REKLAMA

FRST.txt

Asus K50AD - 18 wirusów, Avast nie usunął, co dalej?

Witam od jakiegoś czasu laptop zaczął dziwnie chodzić, więc z dobreprogramy ściągnęłam Avast Free Antivirus i po skanowaniu wykazało że jest 18 zarażonych plików. Omega-plus i Dynamo Combo o dynamo czytałam na forum ale niestety nie znam się na logach i ściągnęłam Farbar Recovery Scan Tool i w załączniku raport z tego skanu. Z panelu nie kasowałam Dynamo jeszcze, pomoże ktoś? Czy lepiej wgrać nowy system?


Pobierz plik - link do postu

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-01-2015
Ran by Adrian (administrator) on ADRIAN-KOMPUTER on 28-01-2015 16:31:01
Running from C:\Users\Adrian\Downloads
Loaded Profiles: Adrian (Available profiles: Adrian)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polski (Polska)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SysTool PasSame LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(XTab system) C:\Program Files (x86)\XTab\ProtectService.exe
() C:\Program Files (x86)\ASUS\Game Park\GameConsole\OberonGameConsoleService.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS CopyProtect\ASPG.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
() C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(SearchProtect) C:\Program Files (x86)\XTab\CmdShell.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
(XTab system) C:\Program Files (x86)\XTab\HPNotify.exe
() C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
(AlcorMicro Co., Ltd.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
(ASUS) C:\Windows\AsScrPro.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(ASUS) C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDECK.EXE
(ASUS) C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
() C:\Program Files (x86)\Dynamo Combo\updateDynamoCombo.exe
() C:\Program Files (x86)\Dynamo Combo\bin\utilDynamoCombo.exe
() C:\Program Files (x86)\Dynamo Combo\bin\DynamoCombo.PurBrowse64.exe
() C:\Program Files (x86)\Dynamo Combo\bin\DynamoCombo.expext.exe
() C:\Program Files (x86)\Dynamo Combo\bin\DynamoCombo.BrowserAdapter.exe
() C:\Program Files (x86)\Dynamo Combo\bin\DynamoCombo.BrowserAdapter64.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(FranmoSoftware) C:\Program Files (x86)\Odkurzacz\odkurzacz.exe
(Opera Software) C:\Program Files (x86)\Opera\27.0.1689.54\opera.exe
() C:\Program Files (x86)\Opera\27.0.1689.54\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\27.0.1689.54\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\27.0.1689.54\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\27.0.1689.54\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\27.0.1689.54\opera.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Opera Software) C:\Program Files (x86)\Opera\27.0.1689.54\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\27.0.1689.54\opera.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [EeeStorageBackup] = & gt; C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [1732608 2009-11-26] ()
HKLM\...\Run: [AmIcoSinglun64] = & gt; C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323584 2009-09-01] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [Windows Mobile Device Center] = & gt; C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [HControlUser] = & gt; C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [ATKOSD2] = & gt; C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [6859392 2009-08-17] (ASUS)
HKLM-x32\...\Run: [HDAudDeck] = & gt; C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2245120 2009-09-17] (VIA)
HKLM-x32\...\Run: [ATKMEDIA] = & gt; C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [159744 2009-04-20] (ASUS)
HKLM-x32\...\Run: [Setwallpaper] = & gt; c:\programdata\SetWallpaper.cmd
HKLM-x32\...\Run: [AvastUI.exe] = & gt; C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-27] (AVAST Software)
HKU\S-1-5-21-3671351804-1081028102-2467375829-1000\...\Run: [msnmsgr] = & gt; C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [3882312 2008-12-02] (Microsoft Corporation)
HKU\S-1-5-21-3671351804-1081028102-2467375829-1000\...\Run: [Badoo Desktop] = & gt; C:\ProgramData\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe
HKU\S-1-5-21-3671351804-1081028102-2467375829-1000\...\Run: [Skype] = & gt; C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-3671351804-1081028102-2467375829-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-3671351804-1081028102-2467375829-1000\...\MountPoints2: {1b2796d1-beca-11e1-b04d-e0cb4e4a3a8d} - F:\AutoRun.exe
HKU\S-1-5-21-3671351804-1081028102-2467375829-1000\...\MountPoints2: {2dee86ae-08ae-11e1-89b8-806e6f6e6963} - F:\AutoRun.exe
HKU\S-1-5-21-3671351804-1081028102-2467375829-1000\...\MountPoints2: {2dee8702-08ae-11e1-89b8-e0cb4e4a3a8d} - F:\AutoRun.exe
HKU\S-1-5-21-3671351804-1081028102-2467375829-1000\...\MountPoints2: {4b97f8d6-d997-11e2-bb74-e0cb4e4a3a8d} - F:\AutoRun.exe
HKU\S-1-5-21-3671351804-1081028102-2467375829-1000\...\MountPoints2: {4b97f8e2-d997-11e2-bb74-e0cb4e4a3a8d} - F:\AutoRun.exe
HKU\S-1-5-21-3671351804-1081028102-2467375829-1000\...\MountPoints2: {8e947234-d04a-11e1-baf3-e0cb4e4a3a8d} - F:\AutoRun.exe
HKU\S-1-5-21-3671351804-1081028102-2467375829-1000\...\MountPoints2: {9caa85b8-d41b-11e1-83df-e0cb4e4a3a8d} - F:\AutoRun.exe
HKU\S-1-5-21-3671351804-1081028102-2467375829-1000\...\MountPoints2: {b03a7cfa-da97-11e2-955a-001e101fb4df} - F:\AutoRun.exe
HKU\S-1-5-21-3671351804-1081028102-2467375829-1000\...\MountPoints2: {bca20ced-d59b-11e2-b5a0-e0cb4e4a3a8d} - F:\AutoRun.exe
HKU\S-1-5-21-3671351804-1081028102-2467375829-1000\...\MountPoints2: {bca20cfa-d59b-11e2-b5a0-e0cb4e4a3a8d} - F:\AutoRun.exe
HKU\S-1-5-21-3671351804-1081028102-2467375829-1000\...\MountPoints2: {bca20d1f-d59b-11e2-b5a0-e0cb4e4a3a8d} - F:\AutoRun.exe
HKU\S-1-5-21-3671351804-1081028102-2467375829-1000\...\MountPoints2: {bca20d32-d59b-11e2-b5a0-e0cb4e4a3a8d} - F:\AutoRun.exe
HKU\S-1-5-21-3671351804-1081028102-2467375829-1000\...\MountPoints2: {dd307374-0c48-11e4-9da9-e0cb4e4a3a8d} - F:\AutoRun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] = & gt; C:\Windows\System32\SPReview\SPReview.exe [301568 2013-03-20] (Microsoft Corporation)
AppInit_DLLs-x32: c:\progra~3\browse~1\261095~1.52\{c16c1~1\browse~1.dll = & gt; " c:\progra~3\browse~1\261095~1.52\{c16c1~1\browse~1.dll " File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
ShortcutTarget: FancyStart daemon.lnk - & gt; C:\Windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk
ShortcutTarget: SRS Premium Sound.lnk - & gt; C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe (Acresso Software Inc.)
ShellIconOverlayIdentifiers: [00avast] - & gt; {472083B0-C522-11CF-8763-00608CC02F24} = & gt; C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [ADSMOverlayIcon] - & gt; {A825576B-0042-4F0F-8FB0-93CE0F054E69} = & gt; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt64.dll ()
ShellIconOverlayIdentifiers: [ADSMOverlayIcon1] - & gt; {A8D448F4-0431-45AC-9F5E-E1B434AB2249} = & gt; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll ()
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] - & gt; {6D4133E5-0742-4ADC-8A8C-9303440F7190} = & gt; C:\Program Files (x86)\ASUS\ASUS WebStorage\service\AsusWSShellExt64.dll (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] - & gt; {64174815-8D98-4CE6-8646-4C039977D808} = & gt; C:\Program Files (x86)\ASUS\ASUS WebStorage\service\AsusWSShellExt64.dll (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers-x32: [ADSMOverlayIcon] - & gt; {A825576B-0042-4F0F-8FB0-93CE0F054E69} = & gt; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll ()
ShellIconOverlayIdentifiers-x32: [ADSMOverlayIcon1] - & gt; {A8D448F4-0431-45AC-9F5E-E1B434AB2249} = & gt; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll ()
GroupPolicy: Group Policy on Chrome detected & lt; ======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction & lt; ======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hppp & ts=1422370197 & from=cor & uid=ST9500325AS_6VE4DKD5XXXX6VE4DKD5
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hppp & ts=1422370197 & from=cor & uid=ST9500325AS_6VE4DKD5XXXX6VE4DKD5
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=ds & ts=1422370162 & from=cor & uid=ST9500325AS_6VE4DKD5XXXX6VE4DKD5 & q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=ds & ts=1422370162 & from=cor & uid=ST9500325AS_6VE4DKD5XXXX6VE4DKD5 & q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hppp & ts=1422370197 & from=cor & uid=ST9500325AS_6VE4DKD5XXXX6VE4DKD5
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hppp & ts=1422370197 & from=cor & uid=ST9500325AS_6VE4DKD5XXXX6VE4DKD5
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=ds & ts=1422370162 & from=cor & uid=ST9500325AS_6VE4DKD5XXXX6VE4DKD5 & q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=ds & ts=1422370162 & from=cor & uid=ST9500325AS_6VE4DKD5XXXX6VE4DKD5 & q={searchTerms}
HKU\S-1-5-21-3671351804-1081028102-2467375829-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hppp & ts=1422370197 & from=cor & uid=ST9500325AS_6VE4DKD5XXXX6VE4DKD5
HKU\S-1-5-21-3671351804-1081028102-2467375829-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=ds & ts=1422370162 & from=cor & uid=ST9500325AS_6VE4DKD5XXXX6VE4DKD5 & q={searchTerms}
HKU\S-1-5-21-3671351804-1081028102-2467375829-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hppp & ts=1422370197 & from=cor & uid=ST9500325AS_6VE4DKD5XXXX6VE4DKD5
HKU\S-1-5-21-3671351804-1081028102-2467375829-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKU\S-1-5-21-3671351804-1081028102-2467375829-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=ds & ts=1422370162 & from=cor & uid=ST9500325AS_6VE4DKD5XXXX6VE4DKD5 & q={searchTerms}
SearchScopes: HKLM - & gt; DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms} & form=ASUTDF & pc=MAAU & src=IE-SearchBox
SearchScopes: HKLM - & gt; {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms} & form=ASUTDF & pc=MAAU & src=IE-SearchBox
SearchScopes: HKLM-x32 - & gt; DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms} & form=ASUTDF & pc=MAAU & src=IE-SearchBox
SearchScopes: HKLM-x32 - & gt; {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms} & form=ASUTDF & pc=MAAU & src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3671351804-1081028102-2467375829-1000 - & gt; DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://isearch.omiga-plus.com/web/?utm_source=b & utm_medium=cor & utm_campaign=install_ie & utm_content=ds & from=cor & uid=ST9500325AS_6VE4DKD5XXXX6VE4DKD5 & ts=1422370230 & type=default & q={searchTerms}
SearchScopes: HKU\S-1-5-21-3671351804-1081028102-2467375829-1000 - & gt; {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://isearch.omiga-plus.com/web/?utm_source=b & utm_medium=cor & utm_campaign=install_ie & utm_content=ds & from=cor & uid=ST9500325AS_6VE4DKD5XXXX6VE4DKD5 & ts=1422370230 & type=default & q={searchTerms}
SearchScopes: HKU\S-1-5-21-3671351804-1081028102-2467375829-1000 - & gt; {0EAC648B-658A-49A9-A13F-09EE730B4986} URL = http://isearch.omiga-plus.com/web/?utm_source=b & utm_medium=cor & utm_campaign=install_ie & utm_content=ds & from=cor & uid=ST9500325AS_6VE4DKD5XXXX6VE4DKD5 & ts=1422370230 & type=default & q={searchTerms}
SearchScopes: HKU\S-1-5-21-3671351804-1081028102-2467375829-1000 - & gt; {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://isearch.omiga-plus.com/web/?utm_source=b & utm_medium=cor & utm_campaign=install_ie & utm_content=ds & from=cor & uid=ST9500325AS_6VE4DKD5XXXX6VE4DKD5 & ts=1422370230 & type=default & q={searchTerms}
SearchScopes: HKU\S-1-5-21-3671351804-1081028102-2467375829-1000 - & gt; {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://isearch.omiga-plus.com/web/?utm_source=b & utm_medium=cor & utm_campaign=install_ie & utm_content=ds & from=cor & uid=ST9500325AS_6VE4DKD5XXXX6VE4DKD5 & ts=1422370230 & type=default & q={searchTerms}
SearchScopes: HKU\S-1-5-21-3671351804-1081028102-2467375829-1000 - & gt; {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://isearch.omiga-plus.com/web/?utm_source=b & utm_medium=cor & utm_campaign=install_ie & utm_content=ds & from=cor & uid=ST9500325AS_6VE4DKD5XXXX6VE4DKD5 & ts=1422370230 & type=default & q={searchTerms}
SearchScopes: HKU\S-1-5-21-3671351804-1081028102-2467375829-1000 - & gt; {8A244612-A1F7-11E0-95C0-E71F4824019B} URL = http://isearch.omiga-plus.com/web/?utm_source=b & utm_medium=cor & utm_campaign=install_ie & utm_content=ds & from=cor & uid=ST9500325AS_6VE4DKD5XXXX6VE4DKD5 & ts=1422370230 & type=default & q={searchTerms}
SearchScopes: HKU\S-1-5-21-3671351804-1081028102-2467375829-1000 - & gt; {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://isearch.omiga-plus.com/web/?utm_source=b & utm_medium=cor & utm_campaign=install_ie & utm_content=ds & from=cor & uid=ST9500325AS_6VE4DKD5XXXX6VE4DKD5 & ts=1422370230 & type=default & q={searchTerms}
BHO: Windows Live Family Safety Browser Helper Class - & gt; {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - & gt; C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - & gt; {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - & gt; C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - & gt; {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - & gt; C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Pomocnik rejestrowania za pomocą identyfikatora Windows Live - & gt; {9030D464-4C02-4ABF-8ECC-5164760863C6} - & gt; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - & gt; {DBC80044-A445-435b-BC74-9C25C1C588A9} - & gt; C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - & gt; {3049C3E9-B461-4BC5-8870-4C09146192CA} - & gt; C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: IETabPage Class - & gt; {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - & gt; C:\Program Files (x86)\XTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: avast! Online Security - & gt; {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - & gt; C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Pomocnik rejestrowania za pomocą identyfikatora Windows Live - & gt; {9030D464-4C02-4ABF-8ECC-5164760863C6} - & gt; C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Dynamo Combo 1.0.0.7 - & gt; {986c37a1-7b65-476f-80dc-54f80bd4b0d6} - & gt; C:\Program Files (x86)\Dynamo Combo\DynamoCombobho.dll (Dynamo Combo)
BHO-x32: Skype Browser Helper - & gt; {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - & gt; C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - & gt; {DBC80044-A445-435b-BC74-9C25C1C588A9} - & gt; C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM-x32 - No Name - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - No File
Toolbar: HKU\S-1-5-21-3671351804-1081028102-2467375829-1000 - & gt; No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\lry5mxwk.default
FF DefaultSearchEngine: omiga-plus
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: omiga-plus
FF Homepage: hxxp://google.pl/
FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF & PC=UP97 & q=
FF Plugin: @adobe.com/FlashPlayer - & gt; C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - & gt; C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - & gt; C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - & gt; disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - & gt; C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - & gt; C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - & gt; C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/JavaPlugin - & gt; C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - & gt; disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - & gt; C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - & gt; C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8051.1204 - & gt; C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.0.282 - & gt; C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.0 - & gt; C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.0 - & gt; C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.0 - & gt; C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.0.282 - & gt; C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - & gt; C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - & gt; C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - & gt; C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - & gt; C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! = & gt; C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\lry5mxwk.default\user.js
FF SearchPlugin: C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\lry5mxwk.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\lry5mxwk.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\lry5mxwk.default\searchplugins\omiga-plus.xml
FF Extension: FF Toolbar - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\lry5mxwk.default\Extensions\fftoolbar2014@etech.com [2015-01-27]
FF Extension: Dynamo Combo 1.0.1 - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\lry5mxwk.default\Extensions\{16a92140-918d-4afb-9edb-46f22437bb10}.xpi [2015-01-27]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-01-26]
FF HKLM-x32\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-02-17]
FF HKLM-x32\...\Firefox\Extensions: [fftoolbar2014@etech.com] - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\lry5mxwk.default\extensions\fftoolbar2014@etech.com
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-01-27]

Chrome:
=======
CHR StartupUrls: Default - & gt; " hxxp://isearch.omiga-plus.com/?type=hppp & ts=1422370197 & from=cor & uid=ST9500325AS_6VE4DKD5XXXX6VE4DKD5 "
CHR DefaultSearchKeyword: Default - & gt; omiga-plus
CHR DefaultSuggestURL: Default - & gt;
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.230.5) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U23) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealDownloader Plugin) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Profile: C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dynamo Combo) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\dieadkaemlcjcmcnmahinmeejohpipnl [2015-01-28]
CHR Extension: (RealDownloader) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-03-31]
CHR Extension: (Google Wallet) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-21]
CHR HKU\S-1-5-21-3671351804-1081028102-2467375829-1000\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - No Path
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-27]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2012-11-29]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ADSMService; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [225280 2008-03-31] (ASUSTek Computer Inc.) [File not signed]
R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] () [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-27] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2015-01-27] (Avast Software)
R2 IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [158896 2015-01-16] (XTab system)
R2 OberonGameConsoleService; C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe [44312 2009-09-15] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
R2 Update Dynamo Combo; C:\Program Files (x86)\Dynamo Combo\updateDynamoCombo.exe [681208 2015-01-28] ()
R2 Util Dynamo Combo; C:\Program Files (x86)\Dynamo Combo\bin\utilDynamoCombo.exe [681208 2015-01-28] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [464384 2015-01-27] (SysTool PasSame LIMITED) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-27] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [87912 2015-01-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-01-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-27] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-01-27] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-27] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-01-27] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-27] ()
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [115240 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [19496 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [158760 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [137256 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [34344 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [136744 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [151592 2008-05-16] (MCCI Corporation)
S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [113704 2008-10-21] (MCCI Corporation)
S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [19496 2008-10-21] (MCCI Corporation)
S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [152616 2008-10-21] (MCCI Corporation)
S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [133160 2008-10-21] (MCCI Corporation)
S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [34856 2008-10-21] (MCCI Corporation)
S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [128552 2008-10-21] (MCCI Corporation)
S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [145960 2008-10-21] (MCCI Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1799680 2009-05-20] ()
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2015-01-27] (Avast Software)
R1 {16a92140-918d-4afb-9edb-46f22437bb10}Gw64; C:\Windows\System32\drivers\{16a92140-918d-4afb-9edb-46f22437bb10}Gw64.sys [48792 2015-01-26] (StdLib)
S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
U3 tmlwf; No ImagePath
U3 tmwfp; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-28 16:31 - 2015-01-28 16:32 - 00032086 _____ () C:\Users\Adrian\Downloads\FRST.txt
2015-01-28 16:30 - 2015-01-28 16:31 - 00000000 ____D () C:\FRST
2015-01-28 16:30 - 2015-01-28 16:30 - 02130432 _____ (Farbar) C:\Users\Adrian\Downloads\FRST64.exe
2015-01-28 16:12 - 2015-01-28 16:12 - 00000000 __SHD () C:\Users\Adrian\AppData\Local\EmieUserList
2015-01-28 16:12 - 2015-01-28 16:12 - 00000000 __SHD () C:\Users\Adrian\AppData\Local\EmieSiteList
2015-01-28 16:12 - 2015-01-28 16:12 - 00000000 __SHD () C:\Users\Adrian\AppData\Local\EmieBrowserModeList
2015-01-28 15:29 - 2015-01-28 15:29 - 00000197 _____ () C:\Windows\system32\2015-01-28-14-29-34.094-AvastVBoxSVC.exe-4020.log
2015-01-28 15:27 - 2015-01-28 15:27 - 00003356 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3671351804-1081028102-2467375829-1000
2015-01-28 15:26 - 2015-01-28 15:26 - 00000266 __RSH () C:\ProgramData\ntuser.pol
2015-01-28 10:05 - 2015-01-28 10:05 - 00000247 _____ () C:\Windows\system32\2015-01-28-09-05-35.037-aswFe.exe-4400.log
2015-01-28 09:49 - 2015-01-28 10:05 - 00000247 _____ () C:\Windows\system32\2015-01-28-08-49-34.063-aswFe.exe-4800.log
2015-01-28 09:49 - 2015-01-28 09:49 - 00000197 _____ () C:\Windows\system32\2015-01-28-08-49-25.086-AvastVBoxSVC.exe-4160.log
2015-01-28 09:37 - 2015-01-28 15:27 - 00003224 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3671351804-1081028102-2467375829-1000
2015-01-27 18:47 - 2015-01-27 18:47 - 00000247 _____ () C:\Windows\system32\2015-01-27-17-47-23.044-aswFe.exe-5672.log
2015-01-27 18:47 - 2015-01-27 18:47 - 00000197 _____ () C:\Windows\system32\2015-01-27-17-47-16.076-AvastVBoxSVC.exe-5608.log
2015-01-27 18:16 - 2015-01-27 18:17 - 00000247 _____ () C:\Windows\system32\2015-01-27-17-16-44.063-aswFe.exe-5280.log
2015-01-27 18:12 - 2015-01-27 18:14 - 00000247 _____ () C:\Windows\system32\2015-01-27-17-12-41.049-aswFe.exe-5704.log
2015-01-27 18:11 - 2015-01-27 18:11 - 00000197 _____ () C:\Windows\system32\2015-01-27-17-11-53.008-AvastVBoxSVC.exe-3188.log
2015-01-27 16:20 - 2015-01-27 16:22 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2015-01-27 16:20 - 2015-01-27 16:22 - 00000000 ____D () C:\Windows\system32\vbox
2015-01-27 16:20 - 2015-01-27 16:20 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\AVAST Software
2015-01-27 16:19 - 2015-01-28 15:28 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-01-27 16:19 - 2015-01-27 16:19 - 00001966 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-01-27 16:19 - 2015-01-27 16:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-01-27 16:19 - 2015-01-27 16:18 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-01-27 16:19 - 2015-01-27 16:18 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-01-27 16:19 - 2015-01-27 16:18 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-01-27 16:19 - 2015-01-27 16:18 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-01-27 16:18 - 2015-01-27 16:19 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-01-27 16:18 - 2015-01-27 16:19 - 00087912 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2015-01-27 16:18 - 2015-01-27 16:18 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-01-27 16:18 - 2015-01-27 16:18 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-01-27 16:18 - 2015-01-27 16:18 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-01-27 16:18 - 2015-01-27 16:18 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-01-27 16:16 - 2015-01-27 16:16 - 00000000 ____D () C:\Program Files\AVAST Software
2015-01-27 16:15 - 2015-01-27 16:16 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-01-27 16:15 - 2015-01-27 16:15 - 05006864 _____ (AVAST Software) C:\Users\Adrian\Downloads\avast_free_antivirus_setup_online.exe
2015-01-27 15:58 - 2015-01-26 20:39 - 00048792 _____ (StdLib) C:\Windows\system32\Drivers\{16a92140-918d-4afb-9edb-46f22437bb10}Gw64.sys
2015-01-27 15:52 - 2015-01-27 15:52 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\7 Sticky Notes
2015-01-27 15:51 - 2015-01-27 15:51 - 00001035 _____ () C:\Users\Public\Desktop\7 Sticky Notes.lnk
2015-01-27 15:51 - 2015-01-27 15:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7 Sticky Notes
2015-01-27 15:51 - 2015-01-27 15:51 - 00000000 ____D () C:\ProgramData\IHProtectUpDate
2015-01-27 15:51 - 2015-01-27 15:51 - 00000000 ____D () C:\Program Files (x86)\7 Sticky Notes
2015-01-27 15:51 - 2012-10-13 22:20 - 00805376 _____ () C:\Windows\SysWOW64\EditCtlsU.ocx
2015-01-27 15:51 - 2011-08-13 21:06 - 01031168 _____ () C:\Windows\SysWOW64\ExLVwU.ocx
2015-01-27 15:51 - 2011-05-21 00:02 - 00604672 _____ () C:\Windows\SysWOW64\ExTVwU.ocx
2015-01-27 15:51 - 2009-06-07 09:27 - 01071088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCTL.OCX
2015-01-27 15:51 - 2008-01-19 11:34 - 00554008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dao360.dll
2015-01-27 15:51 - 2005-04-15 15:58 - 01351392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.ocx
2015-01-27 15:51 - 2004-03-09 14:45 - 00212240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\richtx32.ocx
2015-01-27 15:51 - 2004-03-09 00:00 - 00662288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCT2.OCX
2015-01-27 15:51 - 2000-05-22 12:58 - 00140488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.ocx
2015-01-27 15:51 - 1998-06-24 01:00 - 00198456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCI32.OCX
2015-01-27 15:50 - 2015-01-27 15:51 - 00000000 ____D () C:\Program Files (x86)\XTab
2015-01-27 15:50 - 2015-01-27 15:50 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2015-01-27 15:49 - 2015-01-27 16:28 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\omiga-plus
2015-01-27 15:48 - 2015-01-28 15:34 - 00000000 ____D () C:\Program Files (x86)\Dynamo Combo
2015-01-27 15:48 - 2015-01-27 15:48 - 06154467 _____ (Fabio Martin ) C:\Users\Adrian\Downloads\Setup7StickyNotesv19.exe
2015-01-27 15:47 - 2015-01-27 15:47 - 00730528 _____ ( ) C:\Users\Adrian\Downloads\7-Sticky-Notes(35122)-dp.exe
2015-01-26 17:26 - 2015-01-26 17:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-20 09:53 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-20 09:53 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-20 09:53 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-20 09:53 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-20 09:53 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-20 09:53 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-20 09:53 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-20 09:53 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-20 09:53 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-20 09:53 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-20 09:52 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-20 09:52 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-20 09:52 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-28 16:27 - 2010-03-06 19:46 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\Skype
2015-01-28 16:25 - 2009-12-26 07:01 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-28 16:25 - 2009-12-26 07:00 - 00000000 ____D () C:\ProgramData\CyberLink
2015-01-28 16:25 - 2009-12-26 07:00 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2015-01-28 16:23 - 2010-02-25 02:41 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
2015-01-28 16:23 - 2009-12-26 07:01 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
2015-01-28 16:23 - 2009-12-26 07:01 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
2015-01-28 16:21 - 2010-12-31 16:36 - 00000000 ____D () C:\Program Files (x86)\AIMP2
2015-01-28 16:12 - 2010-03-06 19:45 - 00000000 ____D () C:\ProgramData\Skype
2015-01-28 16:03 - 2011-07-19 16:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashGet
2015-01-28 16:03 - 2011-07-19 16:23 - 00000000 ____D () C:\Program Files (x86)\FlashGet
2015-01-28 15:35 - 2009-12-26 06:31 - 01355764 _____ () C:\Windows\WindowsUpdate.log
2015-01-28 15:35 - 2009-07-14 05:45 - 00019056 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-28 15:35 - 2009-07-14 05:45 - 00019056 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-28 15:34 - 2009-07-14 03:34 - 00000489 _____ () C:\Windows\win.ini
2015-01-28 15:27 - 2010-05-26 07:21 - 00000000 ____D () C:\Users\Adrian\Tracing
2015-01-28 15:25 - 2012-03-04 22:37 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2015-01-28 15:25 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-28 15:24 - 2009-07-14 05:51 - 00178332 _____ () C:\Windows\setupact.log
2015-01-28 09:43 - 2011-11-06 20:38 - 00000000 ____D () C:\ProgramData\DatacardService
2015-01-28 09:40 - 2010-02-25 02:40 - 00000000 ____D () C:\Users\Adrian
2015-01-28 09:38 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\GroupPolicy
2015-01-27 22:07 - 2009-12-26 07:26 - 00002084 _____ () C:\Windows\system32\AutoRunFilter.ini
2015-01-27 22:07 - 2009-12-26 07:26 - 00001785 _____ () C:\Windows\system32\ServiceFilter.ini
2015-01-27 17:58 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2015-01-27 15:49 - 2013-12-28 19:06 - 00000000 ____D () C:\Users\Adrian\Desktop\Nowy folder
2015-01-27 13:28 - 2014-09-28 21:17 - 00003886 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1411935450
2015-01-27 13:28 - 2014-09-28 21:17 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-01-20 10:26 - 2013-07-14 08:12 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-20 10:09 - 2010-02-27 16:34 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-20 09:37 - 2010-03-06 19:45 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-01-19 19:36 - 2009-08-03 20:55 - 00745182 _____ () C:\Windows\system32\perfh015.dat
2015-01-19 19:36 - 2009-08-03 20:55 - 00158740 _____ () C:\Windows\system32\perfc015.dat
2015-01-19 19:36 - 2009-07-14 06:13 - 01683896 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-08 09:55 - 2010-04-01 13:59 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2007-06-12 18:34 - 2007-06-12 18:34 - 0035822 _____ () C:\Program Files (x86)\Common Files\ASPG_icon.ico
2008-05-22 17:35 - 2008-05-22 17:35 - 0051962 _____ () C:\Program Files (x86)\Common Files\banner.jpg
2009-04-08 19:31 - 2009-04-08 19:31 - 0106496 _____ () C:\Program Files (x86)\Common Files\CPInstallAction.dll
2008-08-12 06:45 - 2008-08-12 06:45 - 0155648 _____ (ASUS) C:\Program Files (x86)\Common Files\MSIactionall.dll
2011-07-19 19:30 - 2011-07-19 19:30 - 0003584 _____ () C:\Users\Adrian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-03-06 19:47 - 2010-03-06 19:47 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2009-12-26 07:07 - 2009-09-10 18:06 - 0131368 _____ () C:\ProgramData\FullRemove.exe
2009-12-26 07:01 - 2009-12-26 07:01 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2009-12-26 07:00 - 2009-12-26 07:01 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe = & gt; File is digitally signed
C:\Windows\System32\wininit.exe = & gt; File is digitally signed
C:\Windows\SysWOW64\wininit.exe = & gt; File is digitally signed
C:\Windows\explorer.exe = & gt; File is digitally signed
C:\Windows\SysWOW64\explorer.exe = & gt; File is digitally signed
C:\Windows\System32\svchost.exe = & gt; File is digitally signed
C:\Windows\SysWOW64\svchost.exe = & gt; File is digitally signed
C:\Windows\System32\services.exe = & gt; File is digitally signed
C:\Windows\System32\User32.dll = & gt; File is digitally signed
C:\Windows\SysWOW64\User32.dll = & gt; File is digitally signed
C:\Windows\System32\userinit.exe = & gt; File is digitally signed
C:\Windows\SysWOW64\userinit.exe = & gt; File is digitally signed
C:\Windows\System32\rpcss.dll = & gt; File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys = & gt; File is digitally signed


LastRegBack: 2015-01-26 18:54

==================== End Of Log ============================