Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-05-2014 Ran by ASUS (administrator) on ASUS-KOMPUTER on 22-05-2014 06:01:13 Running from C:\Users\ASUS\Downloads Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polish Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (F-Secure Corporation) C:\Program Files (x86)\F-Secure\fshoster32.exe (F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe (Pandora.TV) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Wajam) C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE (F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSHDLL64.EXE (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Google Inc.) C:\Users\ASUS\AppData\Local\Google\Update\1.3.24.7\GoogleCrashHandler.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (F-Secure Corporation) C:\Program Files (x86)\F-Secure\fshoster32.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Google Inc.) C:\Users\ASUS\AppData\Local\Google\Update\1.3.24.7\GoogleCrashHandler64.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe (Systweak Inc) C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe (F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fsgk32.exe (F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fssm32.exe (Google Inc.) C:\Users\ASUS\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\ASUS\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\ASUS\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\ASUS\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\ASUS\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\ASUS\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\ASUS\AppData\Local\Google\Chrome\Application\chrome.exe (Farbar) C:\Users\ASUS\Downloads\FRST64 (1).exe (OldTimer Tools) C:\Users\ASUS\Downloads\OTL.com ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11780712 2011-03-04] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2189416 2011-03-01] (Realtek Semiconductor) HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [617120 2011-03-13] (Atheros Communications) HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379552 2011-03-13] (Atheros Commnucations) HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [10228224 2010-11-03] (Intel Corporation) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2712360 2011-03-04] (Synaptics Incorporated) HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2010-11-02] (Intel(R) Corporation) HKLM\...\Run: [SynAsusAcpi] => C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [97064 2011-03-04] (Synaptics Incorporated) HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS) HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS) HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [F-Secure Manager] => C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE [310312 2013-11-26] (F-Secure Corporation) HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.) HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-02-09] (Brother Industries, Ltd.) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM-x32\...\Run: [F-Secure Hoster (666)] => C:\Program Files (x86)\F-Secure\fshoster32.exe [191528 2013-12-11] (F-Secure Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-3126675762-3080963311-2867738150-1000\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] () HKU\S-1-5-21-3126675762-3080963311-2867738150-1000\...\Run: [GG] => C:\Users\ASUS\AppData\Local\GG\Application\gghub.exe [3381824 2013-06-09] (GG Network S.A.) HKU\S-1-5-21-3126675762-3080963311-2867738150-1000\...\Run: [Google Update] => C:\Users\ASUS\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-11-05] (Google Inc.) HKU\S-1-5-21-3126675762-3080963311-2867738150-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.) AppInit_DLLs: C:\PROGRA~2\SEARCH~1\Datamngr\x64\datamngr.dll => C:\Program Files (x86)\Searchcore Toolbar\Datamngr\x64\datamngr.dll [2032568 2012-06-06] (Discordia, LTD) AppInit_DLLs: C:\PROGRA~2\SEARCH~1\Datamngr\x64\IEBHO.dll => C:\Program Files (x86)\Searchcore Toolbar\Datamngr\x64\IEBHO.dll [1528760 2012-06-06] (Discordia, LTD) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl/0,0.html?p=128 HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = HKCU\Software\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = http://search.babylon.com/?babsrc=HP_Prot SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2426} URL = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=iron2&chnl=iron2&cd=2XzutAtN2Y1L1QzuyByEtB0FyCzzyB0AzyyDtByD0CzyyC0AtN0D0TzutBtDtCtBtDyBtDtA&cr=700064849 SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2426} URL = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=iron2&chnl=iron2&cd=2XzutAtN2Y1L1QzuyByEtB0FyCzzyB0AzyyDtByD0CzyyC0AtN0D0TzutBtDtCtBtDyBtDtA&cr=700064849 SearchScopes: HKLM-x32 - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2426} URL = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=iron2&chnl=iron2&cd=2XzutAtN2Y1L1QzuyByEtB0FyCzzyB0AzyyDtByD0CzyyC0AtN0D0TzutBtDtCtBtDyBtDtA&cr=700064849 SearchScopes: HKLM-x32 - Backup.Old.DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2426} SearchScopes: HKLM-x32 - {7C0E241A-5F78-E361-63F4-7FE542381ECF} URL = http://dts.search-results.com/sr?src=ieb&appid=331121&systemid=426&sr=0&q={searchTerms} SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2426} URL = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=iron2&chnl=iron2&cd=2XzutAtN2Y1L1QzuyByEtB0FyCzzyB0AzyyDtByD0CzyyC0AtN0D0TzutBtDtCtBtDyBtDtA&cr=700064849 SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} URL = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=iron2&chnl=iron2&cd=2XzutAtN2Y1L1QzuyByEtB0FyCzzyB0AzyyDtByD0CzyyC0AtN0D0TzutBtDtCtBtDyBtDtA&cr=700064849 SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} SearchScopes: HKCU - Backup.Old.DefaultScope {0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=iron2&chnl=iron2&cd=2XzutAtN2Y1L1QzuyByEtB0FyCzzyB0AzyyDtByD0CzyyC0AtN0D0TzutBtDtCtBtDyBtDtA&cr=700064849 SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = SearchScopes: HKCU - {7C0E241A-5F78-E361-63F4-7FE542381ECF} URL = http://search.babylon.com/?q={searchTerms}&AF=111916&babsrc=SP_ss&mntrId=72b4c96a000000000000742f687a9525 SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2426} URL = http://dts.search-results.com/sr?src=ieb&appid=331121&systemid=426&sr=0&q={searchTerms} SearchScopes: HKCU - {E918643A-4457-4B33-81F3-1AC6470B5F72} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=en_US&apn_ptnrs=U3&apn_dtid=OSJ000YYPL&apn_uid=1D6D3D76-64C5-414A-ABE4-34C79A00E6EF&apn_sauid=90D7B4E0-BAD0-4846-ACA8-1447B781380E SearchScopes: HKCU - ŰźĆîZ§’2ąŢpv¨IÍá*X(Ž2s(ŰÎŔJşÔÓµť± vË°!×—(äĽ48иpatm6ęo^Mp`Ëő÷_iŁw˜ľ!„Áű†x˘8€ŮjŔ˙ţ ´Ń;áa´[¦†8 ş~ŹRŮxśňÜ8'Ł-)x­ä­ URL = BHO: F-Secure Online Safety - {45BBE08D-81C5-4A67-AF20-B2A077C67747} - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\browser\install\fs_ie_https\fs_ie_https64.dll (F-Secure Corporation) BHO: DataMngr - {7DA17D5A-5718-4130-A605-FC316C827836} - C:\Program Files (x86)\Searchcore Toolbar\Datamngr\x64\BrowserConnection.dll (Discordia , LTD) BHO-x32: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - No File BHO-x32: F-Secure Online Safety - {45BBE08D-81C5-4A67-AF20-B2A077C67747} - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\browser\install\fs_ie_https\fs_ie_https.dll (F-Secure Corporation) BHO-x32: Winamp Toolbar Loader - {4accc990-3dc7-4456-a734-5cb4b610a7f5} - C:\Program Files (x86)\Winamp Toolbar\winamppltb.dll (AOL Inc.) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) BHO-x32: DataMngr - {7DA17D5A-5718-4130-A605-FC316C827836} - C:\Program Files (x86)\Searchcore Toolbar\Datamngr\BrowserConnection.dll (Discordia , LTD) BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) BHO-x32: Wajam - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll (Wajam) BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO-x32: Searchcore Toolbar - {af6ac4f2-9825-4fb6-a600-92bc5361f209} - C:\Program Files (x86)\Searchcore Toolbar\Datamngr\ToolBar\searchcoredtx.dll () BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) Toolbar: HKLM-x32 - Searchcore Toolbar - {af6ac4f2-9825-4fb6-a600-92bc5361f209} - C:\Program Files (x86)\Searchcore Toolbar\Datamngr\ToolBar\searchcoredtx.dll () Toolbar: HKLM-x32 - Winamp Toolbar - {a0b1221c-a3ff-4f7c-a393-dc63af5301e9} - C:\Program Files (x86)\Winamp Toolbar\winamppltb.dll (AOL Inc.) Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File Toolbar: HKCU - No Name - {A0B1221C-A3FF-4F7C-A393-DC63AF5301E9} - No File Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 37.59.8.25 178.33.118.171 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll () FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll () FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\ASUS\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\ASUS\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\ASUS\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF HKLM-x32\...\Firefox\Extensions: [{34d56019-5b56-4ebf-bcc2-bd0e31cb5441}] - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\browser\deploy\fs_firefox_https FF Extension: Online Safety - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\browser\deploy\fs_firefox_https [2014-03-02] FF HKCU\...\Firefox\Extensions: [{b64982b1-d112-42b5-b1e4-d3867c4533f8}] - C:\ProgramData\bProtectorForWindows\2.2.453.59\FirefoxExtension Chrome: ======= CHR Extension: (Dokumenty Google) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-13] CHR Extension: (Dysk Google) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-13] CHR Extension: (YouTube) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-13] CHR Extension: (Funmoods) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj [2013-06-13] CHR Extension: (Szukaj w Google) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-13] CHR Extension: (F-Secure Online Safety) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpiagafcnfdcepekgdionocldheampkk [2014-03-02] CHR Extension: (AdBlock) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-04-12] CHR Extension: (Wajam) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp [2013-06-13] CHR Extension: (Skype Click to Call) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-06-13] CHR Extension: (Google Wallet) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-25] CHR Extension: (Vid-Saver) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc [2014-02-25] CHR Extension: (Gmail) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-13] CHR HKLM\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\ASUS\AppData\Local\funmoods-speeddial.crx [2012-07-03] CHR HKLM\...\Chrome\Extension: [fdloijijlkoblmigdofommgnheckmaki] - C:\Users\ASUS\AppData\Local\funmoods.crx [2012-07-03] CHR HKCU\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\ASUS\AppData\Local\funmoods-speeddial.crx [2012-07-03] CHR HKCU\...\Chrome\Extension: [fdloijijlkoblmigdofommgnheckmaki] - C:\Users\ASUS\AppData\Local\funmoods.crx [2012-07-03] CHR HKCU\...\Chrome\Extension: [gkmikccifolokanfakbeadbmgchomeli] - C:\Program Files (x86)\F-Secure\apps\SafeSearch\Chrome\main.crx [2014-03-12] CHR HKLM-x32\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\ASUS\AppData\Local\funmoods-speeddial.crx [2012-07-03] CHR HKLM-x32\...\Chrome\Extension: [dpiagafcnfdcepekgdionocldheampkk] - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\browser\deploy\fs_chrome_https.crx [2014-03-02] CHR HKLM-x32\...\Chrome\Extension: [jpmbfleldcgkldadpdinhjjopdfpjfjp] - C:\Users\ASUS\AppData\Local\Wajam\Chrome\wajam.crx [2012-05-15] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-09-21] CHR HKLM-x32\...\Chrome\Extension: [pgmfkblbflahhponhjmkcnpjinenhlnc] - C:\Users\ASUS\AppData\Local\Vid-Saver\Chrome\Vid-Saver.crx [2012-05-09] CHR StartMenuInternet: Google Chrome - C:\Users\ASUS\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Services (Whitelisted) ================= R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-03-13] (Atheros) R2 fshoster; C:\Program Files (x86)\F-Secure\fshoster32.exe [191528 2013-12-11] (F-Secure Corporation) R3 FSMA; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE [216104 2013-11-26] (F-Secure Corporation) R2 FSORSPClient; C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe [60352 2013-06-25] (F-Secure Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-11-02] () R2 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [578264 2011-12-21] (Pandora.TV) R2 WajamUpdater; C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe [109064 2012-04-24] (Wajam) ==================== Drivers (Whitelisted) ==================== R3 F-Secure Gatekeeper; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [203304 2014-04-23] (F-Secure Corporation) R1 F-Secure HIPS; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys [69928 2014-05-21] (F-Secure Corporation) R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2013-08-27] () R0 fsbts; C:\Windows\SysWOW64\Drivers\fsbts.sys [42248 2013-02-28] () R3 fsni; C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\fsni64.sys [82984 2013-11-08] (F-Secure Corporation) R1 fsvista; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [13248 2013-06-24] () R1 GSVDRIVE; C:\Windows\System32\DRIVERS\GSVDRIVE.sys [30816 2012-07-04] (GiliSoft International LLC.) R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.) R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( ) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-05-22 05:59 - 2014-05-22 05:59 - 00602112 _____ (OldTimer Tools) C:\Users\ASUS\Downloads\OTL.com 2014-05-22 05:58 - 2014-05-22 05:59 - 02067456 _____ (Farbar) C:\Users\ASUS\Downloads\FRST64 (1).exe 2014-05-22 05:58 - 2014-05-22 05:58 - 00380416 _____ () C:\Users\ASUS\Downloads\d1pkknqv.exe 2014-05-21 09:48 - 2014-05-22 05:49 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-05-21 09:48 - 2014-05-21 09:49 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-05-21 09:48 - 2014-05-21 09:49 - 00003868 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-05-21 09:48 - 2014-05-21 09:48 - 00000000 ____D () C:\ProgramData\McAfee 2014-05-19 22:58 - 2014-05-21 22:16 - 00003108 _____ () C:\Windows\System32\Tasks\RegClean Pro 2014-05-16 03:33 - 2014-05-06 05:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-16 03:33 - 2014-05-06 05:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-16 03:33 - 2014-05-06 04:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-05-16 03:33 - 2014-05-06 04:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-05-16 03:33 - 2014-05-06 04:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-05-16 03:33 - 2014-05-06 03:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-05-15 16:05 - 2014-03-25 03:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-05-15 16:05 - 2014-03-25 03:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2014-05-15 16:04 - 2014-05-09 07:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-05-15 16:04 - 2014-05-09 07:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-05-15 16:03 - 2014-04-12 03:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2014-05-15 16:03 - 2014-04-12 03:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2014-05-15 16:03 - 2014-04-12 03:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-05-15 16:03 - 2014-04-12 03:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2014-05-15 16:03 - 2014-04-12 03:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2014-05-15 16:03 - 2014-04-12 03:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2014-05-15 16:03 - 2014-04-12 03:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2014-05-15 16:03 - 2014-04-12 03:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-05-15 16:03 - 2014-04-12 03:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-05-15 16:03 - 2014-03-04 10:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2014-05-15 16:03 - 2014-03-04 10:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-05-15 16:03 - 2014-03-04 10:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll 2014-05-15 16:03 - 2014-03-04 10:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2014-05-15 16:03 - 2014-03-04 10:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-05-15 16:03 - 2014-03-04 10:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-05-15 16:03 - 2014-03-04 10:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-05-15 16:03 - 2014-03-04 10:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-05-15 16:03 - 2014-03-04 10:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll 2014-05-15 16:03 - 2014-03-04 10:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2014-05-15 16:03 - 2014-03-04 10:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll 2014-05-15 16:03 - 2014-03-04 10:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll 2014-05-15 16:03 - 2014-03-04 10:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll 2014-05-15 16:03 - 2014-03-04 10:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll 2014-05-15 16:03 - 2014-03-04 10:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll 2014-05-15 16:03 - 2014-03-04 10:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-05-15 16:03 - 2014-03-04 10:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2014-05-15 16:03 - 2014-03-04 10:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2014-05-15 16:03 - 2014-03-04 10:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-05-15 16:03 - 2014-03-04 10:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll 2014-05-15 16:03 - 2014-03-04 10:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-05-15 16:03 - 2014-03-04 10:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-05-15 16:03 - 2014-03-04 10:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-05-15 16:03 - 2014-03-04 10:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-05-15 16:03 - 2014-03-04 10:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll 2014-05-15 16:03 - 2014-03-04 10:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll 2014-05-15 16:03 - 2014-03-04 10:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll 2014-05-15 16:03 - 2014-03-04 10:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll 2014-05-15 16:03 - 2014-03-04 10:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll 2014-05-15 16:03 - 2014-03-04 10:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll 2014-05-15 16:03 - 2014-03-04 10:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-05-15 16:03 - 2014-03-04 10:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2014-05-10 10:00 - 2014-05-10 10:00 - 00000793 _____ () C:\Users\ASUS\Downloads\Erekta24-sexshopOpoleulTargowa7.kml 2014-05-07 06:46 - 2014-05-16 17:14 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-04-27 08:17 - 2014-04-27 08:17 - 00864792 _____ () C:\Windows\Minidump\042714-21231-01.dmp 2014-04-26 14:43 - 2014-04-26 14:43 - 00059116 _____ () C:\Users\ASUS\Downloads\Extras.Txt 2014-04-26 13:42 - 2014-04-26 13:42 - 00864288 _____ () C:\Windows\Minidump\042614-18283-01.dmp 2014-04-26 12:03 - 2014-04-26 14:41 - 00068848 _____ () C:\Users\ASUS\Downloads\OTL.Txt 2014-04-26 11:57 - 2014-04-26 11:57 - 00368705 _____ () C:\Users\ASUS\Downloads\gm.zip 2014-04-26 11:52 - 2014-04-26 11:52 - 00602112 _____ (OldTimer Tools) C:\Users\ASUS\Downloads\OTL.scr 2014-04-26 11:46 - 2014-04-26 14:50 - 00000000 ____D () C:\Users\ASUS\Desktop\LOGI SCANU 2014-04-26 11:45 - 2014-04-26 11:50 - 00051442 _____ () C:\Users\ASUS\Downloads\Shortcut.txt 2014-04-26 11:44 - 2014-04-26 11:50 - 00026604 _____ () C:\Users\ASUS\Downloads\Addition.txt 2014-04-26 11:43 - 2014-05-22 06:01 - 00021346 _____ () C:\Users\ASUS\Downloads\FRST.txt 2014-04-26 11:43 - 2014-05-22 06:01 - 00000000 ____D () C:\FRST 2014-04-26 11:42 - 2014-04-26 11:42 - 02061824 _____ (Farbar) C:\Users\ASUS\Downloads\FRST64.exe ==================== One Month Modified Files and Folders ======= 2014-05-22 06:01 - 2014-04-26 11:43 - 00021346 _____ () C:\Users\ASUS\Downloads\FRST.txt 2014-05-22 06:01 - 2014-04-26 11:43 - 00000000 ____D () C:\FRST 2014-05-22 05:59 - 2014-05-22 05:59 - 00602112 _____ (OldTimer Tools) C:\Users\ASUS\Downloads\OTL.com 2014-05-22 05:59 - 2014-05-22 05:58 - 02067456 _____ (Farbar) C:\Users\ASUS\Downloads\FRST64 (1).exe 2014-05-22 05:59 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup 2014-05-22 05:58 - 2014-05-22 05:58 - 00380416 _____ () C:\Users\ASUS\Downloads\d1pkknqv.exe 2014-05-22 05:51 - 2012-04-02 19:40 - 00001074 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3126675762-3080963311-2867738150-1000UA.job 2014-05-22 05:49 - 2014-05-21 09:48 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-05-22 05:47 - 2011-11-06 17:06 - 00003982 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{F1EF7DFB-411B-4084-A0EB-7740AFF3F74C} 2014-05-22 05:47 - 2011-11-05 17:21 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\Skype 2014-05-22 05:47 - 2011-11-05 12:29 - 00001054 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3126675762-3080963311-2867738150-1000UA.job 2014-05-22 05:46 - 2011-11-05 18:27 - 01109449 _____ () C:\Windows\WindowsUpdate.log 2014-05-21 23:51 - 2012-04-02 19:40 - 00001052 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3126675762-3080963311-2867738150-1000Core.job 2014-05-21 23:00 - 2013-06-04 16:06 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office 2014-05-21 23:00 - 2011-11-05 17:12 - 00000000 ____D () C:\Users\ASUS\AppData\Local\CrashDumps 2014-05-21 22:16 - 2014-05-19 22:58 - 00003108 _____ () C:\Windows\System32\Tasks\RegClean Pro 2014-05-21 22:16 - 2011-11-05 12:29 - 00001002 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3126675762-3080963311-2867738150-1000Core.job 2014-05-21 15:53 - 2013-01-30 11:32 - 00001368 _____ () C:\Users\ASUS\Desktop\Wyczyść rejestr za darmo!.lnk 2014-05-21 15:53 - 2013-01-23 11:32 - 00000282 _____ () C:\Windows\Tasks\RegClean Pro_UPDATES.job 2014-05-21 15:53 - 2013-01-23 11:32 - 00000274 _____ () C:\Windows\Tasks\RegClean Pro_DEFAULT.job 2014-05-21 09:49 - 2014-05-21 09:48 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-05-21 09:49 - 2014-05-21 09:48 - 00003868 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-05-21 09:49 - 2011-11-05 12:49 - 00000000 ____D () C:\Users\ASUS\AppData\Local\Adobe 2014-05-21 09:49 - 2011-11-05 12:28 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-05-21 09:48 - 2014-05-21 09:48 - 00000000 ____D () C:\ProgramData\McAfee 2014-05-17 14:31 - 2009-07-14 05:45 - 00014816 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-05-17 14:31 - 2009-07-14 05:45 - 00014816 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-05-16 20:24 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache 2014-05-16 17:25 - 2011-11-05 12:46 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk 2014-05-16 17:21 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-05-16 17:20 - 2012-08-26 10:27 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\GG 2014-05-16 17:17 - 2011-11-05 11:31 - 00000000 ___RD () C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-05-16 17:17 - 2011-11-05 11:31 - 00000000 ___RD () C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-05-16 17:16 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-05-16 17:15 - 2012-08-23 11:47 - 00017455 _____ () C:\Windows\setupact.log 2014-05-16 17:14 - 2014-05-07 06:46 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-05-16 03:33 - 2012-04-11 16:23 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-05-16 03:32 - 2013-07-18 08:31 - 00000000 ____D () C:\Windows\system32\MRT 2014-05-16 03:28 - 2011-11-05 17:17 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-05-15 21:33 - 2011-11-05 12:31 - 00002374 _____ () C:\Users\ASUS\Desktop\Google Chrome.lnk 2014-05-10 15:28 - 2009-07-14 18:55 - 00773872 _____ () C:\Windows\system32\perfh015.dat 2014-05-10 15:28 - 2009-07-14 18:55 - 00168752 _____ () C:\Windows\system32\perfc015.dat 2014-05-10 15:28 - 2009-07-14 06:13 - 01747250 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-05-10 15:23 - 2012-08-23 11:47 - 00149790 _____ () C:\Windows\PFRO.log 2014-05-10 14:23 - 2012-07-08 16:07 - 00000000 ____D () C:\Program Files (x86)\Vid-Saver 2014-05-10 10:00 - 2014-05-10 10:00 - 00000793 _____ () C:\Users\ASUS\Downloads\Erekta24-sexshopOpoleulTargowa7.kml 2014-05-09 07:14 - 2014-05-15 16:04 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-05-09 07:11 - 2014-05-15 16:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-05-08 21:23 - 2011-11-05 12:29 - 00004022 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3126675762-3080963311-2867738150-1000UA 2014-05-08 21:23 - 2011-11-05 12:29 - 00003626 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3126675762-3080963311-2867738150-1000Core 2014-05-06 05:40 - 2014-05-16 03:33 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-06 05:17 - 2014-05-16 03:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-06 04:25 - 2014-05-16 03:33 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-05-06 04:07 - 2014-05-16 03:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-05-06 04:00 - 2014-05-16 03:33 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-05-06 03:10 - 2014-05-16 03:33 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-04-28 19:44 - 2011-11-05 18:16 - 00000000 ____D () C:\Users\ASUS\AppData\Local\Microsoft Games 2014-04-27 08:17 - 2014-04-27 08:17 - 00864792 _____ () C:\Windows\Minidump\042714-21231-01.dmp 2014-04-27 08:17 - 2013-10-30 16:41 - 00000000 ____D () C:\Windows\Minidump 2014-04-27 08:16 - 2013-10-30 16:41 - 816812078 _____ () C:\Windows\MEMORY.DMP 2014-04-26 14:50 - 2014-04-26 11:46 - 00000000 ____D () C:\Users\ASUS\Desktop\LOGI SCANU 2014-04-26 14:43 - 2014-04-26 14:43 - 00059116 _____ () C:\Users\ASUS\Downloads\Extras.Txt 2014-04-26 14:41 - 2014-04-26 12:03 - 00068848 _____ () C:\Users\ASUS\Downloads\OTL.Txt 2014-04-26 13:42 - 2014-04-26 13:42 - 00864288 _____ () C:\Windows\Minidump\042614-18283-01.dmp 2014-04-26 11:57 - 2014-04-26 11:57 - 00368705 _____ () C:\Users\ASUS\Downloads\gm.zip 2014-04-26 11:52 - 2014-04-26 11:52 - 00602112 _____ (OldTimer Tools) C:\Users\ASUS\Downloads\OTL.scr 2014-04-26 11:50 - 2014-04-26 11:45 - 00051442 _____ () C:\Users\ASUS\Downloads\Shortcut.txt 2014-04-26 11:50 - 2014-04-26 11:44 - 00026604 _____ () C:\Users\ASUS\Downloads\Addition.txt 2014-04-26 11:42 - 2014-04-26 11:42 - 02061824 _____ (Farbar) C:\Users\ASUS\Downloads\FRST64.exe 2014-04-25 22:36 - 2012-07-01 17:22 - 00000000 ____D () C:\Users\ASUS\.3gpplayer 2014-04-25 22:11 - 2012-07-02 20:38 - 00000000 ____D () C:\Users\ASUS\Documents\SCANIA Truck Driving Simulator Some content of TEMP: ==================== C:\Users\ASUS\AppData\Local\Temp\gg10.upgr.exe C:\Users\ASUS\AppData\Local\Temp\ggdrive-menu.exe C:\Users\ASUS\AppData\Local\Temp\ggdrive-overlay.exe C:\Users\ASUS\AppData\Local\Temp\installstats.exe C:\Users\ASUS\AppData\Local\Temp\ose00000.exe C:\Users\ASUS\AppData\Local\Temp\SkypeSetup.exe C:\Users\ASUS\AppData\Local\Temp\_is6DD1.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-05-19 07:18 ==================== End Of Log ============================