Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-01-2015 Ran by me (administrator) on ME-PC on 14-01-2015 02:55:09 Running from C:\Users\me\Desktop Loaded Profile: me (Available profiles: me) Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: English (United States) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Safe Mode (with Networking) Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-10] (AVAST Software) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2299176 2011-10-14] (Synaptics Incorporated) HKLM\...\Run: [adiras] => C:\Windows\adiras.exe [194128 2007-02-13] () HKLM\...\Run: [StartCCC] => e:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-30] (Advanced Micro Devices, Inc.) HKLM\...\Run: [AMD AVT] => C:\Program Files\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] () HKLM\...\Run: [gmsd_pl_19] => [X] HKU\S-1-5-21-3314370245-1754849457-2748816276-1000\...\Run: [DAEMON Tools Lite] => E:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd) HKU\S-1-5-21-3314370245-1754849457-2748816276-1000\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x95000000 HKU\S-1-5-21-3314370245-1754849457-2748816276-1000\...\MountPoints2: {620f7204-7c64-11e3-aab4-2c27d7d326ca} - G:\autorun.exe HKU\S-1-5-21-3314370245-1754849457-2748816276-1000\...\MountPoints2: {c8899594-7c4e-11e3-aebc-2c27d7d326ca} - F:\AutoRun.exe --autorun HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-11-27] (Microsoft Corporation) IFEO\bitguard.exe: [Debugger] tasklist.exe IFEO\bprotect.exe: [Debugger] tasklist.exe IFEO\bpsvc.exe: [Debugger] tasklist.exe IFEO\browserdefender.exe: [Debugger] tasklist.exe IFEO\browserprotect.exe: [Debugger] tasklist.exe IFEO\browsersafeguard.exe: [Debugger] tasklist.exe IFEO\dprotectsvc.exe: [Debugger] tasklist.exe IFEO\jumpflip: [Debugger] tasklist.exe IFEO\protectedsearch.exe: [Debugger] tasklist.exe IFEO\searchinstaller.exe: [Debugger] tasklist.exe IFEO\searchprotection.exe: [Debugger] tasklist.exe IFEO\searchprotector.exe: [Debugger] tasklist.exe IFEO\searchsettings.exe: [Debugger] tasklist.exe IFEO\searchsettings64.exe: [Debugger] tasklist.exe IFEO\snapdo.exe: [Debugger] tasklist.exe IFEO\stinst32.exe: [Debugger] tasklist.exe IFEO\stinst64.exe: [Debugger] tasklist.exe IFEO\umbrella.exe: [Debugger] tasklist.exe IFEO\utiljumpflip.exe: [Debugger] tasklist.exe IFEO\volaro: [Debugger] tasklist.exe IFEO\vonteera: [Debugger] tasklist.exe IFEO\websteroids.exe: [Debugger] tasklist.exe IFEO\websteroidsservice.exe: [Debugger] tasklist.exe Startup: C:\Users\me\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe () HKLM\...\AppCertDlls: [x64] -> c:\program files\browser tab search by ask\safetynut\x64\safetycrt.dll ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software) BootExecute: ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-3314370245-1754849457-2748816276-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&ts=1420739287&from=sky&uid=WDCXWD2500BEVS-22UST0_WD-WXCX0757172471724 HKU\S-1-5-21-3314370245-1754849457-2748816276-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp HKU\S-1-5-21-3314370245-1754849457-2748816276-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&ts=1420739287&from=sky&uid=WDCXWD2500BEVS-22UST0_WD-WXCX0757172471724 SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type=ds&ts=1420739287&from=sky&uid=WDCXWD2500BEVS-22UST0_WD-WXCX0757172471724&q={searchTerms} SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type=ds&ts=1420739287&from=sky&uid=WDCXWD2500BEVS-22UST0_WD-WXCX0757172471724&q={searchTerms} SearchScopes: HKU\S-1-5-21-3314370245-1754849457-2748816276-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type=ds&ts=1420739287&from=sky&uid=WDCXWD2500BEVS-22UST0_WD-WXCX0757172471724&q={searchTerms} SearchScopes: HKU\S-1-5-21-3314370245-1754849457-2748816276-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type=ds&ts=1420739287&from=sky&uid=WDCXWD2500BEVS-22UST0_WD-WXCX0757172471724&q={searchTerms} BHO: CinemaPro-1.5cV08.01 -> {11111111-1111-1111-1111-110611571183} -> C:\Program Files\CinemaPro-1.5cV08.01\CinemaPro-1.5cV08.01-bho.dll (Cinema ProV08.01) BHO: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> e:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll No File BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{7E82C20A-4796-406D-915F-16DC85D9DAAF}: [NameServer] 217.8.168.244 157.25.5.18 FireFox: ======== FF ProfilePath: C:\Users\me\AppData\Roaming\Mozilla\Firefox\Profiles\qp1jogly.default FF SelectedSearchEngine: mystartsearch FF Homepage: https://www.google.pl/ FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_246.dll () FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate) FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF user.js: detected! => C:\Users\me\AppData\Roaming\Mozilla\Firefox\Profiles\qp1jogly.default\user.js FF Extension: FF Toolbar - C:\Users\me\AppData\Roaming\Mozilla\Firefox\Profiles\qp1jogly.default\Extensions\fftoolbar2014@etech.com [2015-01-08] FF Extension: Better Finder - C:\Users\me\AppData\Roaming\Mozilla\Firefox\Profiles\qp1jogly.default\Extensions\{142c88f6-8b34-46f3-938d-72ffd58238dc} [2015-01-08] FF Extension: BitComet Video Downloader - C:\Users\me\AppData\Roaming\Mozilla\Firefox\Profiles\qp1jogly.default\Extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB} [2014-07-15] FF Extension: Eliminator Slajdów - C:\Users\me\AppData\Roaming\Mozilla\Firefox\Profiles\qp1jogly.default\Extensions\jid0-GaZOxvWNYcafEsmayJDIG3XXVi8@jetpack.xpi [2015-01-09] FF Extension: YouTube ALL HTML5 - C:\Users\me\AppData\Roaming\Mozilla\Firefox\Profiles\qp1jogly.default\Extensions\jid1-qj0w91o64N7Eeg@jetpack.xpi [2015-01-09] FF Extension: Adblock Plus - C:\Users\me\AppData\Roaming\Mozilla\Firefox\Profiles\qp1jogly.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-11-29] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-11-27] FF HKLM\...\Firefox\Extensions: [fftoolbar2014@etech.com] - C:\Users\me\AppData\Roaming\Mozilla\Firefox\Profiles\qp1jogly.default\extensions\fftoolbar2014@etech.com Chrome: ======= CHR DefaultSearchKeyword: Default -> mystartsearch CHR DefaultSearchURL: Default -> http://www.mystartsearch.com/web/?type=ds&ts=1420739287&from=sky&uid=WDCXWD2500BEVS-22UST0_WD-WXCX0757172471724&q={searchTerms} CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\39.0.2171.71\PepperFlash\pepflashplayer.dll No File CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\39.0.2171.71\ppGoogleNaClPluginChrome.dll No File CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\39.0.2171.71\pdf.dll No File CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File CHR Profile: C:\Users\me\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\me\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-27] CHR Extension: (Google Drive) - C:\Users\me\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-27] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\me\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-18] CHR Extension: (YouTube) - C:\Users\me\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-27] CHR Extension: (CinemaPro-1.5cV08.01) - C:\Users\me\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccnkbaeamfbhdnmilamlkagpfgimgppo [2015-01-08] CHR Extension: (Google Search) - C:\Users\me\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-27] CHR Extension: (Avast Online Security) - C:\Users\me\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-11-27] CHR Extension: (lacckjdlmkdhcacjdodpjokfobckjclh) - C:\Users\me\AppData\Local\Google\Chrome\User Data\Default\Extensions\lacckjdlmkdhcacjdodpjokfobckjclh [2015-01-13] CHR Extension: (Google Wallet) - C:\Users\me\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-27] CHR Extension: (Gmail) - C:\Users\me\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-27] CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-21] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S2 AMD FUEL Service; e:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2013-04-29] (Advanced Micro Devices, Inc.) [File not signed] S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-21] (AVAST Software) S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3192344 2014-12-21] (Avast Software) S3 BITCOMET_HELPER_SERVICE; E:\Program Files\BitComet\tools\BitCometService.exe [1296728 2013-11-29] (www.BitComet.com) S2 globalUpdate; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2015-01-08] (globalUpdate) [File not signed] S3 globalUpdatem; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2015-01-08] (globalUpdate) [File not signed] S2 servervo; C:\Users\me\AppData\Roaming\VOPackage\VOsrv.exe [133120 2015-01-08] () [File not signed] <==== ATTENTION S2 Update Brass Search; "C:\Program Files\Brass Search\updateBrassSearch.exe" [X] S2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 adiusbaw; C:\Windows\System32\DRIVERS\adiusbaw.sys [118552 2007-02-07] (Analog Devices Inc.) S2 AODDriver4.1; e:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [45184 2012-03-05] (Advanced Micro Devices) S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-12-21] () S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2014-12-21] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-12-21] (AVAST Software) S0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-12-21] () S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2014-12-21] (AVAST Software) S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423784 2014-12-21] (AVAST Software) S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [91496 2014-12-21] (AVAST Software) S0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206248 2014-12-21] () R3 athr; C:\Windows\System32\DRIVERS\athr.sys [2957312 2012-06-20] (Qualcomm Atheros Communications, Inc.) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-01-13] (Disc Soft Ltd) S2 ELOADER; C:\Windows\System32\Drivers\adildr.sys [56088 2007-02-07] (Analog Deivces) S1 ISODrive; e:\Program Files\UltraISO\drivers\ISODrive.sys [82168 2013-11-21] (EZB Systems, Inc.) S1 prodrv06; C:\Windows\System32\drivers\prodrv06.sys [51744 2003-09-06] (Protection Technology) [File not signed] S0 prohlp02; C:\Windows\System32\drivers\prohlp02.sys [62656 2003-09-06] (Protection Technology) [File not signed] S0 prosync1; C:\Windows\System32\drivers\prosync1.sys [6944 2003-09-06] (Protection Technology) [File not signed] S3 pwdspio; C:\Windows\system32\pwdspio.sys [10200 2013-07-01] () S0 sfhlp01; C:\Windows\System32\drivers\sfhlp01.sys [4832 2003-09-06] (Protection Technology) [File not signed] S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [98432 2009-09-19] (MCCI) S3 usb_rndis; C:\Windows\System32\DRIVERS\usb8023.sys [15872 2013-02-12] (Microsoft Corporation) S2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [218192 2014-12-21] (Avast Software) R1 {ea9f98ab-eb76-48f1-9515-789a62614684}Gw; C:\Windows\System32\drivers\{ea9f98ab-eb76-48f1-9515-789a62614684}Gw.sys [43200 2015-01-07] (StdLib) S1 ccnfd_1_10_0_5; system32\drivers\ccnfd_1_10_0_5.sys [X] S3 pwdrvio; \??\C:\Windows\system32\pwdrvio.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-14 02:55 - 2015-01-14 02:56 - 00015344 _____ () C:\Users\me\Desktop\FRST.txt 2015-01-14 02:18 - 2015-01-14 02:18 - 00000197 _____ () C:\Windows\system32\2015-01-14-01-18-40.090-AvastVBoxSVC.exe-3344.log 2015-01-14 02:11 - 2015-01-14 02:11 - 00000197 _____ () C:\Windows\system32\2015-01-14-01-11-03.006-AvastVBoxSVC.exe-4004.log 2015-01-14 01:23 - 2015-01-14 01:23 - 00000197 _____ () C:\Windows\system32\2015-01-14-00-23-38.023-AvastVBoxSVC.exe-2412.log 2015-01-13 16:17 - 2015-01-13 16:17 - 00000197 _____ () C:\Windows\system32\2015-01-13-15-17-02.075-AvastVBoxSVC.exe-1656.log 2015-01-12 10:16 - 2015-01-12 10:16 - 00000197 _____ () C:\Windows\system32\2015-01-12-09-16-55.040-AvastVBoxSVC.exe-2508.log 2015-01-11 16:26 - 2015-01-11 16:26 - 00000197 _____ () C:\Windows\system32\2015-01-11-15-26-40.007-AvastVBoxSVC.exe-3744.log 2015-01-11 14:43 - 2015-01-11 14:44 - 00000197 _____ () C:\Windows\system32\2015-01-11-13-43-59.068-AvastVBoxSVC.exe-3768.log 2015-01-11 13:51 - 2015-01-11 13:51 - 00000197 _____ () C:\Windows\system32\2015-01-11-12-51-32.091-AvastVBoxSVC.exe-2976.log 2015-01-11 13:15 - 2015-01-11 13:15 - 00000197 _____ () C:\Windows\system32\2015-01-11-12-15-10.046-AvastVBoxSVC.exe-1316.log 2015-01-10 22:42 - 2015-01-10 22:42 - 00000197 _____ () C:\Windows\system32\2015-01-10-21-42-06.092-AvastVBoxSVC.exe-644.log 2015-01-10 22:26 - 2015-01-10 22:26 - 00000197 _____ () C:\Windows\system32\2015-01-10-21-26-38.078-AvastVBoxSVC.exe-1304.log 2015-01-10 13:30 - 2015-01-10 13:30 - 00000197 _____ () C:\Windows\system32\2015-01-10-12-30-02.075-AvastVBoxSVC.exe-2148.log 2015-01-09 16:28 - 2015-01-09 16:28 - 00001367 _____ () C:\Users\me\Desktop\GothicStarter - Shortcut.lnk 2015-01-09 16:13 - 2015-01-09 17:10 - 441948608 _____ () C:\Users\me\Desktop\TexturePack_Video_PL.rar 2015-01-08 23:53 - 2015-01-08 23:53 - 00001081 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-01-08 23:53 - 2015-01-08 23:53 - 00001069 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2015-01-08 22:21 - 2015-01-08 22:21 - 00000622 _____ () C:\Users\me\Desktop\New Text Document.txt 2015-01-08 21:59 - 2015-01-08 21:59 - 00000197 _____ () C:\Windows\system32\2015-01-08-20-59-23.044-AvastVBoxSVC.exe-1664.log 2015-01-08 21:42 - 2015-01-08 21:42 - 02191360 _____ () C:\Users\me\Desktop\adwcleaner_4.107.exe 2015-01-08 21:23 - 2015-01-10 13:42 - 00000000 ____D () C:\Program Files\ClickCaption_1.10.0.5 2015-01-08 21:07 - 2015-01-08 21:07 - 00000197 _____ () C:\Windows\system32\2015-01-08-20-07-18.078-AvastVBoxSVC.exe-2016.log 2015-01-08 20:32 - 2015-01-14 02:55 - 00000000 ____D () C:\FRST 2015-01-08 20:31 - 2015-01-08 20:31 - 01115648 _____ (Farbar) C:\Users\me\Desktop\FRST.exe 2015-01-08 19:54 - 2015-01-08 19:54 - 00000000 ____D () C:\Program Files\predm 2015-01-08 19:52 - 2015-01-08 20:22 - 00000000 ____D () C:\Users\me\AppData\Roaming\systweak 2015-01-08 19:52 - 2014-12-08 17:01 - 00018168 _____ () C:\Windows\system32\roboot.exe 2015-01-08 19:24 - 2015-01-08 19:24 - 00000000 ____D () C:\Users\me\AppData\Roaming\WebTest 2015-01-08 18:54 - 2015-01-07 21:27 - 00043200 _____ (StdLib) C:\Windows\system32\Drivers\{ea9f98ab-eb76-48f1-9515-789a62614684}Gw.sys 2015-01-08 18:53 - 2015-01-08 20:36 - 765018991 _____ () C:\Users\me\Desktop\Full_Pack_ReBalance_SnC_v2.rar.litefile 2015-01-08 18:50 - 2015-01-10 13:41 - 00000000 ____D () C:\Users\me\AppData\Local\Lite File Downloader 2015-01-08 18:49 - 2015-01-08 19:43 - 00000000 ____D () C:\Users\me\AppData\Roaming\mystartsearch 2015-01-08 18:48 - 2015-01-08 18:48 - 00000000 ____D () C:\Users\me\AppData\Roaming\QuickScan 2015-01-08 18:46 - 2015-01-08 20:38 - 00000000 ____D () C:\Program Files\Brass Search 2015-01-08 18:41 - 2015-01-14 02:39 - 00002426 _____ () C:\Windows\Tasks\51ec3028-e744-4461-9c78-c0fa846c7471-5_user.job 2015-01-08 18:41 - 2015-01-14 02:39 - 00002426 _____ () C:\Windows\Tasks\51ec3028-e744-4461-9c78-c0fa846c7471-5.job 2015-01-08 18:40 - 2015-01-14 02:39 - 00002090 _____ () C:\Windows\Tasks\51ec3028-e744-4461-9c78-c0fa846c7471-2.job 2015-01-08 18:40 - 2015-01-14 02:38 - 00004138 _____ () C:\Windows\Tasks\51ec3028-e744-4461-9c78-c0fa846c7471-4.job 2015-01-08 18:40 - 2015-01-14 02:38 - 00003444 _____ () C:\Windows\Tasks\51ec3028-e744-4461-9c78-c0fa846c7471-1.job 2015-01-08 18:39 - 2015-01-14 02:39 - 00005498 _____ () C:\Windows\Tasks\51ec3028-e744-4461-9c78-c0fa846c7471-6.job 2015-01-08 18:39 - 2015-01-14 02:39 - 00005162 _____ () C:\Windows\Tasks\51ec3028-e744-4461-9c78-c0fa846c7471-7.job 2015-01-08 18:39 - 2015-01-08 18:39 - 00000000 ____D () C:\Program Files\899afbcb-091e-4317-ba84-27c82c9e2595 2015-01-08 18:38 - 2015-01-14 02:38 - 00005164 _____ () C:\Windows\Tasks\51ec3028-e744-4461-9c78-c0fa846c7471-11.job 2015-01-08 18:37 - 2015-01-14 00:42 - 00000950 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job 2015-01-08 18:36 - 2015-01-14 02:39 - 00004474 _____ () C:\Windows\Tasks\51ec3028-e744-4461-9c78-c0fa846c7471-3.job 2015-01-08 18:36 - 2015-01-14 02:38 - 00000946 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job 2015-01-08 18:36 - 2015-01-08 18:41 - 00000000 ____D () C:\Program Files\CinemaPro-1.5cV08.01 2015-01-08 18:36 - 2015-01-08 18:36 - 00000000 ____D () C:\Users\me\AppData\Local\globalUpdate 2015-01-08 18:36 - 2015-01-08 18:36 - 00000000 ____D () C:\Program Files\globalUpdate 2015-01-08 18:33 - 2015-01-08 18:33 - 00000000 ____D () C:\Users\me\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage 2015-01-08 18:32 - 2015-01-10 13:58 - 00000000 ____D () C:\Users\me\AppData\Roaming\VOPackage 2015-01-08 18:31 - 2015-01-08 19:56 - 00000000 ____D () C:\Users\me\AppData\Roaming\Dorrible 2015-01-05 00:12 - 2015-01-05 00:12 - 00000197 _____ () C:\Windows\system32\2015-01-04-23-12-15.008-AvastVBoxSVC.exe-2272.log 2014-12-29 15:44 - 2014-12-29 15:44 - 00000197 _____ () C:\Windows\system32\2014-12-29-14-44-14.046-AvastVBoxSVC.exe-2232.log 2014-12-24 07:52 - 2014-12-24 07:52 - 00000197 _____ () C:\Windows\system32\2014-12-24-06-52-21.057-AvastVBoxSVC.exe-1508.log 2014-12-23 15:14 - 2014-12-30 12:00 - 00000069 _____ () C:\Users\me\Desktop\kłiz.txt 2014-12-22 15:38 - 2014-12-22 15:38 - 00000247 _____ () C:\Windows\system32\2014-12-22-14-38-50.056-aswFe.exe-6092.log 2014-12-22 15:30 - 2014-12-22 15:38 - 00000247 _____ () C:\Windows\system32\2014-12-22-14-30-15.040-aswFe.exe-3456.log 2014-12-22 15:19 - 2014-12-22 15:23 - 00000000 ____D () C:\Windows\system32\vbox 2014-12-21 19:24 - 2014-12-21 19:24 - 00291352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2014-12-21 19:24 - 2014-12-21 19:24 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-12-21 05:03 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-14 02:54 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\tracing 2015-01-14 02:38 - 2013-11-27 17:40 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-01-14 02:38 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-01-14 02:37 - 2009-07-14 05:39 - 00062840 _____ () C:\Windows\setupact.log 2015-01-14 02:31 - 2009-07-14 05:34 - 00014256 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-01-14 02:31 - 2009-07-14 05:34 - 00014256 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-01-14 02:29 - 2014-03-24 17:17 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-01-14 02:20 - 2013-11-27 17:40 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-01-14 02:10 - 2014-04-02 00:07 - 00000000 ____D () C:\Program Files\Opera 2015-01-14 01:31 - 2013-11-11 22:33 - 01630932 _____ () C:\Windows\WindowsUpdate.log 2015-01-10 17:45 - 2013-11-27 21:27 - 00265688 _____ () C:\Windows\PFRO.log 2015-01-10 13:26 - 2013-11-27 17:51 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2015-01-08 23:54 - 2014-12-02 16:54 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2015-01-08 20:26 - 2014-11-04 11:25 - 00000000 ____D () C:\ProgramData\McAfee Security Scan 2015-01-08 19:55 - 2014-04-04 01:55 - 00000000 ____D () C:\Users\me\AppData\Local\Unity 2015-01-08 19:41 - 2009-07-14 03:04 - 00000524 _____ () C:\Windows\win.ini 2015-01-08 19:40 - 2009-07-14 05:52 - 00000000 ____D () C:\Windows\twain_32 2015-01-08 18:48 - 2013-11-28 16:58 - 00001633 _____ () C:\Users\me\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-01-08 18:48 - 2013-11-11 22:42 - 00001603 _____ () C:\Users\me\Desktop\Internet Explorer.lnk 2015-01-08 18:39 - 2014-03-21 21:21 - 00000000 ____D () C:\Program Files\AMD APP 2015-01-08 14:24 - 2014-06-02 14:49 - 00001022 _____ () C:\Users\me\Desktop\o jedzeniu.txt 2015-01-06 04:36 - 2013-11-11 23:00 - 00249488 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2015-01-01 13:25 - 2014-10-16 17:50 - 00000468 _____ () C:\Users\me\Desktop\liqidy.txt 2014-12-21 19:24 - 2014-04-25 20:48 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2014-12-21 19:24 - 2014-01-09 16:01 - 00091496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys 2014-12-21 19:24 - 2013-11-27 22:13 - 00787800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys 2014-12-21 19:24 - 2013-11-27 22:13 - 00423784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys 2014-12-21 19:24 - 2013-11-27 22:13 - 00206248 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2014-12-21 19:24 - 2013-11-27 22:13 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2014-12-21 19:24 - 2013-11-27 22:12 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2014-12-21 19:24 - 2013-11-27 22:12 - 00070384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-01-04 08:18 ==================== End Of Log ============================