Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by KINGA (administrator) on KINGA-KOMPUTER on 11-10-2013 22:28:45
Running from C:\Users\KINGA\Desktop
Windows 7 Home Premium (X64) OS Language: Polish
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ASUSTeK Computer Inc.) C:\Windows\system32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Atheros) C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Atheros Commnucations) C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(ASUS) C:\Windows\AsScrPro.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Atheros Communications) C:\Program Files (x86)\Atheros\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Atheros\Bluetooth Suite\AthBtTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(Absolute Software Corp.) C:\Windows\SysWOW64\rpcnet.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Virage Logic Corporation / Sonic Focus) C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ASUS WebStorage] - C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [1754448 2010-03-16] ()
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2188904 2011-03-16] (Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Atheros\Bluetooth Suite\BtvStack.exe [613536 2010-11-26] (Atheros Communications)
HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Atheros\Bluetooth Suite\AthBtTray.exe [379040 2010-11-26] (Atheros Commnucations)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2587944 2010-12-13] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Setwallpaper] - c:\programdata\SetWallpaper.cmd
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [6330568 2013-03-21] (ESET)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
MountPoints2: {53991242-88ca-11e2-a71b-e0b9a52f1e67} - F:\AutoRun.exe
MountPoints2: {6f46fed2-849c-11e2-8efe-e0b9a52f1e67} - F:\AutoRun.exe
HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [SonicMasterTray] - C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [984400 2010-07-10] (Virage Logic Corporation / Sonic Focus)
HKLM-x32\...\Run: [Wireless Console 3] - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-24] ()
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [ApnTBMon] - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1601488 2013-08-06] (APN)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll [226920 2011-03-16] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll [192616 2011-03-16] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.holasearch.com/?babsrc=HP_ss&mntrId=EAE6EAB9A52E948D&affID=121963&tsp=4934
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.holasearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=EAE6EAB9A52E948D&affID=121963&tsp=4934
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = 
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Atheros\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Pomocnik logowania za pomocą identyfikatora Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\KINGA\AppData\Roaming\Mozilla\Firefox\Profiles\m22f1q6x.default
FF user.js: detected! => C:\Users\KINGA\AppData\Roaming\Mozilla\Firefox\Profiles\m22f1q6x.default\user.js
FF SearchEngineOrder.1: Ask Search
FF Homepage: hxxp://www.google.pl
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.5.0 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.0 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 - C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF SearchPlugin: C:\Users\KINGA\AppData\Roaming\Mozilla\Firefox\Profiles\m22f1q6x.default\searchplugins\ask-search.xml
FF SearchPlugin: C:\Users\KINGA\AppData\Roaming\Mozilla\Firefox\Profiles\m22f1q6x.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\KINGA\AppData\Roaming\Mozilla\Firefox\Profiles\m22f1q6x.default\searchplugins\holasearch.xml
FF Extension: toolbar_ORJ-V7 - C:\Users\KINGA\AppData\Roaming\Mozilla\Firefox\Profiles\m22f1q6x.default\Extensions\toolbar_ORJ-V7@apn.ask.com.xpi
FF Extension: No Name - C:\Users\KINGA\AppData\Roaming\Mozilla\Firefox\Profiles\m22f1q6x.default\Extensions\{c36177c0-224a-11da-8cd6-0800200c9a91}.xpi
FF Extension: No Name - C:\Users\KINGA\AppData\Roaming\Mozilla\Firefox\Profiles\m22f1q6x.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

==================== Services (Whitelisted) =================

R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [164816 2013-08-06] (APN LLC.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe [151552 2010-05-25] (Atheros)
R2 AtherosSvc; C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe [52896 2010-11-26] (Atheros Commnucations)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1341664 2013-03-21] (ESET)

==================== Drivers (Whitelisted) ====================

R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [213416 2013-02-14] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [150616 2013-01-10] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [139768 2013-01-10] (ESET)
S3 massfilter; system32\drivers\massfilter.sys [x]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [x]
S3 ZTEusbnet; system32\DRIVERS\ZTEusbnet.sys [x]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [x]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-11 22:28 - 2013-10-11 22:28 - 00000000 ____D C:\FRST
2013-10-11 22:27 - 2013-10-11 22:28 - 01954124 _____ (Farbar) C:\Users\KINGA\Desktop\FRST64.exe
2013-10-11 19:39 - 2013-10-11 19:39 - 00000000 ____D C:\Users\KINGA\AppData\Local\{FE8B2782-5500-404A-8283-F268E28CB2C2}
2013-10-11 18:26 - 2013-10-11 18:26 - 00000000 ___RD C:\Users\KINGA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2013-10-11 17:35 - 2013-10-11 20:17 - 00173568 ___SH C:\Users\KINGA\Desktop\Thumbs.db
2013-10-10 17:59 - 2013-10-10 17:59 - 00019456 _____ C:\Users\KINGA\Desktop\Rachunek wzór.xls
2013-10-09 21:56 - 2013-10-09 21:56 - 00602112 _____ (OldTimer Tools) C:\Users\KINGA\Desktop\OTL.exe
2013-10-09 19:24 - 2013-10-09 19:24 - 00000000 ____D C:\Users\KINGA\AppData\Local\{3D40C7F6-01E0-4746-8C95-236432188B43}
2013-10-09 17:57 - 2013-10-09 17:57 - 00000000 ____D C:\ProgramData\ESET
2013-10-09 17:57 - 2013-10-09 17:57 - 00000000 ____D C:\Program Files\ESET
2013-10-08 20:46 - 2013-10-11 01:12 - 00126976 _____ C:\Users\KINGA\Desktop\Plan2014_Jastrzębski Rafał.xls
2013-10-08 17:53 - 2013-10-09 18:08 - 00000000 ____D C:\Users\KINGA\AppData\Roaming\Ekylopo
2013-10-08 17:53 - 2013-10-08 17:54 - 00000000 ____D C:\Users\KINGA\AppData\Roaming\Fib
2013-10-08 09:53 - 2013-10-08 09:54 - 00000000 ____D C:\Users\KINGA\AppData\Local\{F81F76FA-E611-407B-89A6-85B0DDCFDF3E}
2013-10-04 22:25 - 2013-10-04 22:25 - 00000000 ____D C:\Users\KINGA\AppData\Local\{40469D89-D65E-4233-949A-B10FBC2579A1}
2013-10-04 10:25 - 2013-10-04 10:25 - 00000000 ____D C:\Users\KINGA\AppData\Local\{9F5E52F9-A0EE-4427-A38E-6BB696575965}
2013-10-03 19:08 - 2013-10-03 19:08 - 00000000 ____D C:\Users\KINGA\AppData\Local\{5062333F-136F-4E25-A52F-5157CFB16922}
2013-10-03 07:08 - 2013-10-03 07:08 - 00000000 ____D C:\Users\KINGA\AppData\Local\{426AC8A6-3E38-4F32-A08A-60CCE83AB633}
2013-10-02 17:26 - 2013-10-02 17:27 - 00000000 ____D C:\Users\KINGA\AppData\Local\{8E44D5F1-55EF-49F0-BCB8-D3D89384DE1F}
2013-10-01 21:49 - 2013-10-01 21:49 - 00000000 ____D C:\Users\KINGA\AppData\Local\{08F519C1-8EAE-42C9-B03B-68B05129CC9C}
2013-10-01 09:48 - 2013-10-01 09:49 - 00000000 ____D C:\Users\KINGA\AppData\Local\{1881AB73-32F2-4C69-BBF7-C9098C66EBB4}
2013-10-01 09:32 - 2013-10-01 09:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-29 19:14 - 2013-10-11 09:16 - 00000000 ____D C:\Users\KINGA\Desktop\Nowy folder
2013-09-28 14:11 - 2013-09-28 14:11 - 00000000 ____D C:\Users\KINGA\AppData\Local\{460C2422-887B-4351-AD38-ABED796BD14D}
2013-09-27 09:14 - 2013-09-27 09:14 - 00000000 ____D C:\Users\KINGA\AppData\Local\{BBE4627E-673D-4211-87A9-7A1543B26EBE}
2013-09-25 20:59 - 2013-09-25 20:59 - 00000000 ____D C:\Users\KINGA\AppData\Local\{9CA02126-3169-42D9-B47C-F08A1A284C06}
2013-09-25 08:58 - 2013-09-25 08:59 - 00000000 ____D C:\Users\KINGA\AppData\Local\{D66BC146-EF40-46C1-A3B0-5C586B337538}
2013-09-18 01:05 - 2013-09-18 01:05 - 00000000 ____D C:\Users\KINGA\AppData\Local\{ADD92036-E96C-41E4-BD8C-AC86CD31CAED}
2013-09-17 13:04 - 2013-09-17 13:05 - 00000000 ____D C:\Users\KINGA\AppData\Local\{B964654F-B949-4476-B2DB-C7938D61CD46}
2013-09-16 18:58 - 2013-09-16 18:59 - 00000000 ____D C:\Users\KINGA\AppData\Local\{B134501F-81CF-4C1F-83FF-8A6D9CAD2A29}
2013-09-16 06:58 - 2013-09-16 06:58 - 00000000 ____D C:\Users\KINGA\AppData\Local\{D9F03508-1675-4040-85C0-E5A6B6E134C5}
2013-09-13 08:46 - 2013-09-13 08:46 - 00000000 ____D C:\Users\KINGA\AppData\Local\{0D675865-1052-4911-AF7A-BC99DF227568}
2013-09-12 20:46 - 2013-09-12 20:46 - 00000000 ____D C:\Users\KINGA\AppData\Local\{EC62EB6E-1F20-444F-B483-20A220545A0A}
2013-09-12 08:46 - 2013-09-12 08:46 - 00000000 ____D C:\Users\KINGA\AppData\Local\{802D724C-6004-4F3B-8C34-F31BA73FDB75}
2013-09-11 20:45 - 2013-09-11 20:46 - 00000000 ____D C:\Users\KINGA\AppData\Local\{75305D99-90FE-4BEA-993E-E4FA8AFC9B75}

==================== One Month Modified Files and Folders =======

2013-10-11 22:28 - 2013-10-11 22:28 - 00000000 ____D C:\FRST
2013-10-11 22:28 - 2013-10-11 22:27 - 01954124 _____ (Farbar) C:\Users\KINGA\Desktop\FRST64.exe
2013-10-11 22:22 - 2011-03-16 11:10 - 00000035 _____ C:\Users\Public\Documents\AtherosServiceConfig.ini
2013-10-11 22:08 - 2009-08-03 21:55 - 00709558 _____ C:\Windows\system32\perfh015.dat
2013-10-11 22:08 - 2009-08-03 21:55 - 00138976 _____ C:\Windows\system32\perfc015.dat
2013-10-11 22:08 - 2009-07-14 07:13 - 01580692 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-11 22:05 - 2011-03-16 09:07 - 00017920 _____ C:\Windows\system32\rpcnetp.exe
2013-10-11 21:56 - 2012-07-07 22:40 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-11 20:17 - 2013-10-11 17:35 - 00173568 ___SH C:\Users\KINGA\Desktop\Thumbs.db
2013-10-11 19:39 - 2013-10-11 19:39 - 00000000 ____D C:\Users\KINGA\AppData\Local\{FE8B2782-5500-404A-8283-F268E28CB2C2}
2013-10-11 19:02 - 2011-03-16 09:13 - 01616317 _____ C:\Windows\WindowsUpdate.log
2013-10-11 18:33 - 2009-07-14 06:45 - 00010240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-11 18:33 - 2009-07-14 06:45 - 00010240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-11 18:26 - 2013-10-11 18:26 - 00000000 ___RD C:\Users\KINGA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2013-10-11 18:25 - 2013-06-11 22:26 - 00005117 _____ C:\Windows\setupact.log
2013-10-11 18:25 - 2011-06-20 11:31 - 00058288 _____ (Absolute Software Corp.) C:\Windows\SysWOW64\rpcnet.dll
2013-10-11 18:25 - 2011-03-16 11:20 - 00045056 _____ C:\Windows\system32\acovcnt.exe
2013-10-11 18:25 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-11 14:59 - 2012-07-07 22:44 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-11 14:59 - 2012-07-07 22:44 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-11 09:16 - 2013-09-29 19:14 - 00000000 ____D C:\Users\KINGA\Desktop\Nowy folder
2013-10-11 09:16 - 2013-07-12 09:55 - 00000000 ____D C:\Users\KINGA\Desktop\Nowy folder A
2013-10-11 09:16 - 2013-07-05 21:56 - 00000000 ____D C:\Users\KINGA\Desktop\WYNKI NEW OK
2013-10-11 09:16 - 2013-03-26 10:09 - 00000000 ____D C:\Users\KINGA\Desktop\Rafał
2013-10-11 09:16 - 2011-06-20 20:33 - 00000000 ____D C:\Users\KINGA\AppData\Local\CrashDumps
2013-10-11 09:16 - 2011-06-20 20:21 - 00000000 ___RD C:\Users\KINGA\Desktop\FloraPark
2013-10-11 09:16 - 2011-06-20 20:21 - 00000000 ____D C:\Users\KINGA\Desktop\Dokumenty Kingi
2013-10-11 07:54 - 2009-07-14 04:34 - 00000499 _____ C:\Windows\win.ini
2013-10-11 07:49 - 2013-08-23 06:46 - 00000000 ____D C:\Windows\system32\MRT
2013-10-11 07:47 - 2011-08-29 21:17 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-11 01:12 - 2013-10-08 20:46 - 00126976 _____ C:\Users\KINGA\Desktop\Plan2014_Jastrzębski Rafał.xls
2013-10-10 19:57 - 2012-07-07 22:40 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-10 19:57 - 2012-07-07 22:40 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-10 19:57 - 2012-07-07 22:40 - 00003868 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-10 17:59 - 2013-10-10 17:59 - 00019456 _____ C:\Users\KINGA\Desktop\Rachunek wzór.xls
2013-10-09 21:56 - 2013-10-09 21:56 - 00602112 _____ (OldTimer Tools) C:\Users\KINGA\Desktop\OTL.exe
2013-10-09 19:24 - 2013-10-09 19:24 - 00000000 ____D C:\Users\KINGA\AppData\Local\{3D40C7F6-01E0-4746-8C95-236432188B43}
2013-10-09 18:08 - 2013-10-08 17:53 - 00000000 ____D C:\Users\KINGA\AppData\Roaming\Ekylopo
2013-10-09 18:08 - 2011-06-05 20:17 - 00000000 ____D C:\Users\KINGA
2013-10-09 17:57 - 2013-10-09 17:57 - 00000000 ____D C:\ProgramData\ESET
2013-10-09 17:57 - 2013-10-09 17:57 - 00000000 ____D C:\Program Files\ESET
2013-10-08 22:01 - 2011-03-16 11:15 - 00002218 _____ C:\Windows\system32\AutoRunFilter.ini
2013-10-08 17:54 - 2013-10-08 17:53 - 00000000 ____D C:\Users\KINGA\AppData\Roaming\Fib
2013-10-08 09:54 - 2013-10-08 09:53 - 00000000 ____D C:\Users\KINGA\AppData\Local\{F81F76FA-E611-407B-89A6-85B0DDCFDF3E}
2013-10-05 10:35 - 2012-05-24 19:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-04 22:25 - 2013-10-04 22:25 - 00000000 ____D C:\Users\KINGA\AppData\Local\{40469D89-D65E-4233-949A-B10FBC2579A1}
2013-10-04 10:25 - 2013-10-04 10:25 - 00000000 ____D C:\Users\KINGA\AppData\Local\{9F5E52F9-A0EE-4427-A38E-6BB696575965}
2013-10-03 19:08 - 2013-10-03 19:08 - 00000000 ____D C:\Users\KINGA\AppData\Local\{5062333F-136F-4E25-A52F-5157CFB16922}
2013-10-03 07:08 - 2013-10-03 07:08 - 00000000 ____D C:\Users\KINGA\AppData\Local\{426AC8A6-3E38-4F32-A08A-60CCE83AB633}
2013-10-02 17:27 - 2013-10-02 17:26 - 00000000 ____D C:\Users\KINGA\AppData\Local\{8E44D5F1-55EF-49F0-BCB8-D3D89384DE1F}
2013-10-01 21:49 - 2013-10-01 21:49 - 00000000 ____D C:\Users\KINGA\AppData\Local\{08F519C1-8EAE-42C9-B03B-68B05129CC9C}
2013-10-01 20:35 - 2011-06-20 10:48 - 00000000 ____D C:\Users\KINGA\AppData\Local\Mozilla
2013-10-01 09:49 - 2013-10-01 09:48 - 00000000 ____D C:\Users\KINGA\AppData\Local\{1881AB73-32F2-4C69-BBF7-C9098C66EBB4}
2013-10-01 09:33 - 2013-10-01 09:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-28 14:11 - 2013-09-28 14:11 - 00000000 ____D C:\Users\KINGA\AppData\Local\{460C2422-887B-4351-AD38-ABED796BD14D}
2013-09-27 09:14 - 2013-09-27 09:14 - 00000000 ____D C:\Users\KINGA\AppData\Local\{BBE4627E-673D-4211-87A9-7A1543B26EBE}
2013-09-25 20:59 - 2013-09-25 20:59 - 00000000 ____D C:\Users\KINGA\AppData\Local\{9CA02126-3169-42D9-B47C-F08A1A284C06}
2013-09-25 08:59 - 2013-09-25 08:58 - 00000000 ____D C:\Users\KINGA\AppData\Local\{D66BC146-EF40-46C1-A3B0-5C586B337538}
2013-09-18 01:05 - 2013-09-18 01:05 - 00000000 ____D C:\Users\KINGA\AppData\Local\{ADD92036-E96C-41E4-BD8C-AC86CD31CAED}
2013-09-17 13:05 - 2013-09-17 13:04 - 00000000 ____D C:\Users\KINGA\AppData\Local\{B964654F-B949-4476-B2DB-C7938D61CD46}
2013-09-17 06:11 - 2011-06-05 20:19 - 00000000 ____D C:\Users\KINGA\Documents\Bluetooth Folder
2013-09-16 18:59 - 2013-09-16 18:58 - 00000000 ____D C:\Users\KINGA\AppData\Local\{B134501F-81CF-4C1F-83FF-8A6D9CAD2A29}
2013-09-16 06:58 - 2013-09-16 06:58 - 00000000 ____D C:\Users\KINGA\AppData\Local\{D9F03508-1675-4040-85C0-E5A6B6E134C5}
2013-09-13 08:46 - 2013-09-13 08:46 - 00000000 ____D C:\Users\KINGA\AppData\Local\{0D675865-1052-4911-AF7A-BC99DF227568}
2013-09-12 20:46 - 2013-09-12 20:46 - 00000000 ____D C:\Users\KINGA\AppData\Local\{EC62EB6E-1F20-444F-B483-20A220545A0A}
2013-09-12 08:46 - 2013-09-12 08:46 - 00000000 ____D C:\Users\KINGA\AppData\Local\{802D724C-6004-4F3B-8C34-F31BA73FDB75}
2013-09-11 20:46 - 2013-09-11 20:45 - 00000000 ____D C:\Users\KINGA\AppData\Local\{75305D99-90FE-4BEA-993E-E4FA8AFC9B75}

Some content of TEMP:
====================
C:\Users\KINGA\AppData\Local\Temp\APNSetup.exe
C:\Users\KINGA\AppData\Local\Temp\InstHelper.exe
C:\Users\KINGA\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\KINGA\AppData\Local\Temp\uninst1.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-01 08:42

==================== End Of Log ============================