Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-02-2014 Ran by ja (administrator) on JA-KOMPUTER on 19-02-2014 17:48:10 Running from C:\Users\ja\Desktop Windows 7 Ultimate (X64) OS Language: Polish Internet Explorer Version 8 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Broadcom Corporation.) D:\Programy Files\Bluetooth\btwdins.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation) C:\Windows\system32\igfxsrvc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (VIA Technologies, Inc.) C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe (Broadcom Corporation.) D:\Programy Files\Bluetooth\BTTray.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Reader_sl.exe (Broadcom Corporation.) D:\Programy Files\Bluetooth\BtStackServer.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrCtrCen.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Broadcom Corporation.) D:\Programy Files\Bluetooth\BluetoothHeadsetProxy.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13423688 2013-02-26] (Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-04-30] (Intel Corporation) HKLM\...\Run: [VIAxHCUtl] - C:\Program Files\VIA XHCI UASP Utility\usb3Monitor HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [BrMfcWnd] - C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.) HKLM-x32\...\Run: [ControlCenter3] - C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.) HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-02-11] (AVAST Software) HKLM-x32\...\Run: [HomeKeyLogger] - C:\Program Files (x86)\HomeKeylogger\KeyLogger.exe Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-1363661271-760379814-3891206274-1000\...\MountPoints2: H - H:\Autorun.exe ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://msn.gazeta.pl/msn/0,0.html?pc=UP97&ocid=UP97DHP StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = SearchScopes: HKCU - EE258A4D8185445E82FBF0609FC55E3F URL = http://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=ST1000DM003-1CH162_Z1D5VY5KXXXXZ1D5VY5K&ts=1380481971&type=default&q={searchTerms} SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {7E63F452-74D9-4A41-A6BA-7EE93B227CAF} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3289075&CUI=UN34140332852161217&UM=1 BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Programy Files\Jawa\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Programy Files\word2010\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Programy Files\Jawa\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\ja\AppData\Roaming\Mozilla\Firefox\Profiles\27lc4f4z.default FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll () FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - D:\Programy Files\Jawa\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - D:\Programy Files\Jawa\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - D:\PROGRA~1\word2010\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - D:\PROGRA~1\word2010\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Extension: Add-ons Manager Context Menu - C:\Users\ja\AppData\Roaming\Mozilla\Firefox\Profiles\27lc4f4z.default\Extensions\amcontextmenu@loucypher.xpi [2014-02-14] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-09-26] Chrome: ======= CHR HomePage: hxxp://www.google.com/ CHR RestoreOnStartup: "hxxp://www.google.com/" CHR Extension: (YouTube) - C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-27] CHR Extension: (Google Search) - C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-27] CHR Extension: (Gmail) - C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-27] ==================== Services (Whitelisted) ================= R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-11] (AVAST Software) R2 btwdins; D:\Programy Files\Bluetooth\btwdins.exe [915232 2011-01-24] (Broadcom Corporation.) S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation) S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-04-11] (Intel Corporation) ==================== Drivers (Whitelisted) ==================== R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-02-11] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-13] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-13] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-02-11] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-02-11] (AVAST Software) R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [80184 2014-02-11] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-02-11] () R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-04-30] (Intel Corporation) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2013-09-29] () R3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [223744 2013-03-19] (VIA Technologies, Inc.) R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [295424 2013-03-19] (VIA Technologies, Inc.) S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X] S3 gdrv; \??\C:\Windows\gdrv.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-02-19 17:48 - 2014-02-19 17:48 - 00011557 _____ () C:\Users\ja\Desktop\FRST.txt 2014-02-19 17:44 - 2014-02-19 17:48 - 00000000 ____D () C:\FRST 2014-02-19 17:39 - 2014-02-19 17:41 - 02153472 _____ (Farbar) C:\Users\ja\Desktop\FRST64.exe 2014-02-17 20:28 - 2014-02-17 20:28 - 00020178 _____ () C:\Users\ja\Desktop\[www.tnt24.info] Nasz Wszechświat 3D (OU) - Our Universe 3D -2013- [mini-HD.1080p.Over-Under.DTS-HD MA.2.0.AC3.BluRay.x264-SONDA] [Lektor i Napisy PL] [AT-TEAM].torrent 2014-02-17 16:14 - 2014-02-17 16:15 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP 2014-02-17 16:02 - 2014-02-17 16:02 - 00237016 _____ () C:\Users\ja\Desktop\Keylogger_downloader-cKQxZISw.exe 2014-02-17 15:54 - 2014-02-17 15:54 - 00000000 ____D () C:\Program Files\Enigma Software Group 2014-02-17 15:54 - 2014-02-17 15:54 - 00000000 _____ () C:\autoexec.bat 2014-02-16 22:30 - 2014-02-16 22:30 - 00020828 _____ () C:\Users\ja\Desktop\[www.tnt24.info] Oszukać Przeznaczenie 5 (3D OU) - Final Destination 5 -2011- [mini-HD.1080p.Over-Under.AC3.x264-LEON 345] [Lektor PL].torrent 2014-02-12 13:03 - 2014-02-12 13:04 - 00000000 ____D () C:\Users\ja\Desktop\Łazienka 2014-02-11 09:22 - 2014-02-11 09:22 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2014-02-10 16:02 - 2014-02-10 16:02 - 00001130 _____ () C:\Users\ja\Desktop\fifa — skrót.lnk 2014-02-01 10:16 - 2014-02-01 10:16 - 00000000 ____D () C:\Users\ja\AppData\Roaming\LolClient 2014-02-01 10:14 - 2014-02-01 10:14 - 00000000 ____D () C:\Users\ja\AppData\Local\Microsoft Games 2014-01-31 16:47 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll 2014-01-31 16:47 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll 2014-01-31 16:47 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll 2014-01-31 16:47 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll 2014-01-31 16:47 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll 2014-01-31 15:34 - 2014-01-31 15:34 - 00000000 ____D () C:\Program Files (x86)\Pando Networks 2014-01-31 15:33 - 2014-01-31 15:34 - 00000000 ____D () C:\Users\ja\AppData\Roaming\Riot Games 2014-01-27 20:08 - 2014-02-15 13:01 - 00000044 _____ () C:\Users\ja\Desktop\Nowy dokument tekstowy (2).txt 2014-01-21 20:22 - 2014-01-21 20:22 - 00000000 ___RD () C:\Users\ja\AppData\Roaming\Brother ==================== One Month Modified Files and Folders ======= 2014-02-19 17:48 - 2014-02-19 17:48 - 00011557 _____ () C:\Users\ja\Desktop\FRST.txt 2014-02-19 17:48 - 2014-02-19 17:44 - 00000000 ____D () C:\FRST 2014-02-19 17:47 - 2013-09-26 21:08 - 00115136 _____ () C:\Windows\PFRO.log 2014-02-19 17:47 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-02-19 17:47 - 2009-07-14 05:51 - 00045238 _____ () C:\Windows\setupact.log 2014-02-19 17:46 - 2013-09-30 20:56 - 00000000 ____D () C:\Users\ja\AppData\Roaming\uTorrent 2014-02-19 17:46 - 2013-09-27 01:49 - 02082572 _____ () C:\Windows\WindowsUpdate.log 2014-02-19 17:41 - 2014-02-19 17:39 - 02153472 _____ (Farbar) C:\Users\ja\Desktop\FRST64.exe 2014-02-19 17:10 - 2013-09-26 21:57 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-02-19 15:43 - 2009-07-14 05:45 - 00010240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-02-19 15:43 - 2009-07-14 05:45 - 00010240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-02-19 15:39 - 2009-07-14 18:55 - 00688628 _____ () C:\Windows\system32\perfh015.dat 2014-02-19 15:39 - 2009-07-14 18:55 - 00131712 _____ () C:\Windows\system32\perfc015.dat 2014-02-19 15:39 - 2009-07-14 06:13 - 01526834 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-02-19 15:38 - 2014-01-02 19:57 - 00003966 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{493EB7C5-76F6-4C8E-9479-9872B1A09BA4} 2014-02-19 15:35 - 2013-09-26 20:48 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-02-17 20:28 - 2014-02-17 20:28 - 00020178 _____ () C:\Users\ja\Desktop\[www.tnt24.info] Nasz Wszechświat 3D (OU) - Our Universe 3D -2013- [mini-HD.1080p.Over-Under.DTS-HD MA.2.0.AC3.BluRay.x264-SONDA] [Lektor i Napisy PL] [AT-TEAM].torrent 2014-02-17 16:15 - 2014-02-17 16:14 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP 2014-02-17 16:15 - 2013-09-29 21:00 - 00000000 ____D () C:\Windows\system32\appmgmt 2014-02-17 16:02 - 2014-02-17 16:02 - 00237016 _____ () C:\Users\ja\Desktop\Keylogger_downloader-cKQxZISw.exe 2014-02-17 15:54 - 2014-02-17 15:54 - 00000000 ____D () C:\Program Files\Enigma Software Group 2014-02-17 15:54 - 2014-02-17 15:54 - 00000000 _____ () C:\autoexec.bat 2014-02-16 22:30 - 2014-02-16 22:30 - 00020828 _____ () C:\Users\ja\Desktop\[www.tnt24.info] Oszukać Przeznaczenie 5 (3D OU) - Final Destination 5 -2011- [mini-HD.1080p.Over-Under.AC3.x264-LEON 345] [Lektor PL].torrent 2014-02-15 18:46 - 2013-09-27 01:53 - 00000000 ____D () C:\Users\ja\AppData\Local\VirtualStore 2014-02-15 13:01 - 2014-01-27 20:08 - 00000044 _____ () C:\Users\ja\Desktop\Nowy dokument tekstowy (2).txt 2014-02-14 22:23 - 2013-09-27 02:35 - 00000000 ____D () C:\Program Files (x86)\GIGABYTE 2014-02-14 22:23 - 2013-09-27 02:16 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-02-14 21:02 - 2013-10-04 19:09 - 00000000 ____D () C:\Users\ja\AppData\Roaming\Skype 2014-02-13 16:44 - 2013-10-31 21:27 - 00000000 ____D () C:\Users\ja\AppData\Roaming\GG 2014-02-12 13:04 - 2014-02-12 13:03 - 00000000 ____D () C:\Users\ja\Desktop\Łazienka 2014-02-11 10:46 - 2013-09-27 01:54 - 00001451 _____ () C:\Users\ja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-02-11 10:46 - 2013-09-27 01:54 - 00001417 _____ () C:\Users\ja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk 2014-02-11 09:22 - 2014-02-11 09:22 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2014-02-11 09:22 - 2013-09-26 20:48 - 01038072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2014-02-11 09:22 - 2013-09-26 20:48 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2014-02-11 09:22 - 2013-09-26 20:48 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2014-02-11 09:22 - 2013-09-26 20:48 - 00207904 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2014-02-11 09:22 - 2013-09-26 20:48 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2014-02-11 09:22 - 2013-09-26 20:48 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk 2014-02-11 09:22 - 2013-09-26 20:47 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-02-10 20:52 - 2013-11-26 19:23 - 00000000 ____D () C:\Users\ja\AppData\Roaming\vlc 2014-02-10 16:02 - 2014-02-10 16:02 - 00001130 _____ () C:\Users\ja\Desktop\fifa — skrót.lnk 2014-02-09 20:43 - 2013-10-16 18:03 - 00000000 ____D () C:\Users\ja\Documents\FIFA 11 2014-02-08 21:07 - 2013-09-30 20:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-02-08 12:18 - 2009-07-14 06:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-02-05 16:20 - 2013-09-26 21:57 - 00003868 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-02-05 16:19 - 2013-09-26 21:57 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-02-05 16:19 - 2013-09-26 21:57 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-02-01 10:16 - 2014-02-01 10:16 - 00000000 ____D () C:\Users\ja\AppData\Roaming\LolClient 2014-02-01 10:14 - 2014-02-01 10:14 - 00000000 ____D () C:\Users\ja\AppData\Local\Microsoft Games 2014-02-01 10:13 - 2013-09-27 19:09 - 00000000 ____D () C:\Windows\System32\Tasks\Games 2014-01-31 15:34 - 2014-01-31 15:34 - 00000000 ____D () C:\Program Files (x86)\Pando Networks 2014-01-31 15:34 - 2014-01-31 15:33 - 00000000 ____D () C:\Users\ja\AppData\Roaming\Riot Games 2014-01-24 16:11 - 2013-09-30 20:59 - 00000810 _____ () C:\Users\ja\Desktop\µTorrent.lnk 2014-01-24 16:11 - 2013-09-30 20:59 - 00000790 _____ () C:\Users\ja\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk 2014-01-21 21:00 - 2013-11-28 19:31 - 00000404 _____ () C:\Windows\BRWMARK.INI 2014-01-21 20:22 - 2014-01-21 20:22 - 00000000 ___RD () C:\Users\ja\AppData\Roaming\Brother Some content of TEMP: ==================== C:\Users\ja\AppData\Local\Temp\battlefield3-instalator.exe C:\Users\ja\AppData\Local\Temp\drm_dyndata_7410004.dll C:\Users\ja\AppData\Local\Temp\ggdrive-menu.exe C:\Users\ja\AppData\Local\Temp\ggdrive-overlay.exe C:\Users\ja\AppData\Local\Temp\installstats.exe C:\Users\ja\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe C:\Users\ja\AppData\Local\Temp\ose00000.exe C:\Users\ja\AppData\Local\Temp\SHSetup.exe C:\Users\ja\AppData\Local\Temp\swt-win32-3349.dll C:\Users\ja\AppData\Local\Temp\ToolbarHelper.exe C:\Users\ja\AppData\Local\Temp\uninst1.exe C:\Users\ja\AppData\Local\Temp\vlc-2.1.2-win64.exe C:\Users\ja\AppData\Local\Temp\_is7F9A.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-02-10 22:52 ==================== End Of Log ============================