Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-02-2014 Ran by Dom (administrator) on DOM-KOMPUTER on 08-02-2014 17:01:07 Running from C:\Users\Dom\Desktop\Awesomehp Windows 7 Ultimate Service Pack 1 (X64) OS Language: Polish Internet Explorer Version 8 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software) C:\Program Files\Alwil Software\Avast5\afwServ.exe () C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ServiceManager.exe () C:\Windows\vsnp325.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe () C:\Windows\tsnp325.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe () C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ModemListener.exe (AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [snp325] - C:\Windows\vsnp325.exe [835584 2007-05-10] () HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.) HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2013-03-29] (Realtek Semiconductor) HKLM-x32\...\Run: [tsnp325] - C:\Windows\tsnp325.exe [270336 2007-04-21] () HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [20131121] - C:\Program Files\Alwil Software\Avast5\setup\emupdate\dbefc579-5b95-4a08-926d-43e6f9c08291.exe [180184 2013-11-23] (AVAST Software) HKLM-x32\...\Run: [CCS Poland Imola ModemListener] - C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ModemListener.exe [109120 2012-03-14] () HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-06-25] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3767096 2014-02-07] (AVAST Software) HKU\S-1-5-21-1679762852-198174151-2476902109-1001\...\MountPoints2: {d39be915-8ca7-11e3-a5e5-bc5ff4d03e86} - L:\HTC_Sync_Manager_PC.exe ==================== Internet (Whitelisted) ==================== BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg64.dll (Google Inc.) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO-x32: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: IplexToALLPlayer - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files (x86)\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.1.10 FireFox: ======== FF ProfilePath: C:\Users\Dom\AppData\Roaming\Mozilla\Firefox\Profiles\ew895b3c.default-1391725642404 FF Homepage: about:home FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll () FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Extension: Skype extension - C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2014-02-07] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2012-06-21] Chrome: ======= CHR HomePage: hxxp://www.awesomehp.com/?type=hp&ts=1391718086&from=amt&uid=WDCXWD3200AAKS-00VYA0_WD-WCARW337920779207 CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll () CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation) CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation) CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) CHR Plugin: (Java(TM) Platform SE 7 U45) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.) CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll () CHR Extension: (No Name) - C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml [2014-02-06] CHR Extension: (Google Wallet) - C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-07] ==================== Services (Whitelisted) ================= R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2014-02-07] (AVAST Software) R2 avast! Firewall; C:\Program Files\Alwil Software\Avast5\afwServ.exe [113704 2014-02-07] (AVAST Software) R2 CCS_Poland Imola Modem Device Helper; C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ServiceManager.exe [53312 2012-03-14] () ==================== Drivers (Whitelisted) ==================== R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-02-07] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-02-07] (AVAST Software) R1 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [440672 2014-02-07] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2014-02-07] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-02-07] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-02-07] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-02-07] (AVAST Software) R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [80184 2014-02-07] (AVAST Software) R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2014-01-22] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-02-07] () S3 jrdusbser; C:\Windows\System32\DRIVERS\jrdusbser.sys [120832 2011-06-20] (TCT International Mobile Ltd) R0 PCTCore; C:\Windows\System32\drivers\PCTCore64.sys [254624 2010-08-18] (PC Tools) R0 pctDS; C:\Windows\System32\drivers\pctDS64.sys [452872 2010-06-29] (PC Tools) R0 pctEFA; C:\Windows\System32\drivers\pctEFA64.sys [816016 2010-07-16] (PC Tools) R3 SNP325; C:\Windows\System32\DRIVERS\snp325.sys [10733184 2007-11-22] (Sonix Co. Ltd.) S0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2010-07-14] (Duplex Secure Ltd.) S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-02-08 17:00 - 2014-02-08 17:00 - 00006306 _____ () C:\Users\Dom\Desktop\sc-cleaner.txt 2014-02-08 16:59 - 2014-02-08 17:00 - 00006306 _____ () C:\sc-cleaner.txt 2014-02-08 16:51 - 2014-02-08 16:52 - 00000000 ____D () C:\AdwCleaner 2014-02-08 16:50 - 2014-02-08 16:50 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\Dom\Desktop\sc-cleaner.exe 2014-02-08 16:48 - 2014-02-08 16:49 - 01166132 _____ () C:\Users\Dom\Desktop\adwcleaner.exe 2014-02-08 16:29 - 2014-02-08 16:29 - 00000000 ____D () C:\Users\Dom\AppData\Roaming\newnext.me 2014-02-07 22:40 - 2014-02-08 17:01 - 00000000 ____D () C:\Users\Dom\Desktop\Awesomehp 2014-02-07 21:17 - 2014-02-08 17:01 - 00000000 ____D () C:\FRST 2014-02-07 20:50 - 2014-02-07 20:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-02-07 19:59 - 2014-02-07 19:59 - 00001977 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk 2014-02-07 19:52 - 2014-02-08 16:34 - 00212564 _____ () C:\Windows\PFRO.log 2014-02-07 19:52 - 2014-02-07 19:52 - 00000000 ____D () C:\Users\Dom\AppData\Roaming\AVAST Software 2014-02-07 19:50 - 2014-02-07 19:50 - 00002043 _____ () C:\Users\Public\Desktop\avast! SafeZone.lnk 2014-02-07 19:49 - 2014-02-07 19:49 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2014-02-07 19:44 - 2014-01-22 15:52 - 00270824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdis2.sys 2014-02-07 19:43 - 2014-01-22 15:52 - 00131232 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFW.sys 2014-02-07 14:43 - 2014-02-08 16:54 - 00000392 _____ () C:\Windows\setupact.log 2014-02-07 14:43 - 2014-02-07 14:43 - 00000000 _____ () C:\Windows\setuperr.log 2014-02-06 23:40 - 2014-02-06 23:40 - 04721920 _____ (Piriform Ltd) C:\Users\Dom\Downloads\ccsetup410.exe 2014-02-06 23:40 - 2014-02-06 23:40 - 00002768 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2014-02-06 23:40 - 2014-02-06 23:40 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-02-06 23:40 - 2014-02-06 23:40 - 00000000 ____D () C:\Program Files\CCleaner 2014-02-06 23:26 - 2014-02-06 23:27 - 00000000 ____D () C:\Users\Dom\Desktop\Stare dane programu Firefox 2014-01-31 15:54 - 2014-01-31 19:13 - 00056603 _____ () C:\Users\Dom\Desktop\Piłka (telefon).xlsx 2014-01-31 15:46 - 2014-01-31 19:21 - 00227081 _____ () C:\Users\Dom\Desktop\Piłka (domowy).xlsx 2014-01-22 18:50 - 2014-01-26 21:39 - 00046531 _____ () C:\Users\Dom\Desktop\Lista członków NSZZ.xlsx 2014-01-22 18:49 - 2014-02-07 20:03 - 00000000 ____D () C:\Users\Dom\Desktop\Kolorowanki ==================== One Month Modified Files and Folders ======= 2014-02-08 17:01 - 2014-02-07 22:40 - 00000000 ____D () C:\Users\Dom\Desktop\Awesomehp 2014-02-08 17:01 - 2014-02-07 21:17 - 00000000 ____D () C:\FRST 2014-02-08 17:01 - 2010-11-22 22:01 - 00001042 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-02-08 17:00 - 2014-02-08 17:00 - 00006306 _____ () C:\Users\Dom\Desktop\sc-cleaner.txt 2014-02-08 17:00 - 2014-02-08 16:59 - 00006306 _____ () C:\sc-cleaner.txt 2014-02-08 16:59 - 2010-06-10 19:00 - 00001451 _____ () C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-02-08 16:59 - 2010-06-10 19:00 - 00001417 _____ () C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk 2014-02-08 16:58 - 2013-03-24 21:00 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-02-08 16:54 - 2014-02-07 14:43 - 00000392 _____ () C:\Windows\setupact.log 2014-02-08 16:54 - 2010-11-22 22:01 - 00001038 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-02-08 16:54 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-02-08 16:53 - 2010-06-10 18:04 - 01858419 _____ () C:\Windows\WindowsUpdate.log 2014-02-08 16:52 - 2014-02-08 16:51 - 00000000 ____D () C:\AdwCleaner 2014-02-08 16:50 - 2014-02-08 16:50 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\Dom\Desktop\sc-cleaner.exe 2014-02-08 16:49 - 2014-02-08 16:48 - 01166132 _____ () C:\Users\Dom\Desktop\adwcleaner.exe 2014-02-08 16:42 - 2009-07-14 05:45 - 00010560 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-02-08 16:42 - 2009-07-14 05:45 - 00010560 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-02-08 16:34 - 2014-02-07 19:52 - 00212564 _____ () C:\Windows\PFRO.log 2014-02-08 16:29 - 2014-02-08 16:29 - 00000000 ____D () C:\Users\Dom\AppData\Roaming\newnext.me 2014-02-08 16:29 - 2010-06-10 18:58 - 00000000 ____D () C:\Users\Dom 2014-02-08 00:13 - 2012-07-07 11:11 - 00004184 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-02-08 00:12 - 2012-05-06 13:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-02-07 20:50 - 2014-02-07 20:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-02-07 20:03 - 2014-01-22 18:49 - 00000000 ____D () C:\Users\Dom\Desktop\Kolorowanki 2014-02-07 19:59 - 2014-02-07 19:59 - 00001977 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk 2014-02-07 19:52 - 2014-02-07 19:52 - 00000000 ____D () C:\Users\Dom\AppData\Roaming\AVAST Software 2014-02-07 19:50 - 2014-02-07 19:50 - 00002043 _____ () C:\Users\Public\Desktop\avast! SafeZone.lnk 2014-02-07 19:49 - 2014-02-07 19:49 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2014-02-07 19:49 - 2013-05-20 18:52 - 00207904 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2014-02-07 19:49 - 2013-05-20 18:52 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2014-02-07 19:49 - 2012-08-29 09:20 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys 2014-02-07 19:49 - 2012-06-21 08:14 - 01038072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2014-02-07 19:49 - 2012-06-21 08:14 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2014-02-07 19:49 - 2012-06-21 08:14 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2014-02-07 19:49 - 2010-10-21 10:55 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2014-02-07 19:49 - 2010-10-21 10:55 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2014-02-07 19:49 - 2010-10-21 10:54 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-02-07 19:48 - 2013-05-20 18:52 - 00440672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys 2014-02-07 19:44 - 2012-06-21 08:13 - 00000000 ____D () C:\ProgramData\AVAST Software 2014-02-07 19:43 - 2010-10-21 10:55 - 00000000 _____ () C:\Windows\SysWOW64\config.nt 2014-02-07 14:43 - 2014-02-07 14:43 - 00000000 _____ () C:\Windows\setuperr.log 2014-02-06 23:44 - 2012-01-15 00:25 - 00000000 ____D () C:\Users\Dom\AppData\Roaming\Media Player Classic 2014-02-06 23:44 - 2011-07-24 10:38 - 00000000 ____D () C:\Windows\Minidump 2014-02-06 23:44 - 2011-07-15 17:37 - 00000000 ____D () C:\Users\Dom\AppData\Local\BearShare 2014-02-06 23:44 - 2010-06-10 19:00 - 00000000 ____D () C:\Windows\Panther 2014-02-06 23:40 - 2014-02-06 23:40 - 04721920 _____ (Piriform Ltd) C:\Users\Dom\Downloads\ccsetup410.exe 2014-02-06 23:40 - 2014-02-06 23:40 - 00002768 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2014-02-06 23:40 - 2014-02-06 23:40 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-02-06 23:40 - 2014-02-06 23:40 - 00000000 ____D () C:\Program Files\CCleaner 2014-02-06 23:27 - 2014-02-06 23:26 - 00000000 ____D () C:\Users\Dom\Desktop\Stare dane programu Firefox 2014-02-06 23:20 - 2010-06-10 21:24 - 00109272 _____ () C:\Users\Dom\AppData\Local\GDIPFONTCACHEV1.DAT 2014-02-06 23:19 - 2009-07-14 05:45 - 00422176 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-02-06 23:15 - 2013-03-24 21:17 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-02-06 22:57 - 2010-06-10 19:00 - 00000000 ___RD () C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-02-05 16:09 - 2009-07-14 18:55 - 00697674 _____ () C:\Windows\system32\perfh015.dat 2014-02-05 16:09 - 2009-07-14 18:55 - 00134784 _____ () C:\Windows\system32\perfc015.dat 2014-02-05 16:09 - 2009-07-14 06:13 - 01549696 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-02-05 09:58 - 2013-03-24 21:00 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-02-05 09:58 - 2013-03-24 21:00 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-02-05 09:58 - 2013-03-24 21:00 - 00003868 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-01-31 19:21 - 2014-01-31 15:46 - 00227081 _____ () C:\Users\Dom\Desktop\Piłka (domowy).xlsx 2014-01-31 19:13 - 2014-01-31 15:54 - 00056603 _____ () C:\Users\Dom\Desktop\Piłka (telefon).xlsx 2014-01-26 21:39 - 2014-01-22 18:50 - 00046531 _____ () C:\Users\Dom\Desktop\Lista członków NSZZ.xlsx 2014-01-22 15:52 - 2014-02-07 19:44 - 00270824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdis2.sys 2014-01-22 15:52 - 2014-02-07 19:43 - 00131232 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFW.sys 2014-01-22 15:52 - 2010-10-21 10:55 - 00064288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys 2014-01-16 09:59 - 2010-06-10 19:18 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe Some content of TEMP: ==================== C:\Users\Dom\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-02-08 10:26 ==================== End Of Log ============================