Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-09-2013 Ran by Daniel (administrator) on ZUCHA on 09-09-2013 18:45:39 Running from C:\Users\Daniel\Desktop Windows 7 Ultimate (X64) OS Language: Polish Internet Explorer Version 8 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe () C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe (Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe (VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== HKLM\...\Policies\Explorer: [NoActiveDesktop] 1 HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1 HKCU\...\Run: [Gadu-Gadu 10] - C:\Program Files (x86)\Gadu-Gadu 10\gg.exe [13374048 2011-07-04] (GG Network S.A.) HKCU\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3077528 2011-08-04] () HKCU\...\Run: [ChomikBox] - C:\Program Files (x86)\ChomikBox\chomikbox.exe [5979648 2012-11-17] ( ) HKCU\...\Run: [Google Update] - C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-11-07] (Google Inc.) HKCU\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2007-06-27] (Nero AG) HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2439072 2010-05-24] (VIA) HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31072 2008-10-25] (Microsoft Corporation) HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-07-05] (Apple Inc.) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [421736 2012-03-27] (Apple Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation) HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk ShortcutTarget: Adobe Reader Speed Launch.lnk -> C:\Program Files (x86)\Adobe\Acrobat 7.0\Reader\reader_sl.exe (No File) ==================== Internet (Whitelisted) ==================== SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) DPF: HKLM {22945A69-1191-4DCF-9E6F-409BDE94D101} http://dl-ak.solidworks.com/nonsecure/edrawings/e2012sp0/12.0.0.5015/cab//eModelsStandard.cab DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Tcpip\Parameters: [DhcpNameServer] 62.179.1.62 62.179.1.63 FireFox: ======== FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\4ofp0vx6.default FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 - C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 - C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Daniel\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Daniel\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Daniel\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Daniel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} FF HKLM-x32\...\Firefox\Extensions: [{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}] C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}\ FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird Chrome: ======= CHR HomePage: hxxp://www.google.com CHR RestoreOnStartup: "hxxp://www.google.com" CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding} CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter} CHR Plugin: (Shockwave Flash) - C:\Users\Daniel\AppData\Local\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Users\Daniel\AppData\Local\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Users\Daniel\AppData\Local\Google\Chrome\Application\29.0.1547.66\pdf.dll () CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.) CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () CHR Plugin: (Unity Player) - C:\Users\Daniel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Daniel\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) CHR Plugin: (Google Update) - C:\Users\Daniel\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll () CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) CHR Extension: (Docs) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0 CHR Extension: (Google Drive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Google Search) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (Lightning Newtab) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\1.1.5.2_0 CHR Extension: (Chrome In-App Payments service) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0 CHR Extension: (Gmail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx ==================== Services (Whitelisted) ================= S3 Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [85096 2011-10-16] (Autodesk) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software) S3 CoordinatorServiceHost; D:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [87336 2009-10-15] (Dassault Systèmes SolidWorks Corp.) R3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG) ==================== Drivers (Whitelisted) ==================== S3 Andbus; C:\Windows\System32\DRIVERS\lgandbus64.sys [19456 2012-03-02] (LG Electronics Inc.) S3 AndDiag; C:\Windows\System32\DRIVERS\lganddiag64.sys [27648 2012-03-02] (LG Electronics Inc.) S3 AndGps; C:\Windows\System32\DRIVERS\lgandgps64.sys [27136 2012-03-02] (LG Electronics Inc.) S3 ANDModem; C:\Windows\System32\DRIVERS\lgandmodem64.sys [34304 2012-03-02] (LG Electronics Inc.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] () R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] () R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software) R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] () R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software) R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software) R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] () R3 LgBttPort; C:\Windows\System32\DRIVERS\lgbtpt64.sys [16384 2009-09-29] (LG Electronics Inc.) R3 lgbusenum; C:\Windows\System32\DRIVERS\lgbtbs64.sys [14848 2009-09-29] (LG Electronics Inc.) R3 LGVMODEM; C:\Windows\System32\DRIVERS\lgvmdm64.sys [17408 2009-09-29] (LG Electronics Inc.) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] () ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-09-09 15:19 - 2013-09-09 15:19 - 00000000 ____D C:\MATS 2013-09-09 15:17 - 2013-09-09 15:17 - 00347424 _____ (Microsoft Corporation) C:\Users\Daniel\Desktop\MicrosoftFixit.ProgramInstallUninstall.RNP.Run.exe 2013-09-09 15:16 - 2013-09-09 15:16 - 01948948 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe 2013-09-08 20:04 - 2013-09-08 20:04 - 00001171 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2013-09-08 20:04 - 2013-09-08 20:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-09-08 19:10 - 2013-09-08 19:12 - 182851192 _____ C:\Users\Daniel\Desktop\setup_11.0.1.1245.x01_2013_09_08_18_30.exe 2013-09-08 19:00 - 2013-09-08 19:00 - 00282128 _____ (Mozilla) C:\Users\Daniel\Desktop\Firefox Setup Stub 23.0.1.exe 2013-09-08 18:43 - 2013-09-08 18:43 - 00004049 _____ C:\Users\Daniel\Desktop\AdwCleaner[R0].txt 2013-09-08 17:59 - 2013-09-08 17:59 - 00377856 _____ C:\Users\Daniel\Desktop\ew0331t0.exe 2013-09-08 17:53 - 2013-09-08 17:54 - 00026187 _____ C:\Users\Daniel\Desktop\Addition.txt 2013-09-08 12:33 - 2013-09-08 12:33 - 00086802 _____ C:\Users\Daniel\Desktop\Extras.Txt 2013-09-08 12:32 - 2013-09-08 12:32 - 00094460 _____ C:\Users\Daniel\Desktop\OTL.Txt 2013-09-08 11:54 - 2013-09-09 15:16 - 00000000 ____D C:\FRST 2013-09-08 11:36 - 2013-09-08 11:36 - 00602112 _____ (OldTimer Tools) C:\Users\Daniel\Desktop\OTL.exe 2013-09-07 22:25 - 2013-09-09 18:30 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2013-09-07 22:25 - 2013-09-07 22:25 - 00000000 _____ C:\Windows\SysWOW64\config.nt 2013-09-07 22:25 - 2013-08-30 09:48 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2013-09-07 22:25 - 2013-08-30 09:48 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2013-09-07 22:25 - 2013-08-30 09:48 - 00204880 _____ C:\Windows\system32\Drivers\aswVmm.sys 2013-09-07 22:25 - 2013-08-30 09:48 - 00080816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2013-09-07 22:25 - 2013-08-30 09:48 - 00072016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2013-09-07 22:25 - 2013-08-30 09:48 - 00065336 _____ C:\Windows\system32\Drivers\aswRvrt.sys 2013-09-07 22:25 - 2013-08-30 09:48 - 00064288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys 2013-09-07 22:25 - 2013-08-30 09:48 - 00033400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys 2013-09-07 22:25 - 2013-08-30 09:47 - 00287840 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2013-09-07 22:24 - 2013-09-07 22:24 - 00000000 ____D C:\Program Files\AVAST Software 2013-09-07 22:24 - 2013-08-30 09:47 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr 2013-09-07 22:23 - 2013-09-07 22:24 - 00000000 ____D C:\ProgramData\AVAST Software 2013-08-29 20:30 - 2013-08-29 20:30 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Malwarebytes 2013-08-29 20:29 - 2013-08-29 20:29 - 00001133 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-08-29 20:29 - 2013-08-29 20:29 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-08-29 20:29 - 2013-08-29 20:29 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-08-29 20:29 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2013-08-29 16:31 - 2013-08-29 16:31 - 00000000 _____ C:\Users\Daniel\Desktop\Nowy dokument tekstowy (2).txt 2013-08-29 14:11 - 2013-08-29 14:11 - 00028653 _____ C:\Windows\unins000.dat 2013-08-29 14:11 - 2013-08-29 14:10 - 00716278 _____ C:\Windows\unins000.exe 2013-08-17 10:07 - 2013-09-08 20:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-08-13 23:34 - 2013-08-13 23:34 - 00000000 ____D C:\Users\Daniel\Desktop\Nowy folder ==================== One Month Modified Files and Folders ======= 2013-09-09 18:39 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-09-09 18:39 - 2009-07-14 06:51 - 00101995 _____ C:\Windows\setupact.log 2013-09-09 18:38 - 2011-08-03 18:21 - 01868975 _____ C:\Windows\WindowsUpdate.log 2013-09-09 18:36 - 2009-07-14 06:45 - 00010208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-09-09 18:36 - 2009-07-14 06:45 - 00010208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-09-09 18:30 - 2013-09-07 22:25 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2013-09-09 15:27 - 2011-11-07 00:55 - 00001062 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-530645002-737837959-2560921968-1000UA.job 2013-09-09 15:23 - 2013-09-09 15:23 - 00000000 ____D C:\Users\Daniel\Desktop\Stare dane programu Firefox 2013-09-09 15:20 - 2012-04-18 10:56 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-09-09 15:19 - 2013-09-09 15:19 - 00000000 ____D C:\MATS 2013-09-09 15:17 - 2013-09-09 15:17 - 00347424 _____ (Microsoft Corporation) C:\Users\Daniel\Desktop\MicrosoftFixit.ProgramInstallUninstall.RNP.Run.exe 2013-09-09 15:16 - 2013-09-09 15:16 - 01948948 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe 2013-09-09 15:16 - 2013-09-08 11:54 - 00000000 ____D C:\FRST 2013-09-09 15:02 - 2011-08-04 22:28 - 00000000 ____D C:\Users\Daniel\AppData\Local\ChomikBox 2013-09-09 15:01 - 2011-09-27 10:48 - 00000000 ____D C:\Users\Daniel\.gstreamer-0.10 2013-09-08 20:08 - 2011-08-03 18:22 - 00000000 ___RD C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-09-08 20:04 - 2013-09-08 20:04 - 00001171 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2013-09-08 20:04 - 2013-09-08 20:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-09-08 20:04 - 2013-08-17 10:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-09-08 19:44 - 2011-08-03 19:12 - 00247716 _____ C:\Windows\PFRO.log 2013-09-08 19:28 - 2011-08-03 18:24 - 00001475 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk 2013-09-08 19:28 - 2011-08-03 18:24 - 00001245 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2013-09-08 19:12 - 2013-09-08 19:10 - 182851192 _____ C:\Users\Daniel\Desktop\setup_11.0.1.1245.x01_2013_09_08_18_30.exe 2013-09-08 19:00 - 2013-09-08 19:00 - 00282128 _____ (Mozilla) C:\Users\Daniel\Desktop\Firefox Setup Stub 23.0.1.exe 2013-09-08 18:43 - 2013-09-08 18:43 - 00004049 _____ C:\Users\Daniel\Desktop\AdwCleaner[R0].txt 2013-09-08 17:59 - 2013-09-08 17:59 - 00377856 _____ C:\Users\Daniel\Desktop\ew0331t0.exe 2013-09-08 17:54 - 2013-09-08 17:53 - 00026187 _____ C:\Users\Daniel\Desktop\Addition.txt 2013-09-08 15:05 - 2012-11-13 19:41 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\GameRanger 2013-09-08 12:33 - 2013-09-08 12:33 - 00086802 _____ C:\Users\Daniel\Desktop\Extras.Txt 2013-09-08 12:32 - 2013-09-08 12:32 - 00094460 _____ C:\Users\Daniel\Desktop\OTL.Txt 2013-09-08 12:24 - 2011-11-07 00:55 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome 2013-09-08 11:36 - 2013-09-08 11:36 - 00602112 _____ (OldTimer Tools) C:\Users\Daniel\Desktop\OTL.exe 2013-09-08 11:27 - 2011-11-07 00:55 - 00001010 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-530645002-737837959-2560921968-1000Core.job 2013-09-07 22:25 - 2013-09-07 22:25 - 00000000 _____ C:\Windows\SysWOW64\config.nt 2013-09-07 22:24 - 2013-09-07 22:24 - 00000000 ____D C:\Program Files\AVAST Software 2013-09-07 22:24 - 2013-09-07 22:23 - 00000000 ____D C:\ProgramData\AVAST Software 2013-09-07 18:16 - 2012-10-04 18:19 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\uTorrent 2013-08-30 18:39 - 2009-07-14 19:55 - 00743042 _____ C:\Windows\system32\perfh015.dat 2013-08-30 18:39 - 2009-07-14 19:55 - 00156524 _____ C:\Windows\system32\perfc015.dat 2013-08-30 18:39 - 2009-07-14 07:13 - 01676910 _____ C:\Windows\system32\PerfStringBackup.INI 2013-08-30 09:48 - 2013-09-07 22:25 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2013-08-30 09:48 - 2013-09-07 22:25 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2013-08-30 09:48 - 2013-09-07 22:25 - 00204880 _____ C:\Windows\system32\Drivers\aswVmm.sys 2013-08-30 09:48 - 2013-09-07 22:25 - 00080816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2013-08-30 09:48 - 2013-09-07 22:25 - 00072016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2013-08-30 09:48 - 2013-09-07 22:25 - 00065336 _____ C:\Windows\system32\Drivers\aswRvrt.sys 2013-08-30 09:48 - 2013-09-07 22:25 - 00064288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys 2013-08-30 09:48 - 2013-09-07 22:25 - 00033400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys 2013-08-30 09:47 - 2013-09-07 22:25 - 00287840 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2013-08-30 09:47 - 2013-09-07 22:24 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr 2013-08-29 20:42 - 2012-10-01 16:40 - 00000000 ____D C:\Users\Daniel\Desktop\111 2013-08-29 20:30 - 2013-08-29 20:30 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Malwarebytes 2013-08-29 20:29 - 2013-08-29 20:29 - 00001133 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-08-29 20:29 - 2013-08-29 20:29 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-08-29 20:29 - 2013-08-29 20:29 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-08-29 16:31 - 2013-08-29 16:31 - 00000000 _____ C:\Users\Daniel\Desktop\Nowy dokument tekstowy (2).txt 2013-08-29 14:11 - 2013-08-29 14:11 - 00028653 _____ C:\Windows\unins000.dat 2013-08-29 14:10 - 2013-08-29 14:11 - 00716278 _____ C:\Windows\unins000.exe 2013-08-29 11:04 - 2013-07-28 14:45 - 00000030 _____ C:\Users\Daniel\Desktop\Nowy dokument tekstowy.txt 2013-08-27 09:56 - 2013-06-11 17:09 - 00038400 ___SH C:\Users\Daniel\Thumbs.db 2013-08-26 19:29 - 2011-09-29 17:25 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\ZoomBrowser EX 2013-08-26 19:28 - 2011-09-29 18:43 - 00000000 ____D C:\ProgramData\PhotoStitch 2013-08-25 18:20 - 2012-04-18 10:56 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-08-25 18:20 - 2012-04-18 10:56 - 00003868 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-08-25 18:20 - 2012-01-14 14:49 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-08-25 17:11 - 2011-08-04 20:56 - 00000000 ____D C:\Users\Daniel\AppData\Local\CrashDumps 2013-08-17 20:06 - 2013-06-26 16:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox.bak 2013-08-13 23:34 - 2013-08-13 23:34 - 00000000 ____D C:\Users\Daniel\Desktop\Nowy folder ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-09-02 17:09 ==================== End Of Log ============================