Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-11-2013 01 Ran by Ewelina (administrator) on KOMPUTEREWELINY on 12-11-2013 22:23:55 Running from C:\Users\Ewelina\Desktop Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polish Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe (Infowatch) C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe () C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe (Samsung Electronics) C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe (CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe (Intel Corporation) C:\windows\system32\igfxext.exe (Intel Corporation) C:\windows\system32\igfxsrvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation) C:\windows\system32\hkcmd.exe (Intel Corporation) C:\windows\system32\igfxpers.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation) HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-10-16] (Kaspersky Lab ZAO) Startup: C:\Users\Ewelina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} URL = BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: Kaspersky Passsword Manager Toolbar - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll (Kaspersky Lab) BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) Toolbar: HKLM-x32 - Kaspersky Passsword Manager Toolbar - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll (Kaspersky Lab) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 62.179.1.62 62.179.1.63 FireFox: ======== FF ProfilePath: C:\Users\Ewelina\AppData\Roaming\Mozilla\Firefox\Profiles\eoayrsuu.default-1384123269694 FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll () FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF HKLM-x32\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com FF Extension: Content Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird Chrome: ======= Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\urladvisor.crx CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\online_banking_chrome.crx CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\content_blocker_chrome.crx CHR HKLM-x32\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\virtkbd.crx CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\ab.crx ==================== Services (Whitelisted) ================= R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-10-16] (Kaspersky Lab ZAO) R2 CSObjectsSrv; C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [819040 2012-12-21] (Infowatch) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [127320 2012-04-18] () R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [164184 2012-04-18] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) S4 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-12-01] () R2 SamsungDeviceConfigurationWinService; C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe [31624 2012-02-13] () R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [163456 2012-03-09] (Atheros) ==================== Drivers (Whitelisted) ==================== R0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [84536 2011-06-02] (Infowatch) R1 CSVirtualDiskDrv; C:\Windows\System32\DRIVERS\CSVirtualDiskDrv.sys [66616 2011-06-02] (Infowatch) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [7717984 2013-10-16] (Kaspersky Lab ZAO) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [626272 2013-10-16] (Kaspersky Lab ZAO) R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [28504 2012-08-02] (Kaspersky Lab ZAO) R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-16] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-16] (Kaspersky Lab ZAO) R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-10-13] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-10-13] (Kaspersky Lab ZAO) R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2011-03-01] (Microsoft Corporation) U5 klflt; C:\Windows\System32\Drivers\klflt.sys [90208 2013-10-16] (Kaspersky Lab ZAO) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-11-12 13:05 - 2013-11-12 13:05 - 00000000 ___RD C:\Users\Ewelina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2013-11-11 22:46 - 2013-11-11 22:46 - 00000022 _____ C:\Users\Ewelina\Desktop\plik.txt 2013-11-11 19:56 - 2013-11-11 19:56 - 00347304 _____ (Microsoft Corporation) C:\Users\Ewelina\Downloads\MicrosoftFixit.WinMediaPlayer.RNP.3730762334322532.1.1.Run.exe 2013-11-11 12:56 - 2013-11-11 12:56 - 00915368 _____ (Oracle Corporation) C:\Users\Ewelina\Downloads\jxpiinstall(1).exe 2013-11-10 23:52 - 2013-11-10 23:52 - 00000000 ____D C:\Users\Ewelina\AppData\Roaming\Malwarebytes 2013-11-10 23:51 - 2013-11-10 23:51 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-11-10 23:51 - 2013-11-10 23:51 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-11-10 23:51 - 2013-11-10 23:51 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-11-10 23:51 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys 2013-11-10 23:50 - 2013-11-10 23:50 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Ewelina\Downloads\mbam-setup-1.75.0.1300.exe 2013-11-10 23:41 - 2013-11-10 23:41 - 00000000 ____D C:\Users\Ewelina\Desktop\Stare dane programu Firefox 2013-11-10 23:39 - 2013-11-10 23:39 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk 2013-11-10 23:39 - 2013-11-10 23:39 - 00000000 ____D C:\Program Files (x86)\Adobe 2013-11-10 23:36 - 2013-11-11 12:58 - 00000000 ____D C:\ProgramData\Oracle 2013-11-10 23:35 - 2013-11-10 23:35 - 00004746 _____ C:\windows\SysWOW64\jupdate-1.7.0_45-b18.log 2013-11-10 23:22 - 2013-11-10 23:22 - 00448512 _____ (OldTimer Tools) C:\Users\Ewelina\Desktop\TFC.exe 2013-11-10 23:19 - 2013-11-10 23:19 - 00007387 _____ C:\Users\Ewelina\Desktop\AdwCleaner[S0].txt 2013-11-10 23:14 - 2013-11-10 23:16 - 00000000 ____D C:\AdwCleaner 2013-11-10 23:13 - 2013-11-10 23:13 - 01073262 _____ C:\Users\Ewelina\Downloads\AdwCleaner.exe 2013-11-10 21:51 - 2013-11-10 21:51 - 00000000 ____D C:\Users\Ewelina\Desktop\Logi 2013-11-10 20:51 - 2013-11-10 20:51 - 00891184 _____ C:\Users\Ewelina\Downloads\SecurityCheck.exe 2013-11-10 20:07 - 2013-11-10 20:07 - 00377856 _____ C:\Users\Ewelina\Downloads\5nzhjmtw.exe 2013-11-10 19:58 - 2013-11-10 19:58 - 00026367 _____ C:\Users\Ewelina\Downloads\FRST.txt 2013-11-10 19:57 - 2013-11-10 19:58 - 00030900 _____ C:\Users\Ewelina\Downloads\Addition.txt 2013-11-10 19:56 - 2013-11-10 19:56 - 00000000 ____D C:\FRST 2013-11-10 19:55 - 2013-11-10 19:56 - 01957590 _____ (Farbar) C:\Users\Ewelina\Desktop\FRST64.exe 2013-11-10 19:45 - 2013-11-10 19:45 - 00116360 _____ C:\Users\Ewelina\Downloads\Extras.Txt 2013-11-10 19:42 - 2013-11-10 19:42 - 00094652 _____ C:\Users\Ewelina\Downloads\OTL.Txt 2013-11-10 19:29 - 2013-11-10 19:29 - 00602112 _____ (OldTimer Tools) C:\Users\Ewelina\Downloads\OTL.exe 2013-11-06 00:20 - 2013-11-06 00:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-10-17 14:58 - 2013-10-17 14:58 - 00000504 _____ C:\Users\Ewelina\Documents\spLog.log 2013-10-14 19:14 - 2013-10-14 19:14 - 00187792 _____ (Kaspersky Lab) C:\Users\Ewelina\Downloads\kss12.0.1.340_pl.exe 2013-10-13 14:35 - 2013-10-13 14:35 - 00002220 _____ C:\Users\Ewelina\Desktop\Bezpieczne pieniądze.lnk 2013-10-13 14:34 - 2013-10-13 14:34 - 00001078 _____ C:\Users\Public\Desktop\Kaspersky PURE 3.0.lnk 2013-10-13 14:34 - 2012-07-11 16:09 - 00064856 _____ (Kaspersky Lab) C:\windows\system32\klfphc.dll 2013-10-13 14:33 - 2013-10-13 14:33 - 00000000 ____D C:\windows\ELAMBKUP 2013-10-13 14:33 - 2011-06-02 13:39 - 00084536 _____ (Infowatch) C:\windows\system32\Drivers\CSCrySec.sys 2013-10-13 14:33 - 2011-06-02 13:39 - 00066616 _____ (Infowatch) C:\windows\system32\Drivers\CSVirtualDiskDrv.sys 2013-10-13 14:32 - 2013-11-12 21:55 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2013-10-13 14:32 - 2013-10-16 12:50 - 00626272 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\klif.sys 2013-10-13 14:32 - 2013-10-16 12:50 - 00090208 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\klflt.sys 2013-10-13 14:32 - 2013-10-13 14:32 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab 2013-10-13 14:23 - 2013-10-13 14:27 - 206922184 _____ (Kaspersky Lab ZAO) C:\Users\Ewelina\Downloads\pure13.0.2.558pl-pl.exe ==================== One Month Modified Files and Folders ======= 2013-11-12 22:21 - 2012-09-27 00:00 - 00000000 ____D C:\Users\Ewelina\AppData\Roaming\GG 2013-11-12 21:55 - 2013-10-13 14:32 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2013-11-12 21:49 - 2013-02-19 17:51 - 00000930 _____ C:\windows\Tasks\Adobe Flash Player Updater.job 2013-11-12 21:46 - 2012-05-28 21:41 - 00017650 _____ C:\windows\system32\perfh015.dat 2013-11-12 21:46 - 2012-05-28 21:41 - 00007180 _____ C:\windows\system32\perfc015.dat 2013-11-12 21:46 - 2009-07-14 06:13 - 00743990 _____ C:\windows\system32\PerfStringBackup.INI 2013-11-12 21:42 - 2012-10-07 23:21 - 00628224 ___SH C:\Users\Ewelina\Desktop\Thumbs.db 2013-11-12 21:34 - 2012-05-28 22:05 - 01106556 _____ C:\windows\WindowsUpdate.log 2013-11-12 15:14 - 2012-09-28 13:59 - 00000000 ____D C:\Users\Ewelina\AppData\Local\CrashDumps 2013-11-12 13:55 - 2009-07-14 05:51 - 00109188 _____ C:\windows\setupact.log 2013-11-12 13:09 - 2009-07-14 05:45 - 00021200 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-11-12 13:09 - 2009-07-14 05:45 - 00021200 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-11-12 13:05 - 2013-11-12 13:05 - 00000000 ___RD C:\Users\Ewelina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2013-11-12 13:02 - 2009-07-14 06:08 - 00000006 ____H C:\windows\Tasks\SA.DAT 2013-11-12 13:01 - 2009-07-14 06:08 - 00032608 _____ C:\windows\Tasks\SCHEDLGU.TXT 2013-11-11 22:46 - 2013-11-11 22:46 - 00000022 _____ C:\Users\Ewelina\Desktop\plik.txt 2013-11-11 19:56 - 2013-11-11 19:56 - 00347304 _____ (Microsoft Corporation) C:\Users\Ewelina\Downloads\MicrosoftFixit.WinMediaPlayer.RNP.3730762334322532.1.1.Run.exe 2013-11-11 12:58 - 2013-11-10 23:36 - 00000000 ____D C:\ProgramData\Oracle 2013-11-11 12:56 - 2013-11-11 12:56 - 00915368 _____ (Oracle Corporation) C:\Users\Ewelina\Downloads\jxpiinstall(1).exe 2013-11-11 12:40 - 2010-11-21 04:47 - 00672198 _____ C:\windows\PFRO.log 2013-11-10 23:52 - 2013-11-10 23:52 - 00000000 ____D C:\Users\Ewelina\AppData\Roaming\Malwarebytes 2013-11-10 23:51 - 2013-11-10 23:51 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-11-10 23:51 - 2013-11-10 23:51 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-11-10 23:51 - 2013-11-10 23:51 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-11-10 23:50 - 2013-11-10 23:50 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Ewelina\Downloads\mbam-setup-1.75.0.1300.exe 2013-11-10 23:41 - 2013-11-10 23:41 - 00000000 ____D C:\Users\Ewelina\Desktop\Stare dane programu Firefox 2013-11-10 23:39 - 2013-11-10 23:39 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk 2013-11-10 23:39 - 2013-11-10 23:39 - 00000000 ____D C:\Program Files (x86)\Adobe 2013-11-10 23:39 - 2012-10-06 16:29 - 00000000 ____D C:\Users\Ewelina\AppData\Local\Adobe 2013-11-10 23:39 - 2012-10-06 16:26 - 00000000 ____D C:\ProgramData\Adobe 2013-11-10 23:35 - 2013-11-10 23:35 - 00004746 _____ C:\windows\SysWOW64\jupdate-1.7.0_45-b18.log 2013-11-10 23:22 - 2013-11-10 23:22 - 00448512 _____ (OldTimer Tools) C:\Users\Ewelina\Desktop\TFC.exe 2013-11-10 23:19 - 2013-11-10 23:19 - 00007387 _____ C:\Users\Ewelina\Desktop\AdwCleaner[S0].txt 2013-11-10 23:16 - 2013-11-10 23:14 - 00000000 ____D C:\AdwCleaner 2013-11-10 23:16 - 2012-09-26 17:17 - 00000000 ____D C:\Users\Ewelina\AppData\Roaming\SoftGrid Client 2013-11-10 23:13 - 2013-11-10 23:13 - 01073262 _____ C:\Users\Ewelina\Downloads\AdwCleaner.exe 2013-11-10 21:51 - 2013-11-10 21:51 - 00000000 ____D C:\Users\Ewelina\Desktop\Logi 2013-11-10 20:51 - 2013-11-10 20:51 - 00891184 _____ C:\Users\Ewelina\Downloads\SecurityCheck.exe 2013-11-10 20:07 - 2013-11-10 20:07 - 00377856 _____ C:\Users\Ewelina\Downloads\5nzhjmtw.exe 2013-11-10 19:58 - 2013-11-10 19:58 - 00026367 _____ C:\Users\Ewelina\Downloads\FRST.txt 2013-11-10 19:58 - 2013-11-10 19:57 - 00030900 _____ C:\Users\Ewelina\Downloads\Addition.txt 2013-11-10 19:56 - 2013-11-10 19:56 - 00000000 ____D C:\FRST 2013-11-10 19:56 - 2013-11-10 19:55 - 01957590 _____ (Farbar) C:\Users\Ewelina\Desktop\FRST64.exe 2013-11-10 19:45 - 2013-11-10 19:45 - 00116360 _____ C:\Users\Ewelina\Downloads\Extras.Txt 2013-11-10 19:42 - 2013-11-10 19:42 - 00094652 _____ C:\Users\Ewelina\Downloads\OTL.Txt 2013-11-10 19:29 - 2013-11-10 19:29 - 00602112 _____ (OldTimer Tools) C:\Users\Ewelina\Downloads\OTL.exe 2013-11-08 17:06 - 2013-03-08 00:39 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-11-07 18:08 - 2012-09-27 00:00 - 00000000 ____D C:\Users\Ewelina\AppData\Local\GG 2013-11-06 14:19 - 2013-03-08 15:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-11-06 00:20 - 2013-11-06 00:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-10-18 01:29 - 2009-07-14 04:20 - 00000000 ____D C:\windows\rescache 2013-10-17 14:58 - 2013-10-17 14:58 - 00000504 _____ C:\Users\Ewelina\Documents\spLog.log 2013-10-16 12:50 - 2013-10-13 14:32 - 00626272 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\klif.sys 2013-10-16 12:50 - 2013-10-13 14:32 - 00090208 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\klflt.sys 2013-10-16 12:50 - 2012-09-03 17:23 - 00029280 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\klmouflt.sys 2013-10-16 12:50 - 2012-09-03 16:57 - 00029280 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\klkbdflt.sys 2013-10-16 12:50 - 2012-06-19 16:28 - 07717984 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\kl1.sys 2013-10-14 19:14 - 2013-10-14 19:14 - 00187792 _____ (Kaspersky Lab) C:\Users\Ewelina\Downloads\kss12.0.1.340_pl.exe 2013-10-13 14:51 - 2012-10-18 13:50 - 00054368 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\kltdi.sys 2013-10-13 14:51 - 2012-08-13 15:49 - 00178448 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\kneps.sys 2013-10-13 14:35 - 2013-10-13 14:35 - 00002220 _____ C:\Users\Ewelina\Desktop\Bezpieczne pieniądze.lnk 2013-10-13 14:34 - 2013-10-13 14:34 - 00001078 _____ C:\Users\Public\Desktop\Kaspersky PURE 3.0.lnk 2013-10-13 14:33 - 2013-10-13 14:33 - 00000000 ____D C:\windows\ELAMBKUP 2013-10-13 14:32 - 2013-10-13 14:32 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab 2013-10-13 14:27 - 2013-10-13 14:23 - 206922184 _____ (Kaspersky Lab ZAO) C:\Users\Ewelina\Downloads\pure13.0.2.558pl-pl.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-11-12 14:45 ==================== End Of Log ============================