Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-11-2014 01 Ran by Miski (administrator) on MISKI-KOMPUTER on 28-11-2014 05:26:41 Running from D:\Users\Miski\Downloads Loaded Profile: Miski (Available profiles: Miski) Platform: Windows 7 Ultimate (X64) OS Language: Polski (Polska) Internet Explorer Version 8 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) D:\Windows\System32\wlanext.exe (ASUSTeK Computer Inc.) D:\Windows\System32\FBAgent.exe (ASUSTek Computer Inc.) D:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS) D:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (AVAST Software) D:\Program Files\AVAST Software\Avast\AvastSvc.exe (ASUSTek Computer Inc.) D:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (Synaptics Incorporated) D:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Alcor Micro Corp.) D:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Realtek Semiconductor) D:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (ASUS) D:\Windows\AsScrPro.exe (Intel Corporation) D:\Windows\System32\igfxtray.exe (Intel Corporation) D:\Windows\System32\hkcmd.exe (Intel Corporation) D:\Windows\System32\igfxpers.exe (Realtek Semiconductor) D:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (ASUS) D:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe (CrypKey (Canada) Ltd.) D:\Windows\System32\Crypserv.exe (Malwarebytes Corporation) D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Acresso) D:\Program Files (x86)\Vivid WorkshopData ATI\WorkshopDBServer.exe (Malwarebytes Corporation) D:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (ASUS) D:\Program Files\ASUS\P4G\BatteryLife.exe (ASUS) D:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUSTeK) D:\Windows\SysWOW64\ACEngSvr.exe (Sun Microsystems, Inc.) D:\Program Files (x86)\Vivid WorkshopData ATI\jre\bin\java.exe (Synaptics Incorporated) D:\Program Files\Synaptics\SynTP\SynTPHelper.exe (ASUSTek Computer Inc.) D:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS) D:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe (ASUS) D:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUSTek Computer Inc.) D:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUS) D:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (Microsoft Corporation) D:\Windows\System32\taskmgr.exe (ASUSTek Computer Inc.) D:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS) D:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (AVAST Software) D:\Program Files\AVAST Software\Avast\AvastUI.exe (Intel Corporation) D:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) D:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe () D:\Program Files (x86)\Plus Internet\Plus Internet.exe (Mozilla Corporation) D:\Program Files (x86)\Mozilla Firefox\firefox.exe (Farbar) D:\Users\Miski\Downloads\FRST64(1).exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SynTPEnh] => D:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2785064 2011-05-05] (Synaptics Incorporated) HKLM\...\Run: [AmIcoSinglun64] => D:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2011-03-21] (Alcor Micro Corp.) HKLM\...\Run: [SynAsusAcpi] => D:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [97064 2011-05-05] (Synaptics Incorporated) HKLM\...\Run: [RtHDVBg] => D:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277480 2011-08-16] (Realtek Semiconductor) HKLM-x32\...\Run: [ATKOSD2] => D:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [328064 2012-09-14] (ASUSTek Computer Inc.) HKLM-x32\...\Run: [ATKMEDIA] => D:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [178848 2012-07-17] (ASUSTek Computer Inc.) HKLM-x32\...\Run: [HControlUser] => D:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS) HKLM-x32\...\Run: [AvastUI.exe] => D:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-11-26] (AVAST Software) Winlogon\Notify\igfxcui: D:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-1031250892-1764762001-3562258087-1000\...\MountPoints2: H - H:\AutoRun.exe /s HKU\S-1-5-21-1031250892-1764762001-3562258087-1000\...\MountPoints2: I - I:\AutoRun.exe HKU\S-1-5-21-1031250892-1764762001-3562258087-1000\...\MountPoints2: J - J:\DTLplus_Launcher.exe HKU\S-1-5-21-1031250892-1764762001-3562258087-1000\...\MountPoints2: {11df410f-8d87-11e3-b3f5-806e6f6e6963} - H:\AutoRun.exe HKU\S-1-5-21-1031250892-1764762001-3562258087-1000\...\MountPoints2: {1a6f2a9b-8d6c-11e3-b999-9346a180706c} - H:\AutoRun.exe HKU\S-1-5-21-1031250892-1764762001-3562258087-1000\...\MountPoints2: {355a64a2-0802-11e3-bbb3-af0f3218e90a} - H:\AutoRun.exe HKU\S-1-5-21-1031250892-1764762001-3562258087-1000\...\MountPoints2: {4ad68b58-0810-11e3-ba26-c3b775be6c0b} - H:\AutoRun.exe HKU\S-1-5-21-1031250892-1764762001-3562258087-1000\...\MountPoints2: {56edb09b-1a48-11e3-bf57-8f87ef533714} - H:\AutoRun.exe /s HKU\S-1-5-21-1031250892-1764762001-3562258087-1000\...\MountPoints2: {888e4a2a-8d85-11e3-8948-c597478ee114} - H:\AutoRun.exe HKU\S-1-5-21-1031250892-1764762001-3562258087-1000\...\MountPoints2: {8b3ae7c0-2363-11e2-b5dc-aab8166d1e0b} - H:\AutoRun.exe HKU\S-1-5-21-1031250892-1764762001-3562258087-1000\...\MountPoints2: {93b5fa2f-52e5-11e3-899c-806e6f6e6963} - I:\AutoRun.exe HKU\S-1-5-21-1031250892-1764762001-3562258087-1000\...\MountPoints2: {93b5fa8f-52e5-11e3-899c-a2a197f68d14} - H:\AutoRun.exe HKU\S-1-5-21-1031250892-1764762001-3562258087-1000\...\MountPoints2: {984a13dc-7bb4-11e3-a30d-eea16c83246e} - H:\AutoRun.exe HKU\S-1-5-21-1031250892-1764762001-3562258087-1000\...\MountPoints2: {a62feea6-5f10-11e1-9796-5404a6366e63} - H:\AutoRun.exe HKU\S-1-5-21-1031250892-1764762001-3562258087-1000\...\MountPoints2: {a62feeb4-5f10-11e1-9796-5404a6366e63} - H:\AutoRun.exe HKU\S-1-5-21-1031250892-1764762001-3562258087-1000\...\MountPoints2: {a6b0505e-2373-11e2-8d24-9590837e370b} - H:\AutoRun.exe HKU\S-1-5-21-1031250892-1764762001-3562258087-1000\...\MountPoints2: {af1bdc6f-8e85-11e3-82d3-8c4be7213914} - H:\AutoRun.exe /s HKU\S-1-5-21-1031250892-1764762001-3562258087-1000\...\MountPoints2: {b0970505-15e7-11e2-8313-ef9db8d7ed0b} - H:\AutoRun.exe HKU\S-1-5-21-1031250892-1764762001-3562258087-1000\...\MountPoints2: {b1636c60-5a26-11e1-b6f8-5404a6366e63} - G:\autorun.exe HKU\S-1-5-21-1031250892-1764762001-3562258087-1000\...\MountPoints2: {b7062ea7-22c7-11e2-8621-ed0e9937f338} - H:\AutoRun.exe /s HKU\S-1-5-21-1031250892-1764762001-3562258087-1000\...\MountPoints2: {bfe24472-2501-11e2-9894-cf3cbd5c120a} - I:\AutoRun.exe /s HKU\S-1-5-21-1031250892-1764762001-3562258087-1000\...\MountPoints2: {cf1fb04a-0802-11e3-9261-e08591a9640b} - H:\AutoRun.exe HKU\S-1-5-21-1031250892-1764762001-3562258087-1000\...\MountPoints2: {d0ea8a83-7bba-11e3-a2b2-dc314be1998c} - H:\AutoRun.exe /s HKU\S-1-5-21-1031250892-1764762001-3562258087-1000\...\MountPoints2: {fa89d7b1-542a-11e3-8a7e-c373e0eeb215} - H:\AutoRun.exe /s ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => D:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-1031250892-1764762001-3562258087-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ StartMenuInternet: IEXPLORE.EXE - D:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM-x32 -> DefaultScope value is missing. BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO-x32: No Name -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> No File BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> D:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: IplexToALLPlayer -> {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} -> D:\Program Files (x86)\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.) Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File Tcpip\Parameters: [DhcpNameServer] 212.2.96.53 212.2.96.54 FireFox: ======== FF ProfilePath: D:\Users\Miski\AppData\Roaming\Mozilla\Firefox\Profiles\qqojthu1.default FF Homepage: hxxp://www.google.pl/ FF Plugin: @adobe.com/FlashPlayer -> D:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll () FF Plugin-x32: @adobe.com/FlashPlayer -> D:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll () FF Plugin-x32: @real.com/nppl3260;version=15.0.2.72 -> D:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprjplug;version=15.0.2.72 -> D:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.2.72 -> D:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.2.72 -> D:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpjplug;version=15.0.2.72 -> D:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF Plugin-x32: Adobe Reader -> D:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Extension: DownloadHelper - D:\Users\Miski\AppData\Roaming\Mozilla\Firefox\Profiles\qqojthu1.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-07] FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - D:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF Extension: RealPlayer Browser Record Plugin - D:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-02-18] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - D:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - D:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-25] FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - D:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - D:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-26] CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - D:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-02-18] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 ASUS InstantOn; D:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [92800 2011-11-30] (ASUS) R2 avast! Antivirus; D:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-26] (AVAST Software) R2 Crypkey License; D:\Windows\system32\crypserv.exe [122880 2008-05-08] (CrypKey (Canada) Ltd.) [File not signed] S3 IDriverT; D:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed] R2 MBAMScheduler; D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation) R2 MBAMService; D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation) R2 WorkshopDBService; D:\Program Files (x86)\Vivid WorkshopData ATI\WorkshopDBServer.exe [114688 2011-02-22] (Acresso) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; D:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-26] () R2 aswMonFlt; D:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-26] (AVAST Software) R1 aswRdr; D:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-26] (AVAST Software) R0 aswRvrt; D:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-26] () R1 aswSnx; D:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-26] (AVAST Software) R1 aswSP; D:\Windows\system32\drivers\aswSP.sys [436624 2014-11-26] (AVAST Software) R2 aswStm; D:\Windows\system32\drivers\aswStm.sys [116728 2014-11-26] (AVAST Software) R0 aswVmm; D:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-26] () R1 dtsoftbus01; D:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-02-18] (DT Soft Ltd) S3 ewusbnet; D:\Windows\System32\DRIVERS\ewusbnet.sys [133632 2010-01-04] (Huawei Technologies Co., Ltd.) [File not signed] S3 hwdatacard; D:\Windows\System32\DRIVERS\ewusbmdm.sys [117120 2010-01-04] (Huawei Technologies Co., Ltd.) [File not signed] S3 hwusbdev; D:\Windows\System32\DRIVERS\ewusbdev.sys [114304 2010-01-04] (Huawei Technologies Co., Ltd.) [File not signed] R3 kbfiltr; D:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( ) S3 massfilter_lte; D:\Windows\system32\drivers\massfilter_lte.sys [18456 2012-03-13] (HandSet Incorporated) R3 MBAMProtector; D:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation) R3 MBAMSwissArmy; D:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-28] (Malwarebytes Corporation) R3 MBAMWebAccessControl; D:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation) R1 NetworkX; D:\Windows\system32\ckldrv.sys [28664 2008-03-17] () R2 Sentinel64; D:\Windows\System32\Drivers\Sentinel64.sys [145448 2008-07-11] (SafeNet, Inc.) R3 zgdcat; D:\Windows\System32\DRIVERS\zgdcat.sys [130200 2012-03-13] (ZTE Incorporated) R3 zgdcdiag; D:\Windows\System32\DRIVERS\zgdcdiag.sys [130200 2012-03-13] (ZTE Incorporated) R3 zgdcmdm; D:\Windows\System32\DRIVERS\zgdcmdm.sys [130200 2012-03-13] (ZTE Incorporated) R3 zgdcnet; D:\Windows\System32\DRIVERS\zgdcnet.sys [169496 2012-03-13] (ZTE Incorporated) R3 zgdcnmea; D:\Windows\System32\DRIVERS\zgdcnmea.sys [130200 2012-03-13] (ZTE Incorporated) S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X] S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-28 05:26 - 2014-11-28 05:27 - 00015382 _____ () D:\Users\Miski\Downloads\FRST.txt 2014-11-28 05:24 - 2014-11-28 05:26 - 00000000 ____D () D:\FRST 2014-11-28 05:22 - 2014-11-28 05:22 - 02117632 _____ (Farbar) D:\Users\Miski\Downloads\FRST64(1).exe 2014-11-28 05:22 - 2014-11-28 05:22 - 00368705 _____ () D:\Users\Miski\Downloads\gm(1).zip 2014-11-27 19:39 - 2014-11-28 05:10 - 00000248 _____ () D:\Windows\error.log 2014-11-27 19:38 - 2014-11-28 05:09 - 00000112 _____ () D:\Windows\setupact.log 2014-11-27 19:38 - 2014-11-28 05:09 - 00000056 _____ () D:\Windows\errord.log 2014-11-27 19:38 - 2014-11-27 19:38 - 00000000 _____ () D:\Windows\setuperr.log 2014-11-27 19:37 - 2014-11-27 19:37 - 00001642 _____ () D:\Users\Miski\Documents\cc_20141127_193700.reg 2014-11-27 19:19 - 2014-11-27 19:19 - 00001003 _____ () D:\Users\Miski\Desktop\Bilet Na Księżyc 480p ac3 pl 2013 — skrót.lnk 2014-11-27 19:19 - 2014-11-27 19:19 - 00000729 _____ () D:\Users\Miski\Desktop\SPAKOWANE PROGRAMY — skrót.lnk 2014-11-27 19:19 - 2014-11-27 19:19 - 00000701 _____ () D:\Users\Miski\Desktop\RÓŻNE MARCINKA — skrót.lnk 2014-11-27 19:19 - 2014-11-27 19:19 - 00000680 _____ () D:\Users\Miski\Desktop\części 2014 — skrót.lnk 2014-11-27 19:19 - 2014-11-27 19:19 - 00000673 _____ () D:\Users\Miski\Desktop\szczpeński — skrót.lnk 2014-11-27 19:19 - 2014-11-27 19:19 - 00000659 _____ () D:\Users\Miski\Desktop\SPRZEDAŻ — skrót.lnk 2014-11-27 19:19 - 2014-11-27 19:19 - 00000659 _____ () D:\Users\Miski\Desktop\piosenki — skrót.lnk 2014-11-27 19:19 - 2014-11-27 19:19 - 00000659 _____ () D:\Users\Miski\Desktop\JUSTYNKA — skrót.lnk 2014-11-27 19:19 - 2014-11-27 19:19 - 00000652 _____ () D:\Users\Miski\Desktop\ZDJĘCIA — skrót.lnk 2014-11-27 19:19 - 2014-11-27 19:19 - 00000650 _____ () D:\Users\Miski\Desktop\KLASYKI — skrót.lnk 2014-11-27 19:19 - 2014-11-27 19:19 - 00000634 _____ () D:\Users\Miski\Desktop\zloty — skrót.lnk 2014-11-27 19:19 - 2014-11-27 19:19 - 00000634 _____ () D:\Users\Miski\Desktop\FILMY — skrót.lnk 2014-11-27 19:19 - 2014-11-27 19:19 - 00000634 _____ () D:\Users\Miski\Desktop\bajki — skrót.lnk 2014-11-27 18:04 - 2014-11-27 18:04 - 02117632 _____ (Farbar) D:\Users\Miski\Downloads\FRST64.exe 2014-11-27 18:04 - 2014-11-27 18:04 - 00368705 _____ () D:\Users\Miski\Downloads\gm.zip 2014-11-26 21:11 - 2014-11-26 21:11 - 00002820 _____ () D:\Users\Miski\Documents\cc_20141126_211109.reg 2014-11-26 20:56 - 2014-11-26 20:56 - 00000682 _____ () D:\Users\Miski\Desktop\CCleaner.lnk 2014-11-26 20:53 - 2014-11-26 20:53 - 00000000 ____D () D:\Users\Miski\Downloads\CCleaner.Professional.Busines.Technician.Edition.4.17.4808 2014-11-26 20:51 - 2014-11-26 20:52 - 07406544 _____ () D:\Users\Miski\Downloads\CCleaner.Professional.Busines.Technician.Edition.4.17.4808.rar 2014-11-26 20:21 - 2014-11-26 20:21 - 02148864 _____ () D:\Users\Miski\Downloads\adwcleaner_4.102.exe 2014-11-26 17:30 - 2014-11-26 17:30 - 00001924 _____ () D:\Users\Public\Desktop\Avast Free Antivirus.lnk 2014-11-26 17:29 - 2014-11-26 17:29 - 00364512 _____ (AVAST Software) D:\Windows\system32\aswBoot.exe 2014-11-26 17:29 - 2014-11-26 17:29 - 00043152 _____ (AVAST Software) D:\Windows\avastSS.scr 2014-11-26 17:19 - 2014-11-28 05:21 - 00129752 _____ (Malwarebytes Corporation) D:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-11-26 17:18 - 2014-11-26 17:18 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-11-26 17:18 - 2014-11-26 17:18 - 00000000 ____D () D:\Program Files (x86)\Malwarebytes Anti-Malware 2014-11-26 17:18 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) D:\Windows\system32\Drivers\mbamchameleon.sys 2014-11-26 17:18 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) D:\Windows\system32\Drivers\mwac.sys 2014-11-26 17:08 - 2014-11-26 17:08 - 00000000 ____D () D:\Program Files (x86)\Mozilla Firefox ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-28 05:18 - 2009-07-14 05:45 - 00010016 ____H () D:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-11-28 05:18 - 2009-07-14 05:45 - 00010016 ____H () D:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-11-28 05:15 - 2012-02-18 09:31 - 01685025 _____ () D:\Windows\WindowsUpdate.log 2014-11-28 05:10 - 2011-02-22 07:38 - 00000000 ____D () D:\ProgramData\organiser 2014-11-28 05:09 - 2009-07-14 06:08 - 00000006 ____H () D:\Windows\Tasks\SA.DAT 2014-11-27 20:04 - 2013-08-07 17:12 - 00000930 _____ () D:\Windows\Tasks\Adobe Flash Player Updater.job 2014-11-27 19:42 - 2014-02-25 14:28 - 00004182 _____ () D:\Windows\System32\Tasks\avast! Emergency Update 2014-11-26 21:32 - 2012-02-18 11:35 - 00007602 _____ () D:\Users\Miski\AppData\Local\Resmon.ResmonCfg 2014-11-26 21:01 - 2013-07-04 12:16 - 00000000 ____D () D:\Windows\Minidump 2014-11-26 20:33 - 2014-02-25 13:56 - 00000000 ____D () D:\AdwCleaner 2014-11-26 20:24 - 2013-08-07 17:12 - 00701104 _____ (Adobe Systems Incorporated) D:\Windows\SysWOW64\FlashPlayerApp.exe 2014-11-26 20:24 - 2013-08-07 17:12 - 00003868 _____ () D:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-11-26 20:24 - 2012-02-18 10:57 - 00000000 ____D () D:\Users\Miski\AppData\Local\Adobe 2014-11-26 20:24 - 2012-02-18 10:55 - 00071344 _____ (Adobe Systems Incorporated) D:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-11-26 17:32 - 2013-02-12 06:57 - 00000000 ____D () D:\Program Files (x86)\Mozilla Maintenance Service 2014-11-26 17:30 - 2014-02-25 14:28 - 01050432 _____ (AVAST Software) D:\Windows\system32\Drivers\aswsnx.sys 2014-11-26 17:29 - 2014-08-15 11:06 - 00029208 _____ () D:\Windows\system32\Drivers\aswHwid.sys 2014-11-26 17:29 - 2014-02-25 14:28 - 00436624 _____ (AVAST Software) D:\Windows\system32\Drivers\aswsp.sys 2014-11-26 17:29 - 2014-02-25 14:28 - 00267632 _____ () D:\Windows\system32\Drivers\aswVmm.sys 2014-11-26 17:29 - 2014-02-25 14:28 - 00116728 _____ (AVAST Software) D:\Windows\system32\Drivers\aswStm.sys 2014-11-26 17:29 - 2014-02-25 14:28 - 00093568 _____ (AVAST Software) D:\Windows\system32\Drivers\aswRdr2.sys 2014-11-26 17:29 - 2014-02-25 14:28 - 00083280 _____ (AVAST Software) D:\Windows\system32\Drivers\aswMonFlt.sys 2014-11-26 17:29 - 2014-02-25 14:28 - 00065776 _____ () D:\Windows\system32\Drivers\aswRvrt.sys 2014-11-26 17:18 - 2014-02-25 12:09 - 00000000 ____D () D:\Users\Miski\AppData\Roaming\Malwarebytes 2014-11-26 17:18 - 2014-02-25 12:08 - 00000000 ____D () D:\ProgramData\Malwarebytes 2014-11-26 17:18 - 2014-02-25 12:08 - 00000000 ____D () D:\Program Files (x86)\Malwarebytes' Anti-Malware 2014-11-21 20:05 - 2012-02-18 11:16 - 00045056 _____ () D:\Windows\SysWOW64\acovcnt.exe 2014-11-18 15:16 - 2009-07-14 18:55 - 00691176 _____ () D:\Windows\system32\perfh015.dat 2014-11-18 15:16 - 2009-07-14 18:55 - 00132638 _____ () D:\Windows\system32\perfc015.dat 2014-11-18 15:16 - 2009-07-14 06:13 - 01532096 _____ () D:\Windows\system32\PerfStringBackup.INI 2014-11-09 09:18 - 2009-07-14 06:08 - 00032604 _____ () D:\Windows\Tasks\SCHEDLGU.TXT Some content of TEMP: ==================== D:\Users\Miski\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) D:\Windows\System32\winlogon.exe => File is digitally signed D:\Windows\System32\wininit.exe => File is digitally signed D:\Windows\SysWOW64\wininit.exe => File is digitally signed D:\Windows\explorer.exe => File is digitally signed D:\Windows\SysWOW64\explorer.exe => File is digitally signed D:\Windows\System32\svchost.exe => File is digitally signed D:\Windows\SysWOW64\svchost.exe => File is digitally signed D:\Windows\System32\services.exe => File is digitally signed D:\Windows\System32\User32.dll => File is digitally signed D:\Windows\SysWOW64\User32.dll => File is digitally signed D:\Windows\System32\userinit.exe => File is digitally signed D:\Windows\SysWOW64\userinit.exe => File is digitally signed D:\Windows\System32\rpcss.dll => File is digitally signed D:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-05-29 19:29 ==================== End Of Log ============================