Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014 01 Ran by Admin (administrator) on DIEGO-LAPTOK on 04-04-2014 16:21:21 Running from C:\Users\Admin\Desktop\Problemik Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: Polish Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe (Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe (Autodesk, Inc.) C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe (pdfforge GmbH) C:\Program Files\PDF Architect\HelperService.exe (pdfforge GmbH) C:\Program Files\PDF Architect\ConversionService.exe () C:\Windows\system32\PnkBstrA.exe () C:\Program Files\maucampo\updatemaucampo.exe () C:\Program Files\maucampo\bin\utilmaucampo.exe () C:\Program Files\maucampo\bin\FilterApp_C.exe (Autodesk, Inc.) C:\Program Files\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe (Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (PixArt Imaging Incorporation) C:\Windows\PixArt\Pac207\Monitor.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Brother Industries, Ltd.) C:\Program Files\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.) C:\Program Files\Brother\ControlCenter3\brccMCtl.exe (Brother Industries, Ltd.) C:\Program Files\Browny02\BrYNSvc.exe () C:\Program Files\maucampo\bin\XTLSApp.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE ==================== Registry (Whitelisted) ================== HKLM\...\Run: [nwiz] - nwiz.exe /installquiet HKLM\...\Run: [NvCplDaemon] - C:\Windows\system32\NvCpl.dll [13838952 2010-05-12] (NVIDIA Corporation) HKLM\...\Run: [NVHotkey] - C:\Windows\system32\nvHotkey.dll [92776 2010-05-12] (NVIDIA Corporation) HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated) HKLM\...\Run: [ADSK DLMSession] - C:\Program Files\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [1641368 2013-02-01] (Autodesk, Inc.) HKLM\...\Run: [Autodesk Sync] - C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [383424 2012-02-05] (Autodesk, Inc.) HKLM\...\Run: [Acrobat Assistant 8.0] - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640376 2008-10-01] (Adobe Systems Inc.) HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM\...\Run: [Monitor] - C:\Windows\PixArt\PAC207\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation) HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-03-29] (AVAST Software) HKLM\...\Run: [ControlCenter3] - C:\Program Files\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.) HKLM\...\Run: [BrStsMon00] - C:\Program Files\Browny02\Brother\BrStMonW.exe [2629632 2012-09-25] (Brother Industries, Ltd.) HKU\S-1-5-21-952922345-1515019057-2559317736-1000\...\Run: [AQQ] - C:\Program Files\WapSter\WapSter AQQ\AQQ.exe [8174592 2013-10-16] (AQQ Sp. z o.o.) HKU\S-1-5-21-952922345-1515019057-2559317736-1000\...\MountPoints2: {34ddfa2e-2d20-11e3-a934-028037ec0200} - E:\autorun.exe HKU\S-1-5-21-952922345-1515019057-2559317736-1000\...\MountPoints2: {a6a6e12e-83a9-11e3-887e-028037ec0200} - E:\AutoRun.exe ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/ BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GmbH) BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 212.14.28.51 212.14.18.2 Tcpip\..\Interfaces\{D38AD4CB-203D-4477-890B-B57A19DA248A}: [NameServer]8.8.8.8,8.8.4.4 Chrome: ======= CHR HomePage: hxxp://www.bph.pl/pl CHR Extension: (Dokumenty Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-08] CHR Extension: (Dysk Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-08] CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-08] CHR Extension: (Szukaj w Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-08] CHR Extension: (AdBlock) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-03-26] CHR Extension: (avast! Online Security) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-01-08] CHR Extension: (Google Wallet) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-08] CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-08] CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-03-29] ========================== Services (Whitelisted) ================= R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-03-29] (AVAST Software) R3 BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) R2 Credential Vault Host Control Service; C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [826312 2012-10-24] (Broadcom Corporation) R2 Credential Vault Host Storage; C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [31688 2012-10-24] (Broadcom Corporation) S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1044816 2013-10-06] (Flexera Software, Inc.) R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH) R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH) R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2013-10-05] () R2 Update maucampo; C:\Program Files\maucampo\updatemaucampo.exe [350488 2014-04-04] () R2 Util maucampo; C:\Program Files\maucampo\bin\utilmaucampo.exe [350488 2014-04-03] () ==================== Drivers (Whitelisted) ==================== R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-03-29] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-03-29] (AVAST Software) R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-03-29] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [776976 2014-03-29] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [411552 2014-03-29] (AVAST Software) R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [67264 2014-03-29] (AVAST Software) R1 aswTdi; C:\Windows\system32\Drivers\aswTdi.sys [56080 2013-12-19] (AVAST Software) R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180760 2014-03-29] () R3 cvusbdrv; C:\Windows\System32\Drivers\cvusbdrv.sys [41480 2012-10-24] (Broadcom Corporation) R3 d553bus; C:\Windows\System32\DRIVERS\d553bus.sys [281216 2008-12-19] (MCCI Corporation) R3 d553card; C:\Windows\System32\DRIVERS\d553card.sys [356352 2008-12-19] (MCCI Corporation) R3 d553gps; C:\Windows\System32\DRIVERS\d553gps.sys [77352 2009-01-08] (Dell) R3 d553mdfl; C:\Windows\System32\DRIVERS\d553mdfl.sys [14976 2008-12-19] (MCCI Corporation) R3 d553mdfl2; C:\Windows\System32\DRIVERS\d553mdfl2.sys [14976 2008-12-19] (MCCI Corporation) R3 d553mdm; C:\Windows\System32\DRIVERS\d553mdm.sys [365312 2008-12-19] (MCCI Corporation) R3 d553mdm2; C:\Windows\System32\DRIVERS\d553mdm2.sys [409216 2008-12-19] (MCCI Corporation) R3 d553nd5; C:\Windows\System32\DRIVERS\d553nd5.sys [25984 2008-12-19] (MCCI Corporation) R3 d553scard; C:\Windows\System32\DRIVERS\d553scard.sys [49192 2009-04-06] (Dell) R3 d553unic; C:\Windows\System32\DRIVERS\d553unic.sys [375424 2008-12-19] (MCCI Corporation) S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [507136 2006-12-05] (PixArt Imaging Inc.) R1 wStLib; C:\Windows\System32\drivers\wStLib.sys [52920 2014-03-22] (StdLib) U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-04-04 16:20 - 2014-04-04 16:21 - 00000000 ____D () C:\FRST 2014-04-04 16:09 - 2014-04-04 16:21 - 00000000 ____D () C:\Users\Admin\Desktop\Problemik 2014-04-04 14:34 - 2014-04-04 14:35 - 03448880 _____ () C:\Users\Admin\Downloads\avg_remover_slt.exe 2014-04-04 13:54 - 2014-04-04 13:54 - 00000000 ____D () C:\Users\Admin\Downloads\salitykiller 2014-04-04 13:52 - 2014-04-04 13:52 - 00164134 _____ () C:\Users\Admin\Downloads\salitykiller.zip 2014-04-04 13:31 - 2014-04-04 13:31 - 00000000 ____D () C:\Users\Admin\Downloads\Pokemonfireredpl_vis 2014-03-31 22:56 - 2014-04-03 23:40 - 00000000 ____D () C:\Users\Admin\Desktop\CZAMBEŁ 2014-03-29 15:39 - 2014-03-29 15:39 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-03-26 14:34 - 2014-04-04 15:54 - 00001034 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-03-26 14:34 - 2014-04-04 15:46 - 00001030 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-03-22 06:05 - 2014-03-22 06:05 - 00052920 _____ (StdLib) C:\Windows\system32\Drivers\wStLib.sys 2014-03-20 18:13 - 2014-03-20 18:13 - 334263741 _____ () C:\Windows\MEMORY.DMP 2014-03-20 18:13 - 2014-03-20 18:13 - 00931208 _____ () C:\Windows\Minidump\032014-21543-01.dmp 2014-03-20 18:13 - 2014-03-20 18:13 - 00000000 ____D () C:\Windows\Minidump 2014-03-19 18:29 - 2014-03-19 18:29 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2014-03-16 21:32 - 2014-03-16 21:32 - 00000000 ____D () C:\Users\Admin\AppData\Local\Autodesk, Inc 2014-03-13 23:58 - 2014-03-13 23:58 - 00000000 ____D () C:\Windows\pss 2014-03-13 23:57 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-03-13 23:57 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-03-13 23:57 - 2014-03-01 06:10 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-03-13 23:57 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-03-13 23:57 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-03-13 23:57 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-03-13 23:57 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-03-13 23:57 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-03-13 23:57 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-03-13 23:57 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-03-13 23:57 - 2014-03-01 05:38 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-03-13 23:57 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-03-13 23:57 - 2014-03-01 05:31 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-03-13 23:57 - 2014-03-01 05:25 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-03-13 23:57 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-03-13 23:57 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-03-13 23:57 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-03-13 23:57 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-03-13 23:57 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-03-13 23:57 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-03-13 23:57 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-03-13 23:57 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-03-13 23:57 - 2014-02-07 03:07 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-03-13 23:57 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-03-13 23:57 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2014-03-07 17:23 - 2014-03-27 21:39 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Awesomium 2014-03-07 17:23 - 2014-03-07 17:23 - 00000677 _____ () C:\Users\Public\Desktop\Panzar.lnk 2014-03-07 17:23 - 2014-03-07 17:23 - 00000000 ____D () C:\Games ==================== One Month Modified Files and Folders ======= 2014-04-04 16:21 - 2014-04-04 16:20 - 00000000 ____D () C:\FRST 2014-04-04 16:21 - 2014-04-04 16:09 - 00000000 ____D () C:\Users\Admin\Desktop\Problemik 2014-04-04 15:58 - 2013-09-30 06:03 - 02004975 _____ () C:\Windows\WindowsUpdate.log 2014-04-04 15:54 - 2014-03-26 14:34 - 00001034 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-04-04 15:47 - 2009-07-14 04:04 - 00000721 _____ () C:\Windows\win.ini 2014-04-04 15:46 - 2014-03-26 14:34 - 00001030 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-04-04 15:46 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-04-04 15:46 - 2009-07-14 06:39 - 00050110 _____ () C:\Windows\setupact.log 2014-04-04 15:45 - 2009-07-14 06:34 - 00017072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-04-04 15:45 - 2009-07-14 06:34 - 00017072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-04-04 15:22 - 2013-10-05 09:33 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-04-04 14:35 - 2014-04-04 14:34 - 03448880 _____ () C:\Users\Admin\Downloads\avg_remover_slt.exe 2014-04-04 13:54 - 2014-04-04 13:54 - 00000000 ____D () C:\Users\Admin\Downloads\salitykiller 2014-04-04 13:54 - 2009-07-14 04:04 - 00000219 _____ () C:\Windows\system.ini 2014-04-04 13:52 - 2014-04-04 13:52 - 00164134 _____ () C:\Users\Admin\Downloads\salitykiller.zip 2014-04-04 13:31 - 2014-04-04 13:31 - 00000000 ____D () C:\Users\Admin\Downloads\Pokemonfireredpl_vis 2014-04-04 13:28 - 2013-10-15 20:59 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\vlc 2014-04-03 23:40 - 2014-03-31 22:56 - 00000000 ____D () C:\Users\Admin\Desktop\CZAMBEŁ 2014-04-03 22:38 - 2013-10-06 18:12 - 00000000 ____D () C:\Users\Admin\AppData\Local\cache 2014-04-03 22:34 - 2011-04-12 07:08 - 00737980 _____ () C:\Windows\system32\perfh015.dat 2014-04-03 22:34 - 2011-04-12 07:08 - 00154636 _____ () C:\Windows\system32\perfc015.dat 2014-04-03 22:34 - 2010-11-20 23:01 - 01662556 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-04-03 19:46 - 2014-02-19 17:49 - 00000000 ____D () C:\dsj 2014-04-03 19:40 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF 2014-04-03 10:55 - 2014-02-12 19:39 - 00001177 _____ () C:\Users\Admin\Documents\plot.log 2014-04-03 10:00 - 2013-10-04 21:07 - 00000000 ___RD () C:\Users\Admin\Desktop\GUZIK 2014-03-29 16:10 - 2013-10-04 20:29 - 00000000 ___RD () C:\Users\Admin\Desktop\Programy 2014-03-29 16:00 - 2010-11-20 23:48 - 00167470 _____ () C:\Windows\PFRO.log 2014-03-29 15:39 - 2014-03-29 15:39 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-03-29 15:39 - 2013-12-27 11:29 - 00067264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys 2014-03-29 15:39 - 2013-09-30 11:28 - 00776976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2014-03-29 15:39 - 2013-09-30 11:28 - 00411552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2014-03-29 15:39 - 2013-09-30 11:28 - 00271264 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2014-03-29 15:39 - 2013-09-30 11:28 - 00180760 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2014-03-29 15:39 - 2013-09-30 11:28 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2014-03-29 15:39 - 2013-09-30 11:28 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2014-03-29 15:39 - 2013-09-30 11:28 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2014-03-27 21:39 - 2014-03-07 17:23 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Awesomium 2014-03-26 19:20 - 2013-10-04 20:22 - 00000000 ____D () C:\Program Files\Google 2014-03-26 14:34 - 2013-09-30 08:01 - 00000000 ____D () C:\Users\Admin\AppData\Local\Deployment 2014-03-25 02:44 - 2013-10-06 10:11 - 00007606 _____ () C:\Users\Admin\AppData\Local\resmon.resmoncfg 2014-03-25 00:20 - 2013-10-05 09:33 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2014-03-25 00:20 - 2013-10-05 09:33 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2014-03-25 00:20 - 2013-10-05 09:29 - 00000000 ____D () C:\Users\Admin\AppData\Local\Adobe 2014-03-22 06:05 - 2014-03-22 06:05 - 00052920 _____ (StdLib) C:\Windows\system32\Drivers\wStLib.sys 2014-03-20 18:13 - 2014-03-20 18:13 - 334263741 _____ () C:\Windows\MEMORY.DMP 2014-03-20 18:13 - 2014-03-20 18:13 - 00931208 _____ () C:\Windows\Minidump\032014-21543-01.dmp 2014-03-20 18:13 - 2014-03-20 18:13 - 00000000 ____D () C:\Windows\Minidump 2014-03-19 18:29 - 2014-03-19 18:29 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2014-03-19 04:08 - 2013-10-08 16:46 - 00000000 ____D () C:\Windows\system32\MRT 2014-03-19 04:01 - 2013-10-08 16:46 - 87350280 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-03-16 21:32 - 2014-03-16 21:32 - 00000000 ____D () C:\Users\Admin\AppData\Local\Autodesk, Inc 2014-03-14 07:46 - 2009-07-14 06:33 - 00500880 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-03-14 07:44 - 2013-10-15 20:52 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-03-14 00:31 - 2013-10-08 22:28 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-03-13 23:58 - 2014-03-13 23:58 - 00000000 ____D () C:\Windows\pss 2014-03-09 17:43 - 2013-11-01 01:01 - 00000000 ____D () C:\Users\Admin\Downloads\POZOSTAŁE 2014-03-07 17:23 - 2014-03-07 17:23 - 00000677 _____ () C:\Users\Public\Desktop\Panzar.lnk 2014-03-07 17:23 - 2014-03-07 17:23 - 00000000 ____D () C:\Games 2014-03-07 17:23 - 2014-01-27 23:50 - 00000000 ____D () C:\Users\Admin\Downloads\budowniczy śmietnik ;) Some content of TEMP: ==================== C:\Users\Admin\AppData\Local\Temp\bitool.dll C:\Users\Admin\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe C:\Users\Admin\AppData\Local\Temp\maucampoSetup.exe ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\system32\winlogon.exe => MD5 is legit C:\Windows\system32\wininit.exe => MD5 is legit C:\Windows\system32\svchost.exe => MD5 is legit C:\Windows\system32\services.exe => MD5 is legit C:\Windows\system32\User32.dll [2010-11-20 23:29] - [2010-11-20 23:29] - 0811520 ____A (Microsoft Corporation) 8626F0C30D4E3564FFDD25C90F4426F1 C:\Windows\system32\userinit.exe => MD5 is legit C:\Windows\system32\rpcss.dll => MD5 is legit C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-03-30 02:21 ==================== End Of Log ============================