Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-05-2015
Ran by GIINOVA (administrator) on GIINOVA-PC on 26-05-2015 17:25:52
Running from C:\Users\GIINOVA\Desktop\frst
Loaded Profiles: GIINOVA (Available Profiles: GIINOVA & Guest)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Infowatch) C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Chris Pietschmann (
http://pietschsoft.com)) C:\Program Files (x86)\Virtual Router\VirtualRouterService.exe
(Connectify) C:\Program Files (x86)\Connectify\ConnectifyService.exe
(Connectify) C:\Program Files (x86)\Connectify\Connectifyd.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(EuroTech Automatic Equipment Co., Ltd.) C:\Program Files (x86)\iFree Skype Recorder\irecorder.exe
(BitTorrent, Inc.) C:\Program Files (x86)\uTorrent\uTorrent.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
() C:\Program Files (x86)\Opera\29.0.1795.60\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Connectify) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-11-11] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKU\S-1-5-21-12834325-137255723-1760620863-1000\...\Run: [HDSoft] => C:\Program Files (x86)\iFree Skype Recorder\irecorder.exe [2489832 2014-12-05] (EuroTech Automatic Equipment Co., Ltd.)
HKU\S-1-5-21-12834325-137255723-1760620863-1000\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [289584 2015-05-19] (BitTorrent, Inc.)
HKU\S-1-5-21-12834325-137255723-1760620863-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-12834325-137255723-1760620863-1000\...\Run: [Mobile Partner] => C:\Program Files (x86)\Ooredoo 4G MyFi\Ooredoo 4G MyFi
ShellIconOverlayIdentifiers: [KAVOverlayIcon] -> {dd230880-495a-11d1-b064-008048ec2fc5} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\shellex.dll [2014-09-03] (Kaspersky Lab ZAO)
ShellIconOverlayIdentifiers-x32: [KAVOverlayIcon] -> {dd230880-495a-11d1-b064-008048ec2fc5} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\shellex.dll [2014-09-03] (Kaspersky Lab ZAO)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-12834325-137255723-1760620863-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-12834325-137255723-1760620863-1000\Software\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-09-03] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-09-03] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-05-21] (Oracle Corporation)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2014-09-03] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-21] (Oracle Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2014-09-03] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-09-03] (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-09-03] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-10-31] (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-09-03] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-31] (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-09-03] (Kaspersky Lab ZAO)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\GIINOVA\AppData\Roaming\Mozilla\Firefox\Profiles\82u3km0r.default
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelogx64.dll [2015-03-10] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-21] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelog.dll [2015-03-10] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-10-31] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-10-31] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Extension: MEGA - C:\Users\GIINOVA\AppData\Roaming\Mozilla\Firefox\Profiles\82u3km0r.default\Extensions\
firefox@mega.co.nz.xpi [2015-03-29]
FF HKLM-x32\...\Firefox\Extensions: [
url_advisor@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\
url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\
url_advisor@kaspersky.com [2014-09-03]
FF HKLM-x32\...\Firefox\Extensions: [
virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\
virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\
virtual_keyboard@kaspersky.com [2014-09-03]
FF HKLM-x32\...\Firefox\Extensions: [
content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\
content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\
content_blocker@kaspersky.com [2014-09-03]
FF HKLM-x32\...\Firefox\Extensions: [
anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\
anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\
anti_banner@kaspersky.com [2014-09-03]
FF HKLM-x32\...\Firefox\Extensions: [
online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\
online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\
online_banking@kaspersky.com [2014-09-03]
FF Extension: No Name - C:\Users\GIINOVA\AppData\Roaming\Mozilla\Firefox\Profiles\82u3km0r.default\extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}.xpi [not found]
FF Extension: No Name - C:\Users\GIINOVA\AppData\Roaming\Mozilla\Firefox\Profiles\82u3km0r.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [not found]
FF Extension: No Name - C:\Users\GIINOVA\AppData\Roaming\Mozilla\Firefox\Profiles\82u3km0r.default\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}.xpi [not found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\urladvisor.crx [2013-11-11]
CHR HKLM-x32\...\Chrome\Extension: [lpoimibckejjdjcfbdnajaicnklhfplh] -
https://chrome.google.com/webstore/detail/lpoimibckejjdjcfbdnajaicnklhfplh
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\ab.crx [2013-11-11]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-11-11] (Kaspersky Lab ZAO)
R2 Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [487936 2014-10-15] (Connectify) []
R2 CSObjectsSrv; C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [818888 2013-09-25] (Infowatch)
S4 D_Link_DWA-125_WPS; C:\Program Files (x86)\D-Link\DWA-125 revA\ANIWConnService.exe [53248 2010-07-12] () []
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2013-10-28] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-20] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-09-07] ()
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5491984 2015-05-20] (TeamViewer GmbH)
R2 Virtual Router; C:\Program Files (x86)\Virtual Router\VirtualRouterService.exe [12288 2013-02-10] (Chris Pietschmann (
http://pietschsoft.com)) []
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 anodlwf; C:\Windows\System32\DRIVERS\anodlwfx.sys [15872 2010-05-29] ()
R0 C95A9BD0; C:\Windows\System32\drivers\C95A9BD0.sys [457824 2015-05-10] (Kaspersky Lab ZAO)
R1 cnnctfy3; C:\Windows\System32\DRIVERS\cnnctfy3.sys [42152 2014-12-11] (Connectify)
R0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [84536 2011-06-02] (Infowatch)
R1 CSVirtualDiskDrv; C:\Windows\System32\DRIVERS\CSVirtualDiskDrv.sys [66616 2011-06-02] (Infowatch)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-09-07] (Disc Soft Ltd)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-09-03] (Kaspersky Lab ZAO)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [92768 2014-09-03] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [628288 2014-09-03] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2014-09-03] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-11-11] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-11-11] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-11-11] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [177864 2015-02-18] (Kaspersky Lab ZAO)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [52832 2014-06-29] (
http://libusb-win32.sourceforge.net)
S3 libusb0; C:\Windows\SysWOW64\DRIVERS\libusb0.sys [52832 2015-02-26] (
http://libusb-win32.sourceforge.net)
R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [107736 2015-04-14] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-26] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R3 netr28ux; C:\Windows\System32\DRIVERS\Dnetr28ux.sys [1617472 2011-04-28] (Ralink Technology Corp.)
R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [206080 2014-10-13] (DEVGURU Co., LTD.(
www.devguru.co.kr))
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
R3 USBMULCD; C:\Windows\System32\drivers\CM10664.sys [1307648 2014-08-30] (C-Media Electronics Inc)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 massfilter_lte; system32\DRIVERS\massfilter_LTE.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 zgdcat; system32\DRIVERS\zgdcat.sys [X]
S3 zgdcdiag; system32\DRIVERS\zgdcdiag.sys [X]
S3 zgdcmdm; system32\DRIVERS\zgdcmdm.sys [X]
S3 zgdcnet; system32\DRIVERS\zgdcnet.sys [X]
S3 zgdcnmea; system32\DRIVERS\zgdcnmea.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-05-26 17:25 - 2015-05-26 17:25 - 02108928 _____ (Farbar) C:\Users\GIINOVA\Downloads\FRST64 (2).exe
2015-05-26 17:25 - 2015-05-26 17:25 - 00000000 ____D () C:\Users\GIINOVA\Desktop\frst
2015-05-26 07:55 - 2015-05-26 08:48 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-05-26 07:54 - 2015-05-26 07:54 - 00000000 ____D () C:\Users\GIINOVA\mbar
2015-05-26 07:51 - 2015-05-26 07:52 - 16502728 _____ (Malwarebytes Corp.) C:\Users\GIINOVA\Downloads\mbar-1.09.1.1004.exe
2015-05-26 07:50 - 2015-05-26 07:51 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\GIINOVA\Downloads\tdsskiller.exe
2015-05-26 07:37 - 2013-10-31 15:18 - 00562368 _____ (Sysinternals -
www.sysinternals.com) C:\Users\GIINOVA\Desktop\RAMMap.exe
2015-05-26 04:36 - 2015-05-26 11:41 - 00000000 ____D () C:\Users\GIINOVA\Downloads\Yu-Gi-Oh! Duel Monsters
2015-05-26 04:34 - 2015-05-26 04:34 - 00033491 _____ () C:\Users\GIINOVA\Downloads\Yu-Gi-Oh Season 0.torrent
2015-05-26 04:15 - 2015-05-26 04:15 - 00009471 _____ () C:\Users\GIINOVA\Documents\infect found.txt
2015-05-26 03:33 - 2015-05-26 03:34 - 02974203 _____ () C:\Users\GIINOVA\Downloads\tumblr_nou9azleS81u8bd6k.mp4
2015-05-26 03:30 - 2015-05-26 03:37 - 12254157 _____ () C:\Users\GIINOVA\Downloads\tumblr_norudjq1AC1ur94e8.mp4
2015-05-26 03:22 - 2015-05-26 03:26 - 11209558 _____ () C:\Users\GIINOVA\Downloads\rebox.NET.2993.zip
2015-05-26 03:19 - 2015-05-26 03:26 - 32321536 _____ () C:\Users\GIINOVA\Downloads\BDtoAVCHD_v2.4.2.msi
2015-05-26 03:06 - 2015-05-26 03:06 - 1192165376 _____ () C:\Users\GIINOVA\Looney.Tunes.E01.1080p.BluRay.REMUX.AVC.DD1.0-RARBG.iso
2015-05-26 03:01 - 2015-05-26 03:08 - 38522618 _____ () C:\Users\GIINOVA\Downloads\multiAVCHD_4.1.exe
2015-05-26 03:00 - 2015-05-26 03:03 - 16753416 _____ () C:\Users\GIINOVA\Downloads\HandBrake-0.10.1-x86_64-Win_GUI.exe
2015-05-26 02:59 - 2015-05-26 03:00 - 02825369 _____ () C:\Users\GIINOVA\Downloads\tsMuxeR_2.6.12.zip
2015-05-26 02:16 - 2015-05-26 02:16 - 00000000 ____D () C:\Users\GIINOVA\.VirtualBox
2015-05-26 02:15 - 2015-05-26 02:15 - 00000601 _____ () C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2015-05-26 02:15 - 2015-05-26 02:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2015-05-26 02:15 - 2014-03-26 19:01 - 00254240 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2015-05-26 02:15 - 2014-03-26 19:00 - 00128288 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2015-05-26 00:19 - 2015-05-26 00:29 - 107394336 _____ (Oracle Corporation) C:\Users\GIINOVA\Downloads\VirtualBox-4.3.10-93012-Win.exe
2015-05-25 23:51 - 2015-05-25 23:52 - 02347384 _____ (ESET) C:\Users\GIINOVA\Downloads\esetsmartinstaller_enu.exe
2015-05-25 23:49 - 2015-05-25 23:49 - 00001670 _____ () C:\Users\GIINOVA\Downloads\FSS.txt
2015-05-25 23:31 - 2015-05-25 23:46 - 00000000 ____D () C:\ProgramData\RogueKiller
2015-05-25 23:31 - 2015-05-25 23:31 - 00037624 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-05-25 23:28 - 2015-05-25 23:28 - 02108928 _____ (Farbar) C:\Users\GIINOVA\Downloads\FRST64 (1).exe
2015-05-25 23:24 - 2015-05-25 23:25 - 00045602 _____ () C:\Users\GIINOVA\Downloads\Addition.txt
2015-05-25 23:23 - 2015-05-25 23:25 - 00065881 _____ () C:\Users\GIINOVA\Downloads\FRST.txt
2015-05-25 23:19 - 2015-05-25 23:19 - 00095484 _____ () C:\Users\GIINOVA\Downloads\Extras.Txt
2015-05-25 23:18 - 2015-05-25 23:18 - 00124868 _____ () C:\Users\GIINOVA\Downloads\OTL.Txt
2015-05-25 23:13 - 2015-05-26 17:25 - 00000000 ____D () C:\FRST
2015-05-25 23:11 - 2015-05-25 23:12 - 02108928 _____ (Farbar) C:\Users\GIINOVA\Downloads\FRST64.exe
2015-05-25 22:50 - 2015-05-25 22:50 - 00602112 _____ (OldTimer Tools) C:\Users\GIINOVA\Downloads\OTL.exe
2015-05-25 22:47 - 2015-05-25 22:48 - 02223104 _____ () C:\Users\GIINOVA\Downloads\adwcleaner_4.205 (1).exe
2015-05-25 22:39 - 2015-05-25 22:42 - 00000000 ____D () C:\AdwCleaner
2015-05-25 19:09 - 2015-05-25 19:09 - 02223104 _____ () C:\Users\GIINOVA\Downloads\adwcleaner_4.205.exe
2015-05-25 16:55 - 2015-05-25 16:55 - 00018895 _____ () C:\ComboFix.txt
2015-05-25 16:36 - 2015-05-25 16:36 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\GIINOVA\Downloads\rkill.exe
2015-05-25 16:34 - 2015-05-25 16:36 - 20781656 _____ () C:\Users\GIINOVA\Downloads\RogueKillerX64.exe
2015-05-25 16:34 - 2015-05-25 16:35 - 05198336 _____ (AVAST Software) C:\Users\GIINOVA\Downloads\aswMBR.exe
2015-05-25 16:33 - 2015-05-25 16:55 - 00000000 ____D () C:\Qoobox
2015-05-25 16:33 - 2015-05-25 16:55 - 00000000 ____D () C:\ComboFix
2015-05-25 16:33 - 2015-05-25 16:34 - 00000111 _____ () C:\Users\GIINOVA\Documents\fix computer.txt
2015-05-25 16:33 - 2011-06-26 09:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-05-25 16:33 - 2010-11-07 20:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-05-25 16:33 - 2009-04-20 07:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-05-25 16:33 - 2000-08-31 03:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-05-25 16:33 - 2000-08-31 03:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-05-25 16:33 - 2000-08-31 03:00 - 00098816 _____ () C:\Windows\sed.exe
2015-05-25 16:33 - 2000-08-31 03:00 - 00080412 _____ () C:\Windows\grep.exe
2015-05-25 16:33 - 2000-08-31 03:00 - 00068096 _____ () C:\Windows\zip.exe
2015-05-25 16:30 - 2015-05-25 16:54 - 00000000 ____D () C:\Windows\erdnt
2015-05-25 16:30 - 2015-05-25 16:30 - 00415232 _____ (Farbar) C:\Users\GIINOVA\Downloads\FSS.exe
2015-05-25 16:28 - 2015-05-25 16:29 - 05628291 ____R (Swearware) C:\Users\GIINOVA\Downloads\ComboFix.exe
2015-05-25 16:15 - 2015-05-25 16:15 - 00276267 _____ () C:\Users\GIINOVA\Downloads\RAMMap.zip
2015-05-24 23:31 - 2015-05-24 23:32 - 06131182 _____ () C:\Users\GIINOVA\Downloads\The.Road.2009.1080p.BDRemux.DTS-MA.H264.Rus.Eng.nzb
2015-05-24 10:20 - 2015-05-25 22:12 - 00000000 ____D () C:\Users\GIINOVA\Downloads\Yu-Gi-Oh! Complete + Capsule Monsters + Movie
2015-05-24 10:07 - 2015-05-24 10:07 - 01190415 _____ () C:\Users\GIINOVA\Downloads\ProcessExplorer (2).zip
2015-05-24 10:06 - 2015-05-24 10:06 - 00001071 _____ () C:\Users\Public\Desktop\Notepad++.lnk
2015-05-24 10:04 - 2015-05-24 10:04 - 00305664 _____ (Secure By Design Inc.) C:\Users\GIINOVA\Downloads\NiniteProTrial.exe
2015-05-24 10:00 - 2015-05-24 10:00 - 00001062 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2015-05-24 10:00 - 2015-05-24 10:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-05-24 09:56 - 2015-05-24 09:56 - 00305664 _____ (Secure By Design Inc.) C:\Users\GIINOVA\Downloads\Ninite VLC Installer.exe
2015-05-24 09:56 - 2015-05-24 09:56 - 00305664 _____ (Secure By Design Inc.) C:\Users\GIINOVA\Downloads\Ninite Chrome Installer.exe
2015-05-24 09:45 - 2015-05-24 09:49 - 40403256 _____ () C:\Users\GIINOVA\Downloads\Skype 7.4.32.102 silent.exe
2015-05-24 05:29 - 2015-05-24 05:31 - 08184300 _____ () C:\Users\GIINOVA\Downloads\TrueAncestor_PKG_Repacker_2.00.zip
2015-05-24 03:47 - 2015-05-24 07:36 - 3320903680 _____ () C:\Users\GIINOVA\Downloads\en_windows_7_ultimate_with_sp1_x64_dvd_u_677332.iso
2015-05-24 03:43 - 2015-05-24 03:43 - 00000621 _____ () C:\Users\GIINOVA\Documents\productkey.vbs
2015-05-24 03:36 - 2015-05-24 03:37 - 02210270 _____ () C:\Users\GIINOVA\Downloads\wsusoffline954.zip
2015-05-23 22:58 - 2015-05-23 23:04 - 29833438 _____ () C:\Users\GIINOVA\Downloads\vlc-2.2.1-win64.exe
2015-05-23 22:49 - 2015-05-23 22:49 - 00785532 _____ () C:\Users\GIINOVA\Downloads\ussf.zip
2015-05-23 22:44 - 2015-05-23 22:44 - 00000000 ____D () C:\Users\GIINOVA\AppData\Local\Supremus Corporation