Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-04-2015 Ran by waldek (administrator) on WALDEK-LAPTOP on 25-04-2015 13:45:12 Running from C:\Users\waldek\Downloads Loaded Profiles: waldek (Available profiles: waldek & Gość) Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Polski (Polska) Internet Explorer Version 9 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgrsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcsrvx.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe () C:\Program Files\ATK Hotkey\AsLdrSrv.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe (Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe (RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\RPDS\Bin\rpdsvc.exe () C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgnsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgemcx.exe (Pegatron Corp.) C:\Program Files\ATK Hotkey\HControl.exe () C:\Program Files\ATK Hotkey\MsgTranAgt.exe () C:\Program Files\ATK Hotkey\LOSD.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Motorola Inc.) C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Lenovo(beijing) Limited) C:\Program Files\Lenovo\Energy Management\utility.exe (Lenovo (Beijing) Limited) C:\Program Files\Lenovo\Energy Management\Energy Management.exe () C:\Program Files\ATK Hotkey\HControlUser.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe (Huawei Technologies Co., Ltd.) C:\Program Files\blueconnect\DataCardMonitor.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe (Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\AllShare\AllShareAgent.exe (RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe () C:\Program Files\RealNetworks\RealDownloader\downloader2.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe (RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe (Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe () C:\Program Files\ATK Hotkey\ATKOSD.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe () C:\Program Files\ATK Hotkey\WDC.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe (RealNetworks, Inc.) C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\LogiAppBroker.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe (Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe (Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7539232 2009-06-09] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1549608 2009-08-17] (Synaptics Incorporated) HKLM\...\Run: [SMSERIAL] => C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [1466368 2009-05-05] (Motorola Inc.) HKLM\...\Run: [EnergyUtility] => C:\Program Files\Lenovo\Energy Management\utility.exe [4114336 2009-07-31] (Lenovo(beijing) Limited) HKLM\...\Run: [Energy Management] => C:\Program Files\Lenovo\Energy Management\Energy Management.exe [5064520 2009-06-25] (Lenovo (Beijing) Limited) HKLM\...\Run: [HControlUser] => C:\Program Files\ATK Hotkey\HcontrolUser.exe [98304 2009-02-13] () HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation) HKLM\...\Run: [DataCardMonitor] => C:\Program Files\blueconnect\DataCardMonitor.exe [249856 2011-11-15] (Huawei Technologies Co., Ltd.) HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3723728 2015-03-25] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [AllShareAgent] => C:\Program Files\Samsung\AllShare\AllShareAgent.exe [285072 2012-03-02] (Samsung Electronics Co., Ltd.) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated) HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.) HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\RealPlayer\update\realsched.exe [296520 2014-11-28] (RealNetworks, Inc.) HKLM\...\Run: [RealDownloader] => C:\Program Files\RealNetworks\RealDownloader\downloader2.exe [560192 2014-10-29] () HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2015-04-07] (Apple Inc.) HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [2303256 2014-05-19] (Logitech, Inc.) Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2014-03-25] (Logitech, Inc.) HKU\S-1-5-21-2031439918-1463966556-2640565502-1001\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-10-17] (Apple Inc.) HKU\S-1-5-21-2031439918-1463966556-2640565502-1001\...\MountPoints2: {0af61bd2-0faf-11e1-a553-00242cfca62c} - G:\AutoRun.exe HKU\S-1-5-21-2031439918-1463966556-2640565502-1001\...\MountPoints2: {0af61bd9-0faf-11e1-a553-00242cfca62c} - G:\AutoRun.exe HKU\S-1-5-21-2031439918-1463966556-2640565502-1001\...\MountPoints2: {22e440d3-107a-11e1-936f-00248c6f3dee} - G:\AutoRun.exe HKU\S-1-5-21-2031439918-1463966556-2640565502-1001\...\MountPoints2: {7769dafb-665f-11e2-900d-00248c6f3dee} - G:\Startme.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk [2014-06-28] ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.) ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.) BootExecute: autocheck autochk /r \??\G:autocheck autochk * ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com HKU\S-1-5-21-2031439918-1463966556-2640565502-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-2031439918-1463966556-2640565502-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie SearchScopes: HKU\S-1-5-21-2031439918-1463966556-2640565502-1001 -> {660AB554-2246-403A-9E30-965949F62C9D} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=616163&p={searchTerms} SearchScopes: HKU\S-1-5-21-2031439918-1463966556-2640565502-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear SearchScopes: HKU\S-1-5-21-2031439918-1463966556-2640565502-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={A6392BE0-AC13-438C-8871-6FBD3ED5BB7C}&mid=601c248bc7d347d0aa31d16dca8bd41d-d6195de3d23f867986718ccc499bdea056431770&lang=pl&ds=AVG&coid=avgtbavg&cmpid=1214av&pr=fr&d=2014-12-09 22:15:23&v=4.0.5.7&pid=wtu&sg=&sap=dsp&q={searchTerms} SearchScopes: HKU\S-1-5-21-2031439918-1463966556-2640565502-1001 -> {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation) Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll No File Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation) Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\waldek\AppData\Roaming\Mozilla\Firefox\Profiles\ci3qsrw6.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-20] () FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2012-04-26] (Adobe Systems, Inc.) FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] () FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2013-04-02] (Google, Inc.) FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-12-13] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-12-13] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation) FF Plugin: @real.com/nppl3260;version=17.0.15.10 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2014-11-28] (RealNetworks, Inc.) FF Plugin: @real.com/nprndlhtml5videoshim;version=17.0.15 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-10-27] (RealNetworks, Inc.) FF Plugin: @real.com/nprpplugin;version=17.0.15.10 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll [2014-11-28] (RealPlayer Cloud) FF Plugin: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files\Sony\Media Go\npmediago.dll [2013-02-14] (Sony Network Entertainment International LLC) FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-07-31] (VideoLAN) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.) FF Extension: Widevine Media Optimizer - C:\Users\waldek\AppData\Roaming\Mozilla\Firefox\Profiles\ci3qsrw6.default\Extensions\{2d3fbcf7-be69-4433-8858-c621a8d0e58d} [2014-12-18] FF Extension: AdBlock Lite - C:\Users\waldek\AppData\Roaming\Mozilla\Firefox\Profiles\ci3qsrw6.default\Extensions\jid1-dwtFBkQjb3SIQp@jetpack.xpi [2014-12-13] FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-04-23] FF HKLM\...\Firefox\Extensions: [fe_8.0@nokia.com] - C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_8.0 FF Extension: Firefox Synchronisation Extension - C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_8.0 [2012-01-16] FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-11-28] FF HKLM\...\Firefox\Extensions: [{338950EA-82DB-44C1-930D-0C28E023C9F0}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF HKLM\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-04-25] FF HKLM\...\Thunderbird\Extensions: [te_9.0@nokia.com] - C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0 FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0 [2012-01-16] Chrome: ======= CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [Not Found] Opera: ======= OPR Extension: (Gismeteo weather forecast in speed-dial) - C:\Users\waldek\AppData\Roaming\Opera Software\Opera Stable\Extensions\kibhjejfdbbjhlhmhdcjcnjpiobjgkak [2014-11-14] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 ASLDRService; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [98304 2009-03-11] () [File not signed] R2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3416016 2015-03-25] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [309232 2015-03-25] (AVG Technologies CZ, s.r.o.) R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation) S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed] S3 MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [45056 2006-12-14] (Sony Corporation) [File not signed] S3 PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [57344 2006-12-14] () [File not signed] R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-10-26] () R2 RealPlayer Cloud Service; c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-11-28] (RealNetworks, Inc.) R2 RealPlayerUpdateSvc; C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe [31856 2014-10-30] () R2 SamsungAllShareV2.0; C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [25504 2012-03-02] (Samsung Electronics Co., Ltd.) S3 SimpleSlideShowServer; C:\Program Files\Samsung\AllShare\AllShareSlideShowService.exe [27584 2012-03-02] (Samsung Electronics Co., Ltd.) S4 SonicStage Back-End Service; C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe [112184 2007-02-05] (Sony Corporation) S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) S3 SPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [69632 2006-12-14] (Sony Corporation) [File not signed] S3 SSScsiSV; C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe [75320 2007-02-05] (Sony Corporation) R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5448976 2015-04-17] (TeamViewer GmbH) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 ACPIVPC; C:\Windows\System32\DRIVERS\AcpiVpc.sys [23136 2010-01-20] (Lenovo Corporation) R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [224736 2015-03-25] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [154904 2014-11-18] (AVG Technologies CZ, s.r.o.) R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [192792 2014-08-28] (AVG Technologies CZ, s.r.o.) R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [265184 2015-02-03] (AVG Technologies CZ, s.r.o.) R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [107488 2015-02-05] (AVG Technologies CZ, s.r.o.) R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [210912 2015-02-25] (AVG Technologies CZ, s.r.o.) R3 itecir; C:\Windows\System32\DRIVERS\itecir.sys [55808 2009-06-10] (ITE Tech. Inc. ) R3 LEqdUsb; C:\Windows\System32\Drivers\LEqdUsb.Sys [42264 2014-03-19] (Logitech, Inc.) R3 LHidEqd; C:\Windows\System32\Drivers\LHidEqd.Sys [10136 2014-03-19] (Logitech, Inc.) S3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2007-07-31] (ATK0100) R3 MTsensor32; C:\Windows\System32\DRIVERS\PuAcpi32.sys [14344 2009-06-04] () R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [36624 2006-10-18] (Sonic Solutions) [File not signed] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-25 13:13 - 2015-04-25 13:13 - 00027109 _____ () C:\Users\waldek\Desktop\FRST.txt 2015-04-25 12:46 - 2015-04-25 12:46 - 00000914 _____ () C:\Users\waldek\Desktop\fixlist.txt 2015-04-25 12:45 - 2015-04-25 12:45 - 00021399 _____ () C:\Users\waldek\Desktop\AdwCleaner[S0].txt 2015-04-25 12:33 - 2015-04-25 12:37 - 00000000 ____D () C:\AdwCleaner 2015-04-25 12:32 - 2015-04-25 12:32 - 02224640 _____ () C:\Users\waldek\Downloads\adwcleaner_4.202.exe 2015-04-25 11:27 - 2015-04-25 11:27 - 00051362 _____ () C:\Users\waldek\Desktop\gmer.txt 2015-04-25 10:17 - 2015-04-25 10:17 - 00380416 _____ () C:\Users\waldek\Downloads\2isfsscz.exe 2015-04-25 10:16 - 2015-04-25 10:16 - 00042068 _____ () C:\Users\waldek\Desktop\raportAddition.txt 2015-04-25 10:16 - 2015-04-25 10:16 - 00037523 _____ () C:\Users\waldek\Downloads\raportFRST.txt 2015-04-25 10:16 - 2015-04-25 10:16 - 00037523 _____ () C:\Users\waldek\Desktop\raportFRST.txt 2015-04-25 10:14 - 2015-04-25 10:15 - 00042068 _____ () C:\Users\waldek\Downloads\Addition.txt 2015-04-25 10:13 - 2015-04-25 13:45 - 00019290 _____ () C:\Users\waldek\Downloads\FRST.txt 2015-04-25 10:12 - 2015-04-25 13:45 - 00000000 ____D () C:\FRST 2015-04-25 10:09 - 2015-04-25 10:10 - 01139200 _____ (Farbar) C:\Users\waldek\Downloads\FRST.exe 2015-04-25 09:41 - 2015-04-25 09:41 - 00000000 ____D () C:\Program Files\Logitech 2015-04-24 23:42 - 2015-04-24 23:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StrongRecovery 2015-04-24 23:42 - 2015-04-24 23:42 - 00000000 ____D () C:\Program Files\StrongRecovery 2015-04-24 23:40 - 2015-04-24 23:40 - 04456136 _____ ( ) C:\Users\waldek\Downloads\StrongRecovery.exe 2015-04-24 21:38 - 2015-04-24 21:38 - 00209408 _____ () C:\Users\waldek\Downloads\MASAŻ-OKOSTNOWY-drugi.ppt 2015-04-23 21:52 - 2009-09-29 10:58 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2015-04-21 21:40 - 2015-04-21 22:33 - 00000000 ____D () C:\Users\waldek\Desktop\london 2015-04-17 18:57 - 2015-04-17 18:57 - 00001753 _____ () C:\Users\Public\Desktop\iTunes.lnk 2015-04-17 18:57 - 2015-04-17 18:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2015-04-17 18:56 - 2015-04-17 18:57 - 00000000 ____D () C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB 2015-04-17 18:56 - 2015-04-17 18:57 - 00000000 ____D () C:\Program Files\iTunes 2015-04-17 18:56 - 2015-04-17 18:56 - 00000000 ____D () C:\Program Files\iPod 2015-04-09 09:15 - 2015-04-09 09:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud 2015-03-31 19:28 - 2015-03-31 19:28 - 00000000 ____H () C:\Users\waldek\Documents\Default.rdp ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-25 13:03 - 2009-07-14 06:34 - 00014832 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-04-25 13:03 - 2009-07-14 06:34 - 00014832 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-04-25 12:59 - 2013-10-12 07:03 - 00000000 ____D () C:\Users\waldek\AppData\Roaming\GG 2015-04-25 12:56 - 2013-05-31 18:17 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job 2015-04-25 12:56 - 2011-09-23 21:57 - 00000089 _____ () C:\AtmApInit.txt 2015-04-25 12:55 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-04-25 12:55 - 2009-07-14 06:39 - 00129604 _____ () C:\Windows\setupact.log 2015-04-25 12:39 - 2011-09-23 21:46 - 00142226 _____ () C:\Windows\PFRO.log 2015-04-25 12:31 - 2011-09-23 23:05 - 00000000 ____D () C:\Program Files\Vuze 2015-04-25 12:26 - 2014-12-09 23:15 - 00000000 ____D () C:\Program Files\AVG Web TuneUp 2015-04-25 11:00 - 2012-07-19 20:40 - 00000000 ____D () C:\ProgramData\MFAData 2015-04-25 09:43 - 2011-09-24 00:27 - 00034061 _____ () C:\Windows\LDPINST.LOG 2015-04-25 09:43 - 2011-09-24 00:27 - 00002887 _____ () C:\Windows\LkmdfCoInst.log 2015-04-25 09:43 - 2011-09-24 00:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech 2015-04-25 09:43 - 2011-09-24 00:25 - 00000000 ____D () C:\Program Files\Common Files\Logishrd 2015-04-25 09:42 - 2011-09-24 00:27 - 00016400 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys 2015-04-25 09:41 - 2011-09-24 00:26 - 00000000 ____D () C:\ProgramData\Logishrd 2015-04-25 09:33 - 2014-12-09 23:15 - 00017849 _____ () C:\Windows\system32\debug.log 2015-04-23 20:39 - 2015-03-22 11:30 - 00000929 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk 2015-04-23 20:39 - 2015-03-22 11:30 - 00000917 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk 2015-04-23 20:39 - 2015-03-22 11:30 - 00000000 ____D () C:\Program Files\TeamViewer 2015-04-20 21:07 - 2012-04-02 18:45 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2015-04-20 21:07 - 2011-09-23 22:21 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2015-04-17 18:56 - 2011-09-24 01:36 - 00000000 ____D () C:\Program Files\Common Files\Apple 2015-04-17 18:11 - 2011-09-23 21:32 - 01558380 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-04-17 18:11 - 2009-07-14 10:07 - 00701330 _____ () C:\Windows\system32\perfh015.dat 2015-04-17 18:11 - 2009-07-14 10:07 - 00136316 _____ () C:\Windows\system32\perfc015.dat 2015-04-09 17:51 - 2011-09-23 21:29 - 00000000 ____D () C:\Users\waldek 2015-04-09 09:49 - 2014-10-25 08:21 - 00000000 ____D () C:\Users\waldek\AppData\Local\D2EEF385-0D50-4490-9B5F-ADD0A52D3EAA.aplzod 2015-04-08 19:58 - 2011-09-23 22:15 - 00000000 ____D () C:\Program Files\Opera 2015-04-06 15:39 - 2011-09-24 01:39 - 00000000 ____D () C:\Users\waldek\AppData\Local\Apple Computer 2015-04-05 09:03 - 2013-10-12 07:03 - 00000000 ____D () C:\Users\waldek\AppData\Local\GG 2015-03-31 19:26 - 2011-09-23 21:23 - 01561211 _____ () C:\Windows\WindowsUpdate.log 2015-03-31 19:17 - 2014-03-31 19:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2015-03-26 20:24 - 2014-09-04 21:34 - 00000000 ____D () C:\Users\waldek\AppData\Local\Adobe 2015-03-26 20:14 - 2009-07-14 06:33 - 00411408 _____ () C:\Windows\system32\FNTCACHE.DAT ==================== Files in the root of some directories ======= 2011-10-16 20:11 - 2014-12-02 19:57 - 0010240 _____ () C:\Users\waldek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2012-11-07 23:06 - 2012-11-07 23:06 - 0007605 _____ () C:\Users\waldek\AppData\Local\Resmon.ResmonCfg 2012-02-27 20:54 - 2015-02-07 15:46 - 0009575 _____ () C:\Users\waldek\AppData\Local\unins000.dat 2015-02-07 15:46 - 2015-02-07 15:46 - 0707744 _____ () C:\Users\waldek\AppData\Local\unins000.exe 2012-02-27 20:54 - 2015-02-07 15:46 - 0011761 _____ () C:\Users\waldek\AppData\Local\unins000.msg 2011-09-23 22:07 - 2011-09-23 22:07 - 0017408 _____ () C:\Users\waldek\AppData\Local\WebpageIcons.db ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-04-25 01:43 ==================== End Of Log ============================