Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-06-2014
Ran by T420 (administrator) on T420-KOMPUTER on 03-06-2014 20:23:56
Running from E:\download
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Polish
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
() C:\ProgramData\MobileBrServ\mbbService.exe
() C:\ProgramData\PLAY ONLINE\OnlineUpdate\ouc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
() C:\Program Files (x86)\Rock Turner\updateRockTurner.exe
() C:\Program Files (x86)\Rock Turner\bin\utilRockTurner.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Stardock) C:\Program Files (x86)\Stardock\ObjectDockPlus2\ObjectDock.exe
() C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Stardock) C:\Program Files (x86)\Stardock\ObjectDockPlus2\Dock64.exe
(Microsoft) C:\Program Files (x86)\Stardock\ObjectDockPlus2\ObjectDockTray.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SRORest.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
() C:\Program Files (x86)\Rock Turner\bin\RockTurner.PurBrowse64.exe
() C:\Program Files (x86)\Rock Turner\bin\RockTurner.BrowserAdapter.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe
(Lenovo Group Limited) C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe
() C:\Program Files (x86)\Lenovo\System Update\TvsuCommandLauncher.exe
() C:\Program Files (x86)\Lenovo\System Update\SUService.exe
() C:\Program Files (x86)\Lenovo\System Update\UACSdk.exe
() C:\Program Files (x86)\Lenovo\System Update\Tvsukernel.exe
() C:\Program Files (x86)\Lenovo\System Update\TvsuCommandLauncher.exe
(Lenovo Group Limited) C:\ProgramData\Lenovo\SystemUpdate\session\Repository\lscsetup_x64_24003_7\lscsetup_x64_24003.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [228744 2012-09-20] (Lenovo.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2010-12-14] (Conexant systems, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2907448 2012-07-05] (Synaptics Incorporated)
HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [63832 2014-03-14] (Lenovo)
HKLM\...\Run: [ALCKRESI.EXE] => C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE [388160 2012-03-30] (Lenovo Group Limited)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5581888 2014-02-24] (ESET)
HKLM-x32\...\Run: [Syncios device service] => C:\Program Files (x86)\Syncios\SynciosDeviceService.exe [720384 2014-03-07] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-328812129-6731451-2985146762-1000\...\Run: [AppSafe] => C:\Program Files (x86)\AppSafe\AppSafe.exe
HKU\S-1-5-21-328812129-6731451-2985146762-1000\...\MountPoints2: {2449ba64-a867-11e3-8b95-100ba97ec45c} - G:\AutoRun.exe
HKU\S-1-5-21-328812129-6731451-2985146762-1000\...\MountPoints2: {c1012ac1-d054-11e3-ab92-100ba97ec45c} - G:\AutoRun.exe
HKU\S-1-5-21-328812129-6731451-2985146762-1000\...\MountPoints2: {c1012ad1-d054-11e3-ab92-100ba97ec45c} - G:\AutoRun.exe
AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\Program Files (x86)\SupTab\SearchProtect64.dll [96768 2014-03-05] (Skytech Co., Ltd.)
AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL => C:\Program Files (x86)\SupTab\SearchProtect32.dll [85504 2014-03-05] (Skytech Co., Ltd.)
Lsa: [Notification Packages] scecli ACGina
Startup: C:\Users\T420\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk
ShortcutTarget: Stardock ObjectDock.lnk -> C:\Program Files (x86)\Stardock\ObjectDockPlus2\ObjectDock.exe (Stardock)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sweet-page.com/?type=hp&ts=1395439480&from=cor&uid=SAMSUNGXMZ7PA128HMCD-010L1_S0MUNEAC131739
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sweet-page.com/?type=hp&ts=1395439480&from=cor&uid=SAMSUNGXMZ7PA128HMCD-010L1_S0MUNEAC131739
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1395439480&from=cor&uid=SAMSUNGXMZ7PA128HMCD-010L1_S0MUNEAC131739&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sweet-page.com/?type=hp&ts=1395439480&from=cor&uid=SAMSUNGXMZ7PA128HMCD-010L1_S0MUNEAC131739
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sweet-page.com/?type=hp&ts=1395439480&from=cor&uid=SAMSUNGXMZ7PA128HMCD-010L1_S0MUNEAC131739
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1395439480&from=cor&uid=SAMSUNGXMZ7PA128HMCD-010L1_S0MUNEAC131739&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1395439480&from=cor&uid=SAMSUNGXMZ7PA128HMCD-010L1_S0MUNEAC131739&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sweet-page.com/?type=hp&ts=1395439480&from=cor&uid=SAMSUNGXMZ7PA128HMCD-010L1_S0MUNEAC131739
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.sweet-page.com/?type=hp&ts=1395439480&from=cor&uid=SAMSUNGXMZ7PA128HMCD-010L1_S0MUNEAC131739
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1395439480&from=cor&uid=SAMSUNGXMZ7PA128HMCD-010L1_S0MUNEAC131739&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.sweet-page.com/web/?type=ds&ts=1395439480&from=cor&uid=SAMSUNGXMZ7PA128HMCD-010L1_S0MUNEAC131739&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.sweet-page.com/web/?type=ds&ts=1395439480&from=cor&uid=SAMSUNGXMZ7PA128HMCD-010L1_S0MUNEAC131739&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.sweet-page.com/web/?type=ds&ts=1395439480&from=cor&uid=SAMSUNGXMZ7PA128HMCD-010L1_S0MUNEAC131739&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.sweet-page.com/web/?type=ds&ts=1395439480&from=cor&uid=SAMSUNGXMZ7PA128HMCD-010L1_S0MUNEAC131739&q={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.sweet-page.com/web/?type=ds&ts=1395439480&from=cor&uid=SAMSUNGXMZ7PA128HMCD-010L1_S0MUNEAC131739&q={searchTerms}
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.sweet-page.com/web/?type=ds&ts=1395439480&from=cor&uid=SAMSUNGXMZ7PA128HMCD-010L1_S0MUNEAC131739&q={searchTerms}
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Pomocnik logowania za pomocą konta Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Freemake.YoutubeButton - {e9e8eb35-ff77-455d-b677-91e5e4fc06c2} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 62.179.1.61 62.179.1.63
Tcpip\..\Interfaces\{BA7D3E91-BD47-4765-96B9-89556430F37F}: [NameServer]89.108.195.21 89.108.202.21

FireFox:
========
FF ProfilePath: C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\d4ndvpg7.default
FF NewTab: user_pref("browser.newtab.url", "");
FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", "");
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Homepage: hxxp://www.google.pl/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\d4ndvpg7.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\T420\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\T420\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\T420\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: FoxyProxy Standard - C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\d4ndvpg7.default\Extensions\foxyproxy@eric.h.jung [2014-02-04]
FF Extension: Easy YouTube Video Downloader - C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\d4ndvpg7.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b} [2013-08-06]
FF Extension: YouTube Video and Audio Downloader - C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\d4ndvpg7.default\Extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2013-10-28]
FF Extension: SearchReset - C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\d4ndvpg7.default\Extensions\searchreset@gavinsharp.com.xpi [2013-07-08]
FF Extension: Google Translator for Firefox - C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\d4ndvpg7.default\Extensions\translator@zoli.bod.xpi [2013-04-06]
FF Extension: Easy YouTube Video Downloader - C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\d4ndvpg7.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi [2013-08-06]
FF Extension: SoundCloud Downloader - Technowise - C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\d4ndvpg7.default\Extensions\{c8d3bc80-0810-4d21-a2c2-be5f2b2832ac}.xpi [2014-01-23]
FF Extension: Adblock Plus - C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\d4ndvpg7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-10]
FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2013-08-06]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-06-03]
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com\
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com\ []
FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\
FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\ []
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-06-03]

Chrome: 
=======
CHR Extension: (Freemake Video Downloader) - C:\Users\T420\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf [2013-08-06]
CHR Extension: (Freemake Youtube Download Button) - C:\Users\T420\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh [2013-08-06]
CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-08-06]
CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx [2013-08-06]

==================== Services (Whitelisted) =================

S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [320576 2012-05-16] (Lenovo.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1343408 2014-02-24] (ESET)
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-02-25] (Ellora Assets Corp.)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [1663880 2014-05-06] ()
S3 Macromedia Licensing Service; C:\Program Files (x86)\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [68096 2013-02-24] ()
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [232288 2012-03-12] ()
S2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22072 2012-09-12] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368896 2012-09-12] (Microsoft Corporation)
S2 PLAY ONLINE. RunOuc; C:\Program Files (x86)\PLAY ONLINE\UpdateDog\ouc.exe [246112 2014-04-30] ()
R2 SROSVC; C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe [446800 2012-03-05] (Lenovo Group Limited)
R3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24120 2014-02-21] ()
R2 ThinkVantage Registry Monitor Service; C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe [1028096 2010-08-31] (Lenovo Group Limited)
S3 TVT Backup Service; C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe [1492280 2011-08-18] (Lenovo Group Limited)
R2 Update Rock Turner; C:\Program Files (x86)\Rock Turner\updateRockTurner.exe [317728 2014-06-01] ()
R2 Util Rock Turner; C:\Program Files (x86)\Rock Turner\bin\utilRockTurner.exe [317728 2014-06-01] ()
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [496640 2014-03-22] (Cherished Technololgy LIMITED)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3325232 2012-06-25] (Intel® Corporation)
S2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe -service [X]

==================== Drivers (Whitelisted) ====================

R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
S0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [239296 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [220232 2013-09-17] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44120 2013-09-17] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62136 2013-09-17] (ESET)
U5 ew_hwusbdev; C:\Windows\System32\Drivers\ew_hwusbdev.sys [117248 2014-04-30] (Huawei Technologies Co., Ltd.)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [229376 2014-04-30] (Huawei Technologies Co., Ltd.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [228768 2012-08-30] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [128456 2012-08-30] (Microsoft Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [78336 2013-01-03] (Research In Motion Limited)
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [27960 2012-07-05] (Synaptics Incorporated)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-02-26] (Duplex Secure Ltd.)
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [40248 2011-05-30] (Lenovo Information Product(ShenZhen China) Inc.)
R1 {8ce1c375-1e13-43f7-a4fd-6530f47c4fde}w64; C:\Windows\System32\drivers\{8ce1c375-1e13-43f7-a4fd-6530f47c4fde}w64.sys [61120 2014-05-22] (StdLib)
U3 atb226qa; C:\Windows\System32\Drivers\atb226qa.sys [0 ] (Intel Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-03 20:23 - 2014-06-03 20:23 - 00001991 _____ () C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2014-06-03 20:22 - 2014-06-03 20:24 - 00000000 ____D () C:\FRST
2014-06-03 20:18 - 2014-06-03 20:18 - 00000134 _____ () C:\Users\T420\Desktop\Internet Explorer Troubleshooting.url
2014-06-03 20:14 - 2014-06-03 20:14 - 00000000 ____D () C:\ProgramData\ESET
2014-06-03 20:14 - 2014-06-03 20:14 - 00000000 ____D () C:\Program Files\ESET
2014-06-03 17:39 - 2014-06-03 17:39 - 00000000 ____D () C:\Mały Książę
2014-06-01 07:39 - 2014-05-22 18:24 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\{8ce1c375-1e13-43f7-a4fd-6530f47c4fde}w64.sys
2014-05-30 15:04 - 2014-06-03 19:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-30 15:04 - 2014-05-30 15:04 - 00004401 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-05-30 15:00 - 2014-05-07 14:59 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-05-30 15:00 - 2014-05-07 14:59 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-05-30 15:00 - 2014-05-07 14:58 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-05-30 14:56 - 2014-06-02 14:26 - 00000250 _____ () C:\Windows\Tasks\AppSafe.job
2014-05-30 14:56 - 2014-05-30 14:56 - 00002966 _____ () C:\Windows\System32\Tasks\AppSafe
2014-05-30 14:55 - 2014-06-03 19:56 - 00000288 _____ () C:\Windows\Tasks\AppCloudUpdater.job
2014-05-30 14:55 - 2014-06-03 19:16 - 00000000 ____D () C:\Users\T420\AppData\Roaming\AppCloudUpdater
2014-05-30 14:55 - 2014-06-03 19:16 - 00000000 ____D () C:\Users\T420\AppData\Roaming\1H1Q
2014-05-30 14:55 - 2014-06-03 19:16 - 00000000 ____D () C:\Program Files (x86)\Rock Turner
2014-05-30 14:55 - 2014-05-30 14:55 - 00003236 _____ () C:\Windows\System32\Tasks\AppCloudUpdater
2014-05-26 17:44 - 2014-05-26 17:44 - 00146976 ____H () C:\Windows\SysWOW64\mlfcache.dat
2014-05-23 07:49 - 2014-05-06 02:46 - 17847808 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-23 07:49 - 2014-05-06 02:21 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-23 07:49 - 2014-05-06 02:21 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-23 07:49 - 2014-05-06 01:32 - 12347392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-23 07:49 - 2014-05-06 01:14 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-22 23:17 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-22 23:17 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-22 23:17 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-22 23:17 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-22 23:17 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-22 23:17 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-22 23:17 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-22 23:17 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-22 23:17 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-22 23:17 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-22 23:17 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-22 23:17 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-22 23:17 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-22 23:17 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-22 23:17 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-22 23:17 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-22 23:17 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-22 23:17 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-22 23:17 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-22 23:17 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-22 23:17 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-22 23:17 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-22 23:17 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-22 23:17 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-22 23:17 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-22 23:17 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-22 23:17 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-22 23:17 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-22 23:17 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-22 23:17 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-22 23:17 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-22 23:17 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-22 23:17 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-22 23:17 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-22 23:17 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-22 23:17 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-22 23:17 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-22 23:17 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-22 23:17 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-22 23:17 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-22 23:17 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-22 23:17 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-22 06:45 - 2014-05-06 01:14 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-18 18:46 - 2014-05-21 08:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\i-Funbox DevTeam
2014-05-18 18:46 - 2014-05-18 21:19 - 00000000 ____D () C:\Program Files (x86)\i-Funbox DevTeam
2014-05-18 18:46 - 2014-05-18 18:46 - 00001052 _____ () C:\Users\Public\Desktop\iFunbox.lnk
2014-05-18 18:46 - 2014-05-18 18:46 - 00000000 ____D () C:\Users\T420\AppData\Roaming\iFunbox_UserCache
2014-05-18 18:15 - 2014-05-21 08:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-05-18 18:10 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-18 18:10 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-18 18:10 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-18 08:46 - 2014-05-18 08:46 - 00000000 ____D () C:\Users\T420\AppData\Roaming\redsn0w
2014-05-18 08:45 - 2014-05-18 18:04 - 00000000 ____D () C:\Users\T420\Desktop\redsn0w_win_0.9.15b3
2014-05-10 06:53 - 2014-05-10 21:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-07 00:00 - 2014-05-23 20:06 - 00000000 ___SD () C:\Windows\system32\CompatTel

==================== One Month Modified Files and Folders =======

2014-06-03 20:25 - 2012-11-23 14:46 - 00000000 ____D () C:\Users\T420\AppData\Local\Temp
2014-06-03 20:24 - 2014-06-03 20:22 - 00000000 ____D () C:\FRST
2014-06-03 20:23 - 2014-06-03 20:23 - 00001991 _____ () C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2014-06-03 20:23 - 2012-11-23 16:32 - 00000000 ____D () C:\Windows\System32\Tasks\Lenovo
2014-06-03 20:23 - 2012-11-23 16:05 - 00000000 ____D () C:\Program Files\Lenovo
2014-06-03 20:23 - 2012-11-23 15:35 - 00000000 ____D () C:\Windows\Downloaded Installations
2014-06-03 20:23 - 2012-11-23 14:46 - 01211598 _____ () C:\Windows\WindowsUpdate.log
2014-06-03 20:22 - 2014-03-22 00:04 - 00000000 ____D () C:\ProgramData\IePluginService
2014-06-03 20:18 - 2014-06-03 20:18 - 00000134 _____ () C:\Users\T420\Desktop\Internet Explorer Troubleshooting.url
2014-06-03 20:18 - 2014-03-19 16:08 - 00432748 _____ () C:\Windows\IE11_main.log
2014-06-03 20:14 - 2014-06-03 20:14 - 00000000 ____D () C:\ProgramData\ESET
2014-06-03 20:14 - 2014-06-03 20:14 - 00000000 ____D () C:\Program Files\ESET
2014-06-03 19:58 - 2014-02-26 09:58 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-03 19:57 - 2009-07-14 06:45 - 00006736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-03 19:57 - 2009-07-14 06:45 - 00006736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-03 19:56 - 2014-05-30 14:55 - 00000288 _____ () C:\Windows\Tasks\AppCloudUpdater.job
2014-06-03 19:54 - 2009-07-14 19:55 - 00778232 _____ () C:\Windows\system32\perfh015.dat
2014-06-03 19:54 - 2009-07-14 19:55 - 00171258 _____ () C:\Windows\system32\perfc015.dat
2014-06-03 19:54 - 2009-07-14 07:13 - 01758394 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-03 19:51 - 2009-07-14 04:34 - 00000717 _____ () C:\Windows\win.ini
2014-06-03 19:50 - 2014-03-16 14:20 - 00023679 _____ () C:\Windows\setupact.log
2014-06-03 19:50 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-03 19:19 - 2012-11-23 14:46 - 00000000 ____D () C:\Users\T420
2014-06-03 19:16 - 2014-05-30 15:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-03 19:16 - 2014-05-30 14:55 - 00000000 ____D () C:\Users\T420\AppData\Roaming\AppCloudUpdater
2014-06-03 19:16 - 2014-05-30 14:55 - 00000000 ____D () C:\Users\T420\AppData\Roaming\1H1Q
2014-06-03 19:16 - 2014-05-30 14:55 - 00000000 ____D () C:\Program Files (x86)\Rock Turner
2014-06-03 19:16 - 2013-02-01 19:15 - 00000000 ____D () C:\Users\T420\AppData\Roaming\uTorrent
2014-06-03 19:16 - 2013-01-22 20:42 - 00000000 ____D () C:\Users\T420\AppData\Roaming\Skype
2014-06-03 19:16 - 2012-11-23 15:33 - 00000000 ____D () C:\Windows\System32\Tasks\TVT
2014-06-03 19:16 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-06-03 19:14 - 2013-03-09 15:48 - 00000000 ____D () C:\Program Files (x86)\Java
2014-06-03 19:14 - 2012-11-23 15:33 - 00000000 ____D () C:\ProgramData\Lenovo
2014-06-03 17:39 - 2014-06-03 17:39 - 00000000 ____D () C:\Mały Książę
2014-06-02 14:26 - 2014-05-30 14:56 - 00000250 _____ () C:\Windows\Tasks\AppSafe.job
2014-05-30 15:04 - 2014-05-30 15:04 - 00004401 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-05-30 15:01 - 2013-11-08 11:19 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-30 14:56 - 2014-05-30 14:56 - 00002966 _____ () C:\Windows\System32\Tasks\AppSafe
2014-05-30 14:55 - 2014-05-30 14:55 - 00003236 _____ () C:\Windows\System32\Tasks\AppCloudUpdater
2014-05-26 17:44 - 2014-05-26 17:44 - 00146976 ____H () C:\Windows\SysWOW64\mlfcache.dat
2014-05-24 06:54 - 2012-11-23 15:36 - 00110944 _____ () C:\Users\T420\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-24 00:27 - 2013-03-16 17:54 - 00000000 ____D () C:\Users\T420\AppData\Roaming\vlc
2014-05-23 20:55 - 2012-11-23 14:46 - 00000000 ___RD () C:\Users\T420\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-23 20:55 - 2012-11-23 14:46 - 00000000 ___RD () C:\Users\T420\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-23 20:32 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-23 20:06 - 2014-05-07 00:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-23 20:06 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-23 07:50 - 2014-02-28 11:08 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-05-23 07:50 - 2013-02-10 15:32 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-23 07:48 - 2013-08-08 15:14 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-23 07:46 - 2012-11-23 16:03 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-22 23:08 - 2014-02-28 11:05 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-05-22 18:24 - 2014-06-01 07:39 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\{8ce1c375-1e13-43f7-a4fd-6530f47c4fde}w64.sys
2014-05-21 23:07 - 2009-07-14 06:45 - 00432888 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-21 23:06 - 2014-03-22 11:06 - 00006090 _____ () C:\Windows\PFRO.log
2014-05-21 08:16 - 2014-05-18 18:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\i-Funbox DevTeam
2014-05-21 08:16 - 2014-05-18 18:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-05-21 08:16 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2014-05-18 22:04 - 2013-03-24 13:51 - 00000000 ____D () C:\Users\T420\AppData\Local\Apple Computer
2014-05-18 21:19 - 2014-05-18 18:46 - 00000000 ____D () C:\Program Files (x86)\i-Funbox DevTeam
2014-05-18 18:58 - 2014-02-26 09:58 - 00003868 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-18 18:58 - 2013-01-22 19:49 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-18 18:58 - 2013-01-22 19:49 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-18 18:46 - 2014-05-18 18:46 - 00001052 _____ () C:\Users\Public\Desktop\iFunbox.lnk
2014-05-18 18:46 - 2014-05-18 18:46 - 00000000 ____D () C:\Users\T420\AppData\Roaming\iFunbox_UserCache
2014-05-18 18:15 - 2014-01-29 23:01 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-05-18 18:15 - 2014-01-29 23:01 - 00000000 ____D () C:\Program Files\iTunes
2014-05-18 18:15 - 2014-01-29 23:01 - 00000000 ____D () C:\Program Files\iPod
2014-05-18 18:15 - 2014-01-29 23:01 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-05-18 18:05 - 2009-07-14 07:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-18 18:04 - 2014-05-18 08:45 - 00000000 ____D () C:\Users\T420\Desktop\redsn0w_win_0.9.15b3
2014-05-18 18:04 - 2013-02-03 20:05 - 00000000 ____D () C:\Users\T420\AppData\Roaming\NapiProjekt
2014-05-18 18:04 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-18 08:46 - 2014-05-18 08:46 - 00000000 ____D () C:\Users\T420\AppData\Roaming\redsn0w
2014-05-14 22:03 - 2013-01-24 22:22 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-10 21:59 - 2014-05-10 06:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-09 08:14 - 2014-05-22 23:17 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-22 23:17 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-07 15:02 - 2013-11-08 11:19 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-05-07 14:59 - 2014-05-30 15:00 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-05-07 14:59 - 2014-05-30 15:00 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-05-07 14:58 - 2014-05-30 15:00 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-05-06 02:46 - 2014-05-23 07:49 - 17847808 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 02:21 - 2014-05-23 07:49 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 02:21 - 2014-05-23 07:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 01:32 - 2014-05-23 07:49 - 12347392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 01:14 - 2014-05-23 07:49 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 01:14 - 2014-05-22 06:45 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

Some content of TEMP:
====================
C:\Users\T420\AppData\Local\Temp\7-zip.dll
C:\Users\T420\AppData\Local\Temp\7z.dll
C:\Users\T420\AppData\Local\Temp\7z.exe
C:\Users\T420\AppData\Local\Temp\htmlayout.dll
C:\Users\T420\AppData\Local\Temp\IrsoDLL.dll
C:\Users\T420\AppData\Local\Temp\proxy_vole2700913084220908176.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-06-01 08:06

==================== End Of Log ============================