Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-03-2014 03 ([color=red]ATTENTION: ====> FRST version is 95 days old and could be outdated[/color]) Ran by Joanna (administrator) on ELZBIETA on 06-06-2014 18:07:17 Running from E:\n150 Microsoft Windows 7 Starter Service Pack 1 (X86) OS Language: Polish Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe () C:\monitor.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe (Intel Corporation) C:\windows\system32\igfxsrvc.exe (Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (SAMSUNG Electronics) C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe (SEC) C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe (Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe (Intel Corporation) C:\windows\system32\igfxext.exe (Intel Corporation) C:\windows\system32\igfxsrvc.exe (Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\SFB\SmartRestarter.exe (Samsung Electronics Co., Ltd.) C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10119784 2011-06-25] (Realtek Semiconductor) HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [1812264 2010-11-13] (ELAN Microelectronics Corp.) HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [995176 2013-08-12] (Microsoft Corporation) HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704 2014-06-05] (AVAST Software) HKU\S-1-5-21-2933728693-9479190-2868125386-1000\...\Run: [ChomikBox] - C:\Program Files\ChomikBox\ChomikBox.exe [6017024 2014-03-01] ( ) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/ HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKLM - DefaultScope value is missing. BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 172.17.57.2 172.17.56.11 172.17.59.11 Tcpip\..\Interfaces\{36ED9A84-CC0E-4280-8637-A35F1E1713BC}: [NameServer]194.204.159.1 Tcpip\..\Interfaces\{CBBB9397-7647-46D7-A530-EF23B70731E4}: [NameServer]212.2.96.51 212.2.96.52 Chrome: ======= CHR HomePage: CHR Plugin: (Remoting Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Users\Joanna\AppData\Local\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Users\Joanna\AppData\Local\Google\Chrome\Application\33.0.1750.146\pdf.dll () CHR Plugin: (Shockwave Flash) - C:\Users\Joanna\AppData\Local\Google\Chrome\Application\33.0.1750.146\gcswf32.dll No File CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (Google Update) - C:\Users\Joanna\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File CHR Plugin: (Default Plug-in) - default_plugin No File CHR Extension: (Google Wallet) - C:\Users\Joanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-07] CHR StartMenuInternet: Google Chrome - C:\Users\Joanna\AppData\Local\Google\Chrome\Application\chrome.exe CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ========================== Services (Whitelisted) ================= R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-05] (AVAST Software) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-08-12] (Microsoft Corporation) S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [295376 2013-08-12] (Microsoft Corporation) S2 ProtectMonitor; C:\monitorsvc.exe [34244 2014-02-13] () S2 avgfws; "C:\Program Files\AVG\AVG2014\avgfws.exe" [X] S2 AVGIDSAgent; No ImagePath ==================== Drivers (Whitelisted) ==================== R2 aswHwid; C:\windows\system32\drivers\aswHwid.sys [24184 2014-06-05] () R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [67824 2014-06-05] (AVAST Software) R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [81768 2014-06-05] (AVAST Software) R0 aswRvrt; C:\windows\system32\Drivers\aswRvrt.sys [49944 2014-06-05] () R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [776976 2014-06-05] (AVAST Software) R1 aswSP; C:\windows\system32\drivers\aswSP.sys [411552 2014-06-05] (AVAST Software) R2 aswStm; C:\windows\system32\drivers\aswStm.sys [67776 2014-06-05] (AVAST Software) R0 aswVmm; C:\windows\system32\Drivers\aswVmm.sys [180632 2014-06-05] () R1 Avgdiskx; C:\windows\System32\DRIVERS\avgdiskx.sys [122136 2014-05-13] (AVG Technologies CZ, s.r.o.) R1 Avgfwfd; C:\windows\System32\DRIVERS\avgfwd6x.sys [47928 2013-09-26] (AVG Technologies CZ, s.r.o.) U0 AVGIDSHX; C:\windows\System32\DRIVERS\avgidshx.sys [149784 2014-05-13] (AVG Technologies CZ, s.r.o.) R1 Avgldx86; C:\windows\System32\DRIVERS\avgldx86.sys [192280 2014-05-13] (AVG Technologies CZ, s.r.o.) R0 Avglogx; C:\windows\System32\DRIVERS\avglogx.sys [237848 2014-05-13] (AVG Technologies CZ, s.r.o.) R0 Avgmfx86; C:\windows\System32\DRIVERS\avgmfx86.sys [107288 2014-05-13] (AVG Technologies CZ, s.r.o.) R0 Avgrkx86; C:\windows\System32\DRIVERS\avgrkx86.sys [27416 2014-05-13] (AVG Technologies CZ, s.r.o.) R1 Avgtdix; C:\windows\System32\DRIVERS\avgtdix.sys [210200 2014-05-13] (AVG Technologies CZ, s.r.o.) R3 btwampfl; C:\windows\System32\drivers\btwampfl.sys [297000 2010-07-14] (Broadcom Corporation.) R3 ETD; C:\windows\System32\DRIVERS\ETD.sys [116008 2010-11-13] (ELAN Microelectronics Corp.) R0 MpFilter; C:\windows\System32\DRIVERS\MpFilter.sys [211560 2013-06-18] (Microsoft Corporation) S3 rtport; C:\windows\system32\drivers\rtport.sys [15656 2011-09-20] (Windows (R) 2003 DDK 3790 provider) S3 samsung_hspa_datacard_cdc_acm; C:\windows\System32\DRIVERS\samsung_hspa_datacard_cdc_acm.sys [42240 2010-09-08] (Samsung) S3 samsung_hspa_datacard_cdc_ecm; C:\windows\System32\DRIVERS\samsung_hspa_datacard_cdc_ecm.sys [45568 2010-09-08] (Samsung) R3 samsung_hspa_datacard_dc_enum; C:\windows\System32\DRIVERS\samsung_hspa_datacard_dc_enum.sys [49920 2010-09-08] (Samsung) S3 swmsflt; C:\windows\System32\DRIVERS\swmsflt.sys [28288 2009-01-14] () S3 SWNC8UA3; C:\windows\System32\DRIVERS\swnc8ua3.sys [222720 2009-07-22] (Sierra Wireless Inc.) S3 SWUMXA3; C:\windows\System32\DRIVERS\swumxa3.sys [148992 2009-07-22] (Sierra Wireless Inc.) U2 avgwd; "C:\Program Files\AVG\AVG2014\avgwdsvc.exe" S3 SWUMX20; system32\DRIVERS\swumx20.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-06-06 18:03 - 2014-06-06 18:07 - 00000000 ____D () C:\FRST 2014-06-06 12:47 - 2014-06-06 12:47 - 00000000 ____D () C:\windows\RegBak 2014-06-05 19:17 - 2014-06-05 19:24 - 00000000 ____D () C:\AdwCleaner 2014-06-05 18:43 - 2014-06-05 18:38 - 06983153 _____ () C:\Users\Joanna\Desktop\CBS.log 2014-06-05 17:27 - 2014-06-05 17:27 - 00000000 ____D () C:\Program Files\Atheros 2014-06-05 17:26 - 2014-06-05 17:26 - 00000000 ____D () C:\windows\Options 2014-06-05 17:26 - 2011-12-25 12:50 - 00071811 _____ () C:\windows\system32\athrext.cat 2014-06-05 17:26 - 2011-12-12 19:32 - 02228224 _____ (Atheros Communications, Inc.) C:\windows\system32\Drivers\athr.sys 2014-06-05 17:26 - 2011-12-12 19:32 - 02228224 _____ (Atheros Communications, Inc.) C:\windows\system32\athr.sys 2014-06-05 16:49 - 2014-06-05 16:49 - 00000000 ____H () C:\windows\nsbBC40.tmp 2014-06-05 16:16 - 2014-06-05 16:16 - 00411552 _____ (AVAST Software) C:\windows\system32\Drivers\zrnwytak.sys 2014-06-05 12:11 - 2014-06-05 12:11 - 00000000 ____D () C:\Users\Joanna\AppData\Roaming\AVAST Software 2014-06-05 12:02 - 2014-06-05 12:02 - 00411552 _____ (AVAST Software) C:\windows\system32\Drivers\lqpddbau.sys 2014-06-05 11:58 - 2014-06-05 11:58 - 00776976 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys 2014-06-05 11:58 - 2014-06-05 11:58 - 00411552 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys 2014-06-05 11:58 - 2014-06-05 11:58 - 00271264 _____ (AVAST Software) C:\windows\system32\aswBoot.exe 2014-06-05 11:58 - 2014-06-05 11:58 - 00180632 _____ () C:\windows\system32\Drivers\aswVmm.sys 2014-06-05 11:58 - 2014-06-05 11:58 - 00081768 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys 2014-06-05 11:58 - 2014-06-05 11:58 - 00067824 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys 2014-06-05 11:58 - 2014-06-05 11:58 - 00067776 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys 2014-06-05 11:58 - 2014-06-05 11:58 - 00049944 _____ () C:\windows\system32\Drivers\aswRvrt.sys 2014-06-05 11:58 - 2014-06-05 11:58 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr 2014-06-05 11:58 - 2014-06-05 11:58 - 00024184 _____ () C:\windows\system32\Drivers\aswHwid.sys 2014-06-05 11:56 - 2014-06-05 11:56 - 00000000 ____D () C:\Program Files\AVAST Software 2014-06-05 11:55 - 2014-06-05 11:55 - 00000000 ____D () C:\ProgramData\AVAST Software 2014-06-05 11:25 - 2014-06-05 11:48 - 94714880 _____ (AVAST Software) C:\avast_free_antivirus_setup.exe 2014-06-04 18:21 - 2011-12-22 19:34 - 00068179 _____ () C:\windows\system32\netathw.cat 2014-06-04 18:21 - 2011-12-12 19:32 - 01984704 _____ (Atheros Communications, Inc.) C:\windows\system32\athw.sys 2014-06-02 08:03 - 2014-06-02 08:03 - 00000220 _____ () C:\windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013.job 2014-05-20 13:48 - 2014-05-20 13:48 - 00000000 __SHD () C:\found.000 2014-05-18 13:08 - 2014-05-18 13:08 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER 2014-05-18 12:42 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll 2014-05-18 12:42 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb 2014-05-18 12:42 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll 2014-05-15 09:47 - 2014-04-12 04:11 - 01059840 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll 2014-05-15 09:47 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe 2014-05-15 09:47 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe 2014-05-15 09:47 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll 2014-05-15 09:47 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\windows\system32\objsel.dll 2014-05-15 09:47 - 2014-03-04 11:17 - 00304128 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe 2014-05-15 09:47 - 2014-03-04 11:17 - 00293376 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll 2014-05-15 09:47 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll 2014-05-15 09:47 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll 2014-05-15 09:47 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll 2014-05-15 09:46 - 2014-04-12 04:15 - 00136640 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys 2014-05-15 09:46 - 2014-04-12 04:15 - 00067520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys 2014-05-15 09:46 - 2014-04-12 04:12 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll 2014-05-15 09:46 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll 2014-05-15 09:46 - 2014-04-12 04:12 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll 2014-05-15 09:46 - 2014-04-12 04:11 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe 2014-05-15 09:46 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll 2014-05-15 09:46 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\cngprovider.dll 2014-05-15 09:46 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\windows\system32\adprovider.dll 2014-05-15 09:46 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\capiprovider.dll 2014-05-15 09:46 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\windows\system32\dpapiprovider.dll 2014-05-15 09:46 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\dimsroam.dll 2014-05-15 09:46 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\windows\system32\wincredprovider.dll 2014-05-15 09:46 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll 2014-05-15 09:45 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll 2014-05-14 11:07 - 2014-05-14 11:07 - 00864571 _____ () C:\Users\Joanna\Downloads\niemowlÄ™ce cuda1.rar 2014-05-13 14:19 - 2014-05-13 14:19 - 00192280 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgldx86.sys 2014-05-13 14:17 - 2014-05-13 14:17 - 00237848 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avglogx.sys 2014-05-13 14:17 - 2014-05-13 14:17 - 00210200 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgtdix.sys 2014-05-13 14:17 - 2014-05-13 14:17 - 00149784 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidshx.sys 2014-05-13 14:17 - 2014-05-13 14:17 - 00122136 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgdiskx.sys 2014-05-13 14:17 - 2014-05-13 14:17 - 00107288 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgmfx86.sys 2014-05-13 14:09 - 2014-05-13 14:09 - 00198936 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsdriverx.sys 2014-05-13 14:04 - 2014-05-13 14:04 - 00027416 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgrkx86.sys 2014-05-13 14:04 - 2014-05-13 14:04 - 00021272 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsshimx.sys 2014-05-07 08:32 - 2014-05-07 08:32 - 00000000 ___SD () C:\windows\system32\CompatTel ==================== One Month Modified Files and Folders ======= 2014-06-06 18:07 - 2014-06-06 18:03 - 00000000 ____D () C:\FRST 2014-06-06 18:06 - 2010-07-13 02:27 - 01869171 _____ () C:\windows\WindowsUpdate.log 2014-06-06 18:02 - 2011-12-13 20:14 - 00001062 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2933728693-9479190-2868125386-1000UA.job 2014-06-06 12:47 - 2014-06-06 12:47 - 00000000 ____D () C:\windows\RegBak 2014-06-06 10:31 - 2009-07-14 06:34 - 00016160 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-06-06 10:31 - 2009-07-14 06:34 - 00016160 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-06-06 10:23 - 2009-07-14 06:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT 2014-06-06 10:23 - 2009-07-14 06:39 - 00034499 _____ () C:\windows\setupact.log 2014-06-05 19:25 - 2010-11-20 23:48 - 00094642 _____ () C:\windows\PFRO.log 2014-06-05 19:24 - 2014-06-05 19:17 - 00000000 ____D () C:\AdwCleaner 2014-06-05 18:38 - 2014-06-05 18:43 - 06983153 _____ () C:\Users\Joanna\Desktop\CBS.log 2014-06-05 17:27 - 2014-06-05 17:27 - 00000000 ____D () C:\Program Files\Atheros 2014-06-05 17:27 - 2010-07-12 10:31 - 00000184 _____ () C:\setup.log 2014-06-05 17:26 - 2014-06-05 17:26 - 00000000 ____D () C:\windows\Options 2014-06-05 17:26 - 2010-07-12 10:31 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information 2014-06-05 17:25 - 2011-07-13 02:09 - 03377080 _____ () C:\windows\system32\perfh015.dat 2014-06-05 17:25 - 2011-07-13 02:09 - 01077856 _____ () C:\windows\system32\perfc015.dat 2014-06-05 17:25 - 2010-11-20 23:01 - 00006468 _____ () C:\windows\system32\PerfStringBackup.INI 2014-06-05 16:49 - 2014-06-05 16:49 - 00000000 ____H () C:\windows\nsbBC40.tmp 2014-06-05 16:49 - 2010-07-12 10:34 - 00009756 _____ () C:\windows\ykinstutil.log 2014-06-05 16:49 - 2010-07-12 10:34 - 00000335 ____R () C:\windows\YukonInstall.log 2014-06-05 16:48 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\zh-TW 2014-06-05 16:48 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\zh-HK 2014-06-05 16:48 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\zh-CN 2014-06-05 16:48 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\tr-TR 2014-06-05 16:48 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\th-TH 2014-06-05 16:48 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\sv-SE 2014-06-05 16:48 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\sl-SI 2014-06-05 16:48 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\sk-SK 2014-06-05 16:48 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\ru-RU 2014-06-05 16:48 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\ro-RO 2014-06-05 16:48 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\pt-PT 2014-06-05 16:48 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\pt-BR 2014-06-05 16:48 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\pl-PL 2014-06-05 16:48 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\nl-NL 2014-06-05 16:48 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\nb-NO 2014-06-05 16:48 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\lv-LV 2014-06-05 16:48 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\lt-LT 2014-06-05 16:48 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\ko-KR 2014-06-05 16:48 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\ja-JP 2014-06-05 16:48 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\it-IT 2014-06-05 16:48 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\hu-HU 2014-06-05 16:48 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\hr-HR 2014-06-05 16:48 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\he-IL 2014-06-05 16:48 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\fr-FR 2014-06-05 16:48 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\fi-FI 2014-06-05 16:48 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\et-EE 2014-06-05 16:48 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\el-GR 2014-06-05 16:48 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\de-DE 2014-06-05 16:48 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\bg-BG 2014-06-05 16:48 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\ar-SA 2014-06-05 16:16 - 2014-06-05 16:16 - 00411552 _____ (AVAST Software) C:\windows\system32\Drivers\zrnwytak.sys 2014-06-05 12:11 - 2014-06-05 12:11 - 00000000 ____D () C:\Users\Joanna\AppData\Roaming\AVAST Software 2014-06-05 12:02 - 2014-06-05 12:02 - 00411552 _____ (AVAST Software) C:\windows\system32\Drivers\lqpddbau.sys 2014-06-05 11:58 - 2014-06-05 11:58 - 00776976 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys 2014-06-05 11:58 - 2014-06-05 11:58 - 00411552 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys 2014-06-05 11:58 - 2014-06-05 11:58 - 00271264 _____ (AVAST Software) C:\windows\system32\aswBoot.exe 2014-06-05 11:58 - 2014-06-05 11:58 - 00180632 _____ () C:\windows\system32\Drivers\aswVmm.sys 2014-06-05 11:58 - 2014-06-05 11:58 - 00081768 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys 2014-06-05 11:58 - 2014-06-05 11:58 - 00067824 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys 2014-06-05 11:58 - 2014-06-05 11:58 - 00067776 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys 2014-06-05 11:58 - 2014-06-05 11:58 - 00049944 _____ () C:\windows\system32\Drivers\aswRvrt.sys 2014-06-05 11:58 - 2014-06-05 11:58 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr 2014-06-05 11:58 - 2014-06-05 11:58 - 00024184 _____ () C:\windows\system32\Drivers\aswHwid.sys 2014-06-05 11:56 - 2014-06-05 11:56 - 00000000 ____D () C:\Program Files\AVAST Software 2014-06-05 11:55 - 2014-06-05 11:55 - 00000000 ____D () C:\ProgramData\AVAST Software 2014-06-05 11:54 - 2012-02-02 12:27 - 00000000 ____D () C:\Users\Joanna\AppData\Local\ChomikBox 2014-06-05 11:54 - 2012-02-02 12:27 - 00000000 ____D () C:\Users\Joanna\.gstreamer-0.10 2014-06-05 11:48 - 2014-06-05 11:25 - 94714880 _____ (AVAST Software) C:\avast_free_antivirus_setup.exe 2014-06-05 11:14 - 2014-03-29 00:25 - 00000000 ____D () C:\ProgramData\MFAData 2014-06-05 10:56 - 2011-12-11 13:07 - 00000000 ____D () C:\Program Files\Google 2014-06-05 10:54 - 2011-12-11 13:06 - 00000000 ____D () C:\Users\Joanna\AppData\Local\Google 2014-06-02 08:03 - 2014-06-02 08:03 - 00000220 _____ () C:\windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013.job 2014-05-27 16:59 - 2011-12-13 20:18 - 00002120 _____ () C:\windows\epplauncher.mif 2014-05-26 08:50 - 2011-12-13 20:14 - 00001010 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2933728693-9479190-2868125386-1000Core.job 2014-05-22 09:42 - 2014-03-30 16:07 - 00000965 _____ () C:\Users\Public\Desktop\AVG 2014.lnk 2014-05-20 16:52 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\rescache 2014-05-20 14:24 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\Microsoft.NET 2014-05-20 13:48 - 2014-05-20 13:48 - 00000000 __SHD () C:\found.000 2014-05-18 13:08 - 2014-05-18 13:08 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER 2014-05-18 13:08 - 2013-07-24 12:48 - 00000000 ____D () C:\windows\system32\MRT 2014-05-18 12:54 - 2011-11-28 20:07 - 90547776 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe 2014-05-14 11:07 - 2014-05-14 11:07 - 00864571 _____ () C:\Users\Joanna\Downloads\niemowlÄ™ce cuda1.rar 2014-05-13 14:19 - 2014-05-13 14:19 - 00192280 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgldx86.sys 2014-05-13 14:17 - 2014-05-13 14:17 - 00237848 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avglogx.sys 2014-05-13 14:17 - 2014-05-13 14:17 - 00210200 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgtdix.sys 2014-05-13 14:17 - 2014-05-13 14:17 - 00149784 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidshx.sys 2014-05-13 14:17 - 2014-05-13 14:17 - 00122136 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgdiskx.sys 2014-05-13 14:17 - 2014-05-13 14:17 - 00107288 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgmfx86.sys 2014-05-13 14:09 - 2014-05-13 14:09 - 00198936 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsdriverx.sys 2014-05-13 14:04 - 2014-05-13 14:04 - 00027416 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgrkx86.sys 2014-05-13 14:04 - 2014-05-13 14:04 - 00021272 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsshimx.sys 2014-05-07 20:06 - 2011-11-28 22:26 - 00000000 ____D () C:\Users\Joanna\AppData\Roaming\SoftGrid Client 2014-05-07 08:32 - 2014-05-07 08:32 - 00000000 ___SD () C:\windows\system32\CompatTel Some content of TEMP: ==================== C:\Users\Joanna\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\windows\explorer.exe => MD5 is legit C:\windows\system32\winlogon.exe [2014-05-15 09:47] - [2014-03-04 11:17] - 0304128 ____A (Microsoft Corporation) 998507B046BA314CE8245364C686FA67 C:\windows\system32\wininit.exe => MD5 is legit C:\windows\system32\svchost.exe => MD5 is legit C:\windows\system32\services.exe => MD5 is legit C:\windows\system32\User32.dll => MD5 is legit C:\windows\system32\userinit.exe => MD5 is legit C:\windows\system32\rpcss.dll => MD5 is legit C:\windows\system32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-06-06 12:25 ==================== End Of Log ============================