Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-02-2015 Ran by Solskier (administrator) on SOLSKIER-PC on 03-02-2015 01:48:40 Running from C:\Windows\System32\config\systemprofile\Downloads Loaded Profiles: Solskier & Sol (Available profiles: Solskier & Sol & Guest) Platform: Microsoft Windows 7 Ultimate (X86) OS Language: English (United States) Internet Explorer Version 8 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieSvc.exe (AMD) C:\Windows\System32\atieclxx.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG9\avgwdsvc.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (InterVideo Inc.) C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe (LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe () C:\ProgramData\DatacardService\HWDeviceService.exe (Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe (pdfforge GbR) C:\Program Files\PDF Architect\HelperService.exe (pdfforge GbR) C:\Program Files\PDF Architect\ConversionService.exe (AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG9\avgfws9.exe (Lenovo Group Limited) C:\Program Files\Lenovo\System Update\SUService.exe () C:\Program Files\ASUS\AASP\1.00.80\aaCenter.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG9\avgtray.exe (Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe () C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe () C:\Program Files\AVG Secure Search\vprot.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe () C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe (LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSMonitor.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [39792 2008-01-11] (Adobe Systems Incorporated) HKLM\...\Run: [AVG9_TRAY] => C:\Program Files\AVG\AVG9\avgtray.exe [2077536 2012-01-27] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG) HKLM\...\Run: [NBKeyScan] => C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [1836328 2007-09-20] (Nero AG) HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2010-11-29] (Apple Inc.) HKLM\...\Run: [ISUSScheduler] => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-08-11] (Macrovision Corporation) HKLM\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] () HKLM\...\Run: [vProt] => C:\Program Files\AVG Secure Search\vprot.exe [2640408 2014-08-25] () HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation) HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2255184 2013-06-28] (LogMeIn Inc.) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-31] (AVAST Software) Winlogon\Notify\avgrsstarter: C:\Windows\system32\avgrsstx.dll (AVG Technologies CZ, s.r.o.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000&st=18&barid={F71C97B2-2CEE-41BB-9487-652FA1F78108} HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome URLSearchHook: HKLM - (No Name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - No File URLSearchHook: [S-1-5-21-682935528-494026121-326331953-1006] ATTENTION ==> Default URLSearchHook is missing. URLSearchHook: HKU\S-1-5-21-682935528-494026121-326331953-1006 - (No Name) - {EEE6C35D-6118-11DC-9C72-001320C79847} - No File SearchScopes: HKLM -> DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=18&q={searchTerms}&barid={F71C97B2-2CEE-41BB-9487-652FA1F78108} SearchScopes: HKLM -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=18&q={searchTerms}&barid={F71C97B2-2CEE-41BB-9487-652FA1F78108} SearchScopes: HKU\S-1-5-21-682935528-494026121-326331953-1006 -> DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) BHO: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GbR) BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: AVG Security Toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll (AVG Secure Search) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Toolbar: HKLM - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll (AVG Secure Search) Toolbar: HKLM - No Name - {98889811-442D-49dd-99D7-DC866BE87DBC} - No File Toolbar: HKLM - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files\PDF Architect\PDFIEPlugin.dll (pdfforge GbR) Toolbar: HKU\.DEFAULT -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File Toolbar: HKU\S-1-5-21-682935528-494026121-326331953-1001 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File Toolbar: HKU\S-1-5-21-682935528-494026121-326331953-1006 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File Toolbar: HKU\S-1-5-21-682935528-494026121-326331953-1006 -> No Name - {BA14329E-9550-4989-B3F2-9732E92D17CC} - No File Toolbar: HKU\S-1-5-21-682935528-494026121-326331953-1006 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File Toolbar: HKU\S-1-5-21-682935528-494026121-326331953-1006 -> No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search) Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{2C16D74E-A54E-4E93-B0B4-3413FCAF2985}: [NameServer] 89.108.202.20 89.108.195.20 Tcpip\..\Interfaces\{CBD21133-FA5D-40DF-8713-9B98F7DCAB73}: [NameServer] 89.108.195.21 89.108.202.21 Tcpip\..\Interfaces\{FC3377C3-B632-4A69-80FD-097778995ED5}: [NameServer] 89.108.195.21 89.108.202.21 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_296.dll () FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.) FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\avg-secure-search.xml FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-01-26] FF HKLM\...\Firefox\Extensions: [{3f963a5b-e555-4543-90e2-c3908898db71}] - C:\Program Files\AVG\AVG9\Firefox FF Extension: AVG Safe Search - C:\Program Files\AVG\AVG9\Firefox [2010-02-15] FF HKLM\...\Firefox\Extensions: [{6E19037A-12E3-4295-8915-ED48BC341614}] - C:\Program Files\RelevantKnowledge FF HKLM\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.9.799 FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.9.799 [2014-08-25] FF HKLM\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files\PDF Architect\FFPDFArchitectExt FF Extension: PDF Architect Converter For Firefox - C:\Program Files\PDF Architect\FFPDFArchitectExt [2013-04-08] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-01-31] Chrome: ======= CHR Profile: C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Prezentacje Google) - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-31] CHR Extension: (Dokumenty Google) - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-31] CHR Extension: (Dysk Google) - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-31] CHR Extension: (YouTube) - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-31] CHR Extension: (Szukaj w Google) - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-31] CHR Extension: (Arkusze Google) - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-31] CHR Extension: (Avast Online Security) - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-01-31] CHR Extension: (SweetIM for Facebook) - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn [2015-01-31] CHR Extension: (Skype Click to Call) - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-01-31] CHR Extension: (AVG Security Toolbar) - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2015-01-31] CHR Extension: (Google Wallet) - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-31] CHR Extension: (SweetPacks Chrome Extension) - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj [2015-01-31] CHR Extension: (Gmail) - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-31] CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-31] CHR HKLM\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\Solskier\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx [2012-07-03] CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14] CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\18.1.0.443\avg.crx [2014-04-28] CHR HKLM\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Windows\System32\mjcm\SweetNT.crx [2014-07-16] CHR HKLM\...\Chrome\Extension: [pgafcinpmmpklohkojmllohdhomoefph] - Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.crx [Not Found] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-31] (AVAST Software) S2 avg9emc; C:\Program Files\AVG\AVG9\avgemc.exe [921952 2010-07-21] (AVG Technologies CZ, s.r.o.) R2 avg9wd; C:\Program Files\AVG\AVG9\avgwdsvc.exe [308136 2010-06-22] (AVG Technologies CZ, s.r.o.) R2 avgfws9; C:\Program Files\AVG\AVG9\avgfws9.exe [2331544 2010-11-24] (AVG Technologies CZ, s.r.o.) S2 AVGIDSAgent; C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe [5897808 2010-06-22] (AVG Technologies CZ, s.r.o.) R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation) R2 Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.) R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1440080 2013-06-28] (LogMeIn Inc.) R2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [264704 2010-11-16] () [File not signed] R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR) R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR) R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [75536 2012-06-17] (SANDBOXIE L.T.D) R2 SUService; C:\Program Files\Lenovo\System Update\SUService.exe [28672 2009-10-19] (Lenovo Group Limited) [File not signed] S3 Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [1245064 2010-02-06] () R2 vToolbarUpdater18.1.9; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-11] (AVG Secure Search) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation) S4 Browser Manager; Browser Manager\2.2.643.41\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 amdkmdag; C:\Windows\System32\DRIVERS\atipmdag.sys [5188096 2009-12-11] (ATI Technologies Inc.) R1 AsIO; C:\Windows\System32\drivers\AsIO.sys [12400 2007-12-17] () R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2015-01-31] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [73480 2015-01-31] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2015-01-31] (AVAST Software) R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2015-01-31] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2015-01-31] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423784 2015-01-31] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [91496 2015-01-31] (AVAST Software) R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206248 2015-01-31] () R3 Avgfwdx; C:\Windows\System32\DRIVERS\avgfwdx.sys [30104 2010-02-15] (AVG Technologies CZ, s.r.o.) S3 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwdx.sys [30104 2010-02-15] (AVG Technologies CZ, s.r.o.) R3 AVGIDSDriverxpx; C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys [122448 2010-06-22] (AVG Technologies CZ, s.r.o. ) R0 AVGIDSErHrxpx; C:\Windows\System32\Drivers\AVGIDSxx.sys [25168 2010-06-22] (AVG Technologies CZ, s.r.o. ) R3 AVGIDSFilterxpx; C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys [30288 2010-06-22] (AVG Technologies CZ, s.r.o. ) R3 AVGIDSShimxpx; C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys [26192 2010-06-22] (AVG Technologies CZ, s.r.o. ) R1 AvgLdx86; C:\Windows\System32\Drivers\avgldx86.sys [226016 2013-01-15] (AVG Technologies CZ, s.r.o.) R1 AvgMfx86; C:\Windows\System32\Drivers\avgmfx86.sys [29712 2011-09-12] (AVG Technologies CZ, s.r.o.) R0 AvgRkx86; C:\Windows\System32\Drivers\avgrkx86.sys [52872 2010-03-05] (AVG Technologies CZ, s.r.o.) R1 AvgTdiX; C:\Windows\System32\Drivers\avgtdix.sys [243152 2011-05-06] (AVG Technologies CZ, s.r.o.) R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42784 2014-08-11] (AVG Technologies) R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.) S3 k750bus; C:\Windows\System32\DRIVERS\k750bus.sys [55216 2005-02-11] (MCCI) R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25752 2009-10-07] () S3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41752 2007-10-12] (Logitech Inc.) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [7680 2006-10-18] () S3 pepifilter; C:\Windows\System32\DRIVERS\lv302af.sys [13976 2009-04-30] (Logitech Inc.) S3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [2687512 2009-04-30] (Logitech Inc.) R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [137488 2012-06-17] (SANDBOXIE L.T.D) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-07-27] () [File not signed] S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [98432 2011-07-20] (MCCI) S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14848 2011-07-20] (MCCI Corporation) S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [123648 2011-07-20] (MCCI Corporation) S3 ss_bserd; C:\Windows\System32\DRIVERS\ss_bserd.sys [100224 2011-07-20] (MCCI Corporation) U3 aasvkw8z; C:\Windows\system32\Drivers\aasvkw8z.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder) S3 catchme; \??\C:\Windows\system32\config\SYSTEM~1\AppData\Local\Temp\catchme.sys [X] S3 cpuz132; \??\C:\Users\Solskier\AppData\Local\Temp\cpuz132\cpuz132_x32.sys [X] S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [X] S3 LVcKap; system32\DRIVERS\LVcKap.sys [X] S3 LVMVDrv; system32\DRIVERS\LVMVDrv.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-03 01:48 - 2015-02-03 01:48 - 00000000 ____D () C:\FRST 2015-02-01 12:46 - 2015-02-01 12:46 - 00000000 ____D () C:\Users\Sol.Solskier-PC\AppData\Roaming\Adobe 2015-02-01 12:45 - 2015-02-01 12:45 - 00000000 ____D () C:\Users\Sol.Solskier-PC\AppData\Roaming\AVAST Software 2015-02-01 12:39 - 2015-02-01 12:39 - 00000355 _____ () C:\Users\Guest\Downloads\Shortcut.txt 2015-02-01 12:38 - 2015-02-01 12:39 - 00028784 _____ () C:\Users\Guest\Downloads\FRST.txt 2015-02-01 12:38 - 2015-02-01 12:39 - 00014370 _____ () C:\Users\Guest\Downloads\Addition.txt 2015-02-01 12:36 - 2015-02-01 12:36 - 01122304 _____ (Farbar) C:\Users\Guest\Downloads\FRST.exe 2015-02-01 12:31 - 2015-02-01 12:31 - 00368705 _____ () C:\Users\Guest\Downloads\gm.zip 2015-02-01 12:26 - 2015-02-01 12:26 - 00370943 _____ () C:\Users\Guest\Downloads\gmer.zip 2015-02-01 12:26 - 2015-02-01 12:26 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\WinRAR 2015-02-01 12:21 - 2015-02-01 12:21 - 00380416 _____ () C:\Users\Guest\Downloads\zi1s55hf.exe 2015-02-01 12:01 - 2015-02-01 12:01 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Mozilla 2015-02-01 12:01 - 2015-02-01 12:01 - 00000000 ____D () C:\Users\Guest\AppData\Local\Mozilla 2015-02-01 11:47 - 2015-02-01 11:47 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\AVAST Software 2015-02-01 11:47 - 2015-02-01 11:47 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Adobe 2015-02-01 11:42 - 2015-02-03 01:39 - 00000000 ____D () C:\Windows\system32\cache 2015-02-01 11:42 - 2015-02-01 11:42 - 00000067 _____ () C:\..txt 2015-02-01 09:59 - 2015-02-01 09:59 - 00021421 _____ () C:\ComboFix.txt 2015-02-01 09:04 - 2015-02-01 09:04 - 00000000 ____D () C:\ProgramData\Arcabit Skaner Online 2015-02-01 01:53 - 2015-02-01 01:53 - 00000000 ____D () C:\ProgramData\Arcabit 2015-02-01 01:34 - 2015-02-01 01:34 - 00000000 ____D () C:\Windows\system32\%LocalAppData% 2015-01-31 23:56 - 2015-01-31 23:56 - 00000000 ____D () C:\Program Files\ESET 2015-01-31 23:43 - 2015-01-31 23:43 - 00002119 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk 2015-01-31 23:43 - 2015-01-31 23:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software 2015-01-31 23:42 - 2015-01-31 23:43 - 00787800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys 2015-01-31 23:42 - 2015-01-31 23:43 - 00423784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys 2015-01-31 23:42 - 2015-01-31 23:43 - 00073480 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys 2015-01-31 23:42 - 2015-01-31 23:42 - 00291352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2015-01-31 23:42 - 2015-01-31 23:42 - 00206248 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2015-01-31 23:42 - 2015-01-31 23:42 - 00091496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2015-01-31 23:42 - 2015-01-31 23:42 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2015-01-31 23:42 - 2015-01-31 23:42 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2015-01-31 23:42 - 2015-01-31 23:42 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2015-01-31 23:42 - 2015-01-31 23:42 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2015-01-31 23:42 - 2015-01-31 23:42 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2015-01-31 23:42 - 2015-01-31 23:42 - 00000350 ____H () C:\Windows\Tasks\avast! Emergency Update.job 2015-01-31 23:41 - 2015-01-31 23:41 - 00000000 ____D () C:\Program Files\AVAST Software 2015-01-31 23:34 - 2015-01-31 23:34 - 00000000 ____D () C:\Users\Sol.Solskier-PC\AppData\Local\SWDS 2015-01-31 23:16 - 2015-02-01 09:59 - 00000000 ____D () C:\Qoobox 2015-01-31 23:16 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe 2015-01-31 23:16 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe 2015-01-31 23:16 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe 2015-01-31 23:16 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe 2015-01-31 23:16 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2015-01-31 23:16 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2015-01-31 23:16 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2015-01-31 23:16 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2015-01-31 23:16 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2015-01-31 23:16 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2015-01-31 23:16 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe 2015-01-31 23:16 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe 2015-01-31 23:16 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe 2015-01-31 23:16 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe 2015-01-31 23:16 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe 2015-01-31 23:16 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe 2015-01-31 23:15 - 2015-02-01 09:57 - 00000000 ____D () C:\Windows\erdnt 2015-01-31 23:15 - 2015-02-01 09:57 - 00000000 ____D () C:\Windows\erdnt 2015-01-31 23:15 - 2015-01-31 23:15 - 05611408 ____R (Swearware) C:\Users\Sol.Solskier-PC\Downloads\ComboFix.exe 2015-01-31 23:14 - 2015-01-31 23:14 - 00000000 ____D () C:\Users\Sol.Solskier-PC\AppData\Local\AVG Secure Search 2015-01-31 23:12 - 2015-02-01 12:46 - 00000000 ____D () C:\Users\Sol.Solskier-PC\AppData\Local\LogMeIn Hamachi 2015-01-31 23:12 - 2015-01-31 23:13 - 00002209 _____ () C:\Users\Sol.Solskier-PC\Desktop\Google Chrome.lnk 2015-01-31 23:12 - 2015-01-31 23:12 - 00001415 _____ () C:\Users\Sol.Solskier-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-01-31 23:12 - 2015-01-31 23:12 - 00000020 ___SH () C:\Users\Sol.Solskier-PC\ntuser.ini 2015-01-31 23:12 - 2015-01-31 23:12 - 00000000 ____D () C:\Users\Sol.Solskier-PC\AppData\Roaming\Nero 2015-01-31 23:12 - 2015-01-31 23:12 - 00000000 ____D () C:\Users\Sol.Solskier-PC\AppData\Roaming\AVG9 2015-01-31 23:12 - 2015-01-31 23:12 - 00000000 ____D () C:\Users\Sol.Solskier-PC\AppData\Roaming\Apple Computer 2015-01-31 23:12 - 2015-01-31 23:12 - 00000000 ____D () C:\Users\Sol.Solskier-PC\AppData\Local\Google 2015-01-31 23:12 - 2009-07-14 05:42 - 00000000 ___RD () C:\Users\Sol.Solskier-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-01-31 23:12 - 2009-07-14 05:37 - 00000000 ___RD () C:\Users\Sol.Solskier-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-01-31 23:07 - 2015-01-31 23:41 - 00000000 ____D () C:\ProgramData\AVAST Software 2015-01-31 23:07 - 2015-01-31 23:07 - 04864744 _____ (AVAST Software) C:\Users\Guest\Downloads\avast_free_antivirus_setup_online.exe 2015-01-31 23:07 - 2015-01-31 23:07 - 00097056 _____ () C:\Users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT 2015-01-31 23:06 - 2015-01-31 23:06 - 04578040 _____ (AVG Technologies) C:\Users\Guest\Downloads\avg_free_stb_all_2015_5315_ppc1.exe 2015-01-31 23:06 - 2015-01-31 23:06 - 00000000 ____D () C:\Users\Guest\AppData\Local\MFAData 2015-01-31 23:06 - 2015-01-31 23:06 - 00000000 ____D () C:\Users\Guest\AppData\Local\Avg2015 2015-01-31 23:06 - 2015-01-31 23:06 - 00000000 ____D () C:\ProgramData\MFAData 2015-01-31 22:54 - 2015-01-31 22:54 - 00000000 ____D () C:\Users\Guest\AppData\Local\AVG Secure Search 2015-01-31 22:53 - 2015-02-01 11:47 - 00000000 ____D () C:\Users\Guest\AppData\Local\LogMeIn Hamachi 2015-01-31 22:53 - 2015-01-31 22:53 - 00002209 _____ () C:\Users\Guest\Desktop\Google Chrome.lnk 2015-01-31 22:53 - 2015-01-31 22:53 - 00001415 _____ () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-01-31 22:53 - 2015-01-31 22:53 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Nero 2015-01-31 22:53 - 2015-01-31 22:53 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\AVG9 2015-01-31 22:53 - 2015-01-31 22:53 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Apple Computer 2015-01-31 22:53 - 2015-01-31 22:53 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google 2015-01-31 22:52 - 2015-01-31 22:52 - 00000020 ___SH () C:\Users\Guest\ntuser.ini 2015-01-31 22:52 - 2009-07-14 05:42 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-01-31 22:52 - 2009-07-14 05:37 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-01-31 22:46 - 2015-01-31 22:46 - 00000000 ____D () C:\AVG9 2015-01-31 22:44 - 2015-01-31 22:44 - 00000000 ____D () C:\Users\TEMP\AppData\Local\SWDS 2015-01-31 22:40 - 2009-07-14 05:42 - 00000000 ___RD () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-01-31 22:40 - 2009-07-14 05:37 - 00000000 ___RD () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-01-29 19:02 - 2015-01-30 07:38 - 00002432 _____ () C:\Users\Solskier\AppData\Local\TempDx3056.html 2015-01-29 19:02 - 2015-01-30 07:38 - 00002089 _____ () C:\Users\Solskier\AppData\Local\TempXO3056.html 2015-01-29 19:02 - 2015-01-30 07:03 - 00000000 ____D () C:\Users\Solskier\AppData\Local\{08CB7CB5-9F3D-42C1-AA90-E3E2F1450551} 2015-01-28 19:26 - 2015-01-29 06:49 - 00002432 _____ () C:\Users\Solskier\AppData\Local\Tempex3284.html 2015-01-28 19:26 - 2015-01-29 06:49 - 00002089 _____ () C:\Users\Solskier\AppData\Local\Tempfl3284.html 2015-01-28 19:26 - 2015-01-28 19:26 - 00000000 ____D () C:\Users\Solskier\AppData\Local\{42173BCD-1182-4EC1-8DAD-0504A14D4258} 2015-01-28 01:09 - 2015-01-28 07:35 - 00002432 _____ () C:\Users\Solskier\AppData\Local\TempZL4476.html 2015-01-28 01:09 - 2015-01-28 07:35 - 00002089 _____ () C:\Users\Solskier\AppData\Local\TemprM4476.html 2015-01-28 01:07 - 2015-01-28 01:08 - 00000000 ____D () C:\Users\Solskier\AppData\Local\{80C40A16-0B73-48B9-BD98-85E3591BDF03} 2015-01-26 18:50 - 2015-01-26 18:50 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2015-01-26 18:33 - 2015-01-27 07:35 - 00002432 _____ () C:\Users\Solskier\AppData\Local\TempyW1688.html 2015-01-26 18:33 - 2015-01-27 07:35 - 00002089 _____ () C:\Users\Solskier\AppData\Local\TempKo1688.html 2015-01-26 18:33 - 2015-01-27 06:33 - 00000000 ____D () C:\Users\Solskier\AppData\Local\{51F39340-196E-4231-A9DB-E9B8F6B45616} 2015-01-25 20:43 - 2015-01-25 20:43 - 00000000 ____D () C:\Users\Solskier\AppData\Local\{2940B01D-E99B-4090-B745-FD09A6895002} 2015-01-25 17:17 - 2015-01-25 23:54 - 00002432 _____ () C:\Users\Solskier\AppData\Local\TempZat328.html 2015-01-25 17:17 - 2015-01-25 23:54 - 00002089 _____ () C:\Users\Solskier\AppData\Local\TemphYu328.html 2015-01-24 20:42 - 2015-01-25 13:46 - 00002432 _____ () C:\Users\Solskier\AppData\Local\Tempgq1048.html 2015-01-24 20:42 - 2015-01-25 13:46 - 00002089 _____ () C:\Users\Solskier\AppData\Local\Tempsk1048.html 2015-01-24 20:42 - 2015-01-25 08:43 - 00000000 ____D () C:\Users\Solskier\AppData\Local\{5E11FDED-DDCA-4C00-A269-3DCD28DD5568} 2015-01-23 18:47 - 2015-01-23 19:25 - 00002432 _____ () C:\Users\Solskier\AppData\Local\Tempms3092.html 2015-01-23 18:47 - 2015-01-23 19:25 - 00002089 _____ () C:\Users\Solskier\AppData\Local\TempMJ3092.html 2015-01-23 18:47 - 2015-01-23 18:47 - 00000000 ____D () C:\Users\Solskier\AppData\Local\{F202549E-DC73-47B1-B6B5-0259EDE109C5} 2015-01-22 18:50 - 2015-01-22 20:56 - 00002432 _____ () C:\Users\Solskier\AppData\Local\TempxI2800.html 2015-01-22 18:50 - 2015-01-22 20:56 - 00002089 _____ () C:\Users\Solskier\AppData\Local\Tempzn2800.html 2015-01-22 18:50 - 2015-01-22 18:50 - 00000000 ____D () C:\Users\Solskier\AppData\Local\{AB90D23B-7151-49E5-974A-F3527E58DE57} 2015-01-21 21:07 - 2015-01-22 06:24 - 00002432 _____ () C:\Users\Solskier\AppData\Local\TempAB1640.html 2015-01-21 21:07 - 2015-01-22 06:24 - 00002089 _____ () C:\Users\Solskier\AppData\Local\TempLh1640.html 2015-01-21 21:06 - 2015-01-21 21:06 - 00000000 ____D () C:\Users\Solskier\AppData\Local\{B2882FD5-0DCC-4D2C-9AE2-9B8B03233C03} 2015-01-20 18:59 - 2015-01-21 06:34 - 00002432 _____ () C:\Users\Solskier\AppData\Local\Temppk1288.html 2015-01-20 18:59 - 2015-01-21 06:34 - 00002089 _____ () C:\Users\Solskier\AppData\Local\TempgG1288.html 2015-01-20 18:59 - 2015-01-20 18:59 - 00000000 ____D () C:\Users\Solskier\AppData\Local\{E30A10BA-112E-446C-8B92-768A93E2156A} 2015-01-19 21:54 - 2015-01-20 07:45 - 00002432 _____ () C:\Users\Solskier\AppData\Local\Tempny1136.html 2015-01-19 21:54 - 2015-01-20 07:45 - 00002089 _____ () C:\Users\Solskier\AppData\Local\Temprc1136.html 2015-01-19 21:53 - 2015-01-19 21:53 - 00000000 ____D () C:\Users\Solskier\AppData\Local\{F9EBFB43-8932-4CAD-BCEB-3A2ABADD25F6} 2015-01-18 14:35 - 2015-01-19 06:38 - 00002432 _____ () C:\Users\Solskier\AppData\Local\Tempxcp472.html 2015-01-18 14:35 - 2015-01-19 06:38 - 00002089 _____ () C:\Users\Solskier\AppData\Local\TemplYE472.html 2015-01-18 14:35 - 2015-01-19 02:36 - 00000000 ____D () C:\Users\Solskier\AppData\Local\{2457920B-620D-4AF0-9B67-1ED8DD0DD9E0} 2015-01-17 16:28 - 2015-01-17 16:28 - 00000000 ____D () C:\Users\Solskier\AppData\Local\{93562C7C-4313-4787-9ED2-54274C1270C2} 2015-01-17 11:26 - 2015-01-17 17:19 - 00002432 _____ () C:\Users\Solskier\AppData\Local\Temput2320.html 2015-01-17 11:26 - 2015-01-17 17:19 - 00002089 _____ () C:\Users\Solskier\AppData\Local\TempUU2320.html 2015-01-17 04:28 - 2015-01-17 04:48 - 00002432 _____ () C:\Users\Solskier\AppData\Local\Tempwn4016.html 2015-01-17 04:28 - 2015-01-17 04:48 - 00002089 _____ () C:\Users\Solskier\AppData\Local\TempwO4016.html 2015-01-17 04:27 - 2015-01-17 04:27 - 00000000 ____D () C:\Users\Solskier\AppData\Local\{A1DB72FA-F7FA-4453-983D-F682FA83D18F} 2015-01-16 10:27 - 2015-01-16 11:33 - 00002432 _____ () C:\Users\Solskier\AppData\Local\Tempca3360.html 2015-01-16 10:27 - 2015-01-16 11:33 - 00002089 _____ () C:\Users\Solskier\AppData\Local\TempMA3360.html 2015-01-16 02:56 - 2015-01-16 03:07 - 00002432 _____ () C:\Users\Solskier\AppData\Local\Tempbl1676.html 2015-01-16 02:56 - 2015-01-16 03:07 - 00002089 _____ () C:\Users\Solskier\AppData\Local\TempIM1676.html 2015-01-16 02:56 - 2015-01-16 02:56 - 00000000 ____D () C:\Users\Solskier\AppData\Local\{E4B28500-A4BB-40F9-B736-2A93F45092AB} 2015-01-14 18:34 - 2015-01-15 06:44 - 00002432 _____ () C:\Users\Solskier\AppData\Local\TempEaJ296.html 2015-01-14 18:34 - 2015-01-15 06:44 - 00002089 _____ () C:\Users\Solskier\AppData\Local\TempDll296.html 2015-01-14 18:33 - 2015-01-15 06:35 - 00000000 ____D () C:\Users\Solskier\AppData\Local\{F5F9191B-3C41-4915-B5AB-E14DD1B35E89} 2015-01-14 06:26 - 2015-01-14 06:27 - 00000000 ____D () C:\Users\Solskier\AppData\Local\{8C9286A1-486C-4CBB-BA7A-0D3B915F196A} 2015-01-14 06:25 - 2015-01-14 06:39 - 00002432 _____ () C:\Users\Solskier\AppData\Local\TempXl3108.html 2015-01-14 06:25 - 2015-01-14 06:39 - 00002089 _____ () C:\Users\Solskier\AppData\Local\TempED3108.html 2015-01-14 00:17 - 2015-01-14 00:40 - 00002432 _____ () C:\Users\Solskier\AppData\Local\Tempwp3736.html 2015-01-14 00:17 - 2015-01-14 00:40 - 00002089 _____ () C:\Users\Solskier\AppData\Local\TemprA3736.html 2015-01-13 18:26 - 2015-01-13 19:46 - 00002432 _____ () C:\Users\Solskier\AppData\Local\TempMS3148.html 2015-01-13 18:26 - 2015-01-13 19:46 - 00002089 _____ () C:\Users\Solskier\AppData\Local\TempbC3148.html 2015-01-13 18:26 - 2015-01-13 18:26 - 00000000 ____D () C:\Users\Solskier\AppData\Local\{31B9A270-C931-4601-B050-B96AE3299C7E} 2015-01-12 20:25 - 2015-01-12 20:25 - 00002432 _____ () C:\Users\Solskier\AppData\Local\TempXb4064.html 2015-01-12 20:25 - 2015-01-12 20:25 - 00002089 _____ () C:\Users\Solskier\AppData\Local\TempJH4064.html 2015-01-12 20:24 - 2015-01-12 20:24 - 00000000 ____D () C:\Users\Solskier\AppData\Local\{BEC84916-C227-4115-A63B-3ACB5C78A613} 2015-01-11 17:00 - 2015-01-11 23:43 - 00002432 _____ () C:\Users\Solskier\AppData\Local\Temptz1916.html 2015-01-11 17:00 - 2015-01-11 23:43 - 00002089 _____ () C:\Users\Solskier\AppData\Local\TempNs1916.html 2015-01-11 16:59 - 2015-01-11 17:00 - 00000000 ____D () C:\Users\Solskier\AppData\Local\{4F1427F3-F89A-4E2A-A8B2-396CF77C8265} 2015-01-10 11:55 - 2015-01-10 13:18 - 00002432 _____ () C:\Users\Solskier\AppData\Local\TempgH2712.html 2015-01-10 11:55 - 2015-01-10 13:18 - 00002089 _____ () C:\Users\Solskier\AppData\Local\TempZG2712.html 2015-01-10 11:54 - 2015-01-10 23:55 - 00000000 ____D () C:\Users\Solskier\AppData\Local\{1CEF3EE8-AA02-4E78-B341-C16E59E54527} 2015-01-09 20:35 - 2015-01-10 02:03 - 00002432 _____ () C:\Users\Solskier\AppData\Local\TempCr1712.html 2015-01-09 20:35 - 2015-01-10 02:03 - 00002089 _____ () C:\Users\Solskier\AppData\Local\TempSn1712.html 2015-01-09 20:34 - 2015-01-09 20:35 - 00000000 ____D () C:\Users\Solskier\AppData\Local\{22C076A8-962E-4675-80D7-C871F93EEA98} 2015-01-08 22:02 - 2015-01-08 23:41 - 00002432 _____ () C:\Users\Solskier\AppData\Local\TempIh3188.html 2015-01-08 22:02 - 2015-01-08 23:41 - 00002089 _____ () C:\Users\Solskier\AppData\Local\TempJh3188.html 2015-01-08 22:01 - 2015-01-08 22:01 - 00000000 ____D () C:\Users\Solskier\AppData\Local\{E4FFAFCB-F499-4E9A-B050-09806E31E411} 2015-01-07 18:18 - 2015-01-08 07:37 - 00002432 _____ () C:\Users\Solskier\AppData\Local\TempwT1888.html 2015-01-07 18:18 - 2015-01-08 07:37 - 00002089 _____ () C:\Users\Solskier\AppData\Local\TemplG1888.html 2015-01-07 18:17 - 2015-01-08 06:18 - 00000000 ____D () C:\Users\Solskier\AppData\Local\{7EBA2CCA-93BB-4BFA-ACED-5A4EAA500919} 2015-01-06 23:32 - 2015-01-07 00:26 - 00002432 _____ () C:\Users\Solskier\AppData\Local\TempGo3340.html 2015-01-06 23:32 - 2015-01-07 00:26 - 00002089 _____ () C:\Users\Solskier\AppData\Local\TempES3340.html 2015-01-06 23:31 - 2015-01-06 23:31 - 00000000 ____D () C:\Users\Solskier\AppData\Local\{D9334D14-D0F7-40E8-AFC6-35E7F22BED55} 2015-01-06 09:56 - 2015-01-06 13:13 - 00002432 _____ () C:\Users\Solskier\AppData\Local\Tempkhl640.html 2015-01-06 09:56 - 2015-01-06 13:13 - 00002089 _____ () C:\Users\Solskier\AppData\Local\TempzDt640.html 2015-01-06 09:56 - 2015-01-06 09:56 - 00000000 ____D () C:\Users\Solskier\AppData\Local\{50D42DA0-B498-4146-9CFA-3B8A0F4173C3} 2015-01-05 18:19 - 2015-01-06 00:48 - 00002432 _____ () C:\Users\Solskier\AppData\Local\TempwT2860.html 2015-01-05 18:19 - 2015-01-06 00:48 - 00002089 _____ () C:\Users\Solskier\AppData\Local\TempqF2860.html 2015-01-05 18:19 - 2015-01-05 18:19 - 00000000 ____D () C:\Users\Solskier\AppData\Local\{D4A021C4-CE22-4226-A2C1-09AE15FA7D92} 2015-01-05 06:07 - 2015-01-05 06:22 - 00002432 _____ () C:\Users\Solskier\AppData\Local\TempCS3928.html 2015-01-05 06:07 - 2015-01-05 06:22 - 00002089 _____ () C:\Users\Solskier\AppData\Local\TempFR3928.html 2015-01-04 21:24 - 2015-01-05 00:15 - 00002432 _____ () C:\Users\Solskier\AppData\Local\TempqR1592.html 2015-01-04 21:24 - 2015-01-05 00:15 - 00002089 _____ () C:\Users\Solskier\AppData\Local\TempFS1592.html 2015-01-04 21:24 - 2015-01-04 21:24 - 00000000 ____D () C:\Users\Solskier\AppData\Local\{DB333A77-5DF1-4FC7-9D7A-60AE3D41034D} ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-03 01:41 - 2009-07-14 05:34 - 00014192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-02-03 01:41 - 2009-07-14 05:34 - 00014192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-02-03 01:38 - 2011-05-01 07:47 - 00001036 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-02-03 01:38 - 2011-05-01 07:47 - 00001032 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-02-03 01:38 - 2010-02-06 20:12 - 01075419 _____ () C:\Windows\WindowsUpdate.log 2015-02-03 01:38 - 2010-02-06 20:12 - 01075419 _____ () C:\Windows\WindowsUpdate.log 2015-02-03 01:34 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-02-03 01:34 - 2009-07-14 05:39 - 01053553 _____ () C:\Windows\setupact.log 2015-02-03 01:34 - 2009-07-14 05:39 - 01053553 _____ () C:\Windows\setupact.log 2015-02-02 01:03 - 2014-07-16 20:49 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-02-01 23:53 - 2013-08-13 22:48 - 00000940 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-682935528-494026121-326331953-1001UA.job 2015-02-01 23:53 - 2013-08-13 22:48 - 00000918 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-682935528-494026121-326331953-1001Core.job 2015-02-01 12:47 - 2009-07-14 05:46 - 00001515 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2015-02-01 12:42 - 2010-02-06 21:31 - 02403312 _____ () C:\Windows\PFRO.log 2015-02-01 12:42 - 2010-02-06 21:31 - 02403312 _____ () C:\Windows\PFRO.log 2015-02-01 09:55 - 2009-07-14 03:04 - 00000215 _____ () C:\Windows\system.ini 2015-02-01 09:55 - 2009-07-14 03:04 - 00000215 _____ () C:\Windows\system.ini 2015-02-01 09:25 - 2010-02-15 16:19 - 00000000 ____D () C:\Windows\system32\Drivers\Avg 2015-02-01 01:54 - 2014-06-30 05:21 - 00000000 ____D () C:\Windows\system32\mjcm 2015-02-01 01:54 - 2013-06-02 10:17 - 00000000 ____D () C:\Windows\system32\ARFC 2015-02-01 01:09 - 2010-07-16 09:09 - 00000000 ____D () C:\Users\Solskier\AppData\Local\Vuze_Remote 2015-02-01 01:08 - 2012-10-06 14:47 - 00000000 ____D () C:\Program Files\YourFileDownloader 2015-02-01 01:08 - 2010-02-15 16:03 - 00000000 ____D () C:\Program Files\Vuze_Remote 2015-02-01 01:07 - 2012-07-03 23:40 - 00000000 ____D () C:\Program Files\PDFCreator 2015-01-30 07:38 - 2010-02-14 20:02 - 00000095 _____ () C:\Windows\winamp.ini 2015-01-30 07:38 - 2010-02-14 20:02 - 00000095 _____ () C:\Windows\winamp.ini 2015-01-29 20:53 - 2011-05-02 18:30 - 00000000 ____D () C:\Users\Solskier\Documents\888poker 2015-01-29 19:01 - 2013-08-13 22:41 - 00000000 ____D () C:\Users\Solskier\AppData\Local\LogMeIn Hamachi 2015-01-29 19:01 - 2010-02-06 22:48 - 00000000 ____D () C:\Users\Solskier\Tracing 2015-01-28 19:06 - 2012-06-16 23:57 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2015-01-25 23:43 - 2015-01-03 22:25 - 00000000 ____D () C:\Users\Solskier\Desktop\client 2015-01-25 10:52 - 2010-02-06 20:17 - 00782210 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-01-24 22:03 - 2013-03-07 19:53 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2015-01-24 22:03 - 2012-01-28 18:37 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2015-01-10 13:39 - 2010-04-05 22:45 - 00000069 _____ () C:\Windows\NeroDigital.ini 2015-01-10 13:39 - 2010-04-05 22:45 - 00000069 _____ () C:\Windows\NeroDigital.ini 2015-01-05 17:42 - 2013-06-02 10:17 - 00027136 _____ (IncrediMail, Ltd.) C:\Windows\system32\ImHttpComm.dll 2015-01-04 12:49 - 2015-01-03 13:59 - 00002432 _____ () C:\Users\Solskier\AppData\Local\TempJW3328.html 2015-01-04 12:49 - 2015-01-03 13:59 - 00002089 _____ () C:\Users\Solskier\AppData\Local\TempPH3328.html 2015-01-04 02:00 - 2015-01-03 13:59 - 00000000 ____D () C:\Users\Solskier\AppData\Local\{F07F5C7F-A89F-4D1F-B003-44A7023C0C3D} ==================== Files in the root of some directories ======= 2012-05-02 20:00 - 2012-02-07 17:57 - 0066263 _____ () C:\Program Files\EULA.eng 2013-06-27 08:29 - 2014-06-22 21:40 - 0003730 _____ () C:\Program Files\Mozilla Firefoxavg-secure-search.xml 2012-03-13 15:36 - 2012-03-13 15:36 - 0366228 _____ () C:\Program Files\Tasker.rar ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-01-24 22:37 ==================== End Of Log ============================