Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:02-08-2015 01 Ran by ASUS (administrator) on ASUS-PC (05-08-2015 22:02:07) Running from C:\Users\ASUS\Downloads Loaded Profiles: ASUS & UpdatusUser (Available Profiles: ASUS & UpdatusUser) Platform: Windows 8.1 (X64) Language: Polski (Polska) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (TeamSpeak Systems GmbH) C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe (Microsoft Corporation) C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation) HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-21-474268364-3768183571-3467664582-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd) HKU\S-1-5-21-474268364-3768183571-3467664582-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) HKU\S-1-5-21-474268364-3768183571-3467664582-1001\...\Run: [uTorrent] => C:\Users\ASUS\AppData\Roaming\uTorrent\uTorrent.exe [1994592 2015-07-03] (BitTorrent Inc.) HKU\S-1-5-21-474268364-3768183571-3467664582-1001\...\Run: [ALLUpdate] => C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe [2765256 2015-04-27] (ALLPlayer Group Ltd.) HKU\S-1-5-21-474268364-3768183571-3467664582-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd) AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-11-14] (NVIDIA Corporation) AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-11-14] (NVIDIA Corporation) BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-474268364-3768183571-3467664582-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl/0,0.html?p=175 HKU\S-1-5-21-474268364-3768183571-3467664582-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/pl-pl/?ocid=iehp URLSearchHook: [S-1-5-21-474268364-3768183571-3467664582-1004] ATTENTION ==> Default URLSearchHook is missing SearchScopes: HKLM -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = SearchScopes: HKLM-x32 -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms} SearchScopes: HKLM-x32 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-474268364-3768183571-3467664582-1001 -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-474268364-3768183571-3467664582-1001 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms} BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-07-05] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-07-05] (Oracle Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.3.1 Tcpip\..\Interfaces\{7128DFAB-F52F-4DD6-9AA7-D4CE7F63E1DA}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{E0542DD6-0FF5-41A5-AC46-2A2DEE918925}: [DhcpNameServer] 192.168.3.1 FireFox: ======== FF ProfilePath: C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\j74jbfaj.default FF NewTab: hxxp://www.google.com FF DefaultSearchEngine: Google FF SelectedSearchEngine: Google FF Homepage: hxxp://www.gazeta.pl/0,0.html?p=175 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] () FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google) FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-07-05] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-07-05] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.) FF SearchPlugin: C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\j74jbfaj.default\searchplugins\google-.xml [2015-08-01] FF Extension: Adblock Plus - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\j74jbfaj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-07-10] FF HKLM-x32\...\Firefox\Extensions: [arthurj8283@gmail.com] - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\j74jbfaj.default\extensions\arthurj8283@gmail.com ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation) S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd) R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3855872 2013-09-25] (Qualcomm Atheros Communications, Inc.) R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation) R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-07-04] (Disc Soft Ltd) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation) S3 GDPkIcpt; \??\C:\Windows\system32\drivers\PktIcpt.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-08-05 22:02 - 2015-08-05 22:02 - 00010225 _____ C:\Users\ASUS\Downloads\FRST.txt 2015-08-05 22:01 - 2015-08-05 22:02 - 00380416 _____ C:\Users\ASUS\Downloads\gqfm0vit.exe 2015-08-05 20:42 - 2015-08-05 22:02 - 00000000 ____D C:\FRST 2015-08-05 20:42 - 2015-08-05 20:42 - 02169856 _____ (Farbar) C:\Users\ASUS\Downloads\FRST64.exe 2015-08-05 20:29 - 2015-08-05 20:29 - 427727919 _____ C:\Windows\MEMORY.DMP 2015-08-05 20:29 - 2015-08-05 20:29 - 00291624 _____ C:\Windows\Minidump\080515-17015-01.dmp 2015-08-05 20:29 - 2015-08-05 20:29 - 00000000 ____D C:\Windows\Minidump 2015-08-05 20:28 - 2015-08-05 20:29 - 00000232 _____ C:\Windows\setupact.log 2015-08-05 20:28 - 2015-08-05 20:28 - 00000000 _____ C:\Windows\setuperr.log 2015-08-04 08:11 - 2015-08-04 08:11 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_GDKBFlt64_01007.Wdf 2015-08-04 08:10 - 2015-08-04 08:10 - 00000779 _____ C:\Users\ASUS\AppData\Roaming\gdscan.log 2015-08-04 08:07 - 2015-08-05 20:23 - 00000000 ____D C:\Program Files (x86)\G DATA 2015-08-04 08:00 - 2015-08-05 20:23 - 00000000 ____D C:\ProgramData\G Data 2015-08-04 07:45 - 2015-08-04 07:59 - 365807152 _____ (G Data Software AG) C:\Users\ASUS\Downloads\INT_R_FUL_2015_AV.exe 2015-08-01 20:06 - 2015-08-01 20:06 - 00000943 _____ C:\Users\ASUS\Desktop\WoW.lnk 2015-08-01 04:42 - 2015-08-01 04:42 - 00000000 ____D C:\Program Files\Common Files\AV 2015-08-01 04:42 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe 2015-08-01 04:39 - 2015-08-01 04:39 - 00002279 _____ C:\Users\UpdatusUser\Desktop\Counter-Strike Source.lnk 2015-08-01 04:34 - 2015-08-01 04:34 - 00000000 ____D C:\Users\ASUS\Documents\ProcAlyzer Dumps 2015-08-01 04:33 - 2015-08-01 04:33 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking 2015-08-01 04:32 - 2015-08-01 05:47 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2015-08-01 04:32 - 2015-08-01 04:42 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2015-08-01 04:32 - 2015-08-01 04:32 - 00001403 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk 2015-08-01 04:32 - 2015-08-01 04:32 - 00001391 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk 2015-08-01 04:32 - 2015-08-01 04:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 2015-08-01 04:32 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe 2015-08-01 04:31 - 2015-08-01 04:31 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\ASUS\Downloads\spybot-2.4.exe 2015-08-01 04:30 - 2015-08-01 04:30 - 00842424 _____ (Application ) C:\Users\ASUS\Downloads\Spybot-Search-Destroy-12546-dp.exe 2015-08-01 04:28 - 2015-08-01 04:39 - 00002279 _____ C:\Users\ASUS\Desktop\Counter-Strike Source.lnk 2015-08-01 04:26 - 2015-08-01 04:26 - 00002786 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC 2015-08-01 04:26 - 2015-08-01 04:26 - 00000834 _____ C:\Users\Public\Desktop\CCleaner.lnk 2015-08-01 04:26 - 2015-08-01 04:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2015-08-01 04:25 - 2015-08-01 04:26 - 00000000 ____D C:\Program Files\CCleaner 2015-08-01 04:25 - 2015-08-01 04:24 - 06609608 _____ (Piriform Ltd) C:\Users\ASUS\Downloads\ccsetup508.exe 2015-08-01 04:22 - 2015-08-01 04:23 - 00842424 _____ (Application ) C:\Users\ASUS\Downloads\CCleaner-13061-dp.exe 2015-08-01 04:17 - 2015-08-01 04:17 - 00000000 ____D C:\Program Files (x86)\Setti 2015-08-01 02:48 - 2015-08-01 03:35 - 1999348997 ____R C:\Users\ASUS\Downloads\Counter.Strike.Source.SteamPipe.[Setti].exe 2015-08-01 02:41 - 2013-04-24 09:25 - 00758592 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100.dll 2015-08-01 02:22 - 2015-08-01 02:23 - 00000355 _____ C:\Users\ASUS\Downloads\MasterServers(1).vdf 2015-08-01 02:21 - 2015-08-01 02:21 - 00000355 _____ C:\Users\ASUS\Downloads\MasterServers.vdf 2015-08-01 02:16 - 2015-08-01 02:16 - 00000000 ____D C:\Program Files (x86)\Counter-Strike Source 2015-08-01 01:43 - 2015-08-01 01:43 - 00018030 _____ C:\Users\ASUS\Downloads\WEHTeleportList(1).txt 2015-08-01 01:40 - 2015-08-01 01:41 - 00065356 _____ C:\Users\ASUS\Downloads\WEHTeleportList.txt 2015-07-30 14:01 - 2015-08-01 02:30 - 00002189 _____ C:\Users\Public\Desktop\Source Dedicated Server.lnk 2015-07-30 12:42 - 2015-07-30 12:43 - 27139003 _____ () C:\Users\ASUS\Downloads\CSS_FULL_Update_Patch_#1_(18.5_FINAL).exe 2015-07-30 12:42 - 2015-07-30 12:43 - 12570207 _____ () C:\Users\ASUS\Downloads\CSS_Patch_v18_30-10-2007-DZ.exe 2015-07-30 12:42 - 2015-07-30 12:42 - 09906342 _____ C:\Users\ASUS\Downloads\CSS_Patch_v17_04-04-2007-DZ.exe 2015-07-30 12:30 - 2015-07-30 12:36 - 240954926 _____ C:\Users\ASUS\Downloads\CSS_Patch_comprehensive_16_DZ.exe 2015-07-30 10:51 - 2015-07-30 11:36 - 138811093 _____ C:\Users\ASUS\Downloads\Setti.CSS.Patch.v8.exe 2015-07-30 09:32 - 2015-08-01 04:02 - 00000000 ____D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VALVe 2015-07-30 09:32 - 2015-07-30 09:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VALVe 2015-07-29 05:31 - 2015-07-30 07:08 - 00000000 ____D C:\Users\ASUS\Downloads\Counter-Strike Source FULL [October 15 2007] DiGiTALZonE 2015-07-28 21:01 - 2015-07-28 21:01 - 00000000 ____D C:\Users\ASUS\AppData\Local\Intel_Corporation 2015-07-27 13:28 - 2015-07-27 13:28 - 00000000 ___RD C:\Users\ASUS\Documents\Notes 2015-07-26 04:54 - 2015-07-26 04:55 - 00000000 ____D C:\ProgramData\SUPERSetup 2015-07-22 21:20 - 2015-08-05 22:02 - 00000000 ____D C:\Users\ASUS\AppData\Roaming\TS3Client 2015-07-22 21:17 - 2015-07-22 21:17 - 00001174 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk 2015-07-22 21:17 - 2015-07-22 21:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client 2015-07-22 21:17 - 2015-07-22 21:17 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client 2015-07-16 02:15 - 2015-07-16 21:42 - 00000000 ___HD C:\Users\ASUS\AppData\Local\Battle.net 2015-07-16 02:15 - 2015-07-16 02:15 - 00001156 _____ C:\Users\Public\Desktop\Battle.net.lnk 2015-07-16 02:15 - 2015-07-16 02:15 - 00000000 ___HD C:\Users\ASUS\AppData\Local\Blizzard Entertainment 2015-07-16 02:15 - 2015-07-16 02:15 - 00000000 ____D C:\Users\ASUS\AppData\Roaming\Battle.net 2015-07-16 02:14 - 2015-07-16 02:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net 2015-07-16 02:14 - 2015-07-16 02:15 - 00000000 ____D C:\ProgramData\Blizzard Entertainment 2015-07-16 02:14 - 2015-07-16 02:15 - 00000000 ____D C:\Program Files (x86)\Battle.net 2015-07-16 02:11 - 2015-07-16 02:11 - 00000000 ____D C:\ProgramData\Battle.net 2015-07-12 20:47 - 2015-08-05 21:11 - 00001072 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-07-12 20:47 - 2015-08-05 20:30 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-07-12 20:47 - 2015-07-16 22:06 - 00004044 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-07-12 20:47 - 2015-07-16 22:06 - 00003808 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-07-12 20:47 - 2015-07-12 20:48 - 00000000 ____D C:\Program Files (x86)\Google 2015-07-12 20:46 - 2015-07-12 20:46 - 00000000 ___HD C:\Users\ASUS\AppData\Local\Google 2015-07-10 11:38 - 2015-07-27 13:24 - 00071680 ___SH C:\Users\ASUS\Downloads\Thumbs.db 2015-07-10 10:10 - 2015-07-10 10:10 - 00000000 ___HD C:\Users\ASUS\AppData\Local\Disc_Soft_Ltd 2015-07-06 23:03 - 2015-07-07 18:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-07-06 17:56 - 2015-07-06 17:56 - 00000000 ____D C:\Program Files (x86)\Replay Games ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-08-05 21:43 - 2015-06-18 23:36 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-08-05 21:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru 2015-08-05 20:35 - 2015-06-05 11:13 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-474268364-3768183571-3467664582-1001 2015-08-05 20:29 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-08-05 20:23 - 2015-06-05 11:06 - 00000000 ___HD C:\Users\ASUS 2015-08-05 20:23 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\setup 2015-08-05 20:23 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\MUI 2015-08-05 20:23 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\Com 2015-08-05 20:23 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\SysWOW64\oobe 2015-08-04 19:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF 2015-08-04 08:35 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness 2015-08-04 08:11 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2015-08-01 04:35 - 2015-07-04 22:39 - 00000000 ____D C:\Users\ASUS\AppData\Roaming\DAEMON Tools Lite 2015-08-01 04:35 - 2015-07-03 14:43 - 00000000 ____D C:\Users\ASUS\AppData\Roaming\uTorrent 2015-08-01 02:00 - 2015-07-02 18:29 - 00000524 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 431628e2-d370-48ee-b8b0-f767a01209f6.job 2015-07-29 04:08 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp 2015-07-27 14:38 - 2015-06-25 17:56 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-474268364-3768183571-3467664582-1005 2015-07-26 04:55 - 2015-07-02 18:28 - 00000000 ____D C:\Program Files\SUPERAntiSpyware 2015-07-23 02:48 - 2015-06-05 11:07 - 00000000 ____D C:\Users\ASUS\AppData\Local\VirtualStore 2015-07-19 13:08 - 2015-06-18 13:13 - 00003976 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{45C1A241-17CE-4352-9D9E-74D7551845F0} 2015-07-15 19:43 - 2015-06-18 23:36 - 00003818 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-07-14 16:56 - 2015-06-16 15:34 - 00102912 ___SH C:\Users\ASUS\Desktop\Thumbs.db 2015-07-07 18:03 - 2015-06-18 15:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service ==================== Files in the root of some directories ======= 2015-08-04 08:10 - 2015-08-04 08:10 - 0000779 _____ () C:\Users\ASUS\AppData\Roaming\gdscan.log 2015-06-18 16:02 - 2015-06-18 16:02 - 0007600 ____H () C:\Users\ASUS\AppData\Local\Resmon.ResmonCfg 2015-06-05 11:18 - 2015-06-05 11:18 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Some files in TEMP: ==================== C:\Users\ASUS\AppData\Local\Temp\WdfCoInstaller01007.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-06-23 13:48 ==================== End of log ============================