Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-11-2014 Ran by Dom (administrator) on HPPAVILION on 02-11-2014 13:31:31 Running from C:\Users\Dom\Downloads Loaded Profile: Dom (Available profiles: Dom) Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: Angielski (Stany Zjednoczone) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgrsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcsrvx.exe (AMD) C:\Windows\System32\atiesrxx.exe (Hewlett-Packard) C:\Windows\System32\hpservice.exe (AMD) C:\Windows\System32\atieclxx.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgfws.exe (Google Inc.) C:\Program Files\Google\Update\1.3.25.5\GoogleCrashHandler.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgidsagent.exe () C:\Users\Dom\Desktop\Core Temp.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe (Hi-Rez Studios) E:\Hi-Rez Studios\HiPatchService.exe (Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgnsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgemcx.exe (Hewlett-Packard Company) C:\Program Files\HP\Common\HPSupportSolutionsFrameworkService.exe () C:\ProgramData\DataCardService\HWDeviceService.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DataCardService\DCSHelper.exe (ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe () C:\ProgramData\PLAY ONLINE\OnlineUpdate\ouc.exe () C:\Windows\System32\PnkBstrA.exe (TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Windows\System32\audiodg.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcfgex.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641704 2012-11-16] (Advanced Micro Devices, Inc.) HKLM\...\Run: [AMD AVT] => C:\Program Files\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] () HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3649040 2014-10-16] (AVG Technologies CZ, s.r.o.) HKU\S-1-5-21-1270315032-4159197659-3195027858-1000\...\MountPoints2: {07679c7c-f0bb-11e3-bd80-001b1000245d} - F:\LGAutoRun.exe HKU\S-1-5-21-1270315032-4159197659-3195027858-1000\...\MountPoints2: {0c1d1f58-1294-11e4-bff9-00238bafa46c} - F:\AutoRun.exe HKU\S-1-5-21-1270315032-4159197659-3195027858-1000\...\MountPoints2: {4c739ff6-099b-11e4-827a-00238bafa46c} - F:\AutoRun.exe HKU\S-1-5-21-1270315032-4159197659-3195027858-1000\...\MountPoints2: {4c73a004-099b-11e4-827a-00238bafa46c} - F:\AutoRun.exe HKU\S-1-5-21-1270315032-4159197659-3195027858-1000\...\MountPoints2: {4c73a020-099b-11e4-827a-00238bafa46c} - F:\AutoRun.exe HKU\S-1-5-21-1270315032-4159197659-3195027858-1000\...\MountPoints2: {57a32b52-4274-11e4-8b1d-00238bafa46c} - G:\LGAutoRun.exe HKU\S-1-5-21-1270315032-4159197659-3195027858-1000\...\MountPoints2: {bce52e94-0a6b-11e4-b813-00238bafa46c} - F:\AutoRun.exe HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-01-22] (Microsoft Corporation) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) SearchScopes: HKLM - DefaultScope value is missing. BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{6009A122-ED50-4E93-BDFA-8B0AD8DB5C1C}: [NameServer] 213.158.199.1 213.158.199.5 Tcpip\..\Interfaces\{B3C6C89F-0D5C-44CB-9B7C-2952DCA56988}: [NameServer] 212.2.96.53 212.2.96.54 Tcpip\..\Interfaces\{E1A90C9C-57AD-4F4A-B7F0-D4002E460A38}: [NameServer] 213.158.199.1 213.158.199.5 FireFox: ======== FF ProfilePath: C:\Users\Dom\AppData\Roaming\Mozilla\Firefox\Profiles\hzuku4ec.default FF Homepage: about:newtab FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll () FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.) FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Dom\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Extension: PEKAO S.A. Sign Plugin - C:\Users\Dom\AppData\Roaming\Mozilla\Firefox\Profiles\hzuku4ec.default\Extensions\SignPlugin@pekao.pl [2014-09-08] FF Extension: Adblock Plus - C:\Users\Dom\AppData\Roaming\Mozilla\Firefox\Profiles\hzuku4ec.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-22] Chrome: ======= ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2012-11-16] (Advanced Micro Devices, Inc.) [File not signed] S2 appdrvrem01; C:\Windows\System32\appdrvrem01.exe [316888 2014-05-04] (Protection Technology) R2 avgfws; C:\Program Files\AVG\AVG2015\avgfws.exe [1486664 2014-10-16] (AVG Technologies CZ, s.r.o.) R2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3487248 2014-10-16] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [298080 2014-10-16] (AVG Technologies CZ, s.r.o.) S3 EasyAntiCheat; C:\Windows\system32\EasyAntiCheat.exe [175136 2014-09-13] (EasyAntiCheat Ltd) U2 HiPatchService; E:\Hi-Rez Studios\HiPatchService.exe [9216 2014-08-22] (Hi-Rez Studios) [File not signed] R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe [72992 2014-07-07] (Hewlett-Packard Company) R2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [271712 2011-03-14] () S2 KMService; C:\Windows\system32\srvany.exe [8192 2014-01-22] () [File not signed] S2 PLAY ONLINE. RunOuc; C:\Program Files\PLAY ONLINE\UpdateDog\ouc.exe [246112 2014-07-12] () R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2014-05-31] () ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [25856 2014-03-28] (Google Inc) S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag.sys [23168 2014-03-28] (LG Electronics Inc.) S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem.sys [27776 2014-03-28] (LG Electronics Inc.) S3 andnetndis; C:\Windows\System32\DRIVERS\lgandnetndis.sys [74240 2014-03-28] (LG Electronics Inc.) R1 appdrv01; C:\Windows\System32\Drivers\appdrv01.sys [3333808 2014-05-04] (Protection Technology) R3 athr; C:\Windows\System32\DRIVERS\athr.sys [3244032 2013-11-20] (Qualcomm Atheros Communications, Inc.) R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6x.sys [47928 2013-09-26] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [213272 2014-10-07] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147736 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [192792 2014-08-28] (AVG Technologies CZ, s.r.o.) R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [230680 2014-07-18] (AVG Technologies CZ, s.r.o.) R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [98584 2014-10-05] (AVG Technologies CZ, s.r.o.) R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [200984 2014-10-10] (AVG Technologies CZ, s.r.o.) S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [95616 2014-07-12] (Huawei Technologies Co., Ltd.) S3 huawei_ext_ctrl; C:\Windows\System32\DRIVERS\ew_juextctrl.sys [27520 2014-07-12] (Huawei Technologies Co., Ltd.) S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [195072 2014-07-12] (Huawei Technologies Co., Ltd.) S3 RTCore32; C:\Program Files\RMClock\RTCore32.sys [4608 2005-05-25] () [File not signed] R0 sptd; C:\Windows\System32\Drivers\sptd.sys [320120 2014-11-02] (Duplex Secure Ltd.) S0 13416019; system32\drivers\68313456.sys [X] R3 ALSysIO; \??\C:\Users\Dom\AppData\Local\Temp\ALSysIO.sys [X] S4 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S4 tsusbhub; system32\drivers\tsusbhub.sys [X] S4 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-02 13:31 - 2014-11-02 13:33 - 00011881 _____ () C:\Users\Dom\Downloads\FRST.txt 2014-11-02 13:26 - 2014-11-02 13:31 - 00000000 ____D () C:\FRST 2014-11-02 13:24 - 2014-11-02 13:24 - 01105920 _____ (Farbar) C:\Users\Dom\Downloads\FRST.exe 2014-11-02 13:03 - 2014-11-02 13:03 - 00320120 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys 2014-11-02 13:02 - 2014-11-02 13:03 - 00522360 _____ (Duplex Secure Ltd.) C:\Users\Dom\Downloads\SPTDinst-v186-x86.exe 2014-11-02 12:25 - 2014-11-02 12:25 - 299138971 _____ () C:\Windows\MEMORY.DMP 2014-11-02 12:25 - 2014-11-02 12:25 - 00143136 _____ () C:\Windows\Minidump\110214-58250-01.dmp 2014-11-01 21:19 - 2014-11-01 21:19 - 00000925 _____ () C:\Users\Public\Desktop\AVG 2015.lnk 2014-11-01 21:19 - 2014-11-01 21:19 - 00000000 ____D () C:\Users\Dom\AppData\Roaming\TuneUp Software 2014-11-01 21:19 - 2014-11-01 21:19 - 00000000 ____D () C:\Users\Dom\AppData\Roaming\AVG2015 2014-11-01 21:19 - 2014-11-01 21:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2014-11-01 21:18 - 2014-11-02 09:59 - 00000000 ____D () C:\ProgramData\AVG2015 2014-11-01 21:18 - 2014-11-01 21:18 - 00000000 ___HD () C:\$AVG 2014-11-01 21:17 - 2014-11-01 21:17 - 00000000 ____D () C:\Program Files\AVG 2014-11-01 21:15 - 2014-11-01 21:36 - 00000000 ____D () C:\Users\Dom\AppData\Local\Avg2015 2014-11-01 21:14 - 2014-11-02 12:49 - 00000000 ____D () C:\ProgramData\MFAData 2014-11-01 21:14 - 2014-11-01 21:14 - 00000000 ____D () C:\Users\Dom\AppData\Local\MFAData 2014-11-01 21:14 - 2014-11-01 21:14 - 00000000 ____D () C:\Users\Dom\AppData\Local\Avg2014 2014-11-01 21:07 - 2014-11-01 21:07 - 00673034 _____ () C:\Windows\PFRO.log 2014-11-01 19:25 - 2014-11-02 13:06 - 00000560 _____ () C:\Windows\setupact.log 2014-11-01 19:25 - 2014-11-01 19:25 - 00000000 _____ () C:\Windows\setuperr.log 2014-11-01 18:11 - 2014-11-01 18:11 - 00000000 ____D () C:\TDSSKiller_Quarantine 2014-10-30 16:28 - 2014-10-30 16:28 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-10-23 17:05 - 2014-10-23 17:05 - 14475982 _____ () C:\Users\Dom\Downloads\g1db_alpha.exe 2014-10-18 17:34 - 2014-10-18 17:43 - 00000000 ____D () C:\Users\Dom\Desktop\anime 2014-10-17 21:55 - 2014-10-17 21:55 - 00000000 ____D () C:\Users\Dom\Desktop\remake 2014-10-16 06:50 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-10-16 06:50 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-10-16 06:50 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-10-16 06:50 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-10-16 06:50 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-10-16 06:50 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-10-16 06:50 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-10-16 06:50 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-10-16 06:50 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-10-16 06:50 - 2014-09-19 02:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-10-16 06:50 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-10-16 06:50 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-10-16 06:50 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-10-16 06:50 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-10-16 06:50 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-10-16 06:50 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-10-16 06:50 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-10-16 06:50 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-10-16 06:50 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-10-16 06:50 - 2014-09-19 01:50 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-10-16 06:50 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-10-16 06:50 - 2014-09-19 01:44 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-10-16 06:50 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-10-16 06:50 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-10-16 06:50 - 2014-09-19 01:20 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-10-16 06:50 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-10-16 06:50 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-10-16 06:50 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-10-16 06:50 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-10-16 06:50 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-10-16 06:49 - 2014-09-29 01:41 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-10-16 06:49 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-10-16 06:49 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll 2014-10-16 06:49 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll 2014-10-16 06:49 - 2014-07-17 02:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2014-10-16 06:49 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe 2014-10-16 06:49 - 2014-07-17 02:39 - 00919552 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2014-10-16 06:49 - 2014-07-17 02:39 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2014-10-16 06:49 - 2014-07-17 02:39 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2014-10-16 06:49 - 2014-07-17 02:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll 2014-10-16 06:49 - 2014-07-17 02:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll 2014-10-16 06:49 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-10-16 06:49 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-10-16 06:49 - 2014-07-17 02:03 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys 2014-10-16 06:49 - 2014-07-17 02:02 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2014-10-16 06:49 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll 2014-10-16 06:49 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll 2014-10-16 06:49 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll 2014-10-16 06:48 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2014-10-15 15:53 - 2014-10-11 19:59 - 506369906 _____ () C:\Users\Dom\Desktop\MOV_0285.mp4 2014-10-15 15:53 - 2014-10-11 18:36 - 141482068 _____ () C:\Users\Dom\Desktop\MOV_0284.mp4 2014-10-15 15:53 - 2014-10-04 17:32 - 13162774 _____ () C:\Users\Dom\Desktop\MOV_0277.mp4 2014-10-15 15:53 - 2014-10-04 17:30 - 02527529 _____ () C:\Users\Dom\Desktop\MOV_0273.mp4 2014-10-15 15:53 - 2014-10-04 17:29 - 34355907 _____ () C:\Users\Dom\Desktop\MOV_0272.mp4 2014-10-15 15:53 - 2014-10-04 17:24 - 20727321 _____ () C:\Users\Dom\Desktop\MOV_0268.mp4 2014-10-15 15:53 - 2014-10-04 17:24 - 00663867 _____ () C:\Users\Dom\Desktop\MOV_0267.mp4 2014-10-15 15:53 - 2014-10-04 17:21 - 68106823 _____ () C:\Users\Dom\Desktop\MOV_0264.mp4 2014-10-15 15:53 - 2014-10-04 17:16 - 23856998 _____ () C:\Users\Dom\Desktop\MOV_0258.mp4 2014-10-15 15:53 - 2014-09-13 16:26 - 01194964 _____ () C:\Users\Dom\Desktop\MOV_0201.mp4 2014-10-15 15:53 - 2014-09-13 16:26 - 00464443 _____ () C:\Users\Dom\Desktop\MOV_0200.mp4 2014-10-13 10:10 - 2014-10-18 16:24 - 00000000 ____D () C:\Users\Dom\Desktop\Zdjęcia 2014-10-10 15:13 - 2014-10-10 15:13 - 00200984 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdix.sys 2014-10-07 21:39 - 2014-10-07 21:39 - 00213272 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdriverx.sys 2014-10-05 21:42 - 2014-10-05 21:42 - 00098584 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx86.sys ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-02 13:20 - 2014-01-22 17:24 - 01060728 _____ () C:\Windows\WindowsUpdate.log 2014-11-02 13:17 - 2014-01-22 18:08 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-11-02 13:06 - 2014-03-03 20:33 - 00001032 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-11-02 13:06 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-11-02 13:04 - 2014-03-03 20:33 - 00001036 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-11-02 12:25 - 2014-01-30 12:35 - 00000000 ____D () C:\Windows\Minidump 2014-11-01 23:05 - 2009-07-14 05:53 - 00032620 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-11-01 22:09 - 2014-06-25 15:38 - 00000000 ____D () C:\Users\Dom\Downloads\RemoveWAT 2.2.6.0 2014-11-01 22:08 - 2014-01-23 10:46 - 00000000 ____D () C:\Users\Dom\Desktop\czerwiec office 2014-11-01 21:07 - 2014-01-22 18:04 - 00000000 ____D () C:\ProgramData\AVAST Software 2014-11-01 20:11 - 2009-07-14 05:34 - 00014224 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-11-01 20:11 - 2009-07-14 05:34 - 00014224 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-11-01 18:41 - 2014-01-24 22:33 - 00000000 ____D () C:\Program Files\Steam 2014-11-01 18:41 - 2014-01-24 22:33 - 00000000 ____D () C:\Program Files\Common Files\Steam 2014-11-01 18:32 - 2014-06-04 19:18 - 00000000 ____D () C:\ProgramData\TEMP 2014-11-01 18:11 - 2014-01-22 19:13 - 00739916 _____ () C:\Windows\system32\perfh015.dat 2014-11-01 18:11 - 2014-01-22 19:13 - 00155458 _____ () C:\Windows\system32\perfc015.dat 2014-11-01 18:11 - 2014-01-22 17:35 - 01668226 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-10-31 23:06 - 2014-01-22 17:31 - 00000000 ____D () C:\Users\Dom 2014-10-31 22:18 - 2014-04-27 19:02 - 00001336 _____ () C:\Users\Dom\Desktop\CoreTemp.ini 2014-10-31 22:11 - 2014-01-24 23:00 - 00000000 ____D () C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2014-10-31 22:02 - 2014-08-26 19:15 - 00000000 ____D () C:\Program Files\Raptr 2014-10-30 22:34 - 2014-03-21 21:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alien Nations 2 PL 2014-10-30 21:52 - 2009-07-14 05:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-10-30 16:55 - 2014-01-22 17:51 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-10-29 20:05 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\LogFiles 2014-10-29 19:02 - 2014-09-23 21:00 - 00000000 ____D () C:\Users\Dom\Downloads\iwona 2014-10-29 15:23 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF 2014-10-28 06:35 - 2014-01-22 17:59 - 00229000 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2014-10-23 13:30 - 2014-09-21 19:01 - 00000000 ____D () C:\Users\Dom\Downloads\k10stat 2014-10-22 17:56 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache 2014-10-18 09:23 - 2014-06-22 17:58 - 00000000 ____D () C:\Users\Dom\Documents\Krzysiek 2014-10-16 17:47 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET 2014-10-16 17:12 - 2014-06-26 06:39 - 00000000 ____D () C:\Users\Dom\Documents\My Games 2014-10-16 09:18 - 2009-07-14 05:33 - 00338032 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-10-16 09:16 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\pl-PL 2014-10-16 07:21 - 2014-01-22 19:32 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-10-16 07:18 - 2014-01-22 18:06 - 00000000 ____D () C:\Windows\system32\MRT 2014-10-16 07:08 - 2014-01-22 18:05 - 100290944 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-10-15 22:01 - 2014-05-29 20:00 - 00000000 ____D () C:\ProgramData\Origin 2014-10-15 21:58 - 2014-05-29 20:00 - 00000000 ____D () C:\Program Files\Origin 2014-10-07 15:51 - 2014-01-22 18:32 - 00000000 ____D () C:\Program Files\CCleaner 2014-10-07 15:49 - 2014-01-22 18:32 - 00000929 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-10-05 19:27 - 2014-01-28 15:02 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information 2014-10-05 11:58 - 2014-06-26 18:55 - 12186112 _____ () C:\Users\Dom\Documents\Sport w Wielkiej Brytanii.ppt ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => MD5 is legit C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-10-26 15:29 ==================== End Of Log ============================