Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015 Ran by Karol (administrator) on LENOVOPC-R-K on 27-03-2015 14:39:15 Running from G:\Pobrane Loaded Profiles: Karol (Available profiles: Karol) Platform: Windows 8.1 (X64) OS Language: Polski (Polska) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Avast Software s.r.o.) G:\Programy\Avast\AvastSvc.exe (Avast Software s.r.o.) G:\Programy\Avast\afwServ.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (LENOVO INCORPORATED.) C:\Program Files\lenovo\iMController\SystemAgentService.exe (Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe (Maxthon) C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe () C:\Program Files\CyberLink\Shared files\RichVideo64.exe (Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe (Clarus, Inc.) C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Clarus, Inc.) C:\Program Files (x86)\Clarus\Samsung Drive Manager\Drive Manager.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (DT Soft Ltd) G:\Programy\DAEMON Tools Pro\DTShellHlp.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Realtek semiconductor) C:\Windows\RTFTrack.exe (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe (Lenovo) C:\Program Files\lenovo\Onekey Theater\OnekeyStudio.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Clarus, Inc.) C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvMon.exe (Pokki) C:\Users\Karol\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe (CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe (Spotify Ltd) C:\Users\Karol\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Clarus, Inc.) C:\Program Files (x86)\Clarus\Samsung Drive Manager\ABRTMon.exe (Avast Software s.r.o.) G:\Programy\Avast\avastui.exe () C:\Program Files (x86)\ZTE MF823\CheckNDISPort_df.exe () C:\Program Files (x86)\ZTE MF823\CancelAutoPlay_df.exe (Avast Software s.r.o.) G:\Programy\Avast\avastui.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Piotr Pawlowski) G:\Programy\foobar2000\foobar2000.exe (Pokki) C:\Users\Karol\AppData\Local\Pokki\Engine\HostAppService.exe (Pokki) C:\Users\Karol\AppData\Local\Pokki\Engine\HostAppService.exe (Pokki) C:\Users\Karol\AppData\Local\Pokki\Engine\StartMenuIndexer.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation) HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6340312 2013-10-17] (Realtek semiconductor) HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-04] (Conexant Systems, Inc.) HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] () HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.) HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-14] (Lenovo) HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-09-15] (Lenovo(beijing) Limited) HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-09-15] (Lenovo(beijing) Limited) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2015-01-16] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink Corp.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AvastUI.exe] => G:\Programy\Avast\AvastUI.exe [5511352 2015-03-18] (Avast Software s.r.o.) HKLM-x32\...\Run: [CheckNDISPortF0ac70] => C:\Program Files (x86)\ZTE MF823\CheckNDISPort_df.exe [417536 2013-03-19] () HKLM-x32\...\Run: [CancelAutoPlay_df] => C:\Program Files (x86)\ZTE MF823\CancelAutoPlay_df.exe [446720 2013-02-25] () HKLM-x32\...\RunOnce: [20150107] => G:\Programy\Avast\setup\emupdate\84d9c705-75df-4e32-9d18-60b33c4c6c5b.exe [183232 2015-03-27] (AVAST Software) Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-731859526-1970873617-1409082529-1002\...\Run: [Pokki] => "%LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON HKU\S-1-5-21-731859526-1970873617-1409082529-1002\...\Run: [ALLUpdate] => G:\Programy\ALLPlayer\ALLUpdate.exe [1362944 2011-02-08] () HKU\S-1-5-21-731859526-1970873617-1409082529-1002\...\Run: [DAEMON Tools Pro Agent] => G:\Programy\DAEMON Tools Pro\DTAgent.exe [3108480 2012-10-23] (DT Soft Ltd) HKU\S-1-5-21-731859526-1970873617-1409082529-1002\...\Run: [Steam] => G:\Gry\Steam\Steam.exe [2888896 2015-03-24] (Valve Corporation) HKU\S-1-5-21-731859526-1970873617-1409082529-1002\...\Run: [GUDelayStartup] => G:\Programy\Glary Utilities 5\StartupManager.exe [37152 2015-03-02] (Glarysoft Ltd) HKU\S-1-5-21-731859526-1970873617-1409082529-1002\...\Run: [Spotify Web Helper] => C:\Users\Karol\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1959992 2015-03-16] (Spotify Ltd) HKU\S-1-5-21-731859526-1970873617-1409082529-1002\...\Run: [Spotify] => C:\Users\Karol\AppData\Roaming\Spotify\Spotify.exe [6611512 2015-03-16] (Spotify Ltd) AppInit_DLLs-x32: c:\progra~2\lenovobrowserguard\lenovobrowserguard\bin\spvc32loader.dll => c:\Program Files (x86)\lenovobrowserguard\lenovobrowserguard\bin\spvc32loader.dll [173896 2014-08-25] (ClientConnect LTD) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Drive Manager Real-Time.lnk ShortcutTarget: Samsung Drive Manager Real-Time.lnk -> C:\Program Files (x86)\Clarus\Samsung Drive Manager\ABRTMon.exe (Clarus, Inc.) ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll (Hightail Inc.) ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll (Hightail Inc.) ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll (Hightail Inc.) ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll (Hightail Inc.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => G:\Programy\Avast\ashShA64.dll (Avast Software s.r.o.) ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll (Hightail Inc.) ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll (Hightail Inc.) ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll (Hightail Inc.) ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll (Hightail Inc.) BootExecute: autocheck autochk * ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\S-1-5-21-731859526-1970873617-1409082529-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13.msn.com/?pc=LCJB HKU\S-1-5-21-731859526-1970873617-1409082529-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com HKU\S-1-5-21-731859526-1970873617-1409082529-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-731859526-1970873617-1409082529-1002 -> DefaultScope {DA2C15E7-016A-4D6C-9E63-4966CB85B99B} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=ild&utm_campaign=install_ie&utm_content=ds&from=ild&uid=ST1000LM014-SSHD-8GB_W382F8C6XXXXW382F8C6&ts=1423510994&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-731859526-1970873617-1409082529-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=ild&utm_campaign=install_ie&utm_content=ds&from=ild&uid=ST1000LM014-SSHD-8GB_W382F8C6XXXXW382F8C6&ts=1423510994&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-731859526-1970873617-1409082529-1002 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=ild&utm_campaign=install_ie&utm_content=ds&from=ild&uid=ST1000LM014-SSHD-8GB_W382F8C6XXXXW382F8C6&ts=1423510994&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-731859526-1970873617-1409082529-1002 -> {4BC32F25-FA4A-4EB7-83F1-A4DC8DC7781B} URL = http://www.search.ask.com/web?tpid=SPC-SP&o=APN10951&pf=V7&p2=^B20^YYYYYY^YY^PL&gct=&itbv=12.24.1.271&apn_uid=61ABFAB9-F9D2-400A-8967-5B1B8E148977&apn_ptnrs=^B20&apn_dtid=^YYYYYY^YY^PL&apn_dbr=cr_41.0.2272.76&doi=2015-03-04&trgb=IE&q={searchTerms}&psv=&pt=tb SearchScopes: HKU\S-1-5-21-731859526-1970873617-1409082529-1002 -> {DA2C15E7-016A-4D6C-9E63-4966CB85B99B} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=ild&utm_campaign=install_ie&utm_content=ds&from=ild&uid=ST1000LM014-SSHD-8GB_W382F8C6XXXXW382F8C6&ts=1423510994&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-731859526-1970873617-1409082529-1002 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=ild&utm_campaign=install_ie&utm_content=ds&from=ild&uid=ST1000LM014-SSHD-8GB_W382F8C6XXXXW382F8C6&ts=1423510994&type=default&q={searchTerms} BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> G:\Programy\Avast\aswWebRepIE64.dll [2015-03-17] (Avast Software s.r.o.) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-02-10] (Microsoft Corporation) BHO-x32: QuickStores-Toolbar -> {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} -> C:\WINDOWS\SysWOW64\mscoree.dll [2013-08-22] (Microsoft Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> G:\Programy\Avast\aswWebRepIE.dll [2015-03-17] (Avast Software s.r.o.) BHO-x32: FlashGetBHO -> {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} -> C:\Users\Karol\AppData\Roaming\FlashGetBHO\FlashGetBHO.dll [2012-11-01] (Trend Media Group) BHO-x32: IplexToALLPlayer -> {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} -> G:\Programy\ALLPlayer\Iplex\IplexToALLPlayer.dll [2011-02-09] (ALLCinema Ltd.) Toolbar: HKLM-x32 - QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - C:\WINDOWS\SysWOW64\mscoree.dll [2013-08-22] (Microsoft Corporation) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-18] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-18] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1165635.dll [2012-07-05] (Adobe Systems, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-02-24] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-06] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-06] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> G:\Programy\VLC\npvlc.dll [2015-02-27] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> G:\Programy\VLC\npvlc.dll [2015-02-27] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> G:\Programy\VLC\npvlc.dll [2015-02-27] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.) FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - G:\Programy\Avast\WebRep\FF FF Extension: Avast Online Security - G:\Programy\Avast\WebRep\FF [2015-02-09] Chrome: ======= CHR HomePage: Default -> https://www.google.pl/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8 CHR StartupUrls: Default -> "https://www.google.pl/" CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter} CHR Profile: C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Adblock Plus) - C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-03-06] CHR Extension: (Google Wallet) - C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-06] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - G:\Programy\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-03-17] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - G:\Programy\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-17] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; G:\Programy\Avast\AvastSvc.exe [343336 2015-03-17] (Avast Software s.r.o.) R2 avast! Firewall; G:\Programy\Avast\afwServ.exe [107448 2015-03-17] (Avast Software s.r.o.) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2714800 2015-02-10] (Microsoft Corporation) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2015-01-16] (NVIDIA Corporation) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation) S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo) R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-21] (LENOVO INCORPORATED.) R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-09-15] (Lenovo(beijing) Limited) R2 MaxthonUpdateSvc; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1851192 2015-02-09] (Maxthon) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-11-20] () R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2015-01-16] (NVIDIA Corporation) S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833360 2015-01-16] (NVIDIA Corporation) S3 Origin Client Service; G:\Gry\Origin\OriginClientService.exe [1910640 2015-03-05] (Electronic Arts) R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] () R2 SZDrvSvc; C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe [18432 2013-12-18] (Clarus, Inc.) [File not signed] R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2014-09-15] () S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3674864 2013-11-20] (Intel® Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 Andbus; C:\Windows\System32\drivers\lgandbus64.sys [19456 2010-12-07] (LG Electronics Inc.) S3 AndDiag; C:\Windows\system32\DRIVERS\lganddiag64.sys [27648 2010-12-07] (LG Electronics Inc.) S3 AndGps; C:\Windows\system32\DRIVERS\lgandgps64.sys [27136 2010-12-07] (LG Electronics Inc.) S3 ANDModem; C:\Windows\system32\DRIVERS\lgandmodem64.sys [34304 2010-12-07] (LG Electronics Inc.) S3 androidusb; C:\Windows\System32\Drivers\lgandadb.sys [31744 2010-08-02] (Google Inc) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-03-17] () R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-03-17] (Avast Software s.r.o.) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-03-17] (Avast Software s.r.o.) R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449896 2015-03-17] (Avast Software s.r.o.) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-03-17] (Avast Software s.r.o.) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-03-17] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-03-17] (Avast Software s.r.o.) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [441728 2015-03-17] (Avast Software s.r.o.) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-03-17] (Avast Software s.r.o.) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [268640 2015-03-17] () R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation) R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.) R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1408824 2013-10-18] (Motorola Solutions, Inc.) R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2015-02-09] (DT Soft Ltd) R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [20160 2015-03-04] (Glarysoft Ltd) R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [142280 2013-10-18] (Intel Corporation) S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [113280 2010-02-03] (ITE ) R3 mdf16; C:\Program Files (x86)\Clarus\Samsung Drive Manager\mdf16.sys [20400 2012-06-21] () R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation) R3 mvd23; C:\Program Files (x86)\Clarus\Samsung Drive Manager\mvd23.sys [99248 2012-06-21] () R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3609568 2013-12-25] (Intel Corporation) S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-01-16] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation) R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8876248 2013-10-17] (Realtek Semiconductor Corp.) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-12-24] (Synaptics Incorporated) U5 UnlockerDriver5; G:\Programy\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed] S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation) S3 WinRing0_1_2_0; G:\Programy\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org) S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-27 14:37 - 2015-03-27 14:39 - 00000000 ____D () C:\FRST 2015-03-27 00:36 - 2015-03-27 00:36 - 00001726 _____ () C:\Users\Public\Desktop\ZTE MF823.lnk 2015-03-27 00:36 - 2015-03-27 00:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SupportAppPBZTE MF823 2015-03-27 00:36 - 2015-03-27 00:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZTE MF823 2015-03-27 00:36 - 2015-03-27 00:36 - 00000000 ____D () C:\Program Files (x86)\ZTE MF823 2015-03-25 21:59 - 2015-03-25 21:59 - 00000000 ____D () C:\Users\Karol\Documents\Niestandardowe szablony pakietu Office 2015-03-24 23:47 - 2015-03-24 23:47 - 00000000 ____D () C:\Users\Karol\AppData\Local\Clarus 2015-03-18 20:29 - 2015-03-18 20:29 - 00000000 ____D () C:\Users\Karol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-03-18 00:41 - 2015-03-18 00:46 - 00000000 ____D () C:\Users\Karol\AppData\Roaming\PhotoScape 2015-03-18 00:41 - 2015-03-18 00:41 - 00000693 _____ () C:\Users\Karol\Desktop\PhotoScape.lnk 2015-03-17 21:44 - 2015-03-17 21:44 - 00000000 ____D () C:\Program Files (x86)\LG Electronics 2015-03-17 21:44 - 2011-07-18 06:03 - 01919968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdfcoinstaller01005.dll 2015-03-17 21:44 - 2010-12-07 14:23 - 00034304 _____ (LG Electronics Inc.) C:\WINDOWS\system32\Drivers\lgandmodem64.sys 2015-03-17 21:44 - 2010-12-07 14:23 - 00027648 _____ (LG Electronics Inc.) C:\WINDOWS\system32\Drivers\lganddiag64.sys 2015-03-17 21:44 - 2010-12-07 14:23 - 00027136 _____ (LG Electronics Inc.) C:\WINDOWS\system32\Drivers\lgandgps64.sys 2015-03-17 21:44 - 2010-12-07 14:22 - 00019456 _____ (LG Electronics Inc.) C:\WINDOWS\system32\Drivers\lgandbus64.sys 2015-03-17 21:44 - 2010-08-02 16:19 - 00031744 _____ (Google Inc) C:\WINDOWS\system32\Drivers\lgandadb.sys 2015-03-17 00:35 - 2015-03-17 00:35 - 00364472 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\aswBoot.exe 2015-03-17 00:35 - 2015-03-17 00:35 - 00043112 _____ (Avast Software s.r.o.) C:\WINDOWS\avastSS.scr 2015-03-17 00:35 - 2015-03-17 00:35 - 00000850 _____ () C:\Users\Public\Desktop\Avast SafeZone.lnk 2015-03-17 00:35 - 2015-03-17 00:35 - 00000790 _____ () C:\Users\Public\Desktop\Avast Internet Security.lnk 2015-03-17 00:35 - 2015-03-17 00:34 - 00028144 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswKbd.sys 2015-03-17 00:34 - 2015-03-17 00:34 - 00449896 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswNdisFlt.sys 2015-03-17 00:25 - 2015-03-27 13:50 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-731859526-1970873617-1409082529-1002 2015-03-16 22:48 - 2015-03-17 00:22 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-03-16 22:48 - 2015-03-16 22:48 - 00000758 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2015-03-16 22:48 - 2015-03-16 22:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2015-03-16 22:48 - 2015-03-16 22:48 - 00000000 ____D () C:\ProgramData\Malwarebytes 2015-03-16 22:48 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2015-03-16 22:48 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2015-03-16 22:48 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2015-03-16 17:53 - 2015-03-16 17:55 - 00000000 ____D () C:\Users\Karol\AppData\Roaming\ipla 2015-03-16 17:53 - 2015-03-16 17:54 - 00000000 ____D () C:\ProgramData\ipla 2015-03-16 17:53 - 2015-03-16 17:53 - 00000000 ____D () C:\ProgramData\RDRM 2015-03-16 16:05 - 2015-03-27 13:46 - 00000000 ____D () C:\Users\Karol\AppData\Roaming\Spotify 2015-03-16 16:05 - 2015-03-27 13:46 - 00000000 ____D () C:\Users\Karol\AppData\Local\Spotify 2015-03-16 16:05 - 2015-03-16 16:05 - 00001824 _____ () C:\Users\Karol\Desktop\Spotify.lnk 2015-03-16 16:05 - 2015-03-16 16:05 - 00001810 _____ () C:\Users\Karol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk 2015-03-15 20:59 - 2015-03-15 20:59 - 00002324 _____ () C:\Users\Karol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2015-03-15 20:56 - 2015-03-15 20:56 - 00001558 _____ () C:\Users\Karol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\avast! antivirus.lnk 2015-03-06 00:38 - 2015-03-24 22:44 - 00002220 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2015-03-06 00:38 - 2015-03-06 00:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-03-06 00:38 - 2015-03-06 00:38 - 00000000 ____D () C:\Program Files (x86)\Google 2015-03-06 00:34 - 2015-03-06 00:34 - 00000000 ____D () C:\Users\Karol\Desktop\Google 2015-03-06 00:26 - 2015-03-27 00:44 - 00003312 _____ () C:\WINDOWS\setupact.log 2015-03-06 00:26 - 2015-03-06 00:26 - 00000000 _____ () C:\WINDOWS\setuperr.log 2015-03-06 00:25 - 2015-03-27 00:44 - 00044128 _____ () C:\WINDOWS\PFRO.log 2015-03-05 23:21 - 2015-03-05 23:21 - 00000000 ____D () C:\Users\Karol\Documents\FIFA 15 2015-03-05 00:54 - 2015-03-27 14:06 - 00816179 _____ () C:\WINDOWS\WindowsUpdate.log 2015-03-04 23:40 - 2015-03-04 23:40 - 00000661 _____ () C:\Users\Karol\Desktop\SopCast.lnk 2015-03-04 23:40 - 2015-03-04 23:40 - 00000000 ____D () C:\Users\Karol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SopCast 2015-03-04 23:40 - 2015-03-04 23:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SopCast 2015-03-04 23:38 - 2015-03-04 23:38 - 00000000 ____D () C:\ProgramData\APN 2015-03-04 23:34 - 2015-03-04 23:34 - 00000000 ____D () C:\ProgramData\GlarySoft 2015-03-04 21:23 - 2015-03-04 23:34 - 00000000 ____D () C:\Users\Karol\AppData\Roaming\GlarySoft 2015-03-04 21:23 - 2015-03-04 21:23 - 00020160 _____ (Glarysoft Ltd) C:\WINDOWS\system32\Drivers\GUBootStartup.sys 2015-03-04 21:23 - 2015-03-04 21:23 - 00000734 _____ () C:\Users\Public\Desktop\Glary Utilities 5.lnk 2015-03-04 21:23 - 2015-03-04 21:23 - 00000734 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk 2015-03-04 21:23 - 2015-03-04 21:23 - 00000000 ____D () C:\Users\Karol\AppData\Roaming\DiskDefrag 2015-03-04 21:23 - 2015-03-04 21:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5 ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-27 14:04 - 2015-02-09 18:57 - 00000930 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-03-27 14:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru 2015-03-27 13:57 - 2015-02-23 00:28 - 00005122 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for LENOVOPC-R-K-Karol LenovoPC-R-K 2015-03-27 13:47 - 2015-02-09 19:01 - 00000000 ____D () C:\Users\Karol\AppData\Roaming\foobar2000 2015-03-27 13:46 - 2015-02-09 14:29 - 00000000 __RDO () C:\Users\Karol\OneDrive 2015-03-27 01:29 - 2014-09-15 15:39 - 00798412 _____ () C:\Users\Public\CAFADEBUG.log 2015-03-27 01:00 - 2015-02-09 14:21 - 00000000 ____D () C:\Users\Karol\AppData\Local\Pokki 2015-03-27 00:51 - 2014-09-16 00:39 - 00808198 _____ () C:\WINDOWS\system32\perfh015.dat 2015-03-27 00:51 - 2014-09-16 00:39 - 00164014 _____ () C:\WINDOWS\system32\perfc015.dat 2015-03-27 00:51 - 2014-03-18 10:53 - 01828496 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2015-03-27 00:46 - 2015-02-09 19:22 - 00004142 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update 2015-03-27 00:44 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2015-03-27 00:43 - 2014-09-15 16:24 - 00002560 _____ () C:\WINDOWS\system32\VfService.trf 2015-03-26 21:17 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness 2015-03-25 22:34 - 2015-02-09 14:22 - 00000000 ____D () C:\Users\Karol\AppData\Local\Packages 2015-03-20 12:16 - 2015-02-09 21:31 - 00002301 _____ () C:\Users\Karol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk 2015-03-18 20:29 - 2015-02-09 19:12 - 00000621 _____ () C:\Users\Public\Desktop\VLC media player.lnk 2015-03-18 20:29 - 2015-02-09 18:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-03-18 20:26 - 2015-02-09 18:57 - 00003818 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2015-03-18 00:32 - 2015-02-21 22:19 - 00000000 ____D () C:\Users\Karol\AppData\Local\CyberLink 2015-03-18 00:32 - 2014-09-15 16:23 - 00000000 ____D () C:\ProgramData\CyberLink 2015-03-17 21:44 - 2014-09-15 15:32 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2015-03-17 20:55 - 2015-02-24 16:07 - 00000000 ____D () C:\Program Files\Microsoft Office 15 2015-03-17 00:36 - 2015-02-09 19:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software 2015-03-17 00:35 - 2015-02-09 19:22 - 00441728 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSP.sys 2015-03-17 00:35 - 2015-02-09 19:22 - 00268640 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys 2015-03-17 00:35 - 2015-02-09 19:22 - 00136752 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswStm.sys 2015-03-17 00:35 - 2015-02-09 19:22 - 00093528 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2015-03-17 00:35 - 2015-02-09 19:22 - 00088408 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2015-03-17 00:35 - 2015-02-09 19:22 - 00065736 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys 2015-03-17 00:35 - 2015-02-09 19:22 - 00029168 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys 2015-03-17 00:35 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM 2015-03-17 00:34 - 2015-02-09 19:22 - 01047320 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSnx.sys 2015-03-17 00:26 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI 2015-03-17 00:19 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Speech 2015-03-15 23:19 - 2014-09-15 16:28 - 00002161 _____ () C:\Users\Public\Desktop\OneKey Recovery.lnk 2015-03-15 20:59 - 2015-02-23 00:28 - 00003104 _____ () C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-731859526-1970873617-1409082529-1002 2015-03-15 20:59 - 2014-09-15 16:16 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Lenovo 2015-03-06 00:38 - 2015-02-09 14:40 - 00000000 ____D () C:\Users\Karol\AppData\Local\Google 2015-03-06 00:25 - 2013-08-22 15:44 - 00492504 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2015-03-05 23:22 - 2015-02-09 19:56 - 00000000 ____D () C:\ProgramData\Origin 2015-03-05 23:21 - 2015-02-09 20:02 - 00000749 _____ () C:\Users\Public\Desktop\FIFA 15.lnk 2015-03-04 21:24 - 2015-02-23 18:03 - 00000000 ____D () C:\WINDOWS\Minidump 2015-03-03 21:42 - 2015-02-09 19:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2015-02-26 23:34 - 2015-02-09 18:57 - 00000000 ____D () C:\Users\Karol\AppData\Local\Adobe 2015-02-26 23:34 - 2015-02-09 14:22 - 00000000 ____D () C:\Users\Karol\AppData\Roaming\Adobe ==================== Files in the root of some directories ======= 2015-02-09 21:57 - 2015-02-09 21:58 - 0000076 _____ () C:\Users\Karol\AppData\Roaming\KB8888239.log 2014-09-15 15:39 - 2014-09-15 15:39 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2015-02-23 17:52 - 2015-02-23 18:41 - 0003246 _____ () C:\ProgramData\LmeUSB.log 2015-02-23 17:52 - 2015-02-23 18:41 - 0003247 _____ () C:\ProgramData\LSDmbTH.log Some content of TEMP: ==================== C:\Users\Karol\AppData\Local\Temp\oct5C9A.tmp.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-03-25 00:01 ==================== End Of Log ============================