Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-01-2014 Ran by CzarnoCzarny (administrator) on KOMPUTRON on 21-01-2014 11:47:28 Running from C:\Users\CzarnoCzarny\Downloads Windows 8 (X64) OS Language: Polish Internet Explorer Version 10 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe () C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe () C:\ProgramData\DatacardService\HWDeviceService64.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe () C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe (Micro-Star International Co., Ltd.) C:\Program Files (x86)\SCM\MSIService.exe () C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (MSI) C:\Program Files (x86)\SCM\Radio Manager.exe (MSI) C:\Program Files (x86)\SCM\SCM.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe () C:\Program Files (x86)\Pirrit\AutoUpdater.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe (Microsoft Corporation) C:\Windows\System32\mmc.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286192 2013-01-31] (Intel Corporation) HKLM\...\Run: [BtServer] - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [452608 2013-01-28] (Realtek Semiconductor Corporation) HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2875728 2013-03-04] (ELAN Microelectronics Corp.) HKLM\...\Run: [Radio Manager] - C:\Program Files (x86)\SCM\Radio Manager.exe [406920 2013-04-01] (MSI) HKLM\...\Run: [SCM] - C:\Program Files (x86)\SCM\SCM.exe [407968 2013-04-01] (MSI) HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13519432 2013-04-09] (Realtek Semiconductor) HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2014-01-10] (AVAST Software) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd) MountPoints2: {40e7c9c7-7d71-11e3-be86-8c89a50e775b} - "I:\AutoRun.exe" MountPoints2: {5e71e42d-5079-11e3-be80-8c89a50e775b} - "I:\AutoRun.exe" MountPoints2: {7d7db43c-4fa1-11e3-be80-8c89a50e775b} - "I:\AutoRun.exe" MountPoints2: {7d7db487-4fa1-11e3-be80-8c89a50e775b} - "I:\AutoRun.exe" MountPoints2: {e3c85909-43d4-11e3-be76-8c89a50e775b} - "H:\AutoRun.exe" AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-03-28] (NVIDIA Corporation) AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [201576 2013-03-28] (NVIDIA Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xEDEF12F834ECCE01 HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: IEExtension.Extension - {d40c654d-7c51-4eb3-95b2-1e23905c2a2d} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Winsock: Catalog9 01 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.) Winsock: Catalog9 02 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.) Winsock: Catalog9 03 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.) Winsock: Catalog9 04 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.) Winsock: Catalog9 05 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.) Winsock: Catalog9 06 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.) Winsock: Catalog9 18 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.) Winsock: Catalog9-x64 01 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.) Winsock: Catalog9-x64 02 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.) Winsock: Catalog9-x64 03 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.) Winsock: Catalog9-x64 04 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.) Winsock: Catalog9-x64 05 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.) Winsock: Catalog9-x64 06 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.) Winsock: Catalog9-x64 18 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.) Tcpip\Parameters: [DhcpNameServer] 217.113.224.35 217.113.224.135 Tcpip\..\Interfaces\{AEA6C7E7-4D91-42E9-860F-BA0EAE4FC7CD}: [NameServer]193.41.112.14 193.41.112.18 Tcpip\..\Interfaces\{D7B6586D-0B49-491B-8052-F86ADA11AA46}: [NameServer]193.41.112.14 193.41.112.18 Tcpip\..\Interfaces\{E79AC982-5B0C-4C46-AD82-C3E6DD4246CC}: [NameServer]193.41.112.14 193.41.112.18 FireFox: ======== FF ProfilePath: C:\Users\CzarnoCzarny\AppData\Roaming\Mozilla\Firefox\Profiles\wr9j8ref.default FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll () FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Extension: Pirrit Suggestor - C:\Users\CzarnoCzarny\AppData\Roaming\Mozilla\Firefox\Profiles\wr9j8ref.default\Extensions\suggestor@suggestor.pirrit.com.xpi [2014-01-21] FF Extension: Adblock Plus - C:\Users\CzarnoCzarny\AppData\Roaming\Mozilla\Firefox\Profiles\wr9j8ref.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-10] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-10-31] FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon Chrome: ======= CHR Extension: (Pirrit Suggestor) - C:\Users\CzarnoCzarny\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammfplfdkakimnibcghcebgbiiphabgc [2014-01-21] CHR Extension: (Dokumenty Google) - C:\Users\CzarnoCzarny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-10] CHR Extension: (Dysk Google) - C:\Users\CzarnoCzarny\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-10] CHR Extension: (YouTube) - C:\Users\CzarnoCzarny\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-10] CHR Extension: (Szukaj w Google) - C:\Users\CzarnoCzarny\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-10] CHR Extension: (AdBlock) - C:\Users\CzarnoCzarny\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-01-10] CHR Extension: (Google Wallet) - C:\Users\CzarnoCzarny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-10] CHR Extension: (Gmail) - C:\Users\CzarnoCzarny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-10] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-10-31] CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= U2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-10] (AVAST Software) U2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [39424 2012-12-07] () U2 ETDService; C:\Program Files\Elantech\ETDService.exe [99664 2013-03-04] (ELAN Microelectronics Corp.) U2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] () U2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-01-31] (Intel Corporation) U3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation) U2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation) U2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [224096 2013-11-18] () U2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation) U2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2013-04-01] (Micro-Star International Co., Ltd.) U2 PirritUpdater; C:\Program Files (x86)\Pirrit\AutoUpdater.exe [55296 2013-12-02] () U2 Qualcomm Atheros Killer Service; C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [495616 2013-03-15] () U3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== U2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-01-10] (AVAST Software) U1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-10-31] (AVAST Software) U0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-10-31] () U1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1034464 2014-01-10] (AVAST Software) U1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422216 2014-01-10] (AVAST Software) U3 aswStm; C:\Windows\system32\drivers\aswStm.sys [79672 2014-01-10] (AVAST Software) U0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-10] () U1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [74096 2013-03-15] (Qualcomm Atheros, Inc.) U0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [16512 2013-11-18] (Bytemobile, Inc.) U3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation) U1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2013-11-02] (Disc Soft Ltd) U3 huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [212992 2013-11-18] (Huawei Technologies Co., Ltd.) U3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [174448 2013-03-15] (Qualcomm Atheros, Inc.) U3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [524360 2013-01-30] (Realtek Semiconductor Corporation) U3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [448072 2013-02-01] (RTS Corporation) U3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1544704 2013-03-12] (Realtek Semiconductor Corporation ) U1 tcpipBM; C:\Windows\system32\drivers\tcpipBM.sys [39552 2013-11-18] (Bytemobile, Inc.) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-01-21 11:47 - 2014-01-21 11:47 - 00016221 _____ C:\Users\CzarnoCzarny\Downloads\FRST.txt 2014-01-21 11:42 - 2014-01-21 11:42 - 02077184 _____ (Farbar) C:\Users\CzarnoCzarny\Downloads\FRST64.exe 2014-01-21 11:42 - 2014-01-21 11:42 - 00000000 ____D C:\FRST 2014-01-21 11:34 - 2014-01-21 11:34 - 01621095 _____ C:\Users\CzarnoCzarny\Desktop\System.txt 2014-01-21 11:33 - 2014-01-21 11:33 - 01560266 _____ C:\Users\CzarnoCzarny\Desktop\Aplikacja.txt 2014-01-21 11:17 - 2014-01-21 11:17 - 00069632 _____ C:\Users\CzarnoCzarny\Desktop\Zdarzenia przesyłane dalej.evtx 2014-01-21 11:16 - 2014-01-21 11:16 - 04263936 _____ C:\Users\CzarnoCzarny\Desktop\System.evtx 2014-01-21 11:16 - 2014-01-21 11:16 - 01118208 _____ C:\Users\CzarnoCzarny\Desktop\Ustawienia.evtx 2014-01-21 11:15 - 2014-01-21 11:15 - 17895424 _____ C:\Users\CzarnoCzarny\Desktop\Zabezpieczenia.evtx 2014-01-21 11:14 - 2014-01-21 11:17 - 00000000 ____D C:\Users\CzarnoCzarny\Desktop\LocaleMetaData 2014-01-21 11:14 - 2014-01-21 11:14 - 03215360 _____ C:\Users\CzarnoCzarny\Desktop\Aplikacja.evtx 2014-01-20 23:00 - 2014-01-20 23:00 - 00000786 _____ C:\Windows\setupact.log 2014-01-20 23:00 - 2014-01-20 23:00 - 00000000 _____ C:\Windows\setuperr.log 2014-01-17 05:43 - 2014-01-21 10:56 - 00230681 _____ C:\Windows\WindowsUpdate.log 2014-01-15 08:18 - 2013-12-07 07:37 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll 2014-01-15 08:18 - 2013-12-07 07:37 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2014-01-15 08:18 - 2013-12-07 06:15 - 00562688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll 2014-01-15 08:18 - 2013-12-07 06:15 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2014-01-15 08:18 - 2013-10-31 06:56 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll 2014-01-15 08:18 - 2013-10-31 06:56 - 00758784 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll 2014-01-15 08:18 - 2013-10-31 05:01 - 00550400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll 2014-01-15 08:18 - 2013-10-31 04:42 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys 2014-01-15 08:18 - 2013-10-28 06:50 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll 2014-01-15 08:18 - 2013-10-28 05:05 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll 2014-01-15 08:18 - 2013-10-13 21:49 - 00100696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys 2014-01-15 08:18 - 2013-08-27 06:21 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll 2014-01-15 08:18 - 2013-08-27 06:19 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll 2014-01-15 08:18 - 2013-08-26 23:29 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll 2014-01-15 08:18 - 2013-08-26 23:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll 2014-01-10 21:25 - 2014-01-10 21:25 - 00283016 _____ (Mozilla) C:\Users\CzarnoCzarny\Downloads\Firefox Setup Stub 26.0.exe 2014-01-10 21:25 - 2014-01-10 21:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2014-01-10 21:19 - 2014-01-10 21:25 - 00000000 ____D C:\Users\CzarnoCzarny\AppData\Roaming\Mozilla 2014-01-10 21:12 - 2014-01-21 11:23 - 00001080 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-01-10 21:12 - 2014-01-21 09:43 - 00001076 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-01-10 21:12 - 2014-01-10 21:18 - 00004052 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-01-10 21:12 - 2014-01-10 21:18 - 00003816 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-01-10 21:08 - 2014-01-10 21:08 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys 2014-01-10 21:00 - 2014-01-10 21:00 - 00796616 _____ C:\Users\CzarnoCzarny\Desktop\ff.html 2014-01-09 12:37 - 2014-01-09 12:37 - 00000000 ____D C:\Users\CzarnoCzarny\AppData\Local\PDF Writer 2014-01-03 15:48 - 2014-01-03 15:48 - 00072048 _____ C:\Users\CzarnoCzarny\AppData\Local\GDIPFONTCACHEV1.DAT 2013-12-25 04:33 - 2013-12-25 04:33 - 00008192 ____H C:\Users\CzarnoCzarny\Desktop\photothumb.db 2013-12-22 00:10 - 2013-12-22 00:10 - 00000000 ____D C:\Users\CzarnoCzarny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU ==================== One Month Modified Files and Folders ======= 2014-01-21 11:47 - 2014-01-21 11:47 - 00016221 _____ C:\Users\CzarnoCzarny\Downloads\FRST.txt 2014-01-21 11:42 - 2014-01-21 11:42 - 02077184 _____ (Farbar) C:\Users\CzarnoCzarny\Downloads\FRST64.exe 2014-01-21 11:42 - 2014-01-21 11:42 - 00000000 ____D C:\FRST 2014-01-21 11:34 - 2014-01-21 11:34 - 01621095 _____ C:\Users\CzarnoCzarny\Desktop\System.txt 2014-01-21 11:34 - 2013-06-14 17:59 - 00000000 ____D C:\ProgramData\Realtek 2014-01-21 11:33 - 2014-01-21 11:33 - 01560266 _____ C:\Users\CzarnoCzarny\Desktop\Aplikacja.txt 2014-01-21 11:23 - 2014-01-10 21:12 - 00001080 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-01-21 11:17 - 2014-01-21 11:17 - 00069632 _____ C:\Users\CzarnoCzarny\Desktop\Zdarzenia przesyłane dalej.evtx 2014-01-21 11:17 - 2014-01-21 11:14 - 00000000 ____D C:\Users\CzarnoCzarny\Desktop\LocaleMetaData 2014-01-21 11:16 - 2014-01-21 11:16 - 04263936 _____ C:\Users\CzarnoCzarny\Desktop\System.evtx 2014-01-21 11:16 - 2014-01-21 11:16 - 01118208 _____ C:\Users\CzarnoCzarny\Desktop\Ustawienia.evtx 2014-01-21 11:15 - 2014-01-21 11:15 - 17895424 _____ C:\Users\CzarnoCzarny\Desktop\Zabezpieczenia.evtx 2014-01-21 11:14 - 2014-01-21 11:14 - 03215360 _____ C:\Users\CzarnoCzarny\Desktop\Aplikacja.evtx 2014-01-21 11:00 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\sru 2014-01-21 10:56 - 2014-01-17 05:43 - 00230681 _____ C:\Windows\WindowsUpdate.log 2014-01-21 09:43 - 2014-01-10 21:12 - 00001076 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-01-21 09:43 - 2013-10-31 19:07 - 00065121 _____ C:\Users\CzarnoCzarny\AppData\Local\BTServer.log 2014-01-20 23:01 - 2012-07-26 10:51 - 00795984 _____ C:\Windows\system32\perfh015.dat 2014-01-20 23:01 - 2012-07-26 10:51 - 00160066 _____ C:\Windows\system32\perfc015.dat 2014-01-20 23:01 - 2012-07-26 08:28 - 01796820 _____ C:\Windows\system32\PerfStringBackup.INI 2014-01-20 23:00 - 2014-01-20 23:00 - 00000786 _____ C:\Windows\setupact.log 2014-01-20 23:00 - 2014-01-20 23:00 - 00000000 _____ C:\Windows\setuperr.log 2014-01-20 22:02 - 2013-11-02 15:15 - 00000000 ____D C:\Users\CzarnoCzarny\AppData\Roaming\GG 2014-01-20 18:06 - 2013-11-01 00:26 - 00000000 ____D C:\Users\CzarnoCzarny\AppData\Local\Adobe 2014-01-19 22:33 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\rescache 2014-01-17 10:40 - 2012-07-26 08:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2014-01-15 12:50 - 2013-11-02 12:08 - 00000000 ____D C:\ProgramData\Microsoft Help 2014-01-15 12:49 - 2013-10-31 21:47 - 00000000 ____D C:\Windows\system32\MRT 2014-01-15 12:48 - 2013-10-31 21:47 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-01-15 12:48 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\WinStore 2014-01-13 18:12 - 2013-11-02 15:36 - 00000000 ____D C:\Users\CzarnoCzarny\AppData\Roaming\Skype 2014-01-10 21:25 - 2014-01-10 21:25 - 00283016 _____ (Mozilla) C:\Users\CzarnoCzarny\Downloads\Firefox Setup Stub 26.0.exe 2014-01-10 21:25 - 2014-01-10 21:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2014-01-10 21:25 - 2014-01-10 21:19 - 00000000 ____D C:\Users\CzarnoCzarny\AppData\Roaming\Mozilla 2014-01-10 21:18 - 2014-01-10 21:12 - 00004052 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-01-10 21:18 - 2014-01-10 21:12 - 00003816 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-01-10 21:12 - 2013-11-14 15:36 - 00000000 ____D C:\Users\CzarnoCzarny\AppData\Local\Google 2014-01-10 21:12 - 2013-11-14 15:36 - 00000000 ____D C:\Program Files (x86)\Google 2014-01-10 21:09 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\system32\config\BBI 2014-01-10 21:08 - 2014-01-10 21:08 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys 2014-01-10 21:08 - 2013-11-13 00:02 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2014-01-10 21:08 - 2013-10-31 21:17 - 01034464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2014-01-10 21:08 - 2013-10-31 21:17 - 00422216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys 2014-01-10 21:08 - 2013-10-31 21:17 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2014-01-10 21:08 - 2013-10-31 21:17 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys 2014-01-10 21:08 - 2013-10-31 21:17 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2014-01-10 21:08 - 2013-10-31 21:17 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-01-10 21:00 - 2014-01-10 21:00 - 00796616 _____ C:\Users\CzarnoCzarny\Desktop\ff.html 2014-01-10 11:41 - 2013-11-01 00:37 - 00000000 ____D C:\Users\CzarnoCzarny\AppData\Roaming\AIMP3 2014-01-09 12:37 - 2014-01-09 12:37 - 00000000 ____D C:\Users\CzarnoCzarny\AppData\Local\PDF Writer 2014-01-09 09:02 - 2013-11-15 13:53 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-01-09 09:02 - 2013-11-15 13:53 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-01-08 20:10 - 2013-06-14 17:57 - 00000000 ____D C:\ProgramData\Bigfoot Networks 2014-01-03 15:48 - 2014-01-03 15:48 - 00072048 _____ C:\Users\CzarnoCzarny\AppData\Local\GDIPFONTCACHEV1.DAT 2013-12-25 04:33 - 2013-12-25 04:33 - 00008192 ____H C:\Users\CzarnoCzarny\Desktop\photothumb.db 2013-12-22 18:01 - 2013-10-31 19:13 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4202178386-4102366760-2097196622-1002 2013-12-22 00:10 - 2013-12-22 00:10 - 00000000 ____D C:\Users\CzarnoCzarny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-01-18 10:54 ==================== End Of Log ============================