Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2014 04
Ran by Michał (administrator) on MICHAŁ-TOSH on 20-01-2014 21:31:00
Running from C:\Users\Michał\Downloads
Windows 7 Home Premium (X64) OS Language: Polish
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Toshiba Europe GmbH) C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Apple Inc.) C:\Program Files (x86)\Safari\Safari.exe
(Apple Inc.) C:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosA2dp.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHid.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtAvAC.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHSP.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosAVRC.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\tosOBEX.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\tosBtProc.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [TosNC] - C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [595816 2010-04-23] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] - C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2010-07-09] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba TEMPRO] - C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1050072 2010-05-11] (Toshiba Europe GmbH)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11101800 2010-07-28] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2120808 2010-07-28] (Realtek Semiconductor)
HKLM\...\Run: [TPwrMain] - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [505768 2010-05-25] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] - C:\Program Files\Toshiba\SmoothView\SmoothView.exe [570680 2009-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [915320 2010-05-10] (TOSHIBA Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated)
HKLM\...\Run: [SmartFaceVWatcher] - C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-10-19] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] - C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba Registration] - C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [136136 2010-04-19] (Toshiba Europe GmbH)
HKLM-x32\...\Run: [NBAgent] - c:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe [1086760 2010-03-09] (Nero AG)
HKLM-x32\...\Run: [HWSetup] - C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [423936 2010-03-04] (TOSHIBA Electronics, Inc.)
HKLM-x32\...\Run: [SVPWUTIL] - C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [352256 2010-02-22] (TOSHIBA)
HKLM-x32\...\Run: [KeNotify] - C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2010-08-15] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [ITSecMng] - C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [83336 2009-07-22] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [TWebCamera] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2010-05-01] (TOSHIBA CORPORATION.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [3744552 2011-11-28] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Hoolapp Android] - "C:\Users\MICHA~1\AppData\Roaming\HOOLAP~1\Hoolapp.exe" /Minimized
MountPoints2: {38beed73-d19c-11e2-9b19-88ae1ded481b} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\setup.hta
HKU\Default\...\Run: [TOSHIBA Online Product Information] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [4581280 2010-03-03] (TOSHIBA)
HKU\Default User\...\Run: [TOSHIBA Online Product Information] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [4581280 2010-03-03] (TOSHIBA)
AppInit_DLLs:  => File Not Found
AppInit_DLLs-x32: c:\progra~3\bitguard\271832~1.68\{c16c1~1\bitguard.dll => File Not Found
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba.msn.com
URLSearchHook: HKLM-x32 - Default Value = {FE69C007-C452-4d3e-86D2-1730DF8BC871}
URLSearchHook: HKCU - Default Value = {FE69C007-C452-4d3e-86D2-1730DF8BC871}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {0669B3A7-37AC-494B-9E41-BACD475A1E99} URL = http://www.amazon.co.uk/gp/search?ie=UTF8&keywords={searchTerms}&tag=tochibauk-win7-ie-search-21&index=blended&linkCode=ur2
SearchScopes: HKCU - {21C87C68-DB27-4EB9-A1AD-9BA47F08F1AF} URL = http://rover.ebay.com/rover/1/4908-44618-9400-8/4?satitle={searchTerms}
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKCU - {5C98EEB0-364B-4A52-A0CF-94AA5A52A605} URL = 
SearchScopes: HKCU - ŰźĆîZ§’2ąŢpv¨IÍá*X(Ž2s(ŰÎŔJşÔÓµť± vË°!×—(äĽ48Đ¸patm6ęo^Mp`Ëő÷_iŁwľ!„Áű†x˘8€ŮjŔ˙ţ ´Ń;áa´[¦†8 ş~ŹRŮxśňÜ8'Ł-)x­ä­ URL = 
BHO: avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: IplexToALLPlayer - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files (x86)\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.)
BHO-x32: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
BHO-x32: IEPluginBHO Class - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\Michał\AppData\Roaming\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.)
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Tcpip\..\Interfaces\{47A10BC9-2042-4DD3-AA50-A4E3869841BB}: [NameServer]192.168.1.100

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [44768 2011-11-28] (AVAST Software)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [1811456 2010-08-27] (Realsil Microelectronics Inc.)
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [124368 2010-05-11] (Toshiba Europe GmbH)
S2 matlabserver; C:\MATLAAB\webserver\bin\win32\matlabserver.exe [x]

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [24408 2011-11-28] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [66904 2011-11-28] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswRdr.sys [42328 2011-11-28] (AVAST Software)
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [591192 2011-11-28] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [304472 2011-11-28] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [58712 2011-11-28] (AVAST Software)
S2 Kmm4xNT; C:\Windows\SysWow64\Drivers\Kmm4xNT.sys [95484 2000-11-25] (DATOM Dariusz Cielebąk)
S2 TVicPort; C:\Windows\SysWow64\Drivers\TVicPort.sys [14544 2005-03-30] (EnTech Taiwan)
R3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [254976 2010-08-31] (Jungo)
S2 IOPort; \??\C:\Windows\system32\DRIVERS\IOPORT.SYS [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-20 21:31 - 2014-01-20 21:31 - 00014621 _____ C:\Users\Michał\Downloads\FRST.txt
2014-01-20 21:30 - 2014-01-20 21:30 - 00000000 ____D C:\FRST
2014-01-20 21:26 - 2014-01-20 21:26 - 02076672 _____ (Farbar) C:\Users\Michał\Downloads\FRST64.exe
2014-01-20 21:16 - 2014-01-20 21:16 - 00165376 _____ C:\Users\Michał\Downloads\SystemLook_x64.exe
2014-01-20 14:12 - 2014-01-20 14:13 - 00165502 _____ C:\Users\Michał\Downloads\GMER.txt
2014-01-20 12:16 - 2014-01-20 12:16 - 00091414 _____ C:\Users\Michał\Downloads\Extraso.Txt
2014-01-20 12:14 - 2014-01-20 12:14 - 00129908 _____ C:\Users\Michał\Downloads\OTL.Txt
2014-01-20 10:38 - 2014-01-20 10:59 - 00000000 ____D C:\AdwCleaner
2013-12-31 12:44 - 2014-01-01 19:44 - 00000005 _____ C:\Users\Michał\AppData\Roaming\WBPU-Q5-TTL.DAT
2013-12-26 23:18 - 2004-09-22 19:02 - 00258048 _____ C:\Users\Michał\Desktop\dzienap2.exe

==================== One Month Modified Files and Folders =======

2014-01-20 21:31 - 2014-01-20 21:31 - 00014621 _____ C:\Users\Michał\Downloads\FRST.txt
2014-01-20 21:31 - 2009-07-14 05:45 - 00016304 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-20 21:31 - 2009-07-14 05:45 - 00016304 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-20 21:30 - 2014-01-20 21:30 - 00000000 ____D C:\FRST
2014-01-20 21:30 - 2012-05-27 20:57 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-20 21:26 - 2014-01-20 21:26 - 02076672 _____ (Farbar) C:\Users\Michał\Downloads\FRST64.exe
2014-01-20 21:20 - 2010-09-29 08:18 - 01957115 _____ C:\Windows\WindowsUpdate.log
2014-01-20 21:16 - 2014-01-20 21:16 - 00165376 _____ C:\Users\Michał\Downloads\SystemLook_x64.exe
2014-01-20 21:14 - 2012-08-14 17:22 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-20 21:13 - 2010-12-30 01:19 - 00000374 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2014-01-20 21:11 - 2013-05-31 21:14 - 00000350 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2014-01-20 21:11 - 2012-08-14 17:22 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-20 21:11 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-20 21:11 - 2009-07-14 05:51 - 00033469 _____ C:\Windows\setupact.log
2014-01-20 14:13 - 2014-01-20 14:12 - 00165502 _____ C:\Users\Michał\Downloads\GMER.txt
2014-01-20 12:16 - 2014-01-20 12:16 - 00091414 _____ C:\Users\Michał\Downloads\Extraso.Txt
2014-01-20 12:14 - 2014-01-20 12:14 - 00129908 _____ C:\Users\Michał\Downloads\OTL.Txt
2014-01-20 10:59 - 2014-01-20 10:38 - 00000000 ____D C:\AdwCleaner
2014-01-20 10:56 - 2010-09-29 08:31 - 00075156 _____ C:\Windows\PFRO.log
2014-01-20 10:44 - 2013-08-08 14:44 - 00000172 _____ C:\Users\Michał\AppData\Roaming\WB.CFG
2014-01-20 10:44 - 2013-06-15 01:44 - 00000005 _____ C:\Users\Michał\AppData\Roaming\WBPU-TTL.DAT
2014-01-16 12:45 - 2010-12-28 19:55 - 00000000 ____D C:\Users\Michał\AppData\Roaming\ipla
2014-01-16 12:45 - 2010-12-28 19:55 - 00000000 ____D C:\ProgramData\ipla
2014-01-12 10:21 - 2009-07-14 18:55 - 00806788 _____ C:\Windows\system32\perfh015.dat
2014-01-12 10:21 - 2009-07-14 18:55 - 00180946 _____ C:\Windows\system32\perfc015.dat
2014-01-12 10:21 - 2009-07-14 06:13 - 01859502 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-11 20:02 - 2011-02-02 13:35 - 00007618 _____ C:\Users\Michał\AppData\Local\resmon.resmoncfg
2014-01-08 18:12 - 2010-12-30 16:16 - 00000000 ____D C:\Users\Michał\AppData\Roaming\Skype
2014-01-01 19:44 - 2013-12-31 12:44 - 00000005 _____ C:\Users\Michał\AppData\Roaming\WBPU-Q5-TTL.DAT
2013-12-28 22:48 - 2010-12-29 13:45 - 00000000 ____D C:\Users\Michał\AppData\Local\Adobe
2013-12-28 22:12 - 2009-07-14 06:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT

Some content of TEMP:
====================
C:\Users\Michał\AppData\Local\Temp\amanenj3.dll
C:\Users\Michał\AppData\Local\Temp\bitool.dll
C:\Users\Michał\AppData\Local\Temp\blgngeuy.dll
C:\Users\Michał\AppData\Local\Temp\borlndlm.dll
C:\Users\Michał\AppData\Local\Temp\bpvnjvxv.dll
C:\Users\Michał\AppData\Local\Temp\dbsxb0jq.dll
C:\Users\Michał\AppData\Local\Temp\dhozrnp2.dll
C:\Users\Michał\AppData\Local\Temp\ebyyn0zm.dll
C:\Users\Michał\AppData\Local\Temp\exjoyy3x.dll
C:\Users\Michał\AppData\Local\Temp\htmlayout.dll
C:\Users\Michał\AppData\Local\Temp\ipl1A82.tmp.exe
C:\Users\Michał\AppData\Local\Temp\ipl1AD0.tmp.exe
C:\Users\Michał\AppData\Local\Temp\ipl20E8.tmp.exe
C:\Users\Michał\AppData\Local\Temp\ipl225F.tmp.exe
C:\Users\Michał\AppData\Local\Temp\ipl2F2A.tmp.exe
C:\Users\Michał\AppData\Local\Temp\ipl32.tmp.exe
C:\Users\Michał\AppData\Local\Temp\ipl3459.tmp.exe
C:\Users\Michał\AppData\Local\Temp\ipl39E6.tmp.exe
C:\Users\Michał\AppData\Local\Temp\ipl3EB4.tmp.exe
C:\Users\Michał\AppData\Local\Temp\ipl405.tmp.exe
C:\Users\Michał\AppData\Local\Temp\ipl4088.tmp.exe
C:\Users\Michał\AppData\Local\Temp\ipl427D.tmp.exe
C:\Users\Michał\AppData\Local\Temp\ipl4E1F.tmp.exe
C:\Users\Michał\AppData\Local\Temp\ipl50E5.tmp.exe
C:\Users\Michał\AppData\Local\Temp\ipl583C.tmp.exe
C:\Users\Michał\AppData\Local\Temp\ipl62D8.tmp.exe
C:\Users\Michał\AppData\Local\Temp\ipl6FD2.tmp.exe
C:\Users\Michał\AppData\Local\Temp\ipl73A9.tmp.exe
C:\Users\Michał\AppData\Local\Temp\ipl73EA.tmp.exe
C:\Users\Michał\AppData\Local\Temp\ipl7E06.tmp.exe
C:\Users\Michał\AppData\Local\Temp\ipl8352.tmp.exe
C:\Users\Michał\AppData\Local\Temp\ipl8FD0.tmp.exe
C:\Users\Michał\AppData\Local\Temp\ipl915.tmp.exe
C:\Users\Michał\AppData\Local\Temp\ipl98D5.tmp.exe
C:\Users\Michał\AppData\Local\Temp\iplA62D.tmp.exe
C:\Users\Michał\AppData\Local\Temp\iplA751.tmp.exe
C:\Users\Michał\AppData\Local\Temp\iplAE0B.tmp.exe
C:\Users\Michał\AppData\Local\Temp\iplB089.tmp.exe
C:\Users\Michał\AppData\Local\Temp\iplB866.tmp.exe
C:\Users\Michał\AppData\Local\Temp\iplC5BE.tmp.exe
C:\Users\Michał\AppData\Local\Temp\iplD039.tmp.exe
C:\Users\Michał\AppData\Local\Temp\iplD0FF.tmp.exe
C:\Users\Michał\AppData\Local\Temp\iplDBB0.tmp.exe
C:\Users\Michał\AppData\Local\Temp\iplDC2C.tmp.exe
C:\Users\Michał\AppData\Local\Temp\iplDD34.tmp.exe
C:\Users\Michał\AppData\Local\Temp\iplDE3D.tmp.exe
C:\Users\Michał\AppData\Local\Temp\iplE1B8.tmp.exe
C:\Users\Michał\AppData\Local\Temp\iplE3BB.tmp.exe
C:\Users\Michał\AppData\Local\Temp\iplEE15.tmp.exe
C:\Users\Michał\AppData\Local\Temp\iplEE25.tmp.exe
C:\Users\Michał\AppData\Local\Temp\iplEFBE.tmp.exe
C:\Users\Michał\AppData\Local\Temp\iplF20C.tmp.exe
C:\Users\Michał\AppData\Local\Temp\iplF325.tmp.exe
C:\Users\Michał\AppData\Local\Temp\iplF41E.tmp.exe
C:\Users\Michał\AppData\Local\Temp\MSN1C65.exe
C:\Users\Michał\AppData\Local\Temp\oirgnifh.dll
C:\Users\Michał\AppData\Local\Temp\oupoqo45.dll
C:\Users\Michał\AppData\Local\Temp\setup_fsu_cid.exe
C:\Users\Michał\AppData\Local\Temp\stubhelper.dll
C:\Users\Michał\AppData\Local\Temp\tvazgmlu.dll
C:\Users\Michał\AppData\Local\Temp\uklbch2x.dll
C:\Users\Michał\AppData\Local\Temp\uninst1.exe
C:\Users\Michał\AppData\Local\Temp\uninstall2541396.exe
C:\Users\Michał\AppData\Local\Temp\uninstall5678498.exe
C:\Users\Michał\AppData\Local\Temp\uninstall5697640.exe
C:\Users\Michał\AppData\Local\Temp\uninstall5697702.exe
C:\Users\Michał\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\Michał\AppData\Local\Temp\vkifkafz.dll
C:\Users\Michał\AppData\Local\Temp\wihvky5a.dll
C:\Users\Michał\AppData\Local\Temp\zcobjio2.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-20 22:13

==================== End Of Log ============================