Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-06-2015 Ran by Alek (administrator) on ALEK-KOMPUTER on 07-06-2015 22:13:16 Running from C:\Users\Alek\Desktop\Skany Loaded Profiles: Alek (Available Profiles: Alek) Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: Polski (Polska) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) Failed to access process -> csrss.exe Failed to access process -> csrss.exe (IObit) C:\Program Files\IObit\Advanced SystemCare Ultimate 8\ASCService.exe (IOBit) C:\Program Files\IObit\Advanced SystemCare Ultimate 8\ASCAvSvc.exe (IVT Corporation) C:\Program Files\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe (IObit) C:\Program Files\IObit\Advanced SystemCare Ultimate 8\Monitor.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Exploit\mbae-svc.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe (Zemana Ltd.) C:\Program Files\AntiLogger\AntiLogger.exe () C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (IObit) C:\Program Files\IObit\Advanced SystemCare Ultimate 8\ASCTray.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe (IVT Corporation) C:\Program Files\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe Failed to access process -> WUDFHost.exe (IObit) C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [AntiLogger] => C:\Program Files\AntiLogger\AntiLogger.exe [17780136 2013-09-09] (Zemana Ltd.) HKLM\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe [2618680 2015-04-08] (Malwarebytes Corporation) HKU\S-1-5-21-1082693307-133699451-4108277012-1000\...\Run: [Advanced SystemCare Ultimate] => C:\Program Files\IObit\Advanced SystemCare Ultimate 8\ASCTray.exe [2596128 2015-02-02] (IObit) HKU\S-1-5-21-1082693307-133699451-4108277012-1000\...\MountPoints2: F - F:\AutoRun.exe HKU\S-1-5-21-1082693307-133699451-4108277012-1000\...\MountPoints2: {1b7af794-59db-11e3-86c7-001dba8b022d} - F:\AutoRun.exe HKU\S-1-5-21-1082693307-133699451-4108277012-1000\...\MountPoints2: {1b7af7c0-59db-11e3-86c7-001dba8b022d} - F:\AutoRun.exe HKU\S-1-5-21-1082693307-133699451-4108277012-1000\...\MountPoints2: {63fc4016-5e35-11e3-a4b5-001dba8b022d} - F:\AutoRun.exe HKU\S-1-5-21-1082693307-133699451-4108277012-1000\...\MountPoints2: {ab0cdba0-5b7e-11e3-97a1-001dba8b022d} - F:\AutoRun.exe ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Alek\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-04-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Alek\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-04-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Alek\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-04-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Alek\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-04-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Alek\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-04-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Alek\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-04-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Alek\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-04-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Alek\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-04-14] (Dropbox, Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-1082693307-133699451-4108277012-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.pl/?gws_rd=ssl SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1082693307-133699451-4108277012-1000 -> {E0EC1343-5164-433B-9BF7-DC55E7E4A921} URL = BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll [2015-05-31] (IObit) BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-01-24] (CANON INC.) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-03-08] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-21] (Oracle Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2014-10-17] (IObit) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-21] (Oracle Corporation) Toolbar: HKLM - &Tłumaczenie - {0D704FAD-66E9-4F0A-BFED-4F665770DDB3} - C:\Program Files\Techland\Common\InternetTranslator\InternetTranslator.dll [2005-11-05] (Techland) Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-01-24] (CANON INC.) DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} http://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{81134549-34BE-48F8-8542-70E34530627A}: [NameServer] 81.95.167.65 81.95.167.66 FireFox: ======== FF ProfilePath: C:\Users\Alek\AppData\Roaming\Mozilla\Firefox\Profiles\n58i9uor.default-1431556599664 FF SelectedSearchEngine: Google FF Homepage: google.pl FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-16] () FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1215155.dll [2014-12-11] (Adobe Systems, Inc.) FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.) FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2013-06-16] (Tracker Software Products (Canada) Ltd.) FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-07-12] (Google) FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-21] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-21] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2013-10-02] ( ) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll [2013-10-18] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll [2013-10-18] (Google Inc.) FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2013-06-16] (Tracker Software Products (Canada) Ltd.) FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1082693307-133699451-4108277012-1000: @coreonline.com/run3d,version=1.0 -> C:\Users\Alek\AppData\LocalLow\Square Enix\nprun3d.dll [2012-09-14] (Square Enix) FF Plugin HKU\S-1-5-21-1082693307-133699451-4108277012-1000: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2013-06-16] (Tracker Software Products (Canada) Ltd.) FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Alek\AppData\Roaming\Mozilla\Firefox\Profiles\n58i9uor.default-1431556599664\Extensions\iobitascsurfingprotection@iobit.com [2015-06-07] FF Extension: AdBlock for Firefox - C:\Users\Alek\AppData\Roaming\Mozilla\Firefox\Profiles\n58i9uor.default-1431556599664\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2015-05-14] FF Extension: Slashy - C:\Users\Alek\AppData\Roaming\Mozilla\Firefox\Profiles\n58i9uor.default-1431556599664\Extensions\slashy@gemal.dk.xpi [2015-05-19] FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-06-02] Chrome: ======= CHR Profile: C:\Users\Alek\AppData\Local\Google\Chrome\User Data\Default ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-01-18] (Adobe Systems) [File not signed] R2 AdvancedSystemCareService8; C:\Program Files\IObit\Advanced SystemCare Ultimate 8\ASCService.exe [911648 2014-11-22] (IObit) R2 ASCAntivirusSrv; C:\Program Files\IObit\Advanced SystemCare Ultimate 8\ascavsvc.exe [658720 2014-12-29] (IOBit) R2 BlueSoleilCS; C:\Program Files\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1616136 2012-11-20] (IVT Corporation) R3 BsHelpCS; C:\Program Files\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [99080 2012-10-23] (IVT Corporation) S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [15768 2010-02-03] (Microsoft Corporation) S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2013-01-14] (Macrovision Europe Ltd.) [File not signed] S3 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [271712 2011-03-14] () S3 IMFservice; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [341824 2013-11-11] (IObit) S2 KMService; C:\Windows\system32\srvany.exe [8192 2015-01-11] () [File not signed] S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2585376 2015-05-03] (IObit) R2 MbaeSvc; C:\Program Files\Malwarebytes Anti-Exploit\mbae-svc.exe [656184 2015-04-08] (Malwarebytes Corporation) R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation) S2 Mobile Partner. RunOuc; C:\Program Files\Mobile Partner\UpdateDog\ouc.exe [655712 2013-11-30] () S4 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44544 2008-12-03] (Hewlett-Packard) [File not signed] S3 NETGEARGenieDaemon; C:\Program Files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe [195840 2014-11-06] (NETGEAR) S4 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-12-03] (Hewlett-Packard) [File not signed] R2 RapiMgr; C:\Windows\WindowsMobile\rapimgr.dll [183688 2007-05-31] () [File not signed] S3 SystemExplorerHelpService; C:\Program Files\System Explorer\service\SystemExplorerService.exe [534488 2012-04-16] (Mister Group) R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1020976 2013-08-01] (Sony Corporation) R2 WcesComm; C:\Windows\WindowsMobile\wcescomm.dll [379784 2007-05-31] () [File not signed] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) S3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 1394ohci; C:\Windows\system32\drivers\1394ohci.sys [164864 2010-11-20] () [File not signed] R0 ACPI; C:\Windows\System32\drivers\ACPI.sys [274304 2010-11-20] () [File not signed] S3 agp440; C:\Windows\system32\drivers\agp440.sys [53312 2009-07-14] () [File not signed] R1 AntiLog32; C:\Windows\system32\drivers\AntiLog32.sys [80104 2015-01-28] (Zemana Ltd.) R0 atapi; C:\Windows\System32\drivers\atapi.sys [21584 2009-07-14] () [File not signed] R3 athr; C:\Windows\System32\DRIVERS\athr.sys [3211264 2014-04-14] (Qualcomm Atheros Communications, Inc.) R2 bdfsfltr; C:\Windows\system32\Drivers\bdfsfltr.sys [356368 2013-11-21] (BitDefender) R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [20320 2012-06-15] (IVT Corporation) S3 BthEnum; C:\Windows\System32\DRIVERS\BthEnum.sys [34816 2009-07-14] () [File not signed] S3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [44616 2012-07-20] (Ralink Corporation) S3 BTHMODEM; C:\Windows\System32\DRIVERS\bthmodem.sys [56320 2009-07-14] () [File not signed] S3 BTHPORT; C:\Windows\System32\Drivers\BTHport.sys [393728 2012-07-06] () [File not signed] S3 BTHUSB; C:\Windows\System32\Drivers\BTHUSB.sys [60416 2011-04-28] () [File not signed] R1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [108544 2010-11-20] () [File not signed] S3 CisUtMonitor; C:\Windows\System32\DRIVERS\CisUtMonitor.sys [27600 2011-10-30] (CrystalIdea Software) R3 CmBatt; C:\Windows\System32\DRIVERS\CmBatt.sys [14080 2009-07-14] () [File not signed] R3 CompositeBus; C:\Windows\system32\drivers\CompositeBus.sys [31232 2010-11-20] () [File not signed] S3 DIRECTIO; C:\Program Files\PerformanceTest\DirectIo32.sys [22120 2012-08-13] () R0 Disk; C:\Windows\System32\DRIVERS\disk.sys [57424 2009-07-14] () [File not signed] R0 diskpt; C:\Windows\System32\drivers\diskpt.sys [204384 2011-03-31] (SHADOWDEFENDER.COM) S3 drmkaud; C:\Windows\system32\drivers\drmkaud.sys [5120 2009-07-14] () [File not signed] S3 ErrDev; C:\Windows\system32\drivers\errdev.sys [7168 2009-07-14] () [File not signed] R1 ESProtectionDriver; C:\Program Files\Malwarebytes Anti-Exploit\mbae.sys [47928 2015-04-08] () S3 eustub; C:\Windows\System32\DRIVERS\eusbstub.sys [13616 2012-09-13] (ELTIMA Software) S4 FileMonitor; C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys [21480 2013-03-23] (IObit) S3 HdAudAddService; C:\Windows\system32\drivers\HdAudio.sys [304128 2010-11-20] () [File not signed] R3 HDAudBus; C:\Windows\system32\drivers\HDAudBus.sys [108544 2010-11-20] () [File not signed] R3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [24064 2010-11-20] () [File not signed] R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [22560 2013-09-24] (REALiX(tm)) R3 i8042prt; C:\Windows\System32\DRIVERS\i8042prt.sys [80896 2009-07-14] () [File not signed] R0 iaStorA; C:\Windows\System32\DRIVERS\iaStorA.sys [527344 2013-03-05] (Intel Corporation) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [26096 2013-03-05] (Intel Corporation) R3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [53760 2009-07-14] () [File not signed] S4 IObitUnlocker; C:\Program Files\IObit\IObit Unlocker\IObitUnlocker.sys [29912 2013-09-30] (IObit) S3 isapnp; C:\Windows\system32\drivers\isapnp.sys [46656 2009-07-14] () [File not signed] S3 iScsiPrt; C:\Windows\system32\drivers\msiscsi.sys [234432 2014-04-23] () [File not signed] R0 iusb3hcs; C:\Windows\System32\DRIVERS\iusb3hcs.sys [16880 2013-02-22] (Intel Corporation) R3 kbdclass; C:\Windows\System32\DRIVERS\kbdclass.sys [42576 2009-07-14] () [File not signed] R3 kbdhid; C:\Windows\System32\DRIVERS\kbdhid.sys [28160 2010-11-20] () [File not signed] S3 LGBusEnum; C:\Windows\System32\drivers\LGBusEnum.sys [19720 2009-11-24] (Logitech Inc.) S3 LGPBTDD; C:\Windows\System32\Drivers\LGPBTDD.sys [23432 2009-07-01] (Logitech Inc.) S3 LGVirHid; C:\Windows\System32\drivers\LGVirHid.sys [14856 2009-11-24] (Logitech Inc.) R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [92888 2015-04-14] (Malwarebytes Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2015-06-07] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation) R3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [23552 2009-07-14] () [File not signed] R3 mouclass; C:\Windows\System32\DRIVERS\mouclass.sys [41552 2009-07-14] () [File not signed] R3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [26112 2009-07-14] () [File not signed] S3 mpio; C:\Windows\system32\drivers\mpio.sys [130432 2010-11-20] () [File not signed] S3 msdsm; C:\Windows\system32\drivers\msdsm.sys [116096 2010-11-20] () [File not signed] R0 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [13888 2009-07-14] () [File not signed] R1 mssmbios; C:\Windows\system32\drivers\mssmbios.sys [28240 2009-07-14] () [File not signed] R1 networx; C:\Windows\System32\drivers\networx.sys [38904 2013-10-21] (NetFilterSDK.com) R2 NPF; C:\Windows\system32\drivers\npf.sys [35088 2014-12-13] (CACE Technologies, Inc.) S3 ohci1394; C:\Windows\system32\drivers\ohci1394.sys [62464 2009-07-14] () [File not signed] S3 Parport; C:\Windows\System32\DRIVERS\parport.sys [79360 2009-07-14] () [File not signed] S2 Parvdm; C:\Windows\System32\DRIVERS\parvdm.sys [8704 2009-07-14] () [File not signed] R0 pci; C:\Windows\System32\drivers\pci.sys [153984 2010-11-20] () [File not signed] S3 pciide; C:\Windows\system32\drivers\pciide.sys [12368 2009-07-14] () [File not signed] R2 PfFilter; C:\Program Files\IObit\Protected Folder\pffilter.sys [34336 2013-04-03] (IObit Information Technology) R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [20640 2013-01-17] (Sonic Solutions) [File not signed] R1 RapportCerberus_59849; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_59849.sys [340432 2014-03-20] () S3 RapportIaso; c:\programdata\trusteer\rapport\store\exts\rapportms\baseline\rapportiaso.sys [63320 2014-03-20] (Trusteer Ltd.) R3 rdpbus; C:\Windows\System32\DRIVERS\rdpbus.sys [18944 2009-07-14] () [File not signed] S3 RegFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys [32288 2013-11-19] (IObit.com) S3 RFCOMM; C:\Windows\System32\DRIVERS\rfcomm.sys [129536 2009-07-14] () [File not signed] S3 sdbus; C:\Windows\system32\drivers\sdbus.sys [84992 2010-11-20] () [File not signed] S3 Serenum; C:\Windows\System32\DRIVERS\serenum.sys [17920 2009-07-14] () [File not signed] S1 Serial; C:\Windows\System32\DRIVERS\serial.sys [83456 2009-07-14] () [File not signed] S3 sermouse; C:\Windows\system32\DRIVERS\sermouse.sys [19968 2009-07-14] () [File not signed] S3 sffdisk; C:\Windows\System32\DRIVERS\sffdisk.sys [11264 2009-07-14] () [File not signed] S3 sffp_mmc; C:\Windows\system32\drivers\sffp_mmc.sys [12288 2009-07-14] () [File not signed] S3 sffp_sd; C:\Windows\System32\DRIVERS\sffp_sd.sys [12800 2010-11-20] () [File not signed] R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [18624 2013-12-24] (IObit) S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [26624 2011-07-01] (The OpenVPN Project) R1 TermDD; C:\Windows\system32\drivers\termdd.sys [53120 2010-11-20] () [File not signed] S3 Trufos; C:\Windows\System32\DRIVERS\TRUFOS.sys [341800 2013-11-21] (BitDefender S.R.L.) R3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [39936 2010-11-20] () [File not signed] S3 UrlFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\UrlFilter.sys [20944 2013-11-19] (IObit.com) R3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [76288 2013-11-27] () [File not signed] R3 usbehci; C:\Windows\system32\drivers\usbehci.sys [43520 2013-11-27] () [File not signed] R3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [258560 2013-11-27] () [File not signed] S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [20480 2013-11-27] () [File not signed] S3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [19968 2009-07-14] () [File not signed] S3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [76288 2011-03-11] () [File not signed] R3 usbuhci; C:\Windows\system32\drivers\usbuhci.sys [24064 2013-11-27] () [File not signed] R3 usbvideo; C:\Windows\System32\Drivers\usbvideo.sys [146816 2013-07-12] () [File not signed] S3 usb_rndisx; C:\Windows\System32\DRIVERS\usb8023x.sys [15872 2013-02-12] () [File not signed] R0 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [32832 2009-07-14] () [File not signed] S3 vhdmp; C:\Windows\system32\drivers\vhdmp.sys [160128 2010-11-20] () [File not signed] R0 volmgr; C:\Windows\System32\drivers\volmgr.sys [53120 2010-11-20] () [File not signed] R0 volsnap; C:\Windows\System32\drivers\volsnap.sys [245632 2010-11-20] () [File not signed] S3 vuhub; C:\Windows\System32\DRIVERS\vuhub.sys [56624 2012-09-13] (ELTIMA Software) S3 wceusbsh; C:\Windows\System32\DRIVERS\wceusbsh.sys [28672 2006-11-06] (Microsoft Corporation) S3 WinRing0_1_2_0; C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys [14416 2010-11-01] (OpenLibSys.org) S3 WINUSB; C:\Windows\System32\DRIVERS\WinUSB.SYS [35968 2010-11-20] () [File not signed] S3 WmiAcpi; C:\Windows\system32\drivers\wmiacpi.sys [11264 2009-07-14] () [File not signed] U5 BattC; C:\Windows\System32\Drivers\BattC.sys [25168 2009-07-14] () [File not signed] U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [31328 2012-06-15] (Ralink Corporation.) S3 cpuz134; No ImagePath S3 cpuz135; No ImagePath R3 cpuz137; \??\C:\Users\Alek\AppData\Local\Temp\cpuz137\cpuz137_x32.sys [X] S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-07 22:09 - 2015-06-07 22:13 - 00000000 ____D C:\Users\Alek\Desktop\Skany 2015-06-07 22:09 - 2015-06-07 22:13 - 00000000 ____D C:\FRST 2015-06-07 18:58 - 2015-06-07 18:58 - 00532136 _____ (Duplex Secure Ltd) C:\Users\Alek\Downloads\SPTDinst-v187-x86.exe 2015-06-02 18:43 - 2015-06-02 18:44 - 00000000 ____D C:\Program Files\Mozilla Firefox 2015-05-31 19:38 - 2015-05-31 19:49 - 00000000 ____D C:\output 2015-05-31 19:38 - 2015-05-31 19:38 - 00000000 ____D C:\Users\Alek\AppData\Roaming\YCanPDF 2015-05-31 19:38 - 2015-05-31 19:38 - 00000000 ____D C:\tmp 2015-05-31 19:37 - 2015-05-31 19:37 - 00000000 ____D C:\PDFToJPG 2015-05-31 19:35 - 2015-05-31 19:35 - 02249552 _____ (PDFJPG.com ) C:\Users\Alek\Downloads\pdftojpg.exe 2015-05-31 19:35 - 2015-05-31 19:35 - 00591266 _____ (jpegtopdf.com ) C:\Users\Alek\Downloads\jpegtopdf_setup.exe 2015-05-31 16:08 - 2015-05-31 16:08 - 00001164 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk 2015-05-31 12:14 - 2009-10-29 06:51 - 09458428 _____ (Anemeros Software) C:\Users\Alek\Desktop\CW.eXe 2015-05-29 10:23 - 2015-05-30 18:07 - 00000000 ____D C:\Windows\system32\ZALSDK_uninst 2015-05-28 20:27 - 2015-05-28 20:33 - 00000000 ____D C:\Users\Alek\AppData\Roaming\WinPatrol 2015-05-28 20:26 - 2015-05-28 20:26 - 00000000 ____D C:\Program Files\Ruiware 2015-05-26 22:26 - 2015-05-26 22:26 - 00436504 _____ (IBM Corp.) C:\Users\Alek\Downloads\RpprtSetup.exe 2015-05-22 22:48 - 2015-05-22 22:48 - 00000000 ____D C:\Program Files\Mozilla Thunderbird 2015-05-17 20:45 - 2015-05-05 07:37 - 00519981 _____ C:\Windows\system32\Drivers\etc\HOSTS.MVP 2015-05-17 13:23 - 2015-05-17 13:23 - 00000842 _____ C:\Windows\system32\Drivers\etc\hosts.txt 2015-05-15 06:41 - 2015-04-08 04:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll 2015-05-15 06:41 - 2015-04-08 04:14 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll 2015-05-14 03:34 - 2015-05-01 14:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2015-05-13 23:08 - 2015-05-05 02:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-05-13 23:08 - 2015-04-20 03:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2015-05-13 23:08 - 2015-04-20 03:56 - 00909312 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2015-05-13 23:08 - 2015-04-20 03:03 - 02382336 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-05-13 23:08 - 2015-04-18 03:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2015-05-13 23:08 - 2015-04-04 04:10 - 00137656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-05-13 23:08 - 2015-04-04 04:10 - 00067512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-05-13 23:08 - 2015-04-04 04:05 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-05-13 23:08 - 2015-04-04 04:05 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-05-13 23:08 - 2015-04-04 04:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-05-13 23:08 - 2015-04-04 04:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-05-13 23:08 - 2015-04-04 04:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-05-13 23:08 - 2015-04-04 04:05 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-05-13 23:08 - 2015-04-04 04:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-05-13 23:08 - 2015-04-04 04:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-05-13 23:08 - 2015-04-04 04:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-05-13 23:08 - 2015-04-04 04:05 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-05-13 23:08 - 2015-04-04 04:04 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-05-13 23:08 - 2015-04-04 04:04 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-05-13 23:08 - 2015-04-04 04:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-05-13 23:08 - 2015-04-04 04:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-05-13 23:08 - 2015-04-04 03:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-05-13 23:07 - 2015-04-22 02:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-05-13 23:07 - 2015-04-21 17:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-05-13 23:07 - 2015-04-21 17:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-05-13 23:07 - 2015-04-21 17:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-05-13 23:07 - 2015-04-21 17:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-05-13 23:07 - 2015-04-21 17:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-05-13 23:07 - 2015-04-21 17:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-05-13 23:07 - 2015-04-21 17:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-05-13 23:07 - 2015-04-21 17:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-05-13 23:07 - 2015-04-21 17:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-05-13 23:07 - 2015-04-21 17:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-05-13 23:07 - 2015-04-21 17:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-05-13 23:07 - 2015-04-21 17:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-05-13 23:07 - 2015-04-21 16:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-05-13 23:07 - 2015-04-21 16:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-05-13 23:07 - 2015-04-21 16:58 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-05-13 23:07 - 2015-04-21 16:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-05-13 23:07 - 2015-04-21 16:51 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-05-13 23:07 - 2015-04-21 16:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-05-13 23:07 - 2015-04-21 16:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-05-13 23:07 - 2015-04-21 16:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-05-13 23:07 - 2015-04-21 16:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-05-13 23:07 - 2015-04-21 16:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-05-13 23:07 - 2015-04-21 16:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-05-13 23:07 - 2015-04-21 16:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-05-13 23:07 - 2015-04-21 16:26 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-05-13 23:07 - 2015-04-21 16:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-05-13 23:07 - 2015-04-21 16:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-05-13 23:07 - 2015-04-21 16:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-05-13 23:07 - 2015-04-21 16:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-05-13 23:07 - 2015-04-21 15:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-05-13 23:07 - 2015-04-21 15:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-05-13 23:07 - 2015-04-13 04:19 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\services.exe 2015-05-13 23:06 - 2015-02-18 08:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2015-05-08 00:16 - 2015-05-13 10:31 - 34140160 _____ C:\HKEY_LOCAL_MACHINE_SYSTEM ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-07 21:13 - 2009-07-14 05:34 - 00017184 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-06-07 21:13 - 2009-07-14 05:34 - 00017184 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-06-07 19:14 - 2013-06-11 15:17 - 00000000 ____D C:\Users\Alek\AppData\Local\CrashDumps 2015-06-07 19:11 - 2015-03-15 15:11 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-06-07 19:10 - 2015-04-17 18:27 - 00007840 _____ C:\Windows\setupact.log 2015-06-07 19:10 - 2012-10-23 17:34 - 00000804 _____ C:\Windows\system32\bscs.ini 2015-06-07 19:10 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-06-07 19:08 - 2012-04-06 19:57 - 00006654 _____ C:\Windows\system32\PerfStringBackup.INI 2015-06-07 19:08 - 2009-07-14 09:07 - 05984526 _____ C:\Windows\system32\perfh015.dat 2015-06-07 19:08 - 2009-07-14 09:07 - 02048056 _____ C:\Windows\system32\perfc015.dat 2015-06-07 19:02 - 2012-04-06 18:46 - 01220714 _____ C:\Windows\WindowsUpdate.log 2015-06-03 06:38 - 2012-06-15 00:14 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2015-05-31 19:23 - 2013-11-28 18:49 - 00000000 ____D C:\Users\Alek\AppData\Roaming\PDF Explorer 2015-05-31 18:00 - 2014-02-24 00:12 - 00000000 ____D C:\Users\Alek\Desktop\UK 2015-05-30 21:38 - 2012-06-24 23:32 - 00000000 ____D C:\Users\Alek\AppData\Roaming\Skype 2015-05-30 18:42 - 2015-03-04 21:37 - 00002190 _____ C:\Users\Public\Desktop\Advanced SystemCare Ultimate 8.lnk 2015-05-30 18:33 - 2012-04-06 19:53 - 00000000 ____D C:\Users\Alek 2015-05-30 18:10 - 2014-01-25 21:44 - 00000000 ____D C:\Users\Alek\AppData\Roaming\ProductData 2015-05-30 18:10 - 2013-03-23 23:20 - 00000000 ____D C:\Program Files\AntiLogger 2015-05-30 18:10 - 2012-05-27 02:22 - 00000000 ____D C:\Users\Alek\AppData\Roaming\IObit 2015-05-30 18:10 - 2012-05-27 02:22 - 00000000 ____D C:\Program Files\IObit 2015-05-30 18:10 - 2012-04-15 12:45 - 00000000 ____D C:\Users\Alek\AppData\Roaming\uTorrent 2015-05-30 18:10 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\wfp 2015-05-30 18:10 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\registration 2015-05-30 17:41 - 2013-11-09 03:56 - 63610880 _____ C:\Windows\system32\config\software.iobit 2015-05-30 17:41 - 2013-11-09 03:56 - 03866624 _____ C:\Windows\system32\config\default.iobit 2015-05-30 17:41 - 2013-11-09 03:56 - 00028672 _____ C:\Windows\system32\config\security.iobit 2015-05-30 17:41 - 2013-11-09 03:56 - 00024576 _____ C:\Windows\system32\config\sam.iobit 2015-05-20 19:14 - 2009-07-14 03:03 - 65798144 _____ C:\Windows\system32\config\software.bak 2015-05-20 19:14 - 2009-07-14 03:03 - 38010880 _____ C:\Windows\system32\config\system.bak 2015-05-20 19:14 - 2009-07-14 03:03 - 03932160 _____ C:\Windows\system32\config\default.bak 2015-05-20 19:14 - 2009-07-14 03:03 - 00028672 _____ C:\Windows\system32\config\security.bak 2015-05-20 19:14 - 2009-07-14 03:03 - 00024576 _____ C:\Windows\system32\config\sam.bak 2015-05-18 20:04 - 2015-05-06 19:16 - 00008706 _____ C:\Windows\system32\ScanResults.xml 2015-05-18 19:48 - 2015-05-06 19:03 - 00000464 _____ C:\Windows\system32\ScannerSettings 2015-05-18 00:32 - 2015-04-18 16:41 - 00000000 ____D C:\Program Files\KM Wakeup 2015-05-16 07:31 - 2014-09-03 18:35 - 00000000 ____D C:\Program Files\Windows Journal 2015-05-14 11:19 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache 2015-05-14 10:53 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Microsoft.NET 2015-05-14 10:08 - 2015-03-21 07:10 - 00445200 _____ C:\Windows\system32\FNTCACHE.DAT 2015-05-14 10:06 - 2012-08-17 10:43 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2015-05-14 06:42 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\pl-PL 2015-05-14 03:34 - 2013-07-21 19:49 - 00000000 ____D C:\Windows\system32\MRT 2015-05-14 03:16 - 2012-04-06 20:43 - 137310008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-05-13 23:36 - 2014-09-07 04:22 - 00000000 ____D C:\Users\Alek\Desktop\Stare dane programu Firefox ==================== Files in the root of some directories ======= 2013-10-22 09:42 - 2013-10-22 09:42 - 0000024 ___SH () C:\Users\Alek\AppData\Roaming\1D959CA221C7573.sys 2013-03-25 00:00 - 2013-07-13 10:55 - 0000615 _____ () C:\Users\Alek\AppData\Roaming\burnaware.ini 2013-05-22 23:23 - 2013-05-22 23:23 - 0159200 _____ () C:\Users\Alek\AppData\Roaming\CrashRpt1402.dll 2013-05-15 00:15 - 2013-07-17 00:26 - 0001010 _____ () C:\Users\Alek\AppData\Roaming\editplus_u.ini 2014-01-06 16:13 - 2014-01-06 16:13 - 0000039 _____ () C:\Users\Alek\AppData\Roaming\mbam.context.scan 2012-10-07 20:12 - 2012-10-08 01:46 - 0009570 _____ () C:\Users\Alek\AppData\Roaming\PStrip.ini 2013-10-22 09:42 - 2013-10-22 09:42 - 0000024 ___SH () C:\Users\Alek\AppData\Roaming\System5908ConfigCollection.dat 2014-08-24 16:01 - 2014-08-24 16:01 - 0000044 _____ () C:\Users\Alek\AppData\Roaming\WB.CFG 2014-12-22 22:04 - 2014-12-22 22:04 - 0000038 ___SH () C:\Users\Alek\AppData\Local\134e6589520e51682091c0.32666518 2014-08-25 13:15 - 2014-08-25 13:15 - 0182046 _____ () C:\Users\Alek\AppData\Local\ars.cache 2014-08-25 13:15 - 2014-08-25 13:15 - 0335172 _____ () C:\Users\Alek\AppData\Local\census.cache 2012-10-15 00:23 - 2014-03-03 00:43 - 0011776 _____ () C:\Users\Alek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-09-25 00:36 - 2013-09-25 09:35 - 2128896 _____ () C:\Users\Alek\AppData\Local\file__0.localstorage 2014-08-25 12:54 - 2014-08-25 12:54 - 0000036 _____ () C:\Users\Alek\AppData\Local\housecall.guid.cache 2012-12-14 02:00 - 2012-12-14 02:00 - 0000218 _____ () C:\Users\Alek\AppData\Local\recently-used.xbel 2012-10-14 01:37 - 2015-03-31 01:36 - 0007646 _____ () C:\Users\Alek\AppData\Local\resmon.resmoncfg 2014-08-25 13:05 - 2014-08-25 13:05 - 0000010 _____ () C:\Users\Alek\AppData\Local\sponge.last.runtime.cache 2013-12-13 20:52 - 2013-12-13 20:52 - 1033974 _____ () C:\ProgramData\1386963520.bdinstall.bin 2013-12-15 01:13 - 2013-12-15 01:13 - 0256361 _____ () C:\ProgramData\1387066263.bdinstall.bin 2014-01-08 22:14 - 2014-01-08 22:14 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2013-11-04 00:02 - 2014-12-24 14:52 - 0006696 _____ () C:\ProgramData\hpzinstall.log 2014-01-08 01:59 - 2014-01-08 01:59 - 0000558 _____ () C:\ProgramData\SMRResults410.dat ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll [2012-04-06 22:01] - [2010-11-20 13:21] - 0811520 ____A (Microsoft Corporation) 8626F0C30D4E3564FFDD25C90F4426F1 C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys [2012-04-06 22:01] - [2010-11-20 13:30] - 0245632 ____A () D41D8CD98F00B204E9800998ECF8427E C:\Windows\system32\Drivers\volsnap.sys No Company Name <===== ATTENTION! LastRegBack: 2015-06-03 07:09 ==================== End of log ============================