Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-04-2015 Ran by Monia (administrator) on MONIKA on 12-04-2015 22:45:35 Running from C:\Users\Monia\Desktop Loaded Profiles: Monia (Available profiles: Monia) Platform: Windows 7 Home Premium (X64) OS Language: Polski (Polska) Internet Explorer Version 8 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (ATK) C:\Program Files\P4G\BatteryLife.exe () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe () C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe (ASUS) C:\Program Files (x86)\ASUS\ASUS CopyProtect\ASPG.exe () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe (ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe (ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe () C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe (Akamai Technologies, Inc.) C:\Users\Monia\AppData\Local\Akamai\netsession_win.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (Akamai Technologies, Inc.) C:\Users\Monia\AppData\Local\Akamai\netsession_win.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe (SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe (ASUS) C:\Windows\AsScrPro.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (Comodo Security Solutions, Inc.) C:\Program Files\COMODO\GeekBuddy\unit_manager.exe (Comodo Security Solutions, Inc.) C:\Program Files\COMODO\GeekBuddy\unit.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (BitTorrent Inc.) C:\Users\Monia\AppData\Roaming\uTorrent\uTorrent.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_134.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_134.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [621440 2009-09-30] (ELAN Microelectronic Corp.) HKLM\...\Run: [EeeStorageBackup] => C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [1732608 2009-11-26] () HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-11-19] () HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1297624 2015-01-30] (COMODO) HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.) HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-11-18] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [6998656 2009-10-27] (ASUS) HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2009-08-20] (ASUS) HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-04-01] (Avast Software s.r.o.) HKU\S-1-5-21-1327280743-4218952818-3750989024-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Monia\AppData\Local\Akamai\netsession_win.exe [4673432 2015-04-11] (Akamai Technologies, Inc.) HKU\S-1-5-21-1327280743-4218952818-3750989024-1000\...\Policies\Explorer: [] HKU\S-1-5-21-1327280743-4218952818-3750989024-1000\...\MountPoints2: {bf18906a-dc41-11e4-bf7b-e0cb4e5fac43} - F:\SETUP.EXE HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2015-04-12] (Autodesk, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk ShortcutTarget: SRS Premium Sound.lnk -> C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe (Acresso Software Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk ShortcutTarget: Start GeekBuddy.lnk -> C:\Program Files\COMODO\GeekBuddy\launcher.exe (Comodo Security Solutions, Inc.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (Avast Software s.r.o.) ShellIconOverlayIdentifiers: [ADSMOverlayIcon] -> {A825576B-0042-4F0F-8FB0-93CE0F054E69} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt64.dll () ShellIconOverlayIdentifiers: [ADSMOverlayIcon1] -> {A8D448F4-0431-45AC-9F5E-E1B434AB2249} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll () ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\service\AsusWSShellExt64.dll (eCareme Technologies, Inc.) ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\service\AsusWSShellExt64.dll (eCareme Technologies, Inc.) ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.) ShellIconOverlayIdentifiers-x32: [ADSMOverlayIcon] -> {A825576B-0042-4F0F-8FB0-93CE0F054E69} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll () ShellIconOverlayIdentifiers-x32: [ADSMOverlayIcon1] -> {A8D448F4-0431-45AC-9F5E-E1B434AB2249} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll () ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp220150407 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp220150407 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\S-1-5-21-1327280743-4218952818-3750989024-1000\Software\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp220150407 SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-1327280743-4218952818-3750989024-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1327280743-4218952818-3750989024-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1327280743-4218952818-3750989024-1000 -> {0D71ECAA-2B0F-4D2E-A386-F78D27087DD8} URL = https://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-1327280743-4218952818-3750989024-1000 -> {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = http://pl.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo BHO: Windows Live Family Safety Browser Helper Class -> {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} -> C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08] (Microsoft Corporation) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-01] (Avast Software s.r.o.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-01] (Avast Software s.r.o.) BHO-x32: Pomocnik rejestracji usługi Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17] (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) Toolbar: HKU\S-1-5-21-1327280743-4218952818-3750989024-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation) Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 62.179.1.62 62.179.1.63 Tcpip\..\Interfaces\{4F05A13B-B8AB-4565-89AA-8A6653500A63}: [NameServer] 156.154.70.25,156.154.71.25 Tcpip\..\Interfaces\{EE38F61D-860C-4363-B004-600F49401815}: [NameServer] 156.154.70.25,156.154.71.25 FireFox: ======== FF ProfilePath: C:\Users\Monia\AppData\Roaming\Mozilla\Firefox\Profiles\spcfytgt.default FF SelectedSearchEngine: do-search FF Homepage: www.wp.pl/?src01=dp220150407 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-04-04] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-04-04] () FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8051.1204 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2008-12-04] (Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> D:\programy\VLC\npvlc.dll [2015-02-27] (VideoLAN) FF user.js: detected! => C:\Users\Monia\AppData\Roaming\Mozilla\Firefox\Profiles\spcfytgt.default\user.js [2015-04-07] FF Extension: Adblock Plus - C:\Users\Monia\AppData\Roaming\Mozilla\Firefox\Profiles\spcfytgt.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-06] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-04-01] Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-04-01] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-01] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 ADSMService; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [225280 2008-03-31] (ASUSTek Computer Inc.) [File not signed] R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2015-04-12] (Autodesk, Inc.) [File not signed] R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-01] (Avast Software s.r.o.) R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4030800 2015-04-01] (Avast Software) R2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70872 2015-04-03] (Comodo Security Solutions, Inc.) R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [7618952 2015-01-30] (COMODO) S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265304 2015-01-30] (COMODO) S4 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2015-04-03] (Comodo Security Solutions, Inc.) R2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-10-01] (Intel Corporation) [File not signed] R2 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-10-01] (Intel Corporation) [File not signed] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-01] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-04-01] (Avast Software s.r.o.) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-01] (Avast Software s.r.o.) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-01] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-01] (Avast Software s.r.o.) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-01] (Avast Software s.r.o.) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-04-01] (Avast Software s.r.o.) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [271200 2015-04-01] () R1 CFRMD; C:\Windows\System32\DRIVERS\CFRMD.sys [37976 2015-04-02] (Windows (R) Win 7 DDK provider) [File not signed] R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [20184 2015-01-30] (COMODO) R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [792648 2015-01-30] (COMODO) R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [45880 2015-01-30] (COMODO) S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-04-07] (Disc Soft Ltd) R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [104608 2015-01-30] (COMODO) R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( ) R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806400 2009-06-05] () R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381608 2015-04-06] (Duplex Secure Ltd.) R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-04-01] (Avast Software) S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X] U3 tmlwf; No ImagePath U3 tmwfp; No ImagePath ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-12 22:46 - 2015-04-12 22:46 - 00588816 _____ () C:\Users\Monia\Desktop\Autoruns.zip 2015-04-12 22:45 - 2015-04-12 22:46 - 00019302 _____ () C:\Users\Monia\Desktop\FRST.txt 2015-04-12 22:45 - 2015-04-12 22:45 - 00000000 ____D () C:\FRST 2015-04-12 22:44 - 2015-04-12 22:43 - 02980858 _____ () C:\Users\Monia\Desktop\raport.html 2015-04-12 22:39 - 2015-04-12 22:39 - 02096640 _____ (Farbar) C:\Users\Monia\Desktop\FRST64.exe 2015-04-12 22:39 - 2015-04-12 22:39 - 00380416 _____ () C:\Users\Monia\Desktop\f1qk6wxi.exe 2015-04-12 19:24 - 2015-04-12 20:12 - 02816202 _____ () C:\Users\Monia\Documents\Autozapis_Bez tytułu.skp 2015-04-12 18:41 - 2015-04-12 18:43 - 00000000 ____D () C:\Users\Monia\Downloads\One night stand + Bonus - Emilie Jouvet 2015-04-12 18:38 - 2015-04-12 22:45 - 00000000 ____D () C:\Users\Monia\AppData\Roaming\uTorrent 2015-04-12 18:38 - 2015-04-12 19:23 - 00001032 _____ () C:\Users\Monia\Desktop\µTorrent.lnk 2015-04-12 18:38 - 2015-04-12 18:38 - 00000795 _____ () C:\Users\Monia\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk 2015-04-12 18:38 - 2015-04-12 18:38 - 00000000 ____D () C:\Users\Monia\AppData\Roaming\OpenCandy 2015-04-12 18:18 - 2015-04-12 18:18 - 00000000 ____D () C:\Users\Monia\AppData\Roaming\SketchUp 2015-04-12 18:18 - 2015-04-12 18:18 - 00000000 ____D () C:\ProgramData\SketchUp 2015-04-12 18:18 - 2015-04-12 18:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\SketchUp 2013 2015-04-12 18:18 - 2015-04-12 18:18 - 00000000 ____D () C:\ProgramData\Caphyon 2015-04-12 18:17 - 2015-04-12 18:17 - 00000000 ____D () C:\Users\Monia\AppData\Roaming\Trimble Navigation Limited 2015-04-12 18:03 - 2015-04-12 18:03 - 00000000 ____D () C:\Windows\system32\SPReview 2015-04-12 15:20 - 2015-04-12 15:20 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-04-12 15:20 - 2015-04-12 15:20 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-04-12 15:20 - 2015-04-12 15:20 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-04-12 15:20 - 2015-04-12 15:20 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-04-12 15:20 - 2015-04-12 15:20 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-04-12 15:20 - 2015-04-12 15:20 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-04-12 15:20 - 2015-04-12 15:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-04-12 14:47 - 2015-04-12 21:55 - 00003166 _____ () C:\Windows\System32\Tasks\P4GIntlCtrl 2015-04-12 00:40 - 2015-04-12 00:40 - 00000000 ____D () C:\Users\Monia\AppData\Local\cache 2015-04-12 00:22 - 2015-04-12 00:22 - 00000000 ____D () C:\ProgramData\FARO 2015-04-12 00:06 - 2015-04-12 17:50 - 00000000 ____D () C:\Users\Public\Documents\Autodesk 2015-04-12 00:05 - 2015-04-12 00:15 - 00000000 ____D () C:\Program Files\Common Files\Autodesk Shared 2015-04-12 00:04 - 2015-04-12 00:04 - 00000000 ____D () C:\Program Files (x86)\Autodesk 2015-04-11 21:20 - 2015-04-11 21:20 - 00000000 ____D () C:\Users\Monia\Documents\Inventor Server SDK ACAD 2014 2015-04-11 21:16 - 2015-04-11 21:16 - 00000000 ____D () C:\Program Files\Common Files\Macrovision Shared 2015-04-11 21:09 - 2015-04-12 00:05 - 00000000 ____D () C:\Program Files\Autodesk 2015-04-11 21:08 - 2015-04-12 00:10 - 00436552 _____ (Autodesk, Inc.) C:\Windows\system32\AcSignOpt.exe 2015-04-11 20:59 - 2015-04-11 20:59 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll 2015-04-11 20:59 - 2015-04-11 20:59 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll 2015-04-11 20:59 - 2015-04-11 20:59 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll 2015-04-11 20:59 - 2015-04-11 20:59 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll 2015-04-11 20:59 - 2015-04-11 20:59 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll 2015-04-11 20:59 - 2015-04-11 20:59 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll 2015-04-11 20:59 - 2015-04-11 20:59 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll 2015-04-11 20:59 - 2015-04-11 20:59 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll 2015-04-11 20:59 - 2015-04-11 20:59 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll 2015-04-11 20:59 - 2015-04-11 20:59 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll 2015-04-11 20:59 - 2015-04-11 20:59 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll 2015-04-11 20:59 - 2015-04-11 20:59 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll 2015-04-11 20:59 - 2015-04-11 20:59 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll 2015-04-11 20:59 - 2015-04-11 20:59 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll 2015-04-11 20:59 - 2015-04-11 20:59 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll 2015-04-11 20:59 - 2015-04-11 20:59 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll 2015-04-11 20:59 - 2015-04-11 20:59 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll 2015-04-11 20:59 - 2015-04-11 20:59 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll 2015-04-11 20:59 - 2015-04-11 20:59 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll 2015-04-11 20:59 - 2015-04-11 20:59 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll 2015-04-11 20:59 - 2015-04-11 20:59 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll 2015-04-11 20:59 - 2015-04-11 20:59 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll 2015-04-11 20:59 - 2015-04-11 20:59 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll 2015-04-11 20:59 - 2015-04-11 20:59 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll 2015-04-11 20:49 - 2015-04-12 18:02 - 01836558 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2015-04-11 20:44 - 2015-04-12 19:12 - 00000000 ____D () C:\Users\Monia\AppData\Roaming\Autodesk 2015-04-11 20:44 - 2015-04-12 19:12 - 00000000 ____D () C:\ProgramData\Autodesk 2015-04-11 20:43 - 2015-04-12 00:00 - 00000000 ____D () C:\Autodesk 2015-04-11 20:36 - 2015-04-12 00:28 - 00000000 ____D () C:\Users\Monia\AppData\Local\Autodesk 2015-04-11 20:36 - 2015-04-12 00:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk 2015-04-11 20:34 - 2015-04-11 20:36 - 00000000 ____D () C:\Users\Monia\AppData\Local\Akamai 2015-04-11 20:34 - 2015-04-11 20:34 - 00000000 ____D () C:\ProgramData\Applications 2015-04-10 04:43 - 2015-04-10 04:43 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER 2015-04-10 00:17 - 2015-04-10 00:17 - 00000395 _____ () C:\Windows\BRWMARK.INI 2015-04-10 00:17 - 2015-04-10 00:17 - 00000034 _____ () C:\Windows\SysWOW64\BD7030.DAT 2015-04-09 11:50 - 2015-04-09 11:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint 2015-04-09 11:48 - 2015-04-09 11:48 - 00000000 ____D () C:\Program Files\Microsoft Synchronization Services 2015-04-09 11:47 - 2015-04-09 11:47 - 00000000 ____D () C:\Windows\PCHEALTH 2015-04-09 11:47 - 2015-04-09 11:47 - 00000000 ____D () C:\Program Files\Microsoft Sync Framework 2015-04-09 11:47 - 2015-04-09 11:47 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition 2015-04-09 11:33 - 2015-04-09 11:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8 2015-04-09 11:32 - 2015-04-09 11:32 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services 2015-04-09 11:32 - 2015-04-09 11:32 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services 2015-04-09 11:30 - 2015-04-09 11:30 - 00000000 __RHD () C:\MSOCache 2015-04-07 16:59 - 2015-04-07 16:59 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform 2015-04-07 16:48 - 2015-04-09 11:47 - 00000000 ____D () C:\Program Files\Microsoft Office 2015-04-07 16:43 - 2015-04-07 16:47 - 00000000 ____D () C:\Users\Monia\AppData\Roaming\DAEMON Tools Lite 2015-04-07 16:43 - 2015-04-07 16:45 - 00030352 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys 2015-04-07 16:42 - 2015-04-07 16:43 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite 2015-04-07 16:35 - 2015-04-07 16:45 - 00000124 _____ () C:\Users\Monia\Documents\ax_files.xml 2015-04-07 16:32 - 2015-04-07 16:32 - 00000000 ____D () C:\Users\Monia\Documents\Alcohol 120% 2015-04-07 16:26 - 2015-04-07 16:26 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Monia\Downloads\mbam-setup-2.0.4.1028_3bd59d6c407ab1f6ddd7c5d9bd727469.exe 2015-04-07 16:20 - 2015-04-07 16:20 - 00000000 ____D () C:\ProgramData\Malwarebytes 2015-04-07 13:22 - 2015-04-12 20:35 - 00000000 ____D () C:\Users\Monia\AppData\Roaming\vlc 2015-04-07 13:22 - 2015-04-07 13:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2015-04-06 11:40 - 2015-04-06 11:40 - 00381608 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys 2015-04-06 11:35 - 2015-04-06 11:35 - 00000000 ____D () C:\Users\Public\CyberLink 2015-04-06 11:35 - 2015-04-06 11:35 - 00000000 ____D () C:\Users\Monia\AppData\Roaming\CyberLink 2015-04-06 10:29 - 2015-04-06 10:29 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll 2015-04-06 10:29 - 2015-04-06 10:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll 2015-04-06 10:29 - 2015-04-06 10:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp 2015-04-06 10:28 - 2015-04-06 11:25 - 00000000 ____D () C:\Users\Monia\AppData\Roaming\Winamp 2015-04-05 21:00 - 2015-04-05 21:00 - 00285896 _____ () C:\Windows\msxml4-KB954430-enu.LOG 2015-04-05 21:00 - 2015-04-05 21:00 - 00281802 _____ () C:\Windows\msxml4-KB973688-enu.LOG 2015-04-05 21:00 - 2015-04-05 21:00 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0 2015-04-05 20:38 - 2015-04-05 20:38 - 00000000 ____D () C:\Users\Monia\AppData\Roaming\WinRAR 2015-04-05 20:38 - 2015-04-05 20:38 - 00000000 ____D () C:\Users\Monia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-04-05 20:38 - 2015-04-05 20:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-04-05 01:23 - 2015-04-05 01:23 - 00000000 ____D () C:\Windows\system32\EventProviders 2015-04-05 01:22 - 2015-04-05 01:26 - 00000000 ____D () C:\Users\Monia\AppData\Local\ESRI 2015-04-05 01:22 - 2015-04-05 01:23 - 00000000 ____D () C:\Users\Monia\Documents\ArcGIS 2015-04-05 01:22 - 2015-04-05 01:22 - 00000000 ____D () C:\Users\Monia\AppData\Roaming\ESRI 2015-04-05 01:22 - 2015-04-05 01:22 - 00000000 ____D () C:\ProgramData\ESRI 2015-04-05 01:02 - 2015-04-12 00:29 - 00000000 ____D () C:\ProgramData\FLEXnet 2015-04-05 00:44 - 2015-04-05 00:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcGIS 2015-04-04 22:54 - 2015-04-04 22:54 - 00000000 ____D () C:\Users\Monia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView 2015-04-04 19:28 - 2015-04-04 19:28 - 00000000 ____D () C:\Users\Monia\AppData\Local\Macromedia 2015-04-04 19:27 - 2015-04-12 22:31 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-04-04 19:27 - 2015-04-04 19:27 - 00778928 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-04-04 19:27 - 2015-04-04 19:27 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-04-04 19:27 - 2015-04-04 19:27 - 00003868 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-04-04 19:27 - 2015-04-04 19:27 - 00000000 ____D () C:\Windows\system32\Macromed 2015-04-04 19:26 - 2015-04-07 17:10 - 00000000 ____D () C:\Users\Monia\AppData\Local\Adobe 2015-04-04 13:13 - 2015-04-04 13:13 - 00000000 ____D () C:\ProgramData\Conexant 2015-04-04 13:12 - 2015-04-04 13:12 - 00000000 ____D () C:\Users\Monia\AppData\Local\Conexant 2015-04-04 13:06 - 2015-04-04 13:06 - 00000000 ____D () C:\Users\Monia\Tracing 2015-04-04 13:03 - 2015-04-12 22:46 - 00000000 ____D () C:\Users\Monia\AppData\Roaming\Skype 2015-04-04 13:03 - 2015-04-04 13:03 - 00000000 ___RD () C:\Program Files (x86)\Skype 2015-04-04 13:03 - 2015-04-04 13:03 - 00000000 ____D () C:\Users\Monia\AppData\Local\Skype 2015-04-04 13:03 - 2015-04-04 13:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2015-04-04 13:03 - 2015-04-04 13:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-04-04 13:02 - 2015-04-04 13:03 - 00000000 ____D () C:\ProgramData\Skype 2015-04-03 14:33 - 2015-04-03 14:33 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll 2015-04-03 14:33 - 2015-04-03 14:33 - 00276992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcncsvc.dll 2015-04-03 14:28 - 2015-04-03 14:28 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys 2015-04-03 14:28 - 2015-04-03 14:28 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys 2015-04-03 04:03 - 2015-04-03 04:03 - 00003072 _____ () C:\Windows\System32\Tasks\{876EF10F-444D-45BE-8D7D-12DC5E96D3F7} 2015-04-02 20:17 - 2015-04-02 20:17 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help 2015-04-02 20:17 - 2015-04-02 20:17 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help 2015-04-02 19:42 - 2015-04-02 19:42 - 01942856 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll 2015-04-02 19:42 - 2015-04-02 19:42 - 01130824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll 2015-04-02 19:42 - 2015-04-02 19:42 - 00444752 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll 2015-04-02 19:42 - 2015-04-02 19:42 - 00320352 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe 2015-04-02 19:42 - 2015-04-02 19:42 - 00297808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscoree.dll 2015-04-02 19:42 - 2015-04-02 19:42 - 00295264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHost.exe 2015-04-02 19:42 - 2015-04-02 19:42 - 00109912 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll 2015-04-02 19:42 - 2015-04-02 19:42 - 00099176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHostProxy.dll 2015-04-02 19:42 - 2015-04-02 19:42 - 00049472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netfxperf.dll 2015-04-02 19:42 - 2015-04-02 19:42 - 00048960 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll 2015-04-02 17:49 - 2015-04-05 13:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2015-04-02 17:49 - 2015-04-02 17:51 - 00000000 ____D () C:\Users\Monia\AppData\Roaming\Mozilla 2015-04-02 17:49 - 2015-04-02 17:51 - 00000000 ____D () C:\Users\Monia\AppData\Local\Mozilla 2015-04-02 17:49 - 2015-04-02 17:49 - 00001165 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-04-02 17:49 - 2015-04-02 17:49 - 00000000 ____D () C:\ProgramData\Mozilla 2015-04-02 14:01 - 2015-04-02 14:01 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2015-04-02 13:12 - 2015-04-02 13:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-04-02 13:11 - 2015-04-02 13:11 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2015-04-02 13:11 - 2015-04-02 13:11 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2015-04-02 09:24 - 2015-04-02 09:24 - 14164480 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2015-04-02 09:24 - 2015-04-02 09:24 - 12868096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2015-04-02 09:24 - 2015-04-02 09:24 - 02870272 _____ (Microsoft Corporation) C:\Windows\explorer.exe 2015-04-02 09:24 - 2015-04-02 09:24 - 02614272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe 2015-04-02 09:24 - 2015-04-02 09:24 - 01863680 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll 2015-04-02 09:24 - 2015-04-02 09:24 - 01837568 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2015-04-02 09:24 - 2015-04-02 09:24 - 01736608 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-04-02 09:24 - 2015-04-02 09:24 - 01540608 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2015-04-02 09:24 - 2015-04-02 09:24 - 01495040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll 2015-04-02 09:24 - 2015-04-02 09:24 - 01446912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-04-02 09:24 - 2015-04-02 09:24 - 01289528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-04-02 09:24 - 2015-04-02 09:24 - 01170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2015-04-02 09:24 - 2015-04-02 09:24 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2015-04-02 09:24 - 2015-04-02 09:24 - 01074176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2015-04-02 09:24 - 2015-04-02 09:24 - 00982912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2015-04-02 09:24 - 2015-04-02 09:24 - 00902656 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2015-04-02 09:24 - 2015-04-02 09:24 - 00739840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2015-04-02 09:24 - 2015-04-02 09:24 - 00662528 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll 2015-04-02 09:24 - 2015-04-02 09:24 - 00470016 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll 2015-04-02 09:24 - 2015-04-02 09:24 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll 2015-04-02 09:24 - 2015-04-02 09:24 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2015-04-02 09:24 - 2015-04-02 09:24 - 00320512 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll 2015-04-02 09:24 - 2015-04-02 09:24 - 00283648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll 2015-04-02 09:24 - 2015-04-02 09:24 - 00265088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys 2015-04-02 09:24 - 2015-04-02 09:24 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys 2015-04-02 09:24 - 2015-04-02 09:24 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll 2015-04-02 09:24 - 2015-04-02 09:24 - 00218624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll 2015-04-02 09:24 - 2015-04-02 09:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll 2015-04-02 09:24 - 2015-04-02 09:24 - 00184832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys 2015-04-02 09:24 - 2015-04-02 09:24 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll 2015-04-02 09:24 - 2015-04-02 09:24 - 00153160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-04-02 09:24 - 2015-04-02 09:24 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll 2015-04-02 09:24 - 2015-04-02 09:24 - 00135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll 2015-04-02 09:24 - 2015-04-02 09:24 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-04-02 09:24 - 2015-04-02 09:24 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-04-02 09:23 - 2015-04-02 09:23 - 12369408 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-04-02 09:23 - 2015-04-02 09:23 - 10989056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-04-02 09:23 - 2015-04-02 09:23 - 02003968 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2015-04-02 09:23 - 2015-04-02 09:23 - 01880576 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2015-04-02 09:23 - 2015-04-02 09:23 - 01498112 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-04-02 09:23 - 2015-04-02 09:23 - 01389568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2015-04-02 09:23 - 2015-04-02 09:23 - 01236992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2015-04-02 09:23 - 2015-04-02 09:23 - 01228288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-04-02 09:23 - 2015-04-02 09:23 - 01197056 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-04-02 09:23 - 2015-04-02 09:23 - 00981504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-04-02 09:23 - 2015-04-02 09:23 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll 2015-04-02 09:23 - 2015-04-02 09:23 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll 2015-04-02 09:23 - 2015-04-02 09:23 - 00422912 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll 2015-04-02 09:23 - 2015-04-02 09:23 - 00369152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll 2015-04-02 09:23 - 2015-04-02 09:23 - 00365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll 2015-04-02 09:23 - 2015-04-02 09:23 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe 2015-04-02 09:23 - 2015-04-02 09:23 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe 2015-04-02 09:23 - 2015-04-02 09:23 - 00350720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll 2015-04-02 09:23 - 2015-04-02 09:23 - 00324608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe 2015-04-02 09:23 - 2015-04-02 09:23 - 00320512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe 2015-04-02 09:23 - 2015-04-02 09:23 - 00306688 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe 2015-04-02 09:23 - 2015-04-02 09:23 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe 2015-04-02 09:23 - 2015-04-02 09:23 - 00295792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys 2015-04-02 09:23 - 2015-04-02 09:23 - 00280064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe 2015-04-02 09:23 - 2015-04-02 09:23 - 00277504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe 2015-04-02 09:23 - 2015-04-02 09:23 - 00264192 _____ (Microsoft Corporation) C:\Windows\system32\upnp.dll 2015-04-02 09:23 - 2015-04-02 09:23 - 00258048 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll 2015-04-02 09:23 - 2015-04-02 09:23 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-04-02 09:23 - 2015-04-02 09:23 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll 2015-04-02 09:23 - 2015-04-02 09:23 - 00204288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnp.dll 2015-04-02 09:23 - 2015-04-02 09:23 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-04-02 09:23 - 2015-04-02 09:23 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll 2015-04-02 09:23 - 2015-04-02 09:23 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll 2015-04-02 09:23 - 2015-04-02 09:23 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll 2015-04-02 09:23 - 2015-04-02 09:23 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll 2015-04-02 09:23 - 2015-04-02 09:23 - 00085504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll 2015-04-02 09:23 - 2015-04-02 09:23 - 00085504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll 2015-04-02 09:23 - 2015-04-02 09:23 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll 2015-04-02 09:23 - 2015-04-02 09:23 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-04-02 09:23 - 2015-04-02 09:23 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll 2015-04-02 09:23 - 2015-04-02 09:23 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll 2015-04-02 09:23 - 2015-04-02 09:23 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-04-02 09:23 - 2015-04-02 09:23 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll 2015-04-02 09:23 - 2015-04-02 09:23 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slwga.dll 2015-04-02 08:26 - 2010-01-09 12:18 - 00000146 _____ () C:\Pass.txt 2015-04-02 01:22 - 2015-04-12 15:26 - 00000000 ___SD () C:\Windows\system32\CompatTel 2015-04-02 01:22 - 2015-04-12 15:26 - 00000000 ____D () C:\Windows\system32\appraiser 2015-04-02 00:59 - 2015-04-02 00:59 - 04068864 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2015-04-02 00:59 - 2015-04-02 00:59 - 03181568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2015-04-02 00:59 - 2015-04-02 00:59 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2015-04-02 00:59 - 2015-04-02 00:59 - 01619456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL 2015-04-02 00:59 - 2015-04-02 00:59 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll 2015-04-02 00:59 - 2015-04-02 00:59 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2015-04-02 00:59 - 2015-04-02 00:59 - 00196608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll 2015-04-02 00:53 - 2015-04-02 00:56 - 00000000 ____D () C:\Windows\system32\MRT 2015-04-02 00:53 - 2015-04-02 00:53 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-04-02 00:45 - 2015-04-02 00:45 - 00000000 ____D () C:\Users\Monia\AppData\Local\Microsoft Help 2015-04-02 00:41 - 2015-04-02 00:41 - 05509504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-04-02 00:41 - 2015-04-02 00:41 - 03957632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-04-02 00:41 - 2015-04-02 00:41 - 03901824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-04-02 00:41 - 2015-04-02 00:41 - 03195392 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-04-02 00:41 - 2015-04-02 00:41 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2015-04-02 00:41 - 2015-04-02 00:41 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2015-04-02 00:41 - 2015-04-02 00:41 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2015-04-02 00:41 - 2015-04-02 00:41 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe 2015-04-02 00:38 - 2015-04-02 17:40 - 00002955 _____ () C:\Windows\IE11_main.log 2015-04-02 00:25 - 2015-04-02 00:25 - 00000000 ____D () C:\AVAST Software 2015-04-02 00:25 - 2015-04-02 00:25 - 00000000 ____D () C:\ASUS WebStorage 2015-04-02 00:07 - 2015-04-02 00:07 - 00000000 ____D () C:\Windows\System32\Tasks\COMODO 2015-04-02 00:06 - 2015-04-12 15:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo 2015-04-02 00:06 - 2015-04-02 00:06 - 00000000 ____D () C:\ProgramData\Shared Space 2015-04-02 00:06 - 2015-04-02 00:06 - 00000000 ____D () C:\ProgramData\Comodo Downloader 2015-04-02 00:06 - 2015-04-02 00:06 - 00000000 ____D () C:\Program Files\COMODO 2015-04-02 00:06 - 2015-04-02 00:06 - 00000000 _____ () C:\Windows\SysWOW64\Drivers\1043_ASUSTeK_K52Jr.alu 2015-04-02 00:05 - 2015-04-02 00:07 - 00000000 ____D () C:\ProgramData\Comodo 2015-04-01 23:59 - 2015-04-01 23:59 - 00000024 _____ () C:\Windows\ATKPF.ini 2015-04-01 23:56 - 2015-04-01 23:53 - 00000000 ____D () C:\Users\Monia\AppData\Roaming\Asus WebStorage 2015-04-01 23:54 - 2015-04-12 21:53 - 00050084 _____ () C:\Windows\PFRO.log 2015-04-01 23:53 - 2015-04-01 23:53 - 00000454 _____ () C:\Users\Monia\Desktop\DATA (D) — skrót.lnk 2015-04-01 23:53 - 2015-04-01 23:53 - 00000363 _____ () C:\Users\Monia\Desktop\Komputer — skrót.lnk 2015-04-01 23:46 - 2015-04-01 23:46 - 00000000 ____D () C:\Users\Monia\Documents\ASUS WebStorage 2015-04-01 23:46 - 2015-04-01 23:46 - 00000000 ____D () C:\Users\Monia\AppData\Roaming\ATI 2015-04-01 23:46 - 2015-04-01 23:46 - 00000000 ____D () C:\Users\Monia\AppData\Local\SRS Labs 2015-04-01 23:46 - 2015-04-01 23:46 - 00000000 ____D () C:\Users\Monia\AppData\Local\ATI 2015-04-01 23:45 - 2015-04-01 23:46 - 00000776 _____ () C:\Windows\OOBEPlayer.log 2015-04-01 23:45 - 2015-04-01 23:45 - 00001457 _____ () C:\Users\Monia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-04-01 23:45 - 2015-04-01 23:45 - 00001423 _____ () C:\Users\Monia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk 2015-04-01 23:41 - 2015-04-01 23:41 - 00000000 ____D () C:\Program Files\Windows Live 2015-04-01 23:41 - 2015-04-01 23:41 - 00000000 ____D () C:\Program Files (x86)\Microsoft Sync Framework 2015-04-01 23:41 - 2008-12-08 17:35 - 00061792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fssfltr.sys 2015-04-01 23:40 - 2015-04-11 20:59 - 00032036 _____ () C:\Windows\DirectX.log 2015-04-01 23:40 - 2015-04-01 23:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live 2015-04-01 23:40 - 2015-04-01 23:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2015-04-01 23:40 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll 2015-04-01 23:40 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll 2015-04-01 23:39 - 2015-04-02 09:21 - 00000000 ____D () C:\Program Files (x86)\Windows Live 2015-04-01 23:39 - 2015-04-01 23:39 - 00000000 ____D () C:\Program Files (x86)\Windows Live SkyDrive 2015-04-01 23:38 - 2015-04-12 00:28 - 00181464 _____ () C:\Users\Monia\AppData\Local\GDIPFONTCACHEV1.DAT 2015-04-01 23:38 - 2015-04-01 23:46 - 00000000 ___HD () C:\asus.dat 2015-04-01 23:38 - 2015-04-01 23:38 - 00000188 _____ () C:\Windows\FixPatch.log 2015-04-01 23:38 - 2015-04-01 23:38 - 00000000 ____D () C:\Users\Monia\AppData\Local\Power2Go 2015-04-01 23:38 - 2015-04-01 23:30 - 00000000 ____D () C:\Users\Monia\AppData\Local\VirtualStore 2015-04-01 23:37 - 2015-04-04 13:06 - 00000000 ____D () C:\Users\Monia 2015-04-01 23:37 - 2015-04-01 23:37 - 00000020 ___SH () C:\Users\Monia\ntuser.ini 2015-04-01 23:37 - 2015-04-01 23:37 - 00000000 _SHDL () C:\Users\Monia\Ustawienia lokalne 2015-04-01 23:37 - 2015-04-01 23:37 - 00000000 _SHDL () C:\Users\Monia\Szablony 2015-04-01 23:37 - 2015-04-01 23:37 - 00000000 _SHDL () C:\Users\Monia\Moje dokumenty 2015-04-01 23:37 - 2015-04-01 23:37 - 00000000 _SHDL () C:\Users\Monia\Menu Start 2015-04-01 23:37 - 2015-04-01 23:37 - 00000000 _SHDL () C:\Users\Monia\Documents\Moje wideo 2015-04-01 23:37 - 2015-04-01 23:37 - 00000000 _SHDL () C:\Users\Monia\Documents\Moje obrazy 2015-04-01 23:37 - 2015-04-01 23:37 - 00000000 _SHDL () C:\Users\Monia\Documents\Moja muzyka 2015-04-01 23:37 - 2015-04-01 23:37 - 00000000 _SHDL () C:\Users\Monia\Dane aplikacji 2015-04-01 23:37 - 2015-04-01 23:37 - 00000000 _SHDL () C:\Users\Monia\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2015-04-01 23:37 - 2015-04-01 23:37 - 00000000 _SHDL () C:\Users\Monia\AppData\Local\Historia 2015-04-01 23:37 - 2015-04-01 23:37 - 00000000 _SHDL () C:\Users\Monia\AppData\Local\Dane aplikacji 2015-04-01 23:37 - 2015-04-01 23:37 - 00000000 ____D () C:\Windows\system32\log 2015-04-01 23:37 - 2010-01-10 02:45 - 00000000 ____D () C:\Users\Monia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite 2015-04-01 23:37 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\Monia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-04-01 23:37 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\Monia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-04-01 23:35 - 2015-04-01 23:35 - 00000108 _____ () C:\Windows\TMFilter.log 2015-04-01 23:24 - 2015-04-01 23:24 - 00000000 ____D () C:\Users\Monia\AppData\Roaming\AVAST Software 2015-04-01 23:23 - 2015-04-12 21:56 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2015-04-01 23:23 - 2015-04-01 23:24 - 00000000 ____D () C:\Windows\SysWOW64\vbox 2015-04-01 23:23 - 2015-04-01 23:24 - 00000000 ____D () C:\Windows\system32\vbox 2015-04-01 23:23 - 2015-04-01 23:23 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys 2015-04-01 23:23 - 2015-04-01 23:23 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys 2015-04-01 23:23 - 2015-04-01 23:23 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe 2015-04-01 23:23 - 2015-04-01 23:23 - 00271200 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2015-04-01 23:23 - 2015-04-01 23:23 - 00136752 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys 2015-04-01 23:23 - 2015-04-01 23:23 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys 2015-04-01 23:23 - 2015-04-01 23:23 - 00088408 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys 2015-04-01 23:23 - 2015-04-01 23:23 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2015-04-01 23:23 - 2015-04-01 23:23 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr 2015-04-01 23:23 - 2015-04-01 23:23 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2015-04-01 23:23 - 2015-04-01 23:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software 2015-04-01 23:20 - 2015-04-01 23:20 - 00000000 ____D () C:\ProgramData\AVAST Software 2015-04-01 23:20 - 2015-04-01 23:20 - 00000000 ____D () C:\Program Files\AVAST Software 2015-04-01 23:15 - 2015-04-01 23:15 - 00000000 ____D () C:\Users\Monia\AppData\Roaming\Macromedia 2015-04-01 23:13 - 2015-02-24 04:17 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2015-04-01 23:08 - 2015-04-05 20:49 - 00000000 ____D () C:\Users\Monia\AppData\Roaming\Adobe 2015-04-01 23:07 - 2012-06-03 00:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-04-01 23:07 - 2012-06-03 00:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-04-01 23:07 - 2012-06-03 00:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-04-01 23:07 - 2012-06-03 00:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-04-01 23:07 - 2012-06-03 00:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-04-01 23:07 - 2012-06-03 00:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-04-01 23:07 - 2012-06-03 00:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-04-01 23:07 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-04-01 23:07 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-12 22:45 - 2009-07-14 06:45 - 00010016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-04-12 22:45 - 2009-07-14 06:45 - 00010016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-04-12 22:41 - 2010-01-10 02:16 - 01468800 _____ () C:\Windows\WindowsUpdate.log 2015-04-12 21:54 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-04-12 21:54 - 2009-07-14 06:51 - 00048181 _____ () C:\Windows\setupact.log 2015-04-12 18:10 - 2010-01-10 03:12 - 00001840 _____ () C:\Windows\system32\AutoRunFilter.ini 2015-04-12 18:02 - 2009-08-03 21:55 - 00886736 _____ () C:\Windows\system32\perfh015.dat 2015-04-12 18:02 - 2009-08-03 21:55 - 00201374 _____ () C:\Windows\system32\perfc015.dat 2015-04-12 18:02 - 2009-07-14 07:13 - 01836558 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-04-12 14:41 - 2010-01-10 03:12 - 00001793 _____ () C:\Windows\system32\ServiceFilter.ini 2015-04-12 14:39 - 2009-07-14 06:45 - 00549584 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-04-12 02:56 - 2010-01-10 02:28 - 00000000 ____D () C:\ProgramData\Microsoft Help 2015-04-12 02:39 - 2009-07-14 04:34 - 00000478 _____ () C:\Windows\win.ini 2015-04-10 04:46 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System 2015-04-10 00:17 - 2009-07-14 02:35 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys 2015-04-10 00:17 - 2009-05-20 15:00 - 00111928 _____ (Brother Industries Ltd) C:\Windows\SysWOW64\BRRBTOOL.EXE 2015-04-10 00:17 - 2009-04-07 03:02 - 01560576 _____ (Brother Industries, Ltd.) C:\Windows\system32\BrWia09b.dll 2015-04-10 00:17 - 2009-02-24 01:37 - 00050176 _____ (Brother Industries, Ltd.) C:\Windows\system32\BrUsi09a.dll 2015-04-10 00:17 - 2007-01-15 15:00 - 00024223 _____ (Brother Industries, Ltd) C:\Windows\SysWOW64\BRLM03A.DLL 2015-04-10 00:17 - 2006-12-21 02:23 - 00176128 _____ (Brother Industries, Ltd.) C:\Windows\SysWOW64\BROSNMP.DLL 2015-04-10 00:17 - 2005-01-17 07:10 - 00045056 _____ () C:\Windows\SysWOW64\BRTCPCON.DLL 2015-04-10 00:17 - 2004-08-09 15:42 - 00077824 _____ (Brother Industries, Ltd.) C:\Windows\SysWOW64\BRLMW03A.DLL 2015-04-09 11:50 - 2010-01-10 02:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2015-04-09 11:50 - 2009-07-14 09:45 - 00000000 ____D () C:\Windows\ShellNew 2015-04-09 11:49 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared 2015-04-09 11:48 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild 2015-04-09 11:31 - 2010-01-10 02:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office 2015-04-08 05:47 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Registration 2015-04-06 11:35 - 2010-01-10 02:44 - 00000000 ____D () C:\ProgramData\CyberLink 2015-04-05 19:53 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries 2015-04-05 00:40 - 1998-11-11 06:50 - 00423016 _____ (Bits Per Second Ltd) C:\Windows\SysWOW64\GSW32.EXE 2015-04-04 13:48 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2015-04-03 19:11 - 2009-08-03 21:55 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer 2015-04-03 19:11 - 2009-07-14 09:45 - 00000000 ____D () C:\Program Files\Windows Journal 2015-04-03 19:11 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\SysWOW64\winrm 2015-04-03 19:11 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\SysWOW64\WCN 2015-04-03 19:11 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\SysWOW64\slmgr 2015-04-03 19:11 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts 2015-04-03 19:11 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\system32\winrm 2015-04-03 19:11 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\system32\WCN 2015-04-03 19:11 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\system32\slmgr 2015-04-03 19:11 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Sidebar 2015-04-03 19:11 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer 2015-04-03 19:11 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Defender 2015-04-03 19:11 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar 2015-04-03 19:11 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer 2015-04-03 19:11 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender 2015-04-03 19:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\MUI 2015-04-03 19:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\migwiz 2015-04-03 19:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism 2015-04-03 19:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\com 2015-04-03 19:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sysprep 2015-04-03 19:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\oobe 2015-04-03 19:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\MUI 2015-04-03 19:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\migwiz 2015-04-03 19:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism 2015-04-03 19:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\servicing 2015-04-03 19:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2015-04-03 19:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\IME 2015-04-03 19:10 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts 2015-04-03 19:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\sl-SI 2015-04-03 19:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK 2015-04-03 19:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sl-SI 2015-04-03 19:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\com 2015-04-03 19:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\sr-Latn-CS 2015-04-03 19:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\ro-RO 2015-04-03 19:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\lv-LV 2015-04-03 19:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS 2015-04-03 19:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sk-SK 2015-04-03 19:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\ro-RO 2015-04-03 19:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\lv-LV 2015-04-03 19:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\lt-LT 2015-04-03 19:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\et-EE 2015-04-03 19:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\lt-LT 2015-04-03 19:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\et-EE 2015-04-03 19:07 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\hr-HR 2015-04-03 19:07 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\bg-BG 2015-04-03 19:07 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\hr-HR 2015-04-03 19:07 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\bg-BG 2015-04-03 19:06 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\DVD Maker 2015-04-03 19:06 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Speech 2015-04-02 21:33 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD 2015-04-02 14:01 - 2009-07-14 02:06 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusb.sys 2015-04-02 14:00 - 2009-07-14 02:21 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\WpdMtp.dll 2015-04-02 14:00 - 2009-07-14 02:21 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\WpdMtpUS.dll 2015-04-02 13:26 - 2011-06-27 01:37 - 02753536 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\athrx.sys 2015-04-02 01:22 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat 2015-04-02 00:23 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF 2015-04-02 00:09 - 2010-01-10 03:12 - 00000080 _____ () C:\Windows\system32\Defrag.ini 2015-04-02 00:07 - 2014-06-26 07:33 - 00037976 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\CFRMD.sys 2015-04-02 00:01 - 2010-01-10 02:49 - 00000000 ____D () C:\Program Files (x86)\ASUS 2015-04-02 00:00 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-04-01 23:45 - 2010-01-10 03:15 - 00000824 _____ () C:\Windows\system32\Drivers\etc\tmvsthfud.bin 2015-04-01 23:45 - 2010-01-10 03:15 - 00000824 _____ () C:\Windows\system32\Drivers\etc\tmvsthfss.bin 2015-04-01 23:45 - 2010-01-10 02:26 - 05890476 _____ () C:\Windows\AsDebug.log 2015-04-01 23:45 - 2010-01-10 02:26 - 00219418 _____ () C:\Windows\AsCDProc.log 2015-04-01 23:45 - 2010-01-10 02:26 - 00002020 _____ () C:\Windows\PQArecord.log 2015-04-01 23:35 - 2009-07-29 07:10 - 00000000 __SHD () C:\Recovery 2015-04-01 23:35 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Recovery ==================== Files in the root of some directories ======= 2007-06-12 19:34 - 2007-06-12 19:34 - 0035822 _____ () C:\Program Files (x86)\Common Files\ASPG_icon.ico 2008-05-22 18:35 - 2008-05-22 18:35 - 0051962 _____ () C:\Program Files (x86)\Common Files\banner.jpg 2009-04-08 20:31 - 2009-04-08 20:31 - 0106496 _____ () C:\Program Files (x86)\Common Files\CPInstallAction.dll 2008-08-12 07:45 - 2008-08-12 07:45 - 0155648 _____ (ASUS) C:\Program Files (x86)\Common Files\MSIactionall.dll 2010-01-10 02:56 - 2009-09-10 19:06 - 0131368 _____ () C:\ProgramData\FullRemove.exe 2010-01-10 02:44 - 2010-01-10 02:45 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log 2010-01-10 02:44 - 2010-01-10 02:44 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log Some content of TEMP: ==================== C:\Users\Monia\AppData\Local\Temp\AcDeltree.exe C:\Users\Monia\AppData\Local\Temp\atl80.dll C:\Users\Monia\AppData\Local\Temp\AxSFADownloader.exe C:\Users\Monia\AppData\Local\Temp\DLMGuardian.exe C:\Users\Monia\AppData\Local\Temp\downloader_for_mbam-setup-2.0.4.1028.exe C:\Users\Monia\AppData\Local\Temp\mfc80.dll C:\Users\Monia\AppData\Local\Temp\mfc80u.dll C:\Users\Monia\AppData\Local\Temp\mfcm80.dll C:\Users\Monia\AppData\Local\Temp\mfcm80u.dll C:\Users\Monia\AppData\Local\Temp\msvcm80.dll C:\Users\Monia\AppData\Local\Temp\msvcp80.dll C:\Users\Monia\AppData\Local\Temp\msvcr80.dll C:\Users\Monia\AppData\Local\Temp\ose00000.exe C:\Users\Monia\AppData\Local\Temp\ose00001.exe C:\Users\Monia\AppData\Local\Temp\TmDbg32.dll C:\Users\Monia\AppData\Local\Temp\TmDbg64.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-04-07 15:25 ==================== End Of Log ============================