Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-02-2014 03
Ran by win7 (administrator) on WIN7-KOMPUTER on 10-02-2014 16:59:00
Running from C:\Users\win7\Downloads
Windows 7 Ultimate (X64) OS Language: Polish
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
() C:\Windows\SysWOW64\ASGT.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Pandora.TV) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
() C:\Program Files (x86)\BatBrowse\updateBatBrowse.exe
() C:\Program Files (x86)\BatBrowse\bin\utilBatBrowse.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe
(Systweak Inc) C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Akamai Technologies, Inc.) C:\Users\win7\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\win7\AppData\Local\Akamai\netsession_win.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
() C:\Program Files (x86)\AVG Secure Search\vprot.exe
(Ask) C:\Program Files (x86)\Ask.com\Updater\Updater.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6468712 2012-03-20] (Realtek Semiconductor)
HKLM-x32\...\Run: [WinampAgent] - C:\Program Files (x86)\Winamp\winampa.exe [37888 2010-05-25] (Nullsoft, Inc.)
HKLM-x32\...\Run: [vProt] - C:\Program Files (x86)\AVG Secure Search\vprot.exe [2552856 2014-02-03] ()
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [ApnUpdater] - C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1648264 2013-04-25] (Ask)
HKLM-x32\...\Run: [Regedit32] - C:\Windows\SysWOW64\regedit.exe [398336 2009-07-14] (Microsoft Corporation)
HKLM-x32\...\Run: [mobilegeni daemon] - C:\Program Files (x86)\Mobogenie\DaemonProcess.exe [746176 2013-11-01] ()
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\.DEFAULT\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe [814472 2013-06-11] (Adobe Systems Incorporated)
HKU\S-1-5-21-2985978322-4174081002-1716717453-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [18705664 2013-01-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2985978322-4174081002-1716717453-1000\...\Run: [Akamai NetSession Interface] - C:\Users\win7\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2985978322-4174081002-1716717453-1000\...\Run: [Regedit32] - C:\Windows\system32\regedit.exe
HKU\S-1-5-21-2985978322-4174081002-1716717453-1000\...\Run: [Gadu-Gadu 10] - C:\Program Files (x86)\Gadu-Gadu 10\gg.exe [13374048 2011-07-04] (GG Network S.A.)
HKU\S-1-5-21-2985978322-4174081002-1716717453-1000\...\Run: [Softonic for Windows] - C:\Users\win7\AppData\Local\Softonic\Softonic.exe [4140016 2014-01-17] (Softonic)
HKU\S-1-5-21-2985978322-4174081002-1716717453-1000\...\Run: [EADM] - C:\Program Files (x86)\Origin\Origin.exe [3598680 2014-01-29] (Electronic Arts)
HKU\S-1-5-21-2985978322-4174081002-1716717453-1000\...\Run: [MKLOL] - C:\Program Files (x86)\MKJogo\MKLOL\MK.exe [846536 2014-01-14] (MK)
HKU\S-1-5-21-2985978322-4174081002-1716717453-1000\...\Run: [WTFast Tray] - C:\Program Files (x86)\WTFast\WTFast.exe [2949080 2013-12-17] (AAA Internet Publishing, Inc.)
HKU\S-1-5-21-2985978322-4174081002-1716717453-1001\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] - C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe [1266712 2013-05-31] (AVG Secure Search)
HKU\S-1-5-21-2985978322-4174081002-1716717453-1001\...\Run: [AVG-Secure-Search-Update_JUNE2013_HP] - C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_HP.exe [1266712 2013-06-07] (AVG Secure Search)
AppInit_DLLs: c:\progra~3\bitguard\271832~1.68\{c16c1~1\loader.dll => C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\loader.dll [1958880 2013-11-18] ()
AppInit_DLLs-x32: c:\PROGRA~3\BitGuard\271832~1.68\{C16C1~1\BitGuard.dll => C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll [3618304 2013-11-18] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.qone8.com/?type=hp&ts=1383242864&from=cor&uid=ST500DM002-1BD142_Z2AYQQQAXXXXZ2AYQQQA
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://search.babylon.com/?affID=119370&tt=190313_wo1&babsrc=HP_ss_gin2g&mntrId=C2683085A98D4FF2
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.qone8.com/?type=hp&ts=1383242864&from=cor&uid=ST500DM002-1BD142_Z2AYQQQAXXXXZ2AYQQQA
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.qone8.com/?type=hp&ts=1383242864&from=cor&uid=ST500DM002-1BD142_Z2AYQQQAXXXXZ2AYQQQA
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://start.qone8.com/?type=hp&ts=1383242864&from=cor&uid=ST500DM002-1BD142_Z2AYQQQAXXXXZ2AYQQQA
URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://start.qone8.com/web/?type=ds&ts=1383242864&from=cor&uid=ST500DM002-1BD142_Z2AYQQQAXXXXZ2AYQQQA&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://start.qone8.com/web/?type=ds&ts=1383242864&from=cor&uid=ST500DM002-1BD142_Z2AYQQQAXXXXZ2AYQQQA&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://start.qone8.com/web/?type=ds&ts=1383242864&from=cor&uid=ST500DM002-1BD142_Z2AYQQQAXXXXZ2AYQQQA&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://start.qone8.com/web/?type=ds&ts=1383242864&from=cor&uid=ST500DM002-1BD142_Z2AYQQQAXXXXZ2AYQQQA&q={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.delta-search.com/?q={searchTerms}&affID=119370&tt=190313_wo1&babsrc=SP_ss&mntrId=C2683085A98D4FF2
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://start.qone8.com/web/?type=ds&ts=1383242864&from=cor&uid=ST500DM002-1BD142_Z2AYQQQAXXXXZ2AYQQQA&q={searchTerms}
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={6AB6ACED-1D8F-45DD-A76C-6E8A9DE04C63}&mid=da1fee0c96d44f9081720844c4f27dcc-4546c5d6091a027045a53985070398a815c2493c&lang=pl&ds=ax011&pr=&d=2012-10-08 16:03:16&v=15.2.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {AAF47223-F7F5-4ED8-BF00-7E27C8A91EF1} URL = http://www.claro-search.com/?q={searchTerms}&affID=110824&tt=4312_6&babsrc=SP_ss&mntrId=c268b1fa0000000000003085a98d4ff2
SearchScopes: HKCU - {F7FD647C-5D47-4225-9A9F-0C6A64B116C2} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=U3&apn_dtid=OSJ000YYPL&apn_uid=3B8798F8-C8CB-44C5-ABB4-B9137B1BC065&apn_sauid=37078711-FDCC-41BA-AA84-8BB4D085D8C7
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Claro LTD Helper Object - {000F18F2-09EB-4A59-82B2-5AE4184C39C3} - C:\Program Files (x86)\Claro LTD\claro\1.8.3.10\bh\claro.dll (Montera Technologeis LTD)
BHO-x32: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: mixidj Helper Object - {4D6A9BBF-402C-4301-B1EF-28D04F71D761} - C:\Program Files (x86)\mixidj\mixidj\1.8.4.1\bh\mixidj.dll (MixiDJ)
BHO-x32: SaveSense - {71e129ff-6c2a-4984-818c-7e2c998b8d99} - C:\Users\win7\AppData\Local\SaveSense\SaveSenseIE.dll (SaveSense)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\17.3.0.49\AVG Secure Search_toolbar.dll (AVG Secure Search)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.10.0\bh\delta.dll (Delta-search.com)
BHO-x32: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: BonanzaDeals - {fe063412-bea4-4d76-8ed3-183be6220d17} - C:\Program Files (x86)\BonanzaDeals\BonanzaDealsIE.dll (BonanzaDeals)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\17.3.0.49\AVG Secure Search_toolbar.dll (AVG Secure Search)
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM-x32 - Claro LTD Toolbar - {9E131A93-EED7-4BEB-B015-A0ADB30B5646} - C:\Program Files (x86)\Claro LTD\claro\1.8.3.10\claroTlbr.dll (Montera Technologeis LTD)
Toolbar: HKLM-x32 - MixiDJ Toolbar - {CA9B9C89-4662-4ADC-9C23-A452BECD5D19} - C:\Program Files (x86)\mixidj\mixidj\1.8.4.1\mixidjTlbr.dll (MixiDJ)
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.10.0\deltaTlbr.dll (Delta-search.com)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll (AVG Secure Search)
Winsock: Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog9 01 C:\Windows\SysWOW64\WTFastDrv.dll [72296] (Initex)
Winsock: Catalog9 02 C:\Windows\SysWOW64\WTFastDrv.dll [72296] (Initex)
Winsock: Catalog9 03 C:\Windows\SysWOW64\WTFastDrv.dll [72296] (Initex)
Winsock: Catalog9 04 C:\Windows\SysWOW64\WTFastDrv.dll [72296] (Initex)
Winsock: Catalog9 15 C:\Windows\SysWOW64\WTFastDrv.dll [72296] (Initex)
Winsock: Catalog5-x64 01 %SystemRoot%\System32\mswsock.dll [320000] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog9-x64 01 %SystemRoot%\system32\WTFastDrv.dll [79464] (Initex)
Winsock: Catalog9-x64 02 %SystemRoot%\system32\WTFastDrv.dll [79464] (Initex)
Winsock: Catalog9-x64 03 %SystemRoot%\system32\WTFastDrv.dll [79464] (Initex)
Winsock: Catalog9-x64 04 %SystemRoot%\system32\WTFastDrv.dll [79464] (Initex)
Winsock: Catalog9-x64 15 %SystemRoot%\system32\WTFastDrv.dll [79464] (Initex)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\win7\AppData\Roaming\Mozilla\Firefox\Profiles\j62p4v99.default
FF user.js: detected! => C:\Users\win7\AppData\Roaming\Mozilla\Firefox\Profiles\j62p4v99.default\user.js
FF NewTab: user_pref("browser.newtab.url", "");
FF DefaultSearchEngine: qone8
FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", "");
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.3.0\\npsitesafety.dll (AVG Technologies)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.bdupdater.com/BonanzaDealsLive Update;version=3 - C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll (BonanzaDeals)
FF Plugin-x32: @tools.bdupdater.com/BonanzaDealsLive Update;version=9 - C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll (BonanzaDeals)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.updaterss.com/SaveSenseLive Update;version=3 - C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.updaterss.com/SaveSenseLive Update;version=9 - C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @nsroblox.roblox.com/launcher - C:\Users\win7\AppData\Local\Roblox\Versions\version-3ebe0cca16b6421c\\NPRobloxProxy.dll ( Roblox Corporation)
FF SearchPlugin: C:\Users\win7\AppData\Roaming\Mozilla\Firefox\Profiles\j62p4v99.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\win7\AppData\Roaming\Mozilla\Firefox\Profiles\j62p4v99.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\win7\AppData\Roaming\Mozilla\Firefox\Profiles\j62p4v99.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\win7\AppData\Roaming\Mozilla\Firefox\Profiles\j62p4v99.default\searchplugins\mixidj.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\qone8.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF Extension: Delta Toolbar - C:\Users\win7\AppData\Roaming\Mozilla\Firefox\Profiles\j62p4v99.default\Extensions\ffxtlbr@delta.com [2013-03-29]
FF Extension: MixiDJ Toolbar - C:\Users\win7\AppData\Roaming\Mozilla\Firefox\Profiles\j62p4v99.default\Extensions\ffxtlbr@mixidj.com [2013-03-09]
FF Extension: BatBrowse - C:\Users\win7\AppData\Roaming\Mozilla\Firefox\Profiles\j62p4v99.default\Extensions\firefox@batbrowse.com [2013-11-01]
FF Extension: Ask Toolbar - C:\Users\win7\AppData\Roaming\Mozilla\Firefox\Profiles\j62p4v99.default\Extensions\toolbar@ask.com [2013-05-30]
FF Extension: SaveSense - C:\Users\win7\AppData\Roaming\Mozilla\Firefox\Profiles\j62p4v99.default\Extensions\{2d7886a0-85bb-4bf2-b684-ba92b4b21d23} [2014-02-06]
FF Extension: Foxtab Speed Dial - C:\Users\win7\AppData\Roaming\Mozilla\Firefox\Profiles\j62p4v99.default\Extensions\{5ebdca98-43b3-45bb-87e0-716029fb42ab} [2013-11-01]
FF Extension: BonanzaDeals - C:\Users\win7\AppData\Roaming\Mozilla\Firefox\Profiles\j62p4v99.default\Extensions\{f9d03c26-0575-497e-821d-f7956d23e0ca} [2013-11-01]
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\17.3.0.49
FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\17.3.0.49 [2014-01-08]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-06]

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (avast! Online Security) - C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-02-06]
CHR HKLM-x32\...\Chrome\Extension: [boipimhfjpakfgckhbljjengakjhkcbp] - C:\Users\win7\AppData\Roaming\CRMixiDJTB\mixiDJ.crx [2013-02-05]
CHR HKLM-x32\...\Chrome\Extension: [ccncljhbalbbkkfgopogabimepmfkmff] - C:\Program Files (x86)\BatBrowse\ccncljhbalbbkkfgopogabimepmfkmff.crx [2013-02-05]
CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\win7\AppData\Roaming\BabSolution\CR\Delta.crx [2013-02-05]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-02-06]
CHR HKLM-x32\...\Chrome\Extension: [kpepfkjapeclaafmhoelccknpfedainn] - C:\Program Files (x86)\mixidj\mixidj\1.8.4.1\mixidj.crx [2012-11-13]
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\17.3.0.49\avg.crx [2014-01-08]

==================== Services (Whitelisted) =================

R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-06] (AVAST Software)
S2 bonanzadealslive; C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-11-01] (BonanzaDeals)
S3 bonanzadealslivem; C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-11-01] (BonanzaDeals)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [163608 2012-03-06] (Intel Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3937512 2012-10-03] (INCA Internet Co., Ltd.)
R2 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [578264 2011-12-21] (Pandora.TV)
R2 Update BatBrowse; C:\Program Files (x86)\BatBrowse\updateBatBrowse.exe [80160 2014-02-05] ()
R2 Util BatBrowse; C:\Program Files (x86)\BatBrowse\bin\utilBatBrowse.exe [80160 2014-02-05] ()
R2 vToolbarUpdater17.3.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [1771544 2014-01-08] (AVG Secure Search)
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [499856 2014-01-02] (Cherished Technololgy LIMITED)

==================== Drivers (Whitelisted) ====================

R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-02-06] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-02-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2014-02-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-02-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-02-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-02-06] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [80184 2014-02-06] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-02-06] ()
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [39768 2013-02-11] (AVG Technologies)
R4 IOMap; C:\Windows\system32\drivers\IOMap64.sys [23680 2010-02-23] (ASUSTeK Computer Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-10 16:57 - 2014-02-10 16:57 - 00000000 ____D () C:\Users\win7\Downloads\FRST-OlderVersion
2014-02-10 16:48 - 2012-06-02 23:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-02-10 16:48 - 2012-06-02 23:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-02-10 16:48 - 2012-06-02 23:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-02-10 16:48 - 2012-06-02 23:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-02-10 16:48 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-02-10 16:48 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-02-10 16:47 - 2014-02-10 16:47 - 00003300 _____ () C:\Users\win7\Downloads\ESETNecursCleaner(1).exe_20140210.164702.5008.log
2014-02-10 16:46 - 2014-02-10 16:46 - 00003876 _____ () C:\Users\win7\Downloads\ESETNecursCleaner(1).exe_20140210.164651.4592.log
2014-02-10 16:39 - 2014-02-10 16:39 - 00003876 _____ () C:\Users\win7\Downloads\ESETNecursCleaner.exe_20140210.163919.3640.log
2014-02-10 16:38 - 2014-02-10 16:38 - 00003876 _____ () C:\Users\win7\Downloads\ESETNecursCleaner(1).exe_20140210.163850.4424.log
2014-02-10 16:37 - 2014-02-10 16:37 - 00003876 _____ () C:\Users\win7\Downloads\ESETNecursCleaner(1).exe_20140210.163753.4424.log
2014-02-10 16:35 - 2014-02-10 16:36 - 00003876 _____ () C:\Users\win7\Downloads\ESETNecursCleaner(1).exe_20140210.163554.4996.log
2014-02-10 16:35 - 2014-02-10 16:35 - 00251584 _____ (ESET) C:\Users\win7\Downloads\ESETNecursCleaner(1).exe
2014-02-10 16:33 - 2014-02-10 16:34 - 00021297 _____ () C:\Users\win7\Downloads\ESETNecursCleaner.exe_20140210.163350.4504.zip
2014-02-10 16:33 - 2014-02-10 16:34 - 00011498 _____ () C:\Users\win7\Downloads\ESETNecursCleaner.exe_20140210.163350.4504.log
2014-02-10 16:33 - 2014-02-10 16:33 - 00019763 _____ () C:\Users\win7\Downloads\ESETNecursCleaner.exe_20140210.163332.1880.zip
2014-02-10 16:33 - 2014-02-10 16:33 - 00003814 _____ () C:\Users\win7\Downloads\ESETNecursCleaner.exe_20140210.163332.1880.log
2014-02-10 16:27 - 2014-02-10 16:27 - 00251584 _____ (ESET) C:\Users\win7\Downloads\ESETNecursCleaner.exe
2014-02-10 15:38 - 2014-02-10 15:38 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-02-10 15:19 - 2014-02-10 15:19 - 04122976 _____ (Kaspersky Lab ZAO) C:\Users\win7\Downloads\tdsskiller.exe
2014-02-10 14:59 - 2014-02-10 16:40 - 00003420 _____ () C:\Windows\System32\Tasks\BitGuard
2014-02-09 01:26 - 2014-02-10 16:59 - 00025950 _____ () C:\Users\win7\Downloads\FRST.txt
2014-02-09 01:26 - 2014-02-09 01:26 - 00026653 _____ () C:\Users\win7\Downloads\Addition.txt
2014-02-09 01:25 - 2014-02-10 16:59 - 00000000 ____D () C:\FRST
2014-02-09 01:20 - 2014-02-09 01:20 - 00093972 _____ () C:\OTL.Txt
2014-02-09 01:11 - 2014-02-09 01:20 - 00046168 _____ () C:\Users\win7\Downloads\Extras.Txt
2014-02-09 01:04 - 2014-02-09 01:04 - 00602112 _____ (OldTimer Tools) C:\Users\win7\Downloads\OTL.exe
2014-02-09 01:02 - 2014-02-10 16:57 - 02170880 _____ (Farbar) C:\Users\win7\Downloads\FRST64.exe
2014-02-08 22:46 - 2014-02-08 22:46 - 00000000 ____D () C:\Users\Lee sin\AppData\Roaming\XulTest
2014-02-08 22:46 - 2014-02-08 22:46 - 00000000 ____D () C:\Users\Lee sin\AppData\Local\XulTest
2014-02-08 22:40 - 2014-02-08 22:40 - 00000000 ____D () C:\Users\Lee sin\AppData\Local\avgchrome
2014-02-08 13:36 - 2014-02-08 22:46 - 00000000 ____D () C:\Users\Lee sin\AppData\Roaming\Mozilla
2014-02-08 13:09 - 2014-02-08 13:09 - 00000000 ____D () C:\Users\Lee sin\AppData\Roaming\LolClient
2014-02-07 22:22 - 2014-02-07 22:22 - 00000651 _____ () C:\Users\Lee sin\Desktop\Nowy dokument tekstowy.txt
2014-02-07 22:09 - 2014-02-07 22:09 - 00000000 ____D () C:\Users\Lee sin\AppData\Roaming\AVAST Software
2014-02-07 22:09 - 2014-02-07 22:09 - 00000000 ____D () C:\Users\Lee sin\AppData\Local\Google
2014-02-07 22:08 - 2014-02-08 23:51 - 00000335 _____ () C:\Users\Lee sin\daemonprocess.txt
2014-02-07 22:06 - 2014-02-07 22:06 - 00000000 ____D () C:\Users\Lee sin\AppData\Roaming\Adobe
2014-02-07 22:05 - 2014-02-07 22:05 - 00000000 ____H () C:\Users\Lee sin\Documents\Default.rdp
2014-02-07 21:58 - 2014-02-08 23:55 - 00000000 ____D () C:\Users\Lee sin
2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 _SHDL () C:\Users\Lee sin\Ustawienia lokalne
2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 _SHDL () C:\Users\Lee sin\Szablony
2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 _SHDL () C:\Users\Lee sin\Moje dokumenty
2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 _SHDL () C:\Users\Lee sin\Menu Start
2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 _SHDL () C:\Users\Lee sin\Documents\Moje wideo
2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 _SHDL () C:\Users\Lee sin\Documents\Moje obrazy
2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 _SHDL () C:\Users\Lee sin\Documents\Moja muzyka
2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 _SHDL () C:\Users\Lee sin\Dane aplikacji
2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 _SHDL () C:\Users\Lee sin\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 _SHDL () C:\Users\Lee sin\AppData\Local\Historia
2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 _SHDL () C:\Users\Lee sin\AppData\Local\Dane aplikacji
2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 ____D () C:\Users\Lee sin\AppData\Roaming\Systweak
2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 ____D () C:\Users\Lee sin\AppData\Local\VirtualStore
2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 ____D () C:\Users\Lee sin\AppData\Local\AVG Secure Search
2014-02-07 21:58 - 2013-03-09 17:27 - 00000000 ____D () C:\Users\Lee sin\AppData\Roaming\Macromedia
2014-02-07 21:46 - 2014-02-07 21:57 - 00000000 ____D () C:\Users\Shaco
2014-02-06 21:39 - 2013-09-23 13:57 - 00047104 _____ (1C) C:\Users\win7\zunirogyzfyp.exe
2014-02-06 21:39 - 2013-09-20 13:53 - 00047616 _____ (1C) C:\Users\win7\widfafocsynw.exe
2014-02-06 21:05 - 2014-02-06 21:05 - 00038356 _____ () C:\ComboFix.txt
2014-02-06 20:19 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-02-06 20:19 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-02-06 20:19 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-02-06 20:19 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-02-06 20:19 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-02-06 20:19 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-02-06 20:19 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-02-06 20:19 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-02-06 20:18 - 2014-02-06 21:05 - 00000000 ____D () C:\Qoobox
2014-02-06 20:18 - 2014-02-06 21:03 - 00000000 ____D () C:\Windows\erdnt
2014-02-06 20:16 - 2014-02-06 20:18 - 05180173 ____R (Swearware) C:\Users\win7\Downloads\ComboFix.exe
2014-02-06 20:08 - 2014-02-06 20:08 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\tteiapif.sys
2014-02-06 19:41 - 2014-02-06 19:41 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\hrgccsil.sys
2014-02-06 19:39 - 2014-02-06 19:39 - 90578216 _____ (AVAST Software) C:\Users\win7\Downloads\avast_free_antivirus_setup.exe
2014-02-06 19:15 - 2014-02-06 19:15 - 00000000 ____D () C:\Users\win7\AppData\Local\SaveSenseLive
2014-02-06 19:15 - 2014-02-06 19:15 - 00000000 ____D () C:\Users\win7\AppData\Local\SaveSense
2014-02-06 19:14 - 2014-02-06 19:14 - 00613720 _____ () C:\Users\win7\Downloads\avast.Free.Antivirus_2014_9.0.2013.292 (37071).exe
2014-02-06 19:08 - 2014-02-06 19:08 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\iuzzblbf.sys
2014-02-06 19:06 - 2014-02-06 19:06 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\jfmspnpr.sys
2014-02-06 18:36 - 2014-02-06 18:36 - 00000000 ____D () C:\Users\win7\AppData\Roaming\AVAST Software
2014-02-06 18:33 - 2014-02-09 00:39 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-02-06 18:33 - 2014-02-06 18:33 - 01038072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-02-06 18:33 - 2014-02-06 18:33 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-02-06 18:33 - 2014-02-06 18:33 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-02-06 18:33 - 2014-02-06 18:33 - 00207904 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-02-06 18:33 - 2014-02-06 18:33 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-02-06 18:33 - 2014-02-06 18:33 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-02-06 18:33 - 2014-02-06 18:33 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-02-06 18:33 - 2014-02-06 18:33 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-02-06 18:33 - 2014-02-06 18:33 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-02-06 18:33 - 2014-02-06 18:33 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-02-06 18:16 - 2014-02-06 18:16 - 00000000 ____D () C:\Program Files\AVAST Software
2014-02-06 18:15 - 2014-02-06 18:15 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-02-04 21:57 - 2013-10-31 19:07 - 00001629 _____ () C:\Users\win7\Downloads\Internet Explorer (64-bit).lnk
2014-02-04 21:52 - 2013-10-31 19:07 - 00001651 _____ () C:\Users\win7\Downloads\Internet Explorer.lnk
2014-02-03 23:08 - 2014-02-09 00:50 - 00000000 ____D () C:\Users\win7\AppData\Local\AAA_Internet_Publishing,_
2014-02-03 23:08 - 2014-02-03 23:08 - 00000983 _____ () C:\Users\Public\Desktop\WTFast.lnk
2014-02-03 23:08 - 2014-02-03 23:08 - 00000000 ____D () C:\Program Files (x86)\WTFast
2014-02-03 23:08 - 2013-02-01 06:39 - 00079464 _____ (Initex) C:\Windows\system32\WTFastDrv.dll
2014-02-03 23:08 - 2013-02-01 06:39 - 00072296 _____ (Initex) C:\Windows\SysWOW64\WTFastDrv.dll
2014-02-03 23:08 - 2013-02-01 06:39 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SPORDER.DLL
2014-02-03 23:07 - 2014-02-03 23:08 - 04361696 _____ (Initex & AAA Internet Publishing ) C:\Users\win7\Downloads\WTFastSetup.3.0.2.9.exe
2014-02-03 22:29 - 2014-02-03 22:30 - 00000000 ____D () C:\Program Files (x86)\Przyspiesz
2014-02-03 22:29 - 2014-02-03 22:29 - 00001035 _____ () C:\Users\Public\Desktop\Przyspiesz.pl.lnk
2014-02-03 22:28 - 2014-02-03 22:28 - 04482688 _____ (Przyspiesz.pl ) C:\Users\win7\Downloads\setup_przyspiesz_ndw556hqu.exe
2014-02-03 21:53 - 2014-02-03 21:53 - 04240356 _____ () C:\Users\win7\Downloads\ps_setup.exe
2014-02-03 21:34 - 2014-02-03 21:35 - 00666648 _____ () C:\Users\win7\Downloads\Gadwin-PrintScreen(12471).exe
2014-02-02 12:17 - 2014-02-02 12:17 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-02 12:17 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-02 12:17 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-02-02 12:17 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-02-02 12:17 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-02-02 12:16 - 2014-02-02 12:17 - 00005765 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-30 23:47 - 2014-01-30 23:47 - 00002019 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-01-30 17:21 - 2014-01-30 18:01 - 00063168 _____ () C:\Users\win7\Desktop\Pytania.pptx
2014-01-27 19:32 - 2014-01-27 19:32 - 00000680 _____ () C:\Users\win7\Documents\Lista nut.m3u
2014-01-27 19:30 - 2014-01-27 19:31 - 00000000 ____D () C:\Users\win7\Desktop\Nuty
2014-01-24 23:49 - 2014-01-24 23:50 - 07333968 _____ (Ubisoft) C:\Users\win7\Downloads\duelofchampions.exe
2014-01-23 18:39 - 2014-02-10 16:45 - 00001368 _____ () C:\Users\win7\Desktop\Wyczyść rejestr za darmo!.lnk
2014-01-23 18:39 - 2014-01-23 18:39 - 00001054 _____ () C:\Users\Public\Desktop\RegClean Pro.lnk
2014-01-23 18:39 - 2014-01-23 18:39 - 00000000 ____D () C:\Program Files (x86)\RegClean Pro
2014-01-21 19:41 - 2014-01-21 19:41 - 00293080 _____ () C:\Windows\Minidump\012114-14882-01.dmp
2014-01-20 21:36 - 2014-01-21 14:49 - 00000000 ____D () C:\Users\win7\AppData\Local\Ubisoft
2014-01-20 21:35 - 2014-02-09 12:07 - 00000000 __SHD () C:\Users\win7\wc
2014-01-20 21:35 - 2014-02-09 12:06 - 00001063 _____ () C:\Users\Public\Desktop\Duel of Champions Launcher.lnk
2014-01-20 21:35 - 2014-01-20 21:35 - 00000000 __SHD () C:\Users\win7\AppData\Roaming\wyUpdate AU
2014-01-20 21:35 - 2014-01-20 21:35 - 00000000 ____D () C:\Users\win7\AppData\Roaming\Ubisoft
2014-01-20 14:53 - 2014-01-20 14:53 - 00293024 _____ () C:\Windows\Minidump\012014-15178-01.dmp
2014-01-18 16:48 - 2014-01-18 16:48 - 00293088 _____ () C:\Windows\Minidump\011814-15319-01.dmp
2014-01-18 15:43 - 2014-01-18 15:44 - 00293040 _____ () C:\Windows\Minidump\011814-15568-01.dmp
2014-01-15 14:19 - 2014-01-20 15:03 - 00001015 _____ () C:\Users\win7\Desktop\Softonic.lnk
2014-01-14 16:13 - 2014-01-13 16:22 - 00001015 _____ () C:\Users\win7\Downloads\MK LOL.lnk
2014-01-14 07:49 - 2014-01-14 07:49 - 00000000 _____ () C:\Users\win7\AppData\Local\{5D70B5D6-274D-4B71-AEFE-1DDD443CC7CB}
2014-01-13 16:24 - 2014-01-13 16:24 - 00000000 ____D () C:\Users\win7\Documents\MK-LOL
2014-01-13 16:23 - 2014-01-13 16:23 - 00000054 _____ () C:\Windows\JQHApp.dat
2014-01-13 16:20 - 2014-02-09 00:50 - 00000000 ____D () C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MKJogo
2014-01-13 16:20 - 2014-01-14 16:14 - 00001015 _____ () C:\Users\win7\Desktop\MK LOL.lnk
2014-01-13 16:20 - 2014-01-13 16:20 - 00000000 ____D () C:\Program Files (x86)\MKJogo
2014-01-13 16:18 - 2014-01-13 16:19 - 05933256 _____ () C:\Users\win7\Downloads\MK_LOL_1.0.0.25Beta.exe

==================== One Month Modified Files and Folders =======

2014-02-10 16:59 - 2014-02-09 01:26 - 00025950 _____ () C:\Users\win7\Downloads\FRST.txt
2014-02-10 16:59 - 2014-02-09 01:25 - 00000000 ____D () C:\FRST
2014-02-10 16:57 - 2014-02-10 16:57 - 00000000 ____D () C:\Users\win7\Downloads\FRST-OlderVersion
2014-02-10 16:57 - 2014-02-09 01:02 - 02170880 _____ (Farbar) C:\Users\win7\Downloads\FRST64.exe
2014-02-10 16:55 - 2013-11-01 12:34 - 00022588 _____ () C:\Users\win7\daemonprocess.txt
2014-02-10 16:55 - 2009-07-14 05:45 - 00010208 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-10 16:55 - 2009-07-14 05:45 - 00010208 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-10 16:52 - 2012-11-01 20:14 - 00000000 ____D () C:\Users\win7\AppData\Roaming\Skype
2014-02-10 16:49 - 2012-10-19 05:08 - 00748004 _____ () C:\Windows\WindowsUpdate.log
2014-02-10 16:47 - 2014-02-10 16:47 - 00003300 _____ () C:\Users\win7\Downloads\ESETNecursCleaner(1).exe_20140210.164702.5008.log
2014-02-10 16:47 - 2013-03-09 14:15 - 00003108 _____ () C:\Windows\System32\Tasks\RegClean Pro
2014-02-10 16:46 - 2014-02-10 16:46 - 00003876 _____ () C:\Users\win7\Downloads\ESETNecursCleaner(1).exe_20140210.164651.4592.log
2014-02-10 16:46 - 2013-12-24 11:39 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-02-10 16:45 - 2014-01-23 18:39 - 00001368 _____ () C:\Users\win7\Desktop\Wyczyść rejestr za darmo!.lnk
2014-02-10 16:45 - 2013-11-17 19:21 - 00001040 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-10 16:45 - 2013-11-01 12:58 - 00000918 _____ () C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
2014-02-10 16:42 - 2013-02-12 16:38 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-02-10 16:42 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-10 16:42 - 2009-07-14 05:51 - 00068300 _____ () C:\Windows\setupact.log
2014-02-10 16:41 - 2012-10-05 15:17 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-10 16:41 - 2012-10-05 15:02 - 00283148 _____ () C:\Windows\PFRO.log
2014-02-10 16:40 - 2014-02-10 14:59 - 00003420 _____ () C:\Windows\System32\Tasks\BitGuard
2014-02-10 16:39 - 2014-02-10 16:39 - 00003876 _____ () C:\Users\win7\Downloads\ESETNecursCleaner.exe_20140210.163919.3640.log
2014-02-10 16:38 - 2014-02-10 16:38 - 00003876 _____ () C:\Users\win7\Downloads\ESETNecursCleaner(1).exe_20140210.163850.4424.log
2014-02-10 16:37 - 2014-02-10 16:37 - 00003876 _____ () C:\Users\win7\Downloads\ESETNecursCleaner(1).exe_20140210.163753.4424.log
2014-02-10 16:36 - 2014-02-10 16:35 - 00003876 _____ () C:\Users\win7\Downloads\ESETNecursCleaner(1).exe_20140210.163554.4996.log
2014-02-10 16:35 - 2014-02-10 16:35 - 00251584 _____ (ESET) C:\Users\win7\Downloads\ESETNecursCleaner(1).exe
2014-02-10 16:34 - 2014-02-10 16:33 - 00021297 _____ () C:\Users\win7\Downloads\ESETNecursCleaner.exe_20140210.163350.4504.zip
2014-02-10 16:34 - 2014-02-10 16:33 - 00011498 _____ () C:\Users\win7\Downloads\ESETNecursCleaner.exe_20140210.163350.4504.log
2014-02-10 16:33 - 2014-02-10 16:33 - 00019763 _____ () C:\Users\win7\Downloads\ESETNecursCleaner.exe_20140210.163332.1880.zip
2014-02-10 16:33 - 2014-02-10 16:33 - 00003814 _____ () C:\Users\win7\Downloads\ESETNecursCleaner.exe_20140210.163332.1880.log
2014-02-10 16:27 - 2014-02-10 16:27 - 00251584 _____ (ESET) C:\Users\win7\Downloads\ESETNecursCleaner.exe
2014-02-10 16:03 - 2013-11-01 12:58 - 00000922 _____ () C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
2014-02-10 15:42 - 2013-11-17 19:21 - 00001044 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-10 15:38 - 2014-02-10 15:38 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-02-10 15:19 - 2014-02-10 15:19 - 04122976 _____ (Kaspersky Lab ZAO) C:\Users\win7\Downloads\tdsskiller.exe
2014-02-10 15:01 - 2013-03-09 14:15 - 00000274 _____ () C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2014-02-09 22:04 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2014-02-09 21:37 - 2013-11-17 19:21 - 00004040 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-09 21:37 - 2013-11-17 19:21 - 00003788 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-09 13:10 - 2012-10-05 14:53 - 00000000 ____D () C:\Users\win7\AppData\Roaming\Winamp
2014-02-09 12:07 - 2014-01-20 21:35 - 00000000 __SHD () C:\Users\win7\wc
2014-02-09 12:06 - 2014-01-20 21:35 - 00001063 _____ () C:\Users\Public\Desktop\Duel of Champions Launcher.lnk
2014-02-09 01:26 - 2014-02-09 01:26 - 00026653 _____ () C:\Users\win7\Downloads\Addition.txt
2014-02-09 01:20 - 2014-02-09 01:20 - 00093972 _____ () C:\OTL.Txt
2014-02-09 01:20 - 2014-02-09 01:11 - 00046168 _____ () C:\Users\win7\Downloads\Extras.Txt
2014-02-09 01:04 - 2014-02-09 01:04 - 00602112 _____ (OldTimer Tools) C:\Users\win7\Downloads\OTL.exe
2014-02-09 00:50 - 2014-02-03 23:08 - 00000000 ____D () C:\Users\win7\AppData\Local\AAA_Internet_Publishing,_
2014-02-09 00:50 - 2014-01-13 16:20 - 00000000 ____D () C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MKJogo
2014-02-09 00:50 - 2014-01-05 01:17 - 00000000 ____D () C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2014-02-09 00:50 - 2013-12-23 12:26 - 00000000 ____D () C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Softonic
2014-02-09 00:50 - 2013-11-22 12:35 - 00000000 ____D () C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
2014-02-09 00:50 - 2013-04-16 14:10 - 00000000 ____D () C:\Users\win7\AppData\Local\Akamai
2014-02-09 00:50 - 2012-10-04 23:16 - 00000000 ____D () C:\Users\win7
2014-02-09 00:50 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-02-09 00:50 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-02-09 00:39 - 2014-02-06 18:33 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-02-09 00:38 - 2013-07-29 21:32 - 00001852 _____ () C:\Users\win7\Desktop\Co kupić do lola.txt
2014-02-09 00:01 - 2013-06-17 13:09 - 00163328 _____ () C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
2014-02-09 00:01 - 2013-06-17 13:09 - 00003440 _____ () C:\Windows\System32\Tasks\AdobeFlashPlayerUpdate
2014-02-09 00:01 - 2013-06-17 13:09 - 00003180 _____ () C:\Windows\System32\Tasks\AdobeFlashPlayerUpdate 2
2014-02-09 00:01 - 2012-10-08 14:30 - 00003868 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-09 00:01 - 2012-10-08 14:30 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-08 23:55 - 2014-02-07 21:58 - 00000000 ____D () C:\Users\Lee sin
2014-02-08 23:51 - 2014-02-07 22:08 - 00000335 _____ () C:\Users\Lee sin\daemonprocess.txt
2014-02-08 22:46 - 2014-02-08 22:46 - 00000000 ____D () C:\Users\Lee sin\AppData\Roaming\XulTest
2014-02-08 22:46 - 2014-02-08 22:46 - 00000000 ____D () C:\Users\Lee sin\AppData\Local\XulTest
2014-02-08 22:46 - 2014-02-08 13:36 - 00000000 ____D () C:\Users\Lee sin\AppData\Roaming\Mozilla
2014-02-08 22:40 - 2014-02-08 22:40 - 00000000 ____D () C:\Users\Lee sin\AppData\Local\avgchrome
2014-02-08 13:09 - 2014-02-08 13:09 - 00000000 ____D () C:\Users\Lee sin\AppData\Roaming\LolClient
2014-02-07 22:22 - 2014-02-07 22:22 - 00000651 _____ () C:\Users\Lee sin\Desktop\Nowy dokument tekstowy.txt
2014-02-07 22:09 - 2014-02-07 22:09 - 00000000 ____D () C:\Users\Lee sin\AppData\Roaming\AVAST Software
2014-02-07 22:09 - 2014-02-07 22:09 - 00000000 ____D () C:\Users\Lee sin\AppData\Local\Google
2014-02-07 22:06 - 2014-02-07 22:06 - 00000000 ____D () C:\Users\Lee sin\AppData\Roaming\Adobe
2014-02-07 22:05 - 2014-02-07 22:05 - 00000000 ____H () C:\Users\Lee sin\Documents\Default.rdp
2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 _SHDL () C:\Users\Lee sin\Ustawienia lokalne
2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 _SHDL () C:\Users\Lee sin\Szablony
2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 _SHDL () C:\Users\Lee sin\Moje dokumenty
2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 _SHDL () C:\Users\Lee sin\Menu Start
2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 _SHDL () C:\Users\Lee sin\Documents\Moje wideo
2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 _SHDL () C:\Users\Lee sin\Documents\Moje obrazy
2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 _SHDL () C:\Users\Lee sin\Documents\Moja muzyka
2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 _SHDL () C:\Users\Lee sin\Dane aplikacji
2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 _SHDL () C:\Users\Lee sin\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 _SHDL () C:\Users\Lee sin\AppData\Local\Historia
2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 _SHDL () C:\Users\Lee sin\AppData\Local\Dane aplikacji
2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 ____D () C:\Users\Lee sin\AppData\Roaming\Systweak
2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 ____D () C:\Users\Lee sin\AppData\Local\VirtualStore
2014-02-07 21:58 - 2014-02-07 21:58 - 00000000 ____D () C:\Users\Lee sin\AppData\Local\AVG Secure Search
2014-02-07 21:57 - 2014-02-07 21:46 - 00000000 ____D () C:\Users\Shaco
2014-02-07 08:50 - 2013-09-09 20:47 - 00000000 ____D () C:\Windows\SysWOW64\dfrg
2014-02-07 08:50 - 2009-07-14 19:09 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-02-06 21:05 - 2014-02-06 21:05 - 00038356 _____ () C:\ComboFix.txt
2014-02-06 21:05 - 2014-02-06 20:18 - 00000000 ____D () C:\Qoobox
2014-02-06 21:04 - 2012-10-04 23:20 - 00000000 ___RD () C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-06 21:03 - 2014-02-06 20:18 - 00000000 ____D () C:\Windows\erdnt
2014-02-06 21:00 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-02-06 20:42 - 2009-07-14 03:34 - 59244544 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-02-06 20:42 - 2009-07-14 03:34 - 16515072 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-02-06 20:42 - 2009-07-14 03:34 - 00786432 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-02-06 20:42 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-02-06 20:42 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-02-06 20:18 - 2014-02-06 20:16 - 05180173 ____R (Swearware) C:\Users\win7\Downloads\ComboFix.exe
2014-02-06 20:18 - 2009-07-14 06:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-06 20:08 - 2014-02-06 20:08 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\tteiapif.sys
2014-02-06 19:41 - 2014-02-06 19:41 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\hrgccsil.sys
2014-02-06 19:39 - 2014-02-06 19:39 - 90578216 _____ (AVAST Software) C:\Users\win7\Downloads\avast_free_antivirus_setup.exe
2014-02-06 19:17 - 2013-12-18 16:33 - 00000132 _____ () C:\Users\win7\AppData\Roaming\WB.CFG
2014-02-06 19:15 - 2014-02-06 19:15 - 00000000 ____D () C:\Users\win7\AppData\Local\SaveSenseLive
2014-02-06 19:15 - 2014-02-06 19:15 - 00000000 ____D () C:\Users\win7\AppData\Local\SaveSense
2014-02-06 19:14 - 2014-02-06 19:14 - 00613720 _____ () C:\Users\win7\Downloads\avast.Free.Antivirus_2014_9.0.2013.292 (37071).exe
2014-02-06 19:08 - 2014-02-06 19:08 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\iuzzblbf.sys
2014-02-06 19:06 - 2014-02-06 19:06 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\jfmspnpr.sys
2014-02-06 18:36 - 2014-02-06 18:36 - 00000000 ____D () C:\Users\win7\AppData\Roaming\AVAST Software
2014-02-06 18:33 - 2014-02-06 18:33 - 01038072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-02-06 18:33 - 2014-02-06 18:33 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-02-06 18:33 - 2014-02-06 18:33 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-02-06 18:33 - 2014-02-06 18:33 - 00207904 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-02-06 18:33 - 2014-02-06 18:33 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-02-06 18:33 - 2014-02-06 18:33 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-02-06 18:33 - 2014-02-06 18:33 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-02-06 18:33 - 2014-02-06 18:33 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-02-06 18:33 - 2014-02-06 18:33 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-02-06 18:33 - 2014-02-06 18:33 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-02-06 18:16 - 2014-02-06 18:16 - 00000000 ____D () C:\Program Files\AVAST Software
2014-02-06 18:15 - 2014-02-06 18:15 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-02-06 14:15 - 2013-11-01 12:39 - 00000000 ____D () C:\Users\win7\AppData\Roaming\GG
2014-02-05 23:12 - 2013-11-01 16:15 - 00000150 _____ () C:\Windows\SysWOW64\queries-02.cache
2014-02-05 23:12 - 2013-11-01 16:15 - 00000081 _____ () C:\Windows\SysWOW64\cache.00
2014-02-05 21:29 - 2013-01-20 19:42 - 00000000 ____D () C:\Users\win7\AppData\Roaming\.minecraft
2014-02-05 19:45 - 2013-03-09 14:15 - 00000282 _____ () C:\Windows\Tasks\RegClean Pro_UPDATES.job
2014-02-05 13:14 - 2013-03-07 22:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-04 21:59 - 2013-03-07 22:11 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-04 21:58 - 2012-10-08 15:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-03 23:08 - 2014-02-03 23:08 - 00000983 _____ () C:\Users\Public\Desktop\WTFast.lnk
2014-02-03 23:08 - 2014-02-03 23:08 - 00000000 ____D () C:\Program Files (x86)\WTFast
2014-02-03 23:08 - 2014-02-03 23:07 - 04361696 _____ (Initex & AAA Internet Publishing ) C:\Users\win7\Downloads\WTFastSetup.3.0.2.9.exe
2014-02-03 22:30 - 2014-02-03 22:29 - 00000000 ____D () C:\Program Files (x86)\Przyspiesz
2014-02-03 22:29 - 2014-02-03 22:29 - 00001035 _____ () C:\Users\Public\Desktop\Przyspiesz.pl.lnk
2014-02-03 22:28 - 2014-02-03 22:28 - 04482688 _____ (Przyspiesz.pl ) C:\Users\win7\Downloads\setup_przyspiesz_ndw556hqu.exe
2014-02-03 21:53 - 2014-02-03 21:53 - 04240356 _____ () C:\Users\win7\Downloads\ps_setup.exe
2014-02-03 21:35 - 2014-02-03 21:34 - 00666648 _____ () C:\Users\win7\Downloads\Gadwin-PrintScreen(12471).exe
2014-02-03 21:07 - 2012-10-08 15:03 - 00000000 ____D () C:\Program Files (x86)\AVG Secure Search
2014-02-02 22:01 - 2013-11-01 16:15 - 00000017 _____ () C:\queries-07.cache
2014-02-02 22:01 - 2013-11-01 16:15 - 00000005 _____ () C:\server.met
2014-02-02 22:01 - 2013-11-01 16:15 - 00000005 _____ () C:\queries-00.cache
2014-02-02 22:01 - 2013-11-01 16:15 - 00000005 _____ () C:\known.met
2014-02-02 12:17 - 2014-02-02 12:17 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-02 12:17 - 2014-02-02 12:16 - 00005765 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-02 12:17 - 2013-07-03 23:22 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-02 12:08 - 2009-07-14 18:55 - 04666970 _____ () C:\Windows\system32\perfh015.dat
2014-02-02 12:08 - 2009-07-14 18:55 - 01491410 _____ () C:\Windows\system32\perfc015.dat
2014-02-02 12:08 - 2009-07-14 06:13 - 00006224 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-01-30 23:47 - 2014-01-30 23:47 - 00002019 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-01-30 23:47 - 2013-03-09 13:57 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-01-30 23:47 - 2012-11-16 15:43 - 00000000 ____D () C:\Users\win7\AppData\Local\Adobe
2014-01-30 23:47 - 2012-10-05 14:56 - 00000000 ____D () C:\ProgramData\Adobe
2014-01-30 22:53 - 2013-12-25 14:39 - 00000000 ____D () C:\Users\win7\Documents\FIFA 14
2014-01-30 18:01 - 2014-01-30 17:21 - 00063168 _____ () C:\Users\win7\Desktop\Pytania.pptx
2014-01-29 23:21 - 2013-12-24 11:39 - 00000000 ____D () C:\ProgramData\Origin
2014-01-27 19:32 - 2014-01-27 19:32 - 00000680 _____ () C:\Users\win7\Documents\Lista nut.m3u
2014-01-27 19:31 - 2014-01-27 19:30 - 00000000 ____D () C:\Users\win7\Desktop\Nuty
2014-01-24 23:50 - 2014-01-24 23:49 - 07333968 _____ (Ubisoft) C:\Users\win7\Downloads\duelofchampions.exe
2014-01-23 18:39 - 2014-01-23 18:39 - 00001054 _____ () C:\Users\Public\Desktop\RegClean Pro.lnk
2014-01-23 18:39 - 2014-01-23 18:39 - 00000000 ____D () C:\Program Files (x86)\RegClean Pro
2014-01-21 19:41 - 2014-01-21 19:41 - 00293080 _____ () C:\Windows\Minidump\012114-14882-01.dmp
2014-01-21 19:41 - 2013-06-09 12:00 - 335888745 _____ () C:\Windows\MEMORY.DMP
2014-01-21 19:41 - 2013-06-09 12:00 - 00000000 ____D () C:\Windows\Minidump
2014-01-21 14:49 - 2014-01-20 21:36 - 00000000 ____D () C:\Users\win7\AppData\Local\Ubisoft
2014-01-20 21:35 - 2014-01-20 21:35 - 00000000 __SHD () C:\Users\win7\AppData\Roaming\wyUpdate AU
2014-01-20 21:35 - 2014-01-20 21:35 - 00000000 ____D () C:\Users\win7\AppData\Roaming\Ubisoft
2014-01-20 15:03 - 2014-01-15 14:19 - 00001015 _____ () C:\Users\win7\Desktop\Softonic.lnk
2014-01-20 14:53 - 2014-01-20 14:53 - 00293024 _____ () C:\Windows\Minidump\012014-15178-01.dmp
2014-01-19 14:07 - 2013-11-01 16:15 - 00000005 _____ () C:\server_met.old
2014-01-18 16:48 - 2014-01-18 16:48 - 00293088 _____ () C:\Windows\Minidump\011814-15319-01.dmp
2014-01-18 15:44 - 2014-01-18 15:43 - 00293040 _____ () C:\Windows\Minidump\011814-15568-01.dmp
2014-01-18 00:07 - 2014-01-05 01:17 - 00000000 ____D () C:\Program Files (x86)\WarThunder
2014-01-14 16:14 - 2014-01-13 16:20 - 00001015 _____ () C:\Users\win7\Desktop\MK LOL.lnk
2014-01-14 07:49 - 2014-01-14 07:49 - 00000000 _____ () C:\Users\win7\AppData\Local\{5D70B5D6-274D-4B71-AEFE-1DDD443CC7CB}
2014-01-13 16:24 - 2014-01-13 16:24 - 00000000 ____D () C:\Users\win7\Documents\MK-LOL
2014-01-13 16:23 - 2014-01-13 16:23 - 00000054 _____ () C:\Windows\JQHApp.dat
2014-01-13 16:22 - 2014-01-14 16:13 - 00001015 _____ () C:\Users\win7\Downloads\MK LOL.lnk
2014-01-13 16:20 - 2014-01-13 16:20 - 00000000 ____D () C:\Program Files (x86)\MKJogo
2014-01-13 16:19 - 2014-01-13 16:18 - 05933256 _____ () C:\Users\win7\Downloads\MK_LOL_1.0.0.25Beta.exe

Files to move or delete:
====================
C:\Users\win7\widfafocsynw.exe
C:\Users\win7\zunirogyzfyp.exe


Some content of TEMP:
====================
C:\Users\win7\AppData\Local\Temp\{0DB35E2A-15AD-49B0-BC01-46DD3D366862}.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2012-10-05 15:06] - [2011-02-25 07:36] - 0295296 ____A (Microsoft Corporation) C9D0EAF58D6BA71E128E715EA43AD87D



testsigning: ==> Check for possible unsigned rootkit driver <===== ATTENTION!


LastRegBack: 2014-02-08 12:00

==================== End Of Log ============================