Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-06-2015 01 Ran by user (administrator) on ORGES on 03-07-2015 14:20:32 Running from C:\Users\user\Saved Games\Desktop Loaded Profiles: user (Available Profiles: user) Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English (United States) Internet Explorer Version 11 (Default browser path: "C:\Program Files\Safari\Safari.exe" -url "%1") Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Google Inc.) C:\Program Files\Google\Update\1.3.27.5\GoogleCrashHandler.exe () C:\Program Files\Connectify\ConnectifyService.exe (Connectify) C:\Program Files\Connectify\Connectifyd.exe (Nalpeiron Ltd.) C:\Windows\System32\NLSSRV32.EXE (DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (StarWind Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Connectify) C:\Program Files\Connectify\Connectify.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Skillbrains) C:\Program Files\Skillbrains\lightshot\5.2.1.1\Lightshot.exe (TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (DT Soft Ltd) C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe (Microsoft Corporation) C:\Windows\System32\wuauclt.exe (Valve) C:\Games\Counter-Strike\hl.exe () C:\Program Files\Connectify\ConnectifyNetServices.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\WerFault.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12013272 2013-11-19] (Realtek Semiconductor) HKLM\...\Run: [Lightshot] => C:\Program Files\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] () HKLM\...\Run: [] => [X] HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated) HKLM\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation) HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [981688 2015-04-30] (Microsoft Corporation) HKLM\...\Policies\Explorer: [TaskbarNoNotification] 1 HKLM\...\Policies\Explorer: [HideSCAHealth] 1 HKU\S-1-5-21-623903606-2496640028-3754115147-1000\...\Run: [Connectify] => C:\Program Files\Connectify\Connectify.exe [4007936 2012-11-09] (Connectify) HKU\S-1-5-21-623903606-2496640028-3754115147-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6405912 2015-06-01] (Piriform Ltd) HKU\S-1-5-21-623903606-2496640028-3754115147-1000\...\MountPoints2: H - H:\LaunchU3.exe -a HKU\S-1-5-21-623903606-2496640028-3754115147-1000\...\MountPoints2: {25fbfb3d-faa7-11e3-879a-74de2b4f80fd} - H:\iLinker.exe HKU\S-1-5-21-623903606-2496640028-3754115147-1000\...\MountPoints2: {dc1ee10f-53ea-11e2-8474-dc0ea12e46a3} - F:\autorun.exe HKU\S-1-5-21-623903606-2496640028-3754115147-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [10240 2009-07-14] (Microsoft Corporation) IFEO\AcroRd32.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe" IFEO\adobe air application installer.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe" IFEO\hd-apkhandler.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe" IFEO\hd-runapp.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe" IFEO\hd-startlauncher.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe" IFEO\okayfreedomclient.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe" IFEO\pccompanion.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe" IFEO\switchboard.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe" IFEO\uninst.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe" IFEO\uninstall.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe" ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll [2013-12-13] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll [2013-12-13] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll [2013-12-13] () ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google) ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google) ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google) ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google) ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google) ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2014-04-21] (Tonec Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-623903606-2496640028-3754115147-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2015-02-21] (Internet Download Manager, Tonec Inc.) BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-07-02] (Oracle Corporation) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.) BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2013-09-13] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-07-02] (Oracle Corporation) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.) Toolbar: HKU\S-1-5-21-623903606-2496640028-3754115147-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Toolbar: HKU\S-1-5-21-623903606-2496640028-3754115147-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated) Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation) Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-03-21] (Microsoft Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{00DF63C9-00F1-4DEE-BC55-1D652520BFEE}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{00DF63C9-00F1-4DEE-BC55-1D652520BFEE}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{19A2A9B0-56B2-4B34-BF59-CF9CBC4CB79C}: [NameServer] 8.8.8.8 8.8.4.4 Tcpip\..\Interfaces\{B4C0E79E-6C6A-4ABF-9B53-06BE217DCAD5}: [NameServer] 192.168.184.1 Tcpip\..\Interfaces\{FD598358-3B98-4C3B-8C53-37A5CC0112AF}: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\co6a7evx.default FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_190.dll [2015-06-24] () FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.) FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] () FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-04-20] (Google) FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-06-06] (Google, Inc.) FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-07-02] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-07-02] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2012-10-27] (Microsoft Corporation) FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2013-11-15] (Microsoft Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation) FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.) FF Plugin: @veetle.com/veetleCorePlugin,version=0.9.19 -> C:\Program Files\Veetle\plugins\npVeetle.dll [2012-01-14] (Veetle Inc) FF Plugin: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files\Veetle\Player\npvlc.dll [2012-01-14] (Veetle Inc) FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-09-12] (Adobe Systems Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2013-12-19] (Adobe Systems) FF Plugin HKU\S-1-5-21-623903606-2496640028-3754115147-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\user\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2013-11-06] (Skype Limited) FF Plugin HKU\S-1-5-21-623903606-2496640028-3754115147-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\user\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-03-22] (Unity Technologies ApS) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2013-11-15] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.) FF Extension: No Name - C:\Users\user\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions [2012-12-09] FF Extension: GoPhotoIt - C:\Users\user\AppData\Roaming\Mozilla\Firefox\profiles\extensions\gophoto@gophoto.it.xpi [2012-07-31] FF Extension: anonymoX - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\co6a7evx.default\Extensions\client@anonymox.net.xpi [2014-08-10] FF Extension: No Name - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\co6a7evx.default\Extensions\firefox@zenmate.com.xpi [2015-02-12] FF Extension: Adblock Plus - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\co6a7evx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-17] FF Extension: Greasemonkey - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\co6a7evx.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2014-04-17] FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-04-11] FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn FF Extension: Adobe Acrobat - Create PDF - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-12-10] FF HKU\S-1-5-21-623903606-2496640028-3754115147-1000\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\user\AppData\Roaming\IDM\idmmzcc5 FF Extension: IDM CC - C:\Users\user\AppData\Roaming\IDM\idmmzcc5 [2014-07-20] FF HKU\S-1-5-21-623903606-2496640028-3754115147-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\user\AppData\Roaming\IDM\idmmzcc5 Chrome: ======= CHR dev: Chrome dev build detected! <======= ATTENTION CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-09-12] CHR HKLM\...\Chrome\Extension: [heihnndbnldikchdlicnigbeojkgiiia] - C:\Program Files\MapsGalaxy_39 Chrome Extension\bar\MapsGalaxy@mindspark.com.gen1 [Not Found] CHR HKLM\...\Chrome\Extension: [jmolcgpienlcieaajfkkdamlngancncm] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2015-03-12] CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11] StartMenuInternet: Google Chrome.SLFSFMR2YOCYZHXS2WYJYPCW7I - C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 AxAutoMntSrv; C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft Development Team) S4 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation) S4 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation) R2 Connectify; C:\Program Files\Connectify\ConnectifyService.exe [65536 2012-11-09] () [File not signed] S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [279000 2014-01-29] (Intel Corporation) R3 ICCS; C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [169752 2012-04-24] (Intel Corporation) S4 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2015-04-30] (Microsoft Corporation) R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [284504 2015-04-30] (Microsoft Corporation) S4 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [741640 2014-06-16] (DEVGURU Co., LTD.) R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed] S4 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-18] (TeamViewer GmbH) R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [1724192 2013-01-31] (TuneUp Software) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [24832 2013-10-20] (Advanced Micro Devices, Inc.) R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6x.sys [57824 2015-04-14] (AVG Technologies CZ, s.r.o.) R3 b57xdbd; C:\Windows\System32\DRIVERS\b57xdbd.sys [64088 2013-06-22] (Broadcom Corporation) R3 b57xdmp; C:\Windows\System32\DRIVERS\b57xdmp.sys [18520 2013-06-22] (Broadcom Corporation) R3 bScsiMSx; C:\Windows\System32\DRIVERS\bScsiMSx.sys [46168 2013-06-22] (Broadcom Corporation) R3 bScsiSDx; C:\Windows\System32\DRIVERS\bScsiSDx.sys [59600 2013-10-20] (Broadcom Corporation) R1 cnnctfy2; C:\Windows\System32\DRIVERS\cnnctfy2.sys [27248 2014-12-07] (Connectify) S3 DrvAgent32; C:\Windows\system32\Drivers\DrvAgent32.sys [23456 2014-05-13] (Phoenix Technologies) [File not signed] R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2013-01-01] (DT Soft Ltd) R0 iaStorA; C:\Windows\System32\DRIVERS\iaStorA.sys [488808 2013-10-20] (Intel Corporation) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [24424 2013-10-20] (Intel Corporation) S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [94936 2015-06-18] (Malwarebytes Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation) S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [98520 2015-07-03] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-06-18] (Malwarebytes Corporation) R3 MEI; C:\Windows\System32\DRIVERS\TeeDriver.sys [85464 2013-10-20] (Intel Corporation) S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [95304 2011-11-10] (MotioninJoy) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [245096 2015-03-04] (Microsoft Corporation) R1 MpKsl4825c05c; C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A976E1CA-DFD7-4AD4-A8AB-4DF4391B9F16}\MpKsl4825c05c.sys [39168 2015-07-03] (Microsoft Corporation) S3 RTL8192Ce; C:\Windows\System32\DRIVERS\rtl8192Ce.sys [763496 2012-05-18] (Realtek Semiconductor Corporation ) R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [2522840 2013-11-19] (Realtek Semiconductor Corporation ) R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [27888 2013-10-20] (Synaptics Incorporated) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [329384 2015-04-20] (Duplex Secure Ltd.) R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv.sys [2465144 2013-10-20] (Sunplus Technology) S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-09-10] (The OpenVPN Project) R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [10088 2012-11-16] (TuneUp Software) U3 a1ex8evr; C:\Windows\system32\Drivers\a1ex8evr.sys [0 ] (Broadcom Corporation) <==== ATTENTION (zero byte File/Folder) U3 ax1tgnvm; C:\Windows\system32\Drivers\ax1tgnvm.sys [0 ] (Broadcom Corporation) <==== ATTENTION (zero byte File/Folder) S2 adfs; No ImagePath S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-03 12:39 - 2015-07-03 12:56 - 00128345 _____ C:\Users\user\Downloads\koeficent_profil.xlsx 2015-07-03 01:03 - 2015-07-03 01:03 - 00002117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk 2015-07-03 01:02 - 2015-07-03 01:03 - 00000000 ____D C:\Program Files\Microsoft Security Client 2015-07-02 23:29 - 2015-07-03 08:33 - 00001190 _____ C:\Windows\PFRO.log 2015-07-02 23:20 - 2015-07-02 23:20 - 428184293 _____ C:\Windows\MEMORY.DMP 2015-07-02 23:20 - 2015-07-02 23:20 - 00153528 _____ C:\Windows\Minidump\070215-33181-01.dmp 2015-07-02 23:20 - 2015-07-02 23:20 - 00000000 ____D C:\Windows\Minidump 2015-07-02 23:04 - 2015-07-02 23:05 - 00052909 _____ C:\Users\user\Downloads\Addition.txt 2015-07-02 22:45 - 2015-07-02 22:45 - 00096352 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll 2015-07-02 22:45 - 2015-07-02 22:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-07-02 22:45 - 2015-07-02 22:45 - 00000000 ____D C:\Program Files\Common Files\Java 2015-07-02 22:30 - 2015-07-03 14:20 - 00000000 ____D C:\FRST 2015-07-02 22:30 - 2015-07-02 23:05 - 00080034 _____ C:\Users\user\Downloads\FRST.txt 2015-07-02 22:27 - 2015-07-02 22:27 - 00002758 _____ C:\Users\user\Downloads\FSS.txt 2015-07-02 22:19 - 2015-07-02 22:19 - 00000965 _____ C:\Users\Public\Desktop\CCleaner.lnk 2015-07-02 22:17 - 2015-07-03 01:01 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2015-07-02 21:51 - 2015-07-03 13:04 - 00131345 _____ C:\Windows\WindowsUpdate.log 2015-07-02 21:47 - 2015-07-03 13:46 - 00000504 _____ C:\Windows\setupact.log 2015-07-02 21:47 - 2015-07-02 21:47 - 00000000 _____ C:\Windows\setuperr.log 2015-07-02 21:28 - 2015-07-02 21:28 - 00000000 ____D C:\Users\user\AppData\Local\Avg2015 2015-07-02 21:25 - 2015-07-02 22:45 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit 2015-07-02 21:18 - 2015-07-03 00:43 - 00098520 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-07-02 09:25 - 2015-07-03 00:40 - 00001060 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2015-07-02 09:25 - 2015-07-03 00:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2015-07-02 09:25 - 2015-07-03 00:40 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware 2015-07-02 09:25 - 2015-06-18 08:41 - 00094936 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-07-02 09:25 - 2015-06-18 08:41 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-07-02 09:25 - 2015-06-18 08:41 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-07-02 08:35 - 2015-07-02 08:35 - 00000000 ____D C:\Program Files\AVG 2015-07-02 08:32 - 2015-07-02 21:59 - 00000000 ____D C:\ProgramData\MFAData 2015-07-02 08:32 - 2015-07-02 08:32 - 00000000 ____D C:\Users\user\AppData\Local\MFAData 2015-06-30 16:00 - 2015-06-30 16:00 - 00012077 _____ C:\Users\user\Downloads\Det.shk.kl.2d.xlsx 2015-06-25 09:37 - 2015-06-25 09:37 - 02807950 _____ C:\Users\user\Downloads\wasted.mp4 2015-06-25 09:36 - 2015-06-25 09:36 - 00210889 _____ C:\Users\user\Downloads\AihfGncREK7TD-cP_P0DdJIxkn6P-1ICB4M6ew6ybiNs.mp4 2015-06-23 16:25 - 2015-06-23 16:25 - 02496902 _____ C:\Users\user\Downloads\tan-mezja.mp4 2015-06-23 15:35 - 2015-06-23 15:36 - 01903639 _____ C:\Users\user\Downloads\Tan Mezja sulmon Inzaghi n.mp4 2015-06-19 14:39 - 2015-06-19 14:40 - 994449510 _____ C:\Users\user\Downloads\Get Hard (2015) EXTENDED HD 720p Filma24-AL.com.mp4 2015-06-19 13:56 - 2015-06-19 13:56 - 03261070 _____ C:\Users\user\Downloads\Teorema e Pitagores.mp4 2015-06-17 19:46 - 2015-06-17 20:12 - 961676190 _____ C:\Users\user\Downloads\Khoobsurat 2014 Hindi 720p DvDRip x264 AAC...Hon3y.mp4 2015-06-14 19:52 - 2015-06-14 19:53 - 383118036 _____ C:\Users\user\Downloads\Attachments_2015217.zip 2015-06-12 10:20 - 2015-06-12 10:20 - 00009197 _____ C:\Users\user\Documents\Output2spv.spv 2015-06-11 16:21 - 2015-06-11 16:21 - 00000000 ____D C:\Users\user\AppData\Local\IBM 2015-06-11 16:20 - 2015-06-11 16:20 - 00001232 _____ C:\Users\Public\Desktop\IBM SPSS Statistics 20.lnk 2015-06-10 22:39 - 2015-06-10 22:39 - 00710144 _____ C:\Users\user\Downloads\projekti-shkrimi-akademik-perfudimtar.ppt 2015-06-10 22:28 - 2015-06-11 16:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM SPSS Statistics 2015-06-10 22:25 - 2015-06-11 16:18 - 00000000 ____D C:\Program Files\IBM 2015-06-10 09:53 - 2015-06-02 21:35 - 00342728 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-06-10 09:53 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-06-10 09:53 - 2015-05-23 05:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-06-10 09:53 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-06-10 09:53 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-06-10 09:53 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-06-10 09:53 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-06-10 09:53 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-06-10 09:53 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-06-10 09:53 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-06-10 09:53 - 2015-05-23 05:05 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-06-10 09:53 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-06-10 09:53 - 2015-05-23 05:00 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-06-10 09:53 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-06-10 09:53 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-06-10 09:53 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-06-10 09:53 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-06-10 09:53 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-06-10 09:53 - 2015-05-23 04:38 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-06-10 09:53 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-06-10 09:53 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-06-10 09:53 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-06-10 09:53 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-06-10 09:52 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-06-10 09:52 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-06-10 09:52 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-06-10 09:52 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-06-10 09:52 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-06-10 09:52 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-06-10 09:52 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-06-10 09:52 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-06-10 09:52 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-06-10 09:43 - 2015-05-22 20:03 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-06-10 09:43 - 2015-05-22 20:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-06-10 09:43 - 2015-05-22 20:02 - 00621568 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-06-10 09:43 - 2015-05-22 20:02 - 00333824 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-06-10 09:43 - 2015-05-22 20:02 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-06-10 09:43 - 2015-05-22 20:02 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-06-10 09:43 - 2015-05-22 19:58 - 00901120 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-06-10 09:43 - 2015-05-21 15:20 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2015-06-10 09:42 - 2015-05-25 19:00 - 02384384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-06-10 09:41 - 2015-04-11 05:07 - 00054656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys 2015-06-10 09:40 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2015-06-10 09:40 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-06-10 09:40 - 2015-05-25 20:07 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-06-10 09:40 - 2015-05-25 20:07 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-06-10 09:40 - 2015-05-25 20:04 - 01307648 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-06-10 09:40 - 2015-05-25 20:01 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-06-10 09:40 - 2015-05-25 20:01 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll 2015-06-10 09:40 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2015-06-10 09:40 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2015-06-10 09:40 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-06-10 09:40 - 2015-05-25 20:01 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-06-10 09:40 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-06-10 09:40 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-06-10 09:40 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-06-10 09:40 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-06-10 09:40 - 2015-05-25 20:01 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-06-10 09:40 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll 2015-06-10 09:40 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-06-10 09:40 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-06-10 09:40 - 2015-05-25 20:01 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-06-10 09:40 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-06-10 09:40 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-06-10 09:40 - 2015-05-25 20:01 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-06-10 09:40 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe 2015-06-10 09:40 - 2015-05-25 20:00 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-06-10 09:40 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe 2015-06-10 09:40 - 2015-05-25 20:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-06-10 09:40 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-06-10 09:40 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe 2015-06-10 09:40 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe 2015-06-10 09:40 - 2015-05-25 20:00 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-06-10 09:40 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe 2015-06-10 09:40 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-06-10 09:40 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-06-10 09:40 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-06-10 09:40 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-06-10 09:40 - 2015-05-25 18:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll 2015-06-10 09:39 - 2015-05-09 05:14 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2015-06-10 09:39 - 2015-05-09 05:13 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2015-06-10 09:39 - 2015-05-09 05:13 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2015-06-10 09:39 - 2015-05-09 05:12 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2015-06-10 09:39 - 2015-05-09 05:08 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2015-06-10 09:39 - 2015-05-09 05:08 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2015-06-10 09:39 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2015-06-10 09:39 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2015-06-10 09:39 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2015-06-10 09:39 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2015-06-10 09:39 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2015-06-10 09:39 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2015-06-10 09:39 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2015-06-10 09:39 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2015-06-10 09:39 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2015-06-10 09:39 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2015-06-10 09:39 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2015-06-10 09:39 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2015-06-10 09:39 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-06-10 09:39 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2015-06-10 09:39 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2015-06-10 09:39 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2015-06-10 09:39 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2015-06-10 09:39 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2015-06-10 09:39 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2015-06-10 09:39 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2015-06-10 09:39 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2015-06-10 09:39 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2015-06-10 09:39 - 2015-05-09 03:59 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2015-06-10 09:39 - 2015-05-09 03:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2015-06-10 09:39 - 2015-05-09 03:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2015-06-10 09:39 - 2015-05-09 03:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2015-06-10 09:39 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2015-06-10 09:39 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2015-06-10 09:39 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2015-06-10 09:39 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2015-06-10 09:39 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2015-06-10 09:39 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll 2015-06-09 16:30 - 2015-06-09 16:30 - 00000000 ____D C:\Users\user\Downloads\russo_one 2015-06-09 16:28 - 2015-06-09 16:28 - 00061493 _____ C:\Users\user\Downloads\russo_one.zip 2015-06-08 09:46 - 2015-06-08 09:46 - 02846339 _____ C:\Users\user\Downloads\design-a-tshirt.zip 2015-06-08 09:01 - 2015-06-08 09:01 - 02120491 _____ C:\Users\user\Downloads\start_illustrator_create-logo.zip 2015-06-08 08:05 - 2015-06-08 08:05 - 00001601 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CC.lnk 2015-06-08 08:04 - 2015-06-08 08:04 - 00000000 ____D C:\ProgramData\ALM 2015-06-05 22:28 - 2015-06-05 22:28 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf 2015-06-05 22:20 - 2015-06-05 22:20 - 00000000 ____D C:\Users\user\Documents\samsung 2015-06-05 22:20 - 2015-06-05 22:20 - 00000000 ____D C:\Users\user\AppData\Roaming\Samsung 2015-06-05 22:20 - 2015-06-05 22:20 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log 2015-06-05 22:20 - 2014-05-07 17:42 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\system32\secman.dll 2015-06-05 22:18 - 2014-06-16 08:01 - 01112288 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll 2015-06-05 22:18 - 2014-06-16 08:01 - 00581192 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll 2015-06-05 22:18 - 2014-06-16 08:01 - 00184192 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys 2015-06-05 22:18 - 2014-06-16 08:01 - 00089856 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys 2015-06-05 22:15 - 2015-06-05 22:19 - 00000000 ____D C:\Program Files\SAMSUNG 2015-06-05 22:13 - 2015-06-05 22:13 - 00000000 ____D C:\ProgramData\Samsung 2015-06-05 22:00 - 2015-06-05 22:01 - 13054668 _____ (SAMSUNG Electronics Co., Ltd.) C:\Users\user\Downloads\30DB.tmp 2015-06-03 16:49 - 2015-06-03 16:49 - 00000000 ____D C:\Program Files\Strogino CS Portal ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-03 14:23 - 2012-11-06 21:41 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-07-03 13:27 - 2012-09-28 16:14 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-07-03 12:50 - 2012-11-22 22:57 - 04735488 ___SH C:\Users\user\Downloads\Thumbs.db 2015-07-03 12:46 - 2012-12-11 19:41 - 00282624 ___SH C:\Users\user\Thumbs.db 2015-07-03 12:05 - 2013-10-05 06:42 - 00002491 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk 2015-07-03 10:09 - 2014-03-20 15:00 - 00000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2015-07-03 10:09 - 2009-07-14 06:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-07-03 10:07 - 2014-07-23 20:50 - 00000000 ____D C:\Users\user\Documents\Powerpoint 2015-07-03 10:05 - 2013-09-19 18:23 - 00000000 ____D C:\Users\user\Downloads\Compressed 2015-07-03 09:56 - 2012-11-06 21:41 - 00000000 ____D C:\Program Files\Google 2015-07-03 09:55 - 2012-09-28 22:09 - 00000000 ____D C:\Users\user\AppData\Local\Google 2015-07-03 08:49 - 2009-07-14 06:34 - 00021200 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-07-03 08:49 - 2009-07-14 06:34 - 00021200 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-07-03 08:34 - 2012-12-10 17:43 - 00000431 _____ C:\Windows\system32\Drivers\etc\hosts.ics 2015-07-03 08:34 - 2012-11-06 21:41 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-07-03 08:34 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-07-03 01:03 - 2012-09-28 16:25 - 00001945 _____ C:\Windows\epplauncher.mif 2015-07-02 23:41 - 2014-04-05 15:55 - 00000000 ____D C:\AdwCleaner 2015-07-02 22:44 - 2014-01-26 12:30 - 00000000 ____D C:\Program Files\Java 2015-07-02 22:20 - 2013-08-04 16:11 - 00000000 ____D C:\Program Files\CCleaner 2015-07-02 22:19 - 2014-06-07 14:20 - 00000000 ____D C:\Users\HomeGroupUser$ 2015-07-02 22:19 - 2014-06-07 14:20 - 00000000 ____D C:\Users\Guest 2015-07-02 22:19 - 2014-06-07 14:20 - 00000000 ____D C:\Users\Administrator 2015-07-02 22:19 - 2013-08-04 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2015-07-02 22:19 - 2009-07-14 04:37 - 00000000 ___RD C:\Users\Public 2015-07-02 22:15 - 2014-05-18 10:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony 2015-07-02 22:15 - 2014-05-18 10:39 - 00000000 ____D C:\Program Files\Sony 2015-07-02 22:11 - 2015-02-16 20:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visible Body 2015-07-02 22:11 - 2015-02-16 20:23 - 00000000 ____D C:\Program Files\Visible Body 2015-07-02 21:42 - 2013-09-19 18:23 - 00000000 ____D C:\Users\user\AppData\Roaming\IDM 2015-07-02 21:41 - 2013-07-09 14:14 - 00000000 ____D C:\Users\user\AppData\Local\CrashDumps 2015-07-02 21:27 - 2012-10-27 16:26 - 00000000 ____D C:\Users\user\AppData\Roaming\BitTorrent 2015-07-02 21:16 - 2014-08-09 10:53 - 00000000 ____D C:\Users\user\Documents\sd card gesi 2015-07-02 08:36 - 2013-04-27 08:38 - 00000000 ____D C:\Users\user\AppData\Roaming\TuneUp Software 2015-07-01 21:14 - 2012-09-28 20:42 - 00782470 _____ C:\Windows\system32\PerfStringBackup.INI 2015-06-29 14:00 - 2013-11-15 17:26 - 00000000 ____D C:\Program Files\TeamViewer 2015-06-27 01:00 - 2013-09-19 18:23 - 00000000 ____D C:\Users\user\AppData\Roaming\DMCache 2015-06-26 23:47 - 2013-09-19 18:23 - 00000000 ____D C:\Users\user\Downloads\Video 2015-06-26 09:26 - 2015-02-12 17:08 - 00000929 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk 2015-06-25 09:31 - 2014-07-23 20:51 - 00000000 ____D C:\Users\user\Documents\Word 2015-06-24 12:27 - 2012-09-28 16:14 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2015-06-24 12:27 - 2012-09-28 16:14 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2015-06-19 21:09 - 2014-04-25 16:14 - 00000000 __SHD C:\Users\user\AppData\Local\EmieUserList 2015-06-19 21:09 - 2014-04-25 16:14 - 00000000 __SHD C:\Users\user\AppData\Local\EmieSiteList 2015-06-19 00:50 - 2013-07-10 17:41 - 00000000 ____D C:\Windows\system32\MRT 2015-06-18 01:06 - 2012-10-27 14:58 - 00000000 ____D C:\Users\user\AppData\Roaming\vlc 2015-06-16 10:38 - 2013-07-05 21:43 - 00000000 ____D C:\Games 2015-06-15 17:52 - 2012-12-04 20:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3 2015-06-12 01:08 - 2012-09-28 20:51 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-06-11 16:21 - 2015-05-24 18:56 - 00000000 ____D C:\Users\user\AppData\Local\javasharedresources 2015-06-11 08:34 - 2009-07-14 06:33 - 03912816 _____ C:\Windows\system32\FNTCACHE.DAT 2015-06-10 23:11 - 2012-09-28 16:48 - 00125088 _____ C:\Users\user\AppData\Local\GDIPFONTCACHEV1.DAT 2015-06-10 22:25 - 2015-05-16 15:28 - 00000219 _____ C:\Windows\system32\lsprst7.tgz 2015-06-10 22:25 - 2015-05-16 15:28 - 00000205 _____ C:\Windows\system32\lsprst7.dll 2015-06-10 22:25 - 2015-05-16 15:28 - 00000016 ____H C:\Windows\system32\servdat.slm 2015-06-10 19:12 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache 2015-06-10 13:17 - 2015-04-16 14:55 - 00000000 ____D C:\Windows\system32\appraiser 2015-06-10 13:17 - 2014-05-06 22:16 - 00000000 ___SD C:\Windows\system32\CompatTel 2015-06-10 11:41 - 2009-07-14 04:04 - 00000580 _____ C:\Windows\win.ini 2015-06-08 09:38 - 2012-10-27 13:29 - 00000000 ____D C:\Users\user\AppData\Roaming\Adobe 2015-06-08 08:05 - 2013-05-16 10:44 - 00000000 ____D C:\AdobeTemp 2015-06-08 08:05 - 2013-03-20 22:52 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe 2015-06-08 08:04 - 2012-10-28 09:31 - 00000000 ____D C:\Program Files\Common Files\Adobe 2015-06-08 08:01 - 2012-10-28 09:37 - 00000000 ____D C:\Program Files\Adobe 2015-06-07 09:26 - 2013-09-12 17:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2015-06-05 22:20 - 2012-12-15 22:20 - 00000000 ___HD C:\Program Files\InstallShield Installation Information 2015-06-05 15:29 - 2015-05-06 19:40 - 00000000 ____D C:\Users\user\Documents\Projekt korrupsioni 2015-06-03 17:08 - 2013-07-10 17:03 - 00000000 ____D C:\ProgramData\Package Cache ==================== Files in the root of some directories ======= 2014-05-16 08:11 - 2014-05-16 08:13 - 0000132 _____ () C:\Users\user\AppData\Roaming\Adobe PNG Format CS6 Prefs 2013-07-24 14:26 - 2014-05-16 09:17 - 0000124 _____ () C:\Users\user\AppData\Roaming\Camdata.ini 2013-07-24 14:26 - 2014-05-16 09:17 - 0000408 _____ () C:\Users\user\AppData\Roaming\CamLayout.ini 2013-07-24 14:26 - 2014-05-16 09:17 - 0000408 _____ () C:\Users\user\AppData\Roaming\CamShapes.ini 2013-07-24 14:26 - 2014-05-16 09:17 - 0004545 _____ () C:\Users\user\AppData\Roaming\CamStudio.cfg 2013-10-03 17:12 - 2013-10-03 17:12 - 0000132 _____ () C:\Users\user\AppData\Roaming\N14653HNB99SRJrmdir.bat 2013-08-26 14:29 - 2013-08-26 14:29 - 0099678 _____ () C:\Users\user\AppData\Roaming\seesimilar.ico 2013-09-10 16:04 - 2013-09-10 16:06 - 57156535 ____N ( ) C:\Users\user\AppData\Roaming\setup.exe 2014-02-08 23:32 - 2014-05-16 09:11 - 0000096 _____ () C:\Users\user\AppData\Roaming\version2.xml 2012-12-02 19:49 - 2014-04-22 11:27 - 0009728 _____ () C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-02-16 23:45 - 2015-02-16 23:47 - 0003072 _____ () C:\Users\user\AppData\Local\file__0.localstorage 2013-06-25 12:54 - 2013-06-25 12:54 - 0010079 _____ () C:\Users\user\AppData\Local\HWVendorDetection.log 2015-03-01 10:19 - 2015-03-01 10:19 - 0000218 _____ () C:\Users\user\AppData\Local\recently-used.xbel 2013-03-28 14:21 - 2013-08-21 14:32 - 0007597 _____ () C:\Users\user\AppData\Local\Resmon.ResmonCfg 2013-08-24 12:51 - 2013-08-24 12:51 - 0000003 _____ () C:\Users\user\AppData\Local\updater.log 2013-08-24 12:51 - 2015-04-23 23:03 - 0000412 _____ () C:\Users\user\AppData\Local\UserProducts.xml 2013-10-20 10:47 - 2013-10-20 10:47 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Some files in TEMP: ==================== C:\Users\user\AppData\Local\Temp\Quarantine.exe C:\Users\user\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-06-23 19:11 ==================== End of log ============================