Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-01-2014 Ran by Wiki (administrator) on WIKI-KOMPUTER on 24-01-2014 21:00:00 Running from C:\Users\Wiki\Desktop Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polish Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\System32\atiesrxx.exe (Logitech, Inc.) C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe (Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE (AMD) C:\Windows\System32\atieclxx.exe (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (InterVideo Inc.) C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe (Microsoft Corporation) C:\Windows\System32\CISVC.EXE (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccsvchst.exe (O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe (Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe () C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccsvchst.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodtray.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1882920 2009-11-13] (Synaptics Incorporated) HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13657304 2000-01-01] (Realtek Semiconductor) HKLM\...\Run: [OODefragTray] - C:\Program Files\OO Software\Defrag\oodtray.exe [3942216 2011-01-25] (O&O Software GmbH) HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [ControlCenter4] - C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-07-22] (Brother Industries, Ltd.) HKLM-x32\...\Run: [BrStsMon00] - C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.) Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.) HKCU\...\Run: [HydraVisionDesktopManager] - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-03-28] (AMD) Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll ==================== Internet (Whitelisted) ==================== ProxyServer: :0 HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.pl/ HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {1C7E4478-89AC-425E-930B-BA1621C09F19} URL = SearchScopes: HKCU - {35A6FD18-F67D-4E76-8957-C7D50FFE3DD9} URL = http://www.google.com/search?hl=pl&q={searchTerms} SearchScopes: HKCU - {5244BBA0-0BB0-4D02-9B73-31B97DA0E5F4} URL = http://websearch.ask.com/redirect?client=ie&tb=ALSV5&o=1665&src=kw&q={searchTerms}&locale=&apn_ptnrs=AU&apn_dtid=YYYYYYYYPL&apn_uid=f88a341d-a47d-4cfc-a160-78c0f8bdb8e9&apn_sauid=37B1C728-4006-4BD1-834C-E24E76049F08& SearchScopes: HKCU - {EDC1EABF-64C5-48AD-8065-1AF5BF5BD1A0} URL = BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\coIEPlg.dll (Symantec Corporation) BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation) BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Pomocnik logowania za pomocą identyfikatora Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\coIEPlg.dll (Symantec Corporation) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation) Toolbar: HKCU - Norton Identity Safe Toolbar - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\coIEPlg.dll (Symantec Corporation) DPF: HKLM {615A1925-0E5B-4767-A65E-3165AEAC32A3} http://quickscan.bitdefender.com/qsax/qsax64.cab DPF: HKLM {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab DPF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} http://quickscan.bitdefender.com/qsax/qsax.cab DPF: HKLM-x32 {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab DPF: HKLM-x32 {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell.com/systemprofiler/DellSystemLite.CAB Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{B54CAC1A-60F8-42A4-BDFC-6973FFFE9F09}: [NameServer]8.26.56.26,156.154.70.22 FireFox: ======== FF ProfilePath: C:\Users\Wiki\AppData\Roaming\Mozilla\Firefox\Profiles\b2slmagh.default-1383670355502 FF Homepage: https://www.google.pl/ FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll () FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll () FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @nokia.com/EnablerPlugin - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( ) FF Plugin-x32: @pandasecurity.com/activescan - C:\Program Files (x86)\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security, S.L.) FF Plugin-x32: @real.com/nppl3260;version=6.0.12.69 - C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.69 - C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll (BitComet) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml FF Extension: Adblock Plus - C:\Users\Wiki\AppData\Roaming\Mozilla\Firefox\Profiles\b2slmagh.default-1383670355502\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-11-05] FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-29] FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013-12-29] FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-12-29] FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2013-12-29] FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [] FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.5.0.67\coFFPlgn\ FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\IPSFF FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\IPSFF [2014-01-12] FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\coFFPlgn\ FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\coFFPlgn\ [] FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird Chrome: ======= Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2012-10-29] CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\Exts\Chrome.crx [2014-01-24] CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - [2014-01-24] ==================== Services (Whitelisted) ================= R2 Capture Device Service; C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.) R2 KSS; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202328 2012-12-07] (Kaspersky Lab ZAO) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) S2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe [129424 2013-10-06] (Symantec Corporation) R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-20] (Symantec Corporation) S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-06-01] (Nero AG) R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [3051848 2011-01-25] (O&O Software GmbH) R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [483864 2013-04-24] (Sony Corporation) R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe [247152 2009-07-07] () R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [4950016 2009-12-16] (Dell Inc.) ==================== Drivers (Whitelisted) ==================== R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\BASHDefs\20140121.001\BHDrvx64.sys [1526488 2013-12-18] (Symantec Corporation) R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys [169048 2013-04-15] (Symantec Corporation) R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE06000.01B\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-11-21] (Disc Soft Ltd) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-01-11] (Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2014-01-11] (Symantec Corporation) S3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [59768 2012-07-09] (G Data Software AG) R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\IPSDefs\20140123.001\IDSvia64.sys [521944 2014-01-21] (Symantec Corporation) R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [110744 2000-01-01] (Qualcomm Atheros Co., Ltd.) S3 Lavasoft Kernexplorer; C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [17152 2011-09-07] () R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\VirusDefs\20140123.025\ENG64.SYS [126040 2014-01-11] (Symantec Corporation) R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\VirusDefs\20140123.025\EX64.SYS [2099288 2014-01-11] (Symantec Corporation) R0 pavboot; C:\Windows\System32\drivers\pavboot64.sys [33800 2009-06-30] (Panda Security, S.L.) S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [47632 2013-04-29] (Panda Security, S.L.) R1 SbFw; C:\Windows\System32\drivers\SbFw.sys [253528 2011-04-05] (Sunbelt Software, Inc.) S3 SBFWIMCL; C:\Windows\System32\DRIVERS\sbfwim.sys [84568 2011-02-08] (Sunbelt Software, Inc.) R3 SBFWIMCLMP; C:\Windows\System32\DRIVERS\SBFWIM.sys [84568 2011-02-08] (Sunbelt Software, Inc.) S3 sbhips; C:\Windows\System32\drivers\sbhips.sys [60504 2011-04-05] (Sunbelt Software, Inc.) R1 SbTis; C:\Windows\System32\drivers\sbtis.sys [94296 2011-04-05] (Sunbelt Software, Inc.) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2013-10-12] (Duplex Secure Ltd.) R3 SRTSP; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSP64.SYS [796760 2013-05-15] (Symantec Corporation) R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS [36952 2013-01-28] (Symantec Corporation) S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-01-12] () R0 SymDS; C:\Windows\System32\drivers\NISx64\1404000.028\SYMDS64.SYS [493656 2013-05-20] (Symantec Corporation) R0 SymEFA; C:\Windows\System32\drivers\NISx64\1404000.028\SYMEFA64.SYS [1139800 2013-01-30] (Symantec Corporation) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2014-01-12] (Symantec Corporation) R1 SymIRON; C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS [224416 2012-11-15] (Symantec Corporation) R1 SymNetS; C:\Windows\system32\drivers\NISx64\1404000.028\SYMNETS.SYS [433752 2013-04-24] (Symantec Corporation) R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] () S3 AndNetDiag; system32\DRIVERS\lgandnetdiag64.sys [x] S3 ANDNetModem; system32\DRIVERS\lgandnetmodem64.sys [x] S3 andnetndis; system32\DRIVERS\lgandnetndis64.sys [x] U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) S3 catchme; \??\C:\ComboFix\catchme.sys [x] S1 inspect; system32\DRIVERS\inspect.sys [x] S3 PCDSRVC{D3412D80-CF3B4A27-06020200}_0; \??\c:\program files\my dell\pcdsrvc_x64.pkms [x] S3 Prot6Flt; system32\DRIVERS\Prot6Flt.sys [x] S1 SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [x] S3 usbbus; system32\DRIVERS\lgx64bus.sys [x] S3 UsbDiag; system32\DRIVERS\lgx64diag.sys [x] S3 USBModem; system32\DRIVERS\lgx64modem.sys [x] U2 wuaserv; ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-01-24 21:00 - 2014-01-24 21:00 - 00022022 _____ C:\Users\Wiki\Desktop\FRST.txt 2014-01-24 20:58 - 2014-01-24 20:58 - 00000000 ____D C:\FRST 2014-01-24 20:55 - 2014-01-24 20:55 - 02077696 _____ (Farbar) C:\Users\Wiki\Desktop\FRST64.exe 2014-01-24 20:09 - 2014-01-24 20:09 - 00024105 _____ C:\Users\Wiki\Desktop\dds.txt 2014-01-24 20:09 - 2014-01-24 20:09 - 00007391 _____ C:\Users\Wiki\Desktop\attach.txt 2014-01-24 20:08 - 2014-01-24 20:08 - 00688992 ____R (Swearware) C:\Users\Wiki\Desktop\dds.com 2014-01-24 20:02 - 2014-01-24 20:02 - 00088802 _____ C:\Users\Wiki\Desktop\Extras.Txt 2014-01-24 20:00 - 2014-01-24 20:00 - 00124082 _____ C:\Users\Wiki\Desktop\OTL.Txt 2014-01-24 19:40 - 2014-01-24 19:40 - 00602112 _____ (OldTimer Tools) C:\Users\Wiki\Desktop\OTL.exe 2014-01-24 16:55 - 2014-01-24 16:44 - 01316598 _____ C:\Users\Wiki\Desktop\ComboFix.txt 2014-01-24 16:44 - 2014-01-24 16:44 - 01316598 _____ C:\ComboFix.txt 2014-01-24 16:25 - 2014-01-24 16:44 - 00000000 ____D C:\Qoobox 2014-01-24 16:25 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe 2014-01-24 16:25 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe 2014-01-24 16:25 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2014-01-24 16:25 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2014-01-24 16:25 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2014-01-24 16:25 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe 2014-01-24 16:25 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe 2014-01-24 16:25 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe 2014-01-24 16:17 - 2014-01-24 16:18 - 05175240 ____R (Swearware) C:\Users\Wiki\Desktop\ComboFix.exe 2014-01-23 20:23 - 2014-01-23 20:07 - 00027940 _____ C:\Users\Wiki\Desktop\ComboFix1.txt 2014-01-23 19:51 - 2014-01-24 16:25 - 00000000 ____D C:\Windows\erdnt 2014-01-23 19:43 - 2014-01-23 19:43 - 00000000 ____D C:\Program Files\Enigma Software Group 2014-01-23 19:42 - 2014-01-23 19:43 - 00000000 ____D C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP 2014-01-20 18:52 - 2014-01-24 15:29 - 00007898 _____ C:\Windows\PFRO.log 2014-01-20 18:52 - 2014-01-24 15:29 - 00000336 _____ C:\Windows\setupact.log 2014-01-20 18:52 - 2014-01-20 18:52 - 00000000 _____ C:\Windows\setuperr.log 2014-01-16 18:24 - 2014-01-16 18:24 - 00005175 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log 2014-01-16 18:24 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-01-16 18:24 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-01-16 18:24 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-01-16 18:24 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-01-15 20:32 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2014-01-15 20:32 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2014-01-15 20:32 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2014-01-15 20:32 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2014-01-15 20:32 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2014-01-15 20:32 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys 2014-01-15 20:32 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2014-01-15 20:32 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2014-01-15 20:32 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-01-12 18:45 - 2014-01-12 18:45 - 00000000 ____D C:\Windows\System32\Tasks\Norton Internet Security 2014-01-12 18:43 - 2014-01-12 18:43 - 00002575 _____ C:\Users\Public\Desktop\Norton Internet Security.lnk 2014-01-12 18:41 - 2014-01-12 18:44 - 00000000 ____D C:\Windows\system32\Drivers\NISx64 2014-01-12 18:41 - 2014-01-12 18:41 - 00000000 ____D C:\Program Files (x86)\Norton Internet Security 2014-01-10 21:47 - 2000-01-01 01:00 - 02587352 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll 2014-01-10 21:46 - 2000-01-01 01:00 - 00897152 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO64.dll 2014-01-10 21:46 - 2000-01-01 01:00 - 00397080 _____ (Creative Technology Ltd.) C:\Windows\system32\MBWrp64.dll 2014-01-08 21:20 - 2014-01-08 21:20 - 00000000 ____D C:\Program Files\Broadcom 2014-01-08 20:25 - 2014-01-08 20:25 - 00000000 ____D C:\Users\Wiki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup 2014-01-08 18:04 - 2014-01-08 18:04 - 00000000 ____D C:\ProgramData\InstallShield 2014-01-06 20:23 - 2014-01-06 20:23 - 04558848 _____ (Google Inc.) C:\Windows\SysWOW64\GPhotos.scr 2014-01-05 15:32 - 2014-01-05 15:32 - 00001194 _____ C:\Users\Wiki\Desktop\IsoBuster.lnk 2014-01-05 15:32 - 2014-01-05 15:32 - 00000000 ____D C:\Program Files (x86)\Smart Projects 2013-12-30 19:08 - 2013-12-30 19:25 - 00000000 ____D C:\Users\Wiki\Desktop\obrazy płyt 2013-12-30 16:48 - 2013-12-30 16:48 - 00002264 _____ C:\Users\Public\Desktop\Gothic II Złota Edycja.lnk 2013-12-30 16:40 - 2013-12-30 16:40 - 00000000 ____D C:\Program Files (x86)\JoWood 2013-12-30 14:30 - 2013-12-30 14:30 - 00004096 _____ C:\Windows\d3dx.dat 2013-12-29 22:12 - 2013-12-29 22:12 - 00002990 _____ C:\Windows\System32\Tasks\{B27A2A36-8081-4C05-835E-46C972A5129F} 2013-12-29 22:06 - 2013-12-29 22:06 - 00002990 _____ C:\Windows\System32\Tasks\{35686AED-AFA1-4988-98DB-D4650D8ADC6E} 2013-12-29 14:38 - 2013-12-29 14:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-12-28 15:22 - 2013-12-28 15:22 - 00016588 _____ C:\Program3.RPT 2013-12-28 00:29 - 2013-12-28 00:29 - 00016585 _____ C:\Program2.RPT 2013-12-25 14:26 - 2013-12-25 14:26 - 00000000 ___HD C:\Users\Wiki\Documents\Freemake_do_not_remove_this_folder635235784134597180 2013-12-25 14:08 - 2013-12-25 14:08 - 00000000 ___HD C:\Users\Wiki\Documents\Freemake_do_not_remove_this_folder635235773284205284 ==================== One Month Modified Files and Folders ======= 2014-01-24 21:00 - 2014-01-24 21:00 - 00022022 _____ C:\Users\Wiki\Desktop\FRST.txt 2014-01-24 20:59 - 2010-10-13 19:13 - 00000000 ____D C:\Users\Wiki\AppData\Roaming\Skype 2014-01-24 20:58 - 2014-01-24 20:58 - 00000000 ____D C:\FRST 2014-01-24 20:55 - 2014-01-24 20:55 - 02077696 _____ (Farbar) C:\Users\Wiki\Desktop\FRST64.exe 2014-01-24 20:46 - 2013-12-07 18:41 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cef3739587925a.job 2014-01-24 20:09 - 2014-01-24 20:09 - 00024105 _____ C:\Users\Wiki\Desktop\dds.txt 2014-01-24 20:09 - 2014-01-24 20:09 - 00007391 _____ C:\Users\Wiki\Desktop\attach.txt 2014-01-24 20:08 - 2014-01-24 20:08 - 00688992 ____R (Swearware) C:\Users\Wiki\Desktop\dds.com 2014-01-24 20:02 - 2014-01-24 20:02 - 00088802 _____ C:\Users\Wiki\Desktop\Extras.Txt 2014-01-24 20:00 - 2014-01-24 20:00 - 00124082 _____ C:\Users\Wiki\Desktop\OTL.Txt 2014-01-24 19:40 - 2014-01-24 19:40 - 00602112 _____ (OldTimer Tools) C:\Users\Wiki\Desktop\OTL.exe 2014-01-24 19:26 - 2010-06-07 09:58 - 01208763 _____ C:\Windows\WindowsUpdate.log 2014-01-24 18:52 - 2010-11-03 19:26 - 00003982 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{89051790-3C61-4C87-AE60-CA34565E0911} 2014-01-24 18:46 - 2013-12-07 18:41 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cef373955e5f77.job 2014-01-24 16:44 - 2014-01-24 16:55 - 01316598 _____ C:\Users\Wiki\Desktop\ComboFix.txt 2014-01-24 16:44 - 2014-01-24 16:44 - 01316598 _____ C:\ComboFix.txt 2014-01-24 16:44 - 2014-01-24 16:25 - 00000000 ____D C:\Qoobox 2014-01-24 16:44 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Default 2014-01-24 16:40 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini 2014-01-24 16:25 - 2014-01-23 19:51 - 00000000 ____D C:\Windows\erdnt 2014-01-24 16:18 - 2014-01-24 16:17 - 05175240 ____R (Swearware) C:\Users\Wiki\Desktop\ComboFix.exe 2014-01-24 15:37 - 2009-07-14 05:45 - 00014240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-01-24 15:37 - 2009-07-14 05:45 - 00014240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-01-24 15:29 - 2014-01-20 18:52 - 00007898 _____ C:\Windows\PFRO.log 2014-01-24 15:29 - 2014-01-20 18:52 - 00000336 _____ C:\Windows\setupact.log 2014-01-24 15:29 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2014-01-24 15:27 - 2013-11-20 18:17 - 00000000 ____D C:\Users\Wiki\AppData\Roaming\DAEMON Tools Lite 2014-01-24 15:27 - 2013-11-20 18:15 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite 2014-01-23 20:07 - 2014-01-23 20:23 - 00027940 _____ C:\Users\Wiki\Desktop\ComboFix1.txt 2014-01-23 19:43 - 2014-01-23 19:43 - 00000000 ____D C:\Program Files\Enigma Software Group 2014-01-23 19:43 - 2014-01-23 19:42 - 00000000 ____D C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP 2014-01-23 17:55 - 2009-08-14 03:50 - 00743388 _____ C:\Windows\system32\perfh015.dat 2014-01-23 17:55 - 2009-08-14 03:50 - 00157814 _____ C:\Windows\system32\perfc015.dat 2014-01-23 17:55 - 2009-07-14 06:13 - 01679400 _____ C:\Windows\system32\PerfStringBackup.INI 2014-01-20 18:52 - 2014-01-20 18:52 - 00000000 _____ C:\Windows\setuperr.log 2014-01-19 18:05 - 2011-02-23 21:19 - 00001726 _____ C:\Users\Public\Desktop\Defraggler.lnk 2014-01-19 18:05 - 2010-11-09 22:40 - 00000000 ____D C:\Program Files\Defraggler 2014-01-19 18:05 - 2010-10-17 19:49 - 00000000 ____D C:\Users\Wiki\AppData\Local\CrashDumps 2014-01-19 14:55 - 2010-10-27 04:50 - 00000000 ___RD C:\Users\Wiki\Desktop\Karty pracy 2014-01-16 18:25 - 2013-09-18 14:42 - 00000000 ____D C:\ProgramData\Oracle 2014-01-16 18:24 - 2014-01-16 18:24 - 00005175 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log 2014-01-16 18:24 - 2013-07-01 16:05 - 00000000 ____D C:\Program Files (x86)\Java 2014-01-16 17:55 - 2009-07-14 05:45 - 00329376 _____ C:\Windows\system32\FNTCACHE.DAT 2014-01-16 06:42 - 2013-07-16 17:04 - 00000000 ____D C:\Windows\system32\MRT 2014-01-16 06:32 - 2010-10-02 10:51 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-01-15 18:39 - 2011-02-18 14:27 - 00000084 _____ C:\Users\Wiki\AppData\default.pls 2014-01-12 18:45 - 2014-01-12 18:45 - 00000000 ____D C:\Windows\System32\Tasks\Norton Internet Security 2014-01-12 18:44 - 2014-01-12 18:41 - 00000000 ____D C:\Windows\system32\Drivers\NISx64 2014-01-12 18:43 - 2014-01-12 18:43 - 00002575 _____ C:\Users\Public\Desktop\Norton Internet Security.lnk 2014-01-12 18:43 - 2013-12-24 13:30 - 00177312 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS 2014-01-12 18:43 - 2013-12-24 13:30 - 00007631 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT 2014-01-12 18:43 - 2013-12-24 13:30 - 00003234 _____ C:\Windows\System32\Tasks\Norton WSC Integration 2014-01-12 18:41 - 2014-01-12 18:41 - 00000000 ____D C:\Program Files (x86)\Norton Internet Security 2014-01-12 18:41 - 2011-02-20 20:46 - 00000000 ____D C:\ProgramData\Norton 2014-01-12 18:36 - 2011-04-09 14:30 - 00000000 ____D C:\Users\Wiki\AppData\Local\Google 2014-01-12 18:01 - 2013-10-31 14:21 - 00000000 ____D C:\Users\Wiki\AppData\Roaming\ControlCenter4 2014-01-12 18:00 - 2013-10-31 14:15 - 00000000 ____D C:\Program Files (x86)\ControlCenter4 2014-01-12 17:25 - 2013-05-27 20:36 - 00003440 _____ C:\Windows\System32\Tasks\PCDEventLauncherTask 2014-01-12 17:15 - 2013-09-01 15:58 - 00016152 _____ C:\Windows\system32\Drivers\SWDUMon.sys 2014-01-12 17:04 - 2010-09-27 18:00 - 00000000 ____D C:\Users\Wiki 2014-01-12 17:02 - 2013-12-24 13:30 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared 2014-01-12 17:02 - 2013-11-10 19:49 - 00000000 ____D C:\Windows\SysWOW64\RTCOM 2014-01-12 17:02 - 2010-10-02 15:53 - 00000000 ____D C:\Windows\pss 2014-01-12 17:02 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\zh-HK 2014-01-12 17:02 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\tr-TR 2014-01-12 17:02 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\th-TH 2014-01-12 17:02 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\sl-SI 2014-01-12 17:02 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\sk-SK 2014-01-12 17:02 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\ro-RO 2014-01-12 17:02 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\lv-LV 2014-01-12 17:02 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\lt-LT 2014-01-12 17:02 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\hr-HR 2014-01-12 17:02 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\he-IL 2014-01-12 17:02 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\et-EE 2014-01-12 17:02 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\bg-BG 2014-01-12 17:02 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\ar-SA 2014-01-12 17:02 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\security 2014-01-12 17:01 - 2012-05-26 15:14 - 00000000 ____D C:\Windows\Minidump 2014-01-12 17:01 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration 2014-01-12 16:59 - 2013-11-10 19:49 - 00000000 ____D C:\Program Files\Realtek 2014-01-12 16:59 - 2010-06-07 15:05 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2014-01-10 21:10 - 2010-06-07 15:05 - 00000000 ____D C:\ProgramData\Dell 2014-01-08 21:38 - 2013-10-31 14:15 - 00000000 ____D C:\ProgramData\ControlCenter4 2014-01-08 21:20 - 2014-01-08 21:20 - 00000000 ____D C:\Program Files\Broadcom 2014-01-08 20:38 - 2011-10-06 09:34 - 00000000 ____D C:\Users\Wiki\Desktop\Druki OTIS 2014-01-08 20:25 - 2014-01-08 20:25 - 00000000 ____D C:\Users\Wiki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup 2014-01-08 18:04 - 2014-01-08 18:04 - 00000000 ____D C:\ProgramData\InstallShield 2014-01-06 20:23 - 2014-01-06 20:23 - 04558848 _____ (Google Inc.) C:\Windows\SysWOW64\GPhotos.scr 2014-01-05 15:32 - 2014-01-05 15:32 - 00001194 _____ C:\Users\Wiki\Desktop\IsoBuster.lnk 2014-01-05 15:32 - 2014-01-05 15:32 - 00000000 ____D C:\Program Files (x86)\Smart Projects 2013-12-31 13:10 - 2013-10-06 12:17 - 00000000 ____D C:\Users\Wiki\Desktop\mp3 2013-12-30 19:25 - 2013-12-30 19:08 - 00000000 ____D C:\Users\Wiki\Desktop\obrazy płyt 2013-12-30 16:48 - 2013-12-30 16:48 - 00002264 _____ C:\Users\Public\Desktop\Gothic II Złota Edycja.lnk 2013-12-30 16:40 - 2013-12-30 16:40 - 00000000 ____D C:\Program Files (x86)\JoWood 2013-12-30 14:30 - 2013-12-30 14:30 - 00004096 _____ C:\Windows\d3dx.dat 2013-12-29 22:12 - 2013-12-29 22:12 - 00002990 _____ C:\Windows\System32\Tasks\{B27A2A36-8081-4C05-835E-46C972A5129F} 2013-12-29 22:06 - 2013-12-29 22:06 - 00002990 _____ C:\Windows\System32\Tasks\{35686AED-AFA1-4988-98DB-D4650D8ADC6E} 2013-12-29 21:29 - 2012-07-17 10:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-12-29 18:09 - 2013-12-16 17:39 - 00000000 ____D C:\Users\Wiki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2013-12-29 14:39 - 2013-12-29 14:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-12-28 15:22 - 2013-12-28 15:22 - 00016588 _____ C:\Program3.RPT 2013-12-28 00:29 - 2013-12-28 00:29 - 00016585 _____ C:\Program2.RPT 2013-12-25 14:31 - 2013-12-24 16:12 - 00000000 ____D C:\Users\Wiki\Desktop\pf 2013-12-25 14:26 - 2013-12-25 14:26 - 00000000 ___HD C:\Users\Wiki\Documents\Freemake_do_not_remove_this_folder635235784134597180 2013-12-25 14:08 - 2013-12-25 14:08 - 00000000 ___HD C:\Users\Wiki\Documents\Freemake_do_not_remove_this_folder635235773284205284 ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-01-24 18:10 ==================== End Of Log ============================