Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-09-2014
- Ran by pc (administrator) on PC-PC on 15-09-2014 15:24:33
- Running from C:\Users\pc\Downloads
- Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English (United States)
- Internet Explorer Version 11
- Boot Mode: Normal
- Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
- ==================== Processes (Whitelisted) =================
- (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
- (IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\stacsv.exe
- (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
- (Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\AEstSrv.exe
- (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
- (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
- (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
- (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
- () C:\Program Files\CyberLink\Shared files\RichVideo.exe
- (Kaspersky Lab ZAO) C:\Users\pc\AppData\Local\temp\{F6374F4E-51A1-44A0-8BBC-C6FE55F4FEBF}.exe
- (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
- (IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
- (Cyberlink Corp.) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
- (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
- (Intel Corporation) C:\Windows\System32\igfxtray.exe
- (Intel Corporation) C:\Windows\System32\hkcmd.exe
- (Intel Corporation) C:\Windows\System32\igfxpers.exe
- (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
- (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
- (Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
- (Bandoo Media Inc.) C:\Program Files\iLivid\iLivid.exe
- (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
- (Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
- (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
- (Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
- (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
- (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
- (Google Inc.) C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
- (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
- (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
- (AVAST Software) C:\Program Files\AVAST Software\Avast\setup\instup.exe
- ==================== Registry (Whitelisted) ==================
- (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
- HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1721640 2010-05-27] (Synaptics Incorporated)
- HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [495708 2010-03-23] (IDT, Inc.)
- HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
- HKLM\...\Run: [RemoteControl] => C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [71216 2007-02-07] (Cyberlink Corp.)
- HKLM\...\Run: [LanguageShortcut] => C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [54832 2007-02-07] ()
- HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-31] (AVAST Software)
- HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
- HKU\S-1-5-21-1790169903-100120260-3156938750-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2007-06-27] (Nero AG)
- HKU\S-1-5-21-1790169903-100120260-3156938750-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-12-12] (Google Inc.)
- HKU\S-1-5-21-1790169903-100120260-3156938750-1000\...\Run: [Google Update] => C:\Users\pc\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-07-13] (Google Inc.)
- HKU\S-1-5-21-1790169903-100120260-3156938750-1000\...\Run: [iLivid] => C:\Program Files\iLivid\iLivid.exe [6827008 2013-09-09] (Bandoo Media Inc.)
- Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
- ShortcutTarget: Adobe Reader Speed Launch.lnk -> C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
- Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
- ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (No File)
- ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
- ==================== Internet (Whitelisted) ====================
- (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
- HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
- HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.hr/
- HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x08BC1B25448ACB01
- HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = hr
- HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
- HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
- HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
- HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
- SearchScopes: HKLM - DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
- SearchScopes: HKLM - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
- SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=479&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=3051051750834388&q={searchTerms}
- SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59} URL = http://search.imesh.com/web?src=ieb&systemid=1&q={searchTerms}
- SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69} URL = http://search.bearshare.com/web?src=ieb&systemid=2&q={searchTerms}
- SearchScopes: HKLM - {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = http://search.tb.ask.com/search/GGmain.jhtml?p2=^HJ^xdm073^YYA^hr&si=pconvIE&ptb=3BB710E1-81AF-47F7-B5FA-D2EA71331668&ind=2014010402&n=780b5c22&psa=&st=sb&searchfor={searchTerms}
- SearchScopes: HKCU - DefaultScope {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_9&idate=2014-09-05&gen=cnet&hsimp=yhs-lavasoft&ent=ch&q={searchTerms}
- SearchScopes: HKCU - {120D3C2D-ADE5-4A5D-A3E0-4FF62942F5AC} URL = https://www.google.com/search?q={searchTerms}
- SearchScopes: HKCU - {22AAF60D-2DB0-45F0-8BE6-C075B9D8977C} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=937811&p={searchTerms}
- SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_9&idate=2014-09-05&gen=cnet&hsimp=yhs-lavasoft&ent=ch&q={searchTerms}
- SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
- SearchScopes: HKCU - {87E77B6D-0A39-451B-A4FD-7960FFE93EC5} URL = http://search.avg.com/route/?d=4ceb8348&v=6.10.6.4&i=23&tp=chrome&q={searchTerms}&lng={language}&iy=&ychte=us
- SearchScopes: HKCU - {95287E58-0B22-4D69-8F01-85DDF173AF55} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3300850&CUI=UN25012761671818911&UM=1
- SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=479&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=3051051750834388&q={searchTerms}
- SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59} URL = http://search.imesh.com/web?src=ieb&systemid=1&q={searchTerms}
- SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69} URL = http://search.bearshare.com/web?src=ieb&systemid=2&q={searchTerms}
- SearchScopes: HKCU - {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = http://search.tb.ask.com/search/GGmain.jhtml?p2=^HJ^xdm073^YYA^hr&si=pconvIE&ptb=3BB710E1-81AF-47F7-B5FA-D2EA71331668&ind=2014010402&n=780b5c22&psa=&st=sb&searchfor={searchTerms}
- BHO: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
- BHO: No Name -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> No File
- BHO: No Name -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> No File
- BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
- BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
- BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
- BHO: Skype Plug-In -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
- BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
- Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
- Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
- DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
- DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_55-windows-i586.cab
- DPF: {CAFEEFAC-0017-0000-0055-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_55-windows-i586.cab
- DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_55-windows-i586.cab
- DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
- Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll No File
- Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
- Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
- Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
- Handler: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - No File
- Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
- Tcpip\..\Interfaces\{5B2FC5DC-1D29-4283-9DDD-CDF2F05D81C2}: [NameServer] 212.91.97.3,212.91.97.4
- Tcpip\..\Interfaces\{6F5D1294-4C65-49CD-B200-A2FF4143567E}: [NameServer] 8.8.8.8,8.8.4.4
- FireFox:
- ========
- FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
- FF Plugin: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
- FF Plugin: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
- FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
- FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
- FF Plugin: @veetle.com/veetleCorePlugin,version=0.9.19 -> C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
- FF Plugin: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
- FF Plugin: @VideoDownloadConverter_ScriptHelper.com/Plugin -> C:\Program Files\VideoDownloadConverter\npVDCPlugin.dll No File
- FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\pc\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
- FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\pc\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
- FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\pc\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
- FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\pc\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
- FF Plugin ProgramFiles/Appdata: C:\Users\pc\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
- FF Plugin ProgramFiles/Appdata: C:\Users\pc\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
- FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
- FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-01-05]
- Chrome:
- =======
- CHR HomePage: Default -> hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_9&idate=2014-09-05&gen=cnet&ent=hp&u=649485689E6C1CBF63FCE75409EC7CCE
- CHR StartupUrls: Default -> "hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_9&idate=2014-09-05&gen=cnet&ent=hp&u=649485689E6C1CBF63FCE75409EC7CCE", "hxxp://www.msn.com/?pc=AV01"
- CHR DefaultSearchKeyword: Default -> securesearch
- CHR DefaultSearchProvider: Default -> SecureSearch
- CHR DefaultSearchURL: Default -> http://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_9&idate=2014-09-05&gen=cnet&hsimp=yhs-lavasoft&ent=ch&q={searchTerms}
- CHR DefaultSuggestURL: Default ->
- CHR CustomProfile: C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default
- CHR Extension: (Google Docs) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-12]
- CHR Extension: (Google Drive) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-12]
- CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-07]
- CHR Extension: (YouTube) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-12]
- CHR Extension: (Google Search) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-12]
- CHR Extension: (avast! Online Security) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-01-05]
- CHR Extension: (Google Wallet) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-19]
- CHR Extension: (Gmail) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-12]
- CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-06-27]
- CHR HKLM\...\Chrome\Extension: [mekcdjanfbgjggafgdkmcodmkfldcaaf] - C:\ProgramData\wxDownload\mekcdjanfbgjggafgdkmcodmkfldcaaf.crx [2014-06-27]
- CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
- ========================== Services (Whitelisted) =================
- (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
- R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-27] (AVAST Software)
- S2 Dhcp; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
- R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
- R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
- S2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [638976 2013-08-05] (McAfee, Inc.)
- S4 RemoteAccess; C:\Windows\System32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
- R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [173616 2007-02-07] ()
- R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\STacSV.exe [229458 2010-03-23] (IDT, Inc.)
- S2 Application Updater; "C:\Program Files\Application Updater\ApplicationUpdater.exe" [X]
- ==================== Drivers (Whitelisted) ====================
- (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
- R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-06-27] ()
- R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-06-27] (AVAST Software)
- R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-06-27] (AVAST Software)
- R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-06-27] ()
- R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [779536 2014-06-27] (AVAST Software)
- R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [414520 2014-07-04] (AVAST Software)
- R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [71944 2014-06-27] (AVAST Software)
- R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [192352 2014-06-27] ()
- R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
- R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-09-15] (Malwarebytes Corporation)
- R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)
- S3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [288056 2013-07-09] (McAfee, Inc.)
- S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [80656 2013-07-09] (McAfee, Inc.)
- S3 MFE_RR; C:\Windows\System32\Drivers\mfe_rr.sys [29776 2013-12-04] (McAfee, Inc.)
- R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B}; C:\Program Files\CyberLink\PowerDVD\000.fcl [13560 2006-11-02] (Cyberlink Corp.)
- S3 catchme; \??\C:\Users\pc\AppData\Local\Temp\catchme.sys [X]
- S3 CFcatchme; \??\C:\Users\pc\AppData\Local\Temp\CFcatchme.sys [X]
- S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
- S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
- S3 VGPU; System32\drivers\rdvgkmd.sys [X]
- ==================== NetSvcs (Whitelisted) ===================
- (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
- ==================== One Month Created Files and Folders ========
- (If an entry is included in the fixlist, the file\folder will be moved.)
- 2014-09-15 15:24 - 2014-09-15 15:25 - 00019454 _____ () C:\Users\pc\Downloads\FRST.txt
- 2014-09-15 15:24 - 2014-09-15 15:24 - 00000000 ____D () C:\FRST
- 2014-09-15 15:22 - 2014-09-15 15:22 - 00001031 _____ () C:\Users\pc\Desktop\FRST - Shortcut.lnk
- 2014-09-15 15:21 - 2014-09-15 15:21 - 01097728 _____ (Farbar) C:\Users\pc\Downloads\FRST.exe
- 2014-09-15 14:03 - 2014-09-15 14:03 - 00000000 ____D () C:\TDSSKiller_Quarantine
- 2014-09-15 13:58 - 2014-09-15 13:58 - 00000000 ____D () C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD
- 2014-09-15 13:36 - 2014-09-15 13:36 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\pc\Downloads\tdsskiller.exe
- 2014-09-15 13:36 - 2014-09-15 13:36 - 00001089 _____ () C:\Users\pc\Desktop\tdsskiller - Shortcut.lnk
- 2014-09-14 23:31 - 2014-09-15 00:28 - 302694400 _____ () C:\Users\pc\Downloads\kav_rescue_10.iso
- 2014-09-14 22:29 - 2014-09-14 22:29 - 00000512 _____ () C:\Users\pc\Desktop\MBR.dat
- 2014-09-14 22:28 - 2014-09-14 22:29 - 00001460 _____ () C:\Users\pc\Desktop\aswMBR.txt
- 2014-09-14 16:58 - 2014-09-14 16:58 - 00000000 ____D () C:\Users\pc\AppData\Roaming\eCyber
- 2014-09-14 16:57 - 2014-09-14 17:23 - 00000000 ____D () C:\Users\pc\AppData\Roaming\iSafe
- 2014-09-12 10:58 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
- 2014-09-12 10:58 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
- 2014-09-12 10:58 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
- 2014-09-12 10:58 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
- 2014-09-12 10:57 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
- 2014-09-12 10:57 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
- 2014-09-12 10:57 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
- 2014-09-12 10:57 - 2014-08-18 23:57 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
- 2014-09-12 10:57 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
- 2014-09-12 10:57 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
- 2014-09-12 10:57 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
- 2014-09-12 10:57 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
- 2014-09-12 10:57 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
- 2014-09-12 10:57 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
- 2014-09-12 10:57 - 2014-08-18 23:36 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
- 2014-09-12 10:57 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
- 2014-09-12 10:57 - 2014-08-18 23:30 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
- 2014-09-12 10:57 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
- 2014-09-12 10:57 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
- 2014-09-12 10:57 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
- 2014-09-12 10:57 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
- 2014-09-12 10:57 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
- 2014-09-12 10:57 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
- 2014-09-12 10:57 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
- 2014-09-12 10:57 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
- 2014-09-12 10:57 - 2014-08-18 23:08 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
- 2014-09-12 10:57 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
- 2014-09-12 10:57 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
- 2014-09-12 10:57 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
- 2014-09-12 10:57 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
- 2014-09-12 10:56 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
- 2014-09-11 09:53 - 2014-09-11 09:55 - 00015372 _____ () C:\Users\pc\Desktop\MBRCheck_09.11.14_09.53.05.txt
- 2014-09-11 09:52 - 2014-09-11 09:52 - 00080384 _____ () C:\Users\pc\Downloads\MBRCheck.exe
- 2014-09-10 14:55 - 2014-07-07 03:40 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
- 2014-09-10 14:55 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
- 2014-09-10 14:53 - 2014-09-05 03:52 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
- 2014-09-10 14:53 - 2014-09-05 03:47 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
- 2014-09-10 14:53 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
- 2014-09-10 14:53 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
- 2014-09-10 10:46 - 2014-09-10 10:46 - 00003544 ____N () C:\bootsqm.dat
- 2014-09-09 10:52 - 2014-09-09 10:52 - 00000017 _____ () C:\Users\pc\AppData\Local\resmon.resmoncfg
- 2014-09-07 10:27 - 2014-09-07 10:28 - 00151984 _____ () C:\Windows\Minidump\090714-18330-01.dmp
- 2014-09-05 23:18 - 2014-09-15 14:48 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
- 2014-09-05 23:13 - 2014-09-05 23:13 - 00001020 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
- 2014-09-05 23:13 - 2014-09-05 23:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
- 2014-09-05 23:11 - 2014-09-05 23:12 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
- 2014-09-05 23:11 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
- 2014-09-05 23:11 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
- 2014-09-05 23:11 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
- 2014-09-05 22:59 - 2014-09-05 23:10 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\pc\Downloads\mbam-setup-2.0.2.1012.exe
- 2014-09-05 19:51 - 2014-09-05 20:02 - 04831496 _____ () C:\Users\pc\Downloads\AntiMalware-Installer (1).exe
- 2014-09-05 19:45 - 2014-09-05 19:51 - 04831496 _____ () C:\Users\pc\Downloads\AntiMalware-Installer.exe
- 2014-09-05 19:04 - 2014-09-05 19:04 - 00000000 ____D () C:\Users\pc\AppData\Roaming\LavasoftStatistics
- 2014-09-05 19:00 - 2014-09-05 19:00 - 00000061 _____ () C:\prefs.js
- 2014-09-05 18:59 - 2014-09-05 18:59 - 00000000 ____D () C:\Users\pc\AppData\Roaming\SecureSearch
- 2014-09-05 18:27 - 2014-09-05 18:29 - 29592768 _____ (Microsoft Corporation) C:\Users\pc\Downloads\Windows-KB890830-V5.15.exe
- 2014-08-28 12:30 - 2014-08-23 03:46 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
- 2014-08-28 12:30 - 2014-08-23 02:42 - 02352640 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
- ==================== One Month Modified Files and Folders =======
- (If an entry is included in the fixlist, the file\folder will be moved.)
- 2014-09-15 15:25 - 2014-09-15 15:24 - 00019454 _____ () C:\Users\pc\Downloads\FRST.txt
- 2014-09-15 15:24 - 2014-09-15 15:24 - 00000000 ____D () C:\FRST
- 2014-09-15 15:22 - 2014-09-15 15:22 - 00001031 _____ () C:\Users\pc\Desktop\FRST - Shortcut.lnk
- 2014-09-15 15:21 - 2014-09-15 15:21 - 01097728 _____ (Farbar) C:\Users\pc\Downloads\FRST.exe
- 2014-09-15 15:06 - 2010-09-22 12:25 - 01867134 _____ () C:\Windows\WindowsUpdate.log
- 2014-09-15 14:56 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
- 2014-09-15 14:49 - 2014-07-11 20:42 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
- 2014-09-15 14:48 - 2014-09-05 23:18 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
- 2014-09-15 14:40 - 2010-12-12 14:45 - 00000928 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
- 2014-09-15 14:36 - 2013-09-14 23:58 - 00000946 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1790169903-100120260-3156938750-1000UA.job
- 2014-09-15 14:08 - 2009-07-14 06:34 - 00020672 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
- 2014-09-15 14:08 - 2009-07-14 06:34 - 00020672 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
- 2014-09-15 14:03 - 2014-09-15 14:03 - 00000000 ____D () C:\TDSSKiller_Quarantine
- 2014-09-15 13:58 - 2014-09-15 13:58 - 00000000 ____D () C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD
- 2014-09-15 13:57 - 2010-12-12 14:45 - 00000924 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
- 2014-09-15 13:57 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
- 2014-09-15 13:56 - 2009-07-14 06:39 - 00241531 _____ () C:\Windows\setupact.log
- 2014-09-15 13:36 - 2014-09-15 13:36 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\pc\Downloads\tdsskiller.exe
- 2014-09-15 13:36 - 2014-09-15 13:36 - 00001089 _____ () C:\Users\pc\Desktop\tdsskiller - Shortcut.lnk
- 2014-09-15 09:56 - 2014-06-07 09:29 - 00000000 ___RD () C:\Users\pc\Dropbox
- 2014-09-15 09:51 - 2014-06-07 09:09 - 00000000 ____D () C:\Users\pc\AppData\Roaming\Dropbox
- 2014-09-15 00:28 - 2014-09-14 23:31 - 302694400 _____ () C:\Users\pc\Downloads\kav_rescue_10.iso
- 2014-09-14 23:11 - 2014-02-09 17:21 - 00000000 ____D () C:\Users\pc\AppData\Roaming\Samsung
- 2014-09-14 23:11 - 2014-02-09 17:21 - 00000000 ____D () C:\Users\pc\AppData\Local\Samsung
- 2014-09-14 23:11 - 2014-02-09 17:17 - 00000000 ____D () C:\Program Files\Samsung
- 2014-09-14 23:08 - 2014-02-09 17:17 - 00000000 ____D () C:\ProgramData\Samsung
- 2014-09-14 23:07 - 2010-09-22 15:35 - 00000000 ____D () C:\Program Files\InstallShield Installation Information
- 2014-09-14 22:29 - 2014-09-14 22:29 - 00000512 _____ () C:\Users\pc\Desktop\MBR.dat
- 2014-09-14 22:29 - 2014-09-14 22:28 - 00001460 _____ () C:\Users\pc\Desktop\aswMBR.txt
- 2014-09-14 21:19 - 2013-12-04 22:50 - 00724504 _____ () C:\Windows\PFRO.log
- 2014-09-14 17:23 - 2014-09-14 16:57 - 00000000 ____D () C:\Users\pc\AppData\Roaming\iSafe
- 2014-09-14 16:58 - 2014-09-14 16:58 - 00000000 ____D () C:\Users\pc\AppData\Roaming\eCyber
- 2014-09-14 16:47 - 2011-12-10 23:19 - 00002089 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
- 2014-09-11 09:55 - 2014-09-11 09:53 - 00015372 _____ () C:\Users\pc\Desktop\MBRCheck_09.11.14_09.53.05.txt
- 2014-09-11 09:52 - 2014-09-11 09:52 - 00080384 _____ () C:\Users\pc\Downloads\MBRCheck.exe
- 2014-09-11 08:28 - 2013-07-12 17:00 - 00000000 ____D () C:\Windows\system32\MRT
- 2014-09-11 08:27 - 2010-09-22 14:55 - 98758480 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
- 2014-09-11 08:22 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\hr-HR
- 2014-09-11 08:20 - 2014-05-06 20:55 - 00000000 ___SD () C:\Windows\system32\CompatTel
- 2014-09-10 15:10 - 2010-09-22 14:32 - 00770634 _____ () C:\Windows\system32\PerfStringBackup.INI
- 2014-09-10 10:46 - 2014-09-10 10:46 - 00003544 ____N () C:\bootsqm.dat
- 2014-09-10 08:50 - 2013-06-17 19:40 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
- 2014-09-10 08:50 - 2013-06-17 19:40 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
- 2014-09-09 10:52 - 2014-09-09 10:52 - 00000017 _____ () C:\Users\pc\AppData\Local\resmon.resmoncfg
- 2014-09-07 18:36 - 2013-09-14 23:58 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1790169903-100120260-3156938750-1000Core.job
- 2014-09-07 10:28 - 2014-09-07 10:27 - 00151984 _____ () C:\Windows\Minidump\090714-18330-01.dmp
- 2014-09-07 10:27 - 2011-08-24 15:14 - 286487837 _____ () C:\Windows\MEMORY.DMP
- 2014-09-07 10:27 - 2011-08-24 15:14 - 00000000 ____D () C:\Windows\Minidump
- 2014-09-06 20:08 - 2010-10-24 15:05 - 00000000 ____D () C:\Users\pc\Documents\životopis
- 2014-09-06 18:08 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Vss
- 2014-09-06 18:05 - 2014-01-03 21:47 - 00000000 ____D () C:\ProgramData\Conduit
- 2014-09-06 18:05 - 2011-05-17 19:17 - 00000000 ____D () C:\Program Files\YouTube Downloader Toolbar
- 2014-09-06 18:05 - 2011-05-17 19:17 - 00000000 ____D () C:\Program Files\Common Files\Spigot
- 2014-09-06 18:05 - 2011-05-07 16:49 - 00000000 ____D () C:\Program Files\BearShare Applications
- 2014-09-06 18:05 - 2011-03-27 17:10 - 00000000 ____D () C:\Program Files\iMesh Applications
- 2014-09-05 23:13 - 2014-09-05 23:13 - 00001020 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
- 2014-09-05 23:13 - 2014-09-05 23:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
- 2014-09-05 23:12 - 2014-09-05 23:11 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
- 2014-09-05 23:11 - 2013-12-03 22:42 - 00000000 ____D () C:\ProgramData\Malwarebytes
- 2014-09-05 23:10 - 2014-09-05 22:59 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\pc\Downloads\mbam-setup-2.0.2.1012.exe
- 2014-09-05 20:02 - 2014-09-05 19:51 - 04831496 _____ () C:\Users\pc\Downloads\AntiMalware-Installer (1).exe
- 2014-09-05 19:51 - 2014-09-05 19:45 - 04831496 _____ () C:\Users\pc\Downloads\AntiMalware-Installer.exe
- 2014-09-05 19:04 - 2014-09-05 19:04 - 00000000 ____D () C:\Users\pc\AppData\Roaming\LavasoftStatistics
- 2014-09-05 19:00 - 2014-09-05 19:00 - 00000061 _____ () C:\prefs.js
- 2014-09-05 18:59 - 2014-09-05 18:59 - 00000000 ____D () C:\Users\pc\AppData\Roaming\SecureSearch
- 2014-09-05 18:29 - 2014-09-05 18:27 - 29592768 _____ (Microsoft Corporation) C:\Users\pc\Downloads\Windows-KB890830-V5.15.exe
- 2014-09-05 03:52 - 2014-09-10 14:53 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
- 2014-09-05 03:47 - 2014-09-10 14:53 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
- 2014-08-31 21:47 - 2011-12-01 20:38 - 00000000 ____D () C:\Users\pc\Documents\Rover
- 2014-08-28 19:09 - 2009-07-14 06:33 - 00409360 _____ () C:\Windows\system32\FNTCACHE.DAT
- 2014-08-23 03:46 - 2014-08-28 12:30 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
- 2014-08-23 02:42 - 2014-08-28 12:30 - 02352640 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
- 2014-08-19 19:39 - 2014-09-12 10:57 - 00327872 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
- 2014-08-19 00:26 - 2014-09-12 10:57 - 17455104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
- 2014-08-19 00:08 - 2014-09-12 10:57 - 04232704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
- 2014-08-18 23:57 - 2014-09-12 10:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
- 2014-08-18 23:57 - 2014-09-12 10:57 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
- 2014-08-18 23:46 - 2014-09-12 10:57 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
- 2014-08-18 23:45 - 2014-09-12 10:58 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
- 2014-08-18 23:44 - 2014-09-12 10:58 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
- 2014-08-18 23:44 - 2014-09-12 10:57 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
- 2014-08-18 23:42 - 2014-09-12 10:57 - 02185728 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
- 2014-08-18 23:39 - 2014-09-12 10:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
- 2014-08-18 23:39 - 2014-09-12 10:57 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
- 2014-08-18 23:37 - 2014-09-12 10:58 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
- 2014-08-18 23:36 - 2014-09-12 10:57 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
- 2014-08-18 23:36 - 2014-09-12 10:57 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
- 2014-08-18 23:35 - 2014-09-12 10:57 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
- 2014-08-18 23:30 - 2014-09-12 10:57 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
- 2014-08-18 23:27 - 2014-09-12 10:57 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
- 2014-08-18 23:22 - 2014-09-12 10:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
- 2014-08-18 23:19 - 2014-09-12 10:57 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
- 2014-08-18 23:17 - 2014-09-12 10:57 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
- 2014-08-18 23:17 - 2014-09-12 10:57 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
- 2014-08-18 23:15 - 2014-09-12 10:57 - 11769856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
- 2014-08-18 23:09 - 2014-09-12 10:57 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
- 2014-08-18 23:08 - 2014-09-12 10:57 - 02014208 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
- 2014-08-18 23:08 - 2014-09-12 10:57 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
- 2014-08-18 23:07 - 2014-09-12 10:57 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
- 2014-08-18 22:46 - 2014-09-12 10:57 - 01812992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
- 2014-08-18 22:38 - 2014-09-12 10:57 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
- 2014-08-18 22:36 - 2014-09-12 10:57 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
- Some content of TEMP:
- ====================
- C:\Users\pc\AppData\Local\temp\b30a14d7-208c-4e93-a19a-81f6e55c5732.exe
- C:\Users\pc\AppData\Local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpy0acvi.dll
- C:\Users\pc\AppData\Local\temp\GUR205B.exe
- C:\Users\pc\AppData\Local\temp\GUR26E0.exe
- C:\Users\pc\AppData\Local\temp\{F6374F4E-51A1-44A0-8BBC-C6FE55F4FEBF}.exe
- ==================== Bamital & volsnap Check =================
- (There is no automatic fix for files that do not pass verification.)
- C:\Windows\explorer.exe => File is digitally signed
- C:\Windows\system32\winlogon.exe => File is digitally signed
- C:\Windows\system32\wininit.exe => File is digitally signed
- C:\Windows\system32\svchost.exe => File is digitally signed
- C:\Windows\system32\services.exe => File is digitally signed
- C:\Windows\system32\User32.dll => File is digitally signed
- C:\Windows\system32\userinit.exe => File is digitally signed
- C:\Windows\system32\rpcss.dll => File is digitally signed
- C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
- LastRegBack: 2014-08-08 08:16
- ==================== End Of Log ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement