Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-12-2013 01
Ran by Kamil (administrator) on KAMIL-TOSH on 31-12-2013 16:56:57
Running from C:\Users\Kamil\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polish
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Solid Documents, LLC) C:\Program Files (x86)\SolidDocuments\SolidPDFCreator\SPC\SolidPdfServicex64.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Toshiba Europe GmbH) C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Power Software Ltd) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Toshiba TEMPRO] - C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1050072 2010-05-11] (Toshiba Europe GmbH)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11101800 2010-07-28] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2120808 2010-07-28] (Realtek Semiconductor)
HKLM\...\Run: [TPwrMain] - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe [566184 2010-09-28] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] - C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe [570680 2009-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [915320 2010-05-10] (TOSHIBA Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated)
HKLM\...\Run: [TosSENotify] - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] - C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba Registration] - C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe [136136 2010-04-19] (Toshiba Europe GmbH)
HKLM-x32\...\Run: [HWSetup] - C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [423936 2010-03-04] (TOSHIBA Electronics, Inc.)
HKLM-x32\...\Run: [KeNotify] - C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2010-08-15] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [4858968 2013-08-30] (AVAST Software)
HKLM-x32\...\Run: [PWRISOVM.EXE] - C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [312376 2012-02-09] (Power Software Ltd)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LWS] - C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [20131121] - C:\Program Files\AVAST Software\Avast\Setup\emupdate\cb1a1c86-fbbf-4b7e-8aab-96b98408243e.exe [180184 2013-11-23] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [357696 2010-04-01] (DT Soft Ltd)
HKCU\...\Run: [Facebook Update] - C:\Users\Kamil\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-05-05] (Facebook Inc.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
ShortcutTarget: Facebook Messenger.lnk -> C:\Users\Kamil\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (No File)
Startup: C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba.msn.com
SearchScopes: HKCU - {0C5173C9-BFCF-43B7-84F3-EA2901611F6A} URL = http://www.amazon.co.uk/gp/search?ie=UTF8&keywords={searchTerms}&tag=tochibauk-win7-ie-search-21&index=blended&linkCode=ur2
SearchScopes: HKCU - {91EBC2B7-C73F-4FEE-9A50-AF64B7DC76A0} URL = http://rover.ebay.com/rover/1/4908-44618-9400-8/4?satitle={searchTerms}
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 89.22.208.2 8.8.8.8
Tcpip\..\Interfaces\{1C99BD5F-DFCC-4A80-AD63-916807D65488}: [NameServer]193.41.112.14 193.41.112.18
Tcpip\..\Interfaces\{9B7E2240-B8C6-4530-886F-EF0037B4BE98}: [NameServer]193.41.112.14 193.41.112.18

FireFox:
========
FF ProfilePath: C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\wy6lrnw3.default-1383729895541
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF Plugin-x32: @ganymede/GanymedeNetPlugin,version=1.0 - C:\Program Files (x86)\Ganymede\Plugins\npganymedenet.dll ( )
FF Plugin-x32: @ganymede/NAVY,version=1.0 - C:\Program Files (x86)\Ganymede\Plugins\NAVY\NPNAVY.dll (Ganymede Technologies)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Kamil\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Kamil\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: PEKAO S.A. Sign Plugin - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\wy6lrnw3.default-1383729895541\Extensions\SignPlugin@pekao.pl
FF Extension: Transferuj.pl - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\wy6lrnw3.default-1383729895541\Extensions\trtransferfill@transferuj.pl.xpi
FF Extension: zPay - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\wy6lrnw3.default-1383729895541\Extensions\{6BBAF055-8EB1-4987-832A-45171690B0D6}.xpi
FF Extension: Greasemonkey - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\wy6lrnw3.default-1383729895541\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

Chrome: 
=======
CHR HomePage: 
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.376\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Ganymede Navy Plugin) - C:\Program Files (x86)\Ganymede\Plugins\NAVY\NPNAVY.dll (Ganymede Technologies)
CHR Plugin: (GanymedeNet.Detector) - C:\Program Files (x86)\Ganymede\Plugins\npganymedenet.dll ( )
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U45) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Unity Player) - C:\Users\Kamil\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Kamil\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
CHR Plugin: (TVU Web Player for FireFox) - C:\Windows\system32\TVUAx\npTVUAx.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Google Drive) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Google Wallet) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR Extension: (Gmail) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [1811456 2010-08-27] (Realsil Microelectronics Inc.)
S3 PLAY ONLINE. RunOuc; C:\Program Files (x86)\PLAY ONLINE\UpdateDog\ouc.exe [246112 2013-10-02] ()
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [66872 2011-08-09] ()
R2 PnkBstrB; C:\Windows\SysWow64\PnkBstrB.exe [107832 2013-12-25] ()
R2 SPDFCreatorReadSpool; C:\Program Files (x86)\SolidDocuments\SolidPDFCreator\SPC\SolidPdfServicex64.exe [193832 2013-03-25] (Solid Documents, LLC)
R2 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [124368 2010-05-11] (Toshiba Europe GmbH)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software)
R0 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-03-07] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2013-02-15] ()
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-03-02] (Samsung Electronics Co., Ltd.)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [229376 2013-10-02] (Huawei Technologies Co., Ltd.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2013-02-15] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2011-08-10] ()
U3 ajzlb5kx; C:\Windows\System32\Drivers\ajzlb5kx.sys [0 ] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-31 16:35 - 2013-12-31 16:35 - 00448512 _____ (OldTimer Tools) C:\Users\Kamil\Downloads\TFC.exe
2013-12-31 16:33 - 2013-12-31 16:34 - 00000000 ____D C:\Users\Kamil\Desktop\Upload
2013-12-31 16:33 - 2013-12-31 16:33 - 00000000 ____D C:\Users\Kamil\Downloads\FRST-OlderVersion
2013-12-31 16:22 - 2013-12-31 16:22 - 00347816 _____ (Microsoft Corporation) C:\Users\Kamil\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.196311927785511340.2.1.Run.exe
2013-12-31 16:22 - 2013-12-31 16:22 - 00000020 _____ C:\Windows\PöŞ
2013-12-31 16:19 - 2013-12-31 16:19 - 00000000 ____D C:\Users\Kamil\AppData\Local\{9FCB44E3-F36D-4CEB-BCF5-685E66F7B8C8}
2013-12-31 15:33 - 2013-12-31 15:33 - 00004391 _____ C:\Users\Kamil\Desktop\SpaceSnifferConfig.xml
2013-12-31 15:31 - 2013-12-31 15:31 - 00974848 _____ (Uderzo Software e Consulenza Informatica) C:\Users\Kamil\Desktop\SpaceSniffer.exe
2013-12-31 15:30 - 2013-12-31 15:31 - 01536858 _____ C:\Users\Kamil\Downloads\spacesniffer_1_1_4_0.zip
2013-12-31 12:07 - 2013-12-31 13:03 - 00000000 ____D C:\Users\Kamil\Desktop\zrobione druki
2013-12-27 09:56 - 2013-12-27 09:56 - 00141482 _____ C:\Users\Kamil\Desktop\OTL.Txt
2013-12-27 09:56 - 2013-12-27 09:56 - 00069114 _____ C:\Users\Kamil\Downloads\Extras.Txt
2013-12-27 09:56 - 2013-12-27 09:56 - 00069114 _____ C:\Users\Kamil\Desktop\Extras.Txt
2013-12-27 09:55 - 2013-12-27 09:55 - 00141482 _____ C:\Users\Kamil\Downloads\OTL.Txt
2013-12-27 09:31 - 2013-12-27 09:31 - 00602112 _____ (OldTimer Tools) C:\Users\Kamil\Downloads\OTL.exe
2013-12-27 09:31 - 2013-12-27 09:31 - 00044228 _____ C:\Users\Kamil\Desktop\FRST.txt
2013-12-27 09:31 - 2013-12-27 09:31 - 00037403 _____ C:\Users\Kamil\Desktop\Addition.txt
2013-12-27 09:28 - 2013-12-31 16:56 - 00000000 _____ C:\Users\Kamil\Downloads\Addition.txt
2013-12-27 09:25 - 2013-12-31 16:57 - 00019484 _____ C:\Users\Kamil\Downloads\FRST.txt
2013-12-27 09:25 - 2013-12-31 16:33 - 00000000 ____D C:\FRST
2013-12-27 09:24 - 2013-12-31 16:33 - 01931302 _____ (Farbar) C:\Users\Kamil\Downloads\FRST64.exe
2013-12-26 19:35 - 2013-12-26 19:35 - 00000138 _____ C:\Users\Kamil\Desktop\tele.txt
2013-12-26 15:12 - 2008-11-13 14:37 - 00000470 _____ C:\Users\Kamil\Downloads\SpolszczenieFC2.TXT
2013-12-26 14:04 - 2013-12-26 14:31 - 80311860 _____ C:\Users\Kamil\Downloads\SpolszczenieFC2.7z
2013-12-25 20:22 - 2013-12-25 20:22 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2013-12-25 19:18 - 2008-11-13 15:43 - 00000000 ____D C:\Users\Kamil\Downloads\Data_Win32
2013-12-25 19:18 - 2008-11-12 20:15 - 00000031 _____ C:\Users\Kamil\Downloads\FC2Init.ini
2013-12-24 12:39 - 2013-12-24 12:39 - 04763136 _____ C:\Users\Kamil\Downloads\HolenderskaSzkolaFutbolu.ppt
2013-12-24 12:31 - 2013-12-24 12:31 - 06647603 _____ C:\Users\Kamil\Downloads\Doskonalenie gry w obronie i w ataku w systemie 1-4-4-2 - Robert Wójcik (1).pptx
2013-12-24 12:31 - 2013-12-24 12:31 - 01839104 _____ C:\Users\Kamil\Downloads\Gra 4 x 4 w ustawieniu 1-2-1 - Marcin Salamon KKS Lech Poznań.ppt
2013-12-24 12:24 - 2013-12-24 12:24 - 00360453 _____ C:\Users\Kamil\Downloads\325-ba.zip
2013-12-23 17:57 - 2013-12-23 17:57 - 00000000 ____D C:\Users\Kamil\Documents\Need for Speed World
2013-12-23 16:27 - 2013-12-23 16:27 - 00000000 ____D C:\Users\Kamil\AppData\Roaming\cef-cache
2013-12-23 16:27 - 2013-12-23 16:27 - 00000000 ____D C:\Users\Kamil\AppData\Roaming\bwincom
2013-12-20 20:40 - 2013-12-20 20:40 - 00000000 ____D C:\Users\Kamil\AppData\Roaming\Need for Speed World
2013-12-20 10:19 - 2013-12-20 10:19 - 00003104 _____ C:\Windows\System32\Tasks\{54E1E6EA-AD68-48D1-A2F7-4C0FA1683B1D}
2013-12-19 20:07 - 2013-12-19 20:07 - 00000000 ____D C:\Users\Kamil\AppData\Local\Electronic_Arts_Inc
2013-12-19 20:05 - 2013-12-19 20:05 - 00000686 _____ C:\Users\Public\Desktop\Need For Speed World.lnk
2013-12-19 20:05 - 2013-12-19 20:05 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-12-17 16:44 - 2013-12-17 16:49 - 00104407 _____ C:\Users\Kamil\Downloads\setup.exe.log
2013-12-13 00:09 - 2013-12-14 20:39 - 00000207 _____ C:\Users\Kamil\Desktop\km.txt
2013-12-12 11:23 - 2013-12-12 11:24 - 04857932 _____ C:\Users\Kamil\Downloads\TSO_Tools.zip
2013-12-09 13:51 - 2013-12-09 13:52 - 00000000 ____D C:\Users\Kamil\AppData\Local\{3A0184DD-DCF7-40A7-933E-240A3B479517}
2013-12-04 21:31 - 2013-12-04 21:41 - 00000000 ____D C:\Users\Kamil\AppData\Roaming\MultiBit

==================== One Month Modified Files and Folders =======

2013-12-31 16:57 - 2013-12-27 09:25 - 00019484 _____ C:\Users\Kamil\Downloads\FRST.txt
2013-12-31 16:56 - 2013-12-27 09:28 - 00000000 _____ C:\Users\Kamil\Downloads\Addition.txt
2013-12-31 16:55 - 2011-04-26 21:03 - 01438569 _____ C:\Windows\WindowsUpdate.log
2013-12-31 16:52 - 2012-07-07 06:15 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-12-31 16:51 - 2013-09-16 14:34 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2013-12-31 16:51 - 2012-11-10 15:57 - 00045350 _____ C:\Windows\PFRO.log
2013-12-31 16:51 - 2012-11-01 21:17 - 00108424 _____ C:\Windows\setupact.log
2013-12-31 16:51 - 2012-02-25 07:05 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-31 16:51 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-31 16:44 - 2012-02-25 07:05 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-31 16:35 - 2013-12-31 16:35 - 00448512 _____ (OldTimer Tools) C:\Users\Kamil\Downloads\TFC.exe
2013-12-31 16:35 - 2009-07-14 05:45 - 00016304 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-31 16:35 - 2009-07-14 05:45 - 00016304 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-31 16:34 - 2013-12-31 16:33 - 00000000 ____D C:\Users\Kamil\Desktop\Upload
2013-12-31 16:33 - 2013-12-31 16:33 - 00000000 ____D C:\Users\Kamil\Downloads\FRST-OlderVersion
2013-12-31 16:33 - 2013-12-27 09:25 - 00000000 ____D C:\FRST
2013-12-31 16:33 - 2013-12-27 09:24 - 01931302 _____ (Farbar) C:\Users\Kamil\Downloads\FRST64.exe
2013-12-31 16:27 - 2010-11-22 10:17 - 00000000 ____D C:\ProgramData\McAfee
2013-12-31 16:22 - 2013-12-31 16:22 - 00347816 _____ (Microsoft Corporation) C:\Users\Kamil\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.196311927785511340.2.1.Run.exe
2013-12-31 16:22 - 2013-12-31 16:22 - 00000020 _____ C:\Windows\PöŞ
2013-12-31 16:22 - 2010-11-22 10:32 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-12-31 16:21 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-12-31 16:19 - 2013-12-31 16:19 - 00000000 ____D C:\Users\Kamil\AppData\Local\{9FCB44E3-F36D-4CEB-BCF5-685E66F7B8C8}
2013-12-31 16:15 - 2012-07-21 18:09 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-31 16:15 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\tracing
2013-12-31 15:59 - 2010-11-22 10:15 - 00000000 ____D C:\Program Files (x86)\TOSHIBA
2013-12-31 15:59 - 2010-11-22 10:10 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-12-31 15:57 - 2010-11-22 10:10 - 00000000 ____D C:\Program Files\TOSHIBA
2013-12-31 15:45 - 2011-07-14 11:45 - 00000000 ____D C:\Users\Kamil\AppData\Local\Toshiba
2013-12-31 15:33 - 2013-12-31 15:33 - 00004391 _____ C:\Users\Kamil\Desktop\SpaceSnifferConfig.xml
2013-12-31 15:31 - 2013-12-31 15:31 - 00974848 _____ (Uderzo Software e Consulenza Informatica) C:\Users\Kamil\Desktop\SpaceSniffer.exe
2013-12-31 15:31 - 2013-12-31 15:30 - 01536858 _____ C:\Users\Kamil\Downloads\spacesniffer_1_1_4_0.zip
2013-12-31 15:01 - 2013-05-05 19:56 - 00000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4237662247-3227535000-1945066009-1000UA.job
2013-12-31 13:03 - 2013-12-31 12:07 - 00000000 ____D C:\Users\Kamil\Desktop\zrobione druki
2013-12-31 12:08 - 2013-08-05 08:16 - 00000000 ____D C:\Users\Kamil\Desktop\Praca 20132014
2013-12-30 21:01 - 2013-05-05 19:56 - 00000906 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4237662247-3227535000-1945066009-1000Core.job
2013-12-30 17:07 - 2009-07-14 18:55 - 00738660 _____ C:\Windows\system32\perfh015.dat
2013-12-30 17:07 - 2009-07-14 18:55 - 00155058 _____ C:\Windows\system32\perfc015.dat
2013-12-30 17:07 - 2009-07-14 06:13 - 01665036 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-29 12:38 - 2011-10-23 21:43 - 00000000 ____D C:\Users\Kamil\AppData\Roaming\GanymedeNet
2013-12-27 09:56 - 2013-12-27 09:56 - 00141482 _____ C:\Users\Kamil\Desktop\OTL.Txt
2013-12-27 09:56 - 2013-12-27 09:56 - 00069114 _____ C:\Users\Kamil\Downloads\Extras.Txt
2013-12-27 09:56 - 2013-12-27 09:56 - 00069114 _____ C:\Users\Kamil\Desktop\Extras.Txt
2013-12-27 09:55 - 2013-12-27 09:55 - 00141482 _____ C:\Users\Kamil\Downloads\OTL.Txt
2013-12-27 09:31 - 2013-12-27 09:31 - 00602112 _____ (OldTimer Tools) C:\Users\Kamil\Downloads\OTL.exe
2013-12-27 09:31 - 2013-12-27 09:31 - 00044228 _____ C:\Users\Kamil\Desktop\FRST.txt
2013-12-27 09:31 - 2013-12-27 09:31 - 00037403 _____ C:\Users\Kamil\Desktop\Addition.txt
2013-12-26 19:35 - 2013-12-26 19:35 - 00000138 _____ C:\Users\Kamil\Desktop\tele.txt
2013-12-26 14:31 - 2013-12-26 14:04 - 80311860 _____ C:\Users\Kamil\Downloads\SpolszczenieFC2.7z
2013-12-26 08:55 - 2009-07-14 05:45 - 00417016 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-25 20:32 - 2013-01-12 11:04 - 00193221 _____ C:\Windows\DirectX.log
2013-12-25 20:29 - 2011-08-09 21:16 - 02250024 _____ C:\Windows\SysWOW64\pbsvc.exe
2013-12-25 20:29 - 2011-08-09 21:16 - 00107832 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-12-25 20:22 - 2013-12-25 20:22 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2013-12-25 16:37 - 2013-02-15 22:44 - 00000000 ____D C:\Users\Kamil\Documents\My Games
2013-12-25 12:23 - 2011-07-14 11:45 - 00109296 _____ C:\Users\Kamil\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-24 12:39 - 2013-12-24 12:39 - 04763136 _____ C:\Users\Kamil\Downloads\HolenderskaSzkolaFutbolu.ppt
2013-12-24 12:31 - 2013-12-24 12:31 - 06647603 _____ C:\Users\Kamil\Downloads\Doskonalenie gry w obronie i w ataku w systemie 1-4-4-2 - Robert Wójcik (1).pptx
2013-12-24 12:31 - 2013-12-24 12:31 - 01839104 _____ C:\Users\Kamil\Downloads\Gra 4 x 4 w ustawieniu 1-2-1 - Marcin Salamon KKS Lech Poznań.ppt
2013-12-24 12:24 - 2013-12-24 12:24 - 00360453 _____ C:\Users\Kamil\Downloads\325-ba.zip
2013-12-24 10:20 - 2011-12-18 20:23 - 00000000 ____D C:\Users\Kamil\Downloads\SELEKCJE
2013-12-24 09:58 - 2011-12-25 21:28 - 00000000 ____D C:\Users\Kamil\Downloads\chillotu vocal
2013-12-23 17:57 - 2013-12-23 17:57 - 00000000 ____D C:\Users\Kamil\Documents\Need for Speed World
2013-12-23 16:27 - 2013-12-23 16:27 - 00000000 ____D C:\Users\Kamil\AppData\Roaming\cef-cache
2013-12-23 16:27 - 2013-12-23 16:27 - 00000000 ____D C:\Users\Kamil\AppData\Roaming\bwincom
2013-12-20 20:40 - 2013-12-20 20:40 - 00000000 ____D C:\Users\Kamil\AppData\Roaming\Need for Speed World
2013-12-20 10:19 - 2013-12-20 10:19 - 00003104 _____ C:\Windows\System32\Tasks\{54E1E6EA-AD68-48D1-A2F7-4C0FA1683B1D}
2013-12-20 09:09 - 2011-07-14 13:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-19 20:07 - 2013-12-19 20:07 - 00000000 ____D C:\Users\Kamil\AppData\Local\Electronic_Arts_Inc
2013-12-19 20:05 - 2013-12-19 20:05 - 00000686 _____ C:\Users\Public\Desktop\Need For Speed World.lnk
2013-12-19 20:05 - 2013-12-19 20:05 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-12-17 16:49 - 2013-12-17 16:44 - 00104407 _____ C:\Users\Kamil\Downloads\setup.exe.log
2013-12-15 11:06 - 2013-11-30 14:57 - 00000000 ____D C:\Users\Kamil\AppData\Roaming\Bitcoin
2013-12-14 20:39 - 2013-12-13 00:09 - 00000207 _____ C:\Users\Kamil\Desktop\km.txt
2013-12-13 00:08 - 2013-08-03 16:34 - 03422454 ____H C:\Users\Kamil\Desktop\~WRL3382.tmp
2013-12-12 11:24 - 2013-12-12 11:23 - 04857932 _____ C:\Users\Kamil\Downloads\TSO_Tools.zip
2013-12-11 08:16 - 2012-07-21 18:09 - 00003868 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-11 08:16 - 2012-05-14 19:52 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-11 08:16 - 2011-07-14 14:01 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-09 13:52 - 2013-12-09 13:51 - 00000000 ____D C:\Users\Kamil\AppData\Local\{3A0184DD-DCF7-40A7-933E-240A3B479517}
2013-12-07 17:38 - 2012-02-25 07:05 - 00004044 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-07 17:38 - 2012-02-25 07:05 - 00003792 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-07 07:06 - 2009-07-14 06:08 - 00032604 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-04 21:41 - 2013-12-04 21:31 - 00000000 ____D C:\Users\Kamil\AppData\Roaming\MultiBit
2013-12-01 09:33 - 2013-11-29 20:48 - 00000000 ____D C:\Users\Kamil\AppData\Roaming\Litecoin

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-19 12:12

==================== End Of Log ============================