] (MCCI Corporation) S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [133160 2008-10-21] (MCCI Corporation) S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [34856 2008-10-21] (MCCI Corporation) S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [128552 2008-10-21] (MCCI Corporation) S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [145960 2008-10-21] (MCCI Corporation) R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1800192 2009-08-20] () R0 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2012-06-07] (Duplex Secure Ltd.) R1 tcpipBM; C:\Windows\system32\drivers\tcpipBM.sys [39552 2014-01-16] (Bytemobile, Inc.) S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x] S3 tsusbhub; system32\drivers\tsusbhub.sys [x] S3 VGPU; System32\drivers\rdvgkmd.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-01-16 22:05 - 2014-01-16 22:05 - 00060694 _____ C:\Users\Asus\Desktop\otl.log 2014-01-16 21:56 - 2014-01-16 21:57 - 00002230 _____ C:\Users\Asus\Desktop\FSS.txt 2014-01-16 21:54 - 2014-01-16 21:55 - 00361185 _____ (Farbar) C:\Users\Asus\Desktop\FSS.exe 2014-01-16 21:16 - 2014-01-16 21:17 - 00448512 _____ (OldTimer Tools) C:\Users\Asus\Desktop\TFC.exe 2014-01-16 17:02 - 2014-01-16 20:55 - 00000597 _____ C:\Windows\system32\ServiceFilter.ini 2014-01-16 16:48 - 2014-01-18 22:05 - 00010331 _____ C:\Users\Asus\Desktop\FRST.txt 2014-01-16 16:48 - 2014-01-16 16:48 - 00039228 _____ C:\Users\Asus\Desktop\Addition.txt 2014-01-16 16:44 - 2014-01-16 16:45 - 02076160 _____ (Farbar) C:\Users\Asus\Desktop\FRST64.exe 2014-01-16 15:37 - 2014-01-16 16:54 - 00000000 ____D C:\FRST 2014-01-16 13:19 - 2014-01-16 13:19 - 00000000 ____D C:\Users\Public\Desktop\CC Support 2014-01-16 13:08 - 2009-07-14 02:39 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\Services.exe 2014-01-16 12:32 - 2014-01-16 12:32 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2014-01-16 12:32 - 2014-01-16 12:32 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2014-01-16 08:43 - 2014-01-16 08:43 - 00001203 _____ C:\Users\Public\Desktop\Internet Manager.lnk 2014-01-16 08:42 - 2014-01-16 08:41 - 01001472 _____ (DiBcom SA) C:\Windows\system32\Drivers\mod7700.sys 2014-01-16 08:42 - 2014-01-16 08:41 - 00724608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bmutil.dll 2014-01-16 08:42 - 2014-01-16 08:41 - 00415744 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbwwan.sys 2014-01-16 08:42 - 2014-01-16 08:41 - 00308352 _____ (Bytemobile, Inc.) C:\Windows\SysWOW64\bminstall.dll 2014-01-16 08:42 - 2014-01-16 08:41 - 00222464 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbmdm.sys 2014-01-16 08:42 - 2014-01-16 08:41 - 00212992 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juwwanecm.sys 2014-01-16 08:42 - 2014-01-16 08:41 - 00117248 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwusbdev.sys 2014-01-16 08:42 - 2014-01-16 08:41 - 00098816 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcacm.sys 2014-01-16 08:42 - 2014-01-16 08:41 - 00086016 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jubusenum.sys 2014-01-16 08:42 - 2014-01-16 08:41 - 00069632 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcecm.sys 2014-01-16 08:42 - 2014-01-16 08:41 - 00039552 _____ (Bytemobile, Inc.) C:\Windows\system32\Drivers\tcpipBM.sys 2014-01-16 08:42 - 2014-01-16 08:41 - 00032768 _____ (Huawei Tech. Co., Ltd.) C:\Windows\system32\Drivers\ewdcsc.sys 2014-01-16 08:42 - 2014-01-16 08:41 - 00028672 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juextctrl.sys 2014-01-16 08:42 - 2014-01-16 08:41 - 00022016 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwupgrade.sys 2014-01-16 08:42 - 2014-01-16 08:41 - 00016512 _____ (Bytemobile, Inc.) C:\Windows\system32\Drivers\BMLoad.sys 2014-01-16 08:42 - 2014-01-16 08:41 - 00013952 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbenumfilter.sys 2014-01-16 08:41 - 2014-01-16 08:41 - 00000000 ____D C:\Program Files (x86)\T-Mobile 2014-01-15 15:48 - 2014-01-15 15:48 - 00000000 ____D C:\Program Files (x86)\SAMSUNG 2014-01-15 15:44 - 2014-01-15 15:43 - 06628843 _____ (Samsung ) C:\Users\Asus\Downloads\SCX-4200_win98me.exe 2014-01-15 15:18 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-01-15 15:17 - 2014-01-15 15:17 - 00005175 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log 2014-01-15 15:17 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-01-15 15:17 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-01-15 15:17 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-01-15 08:11 - 2014-01-15 08:11 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ew_juextctrl_01007.Wdf 2014-01-15 08:11 - 2014-01-15 08:11 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf 2014-01-15 08:10 - 2014-01-16 08:41 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfCoInstaller01007.dll 2014-01-15 08:10 - 2014-01-15 08:10 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ew_jubusenum_01007.Wdf 2014-01-15 08:10 - 2014-01-15 08:10 - 00000000 ____D C:\ProgramData\Internet Manager 2014-01-15 08:09 - 2014-01-16 08:45 - 00000000 ____D C:\ProgramData\DatacardService 2014-01-15 08:09 - 2014-01-15 08:09 - 00000000 ____D C:\Users\Asus\AppData\Roaming\T-Mobile 2014-01-10 23:03 - 2014-01-10 23:03 - 00000000 ____D C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup 2014-01-06 20:23 - 2014-01-06 20:23 - 04558848 _____ (Google Inc.) C:\Windows\SysWOW64\GPhotos.scr 2014-01-01 08:36 - 2014-01-16 21:36 - 00003096 _____ C:\Windows\System32\Tasks\AIRecoveryRemind 2013-12-26 12:22 - 2013-12-26 12:23 - 08622080 _____ C:\Users\Gość\Downloads\DrukiGofin_2.1.8.0_n.msi 2013-12-22 18:13 - 2013-12-22 18:13 - 00000000 ____D C:\Users\Asus\Documents\Sony ==================== One Month Modified Files and Folders ======= 2014-01-18 22:06 - 2014-01-16 16:48 - 00010331 _____ C:\Users\Asus\Desktop\FRST.txt 2014-01-18 22:01 - 2013-12-01 15:28 - 01631013 _____ C:\Windows\WindowsUpdate.log 2014-01-18 22:01 - 2012-10-30 10:28 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-01-18 22:01 - 2010-10-01 09:55 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-01-18 16:34 - 2009-07-14 05:45 - 00010240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-01-18 16:34 - 2009-07-14 05:45 - 00010240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-01-18 16:27 - 2010-10-01 09:55 - 00001040 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-01-18 11:37 - 2013-10-27 12:11 - 00003178 _____ C:\Windows\System32\Tasks\P4GIntlCtrl 2014-01-18 11:37 - 2013-09-25 10:28 - 00003114 _____ C:\Windows\System32\Tasks\P4G Sidebar 2014-01-17 22:57 - 2013-02-12 21:46 - 00002151 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2014-01-16 22:05 - 2014-01-16 22:05 - 00060694 _____ C:\Users\Asus\Desktop\otl.log 2014-01-16 21:57 - 2014-01-16 21:56 - 00002230 _____ C:\Users\Asus\Desktop\FSS.txt 2014-01-16 21:55 - 2014-01-16 21:54 - 00361185 _____ (Farbar) C:\Users\Asus\Desktop\FSS.exe 2014-01-16 21:37 - 2010-09-28 11:24 - 00002866 _____ C:\Windows\System32\Tasks\Net4Switch 2014-01-16 21:36 - 2014-01-01 08:36 - 00003096 _____ C:\Windows\System32\Tasks\AIRecoveryRemind 2014-01-16 21:35 - 2010-09-28 11:25 - 00003094 _____ C:\Windows\System32\Tasks\WC3 2014-01-16 21:35 - 2010-09-28 11:25 - 00003072 _____ C:\Windows\System32\Tasks\ACMON 2014-01-16 21:35 - 2010-09-28 11:22 - 00003006 _____ C:\Windows\System32\Tasks\ASUS Live Update 2014-01-16 21:34 - 2013-12-08 14:59 - 00032714 _____ C:\Windows\setupact.log 2014-01-16 21:34 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2014-01-16 21:27 - 2011-01-06 17:10 - 00045056 _____ C:\Windows\system32\acovcnt.exe 2014-01-16 21:17 - 2014-01-16 21:16 - 00448512 _____ (OldTimer Tools) C:\Users\Asus\Desktop\TFC.exe 2014-01-16 20:55 - 2014-01-16 17:02 - 00000597 _____ C:\Windows\system32\ServiceFilter.ini 2014-01-16 17:02 - 2010-09-28 11:22 - 00000044 _____ C:\Windows\system32\BootTime.ini 2014-01-16 16:54 - 2014-01-16 15:37 - 00000000 ____D C:\FRST 2014-01-16 16:54 - 2010-09-28 16:54 - 00000000 ____D C:\Users\Asus 2014-01-16 16:48 - 2014-01-16 16:48 - 00039228 _____ C:\Users\Asus\Desktop\Addition.txt 2014-01-16 16:45 - 2014-01-16 16:44 - 02076160 _____ (Farbar) C:\Users\Asus\Desktop\FRST64.exe 2014-01-16 13:19 - 2014-01-16 13:19 - 00000000 ____D C:\Users\Public\Desktop\CC Support 2014-01-16 13:10 - 2013-12-08 14:59 - 00024008 _____ C:\Windows\PFRO.log 2014-01-16 13:10 - 2010-09-28 11:22 - 00000080 _____ C:\Windows\system32\Defrag.ini 2014-01-16 13:09 - 2010-10-01 09:55 - 00000000 ____D C:\Program Files\Google 2014-01-16 12:32 - 2014-01-16 12:32 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2014-01-16 12:32 - 2014-01-16 12:32 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2014-01-16 12:32 - 2013-02-12 21:10 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2014-01-16 12:32 - 2013-02-12 21:10 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2014-01-16 12:32 - 2010-11-04 12:07 - 00000000 ____D C:\Program Files\Java 2014-01-16 12:11 - 2010-10-01 09:55 - 00000000 ____D C:\Users\Asus\AppData\Local\Google 2014-01-16 12:01 - 2010-10-01 09:54 - 00000000 ____D C:\ProgramData\Google 2014-01-16 12:01 - 2010-10-01 09:54 - 00000000 ____D C:\Program Files (x86)\Google 2014-01-16 10:00 - 2010-09-28 16:56 - 00001140 _____ C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-01-16 10:00 - 2010-09-28 16:56 - 00000997 _____ C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk 2014-01-16 09:16 - 2009-07-14 18:55 - 04811436 _____ C:\Windows\system32\perfh015.dat 2014-01-16 09:16 - 2009-07-14 18:55 - 01585106 _____ C:\Windows\system32\perfc015.dat 2014-01-16 09:16 - 2009-07-14 06:13 - 00006462 _____ C:\Windows\system32\PerfStringBackup.INI 2014-01-16 08:45 - 2014-01-15 08:09 - 00000000 ____D C:\ProgramData\DatacardService 2014-01-16 08:43 - 2014-01-16 08:43 - 00001203 _____ C:\Users\Public\Desktop\Internet Manager.lnk 2014-01-16 08:41 - 2014-01-16 08:42 - 01001472 _____ (DiBcom SA) C:\Windows\system32\Drivers\mod7700.sys 2014-01-16 08:41 - 2014-01-16 08:42 - 00724608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bmutil.dll 2014-01-16 08:41 - 2014-01-16 08:42 - 00415744 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbwwan.sys 2014-01-16 08:41 - 2014-01-16 08:42 - 00308352 _____ (Bytemobile, Inc.) C:\Windows\SysWOW64\bminstall.dll 2014-01-16 08:41 - 2014-01-16 08:42 - 00222464 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbmdm.sys 2014-01-16 08:41 - 2014-01-16 08:42 - 00212992 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juwwanecm.sys 2014-01-16 08:41 - 2014-01-16 08:42 - 00117248 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwusbdev.sys 2014-01-16 08:41 - 2014-01-16 08:42 - 00098816 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcacm.sys 2014-01-16 08:41 - 2014-01-16 08:42 - 00086016 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jubusenum.sys 2014-01-16 08:41 - 2014-01-16 08:42 - 00069632 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcecm.sys 2014-01-16 08:41 - 2014-01-16 08:42 - 00039552 _____ (Bytemobile, Inc.) C:\Windows\system32\Drivers\tcpipBM.sys 2014-01-16 08:41 - 2014-01-16 08:42 - 00032768 _____ (Huawei Tech. Co., Ltd.) C:\Windows\system32\Drivers\ewdcsc.sys 2014-01-16 08:41 - 2014-01-16 08:42 - 00028672 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juextctrl.sys 2014-01-16 08:41 - 2014-01-16 08:42 - 00022016 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwupgrade.sys 2014-01-16 08:41 - 2014-01-16 08:42 - 00016512 _____ (Bytemobile, Inc.) C:\Windows\system32\Drivers\BMLoad.sys 2014-01-16 08:41 - 2014-01-16 08:42 - 00013952 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbenumfilter.sys 2014-01-16 08:41 - 2014-01-16 08:41 - 00000000 ____D C:\Program Files (x86)\T-Mobile 2014-01-16 08:41 - 2014-01-15 08:10 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfCoInstaller01007.dll 2014-01-16 08:41 - 2011-11-18 14:20 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll 2014-01-15 15:48 - 2014-01-15 15:48 - 00000000 ____D C:\Program Files (x86)\SAMSUNG 2014-01-15 15:43 - 2014-01-15 15:44 - 06628843 _____ (Samsung ) C:\Users\Asus\Downloads\SCX-4200_win98me.exe 2014-01-15 15:18 - 2013-11-24 22:59 - 00000000 ____D C:\ProgramData\Oracle 2014-01-15 15:17 - 2014-01-15 15:17 - 00005175 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log 2014-01-15 15:17 - 2010-11-04 11:41 - 00000000 ____D C:\Program Files (x86)\Java 2014-01-15 08:19 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF 2014-01-15 08:18 - 2011-11-02 20:09 - 00010533 _____ C:\Users\Asus\AppData\Roaming\SmarThruOptions.xml 2014-01-15 08:11 - 2014-01-15 08:11 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ew_juextctrl_01007.Wdf 2014-01-15 08:11 - 2014-01-15 08:11 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf 2014-01-15 08:10 - 2014-01-15 08:10 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ew_jubusenum_01007.Wdf 2014-01-15 08:10 - 2014-01-15 08:10 - 00000000 ____D C:\ProgramData\Internet Manager 2014-01-15 08:09 - 2014-01-15 08:09 - 00000000 ____D C:\Users\Asus\AppData\Roaming\T-Mobile 2014-01-11 20:19 - 2013-11-15 11:08 - 00000000 ____D C:\Users\Gość\Gadu-Gadu 2014-01-10 23:03 - 2014-01-10 23:03 - 00000000 ____D C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup 2014-01-06 20:23 - 2014-01-06 20:23 - 04558848 _____ (Google Inc.) C:\Windows\SysWOW64\GPhotos.scr 2013-12-26 12:23 - 2013-12-26 12:22 - 08622080 _____ C:\Users\Gość\Downloads\DrukiGofin_2.1.8.0_n.msi 2013-12-25 22:30 - 2010-10-22 15:46 - 00000000 ____D C:\Users\Gość\AppData\Local\Google 2013-12-22 18:13 - 2013-12-22 18:13 - 00000000 ____D C:\Users\Asus\Documents\Sony ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-11-10 11:53 ==================== End Of Log ============================