Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014 Ran by Asus (administrator) on ASUS2014 on 24-03-2014 15:31:42 Running from F:\fixitpc\inne\Farbar Recovery Scan Tool (FRST)\64 Windows 8 (X64) OS Language: Polish Internet Explorer Version 10 Boot Mode: Safe Mode (minimal) The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= ==================== Registry (Whitelisted) ================== HKLM-x32\...\Run: [mobilegeni daemon] - C:\Program Files (x86)\Mobogenie\DaemonProcess.exe HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [fst_pl_37] - [X] Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKLM\...\Policies\Explorer\Run: [BtvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-03-27] ( (Atheros Communications)) HKU\S-1-5-21-3103807624-1281573124-1645133280-1001\...\Run: [NextLive] - C:\Windows\SysWOW64\rundll32.exe "C:\Users\Asus\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l HKU\S-1-5-21-3103807624-1281573124-1645133280-1001\...\Run: [Facebook Update] - C:\Users\Asus\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-02-14] (Facebook Inc.) HKU\S-1-5-21-3103807624-1281573124-1645133280-1001\...\Run: [ChicaPasswordManager] - C:\Program Files (x86)\ChicaLogic\Chica Password Manager\stpass.exe [4299624 2012-07-09] (ChicaLogic, Inc.) HKU\S-1-5-21-3103807624-1281573124-1645133280-1001\...\Run: [uTorrent] - C:\Users\Asus\AppData\Roaming\uTorrent\uTorrent.exe [905296 2014-02-02] (BitTorrent Inc.) HKU\S-1-5-21-3103807624-1281573124-1645133280-1001\...\Run: [Pokki] - C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform HKU\S-1-5-21-3103807624-1281573124-1645133280-1001\...\MountPoints2: {a2f36fef-8c1a-11e3-be7a-240a64832b90} - "F:\iLinker.exe" GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.pl/ HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.sweet-page.com/?type=sc&ts=1389363389&from=cor&uid=HGSTXHTS545050A7E680_TMA51C4T06P7NL06P7NLX SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.nationzoom.com/web/?type=ds&ts=1389365681&from=ild&uid=HGSTXHTS545050A7E680_TMA51C4T06P7NL06P7NLX&q={searchTerms} SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.nationzoom.com/web/?type=ds&ts=1389365681&from=ild&uid=HGSTXHTS545050A7E680_TMA51C4T06P7NL06P7NLX&q={searchTerms} SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.nationzoom.com/web/?type=ds&ts=1389365681&from=ild&uid=HGSTXHTS545050A7E680_TMA51C4T06P7NL06P7NLX&q={searchTerms} SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.nationzoom.com/web/?type=ds&ts=1389365681&from=ild&uid=HGSTXHTS545050A7E680_TMA51C4T06P7NL06P7NLX&q={searchTerms} SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=9414240A64832B90&affID=127690&tsp=5187 BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations) BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation) BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation) BHO-x32: SaveSense - {71e129ff-6c2a-4984-818c-7e2c998b8d99} - C:\Users\Asus\AppData\Local\SaveSense\SaveSenseIE.dll (SaveSense) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: af0.Adblock.BHO - {90EFF544-3981-4d46-85C9-C0361D0931D6} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation) Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 10.0.0.1 Chrome: ======= CHR HomePage: hxxp://www.google.pl/ CHR Extension: (AdBlock) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-03-24] CHR Extension: (Improved Search) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\hahpjplbmicfkmoccokbjejahjjpnena [2014-01-12] CHR Extension: (Czerwony Ball 1) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnpgcalemojfompgcdgbinecbeaelgob [2014-02-20] CHR Extension: (Norton Identity Protection) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-01-09] CHR Extension: (Google Wallet) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-09] CHR Extension: (Widget context) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ombmmloebnfnpehgjnmkcgoegfachobp [2014-03-08] CHR HKLM-x32\...\Chrome\Extension: [ieadcoanfjloocmfafkebdnfefmohngj] - C:\Program Files (x86)\BonanzaDeals\BonanzaDeals.crx [2014-03-08] CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx [2014-01-10] CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\Exts\Chrome.crx [2014-02-17] ==================== Services (Whitelisted) ================= S3 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS) S3 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () S3 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227968 2013-03-27] (Qualcomm Atheros Commnucations) S2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-01-17] (WildTangent) S3 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation) S3 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation) S2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-20] (Symantec Corporation) S2 savesenselive; C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [146920 2014-01-25] (SaveSense) S3 savesenselivem; C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [146920 2014-01-25] (SaveSense) S4 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG PC TuneUp 2014\TuneUpUtilitiesService64.exe [2099000 2013-10-12] (AVG) S2 VOsrv; C:\Users\Asus\AppData\Roaming\VOPackage\VOsrv.exe [353792 2014-02-25] () S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation) S3 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-03-27] (Atheros) S2 Update FindRight; "C:\Program Files (x86)\FindRight\updateFindRight.exe" [X] ==================== Drivers (Whitelisted) ==================== R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-06-28] (ASUS Corporation) S1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [1526488 2013-12-18] (Symantec Corporation) S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-03-27] (Qualcomm Atheros) S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation) S1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys [169048 2013-04-15] (Symantec Corporation) S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-01-09] (Symantec Corporation) S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2014-01-09] (Symantec Corporation) S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2013-11-29] (LogMeIn Inc.) S1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\IPSDefs\20140321.001\IDSvia64.sys [524504 2014-03-06] (Symantec Corporation) R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( ) S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20140324.001\ENG64.SYS [126040 2014-01-09] (Symantec Corporation) S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20140324.001\EX64.SYS [2099288 2014-01-09] (Symantec Corporation) S3 s1039bus; C:\Windows\System32\drivers\s1039bus.sys [127600 2010-03-15] (MCCI Corporation) S3 s1039unic; C:\Windows\System32\drivers\s1039unic.sys [158320 2010-03-15] (MCCI Corporation) S1 SRTSP; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSP64.SYS [796760 2013-05-15] (Symantec Corporation) S1 SRTSPX; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS [36952 2013-03-04] (Symantec Corporation) R0 SymDS; C:\Windows\System32\drivers\NISx64\1404000.028\SYMDS64.SYS [493656 2013-05-20] (Symantec Corporation) R0 SymEFA; C:\Windows\System32\drivers\NISx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-22] (Symantec Corporation) S0 SymELAM; C:\Windows\System32\drivers\NISx64\1404000.028\SymELAM.sys [23448 2012-09-06] (Symantec Corporation) S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2014-01-08] (Symantec Corporation) S1 SymIRON; C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS [224416 2012-09-06] (Symantec Corporation) S1 SymNetS; C:\Windows\system32\drivers\NISx64\1404000.028\SYMNETS.SYS [433752 2013-04-24] (Symantec Corporation) S3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG PC TuneUp 2014\TuneUpUtilitiesDriver64.sys [14112 2013-09-18] (TuneUp Software) S1 wStLib64; C:\Windows\System32\drivers\wStLib64.sys [61112 2014-03-18] (StdLib) U0 msahci; ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-03-24 15:16 - 2014-03-24 15:17 - 00000060 _____ () C:\Users\Asus\odinstalowanie_2.txt 2014-03-24 13:59 - 2014-03-24 13:59 - 00000000 ____D () C:\Program Files (x86)\af0.net 2014-03-24 13:49 - 2014-03-24 13:49 - 00118149 _____ () C:\Users\Asus\Downloads\wmpChrome.crx 2014-03-24 10:00 - 2014-03-24 10:00 - 00003106 _____ () C:\Windows\System32\Tasks\{28A2C3CD-D872-4C8E-8C64-0860F12493B9} 2014-03-24 09:54 - 2014-02-17 16:06 - 00000426 ____C () C:\AVScanner.ini 2014-03-24 09:39 - 2014-03-24 09:59 - 00000337 _____ () C:\Users\Asus\odinstalowanie.txt 2014-03-21 12:10 - 2014-03-24 15:31 - 00000000 ___DC () C:\FRST 2014-03-21 07:56 - 2014-03-21 07:56 - 00003078 _____ () C:\Users\Asus\Documents\gmer.log 2014-03-21 07:42 - 2014-03-21 07:42 - 00279648 _____ () C:\Windows\Minidump\032114-31500-01.dmp 2014-03-21 07:29 - 2014-03-21 07:42 - 337276328 _____ () C:\Windows\MEMORY.DMP 2014-03-21 07:29 - 2014-03-21 07:42 - 00000000 ____D () C:\Windows\Minidump 2014-03-21 07:29 - 2014-03-21 07:29 - 00284280 _____ () C:\Windows\Minidump\032114-32140-01.dmp 2014-03-21 07:12 - 2014-03-21 07:13 - 00000000 ____D () C:\Users\Asus\Downloads\diagnostyka 2014-03-21 01:40 - 2014-03-24 10:42 - 00001572 _____ () C:\Windows\setupact.log 2014-03-21 01:40 - 2014-03-21 01:40 - 00000000 _____ () C:\Windows\setuperr.log 2014-03-20 21:29 - 2014-03-24 09:57 - 00008148 _____ () C:\Windows\PFRO.log 2014-03-19 08:22 - 2014-03-19 08:22 - 00000000 ____D () C:\Users\Asus\Documents\Optimizer Pro 2014-03-19 08:20 - 2014-03-19 08:21 - 00002836 _____ () C:\Users\Asus\AppData\Roaming\aps.scan.results 2014-03-19 08:20 - 2014-03-19 08:20 - 00001051 _____ () C:\Users\Asus\Desktop\AnyProtect.lnk 2014-03-19 08:13 - 2014-03-21 01:42 - 00086318 _____ () C:\Windows\WindowsUpdate.log 2014-03-18 18:00 - 2014-03-18 18:00 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2014-03-18 18:00 - 2014-03-18 18:00 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-03-18 18:00 - 2014-03-18 18:00 - 00000000 ____D () C:\Program Files\CCleaner 2014-03-18 16:45 - 2014-03-18 16:45 - 00001142 _____ () C:\Users\Asus\Desktop\Witamy w rejestracji produktu ASUS.lnk 2014-03-18 15:24 - 2014-03-18 15:24 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\wStLib64.sys 2014-03-17 16:39 - 2014-03-17 17:29 - 454376531 _____ () C:\Users\Asus\Downloads\Trefny wóz - Vehicle 19 (2013) Lektor PL.480p.BRRip.XviD.AC3-sav.avi 2014-03-17 16:34 - 2014-03-17 16:34 - 00092979 _____ () C:\Users\Asus\Downloads\Trefny+w-c3-b3z+-+Vehicle+19+(2013)+Lektor+PL.480p.BRRip.XviD.AC3-sav,3640063364 (1).avi(video) 2014-03-17 16:34 - 2014-03-17 16:34 - 00092924 _____ () C:\Users\Asus\Downloads\Trefny+w-c3-b3z+-+Vehicle+19+(2013)+Lektor+PL.480p.BRRip.XviD.AC3-sav,3640063364.avi(video) 2014-03-17 11:48 - 2014-03-17 11:48 - 00000000 ____D () C:\Users\Public\CyberLink 2014-03-17 11:48 - 2014-03-17 11:48 - 00000000 ____D () C:\Users\Asus\Documents\CyberLink 2014-03-17 11:48 - 2014-03-17 11:48 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\CyberLink 2014-03-17 11:48 - 2014-03-17 11:48 - 00000000 ____D () C:\ProgramData\CyberLink 2014-03-16 15:17 - 2014-03-16 15:20 - 00000000 ____D () C:\Users\Asus\Downloads\m 2014-03-15 20:03 - 2014-03-21 23:34 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP2.job 2014-03-15 20:03 - 2014-03-20 21:29 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP3.job 2014-03-15 20:03 - 2014-03-20 20:24 - 00000380 _____ () C:\Windows\Tasks\APSnotifierPP1.job 2014-03-15 20:02 - 2014-03-19 08:21 - 00001174 _____ () C:\Users\Asus\AppData\Roaming\aps.scan.quick.results 2014-03-15 20:02 - 2014-03-19 08:21 - 00000316 _____ () C:\Users\Asus\AppData\Roaming\aps.uninstall.scan.results 2014-03-15 20:01 - 2014-03-15 20:02 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup 2014-03-15 19:59 - 2014-03-15 19:59 - 00003058 _____ () C:\Windows\System32\Tasks\BlockAndSurf Update 2014-03-15 19:59 - 2014-03-15 19:59 - 00003002 _____ () C:\Windows\System32\Tasks\BlockAndSurf_wd 2014-03-15 19:59 - 2014-03-15 19:59 - 00000266 __RSH () C:\ProgramData\ntuser.pol 2014-03-15 19:58 - 2014-03-19 08:16 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx 2014-03-15 19:58 - 2014-03-18 12:55 - 01172664 _____ (AnyProtect.com) C:\Users\Asus\AppData\Local\AnyProtectScannerSetup.exe 2014-03-15 19:58 - 2014-03-15 19:58 - 00000000 ____D () C:\ProgramData\Babylon 2014-03-15 19:25 - 2014-03-15 19:25 - 00281544 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-03-15 12:13 - 2014-03-15 12:33 - 72641093 _____ () C:\Users\Asus\Downloads\Yandel ft. Daddy Yankee - Moviendo Caderas_[LQ]_[teledyski.info].mp4 2014-03-15 12:10 - 2014-03-15 12:27 - 49245821 _____ () C:\Users\Asus\Downloads\Klingande - Jubel_[LQ]_[teledyski.info].mp4 2014-03-15 12:08 - 2014-03-15 12:30 - 72357765 _____ () C:\Users\Asus\Downloads\Ola - Jackie Kennedy_[LQ]_[teledyski.info].mp4 2014-03-12 06:53 - 2014-02-23 09:13 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-03-12 06:53 - 2014-02-23 09:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-03-12 06:53 - 2014-02-23 09:13 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll 2014-03-12 06:53 - 2014-02-23 09:13 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll 2014-03-12 06:53 - 2014-02-23 09:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-03-12 06:53 - 2014-02-23 09:12 - 19273216 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-03-12 06:53 - 2014-02-23 09:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-03-12 06:53 - 2014-02-23 09:12 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-03-12 06:53 - 2014-02-23 09:11 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-03-12 06:53 - 2014-02-23 09:11 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-03-12 06:53 - 2014-02-23 09:11 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-03-12 06:53 - 2014-02-23 09:11 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-03-12 06:53 - 2014-02-23 09:11 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2014-03-12 06:53 - 2014-02-23 09:11 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-03-12 06:53 - 2014-02-23 09:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-03-12 06:53 - 2014-02-23 09:11 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-03-12 06:53 - 2014-02-23 07:54 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-03-12 06:53 - 2014-02-23 07:54 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-03-12 06:53 - 2014-02-23 07:54 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll 2014-03-12 06:53 - 2014-02-23 07:53 - 14358016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-03-12 06:53 - 2014-02-23 07:53 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-03-12 06:53 - 2014-02-23 07:53 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-03-12 06:53 - 2014-02-23 07:53 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-03-12 06:53 - 2014-02-23 07:53 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2014-03-12 06:53 - 2014-02-23 07:53 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-03-12 06:53 - 2014-02-23 07:53 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-03-12 06:53 - 2014-02-23 07:53 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2014-03-12 06:53 - 2014-02-23 07:53 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-03-12 06:53 - 2014-02-23 07:53 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-03-12 06:53 - 2014-02-23 07:53 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-03-12 06:53 - 2014-02-23 07:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-03-12 06:53 - 2014-02-23 07:31 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-03-12 06:53 - 2014-02-23 05:06 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll 2014-03-12 06:52 - 2013-10-25 08:34 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys 2014-03-12 06:52 - 2013-10-24 23:34 - 00248240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys 2014-03-12 06:49 - 2014-02-08 05:34 - 04036608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-03-12 06:44 - 2013-12-07 07:36 - 19751936 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-03-12 06:44 - 2013-12-07 06:15 - 17560576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2014-03-12 06:43 - 2014-02-06 00:41 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-03-12 06:43 - 2014-02-06 00:37 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2014-03-12 06:43 - 2014-01-31 01:48 - 01339392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2014-03-12 06:43 - 2014-01-31 01:06 - 01628160 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2014-03-09 20:01 - 2014-03-13 19:14 - 00000000 ____D () C:\Users\Asus\Documents\Algodoo 2014-03-08 14:11 - 2014-03-08 14:11 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\Mozilla 2014-03-06 16:18 - 2014-03-06 16:18 - 00002764 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 2014-03-05 19:03 - 2014-03-05 19:03 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\AVG 2014-03-05 19:03 - 2013-10-12 02:00 - 00040248 _____ (AVG) C:\Windows\system32\TURegOpt.exe 2014-03-05 19:03 - 2013-10-12 02:00 - 00029496 _____ (AVG) C:\Windows\system32\authuitu.dll 2014-03-05 19:03 - 2013-10-12 02:00 - 00025400 _____ (AVG) C:\Windows\SysWOW64\authuitu.dll 2014-03-05 19:02 - 2014-03-06 16:18 - 00000000 ____D () C:\ProgramData\AVG 2014-03-05 19:02 - 2014-03-05 19:03 - 00000000 ____D () C:\Program Files (x86)\AVG PC TuneUp 2014 2014-03-05 19:02 - 2014-03-05 19:02 - 00000000 __SHD () C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} 2014-03-02 11:31 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll 2014-03-02 11:31 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll 2014-03-02 11:31 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll 2014-03-02 11:31 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll 2014-03-02 11:31 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll 2014-03-02 11:31 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll 2014-03-02 11:27 - 2014-03-02 12:07 - 00000000 ____D () C:\Program Files (x86)\City Interactive 2014-03-01 12:25 - 2014-03-01 12:25 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\.mono 2014-03-01 11:43 - 2014-03-01 11:43 - 00002116 _____ () C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk 2014-03-01 11:42 - 2014-03-21 07:48 - 00000000 ____D () C:\Users\Asus\AppData\Local\Pokki 2014-03-01 11:36 - 2014-03-05 18:42 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\OpenCandy 2014-03-01 11:36 - 2014-03-05 18:42 - 00000000 ____D () C:\Program Files (x86)\Cheat Engine 6.3 2014-03-01 11:36 - 2014-03-01 11:36 - 00000000 ____D () C:\Users\Asus\Documents\My Cheat Tables 2014-03-01 11:16 - 2014-03-01 11:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-03-01 11:15 - 2014-03-24 10:01 - 00000000 ____D () C:\Program Files (x86)\YourFileDownloader 2014-03-01 11:15 - 2014-03-01 11:15 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\YourFileDownloader 2014-03-01 11:15 - 2014-03-01 11:15 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\VOPackage 2014-03-01 10:20 - 2014-03-24 09:44 - 00000000 ____D () C:\Program Files (x86)\PCData 2014-03-01 10:18 - 2014-03-18 15:21 - 00000000 ____D () C:\Users\Asus\AppData\Local\Lollipop 2014-03-01 10:18 - 2014-03-17 14:57 - 00002028 _____ () C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lollipop.lnk 2014-02-26 17:06 - 2014-03-24 09:36 - 00000000 ____D () C:\Program Files (x86)\FindRight 2014-02-26 17:06 - 2014-02-26 17:06 - 00003302 _____ () C:\Windows\System32\Tasks\VuuPCUpdate 2014-02-26 17:06 - 2014-02-26 17:06 - 00003116 _____ () C:\Windows\System32\Tasks\VuuPCUpdateLogin ==================== One Month Modified Files and Folders ======= 2014-03-24 15:31 - 2014-03-21 12:10 - 00000000 ___DC () C:\FRST 2014-03-24 15:17 - 2014-03-24 15:16 - 00000060 _____ () C:\Users\Asus\odinstalowanie_2.txt 2014-03-24 15:16 - 2014-01-08 14:39 - 00000000 ____D () C:\Users\Asus 2014-03-24 15:10 - 2014-01-10 15:20 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\uTorrent 2014-03-24 15:02 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\sru 2014-03-24 14:26 - 2014-01-09 14:09 - 00001062 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-03-24 14:14 - 2014-02-06 11:37 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-03-24 13:59 - 2014-03-24 13:59 - 00000000 ____D () C:\Program Files (x86)\af0.net 2014-03-24 13:49 - 2014-03-24 13:49 - 00118149 _____ () C:\Users\Asus\Downloads\wmpChrome.crx 2014-03-24 12:49 - 2014-01-27 17:06 - 00000942 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3103807624-1281573124-1645133280-1001UA.job 2014-03-24 10:46 - 2012-08-02 19:02 - 00794946 _____ () C:\Windows\system32\perfh015.dat 2014-03-24 10:46 - 2012-08-02 19:02 - 00159530 _____ () C:\Windows\system32\perfc015.dat 2014-03-24 10:46 - 2012-07-26 08:28 - 01793398 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-03-24 10:42 - 2014-03-21 01:40 - 00001572 _____ () C:\Windows\setupact.log 2014-03-24 10:31 - 2014-01-08 14:45 - 00000074 _____ () C:\Users\Asus\AppData\Roaming\sp_data.sys 2014-03-24 10:31 - 2013-08-17 06:15 - 00003268 _____ () C:\Windows\System32\Tasks\AsusVibeSchedule 2014-03-24 10:31 - 2013-08-17 06:14 - 00003004 _____ () C:\Windows\System32\Tasks\ASUS Splendid ColorU 2014-03-24 10:31 - 2013-08-17 06:14 - 00002988 _____ () C:\Windows\System32\Tasks\ASUS Splendid ACMON 2014-03-24 10:31 - 2013-08-17 06:11 - 00003052 _____ () C:\Windows\System32\Tasks\ASUS P4G 2014-03-24 10:31 - 2013-08-17 06:11 - 00003024 _____ () C:\Windows\System32\Tasks\ASUS USB Charger Plus 2014-03-24 10:31 - 2013-08-17 06:10 - 00003114 _____ () C:\Windows\System32\Tasks\ASUS Live Update 2014-03-24 10:31 - 2013-08-17 06:01 - 00003540 _____ () C:\Windows\System32\Tasks\ASUS Smart Gesture Launcher 2014-03-24 10:30 - 2014-01-09 14:37 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\newnext.me 2014-03-24 10:30 - 2014-01-09 14:09 - 00001058 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-03-24 10:29 - 2012-07-26 08:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-03-24 10:23 - 2014-01-09 14:07 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3103807624-1281573124-1645133280-1001 2014-03-24 10:01 - 2014-03-01 11:15 - 00000000 ____D () C:\Program Files (x86)\YourFileDownloader 2014-03-24 10:00 - 2014-03-24 10:00 - 00003106 _____ () C:\Windows\System32\Tasks\{28A2C3CD-D872-4C8E-8C64-0860F12493B9} 2014-03-24 09:59 - 2014-03-24 09:39 - 00000337 _____ () C:\Users\Asus\odinstalowanie.txt 2014-03-24 09:57 - 2014-03-20 21:29 - 00008148 _____ () C:\Windows\PFRO.log 2014-03-24 09:57 - 2014-02-08 13:11 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2 2014-03-24 09:56 - 2014-02-08 14:18 - 00022692 _____ () C:\Windows\wininit.ini 2014-03-24 09:56 - 2014-02-08 13:11 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2014-03-24 09:46 - 2014-01-25 14:56 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\systweak 2014-03-24 09:44 - 2014-03-01 10:20 - 00000000 ____D () C:\Program Files (x86)\PCData 2014-03-24 09:36 - 2014-02-26 17:06 - 00000000 ____D () C:\Program Files (x86)\FindRight 2014-03-24 09:36 - 2014-01-09 14:37 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie 2014-03-24 09:36 - 2014-01-09 14:37 - 00000000 ____D () C:\Users\Asus\AppData\Local\Mobogenie 2014-03-24 09:28 - 2012-07-26 06:26 - 00262144 ___SH () C:\Windows\system32\config\BBI 2014-03-24 09:27 - 2012-07-26 06:26 - 00000324 _____ () C:\Windows\win.ini 2014-03-21 23:34 - 2014-03-15 20:03 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP2.job 2014-03-21 18:51 - 2014-01-25 16:51 - 00000127 _____ () C:\Users\Asus\AppData\Roaming\WB.CFG 2014-03-21 07:56 - 2014-03-21 07:56 - 00003078 _____ () C:\Users\Asus\Documents\gmer.log 2014-03-21 07:48 - 2014-03-01 11:42 - 00000000 ____D () C:\Users\Asus\AppData\Local\Pokki 2014-03-21 07:43 - 2014-01-08 14:47 - 00000000 ____D () C:\Users\Asus\Documents\Bluetooth Folder 2014-03-21 07:42 - 2014-03-21 07:42 - 00279648 _____ () C:\Windows\Minidump\032114-31500-01.dmp 2014-03-21 07:42 - 2014-03-21 07:29 - 337276328 _____ () C:\Windows\MEMORY.DMP 2014-03-21 07:42 - 2014-03-21 07:29 - 00000000 ____D () C:\Windows\Minidump 2014-03-21 07:36 - 2014-01-13 11:54 - 00000000 ____D () C:\Users\Asus\AppData\Local\CrashDumps 2014-03-21 07:29 - 2014-03-21 07:29 - 00284280 _____ () C:\Windows\Minidump\032114-32140-01.dmp 2014-03-21 07:13 - 2014-03-21 07:12 - 00000000 ____D () C:\Users\Asus\Downloads\diagnostyka 2014-03-21 01:42 - 2014-03-19 08:13 - 00086318 _____ () C:\Windows\WindowsUpdate.log 2014-03-21 01:40 - 2014-03-21 01:40 - 00000000 _____ () C:\Windows\setuperr.log 2014-03-20 21:30 - 2012-07-26 06:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM 2014-03-20 21:29 - 2014-03-15 20:03 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP3.job 2014-03-20 20:24 - 2014-03-15 20:03 - 00000380 _____ () C:\Windows\Tasks\APSnotifierPP1.job 2014-03-19 08:22 - 2014-03-19 08:22 - 00000000 ____D () C:\Users\Asus\Documents\Optimizer Pro 2014-03-19 08:21 - 2014-03-19 08:20 - 00002836 _____ () C:\Users\Asus\AppData\Roaming\aps.scan.results 2014-03-19 08:21 - 2014-03-15 20:02 - 00001174 _____ () C:\Users\Asus\AppData\Roaming\aps.scan.quick.results 2014-03-19 08:21 - 2014-03-15 20:02 - 00000316 _____ () C:\Users\Asus\AppData\Roaming\aps.uninstall.scan.results 2014-03-19 08:20 - 2014-03-19 08:20 - 00001051 _____ () C:\Users\Asus\Desktop\AnyProtect.lnk 2014-03-19 08:16 - 2014-03-15 19:58 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx 2014-03-18 18:12 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\NDF 2014-03-18 18:05 - 2012-08-02 23:24 - 00000000 ____D () C:\Windows\Panther 2014-03-18 18:00 - 2014-03-18 18:00 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2014-03-18 18:00 - 2014-03-18 18:00 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-03-18 18:00 - 2014-03-18 18:00 - 00000000 ____D () C:\Program Files\CCleaner 2014-03-18 16:56 - 2014-01-12 15:10 - 00000000 ____D () C:\Windows\system32\MRT 2014-03-18 16:53 - 2014-01-12 15:10 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-03-18 16:45 - 2014-03-18 16:45 - 00001142 _____ () C:\Users\Asus\Desktop\Witamy w rejestracji produktu ASUS.lnk 2014-03-18 15:33 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\AUInstallAgent 2014-03-18 15:24 - 2014-03-18 15:24 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\wStLib64.sys 2014-03-18 15:21 - 2014-03-01 10:18 - 00000000 ____D () C:\Users\Asus\AppData\Local\Lollipop 2014-03-18 12:55 - 2014-03-15 19:58 - 01172664 _____ (AnyProtect.com) C:\Users\Asus\AppData\Local\AnyProtectScannerSetup.exe 2014-03-17 17:29 - 2014-03-17 16:39 - 454376531 _____ () C:\Users\Asus\Downloads\Trefny wóz - Vehicle 19 (2013) Lektor PL.480p.BRRip.XviD.AC3-sav.avi 2014-03-17 16:34 - 2014-03-17 16:34 - 00092979 _____ () C:\Users\Asus\Downloads\Trefny+w-c3-b3z+-+Vehicle+19+(2013)+Lektor+PL.480p.BRRip.XviD.AC3-sav,3640063364 (1).avi(video) 2014-03-17 16:34 - 2014-03-17 16:34 - 00092924 _____ () C:\Users\Asus\Downloads\Trefny+w-c3-b3z+-+Vehicle+19+(2013)+Lektor+PL.480p.BRRip.XviD.AC3-sav,3640063364.avi(video) 2014-03-17 14:57 - 2014-03-01 10:18 - 00002028 _____ () C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lollipop.lnk 2014-03-17 11:48 - 2014-03-17 11:48 - 00000000 ____D () C:\Users\Public\CyberLink 2014-03-17 11:48 - 2014-03-17 11:48 - 00000000 ____D () C:\Users\Asus\Documents\CyberLink 2014-03-17 11:48 - 2014-03-17 11:48 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\CyberLink 2014-03-17 11:48 - 2014-03-17 11:48 - 00000000 ____D () C:\ProgramData\CyberLink 2014-03-16 15:20 - 2014-03-16 15:17 - 00000000 ____D () C:\Users\Asus\Downloads\m 2014-03-16 13:31 - 2014-01-22 18:49 - 00219648 ___SH () C:\Users\Asus\Downloads\Thumbs.db 2014-03-16 09:49 - 2014-01-27 17:06 - 00000920 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3103807624-1281573124-1645133280-1001Core.job 2014-03-15 20:02 - 2014-03-15 20:01 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup 2014-03-15 19:59 - 2014-03-15 19:59 - 00003058 _____ () C:\Windows\System32\Tasks\BlockAndSurf Update 2014-03-15 19:59 - 2014-03-15 19:59 - 00003002 _____ () C:\Windows\System32\Tasks\BlockAndSurf_wd 2014-03-15 19:59 - 2014-03-15 19:59 - 00000266 __RSH () C:\ProgramData\ntuser.pol 2014-03-15 19:59 - 2012-07-26 09:12 - 00000000 ___HD () C:\Windows\system32\GroupPolicy 2014-03-15 19:59 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy 2014-03-15 19:58 - 2014-03-15 19:58 - 00000000 ____D () C:\ProgramData\Babylon 2014-03-15 19:34 - 2014-01-09 14:13 - 00002401 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-03-15 19:25 - 2014-03-15 19:25 - 00281544 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-03-15 13:14 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\rescache 2014-03-15 13:06 - 2014-01-08 14:46 - 00000000 ___RD () C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-03-15 13:06 - 2014-01-08 14:46 - 00000000 ___RD () C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-03-15 13:03 - 2012-07-26 09:12 - 00000000 ___RD () C:\Windows\ToastData 2014-03-15 13:03 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-03-15 13:03 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-03-15 13:03 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Windows Defender 2014-03-15 13:03 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender 2014-03-15 12:33 - 2014-03-15 12:13 - 72641093 _____ () C:\Users\Asus\Downloads\Yandel ft. Daddy Yankee - Moviendo Caderas_[LQ]_[teledyski.info].mp4 2014-03-15 12:30 - 2014-03-15 12:08 - 72357765 _____ () C:\Users\Asus\Downloads\Ola - Jackie Kennedy_[LQ]_[teledyski.info].mp4 2014-03-15 12:27 - 2014-03-15 12:10 - 49245821 _____ () C:\Users\Asus\Downloads\Klingande - Jubel_[LQ]_[teledyski.info].mp4 2014-03-13 19:14 - 2014-03-09 20:01 - 00000000 ____D () C:\Users\Asus\Documents\Algodoo 2014-03-12 17:11 - 2014-01-08 14:46 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\Atheros 2014-03-12 17:05 - 2012-08-02 19:01 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer 2014-03-12 17:05 - 2012-07-26 10:43 - 00000000 ____D () C:\Windows\SysWOW64\winrm 2014-03-12 17:05 - 2012-07-26 10:43 - 00000000 ____D () C:\Windows\SysWOW64\WCN 2014-03-12 17:05 - 2012-07-26 10:43 - 00000000 ____D () C:\Windows\SysWOW64\slmgr 2014-03-12 17:05 - 2012-07-26 10:43 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts 2014-03-12 17:05 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\WinStore 2014-03-12 17:05 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\SysWOW64\MUI 2014-03-12 17:05 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\SysWOW64\migwiz 2014-03-12 17:05 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer 2014-03-12 17:05 - 2012-07-26 06:38 - 00000000 ____D () C:\Windows\SysWOW64\oobe 2014-03-12 17:05 - 2012-07-26 06:38 - 00000000 ____D () C:\Windows\SysWOW64\Dism 2014-03-12 17:05 - 2012-07-26 06:37 - 00000000 ____D () C:\Windows\servicing 2014-03-12 17:04 - 2012-07-26 10:43 - 00000000 ____D () C:\Windows\system32\winrm 2014-03-12 17:04 - 2012-07-26 10:43 - 00000000 ____D () C:\Windows\system32\WCN 2014-03-12 17:04 - 2012-07-26 10:43 - 00000000 ____D () C:\Windows\system32\slmgr 2014-03-12 17:04 - 2012-07-26 10:43 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts 2014-03-12 17:04 - 2012-07-26 09:12 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel 2014-03-12 17:04 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\SysWOW64\Com 2014-03-12 17:04 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\MUI 2014-03-12 17:04 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\migwiz 2014-03-12 17:04 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-03-12 17:04 - 2012-07-26 06:38 - 00000000 ____D () C:\Windows\system32\Sysprep 2014-03-12 17:04 - 2012-07-26 06:38 - 00000000 ____D () C:\Windows\system32\oobe 2014-03-12 17:04 - 2012-07-26 06:38 - 00000000 ____D () C:\Windows\system32\Dism 2014-03-12 17:02 - 2012-07-26 10:45 - 00000000 ____D () C:\Program Files\Windows Journal 2014-03-12 17:02 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\SystemResetPlatform 2014-03-12 17:02 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\Com 2014-03-12 17:02 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Windows Photo Viewer 2014-03-12 17:02 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Common Files\System 2014-03-11 23:15 - 2014-02-06 11:37 - 00003818 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-03-08 14:11 - 2014-03-08 14:11 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\Mozilla 2014-03-06 16:18 - 2014-03-06 16:18 - 00002764 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 2014-03-06 16:18 - 2014-03-05 19:02 - 00000000 ____D () C:\ProgramData\AVG 2014-03-06 15:49 - 2014-01-09 14:37 - 00000000 ____D () C:\Users\Asus\AppData\Local\cache 2014-03-05 20:44 - 2014-01-19 12:13 - 00000000 ____D () C:\Users\Asus\Desktop\KAWASAKI 2014-03-05 19:20 - 2014-01-08 14:40 - 00000000 ____D () C:\Users\Asus\AppData\Local\VirtualStore 2014-03-05 19:03 - 2014-03-05 19:03 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\AVG 2014-03-05 19:03 - 2014-03-05 19:02 - 00000000 ____D () C:\Program Files (x86)\AVG PC TuneUp 2014 2014-03-05 19:02 - 2014-03-05 19:02 - 00000000 __SHD () C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} 2014-03-05 18:42 - 2014-03-01 11:36 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\OpenCandy 2014-03-05 18:42 - 2014-03-01 11:36 - 00000000 ____D () C:\Program Files (x86)\Cheat Engine 6.3 2014-03-04 23:52 - 2014-01-15 16:13 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-03-04 23:52 - 2014-01-15 16:13 - 00078304 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-03-02 12:07 - 2014-03-02 11:27 - 00000000 ____D () C:\Program Files (x86)\City Interactive 2014-03-01 12:25 - 2014-03-01 12:25 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\.mono 2014-03-01 11:43 - 2014-03-01 11:43 - 00002116 _____ () C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk 2014-03-01 11:36 - 2014-03-01 11:36 - 00000000 ____D () C:\Users\Asus\Documents\My Cheat Tables 2014-03-01 11:16 - 2014-03-01 11:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-03-01 11:15 - 2014-03-01 11:15 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\YourFileDownloader 2014-03-01 11:15 - 2014-03-01 11:15 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\VOPackage 2014-02-28 16:16 - 2014-01-09 14:09 - 00000000 ____D () C:\Program Files (x86)\Google 2014-02-27 12:15 - 2014-01-09 14:37 - 00027551 _____ () C:\Users\Asus\daemonprocess.txt 2014-02-27 12:15 - 2014-01-09 14:37 - 00000000 ____D () C:\Users\Asus\AppData\Local\genienext 2014-02-26 17:06 - 2014-02-26 17:06 - 00003302 _____ () C:\Windows\System32\Tasks\VuuPCUpdate 2014-02-26 17:06 - 2014-02-26 17:06 - 00003116 _____ () C:\Windows\System32\Tasks\VuuPCUpdateLogin 2014-02-25 17:31 - 2013-05-01 12:15 - 00000000 ____D () C:\ProgramData\Adobe 2014-02-25 16:43 - 2014-02-02 16:33 - 00000000 ____D () C:\Users\Asus\AppData\Local\Windows Live 2014-02-25 16:41 - 2014-01-22 00:56 - 00263680 ___SH () C:\Users\Asus\Desktop\Thumbs.db 2014-02-23 09:13 - 2014-03-12 06:53 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-02-23 09:13 - 2014-03-12 06:53 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-02-23 09:13 - 2014-03-12 06:53 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll 2014-02-23 09:13 - 2014-03-12 06:53 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll 2014-02-23 09:13 - 2014-03-12 06:53 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-02-23 09:12 - 2014-03-12 06:53 - 19273216 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-02-23 09:12 - 2014-03-12 06:53 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-02-23 09:12 - 2014-03-12 06:53 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-02-23 09:11 - 2014-03-12 06:53 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-02-23 09:11 - 2014-03-12 06:53 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-02-23 09:11 - 2014-03-12 06:53 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-02-23 09:11 - 2014-03-12 06:53 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-02-23 09:11 - 2014-03-12 06:53 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2014-02-23 09:11 - 2014-03-12 06:53 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-02-23 09:11 - 2014-03-12 06:53 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-02-23 09:11 - 2014-03-12 06:53 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-02-23 07:54 - 2014-03-12 06:53 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-02-23 07:54 - 2014-03-12 06:53 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-02-23 07:54 - 2014-03-12 06:53 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll 2014-02-23 07:53 - 2014-03-12 06:53 - 14358016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-02-23 07:53 - 2014-03-12 06:53 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-02-23 07:53 - 2014-03-12 06:53 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-02-23 07:53 - 2014-03-12 06:53 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-02-23 07:53 - 2014-03-12 06:53 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2014-02-23 07:53 - 2014-03-12 06:53 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-02-23 07:53 - 2014-03-12 06:53 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-02-23 07:53 - 2014-03-12 06:53 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2014-02-23 07:53 - 2014-03-12 06:53 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-02-23 07:53 - 2014-03-12 06:53 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-02-23 07:53 - 2014-03-12 06:53 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-02-23 07:35 - 2014-03-12 06:53 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-02-23 07:31 - 2014-03-12 06:53 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-02-23 05:06 - 2014-03-12 06:53 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll Files to move or delete: ==================== C:\ProgramData\SetStretch.exe C:\ProgramData\SetStretch.VBS Some content of TEMP: ==================== C:\Users\Asus\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-03-21 18:54 ==================== End Of Log ============================