Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-06-2014 02 Ran by bartek (administrator) on BARTEK-KOMPUTER on 10-06-2014 18:07:10 Running from G:\ Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Polish Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Microsoft Corporation) C:\Windows\System32\alg.exe (Opera Software) C:\Program Files (x86)\Opera\22.0.1471.50\opera.exe () C:\Program Files (x86)\Opera\22.0.1471.50\opera_crashreporter.exe (Opera Software) C:\Program Files (x86)\Opera\22.0.1471.50\opera.exe (Opera Software) C:\Program Files (x86)\Opera\22.0.1471.50\opera.exe (Opera Software) C:\Program Files (x86)\Opera\22.0.1471.50\opera.exe (Opera Software) C:\Program Files (x86)\Opera\22.0.1471.50\opera.exe (Opera Software) C:\Program Files (x86)\Opera\22.0.1471.50\opera.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\audiodg.exe ==================== Registry (Whitelisted) ================== HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe [39792 2008-01-11] (Adobe Systems Incorporated) HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2241024 2009-08-17] (VIA) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-06-05] (AVAST Software) HKLM-x32\...\RunOnce: [VOPackage] - C:\Users\bartek\AppData\Roaming\VOPackage\VOPackage.exe /runonce [289610 2014-06-10] ( ) HKU\S-1-5-21-2126986811-4245351377-3046878550-1001\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55360 2014-05-15] (Raptr, Inc) HKU\S-1-5-21-2126986811-4245351377-3046878550-1001\...\Run: [MKLOL] => C:\Program Files (x86)\MKJogo\MKLOL\MK.exe [1227976 2014-06-05] (MK) HKU\S-1-5-21-2126986811-4245351377-3046878550-1001\...\Run: [SpeedUpMyComputer] => C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe /ot /as /ss HKU\S-1-5-21-2126986811-4245351377-3046878550-1001\...\Run: [FixMyRegistry] => C:\Program Files (x86)\SmartTweak\FixMyRegistry\FixMyRegistry.exe [1886840 2014-05-26] () ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKCU - {61393B65-5059-4E69-B09D-26DCA7B76912} URL = https://www.google.com/search?q={searchTerms} BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO-x32: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) Hosts: 127.0.0.1 validation.sls.microsoft.com Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll () FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll () FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) Chrome: ======= CHR StartupUrls: "hxxp://www.google.com/" CHR Plugin: (Widevine Content Decryption Module) - C:\Users\bartek\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.4.600\_platform_specific\win_x86\widevinecdmadapter.dll () CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll () CHR Extension: (Dokumenty Google) - C:\Users\bartek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-27] CHR Extension: (avast! Online Security) - C:\Users\bartek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-05-28] CHR Extension: (Google Wallet) - C:\Users\bartek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-28] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-05-27] ==================== Services (Whitelisted) ================= R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-12-06] (Advanced Micro Devices, Inc.) [File not signed] R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-27] (AVAST Software) R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109048 2014-06-09] (AVAST Software) ==================== Drivers (Whitelisted) ==================== R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-19] (Advanced Micro Devices) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-27] () R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-06-09] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-27] (AVAST Software) R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [447888 2014-06-09] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-27] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-27] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-27] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-27] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-27] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-27] () R3 irsir; C:\Windows\System32\DRIVERS\irsir.sys [27648 2008-01-19] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-06-10 17:55 - 2014-06-10 17:55 - 00001216 _____ () C:\Users\bartek\Desktop\FixMyRegistry.lnk 2014-06-10 17:55 - 2014-06-10 17:55 - 00000000 ____D () C:\Windows\system32\appmgmt 2014-06-10 17:53 - 2014-06-10 17:53 - 00000000 ____D () C:\Users\bartek\AppData\Roaming\VOPackage 2014-06-10 17:53 - 2014-06-10 17:53 - 00000000 ____D () C:\Users\bartek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage 2014-06-10 17:48 - 2014-06-10 17:55 - 00000000 ____D () C:\Users\bartek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software 2014-06-10 17:20 - 2014-06-10 17:21 - 00000000 ____D () C:\AdwCleaner 2014-06-10 16:25 - 2014-06-10 16:25 - 822342679 _____ () C:\Windows\MEMORY.DMP 2014-06-10 16:25 - 2014-06-10 16:25 - 00455832 _____ () C:\Windows\Minidump\061014-19281-01.dmp 2014-06-10 16:25 - 2014-06-10 16:25 - 00000000 ____D () C:\Windows\Minidump 2014-06-09 17:56 - 2014-06-10 18:07 - 00000000 ____D () C:\FRST 2014-06-09 16:41 - 2014-06-09 16:41 - 00001972 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk 2014-06-09 16:39 - 2014-06-09 16:40 - 00447888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys 2014-06-09 16:39 - 2014-06-09 16:39 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys 2014-05-28 13:57 - 2014-05-28 13:57 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf 2014-05-28 13:56 - 2014-05-28 13:56 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2014-05-28 13:33 - 2014-05-28 13:33 - 00000000 __SHD () C:\Users\bartek\AppData\Local\EmieUserList 2014-05-28 13:33 - 2014-05-28 13:33 - 00000000 __SHD () C:\Users\bartek\AppData\Local\EmieSiteList 2014-05-27 19:12 - 2014-06-09 16:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast 2014-05-27 19:12 - 2014-05-27 19:12 - 00000000 ____D () C:\Users\bartek\AppData\Roaming\AVAST Software 2014-05-27 19:11 - 2014-06-10 17:44 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-05-27 19:10 - 2014-06-09 17:01 - 00002265 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-05-27 19:10 - 2014-05-27 19:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-05-27 19:08 - 2014-06-10 17:44 - 00001044 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-05-27 19:08 - 2014-06-10 17:29 - 00001048 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-05-27 19:08 - 2014-05-27 19:14 - 00004044 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-05-27 19:08 - 2014-05-27 19:14 - 00003792 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-05-27 19:08 - 2014-05-27 19:11 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys 2014-05-27 19:08 - 2014-05-27 19:11 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys 2014-05-27 19:08 - 2014-05-27 19:11 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys 2014-05-27 19:08 - 2014-05-27 19:11 - 00000000 ____D () C:\Users\bartek\AppData\Local\Google 2014-05-27 19:08 - 2014-05-27 19:10 - 00000000 ____D () C:\Program Files (x86)\Google 2014-05-27 19:08 - 2014-05-27 19:08 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1401210669864 2014-05-27 19:08 - 2014-05-27 19:08 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1401210669864 2014-05-27 19:08 - 2014-05-27 19:08 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2014-05-27 19:08 - 2014-05-27 19:08 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2014-05-27 19:08 - 2014-05-27 19:08 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2014-05-27 19:08 - 2014-05-27 19:08 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2014-05-27 19:08 - 2014-05-27 19:08 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2014-05-27 19:08 - 2014-05-27 19:08 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2014-05-27 19:07 - 2014-05-27 19:07 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-05-27 19:07 - 2014-05-27 19:07 - 00000000 ____D () C:\Program Files\AVAST Software 2014-05-27 19:06 - 2014-05-27 19:06 - 00000000 ____D () C:\ProgramData\AVAST Software 2014-05-20 19:53 - 2013-09-24 12:13 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\msvcp71.dll 2014-05-20 19:53 - 2013-07-30 12:04 - 00001003 _____ () C:\Windows\system32\README.txt 2014-05-20 18:55 - 2014-05-20 18:55 - 00000000 ____D () C:\Users\Public\Documents\Sports Interactive 2014-05-20 18:55 - 2014-05-20 18:55 - 00000000 ____D () C:\Users\bartek\Documents\Sports Interactive 2014-05-20 18:55 - 2014-05-20 18:55 - 00000000 ____D () C:\Users\bartek\AppData\Roaming\Sports Interactive 2014-05-15 13:15 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-15 13:15 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-15 13:15 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-05-15 13:15 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-05-15 13:15 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-05-15 13:15 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-05-15 09:04 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-05-15 09:04 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-05-15 09:04 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2014-05-15 09:04 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2014-05-15 09:04 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-05-15 09:04 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2014-05-15 09:04 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2014-05-15 09:04 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2014-05-15 09:04 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2014-05-15 09:04 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-05-15 09:04 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-05-15 09:04 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-05-15 09:04 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2014-05-15 09:04 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2014-05-15 09:04 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-05-15 09:04 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll 2014-05-15 09:04 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2014-05-15 09:04 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-05-15 09:04 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-05-15 09:04 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-05-15 09:04 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-05-15 09:04 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll 2014-05-15 09:04 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2014-05-15 09:04 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll 2014-05-15 09:04 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll 2014-05-15 09:04 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll 2014-05-15 09:04 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll 2014-05-15 09:04 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll 2014-05-15 09:04 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-05-15 09:04 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2014-05-15 09:04 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2014-05-15 09:04 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-05-15 09:04 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll 2014-05-15 09:04 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-05-15 09:04 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-05-15 09:04 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-05-15 09:04 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-05-15 09:04 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll 2014-05-15 09:04 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll 2014-05-15 09:04 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll 2014-05-15 09:04 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll 2014-05-15 09:04 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll 2014-05-15 09:04 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll 2014-05-15 09:04 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-05-15 09:04 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll ==================== One Month Modified Files and Folders ======= 2014-06-10 18:08 - 2014-04-18 19:44 - 00000000 ____D () C:\Users\bartek\AppData\Local\Temp 2014-06-10 18:07 - 2014-06-09 17:56 - 00000000 ____D () C:\FRST 2014-06-10 17:55 - 2014-06-10 17:55 - 00001216 _____ () C:\Users\bartek\Desktop\FixMyRegistry.lnk 2014-06-10 17:55 - 2014-06-10 17:55 - 00000000 ____D () C:\Windows\system32\appmgmt 2014-06-10 17:55 - 2014-06-10 17:48 - 00000000 ____D () C:\Users\bartek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software 2014-06-10 17:55 - 2014-04-19 13:08 - 00000000 ____D () C:\Program Files (x86)\SmartTweak 2014-06-10 17:53 - 2014-06-10 17:53 - 00000000 ____D () C:\Users\bartek\AppData\Roaming\VOPackage 2014-06-10 17:53 - 2014-06-10 17:53 - 00000000 ____D () C:\Users\bartek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage 2014-06-10 17:51 - 2009-07-14 06:45 - 00021088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-06-10 17:51 - 2009-07-14 06:45 - 00021088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-06-10 17:46 - 2014-04-18 19:22 - 01885757 _____ () C:\Windows\WindowsUpdate.log 2014-06-10 17:44 - 2014-05-27 19:11 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-06-10 17:44 - 2014-05-27 19:08 - 00001044 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-06-10 17:44 - 2014-04-18 21:21 - 00000000 ____D () C:\Users\bartek\AppData\Roaming\Raptr 2014-06-10 17:44 - 2014-04-18 20:14 - 00000441 _____ () C:\Windows\system32\Drivers\etc\hosts.ics 2014-06-10 17:43 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-06-10 17:43 - 2009-07-14 06:51 - 03757736 _____ () C:\Windows\setupact.log 2014-06-10 17:38 - 2014-04-19 13:05 - 00000000 ____D () C:\Users\bartek\AppData\Local\fst_pl_96 2014-06-10 17:38 - 2009-07-14 04:34 - 00000505 _____ () C:\Windows\win.ini 2014-06-10 17:29 - 2014-05-27 19:08 - 00001048 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-06-10 17:21 - 2014-06-10 17:20 - 00000000 ____D () C:\AdwCleaner 2014-06-10 16:27 - 2014-04-18 22:39 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-06-10 16:25 - 2014-06-10 16:25 - 822342679 _____ () C:\Windows\MEMORY.DMP 2014-06-10 16:25 - 2014-06-10 16:25 - 00455832 _____ () C:\Windows\Minidump\061014-19281-01.dmp 2014-06-10 16:25 - 2014-06-10 16:25 - 00000000 ____D () C:\Windows\Minidump 2014-06-10 16:25 - 2010-11-21 05:47 - 00035188 _____ () C:\Windows\PFRO.log 2014-06-09 20:41 - 2014-04-20 02:14 - 00000000 ____D () C:\Users\bartek\AppData\Local\Discount Dragon 2014-06-09 17:05 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-06-09 17:02 - 2014-04-19 13:08 - 00000000 ____D () C:\Program Files (x86)\SupTab 2014-06-09 17:01 - 2014-05-27 19:10 - 00002265 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-06-09 17:01 - 2014-04-18 19:45 - 00001425 _____ () C:\Users\bartek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-06-09 16:50 - 2011-02-04 19:38 - 00739694 _____ () C:\Windows\system32\perfh015.dat 2014-06-09 16:50 - 2011-02-04 19:38 - 00155268 _____ () C:\Windows\system32\perfc015.dat 2014-06-09 16:50 - 2009-07-14 07:13 - 01668226 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-06-09 16:41 - 2014-06-09 16:41 - 00001972 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk 2014-06-09 16:41 - 2014-05-27 19:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast 2014-06-09 16:40 - 2014-06-09 16:39 - 00447888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys 2014-06-09 16:39 - 2014-06-09 16:39 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys 2014-06-06 14:52 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-06-05 11:07 - 2014-04-19 13:07 - 00000000 ____D () C:\ProgramData\WPM 2014-06-04 20:31 - 2014-04-18 22:35 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-05-28 13:57 - 2014-05-28 13:57 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf 2014-05-28 13:56 - 2014-05-28 13:56 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2014-05-28 13:33 - 2014-05-28 13:33 - 00000000 __SHD () C:\Users\bartek\AppData\Local\EmieUserList 2014-05-28 13:33 - 2014-05-28 13:33 - 00000000 __SHD () C:\Users\bartek\AppData\Local\EmieSiteList 2014-05-28 13:33 - 2014-04-20 02:14 - 00000000 ____D () C:\Program Files (x86)\Discount Dragon 2014-05-27 19:14 - 2014-05-27 19:08 - 00004044 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-05-27 19:14 - 2014-05-27 19:08 - 00003792 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-05-27 19:12 - 2014-05-27 19:12 - 00000000 ____D () C:\Users\bartek\AppData\Roaming\AVAST Software 2014-05-27 19:11 - 2014-05-27 19:08 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys 2014-05-27 19:11 - 2014-05-27 19:08 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys 2014-05-27 19:11 - 2014-05-27 19:08 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys 2014-05-27 19:11 - 2014-05-27 19:08 - 00000000 ____D () C:\Users\bartek\AppData\Local\Google 2014-05-27 19:10 - 2014-05-27 19:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-05-27 19:10 - 2014-05-27 19:08 - 00000000 ____D () C:\Program Files (x86)\Google 2014-05-27 19:08 - 2014-05-27 19:08 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1401210669864 2014-05-27 19:08 - 2014-05-27 19:08 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1401210669864 2014-05-27 19:08 - 2014-05-27 19:08 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2014-05-27 19:08 - 2014-05-27 19:08 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2014-05-27 19:08 - 2014-05-27 19:08 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2014-05-27 19:08 - 2014-05-27 19:08 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2014-05-27 19:08 - 2014-05-27 19:08 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2014-05-27 19:08 - 2014-05-27 19:08 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2014-05-27 19:07 - 2014-05-27 19:07 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-05-27 19:07 - 2014-05-27 19:07 - 00000000 ____D () C:\Program Files\AVAST Software 2014-05-27 19:06 - 2014-05-27 19:06 - 00000000 ____D () C:\ProgramData\AVAST Software 2014-05-27 16:01 - 2014-04-18 21:18 - 00000000 ____D () C:\Program Files (x86)\Raptr 2014-05-27 16:00 - 2014-05-06 18:48 - 00000003 _____ () C:\Users\bartek\AppData\Local\proxy.log 2014-05-20 18:56 - 2010-11-21 09:16 - 00000000 ___RD () C:\Users\Public\Recorded TV 2014-05-20 18:55 - 2014-05-20 18:55 - 00000000 ____D () C:\Users\Public\Documents\Sports Interactive 2014-05-20 18:55 - 2014-05-20 18:55 - 00000000 ____D () C:\Users\bartek\Documents\Sports Interactive 2014-05-20 18:55 - 2014-05-20 18:55 - 00000000 ____D () C:\Users\bartek\AppData\Roaming\Sports Interactive 2014-05-19 17:58 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-05-15 22:53 - 2014-04-18 19:45 - 00000000 ___RD () C:\Users\bartek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-05-15 22:53 - 2014-04-18 19:45 - 00000000 ___RD () C:\Users\bartek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-05-15 22:50 - 2014-05-06 20:43 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-05-15 22:50 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-05-15 13:14 - 2014-04-18 21:01 - 00000000 ____D () C:\Windows\system32\MRT 2014-05-15 13:13 - 2014-04-18 21:01 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-05-15 10:27 - 2014-04-18 22:39 - 00003868 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-05-15 10:27 - 2014-04-18 20:01 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-05-15 10:27 - 2014-04-18 20:01 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl Some content of TEMP: ==================== C:\Users\bartek\AppData\Local\Temp\13-12_win7_win8_64_dd_ccc_whql.exe C:\Users\bartek\AppData\Local\Temp\13-4_vista_win7_win8_64_dd_ccc_whql.exe C:\Users\bartek\AppData\Local\Temp\banner.exe C:\Users\bartek\AppData\Local\Temp\FixMyRegistry.exe C:\Users\bartek\AppData\Local\Temp\LiveSupport_setup.exe C:\Users\bartek\AppData\Local\Temp\NSISUtils.dll C:\Users\bartek\AppData\Local\Temp\OptimizerPro.exe C:\Users\bartek\AppData\Local\Temp\raptrpatch.exe C:\Users\bartek\AppData\Local\Temp\sbsetup.exe C:\Users\bartek\AppData\Local\Temp\Setup.exe C:\Users\bartek\AppData\Local\Temp\setup_fst_pl.exe C:\Users\bartek\AppData\Local\Temp\smt_qone8.exe C:\Users\bartek\AppData\Local\Temp\Softonic_PL_1-5-10_PL-Production_10_CleanRelease.exe C:\Users\bartek\AppData\Local\Temp\Softonic_PL_1-5-10_PL-Production_10_CleanRelease[1].exe C:\Users\bartek\AppData\Local\Temp\SpeedUpMyComputer.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-06-09 21:49 ==================== End Of Log ============================