Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-08-2014 Ran by Victoria (administrator) on WIKTORIA on 30-08-2014 18:20:33 Running from C:\Users\Victoria\Downloads Platform: Windows 8.1 (X64) OS Language: Polski (Polska) Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe (Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe (ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS Console\ASUS Console Starter.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe () C:\ProgramData\DatacardService\DCService.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Robert McNeel & Associates) C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe () C:\Program Files\Autodesk\3ds Max Design 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe (Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (ShopperPro) C:\Program Files\Common Files\ShopperPro\spbiu.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe () C:\Program Files (x86)\Netia\Mobilny Internet\AssistantServices.exe () C:\ProgramData\ASGVIS\Dongle Utilities\startvrlservice.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (WIBU-SYSTEMS AG) C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe () C:\Program Files (x86)\Netia\Mobilny Internet\UIExec.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe (MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13530184 2013-04-22] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1278024 2013-03-08] (Realtek Semiconductor) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated) HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5581888 2014-02-24] (ESET) HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-05-01] (ASUSTek Computer Inc.) HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.) HKLM-x32\...\Run: [UpdatePSTShortCut] => C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe [222504 2013-02-05] (CyberLink Corp.) HKLM-x32\...\Run: [ASUS InstantKey] => C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe [13936 2013-04-16] (ASUS) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-11-05] (Adobe Systems Incorporated) HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [111120 2012-05-24] (CyberLink) HKLM-x32\...\Run: [UIExec] => C:\Program Files (x86)\Netia\Mobilny Internet\UIExec.exe [138072 2010-03-02] () HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated) Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation) HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-04-24] ( (Atheros Communications)) HKU\.DEFAULT\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.) HKU\S-1-5-21-3094628068-4059591873-1470419566-1002\...\Run: [Power2GoExpress] => C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe [2649816 2012-12-25] (CyberLink Corp.) HKU\S-1-5-21-3094628068-4059591873-1470419566-1002\...\Run: [Spotify Web Helper] => C:\Users\Victoria\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1178168 2014-07-18] (Spotify Ltd) HKU\S-1-5-21-3094628068-4059591873-1470419566-1002\...\Run: [Akamai NetSession Interface] => C:\Users\Victoria\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.) HKU\S-1-5-21-3094628068-4059591873-1470419566-1002\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.) HKU\S-1-5-21-3094628068-4059591873-1470419566-1002\...\Run: [Facebook Update] => C:\Users\Victoria\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-02-01] (Facebook Inc.) HKU\S-1-5-21-3094628068-4059591873-1470419566-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.) HKU\S-1-5-21-3094628068-4059591873-1470419566-1002\...\Run: [Spotify] => C:\Users\Victoria\AppData\Roaming\Spotify\spotify.exe [6162488 2014-07-18] (Spotify Ltd) HKU\S-1-5-21-3094628068-4059591873-1470419566-1002\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-3094628068-4059591873-1470419566-1002\...\Policies\Explorer: [] HKU\S-1-5-21-3094628068-4059591873-1470419566-1002\...\MountPoints2: {3e9bfb94-a2fc-11e3-bea0-240a64695898} - "F:\AutoRun.exe" HKU\S-1-5-21-3094628068-4059591873-1470419566-1002\...\MountPoints2: {451ef255-5183-11e3-be86-240a64695898} - "F:\AutoRun.exe" HKU\S-1-5-21-3094628068-4059591873-1470419566-1002\...\MountPoints2: {4afd6f2a-793e-11e3-be96-240a64695898} - "G:\LaunchU3.exe" -a HKU\S-1-5-21-3094628068-4059591873-1470419566-1002\...\MountPoints2: {531f70f7-5d3c-11e3-be8c-240a64695898} - "H:\LGAutoRun.exe" HKU\S-1-5-21-3094628068-4059591873-1470419566-1002\...\MountPoints2: {6cebcd17-58aa-11e3-be89-240a64695898} - "F:\AutoRun.exe" HKU\S-1-5-21-3094628068-4059591873-1470419566-1002\...\MountPoints2: {9133429c-bb3b-11e3-bea6-240a64695898} - "F:\AutoRun.exe" HKU\S-1-5-21-3094628068-4059591873-1470419566-1002\...\MountPoints2: {ace7aa1d-9404-11e3-be9c-ac220b0c80db} - "F:\LaunchU3.exe" -a HKU\S-1-5-21-3094628068-4059591873-1470419566-1002\...\MountPoints2: {ad1fdea0-7f94-11e3-be97-240a64695898} - "F:\Setup.exe" HKU\S-1-5-21-3094628068-4059591873-1470419566-1002\...\MountPoints2: {cdb8f8ec-f64b-11e3-bebf-240a64695898} - "F:\AutoRun.exe" AppInit_DLLs: c:\windows\system32\nvinitx.dll => c:\windows\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation) AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation) AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Network Server.lnk ShortcutTarget: Network Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG) ShellIconOverlayIdentifiers: AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll () ShellIconOverlayIdentifiers: AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll () ShellIconOverlayIdentifiers: AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll () ShellIconOverlayIdentifiers: !AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: !AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: !AsusWSShellExt_U -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: AutoCAD Digital Signatures Icon Overlay Handler -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll (Autodesk, Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds&ts=1409411408&from=smt&uid=ST1000LM024XHN-M101MBB_S2Y4J9ED608081&q={searchTerms} HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hp&ts=1409411408&from=smt&uid=ST1000LM024XHN-M101MBB_S2Y4J9ED608081 HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp&ts=1409411408&from=smt&uid=ST1000LM024XHN-M101MBB_S2Y4J9ED608081 HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.searchgol.com/?babsrc=HP_ss&mntrId=EC87001E101FDB3B&affID=119357&tt=240913_91215&tsp=5016 HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=ds&ts=1409411408&from=smt&uid=ST1000LM024XHN-M101MBB_S2Y4J9ED608081&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=ds&ts=1409411408&from=smt&uid=ST1000LM024XHN-M101MBB_S2Y4J9ED608081&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp&ts=1409411408&from=smt&uid=ST1000LM024XHN-M101MBB_S2Y4J9ED608081 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hp&ts=1409411408&from=smt&uid=ST1000LM024XHN-M101MBB_S2Y4J9ED608081 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds&ts=1409411408&from=smt&uid=ST1000LM024XHN-M101MBB_S2Y4J9ED608081&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=ds&ts=1409411408&from=smt&uid=ST1000LM024XHN-M101MBB_S2Y4J9ED608081&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp&ts=1409411408&from=smt&uid=ST1000LM024XHN-M101MBB_S2Y4J9ED608081 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hp&ts=1409411408&from=smt&uid=ST1000LM024XHN-M101MBB_S2Y4J9ED608081 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds&ts=1409411408&from=smt&uid=ST1000LM024XHN-M101MBB_S2Y4J9ED608081&q={searchTerms} StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1409411408&from=smt&uid=ST1000LM024XHN-M101MBB_S2Y4J9ED608081 SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?type=ds&ts=1409411408&from=smt&uid=ST1000LM024XHN-M101MBB_S2Y4J9ED608081&q={searchTerms} SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?type=ds&ts=1409411408&from=smt&uid=ST1000LM024XHN-M101MBB_S2Y4J9ED608081&q={searchTerms} SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?type=ds&ts=1409411408&from=smt&uid=ST1000LM024XHN-M101MBB_S2Y4J9ED608081&q={searchTerms} SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?type=ds&ts=1409411408&from=smt&uid=ST1000LM024XHN-M101MBB_S2Y4J9ED608081&q={searchTerms} SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?type=ds&ts=1409411408&from=smt&uid=ST1000LM024XHN-M101MBB_S2Y4J9ED608081&q={searchTerms} SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.doko-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=EC87240A64695898&affID=125839&tsp=5038 SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?type=ds&ts=1409411408&from=smt&uid=ST1000LM024XHN-M101MBB_S2Y4J9ED608081&q={searchTerms} SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper64.dll (Goobzo Ltd.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> No File Toolbar: HKLM-x32 - No Name - {82E1477C-B154-48D3-9891-33D83C26BCD3} - No File Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Users\Victoria\AppData\Roaming\Mozilla\Firefox\Profiles\d12wegkw.default FF NewTab: hxxp://www.istartsurf.com/newtab/?type=nt&ts=1409411408&from=smt&uid=ST1000LM024XHN-M101MBB_S2Y4J9ED608081 FF DefaultSearchEngine: istartsurf FF SelectedSearchEngine: istartsurf FF Homepage: about:home FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\WINDOWS\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems) FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Victoria\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\istartsurf.xml FF Extension: Fast Start - C:\Users\Victoria\AppData\Roaming\Mozilla\Firefox\Profiles\d12wegkw.default\Extensions\faststartff@gmail.com [2014-08-30] FF Extension: NetVideoHunter - C:\Users\Victoria\AppData\Roaming\Mozilla\Firefox\Profiles\d12wegkw.default\Extensions\netvideohunter@netvideohunter.com [2013-10-02] FF Extension: CxMp3Downloader - C:\Users\Victoria\AppData\Roaming\Mozilla\Firefox\Profiles\d12wegkw.default\Extensions\cxzingdownloader@mrcuxu.com.xpi [2013-10-02] FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014-08-04] FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Victoria\AppData\Roaming\Mozilla\Firefox\Profiles\d12wegkw.default\extensions\faststartff@gmail.com FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.istartsurf.com/?type=sc&ts=1409411408&from=smt&uid=ST1000LM024XHN-M101MBB_S2Y4J9ED608081 Chrome: ======= CHR HomePage: Default -> https://www.google.pl/webhp?sourceid=chrome-instant&ion=1&espv=2&es_th=1&ie=UTF-8 CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter} CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File CHR Plugin: ( "name": "",) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) CHR Plugin: ( "name": "",) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) CHR Plugin: (WildTangent Games App V2 Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll No File CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (McAfee SecurityCenter) - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL No File CHR Profile: C:\Users\Victoria\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Dysk Google) - C:\Users\Victoria\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-17] CHR Extension: (AdBlock) - C:\Users\Victoria\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-05-30] CHR Extension: (Google Wallet) - C:\Users\Victoria\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-23] CHR Extension: (Charlotte Ronson) - C:\Users\Victoria\AppData\Local\Google\Chrome\User Data\Default\Extensions\obakimnhgahiedhcjlcnohielmendpen [2013-09-25] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-04-29] (ASUS) R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [File not signed] R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [310400 2013-04-24] (Windows (R) Win 7 DDK provider) R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed] R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2369720 2014-08-01] (Microsoft Corporation) R2 DCService.exe; C:\ProgramData\DatacardService\DCService.exe [229376 2010-05-08] () [File not signed] R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1343408 2014-02-24] (ESET) R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG) [File not signed] S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed] R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-04-11] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-04-11] (Intel Corporation) R2 McNeelUpdate; c:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [68192 2013-12-13] (Robert McNeel & Associates) R2 mi-raysat_3dsmax2014_64; C:\Program Files\Autodesk\3ds Max Design 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe [86016 2011-09-15] () [File not signed] R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-04-17] () R2 SPBIUpd; C:\Program Files\Common Files\ShopperPro\spbiu.exe [2346880 2014-08-25] (ShopperPro) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] R2 UI Assistant Service; C:\Program Files (x86)\Netia\Mobilny Internet\AssistantServices.exe [247152 2010-03-02] () R2 VRLService; C:\ProgramData\ASGVIS\Dongle Utilities\startvrlservice.exe [212992 2012-12-06] () [File not signed] S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation) S2 YouTubeAcceleratorService; C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe [1510248 2014-08-30] (GOOBZO) R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-04-24] (Atheros) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-02-06] (ASUS Corporation) S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-04-24] (Qualcomm Atheros) R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET) R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [239296 2013-09-17] (ESET) R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET) R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [157432 2013-09-17] (ESET) S3 ewusbnet; C:\Windows\system32\DRIVERS\ewusbnet.sys [252928 2010-04-30] (Huawei Technologies Co., Ltd.) R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( ) R3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro\spbiw.sys [41856 2014-08-25] () S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr)) S3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] () S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation) R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey64.sys [97792 2011-09-22] (WIBU-SYSTEMS AG) S3 WUDFWpdComp; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation) R2 SPDRIVER_1.37.0.871; \??\C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.871\jsdrv.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-30 18:20 - 2014-08-30 18:20 - 00032065 _____ () C:\Users\Victoria\Downloads\FRST.txt 2014-08-30 18:19 - 2014-08-30 18:20 - 00000000 ____D () C:\FRST 2014-08-30 18:18 - 2014-08-30 18:18 - 02103808 _____ (Farbar) C:\Users\Victoria\Downloads\FRST64.exe 2014-08-30 17:38 - 2014-08-30 17:38 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe 2014-08-30 17:37 - 2014-08-30 17:37 - 00001229 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6.lnk 2014-08-30 17:37 - 2014-08-30 17:37 - 00001093 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk 2014-08-30 17:36 - 2014-08-30 17:36 - 00001055 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk 2014-08-30 17:35 - 2014-08-30 17:35 - 00001191 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk 2014-08-30 17:33 - 2014-08-30 17:33 - 00001545 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk 2014-08-30 17:33 - 2014-08-30 17:33 - 00001375 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk 2014-08-30 17:11 - 2014-08-30 17:51 - 00000000 ____D () C:\ProgramData\YTAHelper 2014-08-30 17:11 - 2014-08-30 17:50 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator 2014-08-30 17:11 - 2014-08-30 17:48 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro 2014-08-30 17:11 - 2014-08-30 17:19 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect 2014-08-30 17:11 - 2014-08-30 17:19 - 00000000 ____D () C:\ProgramData\ShopperPro 2014-08-30 17:11 - 2014-08-30 17:19 - 00000000 ____D () C:\ProgramData\IePluginServices 2014-08-30 17:11 - 2014-08-30 17:11 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: http://www.jcomsoft.com) C:\WINDOWS\SysWOW64\AniGIF.ocx 2014-08-30 17:11 - 2014-08-30 17:11 - 00004316 _____ () C:\WINDOWS\System32\Tasks\Installer_iwebar 2014-08-30 17:11 - 2014-08-30 17:11 - 00004312 _____ () C:\WINDOWS\System32\Tasks\Installer_sense 2014-08-30 17:11 - 2014-08-30 17:11 - 00000000 ____D () C:\Users\Victoria\AppData\Local\CrashRpt 2014-08-30 17:11 - 2014-08-30 17:11 - 00000000 ____D () C:\Users\Public\Documents\YTAHelper 2014-08-30 17:11 - 2014-08-30 17:11 - 00000000 ____D () C:\Users\Public\Documents\ShopperPro 2014-08-30 17:11 - 2014-08-30 17:11 - 00000000 ____D () C:\Users\Public\Documents\GOOBZO 2014-08-30 17:11 - 2014-08-30 17:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator 2014-08-30 17:11 - 2014-08-30 17:11 - 00000000 ____D () C:\Program Files (x86)\YTAHelper 2014-08-30 17:11 - 2013-07-19 00:55 - 00000000 ____D () C:\Users\Victoria\Desktop\Adobe Photoshop CS6 Extended Final CS6 13.0 x86x64 2014-08-30 17:10 - 2014-08-30 18:07 - 00000000 ____D () C:\Program Files (x86)\SupTab 2014-08-30 17:10 - 2014-08-30 17:58 - 00000000 ____D () C:\Users\Victoria\AppData\Roaming\istartsurf 2014-08-30 17:09 - 2014-08-30 17:10 - 00000000 ____D () C:\Users\Victoria\AppData\Roaming\DAEMON Tools Lite 2014-08-30 17:08 - 2014-08-30 17:09 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite 2014-08-30 17:08 - 2014-08-30 17:08 - 13429504 _____ (Disc Soft Ltd) C:\Users\Victoria\Downloads\DTLite4491-0356.exe 2014-08-29 19:16 - 2014-08-29 19:16 - 00000000 ____D () C:\Users\Victoria\AppData\Roaming\ObviousIdea 2014-08-29 19:15 - 2014-08-29 19:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ObviousIdea 2014-08-29 19:15 - 2014-08-29 19:15 - 00000000 ____D () C:\Program Files (x86)\ObviousIdea 2014-08-29 19:14 - 2014-08-29 19:14 - 07050024 _____ (ObviousIdea ) C:\Users\Victoria\Downloads\light_image_resizer4_setup.exe 2014-08-29 19:12 - 2014-08-29 19:12 - 00471728 _____ () C:\Users\Victoria\Downloads\VSO Image Resizer 4.0.4.3 Downloader.exe 2014-08-29 19:07 - 2014-08-29 19:07 - 00922057 _____ (Brice Lambson) C:\Users\Victoria\Downloads\ImageResizerSetup.exe 2014-08-28 10:46 - 2014-08-28 10:46 - 00000000 ____D () C:\Users\Victoria\AppData\Local\Apple Computer 2014-08-27 22:18 - 2014-08-23 02:42 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2014-08-19 23:54 - 2014-08-19 23:54 - 00000000 ____D () C:\WINDOWS\System32\Tasks\GenericSettingsHandler 2014-08-16 15:30 - 2014-08-16 15:30 - 00002778 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2014-08-16 15:30 - 2014-08-16 15:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2014-08-16 15:30 - 2014-08-16 15:30 - 00000000 ____D () C:\Program Files\CCleaner 2014-08-16 15:27 - 2014-08-16 15:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe 2014-08-16 14:59 - 2014-08-16 14:59 - 00000000 ____D () C:\Users\Victoria\Documents\Adobe 2014-08-16 14:55 - 2014-08-30 17:47 - 00000000 ____D () C:\Users\Victoria\AppData\Local\Adobe 2014-08-16 14:52 - 2014-08-30 17:38 - 00000000 ____D () C:\ProgramData\Adobe 2014-08-16 14:52 - 2014-08-16 14:52 - 00002115 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 4.4.lnk 2014-08-14 22:22 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-08-14 22:22 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2014-08-14 22:22 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2014-08-14 22:22 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2014-08-14 22:22 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll 2014-08-14 22:22 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2014-08-14 22:22 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll 2014-08-14 22:22 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2014-08-14 22:22 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll 2014-08-14 22:22 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2014-08-14 22:22 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll 2014-08-14 22:22 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2014-08-14 22:22 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2014-08-14 22:22 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2014-08-14 22:22 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2014-08-14 22:22 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2014-08-14 22:22 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll 2014-08-14 22:22 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2014-08-14 22:22 - 2014-07-25 13:43 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2014-08-14 22:22 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll 2014-08-14 22:22 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2014-08-14 22:22 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2014-08-14 22:22 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2014-08-14 22:22 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2014-08-14 22:22 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2014-08-14 22:22 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2014-08-14 22:22 - 2014-07-25 13:09 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2014-08-14 22:22 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2014-08-14 22:22 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2014-08-14 22:22 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2014-08-14 22:22 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2014-08-14 22:22 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2014-08-14 22:22 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2014-08-14 22:22 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2014-08-14 22:22 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2014-08-14 22:21 - 2014-06-20 03:48 - 01273184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll 2014-08-14 22:21 - 2014-06-20 01:52 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll 2014-08-14 22:21 - 2014-06-13 03:15 - 00517528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2014-08-14 22:21 - 2014-06-13 03:14 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2014-08-14 22:21 - 2014-06-13 02:10 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2014-08-14 22:21 - 2014-06-06 13:34 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2014-08-14 22:20 - 2014-07-15 20:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe 2014-08-14 22:20 - 2014-07-15 10:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll 2014-08-14 22:20 - 2014-07-15 10:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll 2014-08-14 22:20 - 2014-07-15 10:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll 2014-08-14 22:20 - 2014-07-10 06:16 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll 2014-08-14 22:20 - 2014-07-10 06:03 - 04756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll 2014-08-14 22:20 - 2014-07-10 05:33 - 01120256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe 2014-08-14 22:20 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2014-08-14 22:20 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2014-08-14 22:20 - 2014-05-31 08:27 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2014-08-14 22:20 - 2014-05-13 09:01 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe 2014-08-14 22:20 - 2014-05-13 07:07 - 02844160 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2014-08-14 22:20 - 2014-05-13 06:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll 2014-08-14 22:20 - 2014-05-13 06:26 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll 2014-08-14 22:20 - 2014-05-13 05:59 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2014-08-14 22:20 - 2014-05-13 05:31 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll 2014-08-14 22:20 - 2014-05-03 13:29 - 01726224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2014-08-14 22:20 - 2014-05-03 11:20 - 01473080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2014-08-14 22:20 - 2014-05-03 07:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2014-08-14 22:20 - 2014-05-03 07:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll 2014-08-14 22:20 - 2014-05-03 07:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll 2014-08-14 22:20 - 2014-05-03 07:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll 2014-08-14 22:20 - 2014-05-03 06:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll 2014-08-14 22:20 - 2014-05-03 06:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll 2014-08-14 22:20 - 2014-05-03 06:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll 2014-08-14 22:20 - 2014-05-03 01:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat 2014-08-14 22:20 - 2014-05-01 07:44 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2014-08-14 22:20 - 2014-04-30 08:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys 2014-08-14 22:20 - 2014-04-30 08:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2014-08-14 22:20 - 2014-04-30 08:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys 2014-08-14 22:20 - 2014-04-30 08:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys 2014-08-14 22:20 - 2014-04-30 07:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe 2014-08-14 22:20 - 2014-04-30 06:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe 2014-08-14 22:20 - 2014-04-30 06:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll 2014-08-14 22:20 - 2014-04-30 06:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll 2014-08-14 22:20 - 2014-04-30 06:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll 2014-08-14 22:20 - 2014-04-30 06:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll 2014-08-14 22:20 - 2014-04-30 06:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL 2014-08-14 22:20 - 2014-04-30 05:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL 2014-08-14 22:20 - 2014-04-30 05:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll 2014-08-14 22:20 - 2014-04-30 05:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll 2014-08-14 22:20 - 2014-04-30 05:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll 2014-08-14 22:20 - 2014-04-30 05:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll 2014-08-14 22:20 - 2014-04-30 05:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll 2014-08-14 22:20 - 2014-04-29 00:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2014-08-14 22:20 - 2014-04-27 00:03 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2014-08-14 22:20 - 2014-04-26 22:14 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2014-08-14 22:20 - 2014-04-26 18:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll 2014-08-14 22:20 - 2014-04-14 11:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll 2014-08-14 22:20 - 2014-04-14 10:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll 2014-08-14 22:20 - 2014-04-14 07:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll 2014-08-14 22:20 - 2014-04-09 08:11 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll 2014-08-14 22:20 - 2014-04-09 07:20 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll 2014-08-14 22:19 - 2014-08-07 04:12 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2014-08-14 22:19 - 2014-08-07 00:38 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll 2014-08-14 22:19 - 2014-08-02 07:44 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2014-08-14 22:19 - 2014-08-02 05:56 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2014-08-14 22:19 - 2014-08-02 05:11 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2014-08-14 22:19 - 2014-07-12 06:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe 2014-08-14 22:19 - 2014-06-05 16:13 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll 2014-08-14 22:19 - 2014-06-05 15:14 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll 2014-08-14 22:19 - 2014-06-04 11:27 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe 2014-08-14 22:19 - 2014-06-04 07:31 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll 2014-08-14 22:19 - 2014-06-04 07:22 - 02790912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2014-08-14 22:19 - 2014-06-04 06:43 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll 2014-08-14 22:19 - 2014-06-04 06:38 - 03304448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2014-08-14 22:19 - 2014-06-04 04:15 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2014-08-14 22:19 - 2014-06-04 04:14 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2014-08-14 22:19 - 2014-06-02 04:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2014-08-14 22:19 - 2014-05-31 12:07 - 00467800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS 2014-08-14 22:19 - 2014-05-31 12:07 - 00440664 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys 2014-08-14 22:19 - 2014-05-31 12:07 - 00419672 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys 2014-08-14 22:19 - 2014-05-31 12:07 - 00089944 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys 2014-08-14 22:19 - 2014-05-31 12:07 - 00027480 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys 2014-08-14 22:19 - 2014-05-31 08:30 - 00037376 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys 2014-08-14 22:19 - 2014-05-31 08:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys 2014-08-14 22:19 - 2014-05-31 08:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys 2014-08-14 22:19 - 2014-05-31 06:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe 2014-08-14 22:19 - 2014-05-31 06:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll 2014-08-14 22:19 - 2014-05-31 06:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll 2014-08-14 22:19 - 2014-05-27 17:53 - 02518360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2014-08-14 22:19 - 2014-05-27 11:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll 2014-08-14 22:19 - 2014-05-27 11:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll 2014-08-14 22:19 - 2014-05-17 06:59 - 16871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2014-08-14 22:19 - 2014-05-17 06:13 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2014-08-13 12:44 - 2014-08-13 21:41 - 00000000 ____D () C:\Users\Victoria\Desktop\Muzyka 2014-08-12 01:37 - 2014-08-12 01:37 - 00012617 _____ () C:\Users\Victoria\Downloads\08 - sierpień harmonogram.xlsx 2014-08-06 23:27 - 2014-08-06 23:39 - 383101786 _____ () C:\Users\Victoria\Downloads\wetransfer-efbd48.zip 2014-08-04 21:22 - 2014-08-04 21:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET 2014-08-04 21:22 - 2014-08-04 21:22 - 00000000 ____D () C:\ProgramData\ESET 2014-08-04 21:22 - 2014-08-04 21:22 - 00000000 ____D () C:\Program Files\ESET 2014-08-04 20:46 - 2014-08-04 20:47 - 71143424 _____ () C:\Users\Victoria\Downloads\eav_nt64_plk (8).msi 2014-08-04 20:23 - 2014-08-04 20:25 - 71143424 _____ () C:\Users\Victoria\Downloads\eav_nt64_plk (7).msi 2014-08-01 19:47 - 2014-08-01 19:48 - 52343633 _____ () C:\Users\Victoria\Downloads\AdobeCameraRaw-7.1-mul-AdobeUpdate.zip 2014-08-01 02:13 - 2014-08-01 02:17 - 203417917 _____ () C:\Users\Victoria\Downloads\STADION NARODOWYostateczny.mp4 2014-08-01 02:11 - 2014-08-30 17:24 - 00000000 ____D () C:\Users\Victoria\AppData\Local\DM 2014-08-01 02:11 - 2014-08-01 02:11 - 00097056 _____ () C:\Users\Victoria\Downloads\STADION NARODOWYostateczny.mp4.exe ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-30 18:20 - 2014-08-30 18:20 - 00032065 _____ () C:\Users\Victoria\Downloads\FRST.txt 2014-08-30 18:20 - 2014-08-30 18:19 - 00000000 ____D () C:\FRST 2014-08-30 18:19 - 2014-06-19 14:14 - 00001074 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf8bb86d5e354.job 2014-08-30 18:18 - 2014-08-30 18:18 - 02103808 _____ (Farbar) C:\Users\Victoria\Downloads\FRST64.exe 2014-08-30 18:07 - 2014-08-30 17:10 - 00000000 ____D () C:\Program Files (x86)\SupTab 2014-08-30 18:01 - 2013-10-02 22:50 - 00000000 ____D () C:\Users\Victoria\AppData\Local\Mozilla 2014-08-30 18:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru 2014-08-30 17:58 - 2014-08-30 17:10 - 00000000 ____D () C:\Users\Victoria\AppData\Roaming\istartsurf 2014-08-30 17:58 - 2013-09-23 20:54 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3094628068-4059591873-1470419566-1002 2014-08-30 17:51 - 2014-08-30 17:11 - 00000000 ____D () C:\ProgramData\YTAHelper 2014-08-30 17:51 - 2013-11-07 19:32 - 00000000 ___DO () C:\Users\Victoria\SkyDrive 2014-08-30 17:51 - 2013-11-05 21:18 - 00003996 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{77E8EFC2-4E2C-4DEE-A113-10E828F19B7B} 2014-08-30 17:50 - 2014-08-30 17:11 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator 2014-08-30 17:49 - 2014-05-26 18:53 - 00002371 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-08-30 17:48 - 2014-08-30 17:11 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro 2014-08-30 17:47 - 2014-08-16 14:55 - 00000000 ____D () C:\Users\Victoria\AppData\Local\Adobe 2014-08-30 17:47 - 2013-09-24 03:46 - 00000074 _____ () C:\Users\Victoria\AppData\Roaming\sp_data.sys 2014-08-30 17:47 - 2013-09-23 23:43 - 00001066 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-08-30 17:46 - 2013-07-06 23:54 - 00000000 ____D () C:\ProgramData\Temp 2014-08-30 17:45 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-08-30 17:45 - 2013-08-22 16:44 - 05343536 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-08-30 17:45 - 2013-07-06 23:44 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV 2014-08-30 17:45 - 2013-07-06 23:44 - 00000000 ____D () C:\WINDOWS\system32\NV 2014-08-30 17:44 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI 2014-08-30 17:41 - 2014-01-27 13:44 - 00000000 ____D () C:\WINDOWS\Minidump 2014-08-30 17:41 - 2013-11-05 20:23 - 00000000 ___DC () C:\WINDOWS\Panther 2014-08-30 17:41 - 2013-09-26 16:23 - 00000000 ____D () C:\Users\Victoria\AppData\Local\CrashDumps 2014-08-30 17:38 - 2014-08-30 17:38 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe 2014-08-30 17:38 - 2014-08-16 14:52 - 00000000 ____D () C:\ProgramData\Adobe 2014-08-30 17:38 - 2013-05-01 13:20 - 00000000 ____D () C:\Program Files (x86)\WildGames 2014-08-30 17:37 - 2014-08-30 17:37 - 00001229 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6.lnk 2014-08-30 17:37 - 2014-08-30 17:37 - 00001093 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk 2014-08-30 17:37 - 2013-10-14 22:22 - 00000000 ____D () C:\Program Files\Adobe 2014-08-30 17:37 - 2013-10-14 22:07 - 00000000 ____D () C:\Program Files\Common Files\Adobe 2014-08-30 17:37 - 2013-05-01 13:20 - 00000000 ____D () C:\ProgramData\WildTangent 2014-08-30 17:36 - 2014-08-30 17:36 - 00001055 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk 2014-08-30 17:36 - 2013-09-28 10:18 - 00000000 ____D () C:\Program Files (x86)\Adobe 2014-08-30 17:35 - 2014-08-30 17:35 - 00001191 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk 2014-08-30 17:33 - 2014-08-30 17:33 - 00001545 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk 2014-08-30 17:33 - 2014-08-30 17:33 - 00001375 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk 2014-08-30 17:33 - 2014-06-12 04:29 - 00000000 ____D () C:\Users\Victoria\AppData\Roaming\Adobe 2014-08-30 17:24 - 2014-08-01 02:11 - 00000000 ____D () C:\Users\Victoria\AppData\Local\DM 2014-08-30 17:19 - 2014-08-30 17:11 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect 2014-08-30 17:19 - 2014-08-30 17:11 - 00000000 ____D () C:\ProgramData\ShopperPro 2014-08-30 17:19 - 2014-08-30 17:11 - 00000000 ____D () C:\ProgramData\IePluginServices 2014-08-30 17:12 - 2013-09-30 06:15 - 01825074 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2014-08-30 17:12 - 2013-09-30 06:00 - 00807160 _____ () C:\WINDOWS\system32\perfh015.dat 2014-08-30 17:12 - 2013-09-30 06:00 - 00163478 _____ () C:\WINDOWS\system32\perfc015.dat 2014-08-30 17:11 - 2014-08-30 17:11 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: http://www.jcomsoft.com) C:\WINDOWS\SysWOW64\AniGIF.ocx 2014-08-30 17:11 - 2014-08-30 17:11 - 00004316 _____ () C:\WINDOWS\System32\Tasks\Installer_iwebar 2014-08-30 17:11 - 2014-08-30 17:11 - 00004312 _____ () C:\WINDOWS\System32\Tasks\Installer_sense 2014-08-30 17:11 - 2014-08-30 17:11 - 00000000 ____D () C:\Users\Victoria\AppData\Local\CrashRpt 2014-08-30 17:11 - 2014-08-30 17:11 - 00000000 ____D () C:\Users\Public\Documents\YTAHelper 2014-08-30 17:11 - 2014-08-30 17:11 - 00000000 ____D () C:\Users\Public\Documents\ShopperPro 2014-08-30 17:11 - 2014-08-30 17:11 - 00000000 ____D () C:\Users\Public\Documents\GOOBZO 2014-08-30 17:11 - 2014-08-30 17:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator 2014-08-30 17:11 - 2014-08-30 17:11 - 00000000 ____D () C:\Program Files (x86)\YTAHelper 2014-08-30 17:10 - 2014-08-30 17:09 - 00000000 ____D () C:\Users\Victoria\AppData\Roaming\DAEMON Tools Lite 2014-08-30 17:10 - 2013-11-05 20:53 - 00001668 _____ () C:\Users\Victoria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-08-30 17:10 - 2013-10-02 22:49 - 00001365 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-08-30 17:10 - 2013-10-02 22:49 - 00001353 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-08-30 17:09 - 2014-08-30 17:08 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite 2014-08-30 17:08 - 2014-08-30 17:08 - 13429504 _____ (Disc Soft Ltd) C:\Users\Victoria\Downloads\DTLite4491-0356.exe 2014-08-30 16:15 - 2014-02-01 17:10 - 00000958 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3094628068-4059591873-1470419566-1002UA.job 2014-08-30 16:15 - 2014-02-01 17:10 - 00000936 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3094628068-4059591873-1470419566-1002Core.job 2014-08-30 15:29 - 2013-07-06 23:54 - 00003474 _____ () C:\WINDOWS\System32\Tasks\ASUS Live Update1 2014-08-30 15:29 - 2013-07-06 23:54 - 00003464 _____ () C:\WINDOWS\System32\Tasks\ASUS Live Update2 2014-08-29 23:05 - 2013-09-24 00:11 - 00000000 ____D () C:\Users\Victoria\AppData\Roaming\Skype 2014-08-29 19:16 - 2014-08-29 19:16 - 00000000 ____D () C:\Users\Victoria\AppData\Roaming\ObviousIdea 2014-08-29 19:15 - 2014-08-29 19:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ObviousIdea 2014-08-29 19:15 - 2014-08-29 19:15 - 00000000 ____D () C:\Program Files (x86)\ObviousIdea 2014-08-29 19:14 - 2014-08-29 19:14 - 07050024 _____ (ObviousIdea ) C:\Users\Victoria\Downloads\light_image_resizer4_setup.exe 2014-08-29 19:12 - 2014-08-29 19:12 - 00471728 _____ () C:\Users\Victoria\Downloads\VSO Image Resizer 4.0.4.3 Downloader.exe 2014-08-29 19:12 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness 2014-08-29 19:07 - 2014-08-29 19:07 - 00922057 _____ (Brice Lambson) C:\Users\Victoria\Downloads\ImageResizerSetup.exe 2014-08-28 10:46 - 2014-08-28 10:46 - 00000000 ____D () C:\Users\Victoria\AppData\Local\Apple Computer 2014-08-28 10:30 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp 2014-08-26 19:20 - 2013-09-25 15:12 - 00000000 ____D () C:\Program Files\Microsoft Office 15 2014-08-23 02:42 - 2014-08-27 22:18 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2014-08-19 23:54 - 2014-08-19 23:54 - 00000000 ____D () C:\WINDOWS\System32\Tasks\GenericSettingsHandler 2014-08-18 23:22 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache 2014-08-16 15:30 - 2014-08-16 15:30 - 00002778 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2014-08-16 15:30 - 2014-08-16 15:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2014-08-16 15:30 - 2014-08-16 15:30 - 00000000 ____D () C:\Program Files\CCleaner 2014-08-16 15:27 - 2014-08-16 15:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe 2014-08-16 14:59 - 2014-08-16 14:59 - 00000000 ____D () C:\Users\Victoria\Documents\Adobe 2014-08-16 14:52 - 2014-08-16 14:52 - 00002115 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 4.4.lnk 2014-08-16 14:47 - 2013-11-20 23:47 - 00000000 ____D () C:\Users\Victoria\AppData\Roaming\Spotify 2014-08-15 03:29 - 2014-07-10 21:25 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel 2014-08-15 03:29 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData 2014-08-15 03:29 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions 2014-08-15 03:29 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\MediaViewer 2014-08-15 03:29 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\FileManager 2014-08-15 03:29 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Camera 2014-08-15 03:28 - 2013-10-07 08:38 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-08-15 03:26 - 2013-10-07 08:38 - 99218768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-08-14 22:16 - 2014-06-26 14:55 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2014-08-14 22:16 - 2014-06-11 08:06 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS 2014-08-14 22:16 - 2014-04-16 18:45 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll 2014-08-14 22:16 - 2014-04-16 18:02 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll 2014-08-14 22:16 - 2014-04-16 17:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2014-08-14 22:16 - 2014-04-16 17:51 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe 2014-08-14 22:16 - 2014-04-16 17:51 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe 2014-08-14 22:16 - 2014-04-16 17:51 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe 2014-08-14 22:16 - 2014-04-16 17:51 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll 2014-08-14 22:16 - 2014-04-16 17:51 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll 2014-08-14 22:16 - 2014-04-16 17:51 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll 2014-08-14 22:16 - 2014-04-16 17:51 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll 2014-08-14 22:15 - 2014-04-16 18:48 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2014-08-14 22:15 - 2014-04-16 18:02 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll 2014-08-14 22:15 - 2014-04-16 17:51 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll 2014-08-14 22:15 - 2014-04-16 17:51 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll 2014-08-13 21:41 - 2014-08-13 12:44 - 00000000 ____D () C:\Users\Victoria\Desktop\Muzyka 2014-08-13 17:48 - 2013-11-20 23:48 - 00000000 ____D () C:\Users\Victoria\AppData\Local\Spotify 2014-08-12 01:39 - 2013-09-24 03:45 - 00000000 ____D () C:\Users\Victoria\AppData\Local\Packages 2014-08-12 01:37 - 2014-08-12 01:37 - 00012617 _____ () C:\Users\Victoria\Downloads\08 - sierpień harmonogram.xlsx 2014-08-07 11:03 - 2013-09-24 00:11 - 00000000 ____D () C:\ProgramData\Skype 2014-08-07 04:12 - 2014-08-14 22:19 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2014-08-07 00:38 - 2014-08-14 22:19 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll 2014-08-06 23:39 - 2014-08-06 23:27 - 383101786 _____ () C:\Users\Victoria\Downloads\wetransfer-efbd48.zip 2014-08-06 01:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF 2014-08-04 21:22 - 2014-08-04 21:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET 2014-08-04 21:22 - 2014-08-04 21:22 - 00000000 ____D () C:\ProgramData\ESET 2014-08-04 21:22 - 2014-08-04 21:22 - 00000000 ____D () C:\Program Files\ESET 2014-08-04 20:47 - 2014-08-04 20:46 - 71143424 _____ () C:\Users\Victoria\Downloads\eav_nt64_plk (8).msi 2014-08-04 20:25 - 2014-08-04 20:23 - 71143424 _____ () C:\Users\Victoria\Downloads\eav_nt64_plk (7).msi 2014-08-04 20:18 - 2013-09-27 00:44 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-08-04 20:18 - 2013-09-27 00:44 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-08-02 07:44 - 2014-08-14 22:19 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2014-08-02 05:56 - 2014-08-14 22:19 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2014-08-02 05:11 - 2014-08-14 22:19 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2014-08-02 02:17 - 2013-08-22 17:38 - 00704480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2014-08-02 02:17 - 2013-08-22 17:38 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2014-08-01 19:48 - 2014-08-01 19:47 - 52343633 _____ () C:\Users\Victoria\Downloads\AdobeCameraRaw-7.1-mul-AdobeUpdate.zip 2014-08-01 11:44 - 2013-10-06 16:02 - 00011776 _____ () C:\Users\Victoria\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-08-01 02:17 - 2014-08-01 02:13 - 203417917 _____ () C:\Users\Victoria\Downloads\STADION NARODOWYostateczny.mp4 2014-08-01 02:11 - 2014-08-01 02:11 - 00097056 _____ () C:\Users\Victoria\Downloads\STADION NARODOWYostateczny.mp4.exe Files to move or delete: ==================== C:\ProgramData\SetStretch.exe C:\ProgramData\SetStretch.VBS Some content of TEMP: ==================== C:\Users\Victoria\AppData\Local\Temp\cabex.dll C:\Users\Victoria\AppData\Local\Temp\smt_istartsurf.exe C:\Users\Victoria\AppData\Local\Temp\unelevate.exe C:\Users\Victoria\AppData\Local\Temp\uninst1.exe C:\Users\Victoria\AppData\Local\Temp\Uninstall.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-08-30 16:06 ==================== End Of Log ============================