Logi z FRST? Czyli co? Dodano po 5 : Ahaa, ale właśnie nie wiem, jak dać te załączniki tu teraz? Dodano po 1 : To jest to, tak?
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-06-2015
Ran by User (administrator) on USER-KOMPUTER on 17-06-2015 22:08:29
Running from C:\Users\User\Desktop
Loaded Profiles: User (Available Profiles: User)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Polski (Polska)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ALWIL Software) C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
(ALWIL Software) C:\Program Files\Alwil Software\Avast4\ashServ.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ALWIL Software) C:\Program Files\Alwil Software\Avast4\ashDisp.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(TMRG, Inc.) C:\Program Files\RelevantKnowledge\rlservice.exe
(ALWIL Software) C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
(ALWIL Software) C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
(TMRG, Inc.) C:\Program Files\RelevantKnowledge\rlvknlg.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(TMRG, Inc.) C:\Program Files\RelevantKnowledge\rlvknlg32.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ROC_ROC_NT] = & gt; " C:\Program Files\AVG Secure Search\ROC_ROC_NT.exe " / /PROMPT /CMPID=ROC_NT
HKLM\...\Run: [YouCam Service] = & gt; " C:\Program Files\CyberLink\YouCam\YouCamService.exe " /s
HKLM\...\Run: [20131121] = & gt; C:\Program Files\AVAST Software\Avast\setup\emupdate\fe478382-a1c2-4175-95e5-20076114d73b.exe /check
HKLM\...\Run: [mobilegeni daemon] = & gt; C:\Program Files\Mobogenie\DaemonProcess.exe
HKLM\...\Run: [avast!] = & gt; C:\Program Files\Alwil Software\Avast4\ashDisp.exe [79224 2008-05-16] (ALWIL Software)
HKLM\...\Run: [SunJavaUpdateSched] = & gt; C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKU\S-1-5-21-1802842638-3086310132-1329171258-1000\...\Run: [IPLA!] = & gt; C:\Program Files\ipla\ipla.exe [21360736 2014-12-12] (Redefine Sp z o.o.)
HKU\S-1-5-21-1802842638-3086310132-1329171258-1000\...\Run: [ChicaPasswordManager] = & gt; " C:\Program Files\ChicaLogic\Chica Password Manager\stpass.exe " /autorunned
HKU\S-1-5-21-1802842638-3086310132-1329171258-1000\...\Run: [NextLive] = & gt; C:\Windows\system32\rundll32.exe " C:\Users\User\AppData\Roaming\newnext.me\nengine.dll " ,EntryPoint -m l
HKU\S-1-5-21-1802842638-3086310132-1329171258-1000\...\Run: [Skype] = & gt; C:\Program Files\Skype\Phone\Skype.exe [22067296 2014-10-01] (Skype Technologies S.A.)
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2012-10-26]
ShortcutTarget: McAfee Security Scan Plus.lnk - & gt; C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
HKLM\...\AppCertDlls: [x64] - & gt; c:\program files\browser tab search by ask\safetynut\x64\safetycrt.dll
ShellIconOverlayIdentifiers: [00avast] - & gt; {472083B0-C522-11CF-8763-00608CC02F24} = & gt; C:\Program Files\Alwil Software\Avast4\ashShell.dll [2008-05-16] (ALWIL Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl/0,0.html?p=180 & d=20140605
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKU\S-1-5-21-1802842638-3086310132-1329171258-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl/0,0.html?p=180 & d=20140605
SearchScopes: HKLM - & gt; {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = http://dts.search.ask.com/sr?src=ieb & gct=ds & appid=128 & systemid=488 & v=a12834-369 & apn_uid=4250173480734242 & apn_dtid=TCH001 & o=APN11459 & apn_ptnrs=AG1 & q={searchTerms}
SearchScopes: HKU\.DEFAULT - & gt; {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
SearchScopes: HKU\S-1-5-21-1802842638-3086310132-1329171258-1000 - & gt; {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www2.delta-search.com/?q={searchTerms} & babsrc=SP_ss & mntrId=F8CB0024D2EA5B76 & affID=119357 & tt=080913_nch & tsp=5000
SearchScopes: HKU\S-1-5-21-1802842638-3086310132-1329171258-1000 - & gt; {672C580A-8B27-480F-A3AC-99424EA05694} URL = http://websearch.ask.com/redirect?client=ie & tb=CLM & o=15427 & src=kw & q={searchTerms} & locale= & apn_ptnrs=^LE & apn_dtid=^YYYYYY^YY^PL & apn_uid=e2fa8179-731e-46cb-95d0-7acfaef0b681 & apn_sauid=94689BE1-D220-49A5-8EF3-D0F9C95E56AF
SearchScopes: HKU\S-1-5-21-1802842638-3086310132-1329171258-1000 - & gt; {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = http://dts.search.ask.com/sr?src=ieb & gct=ds & appid=128 & systemid=488 & v=a12834-369 & apn_uid=4250173480734242 & apn_dtid=TCH001 & o=APN11459 & apn_ptnrs=AG1 & q={searchTerms}
BHO: MSS+ Identifier - & gt; {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - & gt; C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO: Java(tm) Plug-In SSV Helper - & gt; {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - & gt; C:\Program Files\Java\jre7\bin\ssv.dll [2014-07-11] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer - & gt; {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - & gt; C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - & gt; {DBC80044-A445-435b-BC74-9C25C1C588A9} - & gt; C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-07-11] (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 62.179.1.62 62.179.1.63
FireFox:
========
FF Plugin: @ganymede/GanymedeNetPlugin,version=1.0 - & gt; C:\Program Files\Ganymede\Plugins\npganymedenet.dll [2012-07-25] ( )
FF Plugin: @java.com/DTPlugin,version=10.65.2 - & gt; C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-11] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.65.2 - & gt; C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-07-11] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - & gt; disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - & gt; C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - & gt; C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 - & gt; C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-20] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - & gt; C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-20] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}] - C:\Program Files\RelevantKnowledge\firefox
FF Extension: RelevantKnowledge - C:\Program Files\RelevantKnowledge\firefox [2015-03-04]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
Chrome:
=======
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR HKLM\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
CHR HKLM\...\Chrome\Extension: [mkndcbhcgphcfkkddanakjiepeknbgle] - C:\Program Files\RelevantKnowledge\rlcm.crx [2015-03-04]
Opera:
=======
OPR Extension: (RelevantKnowledge) - C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle [2015-03-04]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswUpdSv; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [17272 2008-05-16] (ALWIL Software)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [144760 2008-05-16] (ALWIL Software)
R3 avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [247160 2008-05-16] (ALWIL Software)
R3 avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [349560 2008-05-16] (ALWIL Software)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
R2 RelevantKnowledge; C:\Program Files\RelevantKnowledge\rlservice.exe [213784 2015-03-05] (TMRG, Inc.) & lt; ==== ATTENTION
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation)
S2 Update Greener Web; " C:\Program Files\Greener Web\updateGreenerWeb.exe " [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswFsBlk; C:\Windows\System32\DRIVERS\aswFsBlk.sys [20560 2008-05-16] (ALWIL Software)
R2 aswMonFlt; C:\Windows\System32\DRIVERS\aswMonFlt.sys [50768 2008-05-16] (ALWIL Software)
R1 aswRdr; C:\Windows\system32\Drivers\aswRdr.sys [23152 2008-05-16] (ALWIL Software)
R1 aswSP; C:\Windows\system32\Drivers\aswSP.sys [78416 2008-05-16] (ALWIL Software)
R1 aswTdi; C:\Windows\system32\Drivers\aswTdi.sys [42912 2008-05-16] (ALWIL Software)
S2 WCMVCAM; C:\Windows\System32\DRIVERS\wcmvcam.sys [1068216 2012-04-15] (Windows (R) Win 7 DDK provider)
R1 {a3f28269-ad17-41a8-b032-3e0313ef8979}Gw; C:\Windows\System32\drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw.sys [52824 2014-06-05] (StdLib)
R1 {a3f28269-ad17-41a8-b032-3e0313ef8979}w; C:\Windows\System32\drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}w.sys [52824 2014-06-06] (StdLib)
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-17 22:08 - 2015-06-17 22:09 - 00012778 _____ C:\Users\User\Desktop\FRST.txt
2015-06-17 22:08 - 2015-06-17 22:08 - 00000000 ___DC C:\FRST
2015-06-17 22:07 - 2015-06-17 22:07 - 01148416 _____ (Farbar) C:\Users\User\Desktop\FRST.exe
2015-06-17 20:11 - 2015-06-17 20:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge
2015-06-14 10:06 - 2015-06-15 22:44 - 00000000 ____D C:\Users\User\Desktop\Nowy folder (7)
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-17 21:56 - 2012-08-26 19:30 - 00001036 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-17 21:05 - 2009-07-14 06:34 - 00028528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-17 21:05 - 2009-07-14 06:34 - 00028528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-17 20:55 - 2012-10-26 23:09 - 00000000 ____D C:\Users\User\AppData\Local\Adobe
2015-06-17 19:25 - 2012-10-26 23:08 - 00000000 ___DC C:\Program Files\Common Files\Adobe
2015-06-17 19:25 - 2012-08-26 19:29 - 00000000 ____D C:\ProgramData\Adobe
2015-06-17 16:08 - 2012-08-26 21:40 - 00000000 ____D C:\Users\User\AppData\Roaming\Skype
2015-06-17 16:07 - 2012-08-26 13:36 - 01051989 _____ C:\Windows\WindowsUpdate.log
2015-06-17 16:06 - 2012-11-28 17:56 - 00000000 ____D C:\Program Files\RelevantKnowledge
2015-06-17 16:04 - 2013-03-11 19:16 - 00000000 ____D C:\Users\User\AppData\Roaming\ipla
2015-06-17 16:04 - 2012-08-26 19:30 - 00001032 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-17 16:04 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-17 16:03 - 2009-07-14 06:39 - 00148333 _____ C:\Windows\setupact.log
2015-06-15 19:32 - 2014-06-29 16:12 - 00000000 ____D C:\Users\User\Desktop\Muzyka
2015-06-10 21:48 - 2009-07-14 06:53 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-06-07 18:21 - 2013-03-11 19:16 - 00000000 ____D C:\ProgramData\ipla
2015-05-31 11:27 - 2013-02-05 23:24 - 00000000 ___DC C:\Program Files\Conduit
2015-05-25 17:57 - 2012-08-26 21:40 - 00000000 ___RD C:\Program Files\Skype
==================== Files in the root of some directories =======
2013-12-13 23:48 - 2013-12-13 23:48 - 0002791 _____ () C:\Users\User\AppData\Local\recently-used.xbel
Files to move or delete:
====================
C:\Users\User\billiards_install_1_0_2_5.exe
C:\Users\User\ggsetup.exe
Some files in TEMP:
====================
C:\Users\User\AppData\Local\Temp\A23B.exe
C:\Users\User\AppData\Local\Temp\ggdrive-menu.exe
C:\Users\User\AppData\Local\Temp\ggdrive-overlay.exe
C:\Users\User\AppData\Local\Temp\ICReinstall_Adobe Flash Player 18.exe
C:\Users\User\AppData\Local\Temp\ICReinstall_Adobe-Flash-Player(13091)-dp.exe
C:\Users\User\AppData\Local\Temp\ICReinstall_CCleaner(13061)-dp.exe
C:\Users\User\AppData\Local\Temp\ICReinstall_KLite-Codec-Pack(13137)-dp.exe
C:\Users\User\AppData\Local\Temp\ICReinstall_Opera(12614)-dp.exe
C:\Users\User\AppData\Local\Temp\installstats.exe
C:\Users\User\AppData\Local\Temp\ipl10A2.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl1110.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl12C4.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl12E4.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl15E0.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl160F.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl19C6.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl1F04.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl1F14.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl207A.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl20A9.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl2155.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl2480.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl29CD.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl2A0C.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl2B73.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl2C2E.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl318B.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl3265.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl3468.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl34B6.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl38AC.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl3909.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl3BD7.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl3DE9.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl4105.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl424.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl42C9.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl4327.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl493F.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl4C3B.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl4D16.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl510C.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl530E.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl53CA.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl58C9.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl6009.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl6306.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl6334.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl6BDC.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl6DB0.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl711E.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl7197.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl7416.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl7456.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl7A5D.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl7ACA.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl8352.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl83A0.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl83EE.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl8738.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl8BCA.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl8BDA.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl9127.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl9201.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl92AD.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl9462.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl959A.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl96C3.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl979D.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl980A.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl9839.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl9858.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl98C5.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl999F.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl9A4B.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl9A5B.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl9AD0.tmp.exe
C:\Users\User\AppData\Local\Temp\ipl9F89.tmp.exe
C:\Users\User\AppData\Local\Temp\iplA4E5.tmp.exe
C:\Users\User\AppData\Local\Temp\iplA6FA.tmp.exe
C:\Users\User\AppData\Local\Temp\iplA830.tmp.exe
C:\Users\User\AppData\Local\Temp\iplAD9C.tmp.exe
C:\Users\User\AppData\Local\Temp\iplAE77.tmp.exe
C:\Users\User\AppData\Local\Temp\iplB55.tmp.exe
C:\Users\User\AppData\Local\Temp\iplB7C9.tmp.exe
C:\Users\User\AppData\Local\Temp\iplB94.tmp.exe
C:\Users\User\AppData\Local\Temp\iplB9FB.tmp.exe
C:\Users\User\AppData\Local\Temp\iplC562.tmp.exe
C:\Users\User\AppData\Local\Temp\iplC573.tmp.exe
C:\Users\User\AppData\Local\Temp\iplC65A.tmp.exe
C:\Users\User\AppData\Local\Temp\iplC715.tmp.exe
C:\Users\User\AppData\Local\Temp\iplCB2A.tmp.exe
C:\Users\User\AppData\Local\Temp\iplD3D1.tmp.exe
C:\Users\User\AppData\Local\Temp\iplD48.tmp.exe
C:\Users\User\AppData\Local\Temp\iplD49.tmp.exe
C:\Users\User\AppData\Local\Temp\iplD9BB.tmp.exe
C:\Users\User\AppData\Local\Temp\iplDC98.tmp.exe
C:\Users\User\AppData\Local\Temp\iplDE4.tmp.exe
C:\Users\User\AppData\Local\Temp\iplDEC9.tmp.exe
C:\Users\User\AppData\Local\Temp\iplE42.tmp.exe
C:\Users\User\AppData\Local\Temp\iplE4CA.tmp.exe
C:\Users\User\AppData\Local\Temp\iplEC41.tmp.exe
C:\Users\User\AppData\Local\Temp\iplEDE.tmp.exe
C:\Users\User\AppData\Local\Temp\iplEFD.tmp.exe
C:\Users\User\AppData\Local\Temp\iplF90D.tmp.exe
C:\Users\User\AppData\Local\Temp\iplF9A9.tmp.exe
C:\Users\User\AppData\Local\Temp\iplFB31.tmp.exe
C:\Users\User\AppData\Local\Temp\iplFBFA.tmp.exe
C:\Users\User\AppData\Local\Temp\iplFD13.tmp.exe
C:\Users\User\AppData\Local\Temp\iplFE5A.tmp.exe
C:\Users\User\AppData\Local\Temp\iplFEF6.tmp.exe
C:\Users\User\AppData\Local\Temp\setup_fsu_cid.exe
C:\Users\User\AppData\Local\Temp\SkypeSetup.exe
C:\Users\User\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\User\AppData\Local\Temp\tbuTor.dll
C:\Users\User\AppData\Local\Temp\uninst1.exe
C:\Users\User\AppData\Local\Temp\utt1610.tmp.exe
C:\Users\User\AppData\Local\Temp\utt308D.tmp.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe = & gt; File is digitally signed
C:\Windows\system32\winlogon.exe = & gt; File is digitally signed
C:\Windows\system32\wininit.exe = & gt; File is digitally signed
C:\Windows\system32\svchost.exe = & gt; File is digitally signed
C:\Windows\system32\services.exe = & gt; File is digitally signed
C:\Windows\system32\User32.dll = & gt; File is digitally signed
C:\Windows\system32\userinit.exe = & gt; File is digitally signed
C:\Windows\system32\rpcss.dll = & gt; File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys = & gt; File is digitally signed
LastRegBack: 2012-11-25 18:28
==================== End of log ============================