Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-12-2013 02 Ran by KRYSTIAN (administrator) on TOSHIBA-KIKUS on 22-12-2013 09:00:20 Running from C:\Users\KRYSTIAN\Downloads Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polish Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe () C:\Windows\System32\GFNEXSrv.exe (Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe () C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe (TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe (ClickMeIn Limited) C:\Program Files (x86)\VuuPC\Connectivity.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Akamai Technologies, Inc.) C:\Users\KRYSTIAN\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) C:\Users\KRYSTIAN\AppData\Local\Akamai\netsession_win.exe (Smartbar) C:\Users\KRYSTIAN\AppData\Local\Smartbar\Application\Linkury.exe (TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe (Toshiba) C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (SweetIM Technologies Ltd.) C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.) C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe () C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe () C:\Program Files (x86)\Mobogenie\DaemonProcess.exe (ClickMeIn Limited) C:\Program Files (x86)\VuuPC\RemoteEngine.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosLeSrvUseMng.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosLeBtMng.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosLeSrvProvider.exe (TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosA2dp.exe (TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHid.exe (TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHSP.exe (TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosAVRC.exe (TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\tosOBEX.exe (TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\tosBtProc.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_11_9_900_170_ActiveX.exe (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe (Microsoft Corporation) C:\Windows\splwow64.exe (ClickMeIn Limited) C:\Program Files (x86)\VuuPC\RemoteEngineHelper.exe (ClickMeIn Limited) C:\Program Files (x86)\VuuPC\RemoteEngineHelper.exe (Microsoft Corporation) C:\Windows\System32\wermgr.exe (Microsoft Corporation) C:\Windows\System32\wermgr.exe () C:\Program Files (x86)\Mobogenie\mgusb.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [] - [x] HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12446824 2012-02-01] (Realtek Semiconductor) HKLM\...\Run: [SRS Premium Sound HD] - C:\Program Files\SRS Labs\SRS Control Panel\SRS_Premium_Sound_HD.zip [223180 2012-02-06] () HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2866960 2011-12-19] (Synaptics Incorporated) HKLM\...\Run: [TPwrMain] - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe [590256 2011-09-23] (TOSHIBA Corporation) HKLM\...\Run: [TCrdMain] - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [989056 2011-12-14] (TOSHIBA Corporation) HKLM\...\Run: [Teco] - C:\Program Files\TOSHIBA\TECO\Teco.exe [1548208 2011-11-24] (TOSHIBA Corporation) HKLM\...\Run: [TosWaitSrv] - C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [712096 2011-12-14] (TOSHIBA Corporation) HKLM\...\Run: [TosSENotify] - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710560 2011-11-26] (TOSHIBA Corporation) HKLM\...\Run: [TosVolRegulator] - C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation) HKLM\...\Run: [Toshiba TEMPRO] - C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1546720 2011-02-10] (Toshiba Europe GmbH) HKLM\...\Run: [HotKeysCmds] - C:\windows\system32\hkcmd.exe [ ] () Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation) HKCU\...\Run: [KPeerNexonEU] - C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe [438272 2012-08-07] (NEXON Inc.) HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\KRYSTIAN\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.) HKCU\...\Run: [uTorrent] - "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED HKCU\...\Run: [Pokki] - C:\Users\KRYSTIAN\AppData\Local\Pokki\v0.260.11.291\pokki.exe [5721880 2013-02-28] (Pokki) HKCU\...\Run: [ares] - C:\Program Files (x86)\Ares\Ares.exe [3209216 2012-02-02] (Ares Development Group) HKCU\...\Run: [Browser Infrastructure Helper] - C:\Users\KRYSTIAN\AppData\Local\Smartbar\Application\Linkury.exe [20248 2013-06-05] (Smartbar) HKCU\...\Run: [NextLive] - C:\windows\SysWOW64\rundll32.exe "C:\Users\KRYSTIAN\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l HKCU\...\Runonce: [Application Restart #0] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --flag-switches-begin --flag-switches-end --restore-last-session -- http://feed.helperbar.com/?publisher=OC&dpid=OC&co=PL&userid=6b485f58-a3b1-4533-b5fa-a9518c44204c&affid=111583&searchtype=hp&babsrc=lnkry_nt&installDate={installDate} MountPoints2: E - E:\AutoRun.exe MountPoints2: F - F:\AutoRun.exe MountPoints2: {0bf7f419-6473-11e2-ba91-e840f2bec712} - E:\AutoRun.exe MountPoints2: {12c62a83-b877-11e2-b2e3-24ec9911967e} - G:\HTC_Sync_Manager_PC.exe MountPoints2: {1767fb2f-64c9-11e3-821c-24ec9911967e} - E:\AutoRun.exe MountPoints2: {1767fb6a-64c9-11e3-821c-24ec9911967e} - F:\AutoRun.exe MountPoints2: {1767fb7d-64c9-11e3-821c-24ec9911967e} - E:\AutoRun.exe MountPoints2: {1767fb94-64c9-11e3-821c-24ec9911967e} - E:\AutoRun.exe MountPoints2: {20e366e0-d5aa-11e1-a7c9-e840f2bec712} - E:\AutoRun.exe MountPoints2: {20e366f6-d5aa-11e1-a7c9-e840f2bec712} - E:\AutoRun.exe MountPoints2: {20e495de-469f-11e2-8182-806e6f6e6963} - E:\AutoRun.exe MountPoints2: {25308b0d-452c-11e2-bbce-e840f2bec712} - E:\AutoRun.exe MountPoints2: {285f36d0-a599-11e2-bb49-24ec9911967e} - E:\AutoRun.exe MountPoints2: {4ad82996-d0cb-11e1-9540-e840f2bec712} - E:\windows\Install\Install.exe MountPoints2: {4de0c817-e95e-11e1-94f0-e840f2bec712} - F:\AutoRun.exe MountPoints2: {532a217b-639f-11e2-b7fa-e840f2bec712} - F:\AutoRun.exe MountPoints2: {532a217f-639f-11e2-b7fa-e840f2bec712} - F:\AutoRun.exe MountPoints2: {532a21a7-639f-11e2-b7fa-e840f2bec712} - E:\AutoRun.exe MountPoints2: {67503022-80b0-11e2-87fb-24ec9911967e} - E:\AutoRun.exe MountPoints2: {76f82a14-8a1d-11e2-a456-24ec9911967e} - E:\AutoRun.exe MountPoints2: {7f4b4541-8bbc-11e2-829e-24ec9911967e} - E:\AutoRun.exe MountPoints2: {7f4b4544-8bbc-11e2-829e-24ec9911967e} - E:\AutoRun.exe MountPoints2: {99e06b8a-4392-11e2-9a82-806e6f6e6963} - E:\AutoRun.exe MountPoints2: {d4805921-a722-11e2-a099-24ec9911967e} - E:\AutoRun.exe MountPoints2: {dbb1e057-48ee-11e2-afae-e840f2bec712} - F:\AutoRun.exe MountPoints2: {e347e2c9-7d8d-11e2-818c-24ec9911967e} - F:\AutoRun.exe MountPoints2: {e347e2d8-7d8d-11e2-818c-24ec9911967e} - E:\AutoRun.exe HKLM-x32\...\Run: [NBAgent] - C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe [1492264 2011-11-18] (Nero AG) HKLM-x32\...\Run: [ITSecMng] - C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [80840 2011-04-02] (TOSHIBA CORPORATION) HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-05] (Intel Corporation) HKLM-x32\...\Run: [4StoryPrePatch] - C:\Program Files (x86)\Gameforge4D\4Story_PL\PrePatch.exe HKLM-x32\...\Run: [SweetIM] - C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe [115032 2012-05-29] (SweetIM Technologies Ltd.) HKLM-x32\...\Run: [Sweetpacks Communicator] - C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe [295728 2012-02-26] (SweetIM Technologies Ltd.) HKLM-x32\...\Run: [20131121] - C:\Program Files\AVAST Software\Avast\Setup\emupdate\b7d1d2d8-895f-47f4-af20-cd2bfb0f9dd9.exe [180184 2013-11-23] (AVAST Software) HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2013-12-20] (AVAST Software) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3806544 2013-11-29] (LogMeIn Inc.) HKLM-x32\...\Run: [mobilegeni daemon] - C:\Program Files (x86)\Mobogenie\DaemonProcess.exe [761024 2013-12-13] () HKU\Default\...\Run: [TOPI.EXE] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe [846936 2011-05-16] (TOSHIBA) HKU\Default User\...\Run: [TOPI.EXE] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe [846936 2011-05-16] (TOSHIBA) AppInit_DLLs: [ ] () AppInit_DLLs-x32: c:\progra~3\browse~2\261070~1.41\{c16c1~1\browse~1.dll c:\progra~3\browse~1\23787~1.43\{16cdf~1\browse~1.dll [ ] () Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.helperbar.com/?publisher=OC&dpid=OC&co=PL&userid=6b485f58-a3b1-4533-b5fa-a9518c44204c&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}&installDate=01/01/1970 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.pl/ HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TEUA&bmod=TEUA HKCU\Software\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = http://search.babylon.com/?affID=111434&tt=2912_3&babsrc=HP_ss&mntrId=a874f092000000000000000000000000 HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.helperbar.com/?publisher=OC&dpid=OC&co=PL&userid=6b485f58-a3b1-4533-b5fa-a9518c44204c&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}&installDate=01/01/1970 HKCU\Software\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = http://search.babylon.com/?affID=110819&tt=bandext_3312_5&babsrc=HP_ss&mntrId=a874f092000000000000000000000000 HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie URLSearchHook: HKLM-x32 - Default Value = {FE69C007-C452-4d3e-86D2-1730DF8BC871} URLSearchHook: HKLM-x32 - SimilarSites - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files (x86)\SimilarSites\SimilarSites.dll (SimilarGroup) SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM - {186325AA-BC55-4A7D-AC8A-CF778A214C0E} URL = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1Qzu0EzzyEtD0FtB0B0E0CyBtCtB0FtDzytBtN0D0Tzu0StBtCtAtN1L2XzutBtFtCtFtCtFtAtCtB&cr=136465382 SearchScopes: HKLM - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://www.searchya.com/?q={searchTerms}&s=1&a=foxtab&chnl=tc-100&cd=2XzuyEtN2Y1L1Qzu0EzzyEtD0FtB0B0E0CyBtCtB0FtDzytBtN0D0Tzu0StBtAtCtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1103773402 SearchScopes: HKLM-x32 - Backup.Old.DefaultScope {186325AA-BC55-4A7D-AC8A-CF778A214C0E} SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=PL&userid=6b485f58-a3b1-4533-b5fa-a9518c44204c&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms} SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 - {186325AA-BC55-4A7D-AC8A-CF778A214C0E} URL = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1Qzu0EzzyEtD0FtB0B0E0CyBtCtB0FtDzytBtN0D0Tzu0StBtCtAtN1L2XzutBtFtCtFtCtFtAtCtB&cr=136465382 SearchScopes: HKLM-x32 - {7B41491E-A5E4-8C17-DD13-06D9E0FCD456} URL = http://search.sweetim.com/search.asp?src=6&crg=3.31010003&st=12&q={searchTerms} SearchScopes: HKLM-x32 - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10002&barid={C91886F1-EC60-11E1-B5FA-E840F2BEC712} SearchScopes: HKCU - Backup.Old.DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} SearchScopes: HKCU - BrowserMngrDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.helperbar.com/?publisher=OC&dpid=OC&co=PL&userid=6b485f58-a3b1-4533-b5fa-a9518c44204c&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}&installDate=01/01/1970 BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Linkury SmartbarEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\System32\mscoree.dll (Microsoft Corporation) BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll () BHO-x32: No Name - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No File BHO-x32: No Name - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - No File BHO-x32: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll No File BHO-x32: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll () BHO-x32: Yontoo - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - No File Toolbar: HKLM - Linkury Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\System32\mscoree.dll (Microsoft Corporation) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File Toolbar: HKLM-x32 - SimilarSites - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files (x86)\SimilarSites\SimilarSites.dll (SimilarGroup) Toolbar: HKLM-x32 - No Name - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No File Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File DPF: HKLM-x32 {92ECE6FA-AC2E-4042-BFAE-0C8608E52A43} https://www.bph.pl/sezam/components/SignActivX.cab Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.0.1\ViProtocol.dll () Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.1 Tcpip\..\Interfaces\{60A130D4-76BE-4251-BAE0-7570F02EC58E}: [NameServer]213.158.199.1 213.158.199.5 FireFox: ======== FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL No File FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.0.1\\npsitesafety.dll (AVG Technologies) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\progra~2\mcafee\msc\npmcsn~1.dll No File FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG) FF Plugin-x32: @nexon.net/NxGame - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon) FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\KRYSTIAN\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\KRYSTIAN\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Extension: FTdownloader - C:\Users\KRYSTIAN\AppData\Roaming\Mozilla\Firefox\profiles\extensions\ftdownloader@ftdownloader.com.xpi FF Extension: PutLockerDownloader - C:\Users\KRYSTIAN\AppData\Roaming\Mozilla\Firefox\profiles\extensions\putlockerdownloader@putlockerdownloader.com.xpi FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\addon FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore ==================== Services (Whitelisted) ================= R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-20] (AVAST Software) R2 GFNEXSrv; C:\Windows\System32\GFNEXSrv.exe [162824 2010-09-10] () R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-01-29] (Nero AG) S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [224096 2011-06-17] () R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377104 2013-10-11] (LogMeIn, Inc.) S3 npggsvc; C:\windows\SysWow64\GameMon.des [3889424 2011-08-02] (INCA Internet Co., Ltd.) R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () R2 RemoteEngineService; C:\Program Files (x86)\VuuPC\remoteengine.exe [2967568 2013-12-21] (ClickMeIn Limited) R2 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH) R2 vToolbarUpdater14.0.1; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe [945328 2013-01-25] () R2 VuuPCConnectivity; C:\Program Files (x86)\VuuPC\Connectivity.exe [4747280 2013-12-21] (ClickMeIn Limited) S3 xsherlock; C:\windows\SysWow64\xsherlock.xem [675936 2012-07-29] (Wellbia.com Co., Ltd.) S2 fsproflt; C:\windows\SysWOW64\fsproflt.exe [x] S3 McAWFwk; c:\PROGRA~1\mcafee\msc\mcawfwk.exe [x] ==================== Drivers (Whitelisted) ==================== R0 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-10-31] (AVAST Software) R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [78648 2013-12-20] (AVAST Software) R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [92544 2013-12-20] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-20] () R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [1034464 2013-12-20] (AVAST Software) R1 aswSP; C:\windows\system32\drivers\aswSP.sys [422216 2013-12-20] (AVAST Software) R3 aswStm; C:\windows\system32\drivers\aswStm.sys [79672 2013-12-20] (AVAST Software) R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-12-19] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2013-12-20] () R1 avgtp; C:\windows\system32\drivers\avgtpx64.sys [37720 2013-01-25] (AVG Technologies) R0 FSProFilter; C:\Windows\System32\Drivers\FSPFltd.sys [54848 2010-07-22] (FSPro Labs) S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [239104 2012-09-18] (Huawei Technologies Co., Ltd.) S3 NPPTNT2; C:\windows\SysWow64\npptNT2.sys [4682 2005-01-01] (INCA Internet Co., Ltd.) R3 RtkBtFilter; C:\Windows\System32\DRIVERS\RtkBtfilter.sys [21096 2012-01-05] (Realtek Microelectronics) R3 RTL8192Ce; C:\Windows\System32\DRIVERS\rtwlane.sys [1082472 2012-01-17] (Realtek Semiconductor Corporation ) S3 ss_bserd; C:\Windows\System32\DRIVERS\ss_bserd.sys [128000 2009-09-19] (MCCI Corporation) S1 tcpipBM; No ImagePath S3 zte_cdc_acm; C:\Windows\System32\DRIVERS\zte_cdc_acm.sys [79872 2011-08-10] (ZTE) S3 zte_cpo; C:\Windows\System32\DRIVERS\zte_cpo.sys [14336 2011-08-10] (ZTE) S0 BMLoad; system32\drivers\BMLoad.sys [x] S3 dump_wmimmc; \??\C:\AeriaGames\WolfTeam-PL\GameGuard\dump_wmimmc.sys [x] S3 EagleX64; \??\C:\windows\system32\drivers\EagleX64.sys [x] U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [119296 2008-04-17] (Huawei Technologies Co., Ltd.) S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [x] S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [x] S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [x] S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [x] S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [x] S3 TDEIO; \??\C:\Windows\SysWOW64\sysprep\BOOTPRIO\tdeio64.sys [x] U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] () S3 xspirit; \??\C:\windows\xspirit.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-12-22 09:00 - 2013-12-22 09:00 - 00025609 _____ C:\Users\KRYSTIAN\Downloads\FRST.txt 2013-12-22 09:00 - 2013-12-22 09:00 - 00000000 ____D C:\FRST 2013-12-22 08:58 - 2013-12-22 08:59 - 02193141 _____ (Farbar) C:\Users\KRYSTIAN\Downloads\FRST64.exe 2013-12-22 08:14 - 2005-10-16 18:46 - 00000399 _____ C:\Users\KRYSTIAN\Downloads\czytaj.txt 2013-12-22 08:12 - 2013-12-22 08:12 - 00602112 _____ (OldTimer Tools) C:\Users\KRYSTIAN\Downloads\OTL.exe 2013-12-22 07:33 - 2013-12-22 07:34 - 00000000 ____D C:\Users\KRYSTIAN\AppData\Roaming\iSafe 2013-12-22 07:33 - 2013-12-22 07:33 - 00000000 ____D C:\windows\system32\log 2013-12-22 07:33 - 2013-12-22 07:33 - 00000000 ____D C:\Users\KRYSTIAN\AppData\Roaming\eCyber 2013-12-22 07:26 - 2013-12-22 07:26 - 00000000 ____D C:\Users\KRYSTIAN\AppData\Roaming\0C1I1L1R1J0M1P0I1G 2013-12-22 07:25 - 2013-12-22 07:25 - 00000000 ____D C:\Users\KRYSTIAN\AppData\Roaming\systweak 2013-12-22 07:25 - 2013-12-22 07:25 - 00000000 ____D C:\Program Files (x86)\RegClean Pro 2013-12-22 07:25 - 2012-01-20 14:14 - 00018816 _____ (Systweak Inc., (www.systweak.com)) C:\windows\system32\roboot64.exe 2013-12-22 07:24 - 2013-12-22 08:03 - 00000000 ____D C:\Users\KRYSTIAN\AppData\Local\Mobogenie 2013-12-22 07:24 - 2013-12-22 07:49 - 00000000 ____D C:\Users\KRYSTIAN\AppData\Local\genienext 2013-12-22 07:24 - 2013-12-22 07:48 - 00000000 ____D C:\Users\KRYSTIAN\AppData\Roaming\newnext.me 2013-12-22 07:24 - 2013-12-22 07:46 - 00000530 _____ C:\Users\KRYSTIAN\daemonprocess.txt 2013-12-22 07:24 - 2013-12-22 07:24 - 00000000 ____D C:\Users\KRYSTIAN\Documents\Mobogenie 2013-12-22 07:24 - 2013-12-22 07:24 - 00000000 ____D C:\Users\KRYSTIAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VuuPC 2013-12-22 07:24 - 2013-12-22 07:24 - 00000000 ____D C:\Users\KRYSTIAN\AppData\Local\cache 2013-12-22 07:24 - 2013-12-22 07:24 - 00000000 ____D C:\Users\KRYSTIAN\.android 2013-12-22 07:23 - 2013-12-22 07:25 - 00000000 ____D C:\Program Files (x86)\VuuPC 2013-12-22 07:23 - 2013-12-22 07:24 - 00000000 ____D C:\Program Files (x86)\Mobogenie 2013-12-22 07:23 - 2013-12-22 07:23 - 00000994 _____ C:\Users\KRYSTIAN\Desktop\Mobogenie.lnk 2013-12-22 07:23 - 2013-12-22 07:23 - 00000000 ____D C:\Users\KRYSTIAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie 2013-12-21 07:53 - 2013-12-21 07:53 - 261885952 _____ C:\Users\KRYSTIAN\Documents\Dysk Ratunkowy Toshiba.iso 2013-12-21 07:45 - 2013-12-21 07:45 - 00000000 ____D C:\Program Files (x86)\Windows Kits 2013-12-21 07:37 - 2013-12-21 07:45 - 00000000 ____D C:\Users\KRYSTIAN\Documents\AvastPEToolkit 2013-12-21 07:14 - 2013-12-22 07:36 - 00047937 _____ C:\windows\IE11_main.log 2013-12-21 06:54 - 2013-12-21 06:54 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi 2013-12-21 06:50 - 2013-12-22 07:38 - 00001822 _____ C:\windows\PFRO.log 2013-12-21 06:50 - 2013-12-21 06:51 - 00346352 _____ C:\windows\system32\FNTCACHE.DAT 2013-12-21 06:37 - 2013-12-21 06:37 - 00085752 _____ C:\Users\KRYSTIAN\AppData\Local\GDIPFONTCACHEV1.DAT 2013-12-21 06:31 - 2013-12-22 07:47 - 00000706 _____ C:\windows\setupact.log 2013-12-21 06:31 - 2013-12-21 06:31 - 00000000 _____ C:\windows\setuperr.log 2013-12-20 21:09 - 2013-12-20 21:09 - 00000000 ____D C:\Users\KRYSTIAN\AppData\Roaming\AVAST Software 2013-12-20 20:59 - 2013-12-20 21:11 - 00079672 _____ (AVAST Software) C:\windows\system32\Drivers\aswstm.sys 2013-12-14 15:16 - 2013-12-14 15:16 - 00001018 _____ C:\Users\Public\Desktop\blueconnect.lnk 2013-12-14 15:16 - 2008-04-17 15:48 - 01003008 _____ (DiBcom SA) C:\windows\system32\Drivers\mod7700.sys 2013-12-14 15:16 - 2008-04-17 15:47 - 00119296 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\ewusbnet.sys 2013-12-14 15:16 - 2008-04-17 15:47 - 00117120 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\ewusbfake.sys 2013-12-14 15:16 - 2008-04-17 15:47 - 00115328 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\ewusbmdm.sys 2013-12-14 15:16 - 2008-04-17 15:45 - 00029696 _____ (Huawei Tech. Co., Ltd.) C:\windows\system32\Drivers\ewdcsc.sys ==================== One Month Modified Files and Folders ======= 2013-12-22 09:00 - 2013-12-22 09:00 - 00025609 _____ C:\Users\KRYSTIAN\Downloads\FRST.txt 2013-12-22 09:00 - 2013-12-22 09:00 - 00000000 ____D C:\FRST 2013-12-22 09:00 - 2012-04-15 02:02 - 01389616 _____ C:\windows\WindowsUpdate.log 2013-12-22 08:59 - 2013-12-22 08:58 - 02193141 _____ (Farbar) C:\Users\KRYSTIAN\Downloads\FRST64.exe 2013-12-22 08:45 - 2012-02-26 21:43 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job 2013-12-22 08:13 - 2009-07-14 05:45 - 00024608 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-12-22 08:13 - 2009-07-14 05:45 - 00024608 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-12-22 08:12 - 2013-12-22 08:12 - 00602112 _____ (OldTimer Tools) C:\Users\KRYSTIAN\Downloads\OTL.exe 2013-12-22 08:03 - 2013-12-22 07:24 - 00000000 ____D C:\Users\KRYSTIAN\AppData\Local\Mobogenie 2013-12-22 07:50 - 2012-08-01 11:47 - 00000000 ____D C:\Users\KRYSTIAN\AppData\Local\LogMeIn Hamachi 2013-12-22 07:49 - 2013-12-22 07:24 - 00000000 ____D C:\Users\KRYSTIAN\AppData\Local\genienext 2013-12-22 07:49 - 2012-08-24 12:52 - 00000000 ____D C:\Users\KRYSTIAN\Documents\Bluetooth 2013-12-22 07:48 - 2013-12-22 07:24 - 00000000 ____D C:\Users\KRYSTIAN\AppData\Roaming\newnext.me 2013-12-22 07:47 - 2013-12-21 06:31 - 00000706 _____ C:\windows\setupact.log 2013-12-22 07:47 - 2013-05-09 18:26 - 00000000 ____D C:\Users\KRYSTIAN\AppData\Local\HTC MediaHub 2013-12-22 07:47 - 2013-01-31 17:03 - 00000342 _____ C:\windows\Tasks\spmonitor.job 2013-12-22 07:47 - 2013-01-31 17:03 - 00000264 _____ C:\windows\Tasks\SpeedUpMyPC.job 2013-12-22 07:47 - 2013-01-25 11:19 - 00000354 _____ C:\windows\Tasks\ROC_JAN2013_TB_rmv.job 2013-12-22 07:47 - 2012-08-22 13:43 - 00000386 ____H C:\windows\Tasks\OptimizerPro1UpdaterTask{F9865E89-F9A8-492E-910C-2FD65ED6A6B3}.job 2013-12-22 07:47 - 2009-07-14 06:08 - 00000006 ____H C:\windows\Tasks\SA.DAT 2013-12-22 07:46 - 2013-12-22 07:24 - 00000530 _____ C:\Users\KRYSTIAN\daemonprocess.txt 2013-12-22 07:38 - 2013-12-21 06:50 - 00001822 _____ C:\windows\PFRO.log 2013-12-22 07:36 - 2013-12-21 07:14 - 00047937 _____ C:\windows\IE11_main.log 2013-12-22 07:34 - 2013-12-22 07:33 - 00000000 ____D C:\Users\KRYSTIAN\AppData\Roaming\iSafe 2013-12-22 07:33 - 2013-12-22 07:33 - 00000000 ____D C:\windows\system32\log 2013-12-22 07:33 - 2013-12-22 07:33 - 00000000 ____D C:\Users\KRYSTIAN\AppData\Roaming\eCyber 2013-12-22 07:26 - 2013-12-22 07:26 - 00000000 ____D C:\Users\KRYSTIAN\AppData\Roaming\0C1I1L1R1J0M1P0I1G 2013-12-22 07:25 - 2013-12-22 07:25 - 00000000 ____D C:\Users\KRYSTIAN\AppData\Roaming\systweak 2013-12-22 07:25 - 2013-12-22 07:25 - 00000000 ____D C:\Program Files (x86)\RegClean Pro 2013-12-22 07:25 - 2013-12-22 07:23 - 00000000 ____D C:\Program Files (x86)\VuuPC 2013-12-22 07:24 - 2013-12-22 07:24 - 00000000 ____D C:\Users\KRYSTIAN\Documents\Mobogenie 2013-12-22 07:24 - 2013-12-22 07:24 - 00000000 ____D C:\Users\KRYSTIAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VuuPC 2013-12-22 07:24 - 2013-12-22 07:24 - 00000000 ____D C:\Users\KRYSTIAN\AppData\Local\cache 2013-12-22 07:24 - 2013-12-22 07:24 - 00000000 ____D C:\Users\KRYSTIAN\.android 2013-12-22 07:24 - 2013-12-22 07:23 - 00000000 ____D C:\Program Files (x86)\Mobogenie 2013-12-22 07:24 - 2012-07-18 12:01 - 00000000 ____D C:\Users\KRYSTIAN 2013-12-22 07:23 - 2013-12-22 07:23 - 00000994 _____ C:\Users\KRYSTIAN\Desktop\Mobogenie.lnk 2013-12-22 07:23 - 2013-12-22 07:23 - 00000000 ____D C:\Users\KRYSTIAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie 2013-12-22 07:15 - 2012-02-26 21:49 - 00000000 ____D C:\Program Files (x86)\Google 2013-12-22 07:14 - 2011-02-14 10:01 - 00698598 _____ C:\windows\system32\perfh015.dat 2013-12-22 07:14 - 2011-02-14 10:01 - 00135418 _____ C:\windows\system32\perfc015.dat 2013-12-22 07:14 - 2009-07-14 06:13 - 01551484 _____ C:\windows\system32\PerfStringBackup.INI 2013-12-22 06:28 - 2013-05-12 11:23 - 00000940 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3622142945-2400907622-1277845213-1001UA.job 2013-12-21 12:28 - 2013-05-12 11:23 - 00000918 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3622142945-2400907622-1277845213-1001Core.job 2013-12-21 07:53 - 2013-12-21 07:53 - 261885952 _____ C:\Users\KRYSTIAN\Documents\Dysk Ratunkowy Toshiba.iso 2013-12-21 07:45 - 2013-12-21 07:45 - 00000000 ____D C:\Program Files (x86)\Windows Kits 2013-12-21 07:45 - 2013-12-21 07:37 - 00000000 ____D C:\Users\KRYSTIAN\Documents\AvastPEToolkit 2013-12-21 07:29 - 2012-02-26 21:50 - 00000000 ____D C:\Program Files\Google 2013-12-21 07:27 - 2012-07-18 12:34 - 00000000 ____D C:\Users\KRYSTIAN\AppData\Local\Google 2013-12-21 07:27 - 2012-02-26 21:49 - 00000000 ____D C:\ProgramData\Google 2013-12-21 07:18 - 2009-07-14 06:08 - 00032604 _____ C:\windows\Tasks\SCHEDLGU.TXT 2013-12-21 06:54 - 2013-12-21 06:54 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi 2013-12-21 06:51 - 2013-12-21 06:50 - 00346352 _____ C:\windows\system32\FNTCACHE.DAT 2013-12-21 06:47 - 2013-06-06 08:31 - 00000000 ____D C:\Users\KRYSTIAN\AppData\Roaming\Media Player Classic 2013-12-21 06:37 - 2013-12-21 06:37 - 00085752 _____ C:\Users\KRYSTIAN\AppData\Local\GDIPFONTCACHEV1.DAT 2013-12-21 06:31 - 2013-12-21 06:31 - 00000000 _____ C:\windows\setuperr.log 2013-12-21 06:24 - 2012-12-22 11:51 - 00000000 ____D C:\Users\KRYSTIAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FTDownloader.com 2013-12-21 06:19 - 2013-01-27 10:52 - 00000000 ____D C:\windows\Minidump 2013-12-20 22:26 - 2012-08-19 11:07 - 00000000 ____D C:\Program Files\CCleaner 2013-12-20 21:11 - 2013-12-20 20:59 - 00079672 _____ (AVAST Software) C:\windows\system32\Drivers\aswstm.sys 2013-12-20 21:09 - 2013-12-20 21:09 - 00000000 ____D C:\Users\KRYSTIAN\AppData\Roaming\AVAST Software 2013-12-20 20:59 - 2013-07-10 10:08 - 00207904 _____ C:\windows\system32\Drivers\aswVmm.sys 2013-12-20 20:59 - 2013-07-10 10:08 - 00065776 _____ C:\windows\system32\Drivers\aswRvrt.sys 2013-12-20 20:59 - 2013-06-02 11:26 - 01034464 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys 2013-12-20 20:59 - 2013-06-02 11:26 - 00422216 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys 2013-12-20 20:59 - 2013-06-02 11:26 - 00092544 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys 2013-12-20 20:59 - 2013-06-02 11:26 - 00078648 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys 2013-12-20 20:59 - 2013-06-02 11:26 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr 2013-12-20 20:59 - 2012-08-19 20:41 - 00334136 _____ (AVAST Software) C:\windows\system32\aswBoot.exe 2013-12-20 20:56 - 2012-08-19 20:41 - 00000000 ____D C:\ProgramData\AVAST Software 2013-12-20 20:56 - 2012-08-19 20:41 - 00000000 _____ C:\windows\SysWOW64\config.nt 2013-12-20 20:28 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\NDF 2013-12-19 14:11 - 2013-06-02 11:26 - 00064288 _____ (AVAST Software) C:\windows\system32\Drivers\aswTdi.sys 2013-12-14 15:36 - 2012-08-17 18:25 - 00000000 ____D C:\Users\KRYSTIAN\AppData\Local\Akamai 2013-12-14 15:36 - 2012-07-24 17:12 - 00000000 ____D C:\Program Files (x86)\blueconnect 2013-12-14 15:36 - 2012-02-26 21:43 - 00000000 ____D C:\windows\SysWOW64\Macromed 2013-12-14 15:36 - 2012-02-26 21:43 - 00000000 ____D C:\windows\system32\Macromed 2013-12-14 15:36 - 2009-07-14 04:20 - 00000000 ____D C:\windows\registration 2013-12-14 15:36 - 2009-07-14 04:20 - 00000000 ____D C:\windows\AppCompat 2013-12-14 15:16 - 2013-12-14 15:16 - 00001018 _____ C:\Users\Public\Desktop\blueconnect.lnk 2013-12-14 15:02 - 2012-07-24 17:12 - 00000000 ____D C:\ProgramData\DatacardService 2013-12-11 08:47 - 2012-02-26 21:43 - 00692616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe 2013-12-11 08:47 - 2012-02-26 21:43 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-12-10 10:48 - 2013-09-29 08:44 - 00000000 ____D C:\Users\KRYSTIAN\Desktop\Sprzedaż mieszkania 2013-12-10 10:48 - 2013-09-19 08:29 - 00000000 ____D C:\Users\KRYSTIAN\Desktop\kredyt 2013-12-06 13:53 - 2013-08-31 17:46 - 00000000 ____D C:\Users\KRYSTIAN\Desktop\muzyka 2013-11-26 12:25 - 2010-11-21 04:27 - 00267936 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe Some content of TEMP: ==================== C:\Users\KRYSTIAN\AppData\Local\Temp\ICReinstall_nst42F0.tmp.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-12-21 11:47 ==================== End Of Log ============================