Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-01-2014 01 Ran by Admin (administrator) on ACERD270 on 02-01-2014 22:52:43 Running from C:\Users\Admin\Downloads Microsoft Windows 7 Starter Service Pack 1 (X86) OS Language: Polish Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) =================== (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Dritek System Inc.) C:\Program Files\Launch Manager\dsiwmis.exe (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe (Dritek System Inc.) C:\Program Files\Launch Manager\LMutilps32.exe (Acer Incorporated) C:\Program Files\Acer\Registration\GREGsvc.exe (Realsil Microelectronics Inc.) C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Symantec Corporation) C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe (Acer Incorporated) C:\Program Files\Acer\Acer VCM\RS_Service.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [SuiteTray] - C:\Program Files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.) HKLM\...\Run: [Norton Online Backup] - C:\Program Files\Symantec\Norton Online Backup\NOBuClient.exe [966488 2010-06-01] (Symantec Corporation) HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated) HKLM\...\Run: [GfxServiceInstall] - C:\Windows\System32\GfxCUIServiceInstall.vbs [131 2012-06-27] () HKLM\...\Run: [LManager] - C:\Program Files\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.) HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1934632 2010-10-08] (Synaptics Incorporated) HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10959464 2012-01-10] (Realtek Semiconductor) HKLM\...\Run: [Power Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [714120 2012-02-07] (Acer Incorporated) HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation) HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [4858968 2013-05-09] (AVAST Software) HKLM\...\Run: [ConvertAd] - C:\Users\Admin\AppData\Local\ConvertAd\ConvertAd.exe HKCU\...\Run: [ALLUpdate] - C:\Program Files\ALLPlayer\ALLUpdate.exe [2995712 2013-04-14] (ALLPlayer Group Ltd.) HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files\Acer\Screensaver\run_Acer.exe [ 2011-09-13] () HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files\Acer\Screensaver\run_Acer.exe [ 2011-09-13] () ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com SearchScopes: HKLM - DefaultScope value is missing. BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO: ALLYouTubeDownloader - {61DB16C5-B733-43F4-872E-B20DC9E72740} - C:\Program Files\ALLYouTubeDownloader\ALLYouTubeDownloader.dll (ALLCinema Ltd.) BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: IplexToALLPlayer - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.) Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 91.123.176.2 82.160.1.1 FireFox: ======== FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\m9mrx1vy.default-1388692279818 FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin: @real.com/nppl3260;version=6.0.11.2852 - C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF Plugin: @real.com/nppl3260;version=6.0.12.46 - C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprpjplug;version=6.0.12.1662 - C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprpjplug;version=6.0.12.46 - C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF Plugin: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\wolnelektury-pl.xml FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF ========================== Services (Whitelisted) ================= R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software) S3 EgisTec Ticket Service; C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe [173424 2011-06-21] (Egis Technology Inc. ) R2 ePowerSvc; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [738688 2012-02-07] (Acer Incorporated) R2 GREGService; C:\Program Files\Acer\Registration\GREGsvc.exe [28264 2012-02-29] (Acer Incorporated) R2 IconMan_R; C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1755136 2011-03-07] (Realsil Microelectronics Inc.) R2 Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [255376 2012-02-07] (Acer Incorporated) R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation) R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [280288 2013-10-23] (Microsoft Corporation) R2 NOBU; C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe [2057560 2010-06-01] (Symantec Corporation) R2 RS_Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated) ==================== Drivers (Whitelisted) ==================== R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-05-09] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [66336 2013-05-09] (AVAST Software) R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [61680 2013-05-09] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-05-09] () R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [770344 2013-07-13] (AVAST Software) R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [369584 2013-07-13] (AVAST Software) R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-05-09] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [175176 2013-07-13] () R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation) R1 mwlPSDFilter; C:\Windows\System32\DRIVERS\mwlPSDFilter.sys [21600 2012-07-18] (Egis Technology Inc.) R1 mwlPSDNServ; C:\Windows\System32\DRIVERS\mwlPSDNServ.sys [16936 2012-07-18] (Egis Technology Inc.) R1 mwlPSDVDisk; C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys [62240 2012-07-18] (Egis Technology Inc.) R3 RSPCIESTOR; C:\Windows\System32\DRIVERS\RtsPStor.sys [254056 2011-05-30] (Realtek Semiconductor Corp.) S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [15872 2013-02-12] (Microsoft Corporation) S1 apqoisgf; \??\C:\Windows\system32\drivers\apqoisgf.sys [x] S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x] S1 eyftycjy; \??\C:\Windows\system32\drivers\eyftycjy.sys [x] S1 fyvekmjn; \??\C:\Windows\system32\drivers\fyvekmjn.sys [x] S1 inhcwuet; \??\C:\Windows\system32\drivers\inhcwuet.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-01-02 21:58 - 2014-01-02 21:58 - 00000000 ____D C:\Users\Admin\Downloads\FRST-OlderVersion 2014-01-02 21:52 - 2014-01-02 21:52 - 00448512 _____ (OldTimer Tools) C:\Users\Admin\Downloads\TFC.exe 2014-01-02 20:55 - 2014-01-02 20:57 - 00000000 ____D C:\AdwCleaner 2014-01-02 20:54 - 2014-01-02 20:54 - 01233962 _____ C:\Users\Admin\Downloads\AdwCleaner.exe 2014-01-02 20:51 - 2014-01-02 20:51 - 00000000 ____D C:\Users\Admin\Desktop\Stare dane programu Firefox 2014-01-02 20:42 - 2014-01-02 20:42 - 00000000 ____D C:\MATS 2014-01-02 20:33 - 2014-01-02 20:33 - 00347816 _____ (Microsoft Corporation) C:\Users\Admin\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.38312118372391253.1.1.Run.exe 2014-01-02 17:39 - 2014-01-02 17:39 - 00094070 _____ C:\Users\Admin\Downloads\Extras.Txt 2014-01-02 17:37 - 2014-01-02 17:37 - 00079872 _____ C:\Users\Admin\Downloads\OTL.Txt 2014-01-02 13:43 - 2014-01-02 13:43 - 00602112 _____ (OldTimer Tools) C:\Users\Admin\Downloads\OTL.exe 2014-01-02 13:37 - 2014-01-02 22:02 - 00009144 _____ C:\Users\Admin\Downloads\Addition.txt 2014-01-02 13:37 - 2014-01-02 22:00 - 00014576 _____ C:\Users\Admin\Desktop\Addition.txt 2014-01-02 13:35 - 2014-01-02 22:53 - 00009983 _____ C:\Users\Admin\Downloads\FRST.txt 2014-01-02 13:34 - 2014-01-02 21:58 - 00000000 ____D C:\FRST 2014-01-02 13:33 - 2014-01-02 21:58 - 01064581 _____ (Farbar) C:\Users\Admin\Downloads\FRST.exe 2014-01-02 11:27 - 2014-01-02 11:27 - 00000000 ____D C:\Program Files\Enigma Software Group 2014-01-02 11:24 - 2014-01-02 11:24 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard 2013-12-29 11:22 - 2013-12-29 11:22 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Bonanza 2013-12-28 18:06 - 2013-09-04 02:15 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2013-12-28 18:06 - 2013-09-04 02:14 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2013-12-28 18:06 - 2013-09-04 02:14 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2013-12-28 18:06 - 2013-09-04 02:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2013-12-28 18:05 - 2013-09-04 02:14 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2013-12-28 18:05 - 2013-09-04 02:14 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys 2013-12-28 18:05 - 2013-09-04 02:14 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2013-12-28 17:17 - 2013-12-28 17:17 - 02715987 _____ C:\Users\Admin\Desktop\piotrek i tomek.sb2 2013-12-23 14:09 - 2013-12-23 14:11 - 00000000 ____D C:\Program Files\Mozilla Firefox 2013-12-22 14:00 - 2013-12-22 14:00 - 00000030 _____ C:\Users\Admin\AppData\Roaming\WB.CFG 2013-12-13 20:47 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-12-13 20:47 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-12-13 20:47 - 2013-11-26 10:22 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2013-12-13 20:47 - 2013-11-26 09:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-12-13 20:47 - 2013-11-26 09:52 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2013-12-13 20:47 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-12-13 20:47 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-12-13 20:47 - 2013-11-26 09:36 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-12-13 20:47 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-12-13 20:47 - 2013-11-26 09:29 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2013-12-13 20:47 - 2013-11-26 09:29 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2013-12-13 20:47 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2013-12-13 20:47 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-12-13 20:47 - 2013-11-26 09:13 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-12-13 20:47 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2013-12-13 20:47 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-12-13 20:47 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2013-12-13 20:47 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-12-13 20:47 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-12-13 20:34 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2013-12-13 20:34 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2013-12-12 17:56 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll 2013-12-12 17:56 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll 2013-12-12 17:56 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx 2013-12-12 17:56 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll 2013-12-12 17:56 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe 2013-12-12 17:56 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe 2013-12-12 17:55 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2013-12-12 17:55 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2013-12-12 17:55 - 2013-10-30 02:27 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2013-12-12 17:55 - 2013-10-04 02:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys 2013-12-12 17:55 - 2013-10-04 02:17 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys 2013-12-09 20:31 - 2013-12-09 20:31 - 00000619 _____ C:\Users\Admin\Desktop\prog.S03 2013-12-09 18:10 - 2013-12-11 08:26 - 00000000 ____D C:\Users\Admin\Desktop\PRACA _METODYKA korek komp 2013-12-09 17:49 - 2013-12-09 18:07 - 00000000 ____D C:\Users\Admin\Desktop\DOSTOSOWNIA 2013-12-05 20:29 - 2013-12-05 20:29 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2013-12-05 20:29 - 2013-12-05 20:29 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2013-12-05 20:29 - 2013-12-05 20:29 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2013-12-05 20:29 - 2013-12-05 20:29 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2013-12-05 20:29 - 2013-12-05 20:29 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-12-05 20:29 - 2013-12-05 20:29 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-12-05 20:29 - 2013-12-05 20:29 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2013-12-05 20:29 - 2013-12-05 20:29 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2013-12-05 20:29 - 2013-12-05 20:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2013-12-05 20:29 - 2013-12-05 20:29 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2013-12-05 20:29 - 2013-12-05 20:29 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2013-12-05 20:29 - 2013-12-05 20:29 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2013-12-05 20:29 - 2013-12-05 20:29 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2013-12-05 20:29 - 2013-12-05 20:29 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2013-12-05 20:29 - 2013-12-05 20:29 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2013-12-05 20:29 - 2013-12-05 20:29 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2013-12-05 20:29 - 2013-12-05 20:29 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2013-12-05 20:29 - 2013-12-05 20:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2013-12-05 20:29 - 2013-12-05 20:29 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2013-12-05 20:29 - 2013-12-05 20:29 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2013-12-05 20:29 - 2013-12-05 20:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2013-12-05 20:29 - 2013-12-05 20:29 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-12-05 20:29 - 2013-12-05 20:29 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2013-12-05 20:29 - 2013-12-05 20:29 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2013-12-05 20:29 - 2013-12-05 20:29 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-12-05 20:29 - 2013-12-05 20:29 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2013-12-05 20:29 - 2013-12-05 20:29 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2013-12-05 20:29 - 2013-12-05 20:29 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2013-12-05 20:29 - 2013-12-05 20:29 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2013-12-05 20:29 - 2013-12-05 20:29 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2013-12-05 20:29 - 2013-12-05 20:29 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2013-12-05 20:29 - 2013-12-05 20:29 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2013-12-05 20:29 - 2013-12-05 20:29 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2013-12-05 20:29 - 2013-12-05 20:29 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2013-12-05 20:29 - 2013-12-05 20:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2013-12-05 20:29 - 2013-12-05 20:29 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2013-12-05 20:29 - 2013-12-05 20:29 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2013-12-05 20:27 - 2013-12-05 20:36 - 00010261 _____ C:\Windows\IE11_main.log ==================== One Month Modified Files and Folders ======= 2014-01-02 22:53 - 2014-01-02 13:35 - 00009983 _____ C:\Users\Admin\Downloads\FRST.txt 2014-01-02 22:29 - 2012-07-18 09:26 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-01-02 22:02 - 2014-01-02 13:37 - 00009144 _____ C:\Users\Admin\Downloads\Addition.txt 2014-01-02 22:00 - 2014-01-02 13:37 - 00014576 _____ C:\Users\Admin\Desktop\Addition.txt 2014-01-02 21:58 - 2014-01-02 21:58 - 00000000 ____D C:\Users\Admin\Downloads\FRST-OlderVersion 2014-01-02 21:58 - 2014-01-02 13:34 - 00000000 ____D C:\FRST 2014-01-02 21:58 - 2014-01-02 13:33 - 01064581 _____ (Farbar) C:\Users\Admin\Downloads\FRST.exe 2014-01-02 21:52 - 2014-01-02 21:52 - 00448512 _____ (OldTimer Tools) C:\Users\Admin\Downloads\TFC.exe 2014-01-02 21:46 - 2013-06-14 21:37 - 01261046 _____ C:\Windows\WindowsUpdate.log 2014-01-02 21:14 - 2009-07-14 05:34 - 00016160 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-01-02 21:14 - 2009-07-14 05:34 - 00016160 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-01-02 21:07 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2014-01-02 21:07 - 2009-07-14 05:39 - 00047570 _____ C:\Windows\setupact.log 2014-01-02 21:06 - 2010-11-20 22:48 - 00034776 _____ C:\Windows\PFRO.log 2014-01-02 20:57 - 2014-01-02 20:55 - 00000000 ____D C:\AdwCleaner 2014-01-02 20:54 - 2014-01-02 20:54 - 01233962 _____ C:\Users\Admin\Downloads\AdwCleaner.exe 2014-01-02 20:51 - 2014-01-02 20:51 - 00000000 ____D C:\Users\Admin\Desktop\Stare dane programu Firefox 2014-01-02 20:42 - 2014-01-02 20:42 - 00000000 ____D C:\MATS 2014-01-02 20:33 - 2014-01-02 20:33 - 00347816 _____ (Microsoft Corporation) C:\Users\Admin\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.38312118372391253.1.1.Run.exe 2014-01-02 17:39 - 2014-01-02 17:39 - 00094070 _____ C:\Users\Admin\Downloads\Extras.Txt 2014-01-02 17:37 - 2014-01-02 17:37 - 00079872 _____ C:\Users\Admin\Downloads\OTL.Txt 2014-01-02 13:43 - 2014-01-02 13:43 - 00602112 _____ (OldTimer Tools) C:\Users\Admin\Downloads\OTL.exe 2014-01-02 11:27 - 2014-01-02 11:27 - 00000000 ____D C:\Program Files\Enigma Software Group 2014-01-02 11:24 - 2014-01-02 11:24 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard 2013-12-29 11:22 - 2013-12-29 11:22 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Bonanza 2013-12-28 18:36 - 2013-07-13 10:09 - 00000819 _____ C:\Windows\BALTIE.INI 2013-12-28 17:17 - 2013-12-28 17:17 - 02715987 _____ C:\Users\Admin\Desktop\piotrek i tomek.sb2 2013-12-28 17:01 - 2013-09-30 17:55 - 00000000 ____D C:\Users\Admin\AppData\Roaming\edu.media.mit.Scratch2Editor 2013-12-28 16:52 - 2013-09-30 19:35 - 00000000 ____D C:\Users\Admin\Desktop\SCRATCH-projekty 2013-12-28 15:18 - 2013-08-01 07:58 - 00000000 ____D C:\Users\Admin\Desktop\Praktyka 2013-12-28 10:43 - 2013-06-15 02:24 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2013-12-23 14:11 - 2013-12-23 14:09 - 00000000 ____D C:\Program Files\Mozilla Firefox 2013-12-22 14:00 - 2013-12-22 14:00 - 00000030 _____ C:\Users\Admin\AppData\Roaming\WB.CFG 2013-12-16 21:08 - 2013-06-15 07:26 - 00697912 _____ C:\Windows\system32\perfh015.dat 2013-12-16 21:08 - 2013-06-15 07:26 - 00134990 _____ C:\Windows\system32\perfc015.dat 2013-12-16 21:08 - 2010-11-20 22:01 - 01549696 _____ C:\Windows\system32\PerfStringBackup.INI 2013-12-16 21:02 - 2009-07-14 05:33 - 00405672 _____ C:\Windows\system32\FNTCACHE.DAT 2013-12-13 21:45 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\pl-PL 2013-12-13 20:47 - 2013-06-15 03:06 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-12-13 20:43 - 2013-08-12 08:56 - 00000000 ____D C:\Windows\system32\MRT 2013-12-13 20:35 - 2013-08-05 18:35 - 88123800 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-12-12 19:14 - 2013-06-20 19:53 - 00000000 ____D C:\Users\Admin\Desktop\Informatyka SP 2013-12-11 08:26 - 2013-12-09 18:10 - 00000000 ____D C:\Users\Admin\Desktop\PRACA _METODYKA korek komp 2013-12-10 20:30 - 2012-07-18 09:26 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2013-12-10 20:30 - 2012-07-18 09:26 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2013-12-09 20:31 - 2013-12-09 20:31 - 00000619 _____ C:\Users\Admin\Desktop\prog.S03 2013-12-09 19:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache 2013-12-09 18:07 - 2013-12-09 17:49 - 00000000 ____D C:\Users\Admin\Desktop\DOSTOSOWNIA 2013-12-05 20:36 - 2013-12-05 20:27 - 00010261 _____ C:\Windows\IE11_main.log 2013-12-05 20:29 - 2013-12-05 20:29 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2013-12-05 20:29 - 2013-12-05 20:29 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2013-12-05 20:29 - 2013-12-05 20:29 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2013-12-05 20:29 - 2013-12-05 20:29 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2013-12-05 20:29 - 2013-12-05 20:29 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-12-05 20:29 - 2013-12-05 20:29 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-12-05 20:29 - 2013-12-05 20:29 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2013-12-05 20:29 - 2013-12-05 20:29 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2013-12-05 20:29 - 2013-12-05 20:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2013-12-05 20:29 - 2013-12-05 20:29 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2013-12-05 20:29 - 2013-12-05 20:29 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2013-12-05 20:29 - 2013-12-05 20:29 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2013-12-05 20:29 - 2013-12-05 20:29 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2013-12-05 20:29 - 2013-12-05 20:29 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2013-12-05 20:29 - 2013-12-05 20:29 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2013-12-05 20:29 - 2013-12-05 20:29 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2013-12-05 20:29 - 2013-12-05 20:29 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2013-12-05 20:29 - 2013-12-05 20:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2013-12-05 20:29 - 2013-12-05 20:29 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2013-12-05 20:29 - 2013-12-05 20:29 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2013-12-05 20:29 - 2013-12-05 20:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2013-12-05 20:29 - 2013-12-05 20:29 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-12-05 20:29 - 2013-12-05 20:29 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2013-12-05 20:29 - 2013-12-05 20:29 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2013-12-05 20:29 - 2013-12-05 20:29 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-12-05 20:29 - 2013-12-05 20:29 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2013-12-05 20:29 - 2013-12-05 20:29 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2013-12-05 20:29 - 2013-12-05 20:29 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2013-12-05 20:29 - 2013-12-05 20:29 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2013-12-05 20:29 - 2013-12-05 20:29 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2013-12-05 20:29 - 2013-12-05 20:29 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2013-12-05 20:29 - 2013-12-05 20:29 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2013-12-05 20:29 - 2013-12-05 20:29 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2013-12-05 20:29 - 2013-12-05 20:29 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2013-12-05 20:29 - 2013-12-05 20:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2013-12-05 20:29 - 2013-12-05 20:29 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2013-12-05 20:29 - 2013-12-05 20:29 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2013-12-03 18:42 - 2013-11-03 09:23 - 00000000 ____D C:\Users\Admin\Desktop\Lekcje - platforma 2013-12-03 18:42 - 2013-07-31 10:45 - 00000000 ____D C:\Users\Admin\Desktop\FIZYKA ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-01-02 18:51 ==================== End Of Log ============================