Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015 Ran by Marek (administrator) on MG-4FFC53EC8A8F on 28-03-2015 15:50:28 Running from C:\Documents and Settings\Marek\Pulpit Loaded Profiles: Marek (Available profiles: Marek) Platform: Microsoft Windows XP Home Edition Dodatek Service Pack 3 (X86) OS Language: Polski Internet Explorer Version 6 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Intel Corporation) C:\WINDOWS\system32\igfxtray.exe (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe (Intel Corporation) C:\WINDOWS\system32\igfxpers.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe (Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-03-28] (Avast Software s.r.o.) Winlogon\Notify\Antiwpa: C:\WINDOWS\system32\antiwpa.dll () HKU\S-1-5-21-57989841-688789844-1417001333-1004\...\MountPoints2: {e30617b4-7409-11e4-b5bb-fd3cc54e6d6e} - E:\AutoRun.exe ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (Avast Software s.r.o.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm HKU\S-1-5-21-57989841-688789844-1417001333-1004\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?type=ds&ts=1416859652&from=exp&uid=MAXTORXSTM3160215AS_6RAA0BSYXXXX6RAA0BSY&q={searchTerms} URLSearchHook: HKU\S-1-5-21-57989841-688789844-1417001333-1004 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "" <======= ATTENTION SearchScopes: HKLM -> DefaultScope value is missing. DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Documents and Settings\Marek\Dane aplikacji\Mozilla\Firefox\Profiles\12nmg17c.default FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-07] () FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-11-25] Chrome: ======= CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-03-28] CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-28] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-03-28] (Avast Software s.r.o.) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24144 2015-03-28] () R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [73440 2015-03-28] (Avast Software s.r.o.) R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55200 2015-03-28] (Avast Software s.r.o.) R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49904 2015-03-28] () R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [788272 2015-03-28] (Avast Software s.r.o.) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [427736 2015-03-28] (Avast Software s.r.o.) R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57888 2015-03-28] (Avast Software s.r.o.) R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [208024 2015-03-28] () R3 VIAHdAudAddService; C:\WINDOWS\System32\drivers\viahduaa.sys [1050112 2009-01-11] (VIA Technologies, Inc.) S3 ZTEusbnet; C:\WINDOWS\System32\DRIVERS\ZTEusbnet.sys [116736 2010-08-10] (ZTE Corporation) S4 IntelIde; No ImagePath U1 WS2IFSL; No ImagePath U3 fwpcraob; \??\C:\DOCUME~1\Marek\USTAWI~1\Temp\fwpcraob.sys [X] ========================== Drivers MD5 ======================= C:\WINDOWS\System32\DRIVERS\ACPI.sys 05118282F5D039595A2B92B4A4AFE197 C:\WINDOWS\system32\Drivers\ACPIEC.sys 66A42B7DB194E24B973BBCCE840A0F3F C:\WINDOWS\System32\drivers\aec.sys 8BED39E3C35D6A489438B8141717A557 C:\WINDOWS\System32\drivers\afd.sys 322D0E36693D6E24A2398BEE62A268CD C:\WINDOWS\system32\drivers\aswHwid.sys FE99FCB91E93BC4A7E222928A06411DE C:\WINDOWS\system32\drivers\aswMonFlt.sys 5D70C1C6C61C5A034BD086AD219A0237 C:\WINDOWS\system32\drivers\aswRdr.sys 794B69DB528D35FB8F0BA5D0BB8736AF C:\WINDOWS\system32\Drivers\aswRvrt.sys 74E84C8CEB52042E8A1EA3104D151843 C:\WINDOWS\system32\drivers\aswSnx.sys 48FA0C8E04A37A619C894A1C02D5AB96 C:\WINDOWS\system32\drivers\aswSP.sys 2AB454C9C10C427738426C06D3749361 C:\WINDOWS\system32\drivers\aswTdi.sys F6AB3DD747DA3505B3E8F0532905A21F C:\WINDOWS\system32\Drivers\aswVmm.sys 0AE22EAD6B30E448160338E708BCB71D C:\WINDOWS\System32\DRIVERS\asyncmac.sys B153AFFAC761E7F5FCFA822B9C4E97BC C:\WINDOWS\System32\DRIVERS\atapi.sys 9F3A2F5AA6875C72BF062C712CFA2674 C:\WINDOWS\System32\DRIVERS\atmarpc.sys 9916C1225104BA14794209CFA8012159 C:\WINDOWS\System32\DRIVERS\audstub.sys D9F724AA26C010A217C97606B160ED68 C:\WINDOWS\system32\Drivers\Beep.sys DA1F27D85E0D1525F6621372E7B685E9 C:\WINDOWS\system32\Drivers\cbidf2k.sys 90A673FC8E12A79AFBED2576F6A7AAF9 C:\WINDOWS\system32\Drivers\Cdaudio.sys C1B486A7658353D33A10CC15211A873B C:\WINDOWS\system32\Drivers\Cdfs.sys C885B02847F5D2FD45A24E219ED93B32 C:\WINDOWS\System32\DRIVERS\cdrom.sys 1F4260CC5B42272D71F79E570A27A4FE C:\WINDOWS\System32\DRIVERS\disk.sys 044452051F3E02E7963599FC8F4F3E25 C:\WINDOWS\System32\drivers\dmboot.sys BC9219ABC5696942E6F9AC8A9B28670F C:\WINDOWS\System32\drivers\dmio.sys 5FA232E3BA6E1346F9F5A7E519320CB0 C:\WINDOWS\System32\drivers\dmload.sys E9317282A63CA4D188C0DF5E09C6AC5F C:\WINDOWS\System32\drivers\DMusic.sys 8A208DFCF89792A484E76C40E5F50B45 C:\WINDOWS\System32\drivers\drmkaud.sys 8F5FCFF8E8848AFAC920905FBD9D33C8 C:\WINDOWS\system32\Drivers\Fastfat.sys 38D332A6D56AF32635675F132548343E C:\WINDOWS\system32\Drivers\Fdc.sys 92CDD60B6730B9F50F6A1A0C1F8CDC81 C:\WINDOWS\system32\Drivers\Fips.sys 09E2A4D33F81A06A8AAB2BA0A0B5D235 C:\WINDOWS\system32\Drivers\Flpydisk.sys 9D27E7B80BFCDF1CDD9B555862D5E7F0 C:\WINDOWS\System32\DRIVERS\fltMgr.sys B2CF4B0786F8212CB92ED2B50C6DB6B0 C:\WINDOWS\system32\Drivers\Fs_Rec.sys 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A C:\WINDOWS\System32\DRIVERS\ftdisk.sys ED6D921D8AB423138FB35BEEE6D6A6CB C:\WINDOWS\System32\DRIVERS\msgpc.sys 0A02C63C8B144BD8C86B103DEE7C86A2 C:\WINDOWS\System32\DRIVERS\HDAudBus.sys 573C7D0A32852B48F3058CFD8026F511 C:\WINDOWS\System32\DRIVERS\hidusb.sys CCF82C5EC8A7326C3066DE870C06DAF1 C:\WINDOWS\System32\Drivers\HTTP.sys F6AACF5BCE2893E0C1754AFEB672E5C9 C:\WINDOWS\System32\DRIVERS\i8042prt.sys 177B372AF55C4460D0968B5F1D02AA1C C:\WINDOWS\System32\DRIVERS\igxpmp32.sys 534292CEB28E3A7579DB09D7F0B236A8 C:\WINDOWS\System32\DRIVERS\imapi.sys 083A052659F5310DD8B6A6CB05EDCF8E C:\WINDOWS\System32\DRIVERS\intelppm.sys DA153EDC09DE8C4F846C085CAA39D1CC C:\WINDOWS\System32\DRIVERS\Ip6Fw.sys 3BB22519A194418D5FEC05D800A19AD0 C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys 731F22BA402EE4B62748ADAF6363C182 C:\WINDOWS\System32\DRIVERS\ipinip.sys B87AB476DCF76E72010632B5550955F5 C:\WINDOWS\System32\DRIVERS\ipnat.sys CC748EA12C6EFFDE940EE98098BF96BB C:\WINDOWS\System32\DRIVERS\ipsec.sys 23C74D75E36E7158768DD63D92789A91 C:\WINDOWS\System32\DRIVERS\irenum.sys C93C9FF7B04D772627A3646D89F7BF89 C:\WINDOWS\System32\DRIVERS\isapnp.sys C8EEF2E93835B81BD335DE2123121283 C:\WINDOWS\System32\DRIVERS\kbdclass.sys 2AECA45D4AEAACBDCB77AD11184E4601 C:\WINDOWS\System32\DRIVERS\kbdhid.sys F718DCDDAC2544BC693F22977D06F78B C:\WINDOWS\System32\drivers\kmixer.sys 692BCF44383D056AED41B045A323D378 C:\WINDOWS\system32\Drivers\KSecDD.sys 1705745D900DABF2D89F90EBADDC7517 C:\WINDOWS\System32\drivers\massfilter.sys 09721F2C56681A83C93ECDFAB8B102A9 C:\WINDOWS\system32\Drivers\mnmdd.sys 4AE068242760A1FB6E1A44BF4E16AFA6 C:\WINDOWS\system32\Drivers\Modem.sys 4A068DB7DC37D5AFEDB6512D2931D7B3 C:\WINDOWS\System32\DRIVERS\mouclass.sys FBED3DF6B884F8CF00447B73507F2C48 C:\WINDOWS\System32\DRIVERS\mouhid.sys ECEC1E6CD558AB80F944F31326E9D3B5 C:\WINDOWS\system32\Drivers\MountMgr.sys A80B9A0BAD1B73637DBCBBA7DF72D3FD C:\WINDOWS\System32\DRIVERS\mrxdav.sys 11D42BB6206F33FBB3BA0288D3EF81BD C:\WINDOWS\System32\DRIVERS\mrxsmb.sys 68755F0FF16070178B54674FE5B847B0 C:\WINDOWS\system32\Drivers\Msfs.sys C941EA2454BA8350021D774DAF0F1027 C:\WINDOWS\System32\drivers\MSKSSRV.sys D1575E71568F4D9E14CA56B7B0453BF1 C:\WINDOWS\System32\drivers\MSPCLOCK.sys 325BB26842FC7CCC1FCCE2C457317F3E C:\WINDOWS\System32\drivers\MSPQM.sys BAD59648BA099DA4A17680B39730CB3D C:\WINDOWS\System32\DRIVERS\mssmbios.sys AF5F4F3F14A8EA2C26DE30F7A1E17136 C:\WINDOWS\system32\Drivers\Mup.sys 2F625D11385B1A94360BFC70AAEFDEE1 C:\WINDOWS\system32\Drivers\NDIS.sys 1DF7F42665C94B825322FAE71721130D C:\WINDOWS\System32\DRIVERS\ndistapi.sys 1AB3D00C991AB086E69DB84B6C0ED78F C:\WINDOWS\System32\DRIVERS\ndisuio.sys F927A4434C5028758A842943EF1A3849 C:\WINDOWS\System32\DRIVERS\ndiswan.sys EDC1531A49C80614B2CFDA43CA8659AB C:\WINDOWS\system32\Drivers\NDProxy.sys 6215023940CFD3702B46ABC304E1D45A C:\WINDOWS\System32\DRIVERS\netbios.sys 5D81CF9A2F1A3A756B66CF684911CDF0 C:\WINDOWS\System32\DRIVERS\netbt.sys 74B2B2F5BEA5E9A3DC021D685551BD3D C:\WINDOWS\system32\Drivers\Npfs.sys 3182D64AE053D6FB034F44B6DEF8034A C:\WINDOWS\system32\Drivers\Ntfs.sys 78A08DD6A8D65E697C18E1DB01C5CDCA C:\WINDOWS\system32\Drivers\Null.sys 73C1E1F395918BC2C6DD67AF7591A3AD C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys B305F3FAD35083837EF46A0BBCE2FC57 C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys C99B3415198D1AAB7227F2C88FD664B9 C:\WINDOWS\System32\DRIVERS\parport.sys 2D4CDAEBCED17743AA9E25D3016DC229 C:\WINDOWS\system32\Drivers\PartMgr.sys BEB3BA25197665D82EC7065B724171C6 C:\WINDOWS\system32\Drivers\ParVdm.sys 453EC2C2A20A1382F564541918520EEB C:\WINDOWS\System32\DRIVERS\pci.sys 6862C69168D787B85A7D95CCD33C694E C:\WINDOWS\System32\DRIVERS\pciide.sys 548CF2D6369EAE441A4C6BAA75BC4F0A C:\WINDOWS\system32\Drivers\Pcmcia.sys 8DB27F1AE9593C94095485305A583862 C:\WINDOWS\System32\DRIVERS\raspptp.sys EFEEC01B1D3CF84F16DDD24D9D9D8F99 C:\WINDOWS\System32\DRIVERS\psched.sys 09298EC810B07E5D582CB3A3F9255424 C:\WINDOWS\System32\DRIVERS\ptilink.sys 80D317BD1C3DBC5D4FE7B1678C60CADD C:\WINDOWS\System32\DRIVERS\rasacd.sys FE0D99D6F31E4FAD8159F690D68DED9C C:\WINDOWS\System32\DRIVERS\rasl2tp.sys 11B4A627BC9614B885C4969BFA5FF8A6 C:\WINDOWS\System32\DRIVERS\raspppoe.sys 5BC962F2654137C9909C3D4603587DEE C:\WINDOWS\System32\DRIVERS\raspti.sys FDBB1D60066FCFBB7452FD8F9829B242 C:\WINDOWS\System32\DRIVERS\rdbss.sys 7AD224AD1A1437FE28D89CF22B17780A C:\WINDOWS\System32\DRIVERS\RDPCDD.sys 4912D5B403614CE99C28420F75353332 C:\WINDOWS\system32\Drivers\RDPWD.sys 6728E45B66F93C08F11DE2E316FC70DD C:\WINDOWS\System32\DRIVERS\redbook.sys E0C7BBD18040B58651BAC700C804861D C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys 6E7470477D08F6E47E91016D6A1C5A5F C:\WINDOWS\System32\DRIVERS\secdrv.sys ==> MD5 is legit C:\WINDOWS\System32\DRIVERS\serenum.sys 0F29512CCD6BEAD730039FB4BD2C85CE C:\WINDOWS\System32\DRIVERS\serial.sys D07B02F88165E69B9F17162CF592C8A6 C:\WINDOWS\system32\Drivers\Sfloppy.sys 8E6B8C671615D126FDC553D1E2DE5562 C:\WINDOWS\System32\drivers\splitter.sys AB8B92451ECB048A4D1DE7C3FFCB4A9F C:\WINDOWS\System32\DRIVERS\sr.sys EB032822BE406EF220D546DDFFCF0002 C:\WINDOWS\System32\DRIVERS\srv.sys 5252605079810904E31C332E241CD59B C:\WINDOWS\System32\DRIVERS\swenum.sys 3941D127AEF12E93ADDF6FE6EE027E0F C:\WINDOWS\System32\drivers\swmidi.sys 8CE882BCC6CF8A62F2B2323D95CB3D01 C:\WINDOWS\System32\drivers\sysaudio.sys 8B83F3ED0F1688B4958F77CD6D2BF290 C:\WINDOWS\System32\DRIVERS\tcpip.sys 93EA8D04EC73A85DB02EB8805988F733 C:\WINDOWS\system32\Drivers\TDPIPE.sys 6471A66807F5E104E4885F5B67349397 C:\WINDOWS\system32\Drivers\TDTCP.sys C56B6D0402371CF3700EB322EF3AAF61 C:\WINDOWS\System32\DRIVERS\termdd.sys 88155247177638048422893737429D9E C:\WINDOWS\system32\Drivers\Udfs.sys 5787B80C2E3C5E2F56C2A233D91FA2C9 C:\WINDOWS\System32\DRIVERS\update.sys 402DDC88356B1BAC0EE3DD1580C76A31 C:\WINDOWS\System32\DRIVERS\usbccgp.sys 173F317CE0DB8E21322E71B7E60A27E8 C:\WINDOWS\System32\DRIVERS\usbehci.sys 65DCF09D0E37D4C6B11B5B0B76D470A7 C:\WINDOWS\System32\DRIVERS\usbhub.sys 1AB3CDDE553B6E064D2E754EFE20285C C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS A32426D9B14A089EAA1D922E0C5801A9 C:\WINDOWS\System32\DRIVERS\usbuhci.sys 26496F9DEE2D787FC3E61AD54821FFE6 C:\WINDOWS\System32\drivers\vga.sys 0D3A8FAFCEACD8B7625CD549757A7DF1 C:\WINDOWS\System32\drivers\viahduaa.sys 1C43D4C8818DCBD8814E7C260744BCC4 C:\WINDOWS\system32\Drivers\VolSnap.sys 56B191AC5FC0DF219949C95A6C87AFE7 C:\WINDOWS\System32\DRIVERS\wanarp.sys E20B95BAEDB550F32DD489265C1DA1F6 C:\WINDOWS\System32\drivers\wdmaud.sys 6768ACF64B18196494413695F0C3A00F C:\WINDOWS\System32\DRIVERS\ZTEusbnet.sys 66221787B87B8AA58F8B3629DA2D1F26 C:\WINDOWS\System32\DRIVERS\ZTEusbnmea.sys 51F209472B8C09F7F7419C01CA8586F9 C:\WINDOWS\System32\DRIVERS\ZTEusbser6k.sys 51F209472B8C09F7F7419C01CA8586F9 ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-28 15:50 - 2015-03-28 15:50 - 00015020 _____ () C:\Documents and Settings\Marek\Pulpit\FRST.txt 2015-03-28 14:29 - 2015-03-28 14:29 - 00012419 _____ () C:\Documents and Settings\Marek\Pulpit\y.log 2015-03-28 13:36 - 2015-03-28 13:35 - 00291312 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\aswBoot.exe 2015-03-28 13:35 - 2015-03-28 13:35 - 00043112 _____ (Avast Software s.r.o.) C:\WINDOWS\avastSS.scr 2015-03-27 22:42 - 2015-03-27 22:42 - 00011783 _____ () C:\Documents and Settings\Marek\Pulpit\7.log 2015-03-27 22:14 - 2015-03-28 15:50 - 00000000 ____D () C:\FRST 2015-03-27 22:14 - 2015-03-27 22:08 - 00380416 _____ () C:\Documents and Settings\Marek\Pulpit\7xohx5jz.exe 2015-03-27 22:14 - 2015-03-27 22:07 - 01135104 _____ (Farbar) C:\Documents and Settings\Marek\Pulpit\FRST.exe ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-28 15:50 - 2014-11-24 00:04 - 00000000 ____D () C:\Documents and Settings\Marek\Ustawienia lokalne\Temp 2015-03-28 15:50 - 2014-11-24 00:04 - 00000000 ____D () C:\Documents and Settings\Marek\Pulpit 2015-03-28 14:30 - 2014-11-23 23:40 - 01522111 _____ () C:\WINDOWS\WindowsUpdate.log 2015-03-28 13:45 - 2014-11-25 19:08 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job 2015-03-28 13:40 - 2014-11-26 10:43 - 00000930 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-03-28 13:39 - 2014-11-24 00:03 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2015-03-28 13:38 - 2014-11-24 00:04 - 00000188 ___SH () C:\Documents and Settings\Marek\ntuser.ini 2015-03-28 13:38 - 2014-11-24 00:03 - 00032368 _____ () C:\WINDOWS\SchedLgU.Txt 2015-03-28 13:36 - 2014-11-25 19:08 - 00427736 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSP.sys 2015-03-28 13:36 - 2014-11-25 19:08 - 00208024 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys 2015-03-28 13:36 - 2014-11-25 19:08 - 00073440 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2015-03-28 13:36 - 2014-11-25 19:08 - 00057888 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswTdi.sys 2015-03-28 13:36 - 2014-11-25 19:08 - 00055200 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswRdr.sys 2015-03-28 13:36 - 2014-11-25 19:08 - 00049904 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys 2015-03-28 13:36 - 2014-11-25 19:08 - 00024144 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys 2015-03-28 13:35 - 2014-11-25 19:08 - 00788272 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSnx.sys 2015-03-28 13:30 - 2014-11-26 18:30 - 00035529 _____ () C:\WINDOWS\setupapi.log 2015-03-27 21:41 - 2014-11-24 21:20 - 00114904 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-03-27 21:36 - 2008-04-15 13:00 - 00002300 _____ () C:\WINDOWS\system32\wpa.dbl Some content of TEMP: ==================== C:\Documents and Settings\Marek\Ustawienia lokalne\Temp\gHH3J1uyAi.exe C:\Documents and Settings\Marek\Ustawienia lokalne\Temp\pptpfOMKCt.exe C:\Documents and Settings\Marek\Ustawienia lokalne\Temp\sdg1F.exe C:\Documents and Settings\Marek\Ustawienia lokalne\Temp\uttF.tmp.exe C:\Documents and Settings\Marek\Ustawienia lokalne\Temp\YourFileDownloader3NKPZXpLnn.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================