Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-02-2014 Ran by win7 (administrator) on WIN7-KOMPUTER on 09-02-2014 01:26:13 Running from C:\Users\win7\Downloads Windows 7 Ultimate (X64) OS Language: Polish Internet Explorer Version 8 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Microsoft Corporation) C:\Windows\System32\audiodg.exe (Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe () C:\Windows\SysWOW64\ASGT.exe () C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Pandora.TV) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe (Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe () C:\Program Files (x86)\BatBrowse\updateBatBrowse.exe () C:\Program Files (x86)\BatBrowse\bin\utilBatBrowse.exe (AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Akamai Technologies, Inc.) C:\Users\win7\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) C:\Users\win7\AppData\Local\Akamai\netsession_win.exe (Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe () C:\Program Files (x86)\AVG Secure Search\vprot.exe (Ask) C:\Program Files (x86)\Ask.com\Updater\Updater.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe () C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe () C:\Program Files (x86)\Mobogenie\DaemonProcess.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\osk.exe () C:\Program Files (x86)\Mobogenie\mgusb.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation) HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6468712 2012-03-20] (Realtek Semiconductor) HKLM-x32\...\Run: [WinampAgent] - C:\Program Files (x86)\Winamp\winampa.exe [37888 2010-05-25] (Nullsoft, Inc.) HKLM-x32\...\Run: [vProt] - C:\Program Files (x86)\AVG Secure Search\vprot.exe [2552856 2014-02-03] () HKLM-x32\...\Run: [] - [X] HKLM-x32\...\Run: [ApnUpdater] - C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1648264 2013-04-25] (Ask) HKLM-x32\...\Run: [Regedit32] - C:\Windows\SysWOW64\regedit.exe [398336 2009-07-14] (Microsoft Corporation) HKLM-x32\...\Run: [widfafocsynw] - C:\ProgramData\widfafocsynw.exe [47616 2013-09-20] (1C) HKLM-x32\...\Run: [zunirogyzfyp] - C:\ProgramData\zunirogyzfyp.exe [47104 2013-09-23] (1C) HKLM-x32\...\Run: [mobilegeni daemon] - C:\Program Files (x86)\Mobogenie\DaemonProcess.exe [746176 2013-11-01] () HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-02-06] (AVAST Software) HKU\.DEFAULT\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe [814472 2013-06-11] (Adobe Systems Incorporated) HKU\S-1-5-21-2985978322-4174081002-1716717453-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [18705664 2013-01-08] (Skype Technologies S.A.) HKU\S-1-5-21-2985978322-4174081002-1716717453-1000\...\Run: [Akamai NetSession Interface] - C:\Users\win7\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.) HKU\S-1-5-21-2985978322-4174081002-1716717453-1000\...\Run: [Regedit32] - C:\Windows\system32\regedit.exe HKU\S-1-5-21-2985978322-4174081002-1716717453-1000\...\Run: [Gadu-Gadu 10] - C:\Program Files (x86)\Gadu-Gadu 10\gg.exe [13374048 2011-07-04] (GG Network S.A.) HKU\S-1-5-21-2985978322-4174081002-1716717453-1000\...\Run: [Softonic for Windows] - C:\Users\win7\AppData\Local\Softonic\Softonic.exe [4140016 2014-01-17] (Softonic) HKU\S-1-5-21-2985978322-4174081002-1716717453-1000\...\Run: [EADM] - C:\Program Files (x86)\Origin\Origin.exe [3598680 2014-01-29] (Electronic Arts) HKU\S-1-5-21-2985978322-4174081002-1716717453-1000\...\Run: [MKLOL] - C:\Program Files (x86)\MKJogo\MKLOL\MK.exe [846536 2014-01-14] (MK) HKU\S-1-5-21-2985978322-4174081002-1716717453-1000\...\Run: [WTFast Tray] - C:\Program Files (x86)\WTFast\WTFast.exe [2949080 2013-12-17] (AAA Internet Publishing, Inc.) HKU\S-1-5-21-2985978322-4174081002-1716717453-1000\...\Run: [widfafocsynw] - C:\Users\win7\widfafocsynw.exe [47616 2013-09-20] (1C) HKU\S-1-5-21-2985978322-4174081002-1716717453-1000\...\Run: [zunirogyzfyp] - C:\Users\win7\zunirogyzfyp.exe [47104 2013-09-23] (1C) HKU\S-1-5-21-2985978322-4174081002-1716717453-1001\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] - C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe [1266712 2013-05-31] (AVG Secure Search) HKU\S-1-5-21-2985978322-4174081002-1716717453-1001\...\Run: [AVG-Secure-Search-Update_JUNE2013_HP] - C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_HP.exe [1266712 2013-06-07] (AVG Secure Search) AppInit_DLLs: c:\progra~3\bitguard\271832~1.68\{c16c1~1\loader.dll => C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\loader.dll [1958880 2013-11-18] () AppInit_DLLs-x32: c:\PROGRA~3\BitGuard\271832~1.68\{C16C1~1\BitGuard.dll => C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll [3618304 2013-11-18] () ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.qone8.com/?type=hp&ts=1383242864&from=cor&uid=ST500DM002-1BD142_Z2AYQQQAXXXXZ2AYQQQA HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://search.babylon.com/?affID=119370&tt=190313_wo1&babsrc=HP_ss_gin2g&mntrId=C2683085A98D4FF2 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.qone8.com/?type=hp&ts=1383242864&from=cor&uid=ST500DM002-1BD142_Z2AYQQQAXXXXZ2AYQQQA HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.qone8.com/?type=hp&ts=1383242864&from=cor&uid=ST500DM002-1BD142_Z2AYQQQAXXXXZ2AYQQQA HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://start.qone8.com/?type=hp&ts=1383242864&from=cor&uid=ST500DM002-1BD142_Z2AYQQQAXXXXZ2AYQQQA URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://start.qone8.com/web/?type=ds&ts=1383242864&from=cor&uid=ST500DM002-1BD142_Z2AYQQQAXXXXZ2AYQQQA&q={searchTerms} SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://start.qone8.com/web/?type=ds&ts=1383242864&from=cor&uid=ST500DM002-1BD142_Z2AYQQQAXXXXZ2AYQQQA&q={searchTerms} SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://start.qone8.com/web/?type=ds&ts=1383242864&from=cor&uid=ST500DM002-1BD142_Z2AYQQQAXXXXZ2AYQQQA&q={searchTerms} SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://start.qone8.com/web/?type=ds&ts=1383242864&from=cor&uid=ST500DM002-1BD142_Z2AYQQQAXXXXZ2AYQQQA&q={searchTerms} SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.delta-search.com/?q={searchTerms}&affID=119370&tt=190313_wo1&babsrc=SP_ss&mntrId=C2683085A98D4FF2 SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://start.qone8.com/web/?type=ds&ts=1383242864&from=cor&uid=ST500DM002-1BD142_Z2AYQQQAXXXXZ2AYQQQA&q={searchTerms} SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={6AB6ACED-1D8F-45DD-A76C-6E8A9DE04C63}&mid=da1fee0c96d44f9081720844c4f27dcc-4546c5d6091a027045a53985070398a815c2493c&lang=pl&ds=ax011&pr=&d=2012-10-08 16:03:16&v=15.2.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms} SearchScopes: HKCU - {AAF47223-F7F5-4ED8-BF00-7E27C8A91EF1} URL = http://www.claro-search.com/?q={searchTerms}&affID=110824&tt=4312_6&babsrc=SP_ss&mntrId=c268b1fa0000000000003085a98d4ff2 SearchScopes: HKCU - {F7FD647C-5D47-4225-9A9F-0C6A64B116C2} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=U3&apn_dtid=OSJ000YYPL&apn_uid=3B8798F8-C8CB-44C5-ABB4-B9137B1BC065&apn_sauid=37078711-FDCC-41BA-AA84-8BB4D085D8C7 BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Claro LTD Helper Object - {000F18F2-09EB-4A59-82B2-5AE4184C39C3} - C:\Program Files (x86)\Claro LTD\claro\1.8.3.10\bh\claro.dll (Montera Technologeis LTD) BHO-x32: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) BHO-x32: mixidj Helper Object - {4D6A9BBF-402C-4301-B1EF-28D04F71D761} - C:\Program Files (x86)\mixidj\mixidj\1.8.4.1\bh\mixidj.dll (MixiDJ) BHO-x32: SaveSense - {71e129ff-6c2a-4984-818c-7e2c998b8d99} - C:\Users\win7\AppData\Local\SaveSense\SaveSenseIE.dll (SaveSense) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\17.3.0.49\AVG Secure Search_toolbar.dll (AVG Secure Search) BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.10.0\bh\delta.dll (Delta-search.com) BHO-x32: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: BonanzaDeals - {fe063412-bea4-4d76-8ed3-183be6220d17} - C:\Program Files (x86)\BonanzaDeals\BonanzaDealsIE.dll (BonanzaDeals) Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) Toolbar: HKLM-x32 - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\17.3.0.49\AVG Secure Search_toolbar.dll (AVG Secure Search) Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) Toolbar: HKLM-x32 - Claro LTD Toolbar - {9E131A93-EED7-4BEB-B015-A0ADB30B5646} - C:\Program Files (x86)\Claro LTD\claro\1.8.3.10\claroTlbr.dll (Montera Technologeis LTD) Toolbar: HKLM-x32 - MixiDJ Toolbar - {CA9B9C89-4662-4ADC-9C23-A452BECD5D19} - C:\Program Files (x86)\mixidj\mixidj\1.8.4.1\mixidjTlbr.dll (MixiDJ) Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.10.0\deltaTlbr.dll (Delta-search.com) Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll (AVG Secure Search) Winsock: Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll" Winsock: Catalog9 01 C:\Windows\SysWOW64\WTFastDrv.dll [72296] (Initex) Winsock: Catalog9 02 C:\Windows\SysWOW64\WTFastDrv.dll [72296] (Initex) Winsock: Catalog9 03 C:\Windows\SysWOW64\WTFastDrv.dll [72296] (Initex) Winsock: Catalog9 04 C:\Windows\SysWOW64\WTFastDrv.dll [72296] (Initex) Winsock: Catalog9 15 C:\Windows\SysWOW64\WTFastDrv.dll [72296] (Initex) Winsock: Catalog5-x64 01 %SystemRoot%\System32\mswsock.dll [320000] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll" Winsock: Catalog9-x64 01 %SystemRoot%\system32\WTFastDrv.dll [79464] (Initex) Winsock: Catalog9-x64 02 %SystemRoot%\system32\WTFastDrv.dll [79464] (Initex) Winsock: Catalog9-x64 03 %SystemRoot%\system32\WTFastDrv.dll [79464] (Initex) Winsock: Catalog9-x64 04 %SystemRoot%\system32\WTFastDrv.dll [79464] (Initex) Winsock: Catalog9-x64 15 %SystemRoot%\system32\WTFastDrv.dll [79464] (Initex) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 FireFox: ======== FF ProfilePath: C:\Users\win7\AppData\Roaming\Mozilla\Firefox\Profiles\j62p4v99.default FF user.js: detected! => C:\Users\win7\AppData\Roaming\Mozilla\Firefox\Profiles\j62p4v99.default\user.js FF NewTab: user_pref("browser.newtab.url", ""); FF DefaultSearchEngine: qone8 FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", ""); FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", ""); FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll () FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.) FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.3.0\\npsitesafety.dll (AVG Technologies) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin-x32: @tools.bdupdater.com/BonanzaDealsLive Update;version=3 - C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll (BonanzaDeals) FF Plugin-x32: @tools.bdupdater.com/BonanzaDealsLive Update;version=9 - C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll (BonanzaDeals) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.updaterss.com/SaveSenseLive Update;version=3 - C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll No File FF Plugin-x32: @tools.updaterss.com/SaveSenseLive Update;version=9 - C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll No File FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @nsroblox.roblox.com/launcher - C:\Users\win7\AppData\Local\Roblox\Versions\version-3ebe0cca16b6421c\\NPRobloxProxy.dll ( Roblox Corporation) FF SearchPlugin: C:\Users\win7\AppData\Roaming\Mozilla\Firefox\Profiles\j62p4v99.default\searchplugins\askcom.xml FF SearchPlugin: C:\Users\win7\AppData\Roaming\Mozilla\Firefox\Profiles\j62p4v99.default\searchplugins\babylon.xml FF SearchPlugin: C:\Users\win7\AppData\Roaming\Mozilla\Firefox\Profiles\j62p4v99.default\searchplugins\delta.xml FF SearchPlugin: C:\Users\win7\AppData\Roaming\Mozilla\Firefox\Profiles\j62p4v99.default\searchplugins\mixidj.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\qone8.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml FF Extension: Delta Toolbar - C:\Users\win7\AppData\Roaming\Mozilla\Firefox\Profiles\j62p4v99.default\Extensions\ffxtlbr@delta.com [2013-03-29] FF Extension: MixiDJ Toolbar - C:\Users\win7\AppData\Roaming\Mozilla\Firefox\Profiles\j62p4v99.default\Extensions\ffxtlbr@mixidj.com [2013-03-09] FF Extension: BatBrowse - C:\Users\win7\AppData\Roaming\Mozilla\Firefox\Profiles\j62p4v99.default\Extensions\firefox@batbrowse.com [2013-11-01] FF Extension: Ask Toolbar - C:\Users\win7\AppData\Roaming\Mozilla\Firefox\Profiles\j62p4v99.default\Extensions\toolbar@ask.com [2013-05-30] FF Extension: SaveSense - C:\Users\win7\AppData\Roaming\Mozilla\Firefox\Profiles\j62p4v99.default\Extensions\{2d7886a0-85bb-4bf2-b684-ba92b4b21d23} [2014-02-06] FF Extension: Foxtab Speed Dial - C:\Users\win7\AppData\Roaming\Mozilla\Firefox\Profiles\j62p4v99.default\Extensions\{5ebdca98-43b3-45bb-87e0-716029fb42ab} [2013-11-01] FF Extension: BonanzaDeals - C:\Users\win7\AppData\Roaming\Mozilla\Firefox\Profiles\j62p4v99.default\Extensions\{f9d03c26-0575-497e-821d-f7956d23e0ca} [2013-11-01] FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\17.3.0.49 FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\17.3.0.49 [2014-01-08] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-06] Chrome: ======= Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION CHR Extension: (avast! Online Security) - C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-02-06] CHR HKLM-x32\...\Chrome\Extension: [boipimhfjpakfgckhbljjengakjhkcbp] - C:\Users\win7\AppData\Roaming\CRMixiDJTB\mixiDJ.crx [2013-02-05] CHR HKLM-x32\...\Chrome\Extension: [ccncljhbalbbkkfgopogabimepmfkmff] - C:\Program Files (x86)\BatBrowse\ccncljhbalbbkkfgopogabimepmfkmff.crx [2013-02-05] CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\win7\AppData\Roaming\BabSolution\CR\Delta.crx [2013-02-05] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-02-06] CHR HKLM-x32\...\Chrome\Extension: [kpepfkjapeclaafmhoelccknpfedainn] - C:\Program Files (x86)\mixidj\mixidj\1.8.4.1\mixidj.crx [2012-11-13] CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\17.3.0.49\avg.crx [2014-01-08] ==================== Services (Whitelisted) ================= R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-06] (AVAST Software) R2 BitGuard; C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe [3780064 2013-11-18] () S2 bonanzadealslive; C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-11-01] (BonanzaDeals) S3 bonanzadealslivem; C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-11-01] (BonanzaDeals) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [163608 2012-03-06] (Intel Corporation) S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3937512 2012-10-03] (INCA Internet Co., Ltd.) R2 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [578264 2011-12-21] (Pandora.TV) R2 Update BatBrowse; C:\Program Files (x86)\BatBrowse\updateBatBrowse.exe [80160 2014-02-05] () R2 Util BatBrowse; C:\Program Files (x86)\BatBrowse\bin\utilBatBrowse.exe [80160 2014-02-05] () R2 vToolbarUpdater17.3.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [1771544 2014-01-08] (AVG Secure Search) R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [499856 2014-01-02] (Cherished Technololgy LIMITED) ==================== Drivers (Whitelisted) ==================== S3 1394ohci; C:\Windows\system32\DRIVERS\1394ohci.sys [227840 2009-07-14] () R0 ACPI; C:\Windows\System32\DRIVERS\ACPI.sys [334416 2009-07-14] () S3 AcpiPmi; C:\Windows\system32\DRIVERS\acpipmi.sys [12288 2009-07-14] () S3 adp94xx; C:\Windows\system32\DRIVERS\adp94xx.sys [491088 2009-07-14] () S3 adpahci; C:\Windows\system32\DRIVERS\adpahci.sys [339536 2009-07-14] () S3 adpu320; C:\Windows\system32\DRIVERS\adpu320.sys [182864 2009-07-14] () R1 AFD; C:\Windows\system32\drivers\afd.sys [500224 2009-07-14] () S3 agp440; C:\Windows\system32\DRIVERS\agp440.sys [61008 2009-07-14] () S3 aliide; C:\Windows\system32\DRIVERS\aliide.sys [15440 2009-07-14] () S3 amdide; C:\Windows\system32\DRIVERS\amdide.sys [15440 2009-07-14] () S3 AmdK8; C:\Windows\system32\DRIVERS\amdk8.sys [64512 2009-07-14] () S3 AmdPPM; C:\Windows\system32\DRIVERS\amdppm.sys [60928 2009-07-14] () S3 amdsata; C:\Windows\system32\DRIVERS\amdsata.sys [106576 2009-07-14] () S3 amdsbs; C:\Windows\system32\DRIVERS\amdsbs.sys [194128 2009-07-14] () R0 amdxata; C:\Windows\System32\DRIVERS\amdxata.sys [28752 2009-07-14] () S3 AppID; C:\Windows\system32\drivers\appid.sys [61440 2009-07-14] () S3 arc; C:\Windows\system32\DRIVERS\arc.sys [87632 2009-07-14] () S3 arcsas; C:\Windows\system32\DRIVERS\arcsas.sys [97856 2009-07-14] () R3 asmthub3; C:\Windows\System32\DRIVERS\asmthub3.sys [130536 2011-11-03] () R3 asmtxhci; C:\Windows\System32\DRIVERS\asmtxhci.sys [395752 2011-11-03] () S1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-02-06] (AVAST Software) S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-02-06] (AVAST Software) S1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2014-02-06] (AVAST Software) S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-02-06] () S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-02-06] (AVAST Software) S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-02-06] (AVAST Software) S3 aswStm; C:\Windows\system32\drivers\aswStm.sys [80184 2014-02-06] (AVAST Software) S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-02-06] () S3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [23040 2009-07-14] () R0 atapi; C:\Windows\System32\DRIVERS\atapi.sys [24128 2009-07-14] () R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [39768 2013-02-11] () S3 b06bdrv; C:\Windows\system32\DRIVERS\bxvbda.sys [468480 2009-06-10] () S3 b57nd60a; C:\Windows\System32\DRIVERS\b57nd60a.sys [270848 2009-06-10] () R1 Beep; C:\Windows\System32\Drivers\Beep.sys [6656 2009-07-14] () R1 blbdrive; C:\Windows\System32\DRIVERS\blbdrive.sys [45056 2009-07-14] () R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [90624 2009-07-14] () S3 BrFiltLo; C:\Windows\system32\DRIVERS\BrFiltLo.sys [18432 2009-06-10] () S3 BrFiltUp; C:\Windows\system32\DRIVERS\BrFiltUp.sys [8704 2009-06-10] () S3 BridgeMP; C:\Windows\System32\DRIVERS\bridge.sys [95232 2009-07-14] () S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [286720 2009-07-14] () S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [47104 2009-06-10] () S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [14976 2009-06-10] () S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [14720 2009-06-10] () S3 BTHMODEM; C:\Windows\system32\DRIVERS\bthmodem.sys [72192 2009-07-14] () S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [92160 2009-07-14] () R1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [147456 2009-07-14] () S3 circlass; C:\Windows\system32\DRIVERS\circlass.sys [45568 2009-07-14] () R0 CLFS; C:\Windows\System32\CLFS.sys [367696 2009-07-14] () S3 CmBatt; C:\Windows\system32\DRIVERS\CmBatt.sys [17664 2009-07-14] () S3 cmdide; C:\Windows\system32\DRIVERS\cmdide.sys [17488 2009-07-14] () R0 CNG; C:\Windows\System32\Drivers\cng.sys [460504 2009-07-14] () S3 Compbatt; C:\Windows\system32\DRIVERS\compbatt.sys [21584 2009-07-14] () R3 CompositeBus; C:\Windows\System32\DRIVERS\CompositeBus.sys [38912 2009-07-14] () S4 crcdisk; C:\Windows\system32\DRIVERS\crcdisk.sys [24144 2009-07-14] () R1 CSC; C:\Windows\System32\drivers\csc.sys [514048 2009-07-14] () R1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [102400 2009-07-14] () R1 discache; C:\Windows\System32\drivers\discache.sys [40448 2009-07-14] () R0 Disk; C:\Windows\System32\DRIVERS\disk.sys [73280 2009-07-14] () S3 drmkaud; C:\Windows\System32\drivers\drmkaud.sys [5632 2009-07-14] () R3 DXGKrnl; C:\Windows\System32\drivers\dxgkrnl.sys [974848 2009-07-14] () S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] () S3 elxstor; C:\Windows\system32\DRIVERS\elxstor.sys [530496 2009-07-14] () S3 ErrDev; C:\Windows\system32\DRIVERS\errdev.sys [9728 2009-07-14] () S3 exfat; C:\Windows\System32\Drivers\exfat.sys [195072 2009-07-14] () S3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [204800 2009-07-14] () S3 fdc; C:\Windows\system32\DRIVERS\fdc.sys [29696 2009-07-14] () R0 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [70224 2009-07-14] () S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [34304 2009-07-14] () S3 flpydisk; C:\Windows\system32\DRIVERS\flpydisk.sys [24576 2009-07-14] () R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [290368 2009-07-14] () S3 FsDepends; C:\Windows\System32\drivers\FsDepends.sys [55376 2009-07-14] () U0 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [23104 2009-07-14] () R0 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [223448 2009-07-14] () S3 gagp30kx; C:\Windows\system32\DRIVERS\gagp30kx.sys [65088 2009-07-14] () S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [33856 2009-03-18] () S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [31232 2009-06-10] () S3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [350208 2009-07-14] () R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [122368 2009-07-14] () S3 HidBatt; C:\Windows\system32\DRIVERS\HidBatt.sys [26624 2009-07-14] () S3 HidBth; C:\Windows\system32\DRIVERS\hidbth.sys [100864 2009-07-14] () S3 HidIr; C:\Windows\system32\DRIVERS\hidir.sys [46592 2009-07-14] () R3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [30208 2009-07-14] () S3 HpSAMD; C:\Windows\system32\DRIVERS\HpSAMD.sys [77888 2009-07-14] () R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [751616 2009-07-14] () R0 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14416 2009-07-14] () R3 i8042prt; C:\Windows\System32\DRIVERS\i8042prt.sys [105472 2009-07-14] () S3 iaStorV; C:\Windows\system32\DRIVERS\iaStorV.sys [410688 2009-07-14] () S3 iirsp; C:\Windows\system32\DRIVERS\iirsp.sys [44112 2009-07-14] () R3 IntcAzAudAddService; C:\Windows\System32\drivers\RTKVHD64.sys [4015592 2012-03-27] () S3 intelide; C:\Windows\system32\DRIVERS\intelide.sys [16960 2009-07-14] () R3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [62464 2009-07-14] () R4 IOMap; C:\Windows\system32\drivers\IOMap64.sys [23680 2010-02-23] () S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [82944 2009-07-14] () S3 IPMIDRV; C:\Windows\system32\DRIVERS\IPMIDrv.sys [78848 2009-07-14] () S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [116224 2009-07-14] () S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2009-07-14] () S3 isapnp; C:\Windows\system32\DRIVERS\isapnp.sys [20544 2009-07-14] () S3 iScsiPrt; C:\Windows\system32\DRIVERS\msiscsi.sys [224832 2009-07-14] () R3 kbdclass; C:\Windows\System32\DRIVERS\kbdclass.sys [50768 2009-07-14] () S3 kbdhid; C:\Windows\System32\DRIVERS\kbdhid.sys [33280 2009-07-14] () R0 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [95312 2009-07-14] () R0 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [153152 2009-07-14] () R3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [20992 2009-07-14] () R2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [60928 2009-07-14] () S3 LSI_FC; C:\Windows\system32\DRIVERS\lsi_fc.sys [114752 2009-07-14] () S3 LSI_SAS; C:\Windows\system32\DRIVERS\lsi_sas.sys [106560 2009-07-14] () S3 LSI_SAS2; C:\Windows\system32\DRIVERS\lsi_sas2.sys [65600 2009-07-14] () S3 LSI_SCSI; C:\Windows\system32\DRIVERS\lsi_scsi.sys [115776 2009-07-14] () R2 luafv; C:\Windows\system32\drivers\luafv.sys [113152 2009-07-14] () S3 megasas; C:\Windows\system32\DRIVERS\megasas.sys [35392 2009-07-14] () S3 MegaSR; C:\Windows\system32\DRIVERS\MegaSR.sys [284736 2009-07-14] () R3 MEIx64; C:\Windows\System32\DRIVERS\HECIx64.sys [60184 2011-11-10] () S3 Modem; C:\Windows\System32\drivers\modem.sys [40448 2009-07-14] () R3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [30208 2009-07-14] () R3 mouclass; C:\Windows\System32\DRIVERS\mouclass.sys [49216 2009-07-14] () S3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [31232 2009-07-14] () R0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94784 2009-07-14] () S3 mpio; C:\Windows\system32\DRIVERS\mpio.sys [155216 2009-07-14] () R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [77312 2009-07-14] () S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [140800 2009-07-14] () R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [157184 2009-07-14] () R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [285696 2009-07-14] () R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [125952 2009-07-14] () S3 msahci; C:\Windows\system32\DRIVERS\msahci.sys [30272 2009-07-14] () S3 msdsm; C:\Windows\system32\DRIVERS\msdsm.sys [140352 2009-07-14] () R1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [26112 2009-07-14] () S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2009-07-14] () R0 msisadrv; C:\Windows\System32\DRIVERS\msisadrv.sys [15424 2009-07-14] () S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [11136 2009-07-14] () S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [7168 2009-07-14] () S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [6784 2009-07-14] () S3 MsRPC; C:\Windows\System32\Drivers\MsRPC.sys [367168 2009-07-14] () R1 mssmbios; C:\Windows\System32\DRIVERS\mssmbios.sys [32320 2009-07-14] () S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [8064 2009-07-14] () S3 MTConfig; C:\Windows\system32\DRIVERS\MTConfig.sys [15360 2009-07-14] () R0 Mup; C:\Windows\System32\Drivers\mup.sys [60496 2009-07-14] () S3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [318976 2009-07-14] () R0 NDIS; C:\Windows\System32\drivers\ndis.sys [947776 2009-07-14] () S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [35328 2009-07-14] () R3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [24064 2009-07-14] () S3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [56320 2009-07-14] () R3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [164352 2009-07-14] () R3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [57856 2009-07-14] () R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [44544 2009-07-14] () R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [259072 2009-07-14] () S3 nfrd960; C:\Windows\system32\DRIVERS\nfrd960.sys [51264 2009-07-14] () R1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [44032 2009-07-14] () R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [24576 2009-07-14] () R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1659984 2009-07-14] () R1 Null; C:\Windows\System32\Drivers\Null.sys [6144 2009-07-14] () R3 NVHDA; C:\Windows\System32\drivers\nvhda64v.sys [188736 2012-04-18] () R3 nvlddmkm; C:\Windows\System32\DRIVERS\nvlddmkm.sys [14298944 2012-05-15] () S3 nvraid; C:\Windows\system32\DRIVERS\nvraid.sys [149056 2009-07-14] () S3 nvstor; C:\Windows\system32\DRIVERS\nvstor.sys [167488 2009-07-14] () S3 nv_agp; C:\Windows\system32\DRIVERS\nv_agp.sys [122960 2009-07-14] () S3 ohci1394; C:\Windows\system32\DRIVERS\ohci1394.sys [72832 2009-07-14] () R3 Parport; C:\Windows\System32\DRIVERS\parport.sys [97280 2009-07-14] () R0 partmgr; C:\Windows\System32\drivers\partmgr.sys [75840 2009-07-14] () R0 pci; C:\Windows\System32\DRIVERS\pci.sys [183872 2009-07-14] () R0 pciide; C:\Windows\System32\DRIVERS\pciide.sys [12352 2009-07-14] () S3 pcmcia; C:\Windows\system32\DRIVERS\pcmcia.sys [220752 2009-07-14] () R0 pcw; C:\Windows\System32\drivers\pcw.sys [50768 2009-07-14] () R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [651264 2009-07-14] () R3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [111616 2009-07-14] () S3 Processor; C:\Windows\system32\DRIVERS\processr.sys [60416 2009-07-14] () R1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [131584 2009-07-14] () S3 ql2300; C:\Windows\system32\DRIVERS\ql2300.sys [1524816 2009-07-14] () S3 ql40xx; C:\Windows\system32\DRIVERS\ql40xx.sys [128592 2009-07-14] () S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [46592 2009-07-14] () S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [14848 2009-07-14] () R3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [60416 2009-07-14] () R3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [130048 2009-07-14] () R3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [92672 2009-07-14] () R3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [83968 2009-07-14] () R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [309248 2009-07-14] () R3 rdpbus; C:\Windows\System32\DRIVERS\rdpbus.sys [24064 2009-07-14] () R1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [7680 2009-07-14] () S3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [165376 2009-07-14] () R1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [7680 2009-07-14] () R1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [8192 2009-07-14] () S3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [204800 2009-07-14] () R0 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [214096 2009-07-14] () R2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [76800 2009-07-14] () R3 RTL8167; C:\Windows\System32\DRIVERS\Rt64win7.sys [677480 2012-02-03] () S3 s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [6656 2009-07-14] () S3 sbp2port; C:\Windows\system32\DRIVERS\sbp2port.sys [104016 2009-07-14] () S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [29696 2009-07-14] () R2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-10] () R3 Serenum; C:\Windows\System32\DRIVERS\serenum.sys [23552 2009-07-14] () R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] () S3 sermouse; C:\Windows\system32\DRIVERS\sermouse.sys [26624 2009-07-14] () S3 sffdisk; C:\Windows\system32\DRIVERS\sffdisk.sys [14336 2009-07-14] () S3 sffp_mmc; C:\Windows\system32\DRIVERS\sffp_mmc.sys [13824 2009-07-14] () S3 sffp_sd; C:\Windows\system32\DRIVERS\sffp_sd.sys [14336 2009-07-14] () S3 sfloppy; C:\Windows\system32\DRIVERS\sfloppy.sys [16896 2009-07-14] () S3 SiSRaid2; C:\Windows\system32\DRIVERS\SiSRaid2.sys [43584 2009-07-14] () S3 SiSRaid4; C:\Windows\system32\DRIVERS\sisraid4.sys [80464 2009-07-14] () S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [93184 2009-07-14] () R0 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-14] () R3 srv; C:\Windows\System32\DRIVERS\srv.sys [465408 2009-07-14] () R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [407040 2009-07-14] () R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [162816 2009-07-14] () S3 stexstor; C:\Windows\system32\DRIVERS\stexstor.sys [24656 2009-07-14] () R0 storflt; C:\Windows\System32\DRIVERS\vmstorfl.sys [46672 2009-07-14] () S3 storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [34896 2009-07-14] () R3 swenum; C:\Windows\System32\DRIVERS\swenum.sys [12496 2009-07-14] () R0 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1898576 2009-07-14] () S3 TCPIP6; C:\Windows\System32\DRIVERS\tcpip.sys [1898576 2009-07-14] () R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [44544 2009-07-14] () S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [15872 2009-07-14] () S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [23552 2009-07-14] () R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [99840 2009-07-14] () R1 TermDD; C:\Windows\System32\DRIVERS\termdd.sys [62544 2009-07-14] () S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [38400 2009-07-14] () R3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [125440 2009-07-14] () S3 uagp35; C:\Windows\system32\DRIVERS\uagp35.sys [64080 2009-07-14] () S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [327168 2009-07-14] () S3 uliagpkx; C:\Windows\system32\DRIVERS\uliagpkx.sys [64592 2009-07-14] () R3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [48640 2009-07-14] () S3 UmPass; C:\Windows\system32\DRIVERS\umpass.sys [9728 2009-07-14] () R3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [98816 2009-07-14] () S3 usbcir; C:\Windows\system32\DRIVERS\usbcir.sys [100352 2009-07-14] () R3 usbehci; C:\Windows\System32\DRIVERS\usbehci.sys [51200 2009-07-14] () R3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [343040 2009-07-14] () S3 usbohci; C:\Windows\system32\DRIVERS\usbohci.sys [25600 2009-07-14] () S3 usbprint; C:\Windows\system32\DRIVERS\usbprint.sys [25088 2009-07-14] () S3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [89600 2009-07-14] () S3 usbuhci; C:\Windows\system32\DRIVERS\usbuhci.sys [30720 2009-07-14] () R0 vdrvroot; C:\Windows\System32\DRIVERS\vdrvroot.sys [36432 2009-07-14] () S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [29184 2009-07-14] () R1 VgaSave; C:\Windows\System32\drivers\vga.sys [29184 2009-07-14] () S3 vhdmp; C:\Windows\system32\DRIVERS\vhdmp.sys [217680 2009-07-14] () S3 viaide; C:\Windows\system32\DRIVERS\viaide.sys [17488 2009-07-14] () S3 vmbus; C:\Windows\system32\DRIVERS\vmbus.sys [200272 2009-07-14] () S3 VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [21760 2009-07-14] () R0 volmgr; C:\Windows\System32\DRIVERS\volmgr.sys [71760 2009-07-14] () R0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363584 2009-07-14] () R0 volsnap; C:\Windows\System32\DRIVERS\volsnap.sys [295296 2011-02-25] () S3 vsmraid; C:\Windows\system32\DRIVERS\vsmraid.sys [161872 2009-07-14] () S3 vwifibus; C:\Windows\System32\drivers\vwifibus.sys [24576 2009-07-14] () S3 WacomPen; C:\Windows\system32\DRIVERS\wacompen.sys [27776 2009-07-14] () S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2009-07-14] () R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2009-07-14] () S3 Wd; C:\Windows\system32\DRIVERS\wd.sys [21056 2009-07-14] () R0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [654928 2009-07-14] () R1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [12800 2009-07-14] () S3 WIMMount; C:\Windows\System32\drivers\wimmount.sys [22096 2009-07-14] () R3 WmiAcpi; C:\Windows\System32\DRIVERS\wmiacpi.sys [14336 2009-07-14] () R1 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [21504 2009-07-14] () R3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [112128 2009-07-14] () S3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [172544 2009-07-14] () U5 a7ae46e920f1da1; C:\Windows\System32\Drivers\a7ae46e920f1da1.sys [77256 2013-02-12] () U5 BattC; C:\Windows\System32\Drivers\BattC.sys [28240 2009-07-14] () S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-02-09 01:26 - 2014-02-09 01:26 - 00044893 _____ () C:\Users\win7\Downloads\FRST.txt 2014-02-09 01:25 - 2014-02-09 01:26 - 00000000 ____D () C:\FRST 2014-02-09 01:20 - 2014-02-09 01:20 - 00093972 _____ () C:\OTL.Txt 2014-02-09 01:11 - 2014-02-09 01:20 - 00046168 _____ () C:\Users\win7\Downloads\Extras.Txt 2014-02-09 01:04 - 2014-02-09 01:04 - 00602112 _____ (OldTimer Tools) C:\Users\win7\Downloads\OTL.exe 2014-02-09 01:02 - 2014-02-09 01:02 - 02079744 _____ (Farbar) C:\Users\win7\Downloads\FRST64.exe 2014-02-08 22:46 - 2014-02-08 22:46 - 00000000 ____D () C:\Users\Lee sin\AppData\Roaming\XulTest 2014-02-08 22:46 - 2014-02-08 22:46 - 00000000 ____D () C:\Users\Lee sin\AppData\Local\XulTest 2014-02-08 22:40 - 2014-02-08 22:40 - 00000000 ____D () C:\Users\Lee sin\AppData\Local\avgchrome 2014-02-08 13:36 - 2014-02-08 22:46 - 00000000 ____D () C:\Users\Lee sin\AppData\Roaming\Mozilla 2014-02-08 13:09 - 2014-02-08 13:09 - 00000000 ____D () C:\Users\Lee sin\AppData\Roaming\LolClient 2014-02-07 22:22 - 2014-02-07 22:22 - 00000651 _____ () C:\Users\Lee sin\Desktop\Nowy dokument tekstowy.txt 2014-02-07 22:09 - 2014-02-07 22:09 - 00000000 ____D () C:\Users\Lee sin\AppData\Roaming\AVAST Software 2014-02-07 22:09 - 2014-02-07 22:09 - 00000000 ____D () C:\Users\Lee sin\AppData\Local\Google 2014-02-07 22:08 - 2014-02-08 23:51 - 00000335 _____ () C:\Users\Lee sin\daemonprocess.txt 2014-02-07 22:06 - 2014-02-07 22:06 - 00000000 ____D () C:\Users\Lee sin\AppData\Roaming\Adobe 2014-02-07 22:05 - 2014-02-07 22:05 - 00000000 ____H () C:\Users\Lee sin\Documents\Default.rdp 2014-02-07 21:58 - 2014-02-08 23:55 - 00000000 ____D () C:\Users\Lee sin 2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 _SHDL () C:\Users\Lee sin\Ustawienia lokalne 2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 _SHDL () C:\Users\Lee sin\Szablony 2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 _SHDL () C:\Users\Lee sin\Moje dokumenty 2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 _SHDL () C:\Users\Lee sin\Menu Start 2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 _SHDL () C:\Users\Lee sin\Documents\Moje wideo 2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 _SHDL () C:\Users\Lee sin\Documents\Moje obrazy 2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 _SHDL () C:\Users\Lee sin\Documents\Moja muzyka 2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 _SHDL () C:\Users\Lee sin\Dane aplikacji 2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 _SHDL () C:\Users\Lee sin\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 _SHDL () C:\Users\Lee sin\AppData\Local\Historia 2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 _SHDL () C:\Users\Lee sin\AppData\Local\Dane aplikacji 2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 ____D () C:\Users\Lee sin\AppData\Roaming\Systweak 2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 ____D () C:\Users\Lee sin\AppData\Local\VirtualStore 2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 ____D () C:\Users\Lee sin\AppData\Local\AVG Secure Search 2014-02-07 21:58 - 2013-03-09 17:27 - 00000000 ____D () C:\Users\Lee sin\AppData\Roaming\Macromedia 2014-02-07 21:46 - 2014-02-07 21:57 - 00000000 ____D () C:\Users\Shaco 2014-02-06 21:39 - 2013-09-23 13:57 - 00047104 _____ (1C) C:\Users\win7\zunirogyzfyp.exe 2014-02-06 21:39 - 2013-09-20 13:53 - 00047616 _____ (1C) C:\Users\win7\widfafocsynw.exe 2014-02-06 21:05 - 2014-02-06 21:05 - 00038356 _____ () C:\ComboFix.txt 2014-02-06 20:19 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe 2014-02-06 20:19 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe 2014-02-06 20:19 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2014-02-06 20:19 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2014-02-06 20:19 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2014-02-06 20:19 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe 2014-02-06 20:19 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe 2014-02-06 20:19 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe 2014-02-06 20:18 - 2014-02-06 21:05 - 00000000 ____D () C:\Qoobox 2014-02-06 20:18 - 2014-02-06 21:03 - 00000000 ____D () C:\Windows\erdnt 2014-02-06 20:16 - 2014-02-06 20:18 - 05180173 ____R (Swearware) C:\Users\win7\Downloads\ComboFix.exe 2014-02-06 20:08 - 2014-02-06 20:08 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\tteiapif.sys 2014-02-06 19:41 - 2014-02-06 19:41 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\hrgccsil.sys 2014-02-06 19:39 - 2014-02-06 19:39 - 90578216 _____ (AVAST Software) C:\Users\win7\Downloads\avast_free_antivirus_setup.exe 2014-02-06 19:15 - 2014-02-06 19:15 - 00000000 ____D () C:\Users\win7\AppData\Local\SaveSenseLive 2014-02-06 19:15 - 2014-02-06 19:15 - 00000000 ____D () C:\Users\win7\AppData\Local\SaveSense 2014-02-06 19:14 - 2014-02-06 19:14 - 00613720 _____ () C:\Users\win7\Downloads\avast.Free.Antivirus_2014_9.0.2013.292 (37071).exe 2014-02-06 19:08 - 2014-02-06 19:08 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\iuzzblbf.sys 2014-02-06 19:06 - 2014-02-06 19:06 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\jfmspnpr.sys 2014-02-06 18:36 - 2014-02-06 18:36 - 00000000 ____D () C:\Users\win7\AppData\Roaming\AVAST Software 2014-02-06 18:33 - 2014-02-09 00:39 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-02-06 18:33 - 2014-02-06 18:33 - 01038072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2014-02-06 18:33 - 2014-02-06 18:33 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2014-02-06 18:33 - 2014-02-06 18:33 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2014-02-06 18:33 - 2014-02-06 18:33 - 00207904 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2014-02-06 18:33 - 2014-02-06 18:33 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2014-02-06 18:33 - 2014-02-06 18:33 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2014-02-06 18:33 - 2014-02-06 18:33 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2014-02-06 18:33 - 2014-02-06 18:33 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2014-02-06 18:33 - 2014-02-06 18:33 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-02-06 18:33 - 2014-02-06 18:33 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys 2014-02-06 18:16 - 2014-02-06 18:16 - 00000000 ____D () C:\Program Files\AVAST Software 2014-02-06 18:15 - 2014-02-06 18:15 - 00000000 ____D () C:\ProgramData\AVAST Software 2014-02-04 21:57 - 2013-10-31 19:07 - 00001629 _____ () C:\Users\win7\Downloads\Internet Explorer (64-bit).lnk 2014-02-04 21:52 - 2013-10-31 19:07 - 00001651 _____ () C:\Users\win7\Downloads\Internet Explorer.lnk 2014-02-03 23:08 - 2014-02-09 00:50 - 00000000 ____D () C:\Users\win7\AppData\Local\AAA_Internet_Publishing,_ 2014-02-03 23:08 - 2014-02-03 23:08 - 00000983 _____ () C:\Users\Public\Desktop\WTFast.lnk 2014-02-03 23:08 - 2014-02-03 23:08 - 00000000 ____D () C:\Program Files (x86)\WTFast 2014-02-03 23:08 - 2013-02-01 06:39 - 00079464 _____ (Initex) C:\Windows\system32\WTFastDrv.dll 2014-02-03 23:08 - 2013-02-01 06:39 - 00072296 _____ (Initex) C:\Windows\SysWOW64\WTFastDrv.dll 2014-02-03 23:08 - 2013-02-01 06:39 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SPORDER.DLL 2014-02-03 23:07 - 2014-02-03 23:08 - 04361696 _____ (Initex & AAA Internet Publishing ) C:\Users\win7\Downloads\WTFastSetup.3.0.2.9.exe 2014-02-03 22:29 - 2014-02-03 22:30 - 00000000 ____D () C:\Program Files (x86)\Przyspiesz 2014-02-03 22:29 - 2014-02-03 22:29 - 00001035 _____ () C:\Users\Public\Desktop\Przyspiesz.pl.lnk 2014-02-03 22:28 - 2014-02-03 22:28 - 04482688 _____ (Przyspiesz.pl ) C:\Users\win7\Downloads\setup_przyspiesz_ndw556hqu.exe 2014-02-03 21:53 - 2014-02-03 21:53 - 04240356 _____ () C:\Users\win7\Downloads\ps_setup.exe 2014-02-03 21:34 - 2014-02-03 21:35 - 00666648 _____ () C:\Users\win7\Downloads\Gadwin-PrintScreen(12471).exe 2014-02-02 12:17 - 2014-02-02 12:17 - 00000000 ____D () C:\ProgramData\Oracle 2014-02-02 12:17 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-02-02 12:17 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-02-02 12:17 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-02-02 12:17 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-02-02 12:16 - 2014-02-02 12:17 - 00005765 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log 2014-01-30 23:47 - 2014-01-30 23:47 - 00002019 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk 2014-01-30 17:21 - 2014-01-30 18:01 - 00063168 _____ () C:\Users\win7\Desktop\Pytania.pptx 2014-01-27 19:32 - 2014-01-27 19:32 - 00000680 _____ () C:\Users\win7\Documents\Lista nut.m3u 2014-01-27 19:30 - 2014-01-27 19:31 - 00000000 ____D () C:\Users\win7\Desktop\Nuty 2014-01-24 23:49 - 2014-01-24 23:50 - 07333968 _____ (Ubisoft) C:\Users\win7\Downloads\duelofchampions.exe 2014-01-23 18:39 - 2014-02-09 00:52 - 00001368 _____ () C:\Users\win7\Desktop\Wyczyść rejestr za darmo!.lnk 2014-01-23 18:39 - 2014-01-23 18:39 - 00001054 _____ () C:\Users\Public\Desktop\RegClean Pro.lnk 2014-01-23 18:39 - 2014-01-23 18:39 - 00000000 ____D () C:\Program Files (x86)\RegClean Pro 2014-01-21 19:41 - 2014-01-21 19:41 - 00293080 _____ () C:\Windows\Minidump\012114-14882-01.dmp 2014-01-20 21:36 - 2014-01-21 14:49 - 00000000 ____D () C:\Users\win7\AppData\Local\Ubisoft 2014-01-20 21:35 - 2014-01-30 23:33 - 00000000 __SHD () C:\Users\win7\wc 2014-01-20 21:35 - 2014-01-30 23:32 - 00001063 _____ () C:\Users\Public\Desktop\Duel of Champions Launcher.lnk 2014-01-20 21:35 - 2014-01-20 21:35 - 00000000 __SHD () C:\Users\win7\AppData\Roaming\wyUpdate AU 2014-01-20 21:35 - 2014-01-20 21:35 - 00000000 ____D () C:\Users\win7\AppData\Roaming\Ubisoft 2014-01-20 14:53 - 2014-01-20 14:53 - 00293024 _____ () C:\Windows\Minidump\012014-15178-01.dmp 2014-01-18 16:48 - 2014-01-18 16:48 - 00293088 _____ () C:\Windows\Minidump\011814-15319-01.dmp 2014-01-18 15:43 - 2014-01-18 15:44 - 00293040 _____ () C:\Windows\Minidump\011814-15568-01.dmp 2014-01-15 14:19 - 2014-01-20 15:03 - 00001015 _____ () C:\Users\win7\Desktop\Softonic.lnk 2014-01-14 16:13 - 2014-01-13 16:22 - 00001015 _____ () C:\Users\win7\Downloads\MK LOL.lnk 2014-01-14 07:49 - 2014-01-14 07:49 - 00000000 _____ () C:\Users\win7\AppData\Local\{5D70B5D6-274D-4B71-AEFE-1DDD443CC7CB} 2014-01-13 16:24 - 2014-01-13 16:24 - 00000000 ____D () C:\Users\win7\Documents\MK-LOL 2014-01-13 16:23 - 2014-01-13 16:23 - 00000054 _____ () C:\Windows\JQHApp.dat 2014-01-13 16:20 - 2014-02-09 00:50 - 00000000 ____D () C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MKJogo 2014-01-13 16:20 - 2014-01-14 16:14 - 00001015 _____ () C:\Users\win7\Desktop\MK LOL.lnk 2014-01-13 16:20 - 2014-01-13 16:20 - 00000000 ____D () C:\Program Files (x86)\MKJogo 2014-01-13 16:18 - 2014-01-13 16:19 - 05933256 _____ () C:\Users\win7\Downloads\MK_LOL_1.0.0.25Beta.exe ==================== One Month Modified Files and Folders ======= 2014-02-09 01:26 - 2014-02-09 01:26 - 00044893 _____ () C:\Users\win7\Downloads\FRST.txt 2014-02-09 01:26 - 2014-02-09 01:25 - 00000000 ____D () C:\FRST 2014-02-09 01:23 - 2012-11-01 20:14 - 00000000 ____D () C:\Users\win7\AppData\Roaming\Skype 2014-02-09 01:20 - 2014-02-09 01:20 - 00093972 _____ () C:\OTL.Txt 2014-02-09 01:20 - 2014-02-09 01:11 - 00046168 _____ () C:\Users\win7\Downloads\Extras.Txt 2014-02-09 01:04 - 2014-02-09 01:04 - 00602112 _____ (OldTimer Tools) C:\Users\win7\Downloads\OTL.exe 2014-02-09 01:03 - 2013-11-01 12:58 - 00000922 _____ () C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job 2014-02-09 01:02 - 2014-02-09 01:02 - 02079744 _____ (Farbar) C:\Users\win7\Downloads\FRST64.exe 2014-02-09 00:54 - 2013-03-09 14:15 - 00003108 _____ () C:\Windows\System32\Tasks\RegClean Pro 2014-02-09 00:52 - 2014-01-23 18:39 - 00001368 _____ () C:\Users\win7\Desktop\Wyczyść rejestr za darmo!.lnk 2014-02-09 00:51 - 2013-12-24 11:39 - 00000000 ____D () C:\Program Files (x86)\Origin 2014-02-09 00:51 - 2013-11-17 19:21 - 00001040 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-02-09 00:51 - 2013-11-01 12:58 - 00000918 _____ () C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job 2014-02-09 00:51 - 2013-02-12 16:38 - 00065536 _____ () C:\Windows\system32\Ikeext.etl 2014-02-09 00:51 - 2012-10-05 15:17 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-02-09 00:51 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-02-09 00:51 - 2009-07-14 05:51 - 00068020 _____ () C:\Windows\setupact.log 2014-02-09 00:50 - 2014-02-03 23:08 - 00000000 ____D () C:\Users\win7\AppData\Local\AAA_Internet_Publishing,_ 2014-02-09 00:50 - 2014-01-13 16:20 - 00000000 ____D () C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MKJogo 2014-02-09 00:50 - 2014-01-05 01:17 - 00000000 ____D () C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder 2014-02-09 00:50 - 2013-12-23 12:26 - 00000000 ____D () C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Softonic 2014-02-09 00:50 - 2013-11-22 12:35 - 00000000 ____D () C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard 2014-02-09 00:50 - 2013-04-16 14:10 - 00000000 ____D () C:\Users\win7\AppData\Local\Akamai 2014-02-09 00:50 - 2012-10-04 23:16 - 00000000 ____D () C:\Users\win7 2014-02-09 00:50 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration 2014-02-09 00:50 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat 2014-02-09 00:46 - 2012-10-19 05:08 - 00716337 _____ () C:\Windows\WindowsUpdate.log 2014-02-09 00:43 - 2013-11-01 12:34 - 00013740 _____ () C:\Users\win7\daemonprocess.txt 2014-02-09 00:39 - 2014-02-06 18:33 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-02-09 00:38 - 2013-07-29 21:32 - 00001852 _____ () C:\Users\win7\Desktop\Co kupić do lola.txt 2014-02-09 00:37 - 2013-11-17 19:21 - 00001044 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-02-09 00:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing 2014-02-09 00:01 - 2013-06-17 13:09 - 00163328 _____ () C:\Windows\SysWOW64\FlashPlayerUpdateService.exe 2014-02-09 00:01 - 2013-06-17 13:09 - 00003440 _____ () C:\Windows\System32\Tasks\AdobeFlashPlayerUpdate 2014-02-09 00:01 - 2013-06-17 13:09 - 00003180 _____ () C:\Windows\System32\Tasks\AdobeFlashPlayerUpdate 2 2014-02-09 00:01 - 2012-10-08 14:30 - 00003868 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-02-09 00:01 - 2012-10-08 14:30 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-02-08 23:55 - 2014-02-07 21:58 - 00000000 ____D () C:\Users\Lee sin 2014-02-08 23:51 - 2014-02-07 22:08 - 00000335 _____ () C:\Users\Lee sin\daemonprocess.txt 2014-02-08 22:46 - 2014-02-08 22:46 - 00000000 ____D () C:\Users\Lee sin\AppData\Roaming\XulTest 2014-02-08 22:46 - 2014-02-08 22:46 - 00000000 ____D () C:\Users\Lee sin\AppData\Local\XulTest 2014-02-08 22:46 - 2014-02-08 13:36 - 00000000 ____D () C:\Users\Lee sin\AppData\Roaming\Mozilla 2014-02-08 22:40 - 2014-02-08 22:40 - 00000000 ____D () C:\Users\Lee sin\AppData\Local\avgchrome 2014-02-08 13:09 - 2014-02-08 13:09 - 00000000 ____D () C:\Users\Lee sin\AppData\Roaming\LolClient 2014-02-07 22:22 - 2014-02-07 22:22 - 00000651 _____ () C:\Users\Lee sin\Desktop\Nowy dokument tekstowy.txt 2014-02-07 22:09 - 2014-02-07 22:09 - 00000000 ____D () C:\Users\Lee sin\AppData\Roaming\AVAST Software 2014-02-07 22:09 - 2014-02-07 22:09 - 00000000 ____D () C:\Users\Lee sin\AppData\Local\Google 2014-02-07 22:06 - 2014-02-07 22:06 - 00000000 ____D () C:\Users\Lee sin\AppData\Roaming\Adobe 2014-02-07 22:05 - 2014-02-07 22:05 - 00000000 ____H () C:\Users\Lee sin\Documents\Default.rdp 2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 _SHDL () C:\Users\Lee sin\Ustawienia lokalne 2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 _SHDL () C:\Users\Lee sin\Szablony 2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 _SHDL () C:\Users\Lee sin\Moje dokumenty 2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 _SHDL () C:\Users\Lee sin\Menu Start 2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 _SHDL () C:\Users\Lee sin\Documents\Moje wideo 2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 _SHDL () C:\Users\Lee sin\Documents\Moje obrazy 2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 _SHDL () C:\Users\Lee sin\Documents\Moja muzyka 2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 _SHDL () C:\Users\Lee sin\Dane aplikacji 2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 _SHDL () C:\Users\Lee sin\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 _SHDL () C:\Users\Lee sin\AppData\Local\Historia 2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 _SHDL () C:\Users\Lee sin\AppData\Local\Dane aplikacji 2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 ____D () C:\Users\Lee sin\AppData\Roaming\Systweak 2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 ____D () C:\Users\Lee sin\AppData\Local\VirtualStore 2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 ____D () C:\Users\Lee sin\AppData\Local\AVG Secure Search 2014-02-07 21:57 - 2014-02-07 21:46 - 00000000 ____D () C:\Users\Shaco 2014-02-07 15:01 - 2013-03-09 14:15 - 00000274 _____ () C:\Windows\Tasks\RegClean Pro_DEFAULT.job 2014-02-07 08:50 - 2013-09-09 20:47 - 00000000 ____D () C:\Windows\SysWOW64\dfrg 2014-02-07 08:50 - 2009-07-14 19:09 - 00000000 ___RD () C:\Users\Public\Recorded TV 2014-02-06 21:50 - 2009-07-14 05:45 - 00010208 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-02-06 21:50 - 2009-07-14 05:45 - 00010208 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-02-06 21:05 - 2014-02-06 21:05 - 00038356 _____ () C:\ComboFix.txt 2014-02-06 21:05 - 2014-02-06 20:18 - 00000000 ____D () C:\Qoobox 2014-02-06 21:04 - 2012-10-04 23:20 - 00000000 ___RD () C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-02-06 21:03 - 2014-02-06 20:18 - 00000000 ____D () C:\Windows\erdnt 2014-02-06 21:00 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini 2014-02-06 20:43 - 2012-10-05 15:02 - 00282806 _____ () C:\Windows\PFRO.log 2014-02-06 20:42 - 2009-07-14 03:34 - 59244544 _____ () C:\Windows\system32\config\SOFTWARE.bak 2014-02-06 20:42 - 2009-07-14 03:34 - 16515072 _____ () C:\Windows\system32\config\SYSTEM.bak 2014-02-06 20:42 - 2009-07-14 03:34 - 00786432 _____ () C:\Windows\system32\config\DEFAULT.bak 2014-02-06 20:42 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak 2014-02-06 20:42 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak 2014-02-06 20:18 - 2014-02-06 20:16 - 05180173 ____R (Swearware) C:\Users\win7\Downloads\ComboFix.exe 2014-02-06 20:18 - 2009-07-14 06:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-02-06 20:08 - 2014-02-06 20:08 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\tteiapif.sys 2014-02-06 19:41 - 2014-02-06 19:41 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\hrgccsil.sys 2014-02-06 19:39 - 2014-02-06 19:39 - 90578216 _____ (AVAST Software) C:\Users\win7\Downloads\avast_free_antivirus_setup.exe 2014-02-06 19:17 - 2013-12-18 16:33 - 00000132 _____ () C:\Users\win7\AppData\Roaming\WB.CFG 2014-02-06 19:15 - 2014-02-06 19:15 - 00000000 ____D () C:\Users\win7\AppData\Local\SaveSenseLive 2014-02-06 19:15 - 2014-02-06 19:15 - 00000000 ____D () C:\Users\win7\AppData\Local\SaveSense 2014-02-06 19:14 - 2014-02-06 19:14 - 00613720 _____ () C:\Users\win7\Downloads\avast.Free.Antivirus_2014_9.0.2013.292 (37071).exe 2014-02-06 19:08 - 2014-02-06 19:08 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\iuzzblbf.sys 2014-02-06 19:06 - 2014-02-06 19:06 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\jfmspnpr.sys 2014-02-06 18:36 - 2014-02-06 18:36 - 00000000 ____D () C:\Users\win7\AppData\Roaming\AVAST Software 2014-02-06 18:33 - 2014-02-06 18:33 - 01038072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2014-02-06 18:33 - 2014-02-06 18:33 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2014-02-06 18:33 - 2014-02-06 18:33 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2014-02-06 18:33 - 2014-02-06 18:33 - 00207904 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2014-02-06 18:33 - 2014-02-06 18:33 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2014-02-06 18:33 - 2014-02-06 18:33 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2014-02-06 18:33 - 2014-02-06 18:33 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2014-02-06 18:33 - 2014-02-06 18:33 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2014-02-06 18:33 - 2014-02-06 18:33 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-02-06 18:33 - 2014-02-06 18:33 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys 2014-02-06 18:16 - 2014-02-06 18:16 - 00000000 ____D () C:\Program Files\AVAST Software 2014-02-06 18:15 - 2014-02-06 18:15 - 00000000 ____D () C:\ProgramData\AVAST Software 2014-02-06 14:15 - 2013-11-01 12:39 - 00000000 ____D () C:\Users\win7\AppData\Roaming\GG 2014-02-05 23:12 - 2013-11-01 16:15 - 00000150 _____ () C:\Windows\SysWOW64\queries-02.cache 2014-02-05 23:12 - 2013-11-01 16:15 - 00000081 _____ () C:\Windows\SysWOW64\cache.00 2014-02-05 23:11 - 2012-10-05 14:53 - 00000000 ____D () C:\Users\win7\AppData\Roaming\Winamp 2014-02-05 21:29 - 2013-01-20 19:42 - 00000000 ____D () C:\Users\win7\AppData\Roaming\.minecraft 2014-02-05 19:45 - 2013-03-09 14:15 - 00000282 _____ () C:\Windows\Tasks\RegClean Pro_UPDATES.job 2014-02-05 13:14 - 2013-03-07 22:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-02-04 21:59 - 2013-03-07 22:11 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-02-04 21:58 - 2012-10-08 15:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-02-03 23:08 - 2014-02-03 23:08 - 00000983 _____ () C:\Users\Public\Desktop\WTFast.lnk 2014-02-03 23:08 - 2014-02-03 23:08 - 00000000 ____D () C:\Program Files (x86)\WTFast 2014-02-03 23:08 - 2014-02-03 23:07 - 04361696 _____ (Initex & AAA Internet Publishing ) C:\Users\win7\Downloads\WTFastSetup.3.0.2.9.exe 2014-02-03 22:30 - 2014-02-03 22:29 - 00000000 ____D () C:\Program Files (x86)\Przyspiesz 2014-02-03 22:29 - 2014-02-03 22:29 - 00001035 _____ () C:\Users\Public\Desktop\Przyspiesz.pl.lnk 2014-02-03 22:28 - 2014-02-03 22:28 - 04482688 _____ (Przyspiesz.pl ) C:\Users\win7\Downloads\setup_przyspiesz_ndw556hqu.exe 2014-02-03 21:53 - 2014-02-03 21:53 - 04240356 _____ () C:\Users\win7\Downloads\ps_setup.exe 2014-02-03 21:35 - 2014-02-03 21:34 - 00666648 _____ () C:\Users\win7\Downloads\Gadwin-PrintScreen(12471).exe 2014-02-03 21:07 - 2012-10-08 15:03 - 00000000 ____D () C:\Program Files (x86)\AVG Secure Search 2014-02-02 22:01 - 2013-11-01 16:15 - 00000017 _____ () C:\queries-07.cache 2014-02-02 22:01 - 2013-11-01 16:15 - 00000005 _____ () C:\server.met 2014-02-02 22:01 - 2013-11-01 16:15 - 00000005 _____ () C:\queries-00.cache 2014-02-02 22:01 - 2013-11-01 16:15 - 00000005 _____ () C:\known.met 2014-02-02 12:17 - 2014-02-02 12:17 - 00000000 ____D () C:\ProgramData\Oracle 2014-02-02 12:17 - 2014-02-02 12:16 - 00005765 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log 2014-02-02 12:17 - 2013-07-03 23:22 - 00000000 ____D () C:\Program Files (x86)\Java 2014-02-02 12:08 - 2009-07-14 18:55 - 04666970 _____ () C:\Windows\system32\perfh015.dat 2014-02-02 12:08 - 2009-07-14 18:55 - 01491410 _____ () C:\Windows\system32\perfc015.dat 2014-02-02 12:08 - 2009-07-14 06:13 - 00006224 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-01-30 23:47 - 2014-01-30 23:47 - 00002019 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk 2014-01-30 23:47 - 2013-03-09 13:57 - 00000000 ____D () C:\Program Files (x86)\Adobe 2014-01-30 23:47 - 2012-11-16 15:43 - 00000000 ____D () C:\Users\win7\AppData\Local\Adobe 2014-01-30 23:47 - 2012-10-05 14:56 - 00000000 ____D () C:\ProgramData\Adobe 2014-01-30 23:33 - 2014-01-20 21:35 - 00000000 __SHD () C:\Users\win7\wc 2014-01-30 23:32 - 2014-01-20 21:35 - 00001063 _____ () C:\Users\Public\Desktop\Duel of Champions Launcher.lnk 2014-01-30 22:53 - 2013-12-25 14:39 - 00000000 ____D () C:\Users\win7\Documents\FIFA 14 2014-01-30 18:01 - 2014-01-30 17:21 - 00063168 _____ () C:\Users\win7\Desktop\Pytania.pptx 2014-01-29 23:21 - 2013-12-24 11:39 - 00000000 ____D () C:\ProgramData\Origin 2014-01-27 19:32 - 2014-01-27 19:32 - 00000680 _____ () C:\Users\win7\Documents\Lista nut.m3u 2014-01-27 19:31 - 2014-01-27 19:30 - 00000000 ____D () C:\Users\win7\Desktop\Nuty 2014-01-24 23:50 - 2014-01-24 23:49 - 07333968 _____ (Ubisoft) C:\Users\win7\Downloads\duelofchampions.exe 2014-01-23 18:39 - 2014-01-23 18:39 - 00001054 _____ () C:\Users\Public\Desktop\RegClean Pro.lnk 2014-01-23 18:39 - 2014-01-23 18:39 - 00000000 ____D () C:\Program Files (x86)\RegClean Pro 2014-01-21 19:41 - 2014-01-21 19:41 - 00293080 _____ () C:\Windows\Minidump\012114-14882-01.dmp 2014-01-21 19:41 - 2013-06-09 12:00 - 335888745 _____ () C:\Windows\MEMORY.DMP 2014-01-21 19:41 - 2013-06-09 12:00 - 00000000 ____D () C:\Windows\Minidump 2014-01-21 14:49 - 2014-01-20 21:36 - 00000000 ____D () C:\Users\win7\AppData\Local\Ubisoft 2014-01-20 21:35 - 2014-01-20 21:35 - 00000000 __SHD () C:\Users\win7\AppData\Roaming\wyUpdate AU 2014-01-20 21:35 - 2014-01-20 21:35 - 00000000 ____D () C:\Users\win7\AppData\Roaming\Ubisoft 2014-01-20 15:03 - 2014-01-15 14:19 - 00001015 _____ () C:\Users\win7\Desktop\Softonic.lnk 2014-01-20 14:53 - 2014-01-20 14:53 - 00293024 _____ () C:\Windows\Minidump\012014-15178-01.dmp 2014-01-19 14:07 - 2013-11-01 16:15 - 00000005 _____ () C:\server_met.old 2014-01-18 16:48 - 2014-01-18 16:48 - 00293088 _____ () C:\Windows\Minidump\011814-15319-01.dmp 2014-01-18 15:44 - 2014-01-18 15:43 - 00293040 _____ () C:\Windows\Minidump\011814-15568-01.dmp 2014-01-18 00:07 - 2014-01-05 01:17 - 00000000 ____D () C:\Program Files (x86)\WarThunder 2014-01-14 16:14 - 2014-01-13 16:20 - 00001015 _____ () C:\Users\win7\Desktop\MK LOL.lnk 2014-01-14 07:49 - 2014-01-14 07:49 - 00000000 _____ () C:\Users\win7\AppData\Local\{5D70B5D6-274D-4B71-AEFE-1DDD443CC7CB} 2014-01-13 16:24 - 2014-01-13 16:24 - 00000000 ____D () C:\Users\win7\Documents\MK-LOL 2014-01-13 16:23 - 2014-01-13 16:23 - 00000054 _____ () C:\Windows\JQHApp.dat 2014-01-13 16:22 - 2014-01-14 16:13 - 00001015 _____ () C:\Users\win7\Downloads\MK LOL.lnk 2014-01-13 16:20 - 2014-01-13 16:20 - 00000000 ____D () C:\Program Files (x86)\MKJogo 2014-01-13 16:19 - 2014-01-13 16:18 - 05933256 _____ () C:\Users\win7\Downloads\MK_LOL_1.0.0.25Beta.exe Files to move or delete: ==================== C:\ProgramData\widfafocsynw.exe C:\ProgramData\zunirogyzfyp.exe C:\Users\win7\widfafocsynw.exe C:\Users\win7\zunirogyzfyp.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys [2012-10-05 15:06] - [2011-02-25 07:36] - 0295296 ____A () D41D8CD98F00B204E9800998ECF8427E C:\Windows\System32\Drivers\volsnap.sys IS INFECTED. <===== ATTENTION! testsigning: ==> Check for possible unsigned rootkit driver <===== ATTENTION! LastRegBack: 2014-02-08 12:00 ==================== End Of Log ============================