Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-12-2013 Ran by KRYSTIAN (administrator) on TOSHIBA-KIKUS on 25-12-2013 18:09:17 Running from C:\Users\KRYSTIAN\Desktop Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polish Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe () C:\Windows\System32\GFNEXSrv.exe (Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe () C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe (Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe (Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE () C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe (TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe (Toshiba) C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosLeSrvUseMng.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosLeBtMng.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosLeSrvProvider.exe (TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosA2dp.exe (TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHid.exe (TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHSP.exe (TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosAVRC.exe (TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\tosOBEX.exe (TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\tosBtProc.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12446824 2012-02-01] (Realtek Semiconductor) HKLM\...\Run: [SRS Premium Sound HD] - C:\Program Files\SRS Labs\SRS Control Panel\SRS_Premium_Sound_HD.zip [223180 2012-02-06] () HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2866960 2011-12-19] (Synaptics Incorporated) HKLM\...\Run: [TPwrMain] - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe [590256 2011-09-23] (TOSHIBA Corporation) HKLM\...\Run: [TCrdMain] - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [989056 2011-12-14] (TOSHIBA Corporation) HKLM\...\Run: [Teco] - C:\Program Files\TOSHIBA\TECO\Teco.exe [1548208 2011-11-24] (TOSHIBA Corporation) HKLM\...\Run: [TosWaitSrv] - C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [712096 2011-12-14] (TOSHIBA Corporation) HKLM\...\Run: [TosSENotify] - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710560 2011-11-26] (TOSHIBA Corporation) HKLM\...\Run: [TosVolRegulator] - C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation) HKLM\...\Run: [Toshiba TEMPRO] - C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1546720 2011-02-10] (Toshiba Europe GmbH) HKLM\...\Run: [HotKeysCmds] - C:\windows\system32\hkcmd.exe [ ] () HKLM-x32\...\Run: [NBAgent] - C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe [1492264 2011-11-18] (Nero AG) HKLM-x32\...\Run: [ITSecMng] - C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [80840 2011-04-02] (TOSHIBA CORPORATION) HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-05] (Intel Corporation) HKLM-x32\...\Run: [20131121] - C:\Program Files\AVAST Software\Avast\Setup\emupdate\b7d1d2d8-895f-47f4-af20-cd2bfb0f9dd9.exe [180184 2013-11-23] (AVAST Software) HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2013-12-20] (AVAST Software) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3806544 2013-11-29] (LogMeIn Inc.) Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation) HKCU\...\Run: [KPeerNexonEU] - C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe [438272 2012-08-07] (NEXON Inc.) HKCU\...\Run: [ares] - C:\Program Files (x86)\Ares\Ares.exe [3209216 2012-02-02] (Ares Development Group) HKU\Default\...\Run: [TOPI.EXE] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe [846936 2011-05-16] (TOSHIBA) HKU\Default User\...\Run: [TOPI.EXE] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe [846936 2011-05-16] (TOSHIBA) Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.pl/ HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TEUA&bmod=TEUA HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie SearchScopes: HKLM-x32 - {589FC5E9-38F6-FFB9-3B7F-02B87C97A530} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TEUA; SearchScopes: HKCU - DefaultScope {441B0A9D-1487-481B-BDA3-F1D33B69F07F} URL = http://www.google.com/search?q={searchTerms}&rlz=1I7TEUA_plPL493 SearchScopes: HKCU - {441B0A9D-1487-481B-BDA3-F1D33B69F07F} URL = http://www.google.com/search?q={searchTerms}&rlz=1I7TEUA_plPL493 BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll () BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll () Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) DPF: HKLM-x32 {92ECE6FA-AC2E-4042-BFAE-0C8608E52A43} https://www.bph.pl/sezam/components/SignActivX.cab Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.1 Tcpip\..\Interfaces\{60A130D4-76BE-4251-BAE0-7570F02EC58E}: [NameServer]213.158.199.1 213.158.199.5 ==================== Services (Whitelisted) ================= R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-20] (AVAST Software) R2 GFNEXSrv; C:\Windows\System32\GFNEXSrv.exe [162824 2010-09-10] () R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-01-29] (Nero AG) S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [224096 2011-06-17] () R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377104 2013-10-11] (LogMeIn, Inc.) S3 npggsvc; C:\windows\SysWow64\GameMon.des [3889424 2011-08-02] (INCA Internet Co., Ltd.) R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () R2 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH) S3 xsherlock; C:\windows\SysWow64\xsherlock.xem [675936 2012-07-29] (Wellbia.com Co., Ltd.) S3 gusvc; "C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe" [x] ==================== Drivers (Whitelisted) ==================== R0 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-10-31] (AVAST Software) R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [78648 2013-12-20] (AVAST Software) R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [92544 2013-12-20] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-20] () R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [1034464 2013-12-20] (AVAST Software) R1 aswSP; C:\windows\system32\drivers\aswSP.sys [422216 2013-12-20] (AVAST Software) R3 aswStm; C:\windows\system32\drivers\aswStm.sys [79672 2013-12-20] (AVAST Software) R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-12-19] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2013-12-20] () R0 FSProFilter; C:\Windows\System32\Drivers\FSPFltd.sys [54848 2010-07-22] (FSPro Labs) S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [239104 2012-09-18] (Huawei Technologies Co., Ltd.) S3 NPPTNT2; C:\windows\SysWow64\npptNT2.sys [4682 2005-01-01] (INCA Internet Co., Ltd.) R3 RtkBtFilter; C:\Windows\System32\DRIVERS\RtkBtfilter.sys [21096 2012-01-05] (Realtek Microelectronics) R3 RTL8192Ce; C:\Windows\System32\DRIVERS\rtwlane.sys [1082472 2012-01-17] (Realtek Semiconductor Corporation ) S3 ss_bserd; C:\Windows\System32\DRIVERS\ss_bserd.sys [128000 2009-09-19] (MCCI Corporation) S3 zte_cdc_acm; C:\Windows\System32\DRIVERS\zte_cdc_acm.sys [79872 2011-08-10] (ZTE) S3 zte_cpo; C:\Windows\System32\DRIVERS\zte_cpo.sys [14336 2011-08-10] (ZTE) U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [119296 2008-04-17] (Huawei Technologies Co., Ltd.) U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] () ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-12-25 18:01 - 2013-12-25 18:01 - 01928716 _____ (Farbar) C:\Users\KRYSTIAN\Downloads\FRST64 (2).exe 2013-12-25 17:59 - 2013-12-25 17:59 - 01928716 _____ (Farbar) C:\Users\KRYSTIAN\Downloads\FRST64 (1).exe 2013-12-25 17:56 - 2013-12-25 17:56 - 01928716 _____ (Farbar) C:\Users\KRYSTIAN\Desktop\FRST64.exe 2013-12-23 16:21 - 2013-12-23 16:21 - 00085752 _____ C:\Users\KRYSTIAN\AppData\Local\GDIPFONTCACHEV1.DAT 2013-12-23 16:20 - 2013-12-25 17:48 - 00000224 _____ C:\windows\setupact.log 2013-12-23 16:20 - 2013-12-23 16:20 - 00346352 _____ C:\windows\system32\FNTCACHE.DAT 2013-12-23 16:20 - 2013-12-23 16:20 - 00000000 _____ C:\windows\setuperr.log 2013-12-23 05:18 - 2013-12-25 17:46 - 00019297 _____ C:\windows\IE11_main.log 2013-12-22 13:15 - 2013-12-22 13:15 - 00033247 _____ C:\Users\KRYSTIAN\Downloads\FRST2.txt 2013-12-22 13:15 - 2013-12-22 13:15 - 00027329 _____ C:\Users\KRYSTIAN\Downloads\Addition2.txt 2013-12-22 12:37 - 2013-12-22 12:37 - 00017733 _____ C:\Users\KRYSTIAN\Desktop\AdwCleaner[S0].txt 2013-12-22 12:17 - 2013-12-22 12:18 - 00000000 ____D C:\AdwCleaner 2013-12-22 12:16 - 2013-12-22 12:16 - 01226750 _____ C:\Users\KRYSTIAN\Downloads\adwcleaner.exe 2013-12-22 11:26 - 2013-12-22 11:26 - 00448512 _____ (OldTimer Tools) C:\Users\KRYSTIAN\Downloads\TFC.exe 2013-12-22 09:20 - 2013-12-22 09:20 - 00086504 _____ C:\Users\KRYSTIAN\Desktop\Extras.Txt 2013-12-22 09:19 - 2013-12-22 09:19 - 00137666 _____ C:\Users\KRYSTIAN\Desktop\OTL.Txt 2013-12-22 09:13 - 2013-12-22 09:13 - 00137666 _____ C:\Users\KRYSTIAN\Downloads\OTL.Txt 2013-12-22 09:13 - 2013-12-22 09:13 - 00086504 _____ C:\Users\KRYSTIAN\Downloads\Extras.Txt 2013-12-22 09:03 - 2013-12-25 18:09 - 00013320 _____ C:\Users\KRYSTIAN\Desktop\FRST.txt 2013-12-22 09:03 - 2013-12-22 09:03 - 00030811 _____ C:\Users\KRYSTIAN\Desktop\Addition.txt 2013-12-22 09:01 - 2013-12-22 12:45 - 00027329 _____ C:\Users\KRYSTIAN\Downloads\Addition.txt 2013-12-22 09:00 - 2013-12-25 18:08 - 00000000 ____D C:\FRST 2013-12-22 09:00 - 2013-12-22 12:45 - 00033247 _____ C:\Users\KRYSTIAN\Downloads\FRST.txt 2013-12-22 08:58 - 2013-12-22 12:43 - 02193141 _____ (Farbar) C:\Users\KRYSTIAN\Downloads\FRST64.exe 2013-12-22 08:14 - 2005-10-16 18:46 - 00000399 _____ C:\Users\KRYSTIAN\Downloads\czytaj.txt 2013-12-22 08:12 - 2013-12-22 09:03 - 00602112 _____ (OldTimer Tools) C:\Users\KRYSTIAN\Downloads\OTL.exe 2013-12-21 07:53 - 2013-12-21 07:53 - 261885952 _____ C:\Users\KRYSTIAN\Documents\Dysk Ratunkowy Toshiba.iso 2013-12-21 07:45 - 2013-12-21 07:45 - 00000000 ____D C:\Program Files (x86)\Windows Kits 2013-12-21 07:37 - 2013-12-21 07:45 - 00000000 ____D C:\Users\KRYSTIAN\Documents\AvastPEToolkit 2013-12-21 06:54 - 2013-12-21 06:54 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi 2013-12-20 21:09 - 2013-12-20 21:09 - 00000000 ____D C:\Users\KRYSTIAN\AppData\Roaming\AVAST Software 2013-12-20 20:59 - 2013-12-20 21:11 - 00079672 _____ (AVAST Software) C:\windows\system32\Drivers\aswstm.sys 2013-12-14 15:16 - 2013-12-14 15:16 - 00001018 _____ C:\Users\Public\Desktop\blueconnect.lnk 2013-12-14 15:16 - 2008-04-17 15:48 - 01003008 _____ (DiBcom SA) C:\windows\system32\Drivers\mod7700.sys 2013-12-14 15:16 - 2008-04-17 15:47 - 00119296 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\ewusbnet.sys 2013-12-14 15:16 - 2008-04-17 15:47 - 00117120 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\ewusbfake.sys 2013-12-14 15:16 - 2008-04-17 15:47 - 00115328 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\ewusbmdm.sys 2013-12-14 15:16 - 2008-04-17 15:45 - 00029696 _____ (Huawei Tech. Co., Ltd.) C:\windows\system32\Drivers\ewdcsc.sys ==================== One Month Modified Files and Folders ======= 2013-12-25 18:09 - 2013-12-22 09:03 - 00013320 _____ C:\Users\KRYSTIAN\Desktop\FRST.txt 2013-12-25 18:08 - 2013-12-22 09:00 - 00000000 ____D C:\FRST 2013-12-25 18:07 - 2012-07-18 12:01 - 00000000 ____D C:\Users\KRYSTIAN 2013-12-25 18:01 - 2013-12-25 18:01 - 01928716 _____ (Farbar) C:\Users\KRYSTIAN\Downloads\FRST64 (2).exe 2013-12-25 17:59 - 2013-12-25 17:59 - 01928716 _____ (Farbar) C:\Users\KRYSTIAN\Downloads\FRST64 (1).exe 2013-12-25 17:56 - 2013-12-25 17:56 - 01928716 _____ (Farbar) C:\Users\KRYSTIAN\Desktop\FRST64.exe 2013-12-25 17:55 - 2009-07-14 05:45 - 00024608 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-12-25 17:55 - 2009-07-14 05:45 - 00024608 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-12-25 17:49 - 2012-08-24 12:52 - 00000000 ____D C:\Users\KRYSTIAN\Documents\Bluetooth 2013-12-25 17:48 - 2013-12-23 16:20 - 00000224 _____ C:\windows\setupact.log 2013-12-25 17:48 - 2013-05-09 18:26 - 00000000 ____D C:\Users\KRYSTIAN\AppData\Local\HTC MediaHub 2013-12-25 17:48 - 2012-08-01 11:47 - 00000000 ____D C:\Users\KRYSTIAN\AppData\Local\LogMeIn Hamachi 2013-12-25 17:48 - 2009-07-14 06:08 - 00000006 ____H C:\windows\Tasks\SA.DAT 2013-12-25 17:46 - 2013-12-23 05:18 - 00019297 _____ C:\windows\IE11_main.log 2013-12-25 17:46 - 2012-04-15 02:02 - 01244072 _____ C:\windows\WindowsUpdate.log 2013-12-25 17:45 - 2012-02-26 21:43 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job 2013-12-23 18:28 - 2013-05-12 11:23 - 00000940 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3622142945-2400907622-1277845213-1001UA.job 2013-12-23 16:21 - 2013-12-23 16:21 - 00085752 _____ C:\Users\KRYSTIAN\AppData\Local\GDIPFONTCACHEV1.DAT 2013-12-23 16:20 - 2013-12-23 16:20 - 00346352 _____ C:\windows\system32\FNTCACHE.DAT 2013-12-23 16:20 - 2013-12-23 16:20 - 00000000 _____ C:\windows\setuperr.log 2013-12-22 19:41 - 2012-08-03 20:39 - 00000000 ____D C:\Users\KRYSTIAN\AppData\Roaming\Winamp 2013-12-22 13:15 - 2013-12-22 13:15 - 00033247 _____ C:\Users\KRYSTIAN\Downloads\FRST2.txt 2013-12-22 13:15 - 2013-12-22 13:15 - 00027329 _____ C:\Users\KRYSTIAN\Downloads\Addition2.txt 2013-12-22 12:45 - 2013-12-22 09:01 - 00027329 _____ C:\Users\KRYSTIAN\Downloads\Addition.txt 2013-12-22 12:45 - 2013-12-22 09:00 - 00033247 _____ C:\Users\KRYSTIAN\Downloads\FRST.txt 2013-12-22 12:43 - 2013-12-22 08:58 - 02193141 _____ (Farbar) C:\Users\KRYSTIAN\Downloads\FRST64.exe 2013-12-22 12:37 - 2013-12-22 12:37 - 00017733 _____ C:\Users\KRYSTIAN\Desktop\AdwCleaner[S0].txt 2013-12-22 12:28 - 2013-05-12 11:23 - 00000918 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3622142945-2400907622-1277845213-1001Core.job 2013-12-22 12:18 - 2013-12-22 12:17 - 00000000 ____D C:\AdwCleaner 2013-12-22 12:16 - 2013-12-22 12:16 - 01226750 _____ C:\Users\KRYSTIAN\Downloads\adwcleaner.exe 2013-12-22 11:26 - 2013-12-22 11:26 - 00448512 _____ (OldTimer Tools) C:\Users\KRYSTIAN\Downloads\TFC.exe 2013-12-22 09:52 - 2013-09-19 08:29 - 00000000 ____D C:\Users\KRYSTIAN\Desktop\kredyt 2013-12-22 09:20 - 2013-12-22 09:20 - 00086504 _____ C:\Users\KRYSTIAN\Desktop\Extras.Txt 2013-12-22 09:19 - 2013-12-22 09:19 - 00137666 _____ C:\Users\KRYSTIAN\Desktop\OTL.Txt 2013-12-22 09:13 - 2013-12-22 09:13 - 00137666 _____ C:\Users\KRYSTIAN\Downloads\OTL.Txt 2013-12-22 09:13 - 2013-12-22 09:13 - 00086504 _____ C:\Users\KRYSTIAN\Downloads\Extras.Txt 2013-12-22 09:03 - 2013-12-22 09:03 - 00030811 _____ C:\Users\KRYSTIAN\Desktop\Addition.txt 2013-12-22 09:03 - 2013-12-22 08:12 - 00602112 _____ (OldTimer Tools) C:\Users\KRYSTIAN\Downloads\OTL.exe 2013-12-22 07:14 - 2011-02-14 10:01 - 00698598 _____ C:\windows\system32\perfh015.dat 2013-12-22 07:14 - 2011-02-14 10:01 - 00135418 _____ C:\windows\system32\perfc015.dat 2013-12-22 07:14 - 2009-07-14 06:13 - 01551484 _____ C:\windows\system32\PerfStringBackup.INI 2013-12-21 07:53 - 2013-12-21 07:53 - 261885952 _____ C:\Users\KRYSTIAN\Documents\Dysk Ratunkowy Toshiba.iso 2013-12-21 07:45 - 2013-12-21 07:45 - 00000000 ____D C:\Program Files (x86)\Windows Kits 2013-12-21 07:45 - 2013-12-21 07:37 - 00000000 ____D C:\Users\KRYSTIAN\Documents\AvastPEToolkit 2013-12-21 07:18 - 2009-07-14 06:08 - 00032604 _____ C:\windows\Tasks\SCHEDLGU.TXT 2013-12-21 06:54 - 2013-12-21 06:54 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi 2013-12-21 06:47 - 2013-06-06 08:31 - 00000000 ____D C:\Users\KRYSTIAN\AppData\Roaming\Media Player Classic 2013-12-21 06:19 - 2013-01-27 10:52 - 00000000 ____D C:\windows\Minidump 2013-12-20 22:26 - 2012-08-19 11:07 - 00000000 ____D C:\Program Files\CCleaner 2013-12-20 21:11 - 2013-12-20 20:59 - 00079672 _____ (AVAST Software) C:\windows\system32\Drivers\aswstm.sys 2013-12-20 21:09 - 2013-12-20 21:09 - 00000000 ____D C:\Users\KRYSTIAN\AppData\Roaming\AVAST Software 2013-12-20 20:59 - 2013-07-10 10:08 - 00207904 _____ C:\windows\system32\Drivers\aswVmm.sys 2013-12-20 20:59 - 2013-07-10 10:08 - 00065776 _____ C:\windows\system32\Drivers\aswRvrt.sys 2013-12-20 20:59 - 2013-06-02 11:26 - 01034464 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys 2013-12-20 20:59 - 2013-06-02 11:26 - 00422216 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys 2013-12-20 20:59 - 2013-06-02 11:26 - 00092544 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys 2013-12-20 20:59 - 2013-06-02 11:26 - 00078648 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys 2013-12-20 20:59 - 2013-06-02 11:26 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr 2013-12-20 20:59 - 2012-08-19 20:41 - 00334136 _____ (AVAST Software) C:\windows\system32\aswBoot.exe 2013-12-20 20:56 - 2012-08-19 20:41 - 00000000 ____D C:\ProgramData\AVAST Software 2013-12-20 20:56 - 2012-08-19 20:41 - 00000000 _____ C:\windows\SysWOW64\config.nt 2013-12-20 20:28 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\NDF 2013-12-19 14:11 - 2013-06-02 11:26 - 00064288 _____ (AVAST Software) C:\windows\system32\Drivers\aswTdi.sys 2013-12-14 15:36 - 2012-07-24 17:12 - 00000000 ____D C:\Program Files (x86)\blueconnect 2013-12-14 15:36 - 2012-02-26 21:43 - 00000000 ____D C:\windows\SysWOW64\Macromed 2013-12-14 15:36 - 2012-02-26 21:43 - 00000000 ____D C:\windows\system32\Macromed 2013-12-14 15:36 - 2009-07-14 04:20 - 00000000 ____D C:\windows\registration 2013-12-14 15:36 - 2009-07-14 04:20 - 00000000 ____D C:\windows\AppCompat 2013-12-14 15:16 - 2013-12-14 15:16 - 00001018 _____ C:\Users\Public\Desktop\blueconnect.lnk 2013-12-14 15:02 - 2012-07-24 17:12 - 00000000 ____D C:\ProgramData\DatacardService 2013-12-11 08:47 - 2012-02-26 21:43 - 00692616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe 2013-12-11 08:47 - 2012-02-26 21:43 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-12-10 10:48 - 2013-09-29 08:44 - 00000000 ____D C:\Users\KRYSTIAN\Desktop\Sprzedaż mieszkania 2013-12-06 13:53 - 2013-08-31 17:46 - 00000000 ____D C:\Users\KRYSTIAN\Desktop\muzyka 2013-11-26 12:25 - 2010-11-21 04:27 - 00267936 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe Some content of TEMP: ==================== C:\Users\KRYSTIAN\AppData\Local\Temp\ICReinstall_Setup.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-12-21 11:47 ==================== End Of Log ============================