Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014 01 Ran by Ewa (administrator) on EWA-KOMPUTER on 16-03-2014 12:20:40 Running from C:\Users\Ewa\Desktop\Mateusz - nie kasować Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: Polish Internet Explorer Version 8 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgrsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgcsrvx.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgwdsvc.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Skype Technologies) C:\Program Files\Skype\Updater\Updater.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation) C:\Windows\system32\igfxsrvc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgtray.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe () C:\Windows\FixCamera.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgnsx.exe () C:\Windows\vsnpstd3.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [11881544 2013-03-18] (Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-04-30] (Intel Corporation) HKLM\...\Run: [USB3MON] - C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-11] (Intel Corporation) HKLM\...\Run: [AVG_TRAY] - C:\Program Files\AVG\AVG2012\avgtray.exe [2598520 2012-11-19] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM\...\Run: [FixCamera] - C:\Windows\FixCamera.exe [20480 2007-07-11] () HKLM\...\Run: [snpstd3] - C:\Windows\vsnpstd3.exe [835584 2007-05-10] () HKU\.DEFAULT\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\.DEFAULT\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1 HKU\.DEFAULT\...\Policies\Explorer: [NoResolveSearch] 1 HKU\.DEFAULT\...\Policies\Explorer: [NoInternetOpenWith] 1 HKU\S-1-5-21-3071221329-3485222768-1727919613-1000\...\MountPoints2: {50695d49-645f-11e3-b1ee-806e6f6e6963} - E:\ASRSetup.exe ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.) BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\Ewa\AppData\Roaming\Mozilla\Firefox\Profiles\a7kbxg5s.default FF Homepage: hxxp://www.google.pl/ FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll () FF Plugin: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @mozilla.zeniko.ch/SumatraPDF_Browser_Plugin - C:\Program Files\SumatraPDF\npPdfViewer.dll (Simon Bünzli) FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Extension: FireGestures - C:\Users\Ewa\AppData\Roaming\Mozilla\Firefox\Profiles\a7kbxg5s.default\Extensions\firegestures@xuldev.org.xpi [2014-01-26] FF Extension: Adblock Plus - C:\Users\Ewa\AppData\Roaming\Mozilla\Firefox\Profiles\a7kbxg5s.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-26] FF HKLM\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files\AVG\AVG2012\Firefox4\ FF Extension: AVG Safe Search - C:\Program Files\AVG\AVG2012\Firefox4\ [] FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF HKLM\...\Firefox\Extensions: [{F53C93F1-07D5-430c-86D4-C9531B27DFAF}] - C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ FF Extension: AVG Do Not Track - C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [] ========================== Services (Whitelisted) ================= R2 AVGIDSAgent; C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe [5175856 2013-10-16] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [193288 2012-02-14] (AVG Technologies CZ, s.r.o.) S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [279024 2013-05-24] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [583680 2013-02-13] (Intel(R) Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [637912 2013-02-13] (Intel(R) Corporation) S2 Intel(R) ME Service; C:\Program Files\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation) S2 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe [203848 2013-02-19] (Realtek Semiconductor) ==================== Drivers (Whitelisted) ==================== R3 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [142176 2012-12-10] (AVG Technologies CZ, s.r.o. ) R3 AVGIDSFilter; C:\Windows\System32\DRIVERS\avgidsfilterx.sys [24144 2011-12-23] (AVG Technologies CZ, s.r.o. ) R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [24896 2012-04-19] (AVG Technologies CZ, s.r.o. ) R3 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [17232 2011-12-23] (AVG Technologies CZ, s.r.o. ) R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [250080 2012-11-08] (AVG Technologies CZ, s.r.o.) R1 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [41040 2011-12-23] (AVG Technologies CZ, s.r.o.) R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [31952 2012-01-31] (AVG Technologies CZ, s.r.o.) R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [302368 2013-04-11] (AVG Technologies CZ, s.r.o.) R2 BT848; C:\Windows\System32\drivers\BT848.SYS [291768 2001-07-03] (TelSignal Co., Ltd.) R2 BTTUNER; C:\Windows\System32\drivers\BTTUNER.SYS [21288 2001-07-03] (TelSignal Co., Ltd.) R2 BTXBAR; C:\Windows\System32\drivers\BTXBAR.SYS [12568 2001-07-03] (TelSignal Co., Ltd.) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2013-12-26] (Disc Soft Ltd) R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d6232.sys [368392 2013-02-26] (Intel Corporation) R0 iaStorA; C:\Windows\System32\DRIVERS\iaStorA.sys [538608 2013-04-30] (Intel Corporation) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [26608 2013-04-30] (Intel Corporation) R0 iusb3hcs; C:\Windows\System32\DRIVERS\iusb3hcs.sys [16880 2013-04-11] (Intel Corporation) R3 iusb3hub; C:\Windows\System32\DRIVERS\iusb3hub.sys [359408 2013-04-11] (Intel Corporation) R3 iusb3xhc; C:\Windows\System32\DRIVERS\iusb3xhc.sys [792560 2013-04-11] (Intel Corporation) R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [56432 2013-03-12] (Intel Corporation) R3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [1174880 2010-12-28] (Ralink Technology Corp.) R3 SNPSTD3; C:\Windows\System32\DRIVERS\snpstd3.sys [10551040 2009-07-17] (Sonix Co. Ltd.) S4 sptd; C:\Windows\System32\Drivers\sptd.sys [320120 2013-12-26] (Duplex Secure Ltd.) S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-03-15 12:58 - 2014-03-15 12:58 - 00000176 _____ () C:\Users\Ewa\defogger_reenable 2014-03-15 12:47 - 2014-03-16 12:20 - 00000000 ____D () C:\FRST 2014-03-15 12:44 - 2014-03-16 12:20 - 00000000 ____D () C:\Users\Ewa\Desktop\Mateusz - nie kasować 2014-03-13 16:28 - 2014-02-24 16:35 - 11020800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-03-13 16:28 - 2014-02-24 16:35 - 06041088 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-03-13 16:28 - 2014-02-24 16:35 - 02078208 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-03-13 16:28 - 2014-02-24 16:35 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-03-13 16:28 - 2014-02-24 16:35 - 00981504 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-03-13 16:28 - 2014-02-24 16:35 - 00627712 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-03-13 16:28 - 2014-02-24 16:35 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-03-13 16:28 - 2014-02-24 16:35 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-03-13 16:28 - 2014-02-24 16:35 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-03-13 16:28 - 2014-02-24 16:35 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-03-13 16:28 - 2014-02-24 14:39 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-03-13 16:28 - 2014-02-07 02:07 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-03-13 16:28 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2014-03-13 16:28 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-03-13 16:28 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2014-03-13 16:28 - 2014-01-28 03:07 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2014-03-04 10:21 - 2014-03-04 10:21 - 00000000 ___RD () C:\Program Files\Skype 2014-03-04 10:21 - 2014-03-04 10:21 - 00000000 ____D () C:\Program Files\Common Files\Skype 2014-02-15 20:18 - 2014-02-15 20:18 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-02-14 12:30 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\system32\locale.nls 2014-02-14 12:30 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2014-02-14 12:30 - 2013-12-10 03:02 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-02-14 12:30 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-02-14 12:30 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-02-14 12:30 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll 2014-02-14 12:30 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll 2014-02-14 12:30 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll 2014-02-14 12:30 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll 2014-02-14 12:30 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll 2014-02-14 12:30 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe 2014-02-14 12:30 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe 2014-02-14 12:30 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe 2014-02-14 12:30 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe 2014-02-14 12:30 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll ==================== One Month Modified Files and Folders ======= 2014-03-16 12:20 - 2014-03-15 12:47 - 00000000 ____D () C:\FRST 2014-03-16 12:20 - 2014-03-15 12:44 - 00000000 ____D () C:\Users\Ewa\Desktop\Mateusz - nie kasować 2014-03-16 12:19 - 2013-12-14 02:31 - 00029687 _____ () C:\Windows\setupact.log 2014-03-16 12:19 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-03-16 12:18 - 2013-12-14 02:33 - 01326971 _____ () C:\Windows\WindowsUpdate.log 2014-03-16 12:18 - 2009-07-14 05:34 - 00020880 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-03-16 12:18 - 2009-07-14 05:34 - 00020880 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-03-15 12:58 - 2014-03-15 12:58 - 00000176 _____ () C:\Users\Ewa\defogger_reenable 2014-03-15 12:58 - 2013-12-14 02:36 - 00000000 ____D () C:\Users\Ewa 2014-03-15 12:48 - 2013-12-14 02:59 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-03-14 17:11 - 2013-12-14 03:54 - 00000000 ____D () C:\Windows\system32\Drivers\AVG 2014-03-13 20:48 - 2013-12-14 02:59 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2014-03-13 20:48 - 2013-12-14 02:59 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2014-03-13 18:39 - 2013-12-24 20:39 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-03-13 18:39 - 2013-12-14 02:30 - 00308400 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-03-13 16:31 - 2013-12-14 03:13 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-03-07 15:58 - 2014-02-03 10:47 - 00000000 ____D () C:\Users\Ewa\Desktop\Dokumenty rodziców 2014-03-07 15:42 - 2013-12-26 19:37 - 00000000 ____D () C:\Users\Ewa\AppData\Roaming\vlc 2014-03-07 15:39 - 2013-12-14 02:58 - 00000095 _____ () C:\Windows\winamp.ini 2014-03-06 17:25 - 2013-12-14 02:42 - 01671648 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-03-06 17:25 - 2009-07-14 09:07 - 00740732 _____ () C:\Windows\system32\perfh015.dat 2014-03-06 17:25 - 2009-07-14 09:07 - 00155804 _____ () C:\Windows\system32\perfc015.dat 2014-03-04 10:21 - 2014-03-04 10:21 - 00000000 ___RD () C:\Program Files\Skype 2014-03-04 10:21 - 2014-03-04 10:21 - 00000000 ____D () C:\Program Files\Common Files\Skype 2014-03-04 10:21 - 2013-12-14 03:00 - 00000000 ____D () C:\ProgramData\Skype 2014-03-04 08:27 - 2009-07-14 05:53 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-02-24 16:35 - 2014-03-13 16:28 - 11020800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-02-24 16:35 - 2014-03-13 16:28 - 06041088 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-02-24 16:35 - 2014-03-13 16:28 - 02078208 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-02-24 16:35 - 2014-03-13 16:28 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-02-24 16:35 - 2014-03-13 16:28 - 00981504 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-02-24 16:35 - 2014-03-13 16:28 - 00627712 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-02-24 16:35 - 2014-03-13 16:28 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-02-24 16:35 - 2014-03-13 16:28 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-02-24 16:35 - 2014-03-13 16:28 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-02-24 16:35 - 2014-03-13 16:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-02-24 14:39 - 2014-03-13 16:28 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-02-16 17:50 - 2013-12-14 02:58 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-02-15 20:18 - 2014-02-15 20:18 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-02-15 11:58 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache 2014-02-14 21:07 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET 2014-02-14 12:48 - 2013-12-24 19:55 - 00000000 ____D () C:\Windows\system32\MRT 2014-02-14 12:47 - 2013-12-24 19:55 - 85946576 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-02-14 12:44 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\pl-PL ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\system32\winlogon.exe => MD5 is legit C:\Windows\system32\wininit.exe => MD5 is legit C:\Windows\system32\svchost.exe => MD5 is legit C:\Windows\system32\services.exe => MD5 is legit C:\Windows\system32\User32.dll => MD5 is legit C:\Windows\system32\userinit.exe => MD5 is legit C:\Windows\system32\rpcss.dll => MD5 is legit C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-02-18 12:59 ==================== End Of Log ============================