Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-01-2014 01 Ran by Smok (administrator) on SMOK-TOSH on 09-01-2014 11:05:11 Running from C:\Users\Smok\Desktop Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polish Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe () C:\Windows\System32\GFNEXSrv.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Windows\System32\wisptis.exe (Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe () C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe (Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE () C:\Windows\System32\atwtusb.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation) C:\Windows\System32\wisptis.exe (Filipe Lourenço) C:\Program Files (x86)\BatteryCare\BatteryCare.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE (Microsoft Corporation) C:\Windows\splwow64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Windows\System32\atwtusb.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\msiexec.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [HSON] - C:\Program Files\TOSHIBA\TBS\HSON.exe [296824 2010-09-25] (TOSHIBA Corporation) HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11775592 2011-01-12] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2186856 2011-01-10] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2679592 2011-02-03] (Synaptics Incorporated) HKLM\...\Run: [MacroKeyManager] - WTMKM.exe HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [500208 2010-03-06] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe [640376 2009-10-02] (Adobe Systems Inc.) HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe [38768 2009-10-03] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe_ID0ENQBO] - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe [378224 2008-08-15] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS4ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2012-12-22] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [651832 2011-08-24] (Sony Corporation) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKCU\...\Policies\Explorer: [HideSCAPower] 0 MountPoints2: F - F:\LaunchU3.exe -a HKU\Default\...\Run: [TOPI.EXE] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe [845176 2011-02-18] (TOSHIBA) HKU\Default User\...\Run: [TOPI.EXE] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe [845176 2011-02-18] (TOSHIBA) Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) Startup: C:\Users\Smok\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled () Startup: C:\Users\Smok\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2010.lnk ShortcutTarget: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2010.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba.msn.com HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://toshiba.eu/places?touch=4&cat=1 SearchScopes: HKCU - DefaultScope {F66006FB-0889-4039-8898-B55C2C46DEDA} URL = http://www.bing.com/search?q={searchTerms}&r=764 SearchScopes: HKCU - {92EDFAEE-399E-44B3-A7C5-E88A7CE00997} URL = http://rover.ebay.com/rover/1/4908-44618-9400-8/4?satitle={searchTerms} SearchScopes: HKCU - {9FBF8FD4-6636-4051-837B-ACAE154850A4} URL = http://www.amazon.co.uk/gp/search?ie=UTF8&keywords={searchTerms}&tag=tochibauk-win7-ie-search-21&index=blended&linkCode=ur2 SearchScopes: HKCU - {F66006FB-0889-4039-8898-B55C2C46DEDA} URL = http://www.bing.com/search?q={searchTerms}&r=764 BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll (Adobe Systems Incorporated.) Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} http://kitchenplanner.ikea.com/PL/Core/Player/2020PlayerAX_IKEA_Win32.cab DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 217.113.224.134 217.113.224.35 FireFox: ======== FF ProfilePath: C:\Users\Smok\AppData\Roaming\Mozilla\Firefox\Profiles\zerumwxe.default-1389261200158 FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll () FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll () FF Plugin-x32: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Extension: FTdownloader V3.0 - C:\Users\Smok\AppData\Roaming\Mozilla\Firefox\profiles\extensions\ftdownloader3@ftdownloader.com.xpi Chrome: ======= CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll () CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) CHR Plugin: (Java(TM) Platform SE 7 U45) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility) - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll () CHR Extension: (YouTube) - C:\Users\Smok\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Google Search) - C:\Users\Smok\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (Block site) - C:\Users\Smok\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh\3.0.2_0 CHR Extension: (AdBlock) - C:\Users\Smok\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.16_0 CHR Extension: (Google Wallet) - C:\Users\Smok\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0 CHR Extension: (Gmail) - C:\Users\Smok\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1 ==================== Services (Whitelisted) ================= S3 Adobe Version Cue CS4; C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [288112 2012-12-22] (Adobe Systems Incorporated) R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [96768 2012-05-25] (Freemake) R2 GFNEXSrv; C:\Windows\System32\GFNEXSrv.exe [162824 2010-09-09] () R2 mi-raysat_3dsmax2012_64; C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [86016 2011-02-22] () S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH) R2 WTService; C:\Windows\System32\atwtusb.exe [667368 2012-04-26] () ==================== Drivers (Whitelisted) ==================== S1 aiptektp; C:\Windows\System32\DRIVERS\aiptektp.sys [29696 2012-04-26] (WALTOP International Corp.) R3 moufiltr; C:\Windows\System32\DRIVERS\moufiltr.sys [7680 2012-04-26] (Windows (R) Codename Longhorn DDK provider) S4 pfc; C:\Windows\SysWow64\drivers\pfc.sys [14604 2003-08-11] (Padus, Inc.) R3 vhidmini; C:\Windows\System32\DRIVERS\walvhid.sys [7552 2012-04-26] (Windows (R) Win 7 DDK provider) R3 WinRing0_1_2_0; C:\Program Files (x86)\BatteryCare\WinRing0x64.sys [14544 2008-07-26] (OpenLibSys.org) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-01-09 11:05 - 2014-01-09 11:05 - 00016481 _____ C:\Users\Smok\Desktop\FRST.txt 2014-01-09 10:55 - 2014-01-09 10:55 - 00671232 _____ C:\Users\Smok\Desktop\MicrosoftFixit50688.msi 2014-01-09 10:53 - 2014-01-09 10:53 - 00000000 ____D C:\Users\Smok\Desktop\Old Firefox Data 2014-01-09 10:48 - 2014-01-09 10:48 - 00000000 ____D C:\Users\Smok\Desktop\FRST-OlderVersion 2014-01-08 22:19 - 2014-01-08 22:20 - 00000000 ____D C:\Users\Smok\Desktop\MKiDN 2014 2014-01-08 12:29 - 2014-01-09 10:48 - 01931770 _____ (Farbar) C:\Users\Smok\Desktop\FRST64.exe 2014-01-07 23:19 - 2014-01-08 12:37 - 00000000 ____D C:\Users\Smok\Desktop\Mlody Tworca 2014-01-07 22:31 - 2014-01-07 22:31 - 00708597 _____ (Farbar) C:\Users\Smok\Desktop\FSS.exe 2014-01-07 22:05 - 2014-01-09 11:05 - 00000000 ____D C:\Users\Smok\Desktop\wirus2 2014-01-07 21:19 - 2014-01-07 21:19 - 01288112 _____ (Developer Tribe (Pvt) Ltd. ) C:\Users\Smok\Downloads\setup_rr.exe 2014-01-07 21:16 - 2014-01-07 21:36 - 00001656 _____ C:\Windows\system32\ASOROSet.bin 2014-01-07 21:16 - 2014-01-07 21:17 - 00000000 ____D C:\Windows\system32\config\RCCBakup 2014-01-07 21:08 - 2014-01-07 21:17 - 00000000 ____D C:\Users\Smok\AppData\Roaming\Solvusoft 2014-01-07 21:08 - 2012-10-15 17:02 - 00019888 _____ (solvusoft) C:\Windows\system32\roboot64.exe 2014-01-07 13:45 - 2014-01-07 13:45 - 00000000 ____D C:\Users\Smok\Desktop\mgr i dyplom 2014-01-07 12:24 - 2014-01-07 13:44 - 00000000 ____D C:\Users\Smok\Desktop\Teksty 2014-01-01 02:32 - 2014-01-01 02:32 - 00000000 ____D C:\UBIOS 2014-01-01 02:32 - 2012-07-18 11:26 - 02097152 ___RH C:\TKBSR.BIN 2013-12-31 23:02 - 2013-12-31 23:02 - 00003320 _____ C:\Windows\System32\Tasks\BatteryCareAuto 2013-12-31 18:43 - 2013-12-31 18:43 - 00000000 ____D C:\Users\Smok\AppData\Roaming\BatteryCare 2013-12-31 18:43 - 2013-12-31 18:43 - 00000000 ____D C:\Program Files (x86)\BatteryCare 2013-12-31 16:36 - 2014-01-05 18:29 - 00004096 ___SH C:\Users\Smok\Thumbs.db 2013-12-27 12:38 - 2014-01-07 11:56 - 00000000 ____D C:\Users\Smok\Desktop\chomikuj2 2013-12-19 12:08 - 2014-01-02 00:02 - 00000000 ____D C:\Users\Smok\Desktop\Tajber 2013-12-16 03:00 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-12-16 03:00 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-12-16 03:00 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2013-12-16 03:00 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-12-16 03:00 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-12-16 03:00 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2013-12-16 03:00 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-12-16 03:00 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-12-16 03:00 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-12-16 03:00 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-12-16 03:00 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-12-16 03:00 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2013-12-16 03:00 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2013-12-16 03:00 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2013-12-16 03:00 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-12-16 03:00 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-12-16 03:00 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-12-16 03:00 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-12-16 03:00 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-12-16 03:00 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2013-12-16 03:00 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-12-16 03:00 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2013-12-16 03:00 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-12-16 03:00 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-12-16 03:00 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-12-16 03:00 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-12-16 03:00 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-12-16 03:00 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2013-12-16 03:00 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2013-12-16 03:00 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-12-16 03:00 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-12-14 12:14 - 2013-12-14 12:14 - 00001432 _____ C:\Users\Smok\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2013-12-14 11:06 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE 2013-12-14 11:02 - 2013-12-14 11:02 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2013-12-14 11:02 - 2013-12-14 11:02 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2013-12-14 11:02 - 2013-12-14 11:02 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2013-12-14 11:02 - 2013-12-14 11:02 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2013-12-14 11:02 - 2013-12-14 11:02 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2013-12-14 11:02 - 2013-12-14 11:02 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2013-12-14 11:02 - 2013-12-14 11:02 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2013-12-14 11:02 - 2013-12-14 11:02 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2013-12-14 11:02 - 2013-12-14 11:02 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2013-12-14 11:02 - 2013-12-14 11:02 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2013-12-14 11:02 - 2013-12-14 11:02 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2013-12-14 11:02 - 2013-12-14 11:02 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-12-14 11:02 - 2013-12-14 11:02 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2013-12-14 11:02 - 2013-12-14 11:02 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2013-12-14 11:02 - 2013-12-14 11:02 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-12-14 11:02 - 2013-12-14 11:02 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2013-12-14 11:02 - 2013-12-14 11:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2013-12-14 11:02 - 2013-12-14 11:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2013-12-14 11:02 - 2013-12-14 11:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2013-12-14 11:02 - 2013-12-14 11:02 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2013-12-12 03:08 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2013-12-12 03:08 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2013-12-12 03:08 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2013-12-12 03:08 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2013-12-11 21:15 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2013-12-11 21:15 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2013-12-11 20:56 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2013-12-11 20:56 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2013-12-11 19:51 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll 2013-12-11 19:51 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll 2013-12-11 19:45 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2013-12-11 19:34 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll 2013-12-11 19:34 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll 2013-12-11 19:28 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys 2013-12-11 19:28 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys 2013-12-11 19:17 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx 2013-12-11 19:17 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll 2013-12-11 19:17 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx 2013-12-11 19:17 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll 2013-12-11 19:17 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe 2013-12-11 19:17 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe 2013-12-11 19:17 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe 2013-12-11 19:17 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe 2013-12-11 02:47 - 2013-12-14 11:06 - 00014217 _____ C:\Windows\IE11_main.log ==================== One Month Modified Files and Folders ======= 2014-01-09 11:05 - 2014-01-09 11:05 - 00016481 _____ C:\Users\Smok\Desktop\FRST.txt 2014-01-09 11:05 - 2014-01-07 22:05 - 00000000 ____D C:\Users\Smok\Desktop\wirus2 2014-01-09 10:55 - 2014-01-09 10:55 - 00671232 _____ C:\Users\Smok\Desktop\MicrosoftFixit50688.msi 2014-01-09 10:53 - 2014-01-09 10:53 - 00000000 ____D C:\Users\Smok\Desktop\Old Firefox Data 2014-01-09 10:50 - 2013-05-12 16:41 - 00000000 ____D C:\Users\Smok\AppData\Local\Mozilla 2014-01-09 10:49 - 2011-10-26 19:34 - 00000000 ____D C:\Users\Smok 2014-01-09 10:48 - 2014-01-09 10:48 - 00000000 ____D C:\Users\Smok\Desktop\FRST-OlderVersion 2014-01-09 10:48 - 2014-01-08 12:29 - 01931770 _____ (Farbar) C:\Users\Smok\Desktop\FRST64.exe 2014-01-09 10:48 - 2013-10-28 23:19 - 00000000 ____D C:\FRST 2014-01-09 10:46 - 2012-04-16 21:16 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-01-09 10:35 - 2009-07-14 03:34 - 00000625 _____ C:\Windows\win.ini 2014-01-09 10:08 - 2011-08-05 22:10 - 01060737 _____ C:\Windows\WindowsUpdate.log 2014-01-08 22:20 - 2014-01-08 22:19 - 00000000 ____D C:\Users\Smok\Desktop\MKiDN 2014 2014-01-08 20:58 - 2012-06-02 16:15 - 00000000 ____D C:\Users\Smok\Desktop\CV i opisy projektow 2014-01-08 19:48 - 2009-07-14 05:45 - 00025120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-01-08 19:48 - 2009-07-14 05:45 - 00025120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-01-08 19:46 - 2011-02-14 10:01 - 00742046 _____ C:\Windows\system32\perfh015.dat 2014-01-08 19:46 - 2011-02-14 10:01 - 00156352 _____ C:\Windows\system32\perfc015.dat 2014-01-08 19:46 - 2009-07-14 06:13 - 01673880 _____ C:\Windows\system32\PerfStringBackup.INI 2014-01-08 19:41 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2014-01-08 19:41 - 2009-07-14 05:51 - 00076809 _____ C:\Windows\setupact.log 2014-01-08 12:37 - 2014-01-07 23:19 - 00000000 ____D C:\Users\Smok\Desktop\Mlody Tworca 2014-01-08 00:11 - 2012-12-15 13:18 - 00000000 ____D C:\Users\Smok\Desktop\performance zdjecia 2014-01-07 22:31 - 2014-01-07 22:31 - 00708597 _____ (Farbar) C:\Users\Smok\Desktop\FSS.exe 2014-01-07 21:38 - 2013-05-28 11:04 - 00000000 ____D C:\Users\Smok\Desktop\programy z pulpitu 2014-01-07 21:37 - 2010-11-21 04:47 - 00657764 _____ C:\Windows\PFRO.log 2014-01-07 21:36 - 2014-01-07 21:16 - 00001656 _____ C:\Windows\system32\ASOROSet.bin 2014-01-07 21:36 - 2009-07-14 03:34 - 97779712 _____ C:\Windows\system32\config\software.bak 2014-01-07 21:36 - 2009-07-14 03:34 - 25690112 _____ C:\Windows\system32\config\system.bak 2014-01-07 21:36 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\security.bak 2014-01-07 21:32 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\sam.bak 2014-01-07 21:30 - 2012-01-07 13:01 - 00000000 ____D C:\Users\Smok\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF Reader 2014-01-07 21:19 - 2014-01-07 21:19 - 01288112 _____ (Developer Tribe (Pvt) Ltd. ) C:\Users\Smok\Downloads\setup_rr.exe 2014-01-07 21:17 - 2014-01-07 21:16 - 00000000 ____D C:\Windows\system32\config\RCCBakup 2014-01-07 21:17 - 2014-01-07 21:08 - 00000000 ____D C:\Users\Smok\AppData\Roaming\Solvusoft 2014-01-07 13:53 - 2009-07-14 06:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2014-01-07 13:47 - 2013-03-10 00:15 - 00000000 ____D C:\Users\Smok\Desktop\zdjecia 2014-01-07 13:45 - 2014-01-07 13:45 - 00000000 ____D C:\Users\Smok\Desktop\mgr i dyplom 2014-01-07 13:44 - 2014-01-07 12:24 - 00000000 ____D C:\Users\Smok\Desktop\Teksty 2014-01-07 13:27 - 2012-04-07 18:15 - 00000000 ____D C:\Users\Smok\AppData\Roaming\vlc 2014-01-07 13:17 - 2012-12-27 15:02 - 00000000 ____D C:\ProgramData\Microsoft Help 2014-01-07 13:11 - 2012-05-20 13:22 - 00000000 ____D C:\Users\Smok\Desktop\doktorat KASK 2014-01-07 13:11 - 2012-05-03 17:38 - 00000000 ____D C:\Users\Smok\Desktop\Marta portfolio 2014-01-07 13:10 - 2013-12-08 01:11 - 00000000 ____D C:\Users\Smok\Desktop\cv 2014-01-07 13:00 - 2012-04-29 20:07 - 00000000 ____D C:\Program Files (x86)\Gabest 2014-01-07 12:55 - 2013-05-28 10:38 - 00000000 ____D C:\Program Files (x86)\Nokia 2014-01-07 12:54 - 2012-01-07 14:57 - 00000000 ____D C:\Program Files (x86)\OpenOffice.org 3 2014-01-07 12:54 - 2011-08-05 22:28 - 00033402 _____ C:\Windows\DPINST.LOG 2014-01-07 12:51 - 2013-11-14 16:13 - 00000000 ____D C:\Users\Smok\Desktop\Krakow 2014-01-07 12:01 - 2012-01-07 16:01 - 00000000 ____D C:\Users\Smok\Desktop\przychody rozchody 2014-01-07 11:56 - 2013-12-27 12:38 - 00000000 ____D C:\Users\Smok\Desktop\chomikuj2 2014-01-05 18:29 - 2013-12-31 16:36 - 00004096 ___SH C:\Users\Smok\Thumbs.db 2014-01-03 13:31 - 2013-08-05 15:16 - 00000000 ____D C:\Users\Smok\Desktop\doktoraty i Ryga 2014-01-02 11:21 - 2013-11-02 15:33 - 00000000 ____D C:\Users\Smok\AppData\Local\CrashDumps 2014-01-02 00:02 - 2013-12-19 12:08 - 00000000 ____D C:\Users\Smok\Desktop\Tajber 2014-01-01 22:43 - 2011-11-11 23:57 - 00000000 ____D C:\Users\Smok\AppData\Local\Windows Live 2014-01-01 13:49 - 2012-04-07 18:30 - 00000000 ____D C:\Users\Smok\.gstreamer-0.10 2014-01-01 02:32 - 2014-01-01 02:32 - 00000000 ____D C:\UBIOS 2013-12-31 23:02 - 2013-12-31 23:02 - 00003320 _____ C:\Windows\System32\Tasks\BatteryCareAuto 2013-12-31 18:43 - 2013-12-31 18:43 - 00000000 ____D C:\Users\Smok\AppData\Roaming\BatteryCare 2013-12-31 18:43 - 2013-12-31 18:43 - 00000000 ____D C:\Program Files (x86)\BatteryCare 2013-12-19 14:11 - 2013-10-02 20:36 - 00000000 ____D C:\Users\Smok\Desktop\studiadoktoranckieaspwgdasku 2013-12-15 21:36 - 2013-06-26 22:34 - 00000000 ____D C:\Users\Smok\Desktop\dokumentacja prasa 2013-12-14 16:16 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache 2013-12-14 12:14 - 2013-12-14 12:14 - 00001432 _____ C:\Users\Smok\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2013-12-14 12:11 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions 2013-12-14 11:06 - 2013-12-11 02:47 - 00014217 _____ C:\Windows\IE11_main.log 2013-12-14 11:02 - 2013-12-14 11:02 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2013-12-14 11:02 - 2013-12-14 11:02 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2013-12-14 11:02 - 2013-12-14 11:02 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2013-12-14 11:02 - 2013-12-14 11:02 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2013-12-14 11:02 - 2013-12-14 11:02 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2013-12-14 11:02 - 2013-12-14 11:02 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2013-12-14 11:02 - 2013-12-14 11:02 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2013-12-14 11:02 - 2013-12-14 11:02 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2013-12-14 11:02 - 2013-12-14 11:02 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2013-12-14 11:02 - 2013-12-14 11:02 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2013-12-14 11:02 - 2013-12-14 11:02 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2013-12-14 11:02 - 2013-12-14 11:02 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-12-14 11:02 - 2013-12-14 11:02 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2013-12-14 11:02 - 2013-12-14 11:02 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2013-12-14 11:02 - 2013-12-14 11:02 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-12-14 11:02 - 2013-12-14 11:02 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2013-12-14 11:02 - 2013-12-14 11:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2013-12-14 11:02 - 2013-12-14 11:02 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2013-12-14 11:02 - 2013-12-14 11:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2013-12-14 11:02 - 2013-12-14 11:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2013-12-14 11:02 - 2013-12-14 11:02 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2013-12-14 11:01 - 2013-08-15 10:09 - 00000000 ____D C:\Windows\system32\MRT 2013-12-14 10:58 - 2011-11-15 19:07 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-12-12 12:11 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD 2013-12-12 03:27 - 2009-07-14 05:45 - 03148496 _____ C:\Windows\system32\FNTCACHE.DAT 2013-12-11 00:47 - 2012-04-16 21:16 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-12-11 00:47 - 2012-04-16 21:16 - 00003868 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-12-11 00:47 - 2011-11-08 19:59 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-12-31 18:09 ==================== End Of Log ============================