Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-01-2014 03 Ran by Asus (administrator) on ASUS-KOMPUTER on 16-01-2014 15:38:34 Running from C:\Users\Asus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SU7RJGQ3 Windows 7 Ultimate Service Pack 1 (X64) OS Language: Polish Internet Explorer Version 9 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: Download link for 64-Bit Version: Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: ==================== Processes (Whitelisted) ================= (ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe () C:\Program Files\ATKGFNEX\GFNEXSrv.exe (ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe () C:\ProgramData\DatacardService\HWDeviceService64.exe () C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe () C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe (AlcorMicro Co., Ltd.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe () C:\Program Files (x86)\T-Mobile\InternetManager_H\Internet Manager.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe (ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDECK.EXE (ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS) C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe () C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe (ATK) C:\Program Files\P4G\BatteryLife.exe (ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe (ASUS) C:\Program Files (x86)\ASUS\ASUS CopyProtect\ASPG.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe () C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe (ASUS) C:\Windows\AsScrPro.exe (ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) C:\Windows\System32\audiodg.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323072 2009-08-12] (AlcorMicro Co., Ltd.) HKLM\...\Run: [ETDWare] - C:\Program Files\Elantech\ETDCtrl.exe [617856 2009-07-30] (ELAN Microelectronic Corp.) HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2244096 2009-07-13] (VIA) HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS) HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [6859392 2009-08-17] (ASUS) HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [170624 2009-08-19] (ASUS) HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) Winlogon\Notify\igfxcui: C:\Windows\SYSTEM32\igfxdev.dll (Intel Corporation) MountPoints2: {0f308768-0b7c-11e1-920f-20cf300898f8} - H:\Startme.exe MountPoints2: {168dcea4-7df8-11e3-ac4c-20cf300898f8} - G:\AutoRun.exe MountPoints2: {168dcecf-7df8-11e3-ac4c-20cf300898f8} - G:\AutoRun.exe MountPoints2: {168dcefe-7df8-11e3-ac4c-20cf300898f8} - G:\AutoRun.exe MountPoints2: {388062f8-7e83-11e3-8515-20cf300898f8} - G:\AutoRun.exe MountPoints2: {7385bea5-7c21-11e3-aa41-20cf300898f8} - G:\AutoRun.exe MountPoints2: {7385beb7-7c21-11e3-aa41-20cf300898f8} - G:\AutoRun.exe MountPoints2: {7d721579-45c6-11e2-8d3a-20cf300898f8} - G:\AutoRun.exe /s MountPoints2: {848d3057-cb17-11df-ab83-806e6f6e6963} - F:\InstAll.exe HKU\Gość\...\Run: [swg] - "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" HKU\Gość\...\Run: [Gadu-Gadu] - C:\Program Files (x86)\Gadu-Gadu\gg.exe [2127296 2008-03-20] (Gadu-Gadu S.A.) ==================== Internet (Whitelisted) ==================== StartMenuInternet: IEXPLORE.EXE - iexplore.exe SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Toolbar: HKCU - No Name - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - No File Toolbar: HKCU - No Name - {D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} - No File DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} DPF: HKLM-x32 {25336921-03F9-11CF-8FD0-00AA00686F13} DPF: HKLM-x32 {68282C51-9459-467B-95BF-3C0E89627E55} DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} Tcpip\Parameters: [DhcpNameServer] Tcpip\..\Interfaces\{B4ABD38B-0C82-4443-830D-E477E6AEC4A8}: [NameServer] Chrome: ======= CHR DefaultSearchKeyword: sweet-page CHR DefaultSearchProvider: sweet-page CHR DefaultSearchURL:{searchTerms} CHR DefaultNewTabURL: CHR Extension: (RealDownloader) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.0_1 [2014-01-16] CHR Extension: (Google Wallet) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\ [2014-01-16] CHR HKLM-x32\...\Chrome\Extension: [hphehadppenpmajgnkjdcopcfijjegaf] - C:\Program Files (x86)\Jump Flip\hphehadppenpmajgnkjdcopcfijjegaf.crx [2014-01-16] CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2012-11-29] ==================== Services (Whitelisted) ================= R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-07] () R2 FastBootAgent; C:\Windows\system32\FBAgent.exe [356480 2009-08-21] (ASUSTeK Computer Inc.) R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] () S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [224096 2014-01-16] () R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 MSSQL$ELISOFT; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation) R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] () S2 SfCtlCom; C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe [838528 2009-08-04] (Trend Micro Inc.) R3 spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [125496 2007-08-03] () ==================== Drivers (Whitelisted) ==================== R2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] () R0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [16512 2014-01-16] (Bytemobile, Inc.) S2 DgiVecp; C:\Windows\System32\Drivers\DgiVecp.sys [53816 2009-10-06] (Samsung Electronics Co., Ltd.) S2 DgiVecp; C:\Windows\SysWOW64\Drivers\DgiVecp.sys [41984 2004-05-17] (DeviceGuys, Inc.) R2 ghaio; C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [17464 2007-08-03] () S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [212992 2014-01-16] (Huawei Technologies Co., Ltd.) R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( ) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2010-07-16] (CACE Technologies, Inc.) R0 pavboot; C:\Windows\System32\Drivers\pavboot64.sys [30792 2010-06-22] (Panda Security, S.L.) S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [113704 2008-10-21] (MCCI Corporation) S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [19496 2008-10-21] (MCCI Corporation) S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [152616 2008-10-21] (MCCI Corporation) S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [133160 2008-10-21] (MCCI Corporation) S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [34856 2008-10-21] (MCCI Corporation) S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [128552 2008-10-21] (MCCI Corporation) S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [145960 2008-10-21] (MCCI Corporation) R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1800192 2009-08-20] () R0 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2012-06-07] (Duplex Secure Ltd.) R1 tcpipBM; C:\Windows\system32\drivers\tcpipBM.sys [39552 2014-01-16] (Bytemobile, Inc.) S3 ipswuio; System32\DRIVERS\ipswuio.sys [x] S3 Prot6Flt; system32\DRIVERS\Prot6Flt.sys [x] S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x] S3 tsusbhub; system32\drivers\tsusbhub.sys [x] S3 VGPU; System32\drivers\rdvgkmd.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-01-16 15:37 - 2014-01-16 15:37 - 00000000 ____D C:\FRST 2014-01-16 13:19 - 2014-01-16 13:19 - 00000000 ____D C:\Users\Public\Desktop\CC Support 2014-01-16 13:08 - 2014-01-16 13:08 - 00000000 ____D C:\Users\Asus\AppData\Local\Tem 2014-01-16 13:08 - 2009-07-14 02:39 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\Services.exe 2014-01-16 12:32 - 2014-01-16 12:32 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2014-01-16 12:32 - 2014-01-16 12:32 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2014-01-16 08:43 - 2014-01-16 08:43 - 00001203 _____ C:\Users\Public\Desktop\Internet Manager.lnk 2014-01-16 08:42 - 2014-01-16 08:41 - 01001472 _____ (DiBcom SA) C:\Windows\system32\Drivers\mod7700.sys 2014-01-16 08:42 - 2014-01-16 08:41 - 00724608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bmutil.dll 2014-01-16 08:42 - 2014-01-16 08:41 - 00415744 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbwwan.sys 2014-01-16 08:42 - 2014-01-16 08:41 - 00308352 _____ (Bytemobile, Inc.) C:\Windows\SysWOW64\bminstall.dll 2014-01-16 08:42 - 2014-01-16 08:41 - 00222464 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbmdm.sys 2014-01-16 08:42 - 2014-01-16 08:41 - 00212992 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juwwanecm.sys 2014-01-16 08:42 - 2014-01-16 08:41 - 00117248 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwusbdev.sys 2014-01-16 08:42 - 2014-01-16 08:41 - 00098816 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcacm.sys 2014-01-16 08:42 - 2014-01-16 08:41 - 00086016 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jubusenum.sys 2014-01-16 08:42 - 2014-01-16 08:41 - 00069632 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcecm.sys 2014-01-16 08:42 - 2014-01-16 08:41 - 00039552 _____ (Bytemobile, Inc.) C:\Windows\system32\Drivers\tcpipBM.sys 2014-01-16 08:42 - 2014-01-16 08:41 - 00032768 _____ (Huawei Tech. Co., Ltd.) C:\Windows\system32\Drivers\ewdcsc.sys 2014-01-16 08:42 - 2014-01-16 08:41 - 00028672 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juextctrl.sys 2014-01-16 08:42 - 2014-01-16 08:41 - 00022016 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwupgrade.sys 2014-01-16 08:42 - 2014-01-16 08:41 - 00016512 _____ (Bytemobile, Inc.) C:\Windows\system32\Drivers\BMLoad.sys 2014-01-16 08:42 - 2014-01-16 08:41 - 00013952 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbenumfilter.sys 2014-01-16 08:41 - 2014-01-16 08:41 - 00000000 ____D C:\Program Files (x86)\T-Mobile 2014-01-15 15:48 - 2014-01-15 15:48 - 00003144 _____ C:\Windows\System32\Tasks\{17D7BE86-F65A-4335-86FD-D92354FDBC53} 2014-01-15 15:48 - 2014-01-15 15:48 - 00000000 ____D C:\Program Files (x86)\SAMSUNG 2014-01-15 15:45 - 2014-01-15 15:58 - 00000071 _____ C:\Users\Asus\daemonprocess.txt 2014-01-15 15:44 - 2014-01-15 15:43 - 06628843 _____ (Samsung ) C:\Users\Asus\Downloads\SCX-4200_win98me.exe 2014-01-15 15:18 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-01-15 15:17 - 2014-01-15 15:17 - 00005175 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log 2014-01-15 15:17 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-01-15 15:17 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-01-15 15:17 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-01-15 08:11 - 2014-01-15 08:11 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ew_juextctrl_01007.Wdf 2014-01-15 08:11 - 2014-01-15 08:11 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf 2014-01-15 08:10 - 2014-01-16 08:41 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfCoInstaller01007.dll 2014-01-15 08:10 - 2014-01-15 08:10 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ew_jubusenum_01007.Wdf 2014-01-15 08:10 - 2014-01-15 08:10 - 00000000 ____D C:\ProgramData\Internet Manager 2014-01-15 08:09 - 2014-01-16 08:45 - 00000000 ____D C:\ProgramData\DatacardService 2014-01-15 08:09 - 2014-01-15 08:09 - 00000000 ____D C:\Users\Asus\AppData\Roaming\T-Mobile 2014-01-10 23:03 - 2014-01-10 23:03 - 00000000 ____D C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup 2014-01-06 20:23 - 2014-01-06 20:23 - 04558848 _____ (Google Inc.) C:\Windows\SysWOW64\GPhotos.scr 2014-01-01 08:36 - 2014-01-16 13:24 - 00003096 _____ C:\Windows\System32\Tasks\AIRecoveryRemind 2013-12-26 12:22 - 2013-12-26 12:23 - 08622080 _____ C:\Users\Gość\Downloads\DrukiGofin_2.1.8.0_n.msi 2013-12-22 18:13 - 2013-12-22 18:13 - 00000000 ____D C:\Users\Asus\Documents\Sony ==================== One Month Modified Files and Folders ======= 2014-01-16 15:37 - 2014-01-16 15:37 - 00000000 ____D C:\FRST 2014-01-16 15:20 - 2013-12-01 15:28 - 01373020 _____ C:\Windows\WindowsUpdate.log 2014-01-16 15:18 - 2012-10-30 10:28 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-01-16 15:12 - 2009-07-14 05:45 - 00010240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-01-16 15:12 - 2009-07-14 05:45 - 00010240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-01-16 15:07 - 2010-10-01 09:55 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-01-16 13:36 - 2013-10-27 12:11 - 00003178 _____ C:\Windows\System32\Tasks\P4GIntlCtrl 2014-01-16 13:36 - 2013-09-25 10:28 - 00003114 _____ C:\Windows\System32\Tasks\P4G Sidebar 2014-01-16 13:33 - 2010-09-28 16:54 - 00000000 ____D C:\Users\Asus 2014-01-16 13:25 - 2010-09-28 11:25 - 00003094 _____ C:\Windows\System32\Tasks\WC3 2014-01-16 13:25 - 2010-09-28 11:24 - 00002866 _____ C:\Windows\System32\Tasks\Net4Switch 2014-01-16 13:24 - 2014-01-01 08:36 - 00003096 _____ C:\Windows\System32\Tasks\AIRecoveryRemind 2014-01-16 13:24 - 2010-10-01 09:55 - 00001040 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-01-16 13:24 - 2010-09-28 11:25 - 00003072 _____ C:\Windows\System32\Tasks\ACMON 2014-01-16 13:24 - 2010-09-28 11:22 - 00003006 _____ C:\Windows\System32\Tasks\ASUS Live Update 2014-01-16 13:21 - 2010-09-28 11:22 - 00000038 _____ C:\Windows\system32\BootTime.ini 2014-01-16 13:21 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2014-01-16 13:20 - 2013-12-08 14:59 - 00032602 _____ C:\Windows\setupact.log 2014-01-16 13:19 - 2014-01-16 13:19 - 00000000 ____D C:\Users\Public\Desktop\CC Support 2014-01-16 13:10 - 2013-12-08 14:59 - 00024008 _____ C:\Windows\PFRO.log 2014-01-16 13:10 - 2010-09-28 11:22 - 00000080 _____ C:\Windows\system32\Defrag.ini 2014-01-16 13:09 - 2010-10-01 09:55 - 00000000 ____D C:\Program Files\Google 2014-01-16 13:08 - 2014-01-16 13:08 - 00000000 ____D C:\Users\Asus\AppData\Local\Tem 2014-01-16 12:32 - 2014-01-16 12:32 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2014-01-16 12:32 - 2014-01-16 12:32 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2014-01-16 12:32 - 2013-02-12 21:10 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2014-01-16 12:32 - 2013-02-12 21:10 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2014-01-16 12:32 - 2010-11-04 12:07 - 00000000 ____D C:\Program Files\Java 2014-01-16 12:11 - 2010-10-01 09:55 - 00000000 ____D C:\Users\Asus\AppData\Local\Google 2014-01-16 12:02 - 2010-10-09 17:26 - 00000000 ____D C:\Program Files\SkanerOnline 2014-01-16 12:01 - 2010-10-01 09:54 - 00000000 ____D C:\ProgramData\Google 2014-01-16 12:01 - 2010-10-01 09:54 - 00000000 ____D C:\Program Files (x86)\Google 2014-01-16 11:59 - 2011-10-19 22:04 - 00000000 ____D C:\ProgramData\Lavasoft 2014-01-16 10:02 - 2013-11-13 21:49 - 00003618 _____ C:\Windows\System32\Tasks\Ad-Aware Update (Weekly) 2014-01-16 10:01 - 2011-10-31 08:40 - 00050752 _____ C:\aaw7boot.log 2014-01-16 10:00 - 2013-02-12 21:46 - 00001254 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2014-01-16 10:00 - 2010-09-28 16:56 - 00001140 _____ C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-01-16 10:00 - 2010-09-28 16:56 - 00000997 _____ C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk 2014-01-16 09:16 - 2009-07-14 18:55 - 04811436 _____ C:\Windows\system32\perfh015.dat 2014-01-16 09:16 - 2009-07-14 18:55 - 01585106 _____ C:\Windows\system32\perfc015.dat 2014-01-16 09:16 - 2009-07-14 06:13 - 00006462 _____ C:\Windows\system32\PerfStringBackup.INI 2014-01-16 08:54 - 2010-09-28 11:22 - 00001793 _____ C:\Windows\system32\ServiceFilter.ini 2014-01-16 08:45 - 2014-01-15 08:09 - 00000000 ____D C:\ProgramData\DatacardService 2014-01-16 08:43 - 2014-01-16 08:43 - 00001203 _____ C:\Users\Public\Desktop\Internet Manager.lnk 2014-01-16 08:41 - 2014-01-16 08:42 - 01001472 _____ (DiBcom SA) C:\Windows\system32\Drivers\mod7700.sys 2014-01-16 08:41 - 2014-01-16 08:42 - 00724608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bmutil.dll 2014-01-16 08:41 - 2014-01-16 08:42 - 00415744 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbwwan.sys 2014-01-16 08:41 - 2014-01-16 08:42 - 00308352 _____ (Bytemobile, Inc.) C:\Windows\SysWOW64\bminstall.dll 2014-01-16 08:41 - 2014-01-16 08:42 - 00222464 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbmdm.sys 2014-01-16 08:41 - 2014-01-16 08:42 - 00212992 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juwwanecm.sys 2014-01-16 08:41 - 2014-01-16 08:42 - 00117248 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwusbdev.sys 2014-01-16 08:41 - 2014-01-16 08:42 - 00098816 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcacm.sys 2014-01-16 08:41 - 2014-01-16 08:42 - 00086016 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jubusenum.sys 2014-01-16 08:41 - 2014-01-16 08:42 - 00069632 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcecm.sys 2014-01-16 08:41 - 2014-01-16 08:42 - 00039552 _____ (Bytemobile, Inc.) C:\Windows\system32\Drivers\tcpipBM.sys 2014-01-16 08:41 - 2014-01-16 08:42 - 00032768 _____ (Huawei Tech. Co., Ltd.) C:\Windows\system32\Drivers\ewdcsc.sys 2014-01-16 08:41 - 2014-01-16 08:42 - 00028672 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juextctrl.sys 2014-01-16 08:41 - 2014-01-16 08:42 - 00022016 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwupgrade.sys 2014-01-16 08:41 - 2014-01-16 08:42 - 00016512 _____ (Bytemobile, Inc.) C:\Windows\system32\Drivers\BMLoad.sys 2014-01-16 08:41 - 2014-01-16 08:42 - 00013952 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbenumfilter.sys 2014-01-16 08:41 - 2014-01-16 08:41 - 00000000 ____D C:\Program Files (x86)\T-Mobile 2014-01-16 08:41 - 2014-01-15 08:10 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfCoInstaller01007.dll 2014-01-16 08:41 - 2011-11-18 14:20 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll 2014-01-15 21:28 - 2011-01-06 17:10 - 00045056 _____ C:\Windows\system32\acovcnt.exe 2014-01-15 15:58 - 2014-01-15 15:45 - 00000071 _____ C:\Users\Asus\daemonprocess.txt 2014-01-15 15:48 - 2014-01-15 15:48 - 00003144 _____ C:\Windows\System32\Tasks\{17D7BE86-F65A-4335-86FD-D92354FDBC53} 2014-01-15 15:48 - 2014-01-15 15:48 - 00000000 ____D C:\Program Files (x86)\SAMSUNG 2014-01-15 15:43 - 2014-01-15 15:44 - 06628843 _____ (Samsung ) C:\Users\Asus\Downloads\SCX-4200_win98me.exe 2014-01-15 15:18 - 2013-11-24 22:59 - 00000000 ____D C:\ProgramData\Oracle 2014-01-15 15:17 - 2014-01-15 15:17 - 00005175 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log 2014-01-15 15:17 - 2010-11-04 11:41 - 00000000 ____D C:\Program Files (x86)\Java 2014-01-15 08:19 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF 2014-01-15 08:18 - 2011-11-02 20:09 - 00010533 _____ C:\Users\Asus\AppData\Roaming\SmarThruOptions.xml 2014-01-15 08:11 - 2014-01-15 08:11 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ew_juextctrl_01007.Wdf 2014-01-15 08:11 - 2014-01-15 08:11 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf 2014-01-15 08:10 - 2014-01-15 08:10 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ew_jubusenum_01007.Wdf 2014-01-15 08:10 - 2014-01-15 08:10 - 00000000 ____D C:\ProgramData\Internet Manager 2014-01-15 08:09 - 2014-01-15 08:09 - 00000000 ____D C:\Users\Asus\AppData\Roaming\T-Mobile 2014-01-14 21:51 - 2011-10-23 08:40 - 00000064 _____ C:\Windows\SysWOW64\rp_stats.dat 2014-01-14 21:51 - 2011-10-23 08:40 - 00000044 _____ C:\Windows\SysWOW64\rp_rules.dat 2014-01-11 20:19 - 2013-11-15 11:08 - 00000000 ____D C:\Users\Gość\Gadu-Gadu 2014-01-10 23:03 - 2014-01-10 23:03 - 00000000 ____D C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup 2014-01-06 20:23 - 2014-01-06 20:23 - 04558848 _____ (Google Inc.) C:\Windows\SysWOW64\GPhotos.scr 2013-12-26 12:23 - 2013-12-26 12:22 - 08622080 _____ C:\Users\Gość\Downloads\DrukiGofin_2.1.8.0_n.msi 2013-12-25 22:30 - 2010-10-22 15:46 - 00000000 ____D C:\Users\Gość\AppData\Local\Google 2013-12-22 18:13 - 2013-12-22 18:13 - 00000000 ____D C:\Users\Asus\Documents\Sony 2013-12-18 21:09 - 2014-01-15 15:17 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2013-12-18 21:04 - 2014-01-15 15:18 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2013-12-18 21:04 - 2014-01-15 15:17 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2013-12-18 21:03 - 2014-01-15 15:17 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe Some content of TEMP: ==================== C:\Users\Asus\AppData\Local\Temp\ESETSirefefCleaner.exe C:\Users\Asus\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe C:\Users\Asus\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-11-10 11:53 ==================== End Of Log ============================