Ok!
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-10-2014
Ran by Susanna (administrator) on SUSANNA on 17-10-2014 15:27:51
Running from C:\Users\Susanna\Desktop
Loaded Profiles: Susanna & (Available profiles: Susanna)
Platform: Windows 8.1 (X64) OS Language: suomi (Suomi)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP2LAK.EXE
(Spotify Ltd) C:\Users\Susanna\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP2RPK.EXE
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNABCSWK.EXE
(Facebook Inc.) C:\Users\Susanna\AppData\Local\Facebook\Update\FacebookUpdate.exe
(Facebook) C:\Users\Susanna\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17246_none_fa4ae8e99b1f603c\TiWorker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13213328 2012-10-18] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2872176 2012-10-08] (ELAN Microelectronics Corp.)
HKLM\...\Run: [CNAP2 Launcher] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE [226784 2010-10-15] (CANON INC.)
HKLM\...\Run: [CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82}] => "C:\ProgramData\cisF678.exe" --PostUninstall {81EFDD93-DBBE-415B-BE6E-49B9664E3E82}
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2014-09-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-15] (Symantec Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-08-08] (AVAST Software)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-09-25] ( (Qualcomm®Atheros®))
HKU\S-1-5-21-3708962043-2504352025-3687310069-1001\...\Run: [Spotify Web Helper] => C:\Users\Susanna\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752 2014-09-22] (Spotify Ltd)
HKU\S-1-5-21-3708962043-2504352025-3687310069-1001\...\Run: [Facebook Update] => C:\Users\Susanna\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-04-27] (Facebook Inc.)
HKU\S-1-5-21-3708962043-2504352025-3687310069-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify Web Helper] => C:\Users\Susanna\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752 2014-09-22] (Spotify Ltd)
HKU\S-1-5-21-3708962043-2504352025-3687310069-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Facebook Update] => C:\Users\Susanna\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-04-27] (Facebook Inc.)
Startup: C:\Users\Susanna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
ShortcutTarget: Facebook Messenger.lnk -> C:\Users\Susanna\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (Facebook)
Startup: C:\Users\Susanna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Lähetä OneNoteen.lnk
ShortcutTarget: Lähetä OneNoteen.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Susanna\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Susanna\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Susanna\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Susanna\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Susanna\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Susanna\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Susanna\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {2A57B0BE-D0CC-4143-A1B4-8B5CE640F3F5} URL =
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {2A57B0BE-D0CC-4143-A1B4-8B5CE640F3F5} URL =
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 82.197.20.5 82.197.20.6
FireFox:
========
FF ProfilePath: C:\Users\Susanna\AppData\Roaming\Mozilla\Firefox\Profiles\uycexyoa.default
FF SelectedSearchEngine: Yahoo
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: facebook.com/fbDesktopPlugin -> C:\Users\Susanna\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\bookplus-fi.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-fi.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-fi.xml
FF Extension: Firefox Old Version Update Hotfix - C:\Users\Susanna\AppData\Roaming\Mozilla\Firefox\Profiles\uycexyoa.default\Extensions\
[email protected] [2014-08-16]
FF HKLM-x32\...\Firefox\Extensions: [
[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-05-01]
Chrome:
=======
CHR Profile: C:\Users\Susanna\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Wallet) - C:\Users\Susanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-29]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-09-25] (Windows ® Win 7 DDK provider)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-01] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2428088 2014-08-12] (Microsoft Corporation)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593976 2012-10-19] (Samsung Electronics CO., LTD.)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-09-25] (Atheros) [File not signed]
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-01] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-01] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-01] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-14] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-14] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-14] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-01] ()
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-25] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-10-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows ® Win 7 DDK provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-17 15:27 - 2014-10-17 15:27 - 00000000 ____D () C:\Users\Susanna\Desktop\FRST-OlderVersion
2014-10-12 22:48 - 2014-10-12 22:48 - 00415232 _____ (Farbar) C:\Users\Susanna\Downloads\FSS (1).exe
2014-10-08 16:09 - 2014-10-08 16:09 - 00002821 _____ () C:\Users\Susanna\Desktop\FSS.txt
2014-10-08 16:08 - 2014-10-12 22:49 - 00002923 _____ () C:\Users\Susanna\Downloads\FSS.txt
2014-10-08 16:07 - 2014-10-08 16:08 - 00415232 _____ (Farbar) C:\Users\Susanna\Downloads\FSS.exe
2014-10-08 16:07 - 2014-10-08 16:07 - 00001250 _____ () C:\Users\Susanna\Desktop\JRT.txt
2014-10-08 16:00 - 2014-10-08 16:00 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-10-08 15:59 - 2014-10-06 13:00 - 01705141 _____ (Thisisu) C:\Users\Susanna\Desktop\JRT_NEW.exe
2014-10-08 15:27 - 2014-10-08 15:27 - 00001847 _____ () C:\Users\Susanna\Downloads\Fixlist.txt
2014-10-06 09:43 - 2014-10-17 15:27 - 00017884 _____ () C:\Users\Susanna\Desktop\FRST.txt
2014-10-06 09:35 - 2014-10-06 21:20 - 00044381 _____ () C:\Users\Susanna\Desktop\Addition.txt
2014-10-06 09:31 - 2014-10-17 15:27 - 02112000 _____ (Farbar) C:\Users\Susanna\Desktop\FRST64.exe
2014-10-06 09:24 - 2014-10-06 09:24 - 00001211 _____ () C:\Users\Susanna\Downloads\Kuopio – Pikakuvake.lnk
2014-10-03 21:41 - 2014-10-03 21:41 - 00001578 _____ () C:\Users\Susanna\Desktop\mbam.txt
2014-10-03 21:20 - 2014-10-17 15:25 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-10-03 21:20 - 2014-10-03 21:20 - 00001118 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-03 21:20 - 2014-10-03 21:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-03 21:20 - 2014-10-03 21:20 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-03 21:20 - 2014-10-03 21:20 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-03 21:20 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-10-03 21:20 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-10-03 21:20 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-10-03 21:10 - 2014-10-03 21:10 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Susanna\Downloads\mbam-setup-2.0.2.1012 (2).exe
2014-10-03 21:04 - 2014-10-03 21:04 - 00321848 _____ (Malwarebytes Corporation) C:\Users\Susanna\Downloads\mbam-clean-2.1.1.1001.exe
2014-10-01 16:39 - 2014-10-01 16:39 - 00018349 _____ () C:\Users\Susanna\AppData\Local\recently-used.xbel
2014-09-29 23:11 - 2014-09-29 23:11 - 00006708 _____ () C:\Users\Susanna\Desktop\adw.txt
2014-09-29 23:02 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-09-29 22:57 - 2014-10-01 16:28 - 00000000 ____D () C:\AdwCleaner
2014-09-29 22:57 - 2014-09-29 22:57 - 01373475 _____ () C:\Users\Susanna\Desktop\AdwCleaner.exe
2014-09-28 16:00 - 2014-09-28 16:00 - 00043116 _____ () C:\Users\Susanna\Downloads\Addition (1).txt
2014-09-26 12:10 - 2014-09-26 12:10 - 00116496 _____ () C:\Users\Susanna\Desktop\OTLtxt.Txt
2014-09-26 11:54 - 2014-09-26 11:54 - 00149192 _____ () C:\Users\Susanna\Desktop\OTL.Txt
2014-09-26 11:53 - 2014-09-26 12:09 - 00078594 _____ () C:\Users\Susanna\Downloads\Extras.Txt
2014-09-26 11:51 - 2014-09-26 12:07 - 00116496 _____ () C:\Users\Susanna\Downloads\OTL.Txt
2014-09-26 11:34 - 2014-09-26 11:34 - 00602112 _____ (OldTimer Tools) C:\Users\Susanna\Downloads\OTL.exe
2014-09-26 10:09 - 2014-09-26 10:09 - 00002010 _____ () C:\Users\Susanna\Desktop\aswMBR.txt
2014-09-26 10:09 - 2014-09-26 10:09 - 00000512 _____ () C:\Users\Susanna\Documents\MBR.dat
2014-09-26 01:19 - 2014-09-26 01:19 - 05185536 _____ (AVAST Software) C:\Users\Susanna\Downloads\aswMBR (3).exe
2014-09-26 01:14 - 2014-09-26 01:14 - 05185536 _____ (AVAST Software) C:\Users\Susanna\Downloads\aswmbr (2).exe
2014-09-26 01:13 - 2014-09-26 01:13 - 05185536 _____ (AVAST Software) C:\Users\Susanna\Downloads\aswmbr (1).exe
2014-09-26 01:12 - 2014-09-26 01:12 - 05185536 _____ (AVAST Software) C:\Users\Susanna\Downloads\aswmbr.exe
2014-09-26 01:10 - 2014-09-26 01:11 - 00043116 _____ () C:\Users\Susanna\Downloads\Addition.txt
2014-09-26 01:08 - 2014-10-17 15:27 - 00000000 ____D () C:\FRST
2014-09-25 23:53 - 2014-09-26 00:08 - 00003718 _____ () C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2014-09-25 23:53 - 2014-09-25 23:53 - 00003476 _____ () C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2014-09-25 23:53 - 2014-09-25 23:53 - 00000000 ____D () C:\ProgramData\Intel® Update Manager
2014-09-25 23:31 - 2014-09-25 23:31 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71.dll
2014-09-25 23:30 - 2014-10-06 21:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2014-09-25 23:30 - 2014-09-25 23:31 - 00000000 ____D () C:\Program Files\COMODO
2014-09-25 23:29 - 2014-09-25 23:29 - 00000000 ____D () C:\ProgramData\Comodo Downloader
2014-09-25 23:28 - 2014-09-25 23:34 - 00000000 ____D () C:\ProgramData\Comodo
2014-09-25 23:23 - 2014-09-25 23:27 - 218252480 _____ (COMODO) C:\Users\Susanna\Downloads\cfw_installer.exe
2014-09-25 22:38 - 2014-10-08 15:45 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-09-25 22:38 - 2014-09-25 23:34 - 00000000 ____D () C:\Users\Vieras
2014-09-25 22:38 - 2014-09-25 23:34 - 00000000 ____D () C:\Users\Järjestelmänvalvoja
2014-09-25 22:38 - 2014-09-25 23:34 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-09-25 22:38 - 2014-09-25 22:39 - 00000000 ____D () C:\ProgramData\30e9c7c4596c8100
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-17 15:25 - 2013-10-26 16:29 - 00003950 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{FA10CD9D-BCD5-4219-BD57-CB8DE2A54507}
2014-10-17 15:25 - 2013-08-22 18:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-10-17 15:24 - 2013-08-22 18:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-10-14 01:01 - 2013-05-05 12:16 - 00001026 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-14 00:18 - 2013-04-18 19:58 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-10-14 00:16 - 2013-10-23 16:04 - 02037618 _____ () C:\WINDOWS\WindowsUpdate.log
2014-10-13 11:01 - 2013-05-05 12:16 - 00001022 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-11 11:06 - 2013-04-18 18:40 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3708962043-2504352025-3687310069-1001
2014-10-10 23:59 - 2012-12-01 06:59 - 00000000 ____D () C:\ProgramData\WinClon
2014-10-10 23:54 - 2013-05-09 16:05 - 00000000 ____D () C:\Users\Susanna\AppData\Local\CrashDumps
2014-10-10 23:47 - 2013-10-23 16:13 - 00000000 ___DO () C:\Users\Susanna\SkyDrive
2014-10-08 16:12 - 2013-08-22 17:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-10-08 16:11 - 2013-08-22 16:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-10-08 15:52 - 2013-04-28 12:55 - 09720320 ___SH () C:\Users\Susanna\Desktop\Thumbs.db
2014-10-08 15:50 - 2013-09-29 21:07 - 00206752 _____ () C:\WINDOWS\PFRO.log
2014-10-08 15:29 - 2013-08-22 18:36 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
2014-10-08 15:29 - 2013-06-21 12:34 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton Internet Security
2014-10-08 15:29 - 2012-12-01 07:07 - 00000000 ____D () C:\Users\EasySurvey
2014-10-06 10:10 - 2013-04-18 18:34 - 00000000 ____D () C:\Users\Susanna\Documents\Bluetooth Folder
2014-10-05 23:43 - 2013-10-23 15:43 - 00000000 ____D () C:\Users\Susanna
2014-10-01 20:04 - 2013-08-13 16:54 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-10-01 20:03 - 2013-10-26 16:52 - 00000000 ____D () C:\Users\Susanna\AppData\Roaming\Atheros
2014-10-01 17:32 - 2013-08-22 18:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-10-01 16:40 - 2013-04-28 13:07 - 00000000 ____D () C:\Users\Susanna\.gimp-2.8
2014-09-30 10:18 - 2014-05-01 16:27 - 00000000 ____D () C:\Users\Susanna\Desktop\asunto
2014-09-30 08:37 - 2013-06-03 12:56 - 00189440 ___SH () C:\Users\Susanna\Downloads\Thumbs.db
2014-09-28 15:50 - 2013-09-30 07:17 - 01367966 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-09-28 15:50 - 2013-09-30 06:59 - 00435530 _____ () C:\WINDOWS\system32\perfh00B.dat
2014-09-28 15:50 - 2013-09-30 06:59 - 00081592 _____ () C:\WINDOWS\system32\perfc00B.dat
2014-09-28 15:45 - 2013-08-22 17:46 - 00324161 _____ () C:\WINDOWS\setupact.log
2014-09-26 08:50 - 2013-04-29 19:36 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-09-26 01:01 - 2013-04-18 18:58 - 00000000 ____D () C:\Users\Susanna\AppData\Local\Spotify
2014-09-26 01:01 - 2013-04-18 18:57 - 00000000 ____D () C:\Users\Susanna\AppData\Roaming\Spotify
2014-09-26 00:55 - 2013-08-22 18:36 - 00000000 ____D () C:\WINDOWS\schemas
2014-09-26 00:08 - 2012-12-01 06:47 - 00000000 ____D () C:\ProgramData\Intel
2014-09-25 23:54 - 2013-10-23 15:38 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-09-25 23:53 - 2012-12-01 06:47 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2014-09-25 23:37 - 2013-08-22 17:44 - 00550592 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-09-25 23:36 - 2013-06-30 20:12 - 00001291 _____ () C:\Users\Susanna\Desktop\Dropbox.lnk
2014-09-25 23:36 - 2013-04-18 18:58 - 00002061 _____ () C:\Users\Susanna\Desktop\Spotify.lnk
2014-09-25 23:34 - 2012-07-26 08:37 - 00000000 ____D () C:\Users\Default.migrated
2014-09-25 22:38 - 2013-08-22 18:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\GroupPolicy
2014-09-25 22:38 - 2013-05-05 12:16 - 00000000 ____D () C:\Users\Susanna\AppData\Local\Google
2014-09-25 22:38 - 2013-05-05 12:16 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-24 19:01 - 2013-10-16 15:21 - 00000000 ____D () C:\Users\Susanna\Desktop\kuvii
2014-09-24 16:42 - 2012-07-26 10:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-09-22 23:30 - 2013-05-21 15:28 - 00002039 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk
2014-09-22 23:30 - 2012-12-01 07:03 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-09-22 23:19 - 2013-09-30 07:02 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-22 23:19 - 2013-08-22 18:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-09-22 23:19 - 2013-08-22 18:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-09-22 23:19 - 2013-08-22 18:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-22 23:19 - 2013-08-22 18:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-22 23:19 - 2013-08-22 18:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-09-22 23:19 - 2013-08-22 18:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2014-09-22 23:19 - 2013-08-22 18:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\InputMethod
2014-09-22 23:19 - 2013-08-22 18:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-09-22 23:19 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-09-22 16:40 - 2013-06-03 22:02 - 00000000 ____D () C:\Users\Susanna\Desktop\school
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-10-08 16:23
==================== End Of Log ============================