Jump to content

Need help i think i got virus

onlys

By onlys
in Resolved Malware Removal Logs

 Share

Recommended Posts

onlys

onlys

Posted
  • Author
Posted
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-07-2014

Ran by Augustinas (administrator) on AUGUSTINAS-PC on 26-07-2014 10:05:09

Running from C:\Users\Augustinas\Desktop\Apsaugos programos

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)

Internet Explorer Version 11

Boot Mode: Normal

 

The only official download link for FRST:



Download link from any site other than Bleeping Computer is unpermitted or outdated.


 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe

(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe

(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe

(Hi-Rez Studios) C:\Zaidimai\HiPatchService.exe

(IObit) C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe

(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe

(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe

(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe

(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe

(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe

(Flux Software LLC) C:\Users\Augustinas\AppData\Local\FluxSoftware\Flux\flux.exe

(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe

(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe

(Akamai Technologies, Inc.) C:\Users\Augustinas\AppData\Local\Akamai\netsession_win.exe

(BitTorrent Inc.) C:\Users\Augustinas\AppData\Roaming\uTorrent\uTorrent.exe

(Akamai Technologies, Inc.) C:\Users\Augustinas\AppData\Local\Akamai\netsession_win.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe

(Microsoft Corporation) C:\Windows\System32\alg.exe

(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe

(Intel Corporation) C:\Windows\System32\igfxsrvc.exe

(Intel Corporation) C:\Windows\System32\igfxext.exe

(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe

(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe

(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe

(Google Inc.) C:\Users\Augustinas\AppData\Local\Google\Update\GoogleUpdate.exe

(Microsoft Corporation) C:\Windows\System32\prevhost.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Augustinas\AppData\Local\Google\Update\GoogleUpdate.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

 

 

==================== Registry (Whitelisted) ==================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-04-06] (Realtek Semiconductor)

HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)

HKLM\...\Run: [bCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)

HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation)

HKLM-x32\...\Run: [NCUpdateHelper] => C:\Program Files (x86)\NCWest\NCLauncher\NCUpdateHelper.exe [528360 2013-10-01] (NCSOFT Corporation)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKU\.DEFAULT\...\RunOnce: [isMyWinLockerReboot] => msiexec.exe /qn /x{voidguid} 

HKU\S-1-5-21-4107057132-3819047408-2538323704-1000\...\Run: [F.lux] => C:\Users\Augustinas\AppData\Local\FluxSoftware\Flux\flux.exe [1016712 2013-10-16] (Flux Software LLC)

HKU\S-1-5-21-4107057132-3819047408-2538323704-1000\...\Run: [Advanced SystemCare 7] => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2288928 2014-02-11] (IObit)

HKU\S-1-5-21-4107057132-3819047408-2538323704-1000\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)

HKU\S-1-5-21-4107057132-3819047408-2538323704-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Augustinas\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)

HKU\S-1-5-21-4107057132-3819047408-2538323704-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)

HKU\S-1-5-21-4107057132-3819047408-2538323704-1000\...\Run: [uTorrent] => C:\Users\Augustinas\AppData\Roaming\uTorrent\uTorrent.exe [1322832 2014-07-21] (BitTorrent Inc.)

HKU\S-1-5-21-4107057132-3819047408-2538323704-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xF04DB546168ACE01

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = lt-LT

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe

BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Advanced SystemCare Browser Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)

Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)

Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

 

FireFox:

========

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()

FF Plugin: @microsoft.com/GENUINE - disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()

FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)

FF Plugin-x32: @idsoftware.com/QuakeLive - C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)

FF Plugin-x32: @IObit.com/np_Asc_Plugin - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\np_Asc_plugin.dll (IObit)

FF Plugin-x32: @microsoft.com/GENUINE - disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @nexon.net/NxGame - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)

FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)

FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin - C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Augustinas\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Augustinas\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Augustinas\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File

FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor

FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2011-10-13]

 

Chrome: 

=======

CHR HomePage: 

CHR Extension: („Google“ dokumentai) - C:\Users\Augustinas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-21]

CHR Extension: („Google“ diskas ) - C:\Users\Augustinas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-21]

CHR Extension: (YouTube) - C:\Users\Augustinas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-03]

CHR Extension: („Google“ paieška) - C:\Users\Augustinas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-03]

CHR Extension: (SiteAdvisor) - C:\Users\Augustinas\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2014-07-21]

CHR Extension: (Skype Click to Call) - C:\Users\Augustinas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-01-03]

CHR Extension: („Google“ piniginė) - C:\Users\Augustinas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]

CHR Extension: (Gmail) - C:\Users\Augustinas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-03]

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-10-02]

 

==================== Services (Whitelisted) =================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [881952 2014-01-14] (IObit)

S3 ArcService; C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [88400 2014-05-20] (Perfect World Entertainment Inc)

R2 HiPatchService; C:\Zaidimai\HiPatchService.exe [9216 2014-02-28] (Hi-Rez Studios) [File not signed]

R2 McAfee SiteAdvisor Service; c:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [155856 2014-06-26] (McAfee, Inc.)

R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)

R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)

R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)

R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)

S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5220040 2013-10-22] (INCA Internet Co., Ltd.) [File not signed]

R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)

S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)

R2 Themes; C:\Windows\system32\themeservice.dll [44544 2013-04-24] (Microsoft Corporation) [File not signed]

S2 SafetyNutManager2; No ImagePath

S2 YouTubeAcceleratorService; C:\PROGRA~2\YOUTUB~1\YouTubeAcceleratorService.exe -start -scm [X]

S2 楗敳潂瑯獁楳瑳湡tDZ"; 㩃停潲牧浡䘠汩獥⠠㡸⤶坜獩履楗敳䌠牡⁥㘳尵潂瑯楔敭攮數 [X]

 

==================== Drivers (Whitelisted) ====================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-01-06] (DT Soft Ltd)

R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [128200 2014-03-27] (Qualcomm Atheros Co., Ltd.)

S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv_x64.sys [44928 2012-10-11] (ManyCam LLC)

S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [28160 2013-01-31] (ManyCam LLC)

R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 2014-05-03] (Intel Corporation)

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)

R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)

R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2013-12-24] (IObit)

R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33008 2014-04-06] (Synaptics Incorporated)

S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)

S3 BTATH_BUS; system32\DRIVERS\btath_bus.sys [X]

S3 catchme; \??\C:\ComboFix\catchme.sys [X]

S3 X6va022; \??\C:\Windows\SysWOW64\Drivers\X6va022 [X]

 

==================== NetSvcs (Whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

 

 

==================== One Month Created Files and Folders ========

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2014-07-25 20:47 - 2014-07-25 20:47 - 00009807 _____ () C:\Users\Augustinas\Desktop\g.txt

2014-07-25 20:17 - 2014-07-25 20:18 - 00001198 _____ () C:\Users\Augustinas\Desktop\Contig - Shortcut.lnk

2014-07-25 19:53 - 2014-07-25 19:53 - 00104548 _____ () C:\Users\Augustinas\Downloads\Contig.zip

2014-07-25 19:53 - 2014-07-25 19:53 - 00104548 _____ () C:\Users\Augustinas\Downloads\Contig (1).zip

2014-07-25 16:28 - 2014-07-25 16:33 - 00000000 ____D () C:\Users\Augustinas\Desktop\foto

2014-07-24 21:55 - 2014-07-24 21:55 - 00000000 ____D () C:\Program Files (x86)\ESET

2014-07-24 20:28 - 2014-07-24 20:28 - 00024483 _____ () C:\ComboFix.txt

2014-07-24 19:03 - 2014-07-24 20:29 - 00000000 ____D () C:\Qoobox

2014-07-24 19:03 - 2011-06-26 09:45 - 00256000 _____ () C:\Windows\PEV.exe

2014-07-24 19:03 - 2010-11-07 20:20 - 00208896 _____ () C:\Windows\MBR.exe

2014-07-24 19:03 - 2009-04-20 07:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe

2014-07-24 19:03 - 2000-08-31 03:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe

2014-07-24 19:03 - 2000-08-31 03:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe

2014-07-24 19:03 - 2000-08-31 03:00 - 00098816 _____ () C:\Windows\sed.exe

2014-07-24 19:03 - 2000-08-31 03:00 - 00080412 _____ () C:\Windows\grep.exe

2014-07-24 19:03 - 2000-08-31 03:00 - 00068096 _____ () C:\Windows\zip.exe

2014-07-24 19:02 - 2014-07-24 20:24 - 00000000 ____D () C:\Windows\erdnt

2014-07-24 11:10 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll

2014-07-24 11:09 - 2014-07-24 11:12 - 00000000 ____D () C:\AdwCleaner

2014-07-23 22:01 - 2014-07-23 22:02 - 18902270 _____ () C:\Users\Augustinas\Downloads\Nikita (Season 03) » Filmai online nemokami[via torchbrowser.com].mp4.torchdownload

2014-07-23 20:39 - 2014-07-23 20:39 - 80042613 _____ () C:\Users\Augustinas\Downloads\Divergentė - Divergent (2014) » Filmai online nemokami[via torchbrowser.aac

2014-07-23 19:45 - 2014-07-23 20:39 - 420011461 _____ () C:\Users\Augustinas\Downloads\Divergentė - Divergent (2014) » Filmai online nemokami[via torchbrowser.com].mp4

2014-07-23 12:31 - 2014-07-23 12:31 - 00000000 ____D () C:\Users\Augustinas\AppData\Roaming\Steam

2014-07-23 12:29 - 2014-07-23 12:29 - 00000870 _____ () C:\Users\Augustinas\Desktop\The Walking Dead Season 2.lnk

2014-07-23 12:29 - 2014-07-23 12:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Walking Dead Season 2

2014-07-23 10:50 - 2014-07-23 12:23 - 00000000 ____D () C:\Users\Augustinas\Downloads\The.Walking.Dead.Season.Two.Episode.4-CODEX

2014-07-23 10:50 - 2014-07-23 10:50 - 00037082 _____ () C:\Users\Augustinas\Downloads\[Torrent.LT]_Zaidimai-PC-The-Walking-Dead-Season-Two-Episode-4-CODEX.torrent

2014-07-23 10:22 - 2014-07-26 10:05 - 00000000 ____D () C:\FRST

2014-07-22 22:38 - 2014-07-22 22:38 - 24787751 _____ () C:\Users\Augustinas\Downloads\Po kupolu - Under the Dome (Season 02) » Filmai online nemokami[via torchbrowser.aac

2014-07-22 22:27 - 2014-07-22 22:38 - 120609999 _____ () C:\Users\Augustinas\Downloads\Po kupolu - Under the Dome (Season 02) » Filmai online nemokami[via torchbrowser.com].mp4

2014-07-22 22:16 - 2014-07-22 22:27 - 113047860 _____ () C:\Users\Augustinas\Downloads\Po kupolu - Under the Dome (Season 02) » Filmai online nemokami[via torchbrowser.com].mp4.torchdownload

2014-07-22 22:14 - 2014-07-22 22:14 - 26563140 _____ () C:\Users\Augustinas\Downloads\Jaunasis vilkas (Season 04) » Filmai online nemokami[via torchbrowser.aac

2014-07-22 22:03 - 2014-07-22 22:14 - 123665731 _____ () C:\Users\Augustinas\Downloads\Jaunasis vilkas (Season 04) » Filmai online nemokami[via torchbrowser.com].mp4

2014-07-22 19:42 - 2014-07-26 10:02 - 00000560 _____ () C:\Windows\setupact.log

2014-07-22 19:42 - 2014-07-26 09:56 - 00003008 _____ () C:\Windows\PFRO.log

2014-07-22 19:42 - 2014-07-22 19:42 - 00000000 _____ () C:\Windows\setuperr.log

2014-07-22 18:10 - 2014-07-26 10:01 - 01787980 _____ () C:\Windows\WindowsUpdate.log

2014-07-22 13:35 - 2014-07-22 13:35 - 00000725 _____ () C:\Users\Public\Desktop\Elsword.lnk

2014-07-22 13:35 - 2014-07-22 13:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elsword

2014-07-21 22:36 - 2014-07-21 22:36 - 27233609 _____ () C:\Users\Augustinas\Downloads\Nikita (Season 02) » Filmai online nemokami[via torchbrowser (3).aac

2014-07-21 22:31 - 2014-07-21 22:36 - 127845529 _____ () C:\Users\Augustinas\Downloads\Nikita (Season 02) » Filmai online nemokami[via torchbrowser.com] (3).mp4

2014-07-21 22:30 - 2014-07-21 22:30 - 26928812 _____ () C:\Users\Augustinas\Downloads\Nikita (Season 02) » Filmai online nemokami[via torchbrowser (2).aac

2014-07-21 22:27 - 2014-07-21 22:30 - 126898424 _____ () C:\Users\Augustinas\Downloads\Nikita (Season 02) » Filmai online nemokami[via torchbrowser.com] (2).mp4

2014-07-21 22:26 - 2014-07-21 22:26 - 27222241 _____ () C:\Users\Augustinas\Downloads\Nikita (Season 02) » Filmai online nemokami[via torchbrowser (1).aac

2014-07-21 22:23 - 2014-07-21 22:26 - 128012575 _____ () C:\Users\Augustinas\Downloads\Nikita (Season 02) » Filmai online nemokami[via torchbrowser.com] (1).mp4

2014-07-21 22:20 - 2014-07-21 22:20 - 26753196 _____ () C:\Users\Augustinas\Downloads\Nikita (Season 02) » Filmai online nemokami[via torchbrowser.aac

2014-07-21 22:17 - 2014-07-21 22:20 - 126880085 _____ () C:\Users\Augustinas\Downloads\Nikita (Season 02) » Filmai online nemokami[via torchbrowser.com].mp4

2014-07-21 21:17 - 2014-07-21 21:17 - 02465832 _____ () C:\Users\Augustinas\Downloads\Elsword_Downloader (1).exe

2014-07-21 20:11 - 2014-07-21 20:11 - 00002259 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-07-21 20:11 - 2014-07-21 20:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

2014-07-21 20:07 - 2014-07-25 22:12 - 00000918 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-07-21 20:07 - 2014-07-21 20:07 - 00003914 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2014-07-21 20:06 - 2014-07-26 10:02 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-07-21 20:06 - 2014-07-21 20:06 - 00895120 _____ (Google Inc.) C:\Users\Augustinas\Downloads\ChromeSetup.exe

2014-07-21 20:06 - 2014-07-21 20:06 - 00003662 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2014-07-21 20:05 - 2014-07-21 20:05 - 02465832 _____ () C:\Users\Augustinas\Downloads\Elsword_Downloader.exe

2014-07-21 17:53 - 2014-07-21 17:53 - 00005120 ___SH () C:\Users\Augustinas\Documents\Thumbs.db

2014-07-21 17:29 - 2014-07-21 17:29 - 00000879 _____ () C:\Users\Augustinas\Desktop\The Wolf Among Us Episode 5.lnk

2014-07-21 17:29 - 2014-07-21 17:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Wolf Among Us Episode 5

2014-07-21 16:31 - 2014-07-21 16:31 - 00000000 ____D () C:\ProgramData\Riot Games

2014-07-21 16:20 - 2014-07-21 16:20 - 00000000 _____ () C:\asc_rdflag

2014-07-21 15:34 - 2014-07-21 20:11 - 00000000 ____D () C:\Users\Augustinas\Downloads\The.Wolf.Among.Us.Episode.5-CODEX

2014-07-21 15:27 - 2014-07-24 20:51 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-07-21 15:27 - 2014-07-21 15:27 - 00001110 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-07-21 15:27 - 2014-07-21 15:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-07-21 15:27 - 2014-07-21 15:27 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-07-21 15:27 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-07-21 15:27 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-07-21 15:27 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-07-21 15:22 - 2014-07-21 15:26 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Augustinas\Downloads\mbam-setup-2.0.2.1012.exe

2014-07-21 15:15 - 2014-07-21 15:15 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-07-21 15:15 - 2014-07-21 15:15 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe

2014-07-21 15:15 - 2014-07-21 15:15 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe

2014-07-21 15:13 - 2014-07-21 15:13 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-07-21 15:13 - 2014-07-21 15:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-07-21 15:13 - 2014-07-21 15:13 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-07-21 15:13 - 2014-07-21 15:13 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-07-21 15:13 - 2014-07-21 15:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-07-21 15:13 - 2014-07-21 15:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-07-21 15:13 - 2014-07-21 15:13 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-07-21 15:13 - 2014-07-21 15:13 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-07-21 15:13 - 2014-07-21 15:13 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-07-21 15:13 - 2014-07-21 15:13 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-07-21 15:12 - 2014-07-21 15:12 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys

2014-07-21 15:11 - 2014-07-21 15:11 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2014-07-21 15:11 - 2014-07-21 15:11 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2014-07-21 15:11 - 2014-07-21 15:11 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2014-07-21 15:09 - 2014-07-21 15:09 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2014-07-21 15:09 - 2014-07-21 15:09 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2014-07-21 15:09 - 2014-07-21 15:09 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2014-07-21 15:09 - 2014-07-21 15:09 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2014-07-21 15:09 - 2014-07-21 15:09 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll

2014-07-21 15:09 - 2014-07-21 15:09 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll

2014-07-21 15:09 - 2014-07-21 15:09 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2014-07-21 15:09 - 2014-07-21 15:09 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll

2014-07-21 15:09 - 2014-07-21 15:09 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2014-07-21 15:09 - 2014-07-21 15:09 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll

2014-07-21 15:09 - 2014-07-21 15:09 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2014-07-21 15:09 - 2014-07-21 15:09 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll

2014-07-21 15:09 - 2014-07-21 15:09 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2014-07-21 15:09 - 2014-07-21 15:09 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll

2014-07-21 15:04 - 2014-07-21 15:04 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll

2014-07-21 15:04 - 2014-07-21 15:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll

2014-06-26 10:07 - 2014-06-26 10:07 - 25112700 _____ () C:\Users\Augustinas\Downloads\Jaunasis vilkas (Season 03) » Filmai online nemokami[via torchbrowser (12).aac

2014-06-26 10:05 - 2014-06-26 10:07 - 122806336 _____ () C:\Users\Augustinas\Downloads\Jaunasis vilkas (Season 03) » Filmai online nemokami[via torchbrowser.com] (12).mp4

2014-06-26 09:22 - 2014-06-26 09:22 - 24759512 _____ () C:\Users\Augustinas\Downloads\Jaunasis vilkas (Season 03) » Filmai online nemokami[via torchbrowser (11).aac

2014-06-26 09:18 - 2014-06-26 09:22 - 123862278 _____ () C:\Users\Augustinas\Downloads\Jaunasis vilkas (Season 03) » Filmai online nemokami[via torchbrowser.com] (11).mp4

2014-06-26 00:00 - 2014-06-26 00:07 - 123775791 _____ () C:\Users\Augustinas\Downloads\Teen_Wolf_S03_E11_Lt_filmai.in.mp4

 

==================== One Month Modified Files and Folders =======

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2014-07-26 10:05 - 2014-07-23 10:22 - 00000000 ____D () C:\FRST

2014-07-26 10:05 - 2014-05-03 21:59 - 00003920 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4107057132-3819047408-2538323704-1000UA

2014-07-26 10:05 - 2014-05-03 21:59 - 00003524 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4107057132-3819047408-2538323704-1000Core

2014-07-26 10:05 - 2014-05-03 21:59 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4107057132-3819047408-2538323704-1000UA.job

2014-07-26 10:05 - 2014-05-03 21:59 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4107057132-3819047408-2538323704-1000Core.job

2014-07-26 10:05 - 2014-03-04 23:22 - 00000000 ____D () C:\Users\Augustinas\Desktop\Apsaugos programos

2014-07-26 10:03 - 2012-11-07 21:06 - 00000000 ____D () C:\Users\Augustinas\AppData\Roaming\uTorrent

2014-07-26 10:03 - 2012-10-08 16:20 - 00000440 _____ () C:\Windows\system32\Drivers\etc\hosts.ics

2014-07-26 10:03 - 2012-09-25 17:20 - 00000000 ____D () C:\Users\Augustinas\AppData\Roaming\Skype

2014-07-26 10:03 - 2012-09-21 19:08 - 00000000 ____D () C:\ProgramData\clear.fi

2014-07-26 10:02 - 2014-07-22 19:42 - 00000560 _____ () C:\Windows\setupact.log

2014-07-26 10:02 - 2014-07-21 20:06 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-07-26 10:02 - 2009-07-14 08:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-07-26 10:01 - 2014-07-22 18:10 - 01787980 _____ () C:\Windows\WindowsUpdate.log

2014-07-26 10:01 - 2012-09-22 06:17 - 00000000 ____D () C:\Users\Augustinas

2014-07-26 10:01 - 2009-07-14 07:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-07-26 10:01 - 2009-07-14 07:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-07-26 09:56 - 2014-07-22 19:42 - 00003008 _____ () C:\Windows\PFRO.log

2014-07-25 22:36 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\system32\NDF

2014-07-25 22:31 - 2012-11-10 18:36 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-07-25 22:12 - 2014-07-21 20:07 - 00000918 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-07-25 21:00 - 2014-06-04 21:54 - 00004042 _____ () C:\Users\Augustinas\AppData\Localtransition_65e2b71b4f2ebb14e85a67e6d9b1a7bf.ini

2014-07-25 20:56 - 2014-02-01 13:19 - 00000000 ____D () C:\Users\Augustinas\Documents\DragonNest

2014-07-25 20:47 - 2014-07-25 20:47 - 00009807 _____ () C:\Users\Augustinas\Desktop\g.txt

2014-07-25 20:34 - 2013-03-04 12:14 - 00000000 ____D () C:\Program Files (x86)\Counter-Strike_1.6

2014-07-25 20:18 - 2014-07-25 20:17 - 00001198 _____ () C:\Users\Augustinas\Desktop\Contig - Shortcut.lnk

2014-07-25 19:53 - 2014-07-25 19:53 - 00104548 _____ () C:\Users\Augustinas\Downloads\Contig.zip

2014-07-25 19:53 - 2014-07-25 19:53 - 00104548 _____ () C:\Users\Augustinas\Downloads\Contig (1).zip

2014-07-25 16:52 - 2013-11-13 22:59 - 00000000 ____D () C:\Users\Augustinas\AppData\Roaming\vlc

2014-07-25 16:33 - 2014-07-25 16:28 - 00000000 ____D () C:\Users\Augustinas\Desktop\foto

2014-07-24 21:55 - 2014-07-24 21:55 - 00000000 ____D () C:\Program Files (x86)\ESET

2014-07-24 20:51 - 2014-07-21 15:27 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-07-24 20:48 - 2014-06-08 17:45 - 00000995 _____ () C:\Users\Public\Desktop\CCleaner.lnk

2014-07-24 20:29 - 2014-07-24 19:03 - 00000000 ____D () C:\Qoobox

2014-07-24 20:28 - 2014-07-24 20:28 - 00024483 _____ () C:\ComboFix.txt

2014-07-24 20:28 - 2009-07-14 06:20 - 00000000 __RHD () C:\Users\Default

2014-07-24 20:24 - 2014-07-24 19:02 - 00000000 ____D () C:\Windows\erdnt

2014-07-24 20:15 - 2009-07-14 05:34 - 00000215 _____ () C:\Windows\system.ini

2014-07-24 19:20 - 2009-07-14 05:34 - 92504064 _____ () C:\Windows\system32\config\software.bak

2014-07-24 19:20 - 2009-07-14 05:34 - 20971520 _____ () C:\Windows\system32\config\system.bak

2014-07-24 19:20 - 2009-07-14 05:34 - 01662976 _____ () C:\Windows\system32\config\default.bak

2014-07-24 19:20 - 2009-07-14 05:34 - 00065536 _____ () C:\Windows\system32\config\sam.bak

2014-07-24 19:20 - 2009-07-14 05:34 - 00032768 _____ () C:\Windows\system32\config\security.bak

2014-07-24 19:10 - 2012-02-23 11:22 - 00000000 ____D () C:\ProgramData\Temp

2014-07-24 11:12 - 2014-07-24 11:09 - 00000000 ____D () C:\AdwCleaner

2014-07-24 11:00 - 2014-03-04 17:34 - 00002213 _____ () C:\Users\Public\Desktop\Advanced SystemCare 7.lnk

2014-07-24 10:59 - 2009-07-14 07:45 - 00431408 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-07-24 10:58 - 2013-03-14 08:26 - 00000000 ____D () C:\Program Files\Microsoft Silverlight

2014-07-24 10:58 - 2013-03-14 08:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight

2014-07-24 10:58 - 2010-11-21 10:17 - 00000000 ____D () C:\Program Files\Windows Journal

2014-07-23 22:11 - 2013-03-14 08:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2014-07-23 22:02 - 2014-07-23 22:01 - 18902270 _____ () C:\Users\Augustinas\Downloads\Nikita (Season 03) » Filmai online nemokami[via torchbrowser.com].mp4.torchdownload

2014-07-23 20:39 - 2014-07-23 20:39 - 80042613 _____ () C:\Users\Augustinas\Downloads\Divergentė - Divergent (2014) » Filmai online nemokami[via torchbrowser.aac

2014-07-23 20:39 - 2014-07-23 19:45 - 420011461 _____ () C:\Users\Augustinas\Downloads\Divergentė - Divergent (2014) » Filmai online nemokami[via torchbrowser.com].mp4

2014-07-23 12:31 - 2014-07-23 12:31 - 00000000 ____D () C:\Users\Augustinas\AppData\Roaming\Steam

2014-07-23 12:29 - 2014-07-23 12:29 - 00000870 _____ () C:\Users\Augustinas\Desktop\The Walking Dead Season 2.lnk

2014-07-23 12:29 - 2014-07-23 12:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Walking Dead Season 2

2014-07-23 12:26 - 2014-05-05 15:26 - 00000000 ____D () C:\Games

2014-07-23 12:26 - 2012-11-09 18:01 - 00000000 ____D () C:\Users\Augustinas\AppData\Roaming\DAEMON Tools Lite

2014-07-23 12:23 - 2014-07-23 10:50 - 00000000 ____D () C:\Users\Augustinas\Downloads\The.Walking.Dead.Season.Two.Episode.4-CODEX

2014-07-23 10:50 - 2014-07-23 10:50 - 00037082 _____ () C:\Users\Augustinas\Downloads\[Torrent.LT]_Zaidimai-PC-The-Walking-Dead-Season-Two-Episode-4-CODEX.torrent

2014-07-22 22:38 - 2014-07-22 22:38 - 24787751 _____ () C:\Users\Augustinas\Downloads\Po kupolu - Under the Dome (Season 02) » Filmai online nemokami[via torchbrowser.aac

2014-07-22 22:38 - 2014-07-22 22:27 - 120609999 _____ () C:\Users\Augustinas\Downloads\Po kupolu - Under the Dome (Season 02) » Filmai online nemokami[via torchbrowser.com].mp4

2014-07-22 22:27 - 2014-07-22 22:16 - 113047860 _____ () C:\Users\Augustinas\Downloads\Po kupolu - Under the Dome (Season 02) » Filmai online nemokami[via torchbrowser.com].mp4.torchdownload

2014-07-22 22:14 - 2014-07-22 22:14 - 26563140 _____ () C:\Users\Augustinas\Downloads\Jaunasis vilkas (Season 04) » Filmai online nemokami[via torchbrowser.aac

2014-07-22 22:14 - 2014-07-22 22:03 - 123665731 _____ () C:\Users\Augustinas\Downloads\Jaunasis vilkas (Season 04) » Filmai online nemokami[via torchbrowser.com].mp4

2014-07-22 19:42 - 2014-07-22 19:42 - 00000000 _____ () C:\Windows\setuperr.log

2014-07-22 18:24 - 2013-07-14 13:33 - 00000000 ____D () C:\Windows\system32\MRT

2014-07-22 18:24 - 2013-02-28 17:44 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-07-22 18:20 - 2012-09-28 16:29 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-07-22 18:05 - 2014-03-25 16:25 - 00000000 ____D () C:\Users\Augustinas\AppData\Local\CrashDumps

2014-07-22 13:35 - 2014-07-22 13:35 - 00000725 _____ () C:\Users\Public\Desktop\Elsword.lnk

2014-07-22 13:35 - 2014-07-22 13:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elsword

2014-07-22 12:50 - 2014-05-08 21:56 - 00000905 _____ () C:\console.log

2014-07-22 11:19 - 2011-10-13 16:26 - 00000000 ____D () C:\Program Files (x86)\McAfee

2014-07-21 22:36 - 2014-07-21 22:36 - 27233609 _____ () C:\Users\Augustinas\Downloads\Nikita (Season 02) » Filmai online nemokami[via torchbrowser (3).aac

2014-07-21 22:36 - 2014-07-21 22:31 - 127845529 _____ () C:\Users\Augustinas\Downloads\Nikita (Season 02) » Filmai online nemokami[via torchbrowser.com] (3).mp4

2014-07-21 22:30 - 2014-07-21 22:30 - 26928812 _____ () C:\Users\Augustinas\Downloads\Nikita (Season 02) » Filmai online nemokami[via torchbrowser (2).aac

2014-07-21 22:30 - 2014-07-21 22:27 - 126898424 _____ () C:\Users\Augustinas\Downloads\Nikita (Season 02) » Filmai online nemokami[via torchbrowser.com] (2).mp4

2014-07-21 22:26 - 2014-07-21 22:26 - 27222241 _____ () C:\Users\Augustinas\Downloads\Nikita (Season 02) » Filmai online nemokami[via torchbrowser (1).aac

2014-07-21 22:26 - 2014-07-21 22:23 - 128012575 _____ () C:\Users\Augustinas\Downloads\Nikita (Season 02) » Filmai online nemokami[via torchbrowser.com] (1).mp4

2014-07-21 22:20 - 2014-07-21 22:20 - 26753196 _____ () C:\Users\Augustinas\Downloads\Nikita (Season 02) » Filmai online nemokami[via torchbrowser.aac

2014-07-21 22:20 - 2014-07-21 22:17 - 126880085 _____ () C:\Users\Augustinas\Downloads\Nikita (Season 02) » Filmai online nemokami[via torchbrowser.com].mp4

2014-07-21 21:18 - 2012-09-21 15:55 - 00000000 ____D () C:\Zaidimai

2014-07-21 21:17 - 2014-07-21 21:17 - 02465832 _____ () C:\Users\Augustinas\Downloads\Elsword_Downloader (1).exe

2014-07-21 20:12 - 2014-06-11 13:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-07-21 20:12 - 2012-11-09 18:07 - 00000000 ____D () C:\Users\Augustinas\AppData\Roaming\Mozilla

2014-07-21 20:11 - 2014-07-21 20:11 - 00002259 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-07-21 20:11 - 2014-07-21 20:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

2014-07-21 20:11 - 2014-07-21 15:34 - 00000000 ____D () C:\Users\Augustinas\Downloads\The.Wolf.Among.Us.Episode.5-CODEX

2014-07-21 20:11 - 2014-06-14 15:59 - 00000000 ____D () C:\Users\Augustinas\Downloads\Spintires-CODEX

2014-07-21 20:07 - 2014-07-21 20:07 - 00003914 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2014-07-21 20:06 - 2014-07-21 20:06 - 00895120 _____ (Google Inc.) C:\Users\Augustinas\Downloads\ChromeSetup.exe

2014-07-21 20:06 - 2014-07-21 20:06 - 00003662 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2014-07-21 20:06 - 2013-01-09 21:34 - 00000000 ____D () C:\Program Files (x86)\Google

2014-07-21 20:05 - 2014-07-21 20:05 - 02465832 _____ () C:\Users\Augustinas\Downloads\Elsword_Downloader.exe

2014-07-21 20:02 - 2014-04-09 20:30 - 00000526 _____ () C:\Users\Augustinas\Documents\Uninstall STAR WARS The Old Republic.log

2014-07-21 19:58 - 2014-03-18 23:47 - 00000000 ____D () C:\Program Files (x86)\Bluetooth Suite

2014-07-21 17:53 - 2014-07-21 17:53 - 00005120 ___SH () C:\Users\Augustinas\Documents\Thumbs.db

2014-07-21 17:40 - 2014-03-08 13:33 - 00000000 ____D () C:\Users\Augustinas\Documents\Telltale Games

2014-07-21 17:29 - 2014-07-21 17:29 - 00000879 _____ () C:\Users\Augustinas\Desktop\The Wolf Among Us Episode 5.lnk

2014-07-21 17:29 - 2014-07-21 17:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Wolf Among Us Episode 5

2014-07-21 16:31 - 2014-07-21 16:31 - 00000000 ____D () C:\ProgramData\Riot Games

2014-07-21 16:27 - 2012-11-10 18:36 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-07-21 16:27 - 2012-11-10 18:36 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-07-21 16:27 - 2011-10-13 16:51 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-07-21 16:21 - 2014-03-05 08:22 - 92504064 _____ () C:\Windows\system32\config\software.iodefrag.bak

2014-07-21 16:21 - 2014-03-05 08:22 - 43982848 _____ () C:\Windows\system32\config\components.iodefrag.bak

2014-07-21 16:21 - 2014-03-05 08:22 - 01662976 _____ () C:\Windows\system32\config\default.iodefrag.bak

2014-07-21 16:21 - 2014-03-05 08:22 - 00065536 _____ () C:\Windows\system32\config\sam.iodefrag.bak

2014-07-21 16:21 - 2014-03-05 08:22 - 00032768 _____ () C:\Windows\system32\config\security.iodefrag.bak

2014-07-21 16:20 - 2014-07-21 16:20 - 00000000 _____ () C:\asc_rdflag

2014-07-21 16:20 - 2011-10-13 16:58 - 00000000 ____D () C:\Windows\Downloaded Installations

2014-07-21 16:19 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism

2014-07-21 16:18 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\system32\Dism

2014-07-21 16:17 - 2013-02-08 15:03 - 00000000 ____D () C:\Users\Augustinas\AppData\Roaming\BitTorrent

2014-07-21 15:31 - 2014-05-14 14:31 - 10603008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe

2014-07-21 15:27 - 2014-07-21 15:27 - 00001110 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-07-21 15:27 - 2014-07-21 15:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-07-21 15:27 - 2014-07-21 15:27 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-07-21 15:27 - 2013-06-21 19:21 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-07-21 15:26 - 2014-07-21 15:22 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Augustinas\Downloads\mbam-setup-2.0.2.1012.exe

2014-07-21 15:15 - 2014-07-21 15:15 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-07-21 15:15 - 2014-07-21 15:15 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe

2014-07-21 15:15 - 2014-07-21 15:15 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe

2014-07-21 15:13 - 2014-07-21 15:13 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-07-21 15:13 - 2014-07-21 15:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-07-21 15:13 - 2014-07-21 15:13 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-07-21 15:13 - 2014-07-21 15:13 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-07-21 15:13 - 2014-07-21 15:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-07-21 15:13 - 2014-07-21 15:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-07-21 15:13 - 2014-07-21 15:13 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-07-21 15:13 - 2014-07-21 15:13 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-07-21 15:13 - 2014-07-21 15:13 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-07-21 15:13 - 2014-07-21 15:13 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-07-21 15:13 - 2014-07-21 15:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-07-21 15:12 - 2014-07-21 15:12 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys

2014-07-21 15:11 - 2014-07-21 15:11 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2014-07-21 15:11 - 2014-07-21 15:11 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2014-07-21 15:11 - 2014-07-21 15:11 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2014-07-21 15:09 - 2014-07-21 15:09 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2014-07-21 15:09 - 2014-07-21 15:09 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2014-07-21 15:09 - 2014-07-21 15:09 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2014-07-21 15:09 - 2014-07-21 15:09 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2014-07-21 15:09 - 2014-07-21 15:09 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll

2014-07-21 15:09 - 2014-07-21 15:09 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll

2014-07-21 15:09 - 2014-07-21 15:09 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2014-07-21 15:09 - 2014-07-21 15:09 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll

2014-07-21 15:09 - 2014-07-21 15:09 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2014-07-21 15:09 - 2014-07-21 15:09 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll

2014-07-21 15:09 - 2014-07-21 15:09 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2014-07-21 15:09 - 2014-07-21 15:09 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll

2014-07-21 15:09 - 2014-07-21 15:09 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2014-07-21 15:09 - 2014-07-21 15:09 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll

2014-07-21 15:04 - 2014-07-21 15:04 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll

2014-07-21 15:04 - 2014-07-21 15:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll

2014-06-26 10:07 - 2014-06-26 10:07 - 25112700 _____ () C:\Users\Augustinas\Downloads\Jaunasis vilkas (Season 03) » Filmai online nemokami[via torchbrowser (12).aac

2014-06-26 10:07 - 2014-06-26 10:05 - 122806336 _____ () C:\Users\Augustinas\Downloads\Jaunasis vilkas (Season 03) » Filmai online nemokami[via torchbrowser.com] (12).mp4

2014-06-26 09:22 - 2014-06-26 09:22 - 24759512 _____ () C:\Users\Augustinas\Downloads\Jaunasis vilkas (Season 03) » Filmai online nemokami[via torchbrowser (11).aac

2014-06-26 09:22 - 2014-06-26 09:18 - 123862278 _____ () C:\Users\Augustinas\Downloads\Jaunasis vilkas (Season 03) » Filmai online nemokami[via torchbrowser.com] (11).mp4

2014-06-26 00:07 - 2014-06-26 00:00 - 123775791 _____ () C:\Users\Augustinas\Downloads\Teen_Wolf_S03_E11_Lt_filmai.in.mp4

 

==================== Bamital & volsnap Check =================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2014-04-02 21:32

 

==================== End Of Log ============================

Link to post
Share on other sites
deeprybka

deeprybka

Posted
Posted

Now run perfect thank you :)

Hi, :)

good!

Java Download: https://www.java.com/

Uninstall Combofix:

Type "combofix /uninstall" in the run box (w7.png+R) and hit enter.

3w7i5uxa.png

That's it! abklatsch.gif

Your logs look clean to me at the moment. icon_thumb.gif

We're gonna clean up everything now, close security holes on your computer and in the end I'll provide you with a list of security tips so you hopefully will not need our help anymore in the future.

My help is free for everybody.

If you want to support me fighting against malware or buy me a beer for the assistance you received, then you can consider a donation: btn_donate_SM.gif

Thank you!

Clean Upcleanupm.PNG

Now we remove all the tools we used (including their logs and quarantine folders), restore your settings and delete old and infected system restorepoints:

  • You can uninstall programs that you had to install (e.g. MBAM or ESET Onlinescanner) in the control panel if you so wish.
  • Download delfix.pngDelFix (by Xplode) and save it to your Desktop.
    • Close all running programs and start delfix.exe.
    • Make sure that all available options are checked.
    • Click on Run
    • DelFix should remove all our tools and delete itself afterwards. I don't need the log file.
  • If there is still something left you can delete it manually.
Closing security holes

Many infections happen via drive-by downloads that run unnoticed in the background while the user visits an infected website. To achieve this malware exploits security holes in installed software (e.g. browser or its plugins). Older versions of such software often have lots of known exploitable holes. Therefor it's very important to always keep your software up-to-date.

The following software is outdated. Make sure you remove all old versions and install the current one instead if you need the program:

Adobe Reader X

Tips

I recommend to read and follow the "16 simple and easy ways to keep your computer safe and secure on the Internet" (Link) by Lawrence Abrams.

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.