Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-03-2014
Ran by marlena (administrator) on MARLENA-KOMP on 14-03-2014 11:49:12
Running from C:\Users\marlena\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polish
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(ASUSTeK Computer Inc.) C:\Windows\system32\FBAgent.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
() C:\Windows\SysWOW64\srvany.exe
() C:\Windows\KMService.exe
(Raxco Software, Inc.) C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
(Raxco Software, Inc.) C:\Program Files\Raxco\PerfectDisk\PDAgentS1.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe
(Raxco Software, Inc.) C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(OldTimer Tools) C:\Users\marlena\Desktop\TFC.exe
(GG Network S.A.) C:\Program Files (x86)\Gadu-Gadu 10\gg.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
(TeamViewer GmbH) c:\program files (x86)\teamviewer\version8\TeamViewer_Desktop.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Trend Micro Client Framework] - C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [192520 2010-10-12] (Trend Micro Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-3771276668-3479054325-1734754795-1000\...\MountPoints2: {f054f3c8-81ec-11e3-a5e7-001e101f82a0} - F:\AutoRun.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: TmIEPlugInBHO Class - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: IplexToALLPlayer - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files (x86)\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
Handler-x32: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
Tcpip\..\Interfaces\{F4C9A2D5-7948-4FDB-BB31-02582A6BF4E2}: [NameServer]217.116.104.104 217.116.100.100

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.122.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 - C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 - C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 - C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\marlena\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension\
FF Extension: Trend Micro NSC Firefox Extension - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension\ []

Chrome: 
=======
CHR HomePage: hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_8&idate=2014-03-04&ent=hp&u=59E308408CF310382FB0B75316221DC0
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR DefaultSearchKeyword: securesearch
CHR DefaultSearchProvider: SecureSearch
CHR DefaultSearchURL: http://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_8&idate=2014-03-04&hsimp=yhs-lavasoft&ent=ch&q={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat 5.0 CE\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Google\Chrome\Application\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\Google\Chrome\Application\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB)
CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (Zeon Plus) - C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\marlena\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.50.255) - C:\Windows\SysWOW64\npDeployJava1.dll No File

==================== Services (Whitelisted) =================

R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-02-03] (ASUS)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-08-02] (Atheros)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [339456 2010-11-16] ()
R2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2013-02-03] ()
S3 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [218624 2014-01-20] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2012-06-11] ()
R3 TiMiniService; C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [241488 2010-09-17] (Trend Micro Inc.)
S3 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 [X]

==================== Drivers (Whitelisted) ====================

R1 ATKWMIACPIIO_; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [17536 2011-09-07] (ASUS)
R3 BthMtpEnum; C:\Windows\System32\DRIVERS\BthMtpEnum.sys [64512 2009-07-14] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-02-02] (DT Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14920 2013-03-07] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] ()
R3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [256000 2014-01-20] (Huawei Technologies Co., Ltd.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R2 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [90704 2010-09-17] (Trend Micro Inc.)
R2 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [144464 2010-09-17] (Trend Micro Inc.)
R2 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [67664 2010-09-17] (Trend Micro Inc.)
R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [105552 2010-09-17] (Trend Micro Inc.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-14 11:49 - 2014-03-14 11:49 - 00015836 _____ () C:\Users\marlena\Desktop\FRST.txt
2014-03-14 11:38 - 2014-03-14 11:38 - 00000000 ____D () C:\Users\marlena\AppData\Roaming\Oracle
2014-03-14 11:29 - 2014-03-14 11:30 - 00000000 ____D () C:\ProgramData\Oracle
2014-03-14 11:29 - 2014-03-14 11:29 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-03-14 11:29 - 2014-03-14 11:29 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-03-14 11:29 - 2014-03-14 11:29 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-03-14 11:29 - 2014-03-14 11:29 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-03-14 11:28 - 2014-03-14 11:29 - 29141928 _____ (Oracle Corporation) C:\Users\marlena\Downloads\jre-7u51-windows-i586 (1).exe
2014-03-14 11:20 - 2014-03-14 11:20 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-03-14 11:20 - 2014-03-14 11:20 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-03-14 11:20 - 2014-03-14 11:20 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-03-14 11:20 - 2014-03-14 11:20 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-03-14 11:20 - 2014-03-14 11:20 - 00000000 ____D () C:\Program Files\Java
2014-03-14 11:17 - 2014-03-14 11:20 - 00000000 ____D () C:\Users\marlena\Desktop\JavaRa-2.5
2014-03-14 11:16 - 2014-03-14 11:16 - 00156058 _____ () C:\Users\marlena\Desktop\JavaRa-2.5.zip
2014-03-14 11:06 - 2014-03-14 11:08 - 30796712 _____ (Oracle Corporation) C:\Users\marlena\Downloads\jre-7u51-windows-x64.exe
2014-03-14 11:01 - 2014-03-14 11:02 - 29141928 _____ (Oracle Corporation) C:\Users\marlena\Downloads\jre-7u51-windows-i586.exe
2014-03-14 10:59 - 2014-03-14 10:59 - 00001095 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-03-14 10:56 - 2014-03-14 10:57 - 34741696 _____ (Opera Software ASA) C:\Users\marlena\Downloads\Opera_20.0.1387.77_Setup.exe
2014-03-14 10:41 - 2014-03-14 10:41 - 00921000 _____ (Oracle Corporation) C:\Users\marlena\Downloads\chromeinstall-7u51.exe
2014-03-14 10:30 - 2014-03-14 10:30 - 00448512 _____ (OldTimer Tools) C:\Users\marlena\Documents\TFC.exe
2014-03-14 10:29 - 2014-03-14 10:29 - 00448512 _____ (OldTimer Tools) C:\Users\marlena\Desktop\TFC.exe
2014-03-11 12:15 - 2014-03-11 12:15 - 00041579 _____ () C:\Users\marlena\Desktop\Desktop.rar
2014-03-11 12:00 - 2014-03-11 12:02 - 00000000 ____D () C:\AdwCleaner
2014-03-11 11:45 - 2014-03-11 11:45 - 01949184 _____ () C:\Users\marlena\Desktop\adwcleaner.exe
2014-03-11 10:53 - 2014-02-12 16:13 - 00000426 _____ () C:\AVScanner.ini
2014-03-09 19:58 - 2014-03-14 11:49 - 00000000 ____D () C:\FRST
2014-03-09 19:56 - 2014-03-09 19:57 - 02157056 _____ (Farbar) C:\Users\marlena\Desktop\FRST64.exe
2014-03-07 19:45 - 2014-03-07 19:45 - 00001303 _____ () C:\Users\Public\Desktop\EaseUS Partition Master 9.3.0.lnk
2014-03-07 19:45 - 2014-03-07 19:45 - 00000000 ____D () C:\Program Files (x86)\EaseUS
2014-03-07 19:45 - 2013-10-09 15:34 - 03381832 _____ () C:\Windows\system32\BootMan.exe
2014-03-07 19:45 - 2013-10-09 15:24 - 02499656 _____ () C:\Windows\SysWOW64\BootMan.exe
2014-03-07 19:45 - 2013-03-07 09:49 - 00100936 _____ () C:\Windows\system32\setupempdrvx64.exe
2014-03-07 19:45 - 2013-03-07 09:49 - 00087112 _____ () C:\Windows\SysWOW64\setupempdrv03.exe
2014-03-07 19:45 - 2013-03-07 09:49 - 00019840 _____ () C:\Windows\SysWOW64\EuEpmGdi.dll
2014-03-07 19:45 - 2013-03-07 09:49 - 00017480 _____ () C:\Windows\system32\epmntdrv.sys
2014-03-07 19:45 - 2013-03-07 09:49 - 00016256 _____ () C:\Windows\system32\EuEpmGdi.dll
2014-03-07 19:45 - 2013-03-07 09:49 - 00014920 _____ () C:\Windows\SysWOW64\epmntdrv.sys
2014-03-07 19:45 - 2013-03-07 09:49 - 00009800 _____ () C:\Windows\system32\EuGdiDrv.sys
2014-03-07 19:45 - 2013-03-07 09:49 - 00009160 _____ () C:\Windows\SysWOW64\EuGdiDrv.sys
2014-03-07 19:44 - 2014-03-07 19:44 - 18607760 _____ (EaseUS ) C:\Users\marlena\Downloads\EASEUS Partition Master Professional Edition 9.3.0.exe
2014-03-07 19:43 - 2014-03-07 19:43 - 00597632 _____ ( ) C:\Users\marlena\Desktop\EASEUS Partition Master Professional Edition 9.3.0_isdmgr.exe
2014-03-07 19:26 - 2014-03-07 19:26 - 00000648 _____ () C:\Users\marlena\Desktop\Total Commander 64 bit.lnk
2014-03-07 19:26 - 2014-03-07 19:26 - 00000634 _____ () C:\Users\marlena\Desktop\Total Commander.lnk
2014-03-07 19:26 - 2014-03-07 19:26 - 00000000 ____D () C:\Users\marlena\AppData\Roaming\GHISLER
2014-03-07 19:26 - 2014-03-07 19:26 - 00000000 ____D () C:\totalcmd
2014-03-07 19:25 - 2014-03-07 19:25 - 06344480 _____ (Ghisler Software GmbH) C:\Users\marlena\Desktop\tcm850x32_64.exe
2014-03-05 11:55 - 2014-03-05 11:56 - 00482440 _____ () C:\Windows\Minidump\030514-54631-01.dmp
2014-03-05 11:03 - 2014-03-14 09:59 - 00000000 ____D () C:\Windows\pss
2014-03-04 19:54 - 2014-03-04 19:54 - 01727624 _____ () C:\Users\marlena\Downloads\Adaware_Installer.exe
2014-03-04 19:50 - 2014-03-14 10:59 - 00000000 ____D () C:\Users\marlena\AppData\Roaming\Opera Software
2014-03-04 19:50 - 2014-03-14 10:59 - 00000000 ____D () C:\Users\marlena\AppData\Local\Opera Software
2014-03-04 19:48 - 2014-03-14 10:59 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-03-04 19:48 - 2014-03-04 19:48 - 08951984 _____ () C:\Users\marlena\Downloads\rmtool-setup-x86.exe
2014-03-02 12:32 - 2014-03-02 12:50 - 00000000 ____D () C:\Users\marlena\Desktop\aaaaaa
2014-02-20 21:49 - 2014-02-20 21:50 - 00769408 _____ () C:\Windows\Minidump\022014-54007-01.dmp
2014-02-20 18:09 - 2014-02-21 11:45 - 00000000 ____D () C:\Users\marlena\Desktop\Nowy folder
2014-02-18 19:44 - 2014-03-02 12:37 - 00000000 ____D () C:\Users\marlena\Desktop\reszel
2014-02-16 19:06 - 2014-02-19 11:39 - 00000000 ____D () C:\Users\marlena\Desktop\peugeot
2014-02-15 10:13 - 2014-02-15 10:19 - 00000000 ____D () C:\Users\marlena\Desktop\wywołać
2014-02-14 13:54 - 2014-03-11 11:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2014-03-14 11:49 - 2014-03-14 11:49 - 00015836 _____ () C:\Users\marlena\Desktop\FRST.txt
2014-03-14 11:49 - 2014-03-09 19:58 - 00000000 ____D () C:\FRST
2014-03-14 11:38 - 2014-03-14 11:38 - 00000000 ____D () C:\Users\marlena\AppData\Roaming\Oracle
2014-03-14 11:30 - 2014-03-14 11:29 - 00000000 ____D () C:\ProgramData\Oracle
2014-03-14 11:29 - 2014-03-14 11:29 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-03-14 11:29 - 2014-03-14 11:29 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-03-14 11:29 - 2014-03-14 11:29 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-03-14 11:29 - 2014-03-14 11:29 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-03-14 11:29 - 2014-03-14 11:28 - 29141928 _____ (Oracle Corporation) C:\Users\marlena\Downloads\jre-7u51-windows-i586 (1).exe
2014-03-14 11:29 - 2012-07-15 22:26 - 00000000 ____D () C:\Program Files (x86)\Java
2014-03-14 11:20 - 2014-03-14 11:20 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-03-14 11:20 - 2014-03-14 11:20 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-03-14 11:20 - 2014-03-14 11:20 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-03-14 11:20 - 2014-03-14 11:20 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-03-14 11:20 - 2014-03-14 11:20 - 00000000 ____D () C:\Program Files\Java
2014-03-14 11:20 - 2014-03-14 11:17 - 00000000 ____D () C:\Users\marlena\Desktop\JavaRa-2.5
2014-03-14 11:17 - 2012-09-02 18:58 - 00001050 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-14 11:16 - 2014-03-14 11:16 - 00156058 _____ () C:\Users\marlena\Desktop\JavaRa-2.5.zip
2014-03-14 11:08 - 2014-03-14 11:06 - 30796712 _____ (Oracle Corporation) C:\Users\marlena\Downloads\jre-7u51-windows-x64.exe
2014-03-14 11:02 - 2014-03-14 11:01 - 29141928 _____ (Oracle Corporation) C:\Users\marlena\Downloads\jre-7u51-windows-i586.exe
2014-03-14 10:59 - 2014-03-14 10:59 - 00001095 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-03-14 10:59 - 2014-03-04 19:50 - 00000000 ____D () C:\Users\marlena\AppData\Roaming\Opera Software
2014-03-14 10:59 - 2014-03-04 19:50 - 00000000 ____D () C:\Users\marlena\AppData\Local\Opera Software
2014-03-14 10:59 - 2014-03-04 19:48 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-03-14 10:57 - 2014-03-14 10:56 - 34741696 _____ (Opera Software ASA) C:\Users\marlena\Downloads\Opera_20.0.1387.77_Setup.exe
2014-03-14 10:49 - 2012-06-13 15:39 - 00001086 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3771276668-3479054325-1734754795-1000UA.job
2014-03-14 10:41 - 2014-03-14 10:41 - 00921000 _____ (Oracle Corporation) C:\Users\marlena\Downloads\chromeinstall-7u51.exe
2014-03-14 10:30 - 2014-03-14 10:30 - 00448512 _____ (OldTimer Tools) C:\Users\marlena\Documents\TFC.exe
2014-03-14 10:29 - 2014-03-14 10:29 - 00448512 _____ (OldTimer Tools) C:\Users\marlena\Desktop\TFC.exe
2014-03-14 10:26 - 2012-10-02 18:24 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
2014-03-14 10:26 - 2011-04-01 10:19 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-03-14 10:10 - 2009-07-14 05:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-14 10:10 - 2009-07-14 05:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-14 10:07 - 2011-11-30 10:27 - 01871716 _____ () C:\Windows\WindowsUpdate.log
2014-03-14 10:03 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2014-03-14 10:02 - 2012-09-02 18:58 - 00001046 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-14 10:02 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-14 10:02 - 2009-07-14 05:51 - 00009975 _____ () C:\Windows\setupact.log
2014-03-14 10:01 - 2012-12-24 00:24 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-14 10:01 - 2012-12-24 00:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-14 09:59 - 2014-03-05 11:03 - 00000000 ____D () C:\Windows\pss
2014-03-14 09:51 - 2012-06-23 23:20 - 00000000 ____D () C:\ProgramData\OpenFM
2014-03-14 08:05 - 2012-06-13 15:39 - 00001064 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3771276668-3479054325-1734754795-1000Core.job
2014-03-12 21:13 - 2012-12-09 21:18 - 00000000 ____D () C:\Users\marlena\AppData\Roaming\TS3Client
2014-03-12 08:18 - 2013-12-04 13:18 - 00593320 _____ () C:\Windows\IE11_main.log
2014-03-11 12:39 - 2012-10-01 22:00 - 00000000 ____D () C:\Users\marlena\Tracing
2014-03-11 12:15 - 2014-03-11 12:15 - 00041579 _____ () C:\Users\marlena\Desktop\Desktop.rar
2014-03-11 12:03 - 2011-04-01 09:03 - 00330440 _____ () C:\Windows\PFRO.log
2014-03-11 12:02 - 2014-03-11 12:00 - 00000000 ____D () C:\AdwCleaner
2014-03-11 11:54 - 2014-02-14 13:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-11 11:45 - 2014-03-11 11:45 - 01949184 _____ () C:\Users\marlena\Desktop\adwcleaner.exe
2014-03-11 11:15 - 2012-11-23 23:34 - 00000000 ____D () C:\Users\marlena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames
2014-03-11 11:14 - 2011-04-01 10:19 - 00000000 ____D () C:\Program Files (x86)\ASUS
2014-03-11 10:29 - 2012-06-11 16:47 - 00000000 ____D () C:\Users\marlena\AppData\Roaming\AIMP3
2014-03-11 10:28 - 2012-11-10 14:47 - 00001711 _____ () C:\Users\marlena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-11 10:28 - 2012-06-11 20:35 - 00000000 ____D () C:\Users\marlena
2014-03-10 16:49 - 2013-10-18 02:14 - 00000068 _____ () C:\Users\marlena\AppData\Roaming\WB.CFG
2014-03-09 20:19 - 2012-12-23 02:46 - 00001052 _____ () C:\Users\Public\Desktop\TeamViewer 8.lnk
2014-03-09 19:57 - 2014-03-09 19:56 - 02157056 _____ (Farbar) C:\Users\marlena\Desktop\FRST64.exe
2014-03-08 02:12 - 2012-12-09 21:16 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client
2014-03-08 02:10 - 2012-12-09 21:16 - 00001128 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2014-03-07 19:45 - 2014-03-07 19:45 - 00001303 _____ () C:\Users\Public\Desktop\EaseUS Partition Master 9.3.0.lnk
2014-03-07 19:45 - 2014-03-07 19:45 - 00000000 ____D () C:\Program Files (x86)\EaseUS
2014-03-07 19:44 - 2014-03-07 19:44 - 18607760 _____ (EaseUS ) C:\Users\marlena\Downloads\EASEUS Partition Master Professional Edition 9.3.0.exe
2014-03-07 19:43 - 2014-03-07 19:43 - 00597632 _____ ( ) C:\Users\marlena\Desktop\EASEUS Partition Master Professional Edition 9.3.0_isdmgr.exe
2014-03-07 19:26 - 2014-03-07 19:26 - 00000648 _____ () C:\Users\marlena\Desktop\Total Commander 64 bit.lnk
2014-03-07 19:26 - 2014-03-07 19:26 - 00000634 _____ () C:\Users\marlena\Desktop\Total Commander.lnk
2014-03-07 19:26 - 2014-03-07 19:26 - 00000000 ____D () C:\Users\marlena\AppData\Roaming\GHISLER
2014-03-07 19:26 - 2014-03-07 19:26 - 00000000 ____D () C:\totalcmd
2014-03-07 19:25 - 2014-03-07 19:25 - 06344480 _____ (Ghisler Software GmbH) C:\Users\marlena\Desktop\tcm850x32_64.exe
2014-03-06 20:25 - 2012-06-11 16:25 - 00000000 ____D () C:\ProgramData\Skype
2014-03-06 20:21 - 2011-11-30 10:43 - 00000000 ____D () C:\ProgramData\CyberLink
2014-03-06 20:21 - 2011-11-30 10:43 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2014-03-06 20:21 - 2011-11-30 10:30 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-06 16:01 - 2011-11-30 10:41 - 00002792 _____ () C:\Windows\system32\AutoRunFilter.ini
2014-03-05 11:56 - 2014-03-05 11:55 - 00482440 _____ () C:\Windows\Minidump\030514-54631-01.dmp
2014-03-05 11:56 - 2011-11-30 10:41 - 00001746 _____ () C:\Windows\system32\ServiceFilter.ini
2014-03-05 11:55 - 2012-09-20 18:22 - 416270178 _____ () C:\Windows\MEMORY.DMP
2014-03-05 11:55 - 2012-09-20 18:22 - 00000000 ____D () C:\Windows\Minidump
2014-03-04 19:54 - 2014-03-04 19:54 - 01727624 _____ () C:\Users\marlena\Downloads\Adaware_Installer.exe
2014-03-04 19:48 - 2014-03-04 19:48 - 08951984 _____ () C:\Users\marlena\Downloads\rmtool-setup-x86.exe
2014-03-03 19:05 - 2012-06-11 20:38 - 00000000 ____D () C:\Users\marlena\Documents\Bluetooth Folder
2014-03-03 19:04 - 2012-06-11 20:37 - 00000000 ____D () C:\Users\marlena\AppData\Roaming\Atheros
2014-03-03 19:00 - 2012-06-11 16:25 - 00000000 ____D () C:\Users\marlena\AppData\Roaming\Skype
2014-03-03 18:57 - 2012-06-11 20:36 - 00000000 ___HD () C:\ASUS.DAT
2014-03-02 12:50 - 2014-03-02 12:32 - 00000000 ____D () C:\Users\marlena\Desktop\aaaaaa
2014-03-02 12:37 - 2014-02-18 19:44 - 00000000 ____D () C:\Users\marlena\Desktop\reszel
2014-02-28 11:08 - 2011-02-19 06:31 - 00752552 _____ () C:\Windows\system32\perfh015.dat
2014-02-28 11:08 - 2011-02-19 06:31 - 00160176 _____ () C:\Windows\system32\perfc015.dat
2014-02-28 11:08 - 2009-07-14 06:13 - 01703170 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-27 11:33 - 2012-06-13 22:27 - 01675776 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-26 20:38 - 2011-02-20 08:03 - 00421008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll
2014-02-21 11:45 - 2014-02-20 18:09 - 00000000 ____D () C:\Users\marlena\Desktop\Nowy folder
2014-02-21 09:49 - 2014-01-19 22:46 - 00000000 ____D () C:\Users\marlena\Desktop\105___12
2014-02-20 21:50 - 2014-02-20 21:49 - 00769408 _____ () C:\Windows\Minidump\022014-54007-01.dmp
2014-02-20 21:49 - 2009-07-14 06:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-20 21:09 - 2014-01-19 22:46 - 00000000 ____D () C:\Users\marlena\Desktop\106___01
2014-02-20 21:05 - 2014-01-19 22:47 - 00000000 ____D () C:\Users\marlena\Desktop\104___11
2014-02-20 18:11 - 2012-06-19 00:33 - 00000000 ____D () C:\Users\marlena\AppData\Local\CrashDumps
2014-02-19 11:39 - 2014-02-16 19:06 - 00000000 ____D () C:\Users\marlena\Desktop\peugeot
2014-02-18 14:47 - 2013-08-02 20:16 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-18 14:41 - 2012-12-20 00:15 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-17 16:37 - 2012-09-04 16:45 - 00079872 ____H () C:\Users\marlena\Desktop\photothumb.db
2014-02-16 22:33 - 2012-09-02 19:07 - 00000000 ____D () C:\Users\marlena\AppData\Roaming\PhotoScape
2014-02-15 10:19 - 2014-02-15 10:13 - 00000000 ____D () C:\Users\marlena\Desktop\wywołać
2014-02-13 11:09 - 2012-09-27 05:32 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-13 11:09 - 2009-07-14 03:34 - 00000478 _____ () C:\Windows\win.ini
2014-02-12 16:13 - 2014-03-11 10:53 - 00000426 _____ () C:\AVScanner.ini

Files to move or delete:
====================
C:\Users\Public\OriginThinSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-09 13:00

==================== End Of Log ============================