Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-07-2013
Ran by Admin (administrator) on 14-07-2013 17:49:30
Running from C:\Users\Admin\Downloads
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: Polish
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(IObit) C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
(BitDefender S.R.L.) C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
(BitDefender S.R.L.) D:\Programy\Bit Defender 2010\BitDefender 2010\vsserv.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
(AMD) C:\Windows\system32\atieclxx.exe
(ABBYY) C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(BitDefender S.R.L.) D:\Programy\Bit Defender 2010\BitDefender 2010\bdagent.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 6\Monitor.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE
(AnchorFree Inc.) C:\Program Files\Hotspot Shield\bin\openvpnas.exe
(AnchorFree Inc.) C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
() C:\Program Files\Hotspot Shield\bin\hsswd.exe
(Highresolution Enterprises) D:\Programy\X-Mouse Button Control\XMouseButtonSvc.exe
(Highresolution Enterprises) D:\Programy\X-Mouse Button Control\XMouseButtonControl.exe
(BitDefender S.R.L.) D:\Programy\Bit Defender 2010\BitDefender 2010\seccenter.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(TeamSpeak Systems GmbH) D:\Programy\TeamSpeak 3\ts3client_win32.exe
(CipSoft GmbH) D:\Programy\Tibia\Tibia.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(OldTimer Tools) C:\Users\Admin\Downloads\OTL.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
() D:\Programy\iBot\iBot.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [BDAgent] - "D:\Programy\Bit Defender 2010\BitDefender 2010\bdagent.exe" [x]
HKLM\...\Run: [BitDefender Antiphishing Helper] - "D:\Programy\Bit Defender 2010\BitDefender 2010\IEShow.exe" [x]
HKCU\...\Run: [Advanced SystemCare 6] - "C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart [491840 2013-04-18] (IObit)
HKCU\...\Run: [Gadu-Gadu] - "C:\Program Files\Gadu-Gadu\gg.exe" /tray [2127296 2008-03-20] (Gadu-Gadu S.A.)
HKCU\...\Run: [Skype] - "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun [26192168 2010-05-13] (Skype Technologies S.A.)
HKU\Default\...\RunOnce: [mctadmin] - C:\Windows\System32\mctadmin.exe [ 2009-07-14] (Microsoft Corporation)
HKU\Default User\...\RunOnce: [mctadmin] - C:\Windows\System32\mctadmin.exe [ 2009-07-14] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\MICROS~1\Office12\GR469A~1.DLL (Microsoft Corporation)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files\IObit\ADVANC~1\BROWER~1\ASCPLU~1.DLL (IObit)
Toolbar: HKLM - BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - D:\Programy\Bit Defender 2010\BitDefender 2010\IEToolbar.dll (BitDefender S.R.L.)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\MICROS~1\Office12\GRA32A~1.DLL (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\SKYPE4~1.DLL (Skype Technologies)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\MICROS~1\Office12\GR469A~1.DLL [2210608 2006-10-27] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

========================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 AdvancedSystemCareService6; C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe [574272 2013-04-18] (IObit)
S3 Arrakis3; C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe [183880 2009-10-19] (BitDefender S.R.L. http://www.bitdefender.com)
R2 EPSON_EB_RPCV4_04; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE [153600 2009-09-14] (SEIKO EPSON CORPORATION)
R2 EPSON_PM_RPCV4_04; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE [121856 2009-09-14] (SEIKO EPSON CORPORATION)
R2 hshld; C:\Program Files\Hotspot Shield\bin\openvpnas.exe [570664 2013-04-26] (AnchorFree Inc.)
R2 HssSrv; C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe [463656 2013-04-26] (AnchorFree Inc.)
S3 HssTrayService; C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE [78512 2013-04-24] ()
R2 HssWd; C:\Program Files\Hotspot Shield\bin\hsswd.exe [390440 2013-04-26] ()
R2 LIVESRV; C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe [326656 2009-11-09] (BitDefender S.R.L.)
S3 scan; C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\scan.dll [311296 2009-10-23] (S.C. BitDefender S.R.L)
R2 VSSERV; D:\Programy\Bit Defender 2010\BitDefender 2010\vsserv.exe [1622320 2009-11-11] (BitDefender S.R.L.)
S3 WatAdminSvc; C:\Windows\system32\Wat\WatAdminSvc.exe [1343400 2013-04-23] ()
R2 XMouseButton Launcher; D:\Programy\X-Mouse Button Control\XMouseButtonSvc.exe [73216 2012-06-23] (Highresolution Enterprises)

==================== Drivers (Whitelisted) ====================

R3 BDFM; C:\Windows\System32\DRIVERS\bdfm.sys [152456 2009-11-10] (BitDefender S.R.L. Bucharest, ROMANIA)
R1 BdfNdisf; C:\Windows\System32\DRIVERS\BdfNdisf6.sys [72200 2009-10-19] (BitDefender LLC)
R0 bdfsfltr; C:\Windows\System32\DRIVERS\bdfsfltr.sys [285704 2009-07-24] (BitDefender S.R.L. Bucharest, ROMANIA)
R1 bdfwfpf; C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdfwfpf.sys [79368 2009-10-19] (BitDefender LLC)
R2 BDVEDISK; D:\Programy\Bit Defender 2010\BitDefender 2010\bdvedisk.sys [83208 2009-09-22] (BitDefender)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [40648 2013-04-24] (AnchorFree Inc.)
S3 Profos; C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys [14720 2009-08-27] (BitDefender S.R.L.)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [15672 2010-11-26] ()
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [37064 2013-04-24] (Anchorfree Inc.)
S3 Trufos; C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys [39808 2009-05-07] (BitDefender S.R.L.)
S3 WinRing0_1_2_0; C:\Program Files\Razer\Razer Game Booster\Driver\WinRing0.sys [14416 2012-08-01] (OpenLibSys.org)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-14 17:48 - 2013-07-14 17:48 - 00070462 _____ C:\Users\Admin\Downloads\OTL.Txt
2013-07-14 17:36 - 2013-07-14 17:37 - 00003644 _____ C:\AdwCleaner[S1].txt
2013-07-14 17:30 - 2013-07-14 17:30 - 00662345 _____ C:\AdwCleaner.exe
2013-07-14 17:28 - 2013-07-14 17:28 - 00000000 ____D C:\FRST
2013-07-14 17:27 - 2013-07-14 17:27 - 01218214 _____ (Farbar) C:\Users\Admin\Downloads\FRST.exe
2013-07-12 15:58 - 2013-07-12 15:59 - 00002938 _____ C:\UsbFix [Listing 1 ] ADMIN-KOMPUTER.txt
2013-07-12 15:04 - 2013-07-12 15:58 - 00000000 ____D C:\UsbFix
2013-07-12 15:04 - 2013-07-12 15:04 - 01030081 _____ (El Desaparecido - SosVirus.net) C:\Users\Admin\Downloads\UsbFix.exe
2013-07-11 16:58 - 2013-07-12 21:32 - 00000121 _____ C:\Windows\bdagent.INI
2013-07-11 11:05 - 2013-07-13 16:17 - 00002133 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-11 11:00 - 2013-07-14 17:39 - 00001030 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-11 11:00 - 2013-07-14 17:14 - 00001034 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-10 10:29 - 2013-07-10 14:30 - 00000000 ____D C:\Program Files\TibiaTestserver
2013-07-10 10:29 - 2013-07-10 14:27 - 00000000 ____D C:\Users\Admin\AppData\Roaming\TibiaTestserver
2013-07-10 10:29 - 2013-07-10 10:29 - 00000999 _____ C:\Users\Public\Desktop\Tibia Testserver.lnk
2013-07-09 21:31 - 2013-07-09 21:34 - 00000000 _____ C:\Users\Admin\Downloads\xmsy7tw0.reg
2013-07-09 21:29 - 2013-07-09 21:34 - 00000011 _____ C:\Users\Admin\Downloads\xmsy7tw0.bat
2013-07-09 21:27 - 2013-07-09 21:27 - 00602112 _____ (OldTimer Tools) C:\Users\Admin\Downloads\OTL.exe
2013-07-09 21:27 - 2013-07-09 21:27 - 00377856 _____ C:\Users\Admin\Downloads\xmsy7tw0.exe
2013-07-09 20:23 - 2013-07-09 20:37 - 00000000 ____D C:\Users\Admin\Desktop\Nowy folder
2013-07-09 15:26 - 2013-07-09 15:26 - 00247214 _____ C:\Users\Admin\Downloads\Oferta_na_wideodomofon.zip
2013-07-09 15:03 - 2013-07-14 17:39 - 00011480 _____ C:\Windows\PFRO.log
2013-07-09 15:03 - 2013-07-14 17:39 - 00001348 _____ C:\Windows\setupact.log
2013-07-09 15:03 - 2013-07-09 15:03 - 00000000 _____ C:\Windows\setuperr.log
2013-07-09 14:42 - 2013-07-09 14:42 - 30699520 _____ C:\Windows\system32\config\COMPONENTS.iobit
2013-07-09 14:42 - 2013-07-09 14:42 - 00024576 _____ C:\Windows\system32\config\SECURITY.iobit
2013-07-09 14:42 - 2013-07-09 14:42 - 00024576 _____ C:\Windows\system32\config\SAM.iobit
2013-06-27 14:37 - 2013-06-27 14:37 - 03511096 _____ C:\Windows\system32\bdaDB9.tmp
2013-06-26 22:15 - 2013-06-26 22:15 - 03511088 _____ C:\Windows\system32\bdaEAFD.tmp
2013-06-18 14:07 - 2013-06-18 14:07 - 02877440 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-06-18 14:07 - 2013-06-18 14:07 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-06-18 14:07 - 2013-06-18 14:07 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-06-18 14:07 - 2013-06-18 14:07 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-06-18 14:07 - 2013-06-18 14:07 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-06-18 14:07 - 2013-06-18 14:07 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-06-18 14:07 - 2013-06-18 14:07 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-06-18 14:07 - 2013-06-18 14:07 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-06-18 14:07 - 2013-06-18 14:07 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-06-18 14:07 - 2013-06-18 14:07 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-06-18 14:05 - 2013-06-18 14:05 - 14327808 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-06-18 14:05 - 2013-06-18 14:05 - 13760512 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-06-18 14:05 - 2013-06-18 14:05 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-06-18 14:05 - 2013-06-18 14:05 - 02046976 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-06-18 14:05 - 2013-06-18 14:05 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-06-18 14:05 - 2013-06-18 14:05 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-06-18 13:51 - 2013-06-18 13:51 - 01293672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-06-18 13:51 - 2013-06-18 13:51 - 00492544 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2013-06-18 13:50 - 2013-06-18 13:50 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-06-18 13:50 - 2013-06-18 13:50 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-06-18 13:50 - 2013-06-18 13:50 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-06-18 13:50 - 2013-06-18 13:50 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2013-06-18 13:48 - 2013-06-18 13:48 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-06-18 13:48 - 2013-06-18 13:48 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2013-06-18 13:47 - 2013-06-18 13:47 - 02347520 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-06-18 13:46 - 2013-06-18 13:46 - 00728424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-06-18 13:46 - 2013-06-18 13:46 - 00218984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2013-06-18 13:43 - 2013-06-18 13:43 - 12872704 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-06-18 13:43 - 2013-06-18 13:43 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-06-18 13:43 - 2013-06-18 13:43 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-06-18 13:43 - 2013-06-18 13:43 - 00101720 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2013-06-18 13:43 - 2013-06-18 13:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2013-06-18 13:42 - 2013-06-18 13:42 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-06-18 13:42 - 2013-06-18 13:42 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2013-06-18 13:41 - 2013-06-18 13:41 - 03968856 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-06-18 13:41 - 2013-06-18 13:41 - 03913560 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-06-18 13:41 - 2013-06-18 13:41 - 01211752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2013-06-18 13:41 - 2013-06-18 13:41 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-06-18 13:41 - 2013-06-18 13:41 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-06-18 13:40 - 2013-06-18 13:40 - 04916224 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-06-18 13:40 - 2013-06-18 13:40 - 02739712 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2013-06-18 13:40 - 2013-06-18 13:40 - 01048064 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2013-06-18 13:40 - 2013-06-18 13:40 - 00317440 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2013-06-18 13:40 - 2013-06-18 13:40 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2013-06-18 13:40 - 2013-06-18 13:40 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2013-06-18 13:40 - 2013-06-18 13:40 - 00196328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2013-06-18 13:40 - 2013-06-18 13:40 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2013-06-18 13:40 - 2013-06-18 13:40 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2013-06-18 13:40 - 2013-06-18 13:40 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2013-06-18 13:40 - 2013-06-18 13:40 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2013-06-18 13:40 - 2013-06-18 13:40 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2013-06-18 13:40 - 2013-06-18 13:40 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-06-18 13:40 - 2013-06-18 13:40 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2013-06-18 13:40 - 2013-06-18 13:40 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2013-06-18 13:40 - 2013-06-18 13:40 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2013-06-18 13:40 - 2013-06-18 13:40 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-06-18 13:40 - 2013-06-18 13:40 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2013-06-18 13:40 - 2013-06-18 13:40 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-06-18 13:39 - 2013-06-18 13:39 - 01039360 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-06-18 13:39 - 2013-06-18 13:39 - 00369856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-06-18 13:39 - 2013-06-18 13:39 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-06-18 13:39 - 2013-06-18 13:39 - 00136560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-06-17 00:41 - 2013-06-17 00:41 - 00000000 ____D C:\Windows\system32\Hotspot Shield

==================== One Month Modified Files and Folders =======

2013-07-14 17:48 - 2013-07-14 17:48 - 00070462 _____ C:\Users\Admin\Downloads\OTL.Txt
2013-07-14 17:46 - 2011-02-04 16:37 - 00754014 _____ C:\Windows\system32\perfh015.dat
2013-07-14 17:46 - 2011-02-04 16:37 - 00160350 _____ C:\Windows\system32\perfc015.dat
2013-07-14 17:46 - 2010-11-20 23:01 - 01697920 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-14 17:42 - 2013-02-24 00:02 - 00000000 ____D C:\Users\Admin\AppData\Roaming\TS3Client
2013-07-14 17:41 - 2013-02-11 11:50 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Skype
2013-07-14 17:40 - 2013-02-11 11:56 - 00000000 ____D C:\Users\Admin\AppData\Roaming\skypePM
2013-07-14 17:39 - 2013-07-11 11:00 - 00001030 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-14 17:39 - 2013-07-09 15:03 - 00011480 _____ C:\Windows\PFRO.log
2013-07-14 17:39 - 2013-07-09 15:03 - 00001348 _____ C:\Windows\setupact.log
2013-07-14 17:39 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-14 17:38 - 2013-02-11 11:00 - 01719048 _____ C:\Windows\WindowsUpdate.log
2013-07-14 17:37 - 2013-07-14 17:36 - 00003644 _____ C:\AdwCleaner[S1].txt
2013-07-14 17:30 - 2013-07-14 17:30 - 00662345 _____ C:\AdwCleaner.exe
2013-07-14 17:28 - 2013-07-14 17:28 - 00000000 ____D C:\FRST
2013-07-14 17:28 - 2013-02-11 11:12 - 00000000 ___RD C:\Users\Admin\Desktop
2013-07-14 17:27 - 2013-07-14 17:27 - 01218214 _____ (Farbar) C:\Users\Admin\Downloads\FRST.exe
2013-07-14 17:20 - 2013-05-21 06:45 - 00000000 ____D C:\Users\Admin\AppData\Roaming\HoolappForAndroid
2013-07-14 17:14 - 2013-07-11 11:00 - 00001034 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-14 16:50 - 2013-02-11 11:49 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-13 16:17 - 2013-07-11 11:05 - 00002133 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-13 13:26 - 2013-05-04 16:23 - 00000000 ____D C:\Users\Admin\AppData\Roaming\GG
2013-07-13 13:25 - 2013-02-28 22:35 - 00001496 _____ C:\Users\Admin\AppData\Local\Adobe Zapisz dla Internetu 12.0 Prefs
2013-07-13 11:00 - 2013-02-11 11:49 - 00000000 ____D C:\ProgramData\Skype
2013-07-12 21:32 - 2013-07-11 16:58 - 00000121 _____ C:\Windows\bdagent.INI
2013-07-12 15:59 - 2013-07-12 15:58 - 00002938 _____ C:\UsbFix [Listing 1 ] ADMIN-KOMPUTER.txt
2013-07-12 15:58 - 2013-07-12 15:04 - 00000000 ____D C:\UsbFix
2013-07-12 15:04 - 2013-07-12 15:04 - 01030081 _____ (El Desaparecido - SosVirus.net) C:\Users\Admin\Downloads\UsbFix.exe
2013-07-11 19:51 - 2013-02-11 12:07 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Tibia
2013-07-11 11:05 - 2013-02-11 11:22 - 00000000 ____D C:\Users\Admin\AppData\Local\Google
2013-07-11 11:05 - 2013-02-11 11:22 - 00000000 ____D C:\Program Files\Google
2013-07-11 11:05 - 2009-07-14 04:37 - 00000000 __RHD C:\Users\Public\Desktop
2013-07-11 11:00 - 2013-02-11 11:21 - 00000000 ____D C:\Users\Admin\AppData\Local\Deployment
2013-07-10 14:30 - 2013-07-10 10:29 - 00000000 ____D C:\Program Files\TibiaTestserver
2013-07-10 14:27 - 2013-07-10 10:29 - 00000000 ____D C:\Users\Admin\AppData\Roaming\TibiaTestserver
2013-07-10 10:29 - 2013-07-10 10:29 - 00000999 _____ C:\Users\Public\Desktop\Tibia Testserver.lnk
2013-07-09 21:34 - 2013-07-09 21:31 - 00000000 _____ C:\Users\Admin\Downloads\xmsy7tw0.reg
2013-07-09 21:34 - 2013-07-09 21:29 - 00000011 _____ C:\Users\Admin\Downloads\xmsy7tw0.bat
2013-07-09 21:27 - 2013-07-09 21:27 - 00602112 _____ (OldTimer Tools) C:\Users\Admin\Downloads\OTL.exe
2013-07-09 21:27 - 2013-07-09 21:27 - 00377856 _____ C:\Users\Admin\Downloads\xmsy7tw0.exe
2013-07-09 20:37 - 2013-07-09 20:23 - 00000000 ____D C:\Users\Admin\Desktop\Nowy folder
2013-07-09 18:13 - 2013-02-11 23:37 - 00000132 _____ C:\Windows\system32\rezumatenoi.dat
2013-07-09 15:26 - 2013-07-09 15:26 - 00247214 _____ C:\Users\Admin\Downloads\Oferta_na_wideodomofon.zip
2013-07-09 15:03 - 2013-07-09 15:03 - 00000000 _____ C:\Windows\setuperr.log
2013-07-09 14:51 - 2009-07-14 06:34 - 00016864 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-09 14:51 - 2009-07-14 06:34 - 00016864 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-09 14:42 - 2013-07-09 14:42 - 30699520 _____ C:\Windows\system32\config\COMPONENTS.iobit
2013-07-09 14:42 - 2013-07-09 14:42 - 00024576 _____ C:\Windows\system32\config\SECURITY.iobit
2013-07-09 14:42 - 2013-07-09 14:42 - 00024576 _____ C:\Windows\system32\config\SAM.iobit
2013-07-09 14:42 - 2013-06-08 18:46 - 44003328 _____ C:\Windows\system32\config\SOFTWARE.iobit
2013-07-09 14:42 - 2013-06-08 18:46 - 00270336 _____ C:\Windows\system32\config\DEFAULT.iobit
2013-07-09 14:42 - 2013-02-11 11:12 - 00000000 ____D C:\Users\Admin
2013-06-28 13:04 - 2013-04-28 15:38 - 00000000 ____D C:\Users\Admin\Desktop\SCRIPT
2013-06-27 14:37 - 2013-06-27 14:37 - 03511096 _____ C:\Windows\system32\bdaDB9.tmp
2013-06-26 22:15 - 2013-06-26 22:15 - 03511088 _____ C:\Windows\system32\bdaEAFD.tmp
2013-06-22 10:26 - 2013-04-23 01:24 - 00000000 ____D C:\Program Files\Tibiacast
2013-06-19 13:36 - 2013-06-08 17:40 - 00000000 ____D C:\Users\Admin\AppData\Roaming\IObit
2013-06-19 09:17 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2013-06-19 08:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-06-19 08:17 - 2009-07-14 06:33 - 03778776 _____ C:\Windows\system32\FNTCACHE.DAT
2013-06-18 20:41 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\pl-PL
2013-06-18 20:41 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\DriverStore
2013-06-18 14:50 - 2013-02-11 11:21 - 00111504 _____ C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-18 14:07 - 2013-06-18 14:07 - 02877440 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-06-18 14:07 - 2013-06-18 14:07 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-06-18 14:07 - 2013-06-18 14:07 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-06-18 14:07 - 2013-06-18 14:07 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-06-18 14:07 - 2013-06-18 14:07 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-06-18 14:07 - 2013-06-18 14:07 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-06-18 14:07 - 2013-06-18 14:07 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-06-18 14:07 - 2013-06-18 14:07 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-06-18 14:07 - 2013-06-18 14:07 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-06-18 14:07 - 2013-06-18 14:07 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-06-18 14:05 - 2013-06-18 14:05 - 14327808 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-06-18 14:05 - 2013-06-18 14:05 - 13760512 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-06-18 14:05 - 2013-06-18 14:05 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-06-18 14:05 - 2013-06-18 14:05 - 02046976 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-06-18 14:05 - 2013-06-18 14:05 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-06-18 14:05 - 2013-06-18 14:05 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-06-18 13:51 - 2013-06-18 13:51 - 01293672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-06-18 13:51 - 2013-06-18 13:51 - 00492544 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2013-06-18 13:50 - 2013-06-18 13:50 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-06-18 13:50 - 2013-06-18 13:50 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-06-18 13:50 - 2013-06-18 13:50 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-06-18 13:50 - 2013-06-18 13:50 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2013-06-18 13:48 - 2013-06-18 13:48 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-06-18 13:48 - 2013-06-18 13:48 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2013-06-18 13:47 - 2013-06-18 13:47 - 02347520 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-06-18 13:46 - 2013-06-18 13:46 - 00728424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-06-18 13:46 - 2013-06-18 13:46 - 00218984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2013-06-18 13:43 - 2013-06-18 13:43 - 12872704 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-06-18 13:43 - 2013-06-18 13:43 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-06-18 13:43 - 2013-06-18 13:43 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-06-18 13:43 - 2013-06-18 13:43 - 00101720 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2013-06-18 13:43 - 2013-06-18 13:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2013-06-18 13:42 - 2013-06-18 13:42 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-06-18 13:42 - 2013-06-18 13:42 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2013-06-18 13:41 - 2013-06-18 13:41 - 03968856 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-06-18 13:41 - 2013-06-18 13:41 - 03913560 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-06-18 13:41 - 2013-06-18 13:41 - 01211752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2013-06-18 13:41 - 2013-06-18 13:41 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-06-18 13:41 - 2013-06-18 13:41 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-06-18 13:40 - 2013-06-18 13:40 - 04916224 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-06-18 13:40 - 2013-06-18 13:40 - 02739712 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2013-06-18 13:40 - 2013-06-18 13:40 - 01048064 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2013-06-18 13:40 - 2013-06-18 13:40 - 00317440 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2013-06-18 13:40 - 2013-06-18 13:40 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2013-06-18 13:40 - 2013-06-18 13:40 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2013-06-18 13:40 - 2013-06-18 13:40 - 00196328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2013-06-18 13:40 - 2013-06-18 13:40 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2013-06-18 13:40 - 2013-06-18 13:40 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2013-06-18 13:40 - 2013-06-18 13:40 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2013-06-18 13:40 - 2013-06-18 13:40 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2013-06-18 13:40 - 2013-06-18 13:40 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2013-06-18 13:40 - 2013-06-18 13:40 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-06-18 13:40 - 2013-06-18 13:40 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2013-06-18 13:40 - 2013-06-18 13:40 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2013-06-18 13:40 - 2013-06-18 13:40 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2013-06-18 13:40 - 2013-06-18 13:40 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-06-18 13:40 - 2013-06-18 13:40 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2013-06-18 13:40 - 2013-06-18 13:40 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-06-18 13:39 - 2013-06-18 13:39 - 01039360 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-06-18 13:39 - 2013-06-18 13:39 - 00369856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-06-18 13:39 - 2013-06-18 13:39 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-06-18 13:39 - 2013-06-18 13:39 - 00136560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-06-17 16:14 - 2013-06-08 17:51 - 00000000 ____D C:\Program Files\Hotspot Shield
2013-06-17 00:41 - 2013-06-17 00:41 - 00000000 ____D C:\Windows\system32\Hotspot Shield
2013-06-15 00:50 - 2013-02-11 11:49 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-06-15 00:50 - 2013-02-11 11:49 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-17 08:53

==================== End Of Log ============================