Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-03-2014 Ran by ja (administrator) on JA-KOMPUTER on 07-03-2014 22:27:12 Running from C:\Users\ja\Desktop\pobierane Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polish Internet Explorer Version 8 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe (Beepa P/L) C:\Fraps\fraps.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe (Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe () C:\Windows\Samsung\PanelMgr\SSMMgr.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe (Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe (Microsoft Corporation) C:\Windows\System32\alg.exe (Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe (Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe (Beepa P/L) C:\Fraps\fraps64.dat (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-03-22] (Intel Corporation) HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation) HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor) HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.) HKLM-x32\...\Run: [NBKeyScan] - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2213160 2007-12-03] (Nero AG) HKLM-x32\...\Run: [Samsung PanelMgr] - C:\Windows\Samsung\PanelMgr\SSMMgr.exe [520192 2006-12-01] () HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [Avira Systray] - C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [172624 2014-02-24] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-25] (Avira Operations GmbH & Co. KG) Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) HKU\S-1-5-21-2442633081-4145835340-3554864258-1000\...\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [1688872 2007-12-13] (Nero AG) HKU\S-1-5-21-2442633081-4145835340-3554864258-1000\...\Run: [GarminExpressTrayApp] - C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1093464 2013-08-22] (Garmin Ltd or its subsidiaries) HKU\S-1-5-21-2442633081-4145835340-3554864258-1000\...\Run: [NokiaSuite.exe] - C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-10-02] (Nokia) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - No File Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\syswow64\urlmon.dll (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Users\ja\AppData\Roaming\Mozilla\Firefox\Profiles\mnmkbqav.default FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll () FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll () FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @nokia.com/EnablerPlugin - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( ) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Extension: Adblock Plus - C:\Users\ja\AppData\Roaming\Mozilla\Firefox\Profiles\mnmkbqav.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-08-05] FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-11-15] FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird ==================== Services (Whitelisted) ================= R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG) S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1017424 2014-02-25] (Avira Operations GmbH & Co. KG) R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [117328 2014-02-24] (Avira Operations GmbH & Co. KG) R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [220504 2013-08-22] (Garmin Ltd or its subsidiaries) S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-03-22] (Intel Corporation) R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [869672 2007-12-03] (Nero AG) R3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [447784 2007-12-13] (Nero AG) R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1025408 2014-01-09] (Enigma Software Group USA, LLC.) ==================== Drivers (Whitelisted) ==================== R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2014-02-25] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2014-02-25] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG) R2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-03-02] (Samsung Electronics Co., Ltd.) S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [14872 2014-01-07] () S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2012-06-22] () S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-09-23] () R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-03-22] (Intel Corporation) S3 pfc; C:\Windows\SysWOW64\drivers\pfc.sys [9856 2013-08-01] (Padus, Inc.) R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.) S4 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2013-10-15] (Duplex Secure Ltd.) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) U3 uglcyaoc; \??\C:\Users\ja\AppData\Local\Temp\uglcyaoc.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-03-07 21:57 - 2014-03-07 21:57 - 00000000 ____D () C:\Users\ja\AppData\Roaming\Avira 2014-03-07 21:51 - 2014-02-25 11:41 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2014-03-07 21:51 - 2014-02-25 11:41 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2014-03-07 21:51 - 2014-02-25 11:41 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2014-03-07 21:40 - 2014-03-07 21:40 - 00000188 _____ () C:\Users\ja\defogger_reenable 2014-03-07 21:29 - 2014-03-07 21:51 - 00000000 ____D () C:\ProgramData\Avira 2014-03-07 21:29 - 2014-03-07 21:51 - 00000000 ____D () C:\Program Files (x86)\Avira 2014-03-07 21:29 - 2014-03-07 21:29 - 00001133 _____ () C:\Users\Public\Desktop\Avira.lnk 2014-03-07 19:58 - 2014-03-07 19:58 - 00000000 ____D () C:\Users\ja\AppData\Local\GHISLER 2014-03-07 19:56 - 2014-03-07 19:56 - 00000632 _____ () C:\Users\ja\Desktop\Total Commander.lnk 2014-03-07 19:56 - 2014-03-07 19:56 - 00000000 ____D () C:\Users\ja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander 2014-03-07 19:56 - 2014-03-07 19:56 - 00000000 ____D () C:\Users\ja\AppData\Roaming\GHISLER 2014-03-07 19:56 - 2014-03-07 19:56 - 00000000 ____D () C:\totalcmd 2014-03-07 19:56 - 2014-02-19 08:50 - 00000545 _____ () C:\Windows\UC.PIF 2014-03-07 19:56 - 2014-02-19 08:50 - 00000545 _____ () C:\Windows\RAR.PIF 2014-03-07 19:56 - 2014-02-19 08:50 - 00000545 _____ () C:\Windows\PKZIP.PIF 2014-03-07 19:56 - 2014-02-19 08:50 - 00000545 _____ () C:\Windows\PKUNZIP.PIF 2014-03-07 19:56 - 2014-02-19 08:50 - 00000545 _____ () C:\Windows\LHA.PIF 2014-03-07 19:56 - 2014-02-19 08:50 - 00000545 _____ () C:\Windows\ARJ.PIF 2014-03-07 19:28 - 2014-03-07 21:31 - 00000000 ____D () C:\AdwCleaner 2014-03-07 18:47 - 2014-03-07 22:27 - 00000000 ____D () C:\Users\ja\Desktop\scan 2014-03-07 18:46 - 2014-03-07 22:27 - 00000000 ____D () C:\FRST 2014-03-07 18:12 - 2014-03-07 18:12 - 00000000 _____ () C:\autoexec.bat 2014-03-07 18:11 - 2014-03-07 18:11 - 00002252 _____ () C:\Users\ja\Desktop\SpyHunter.lnk 2014-03-07 18:11 - 2014-03-07 18:11 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP 2014-03-07 18:11 - 2014-03-07 18:11 - 00000000 ____D () C:\Users\ja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter 2014-03-07 18:11 - 2014-03-07 18:11 - 00000000 ____D () C:\Program Files\Enigma Software Group 2014-03-07 18:11 - 2012-06-22 11:01 - 00022704 _____ () C:\Windows\system32\Drivers\EsgScanner.sys 2014-03-07 18:07 - 2014-03-07 18:07 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\ja\Downloads\SpyHunter-Installer.exe 2014-03-07 18:05 - 2014-03-07 18:05 - 00347816 _____ (Microsoft Corporation) C:\Users\ja\Downloads\MicrosoftFixit.wu.RNP.53317636781115728.5.1.Run.exe 2014-03-07 17:53 - 2014-03-07 18:11 - 00000028 _____ () C:\Users\ja\Desktop\fis.txt 2014-03-07 17:43 - 2014-03-07 17:43 - 00042532 _____ () C:\Users\ja\Downloads\Extras.Txt 2014-03-07 17:42 - 2014-03-07 17:42 - 00087524 _____ () C:\Users\ja\Downloads\OTL.Txt 2014-03-07 17:33 - 2014-03-07 17:34 - 00987442 _____ () C:\Users\ja\Downloads\SecurityCheck.exe 2014-03-07 17:26 - 2014-03-07 17:26 - 00280204 _____ () C:\Users\ja\Downloads\WindowsUpdateDiagnostic.diagcab 2014-03-07 16:45 - 2014-03-07 16:53 - 00000000 ____D () C:\Windows\erdnt 2014-03-07 16:36 - 2014-03-07 16:36 - 00019283 _____ () C:\Users\ja\Downloads\[torrent.pl] ESET Smart Security 6 0 314 0 with crack.torrent 2014-03-07 16:34 - 2014-03-07 16:34 - 00001148 _____ () C:\Users\ja\Downloads\[torrent.pl] ESET NOD32 Smart Security 7 0 302 Final x64&x32+SERIALS.torrent 2014-03-07 09:29 - 2014-03-07 09:29 - 00000000 ____D () C:\Users\ja\AppData\Local\Skype 2014-03-04 08:07 - 2014-03-04 08:07 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-03-04 08:06 - 2014-03-04 08:07 - 02347384 _____ (ESET) C:\Users\ja\Downloads\esetsmartinstaller_plk.exe 2014-03-04 00:06 - 2014-03-04 00:06 - 00000000 ____D () C:\Users\ja\AppData\Local\NokiaAccount 2014-03-04 00:03 - 2014-03-04 00:03 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ccdcmbx64_01009.Wdf 2014-03-04 00:02 - 2014-03-04 00:03 - 00000000 ____D () C:\Users\ja\AppData\Local\Nokia 2014-03-04 00:02 - 2014-03-04 00:02 - 00002089 _____ () C:\Users\Public\Desktop\Nokia Suite.lnk 2014-03-04 00:02 - 2014-03-04 00:02 - 00000000 ____D () C:\Users\ja\AppData\Roaming\PC Suite 2014-03-04 00:02 - 2014-03-04 00:02 - 00000000 ____D () C:\ProgramData\PC Suite 2014-03-04 00:01 - 2014-03-04 00:01 - 00000000 ____D () C:\Program Files (x86)\PC Connectivity Solution 2014-03-04 00:01 - 2013-01-23 10:31 - 00057856 _____ (Nokia) C:\Windows\system32\nmwcdclsX64.dll 2014-03-04 00:01 - 2012-10-17 14:53 - 00026112 _____ (Nokia) C:\Windows\system32\Drivers\pccsmcfdx64.sys 2014-03-04 00:00 - 2014-03-04 00:00 - 00000000 ____D () C:\ProgramData\NokiaInstallerCache 2014-03-03 23:45 - 2014-03-04 00:02 - 00000000 ____D () C:\ProgramData\Nokia 2014-03-03 23:45 - 2014-03-04 00:02 - 00000000 ____D () C:\Program Files (x86)\Nokia 2014-03-03 23:45 - 2014-03-03 23:45 - 00002462 _____ () C:\Users\Public\Desktop\Nokia Data Package Manager.lnk 2014-03-03 23:45 - 2014-03-03 23:45 - 00000000 ____D () C:\Users\ja\AppData\Roaming\Nokia 2014-03-03 21:41 - 2014-03-03 21:41 - 00000000 ____D () C:\Users\ja\AppData\Local\WinZip 2014-03-03 21:39 - 2014-03-03 21:41 - 00000000 ____D () C:\ProgramData\WinZip 2014-03-03 21:39 - 2014-03-03 21:40 - 00000000 ____D () C:\Program Files\WinZip 2014-03-03 08:52 - 2014-03-07 11:27 - 00000000 ____D () C:\Users\ja\Desktop\nokia 2014-03-03 08:49 - 2014-03-03 08:49 - 00122900 _____ () C:\Users\ja\Downloads\Patrick Frei PhoNetInfo v 3.20 S60v3 v5 S^3 Podpisana.sisx 2014-02-23 17:36 - 2014-02-23 17:36 - 00290704 _____ () C:\Windows\Minidump\022314-15958-01.dmp 2014-02-23 09:52 - 2014-02-23 09:52 - 00290696 _____ () C:\Windows\Minidump\022314-15116-01.dmp 2014-02-21 08:18 - 2014-02-21 08:18 - 00290696 _____ () C:\Windows\Minidump\022114-14742-01.dmp 2014-02-16 09:50 - 2014-02-16 09:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-02-08 16:44 - 2014-02-08 16:46 - 01593372 _____ () C:\Users\ja\Documents\W pierścieniu ognia.epub ==================== One Month Modified Files and Folders ======= 2014-03-07 22:27 - 2014-03-07 18:47 - 00000000 ____D () C:\Users\ja\Desktop\scan 2014-03-07 22:27 - 2014-03-07 18:46 - 00000000 ____D () C:\FRST 2014-03-07 22:27 - 2013-08-01 10:21 - 00000000 ____D () C:\Users\ja\Desktop\pobierane 2014-03-07 22:19 - 2013-08-01 22:33 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-03-07 22:16 - 2013-08-01 08:58 - 01424260 _____ () C:\Windows\WindowsUpdate.log 2014-03-07 21:57 - 2014-03-07 21:57 - 00000000 ____D () C:\Users\ja\AppData\Roaming\Avira 2014-03-07 21:51 - 2014-03-07 21:29 - 00000000 ____D () C:\ProgramData\Avira 2014-03-07 21:51 - 2014-03-07 21:29 - 00000000 ____D () C:\Program Files (x86)\Avira 2014-03-07 21:50 - 2011-04-12 14:21 - 00740732 _____ () C:\Windows\system32\perfh015.dat 2014-03-07 21:50 - 2011-04-12 14:21 - 00155804 _____ () C:\Windows\system32\perfc015.dat 2014-03-07 21:50 - 2009-07-14 06:13 - 01671648 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-03-07 21:48 - 2009-07-14 05:45 - 00022528 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-03-07 21:48 - 2009-07-14 05:45 - 00022528 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-03-07 21:42 - 2013-08-01 22:01 - 00003138 _____ () C:\Windows\System32\Tasks\FRAPS 2014-03-07 21:42 - 2013-08-01 22:01 - 00000000 ____D () C:\Fraps 2014-03-07 21:41 - 2014-01-27 08:45 - 00000437 _____ () C:\Windows\system32\Drivers\etc\hosts.ics 2014-03-07 21:41 - 2013-08-01 18:20 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-03-07 21:41 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-03-07 21:41 - 2009-07-14 05:51 - 00047886 _____ () C:\Windows\setupact.log 2014-03-07 21:40 - 2014-03-07 21:40 - 00000188 _____ () C:\Users\ja\defogger_reenable 2014-03-07 21:40 - 2013-08-01 09:01 - 00000000 ____D () C:\Users\ja 2014-03-07 21:31 - 2014-03-07 19:28 - 00000000 ____D () C:\AdwCleaner 2014-03-07 21:29 - 2014-03-07 21:29 - 00001133 _____ () C:\Users\Public\Desktop\Avira.lnk 2014-03-07 21:29 - 2013-08-04 18:05 - 00000000 ____D () C:\ProgramData\Package Cache 2014-03-07 19:58 - 2014-03-07 19:58 - 00000000 ____D () C:\Users\ja\AppData\Local\GHISLER 2014-03-07 19:56 - 2014-03-07 19:56 - 00000632 _____ () C:\Users\ja\Desktop\Total Commander.lnk 2014-03-07 19:56 - 2014-03-07 19:56 - 00000000 ____D () C:\Users\ja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander 2014-03-07 19:56 - 2014-03-07 19:56 - 00000000 ____D () C:\Users\ja\AppData\Roaming\GHISLER 2014-03-07 19:56 - 2014-03-07 19:56 - 00000000 ____D () C:\totalcmd 2014-03-07 19:37 - 2010-11-21 04:47 - 00009466 _____ () C:\Windows\PFRO.log 2014-03-07 18:31 - 2014-01-02 17:54 - 00000000 ____D () C:\Users\ja\AppData\Local\GG 2014-03-07 18:20 - 2013-08-31 15:27 - 00020900 _____ () C:\Windows\DPINST.LOG 2014-03-07 18:12 - 2014-03-07 18:12 - 00000000 _____ () C:\autoexec.bat 2014-03-07 18:11 - 2014-03-07 18:11 - 00002252 _____ () C:\Users\ja\Desktop\SpyHunter.lnk 2014-03-07 18:11 - 2014-03-07 18:11 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP 2014-03-07 18:11 - 2014-03-07 18:11 - 00000000 ____D () C:\Users\ja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter 2014-03-07 18:11 - 2014-03-07 18:11 - 00000000 ____D () C:\Program Files\Enigma Software Group 2014-03-07 18:11 - 2014-03-07 17:53 - 00000028 _____ () C:\Users\ja\Desktop\fis.txt 2014-03-07 18:07 - 2014-03-07 18:07 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\ja\Downloads\SpyHunter-Installer.exe 2014-03-07 18:05 - 2014-03-07 18:05 - 00347816 _____ (Microsoft Corporation) C:\Users\ja\Downloads\MicrosoftFixit.wu.RNP.53317636781115728.5.1.Run.exe 2014-03-07 17:43 - 2014-03-07 17:43 - 00042532 _____ () C:\Users\ja\Downloads\Extras.Txt 2014-03-07 17:42 - 2014-03-07 17:42 - 00087524 _____ () C:\Users\ja\Downloads\OTL.Txt 2014-03-07 17:34 - 2014-03-07 17:33 - 00987442 _____ () C:\Users\ja\Downloads\SecurityCheck.exe 2014-03-07 17:26 - 2014-03-07 17:26 - 00280204 _____ () C:\Users\ja\Downloads\WindowsUpdateDiagnostic.diagcab 2014-03-07 17:08 - 2009-07-14 05:45 - 00286552 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-03-07 17:06 - 2013-08-18 21:27 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-03-07 17:05 - 2013-08-18 21:26 - 00000000 ____D () C:\ProgramData\Skype 2014-03-07 17:04 - 2013-08-18 21:27 - 00000000 ____D () C:\Users\ja\AppData\Roaming\Skype 2014-03-07 16:59 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default 2014-03-07 16:53 - 2014-03-07 16:45 - 00000000 ____D () C:\Windows\erdnt 2014-03-07 16:52 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini 2014-03-07 16:45 - 2013-08-01 18:45 - 00000000 ____D () C:\Users\ja\AppData\Roaming\uTorrent 2014-03-07 16:36 - 2014-03-07 16:36 - 00019283 _____ () C:\Users\ja\Downloads\[torrent.pl] ESET Smart Security 6 0 314 0 with crack.torrent 2014-03-07 16:34 - 2014-03-07 16:34 - 00001148 _____ () C:\Users\ja\Downloads\[torrent.pl] ESET NOD32 Smart Security 7 0 302 Final x64&x32+SERIALS.torrent 2014-03-07 11:27 - 2014-03-03 08:52 - 00000000 ____D () C:\Users\ja\Desktop\nokia 2014-03-07 09:29 - 2014-03-07 09:29 - 00000000 ____D () C:\Users\ja\AppData\Local\Skype 2014-03-05 06:16 - 2014-01-02 17:54 - 00000000 ____D () C:\Users\ja\AppData\Roaming\GG 2014-03-04 08:07 - 2014-03-04 08:07 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-03-04 08:07 - 2014-03-04 08:06 - 02347384 _____ (ESET) C:\Users\ja\Downloads\esetsmartinstaller_plk.exe 2014-03-04 00:06 - 2014-03-04 00:06 - 00000000 ____D () C:\Users\ja\AppData\Local\NokiaAccount 2014-03-04 00:03 - 2014-03-04 00:03 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ccdcmbx64_01009.Wdf 2014-03-04 00:03 - 2014-03-04 00:02 - 00000000 ____D () C:\Users\ja\AppData\Local\Nokia 2014-03-04 00:02 - 2014-03-04 00:02 - 00002089 _____ () C:\Users\Public\Desktop\Nokia Suite.lnk 2014-03-04 00:02 - 2014-03-04 00:02 - 00000000 ____D () C:\Users\ja\AppData\Roaming\PC Suite 2014-03-04 00:02 - 2014-03-04 00:02 - 00000000 ____D () C:\ProgramData\PC Suite 2014-03-04 00:02 - 2014-03-03 23:45 - 00000000 ____D () C:\ProgramData\Nokia 2014-03-04 00:02 - 2014-03-03 23:45 - 00000000 ____D () C:\Program Files (x86)\Nokia 2014-03-04 00:01 - 2014-03-04 00:01 - 00000000 ____D () C:\Program Files (x86)\PC Connectivity Solution 2014-03-04 00:01 - 2013-08-31 15:27 - 00000000 ____D () C:\Program Files\DIFX 2014-03-04 00:00 - 2014-03-04 00:00 - 00000000 ____D () C:\ProgramData\NokiaInstallerCache 2014-03-03 23:47 - 2013-08-01 10:00 - 00063064 _____ () C:\Users\ja\AppData\Local\GDIPFONTCACHEV1.DAT 2014-03-03 23:45 - 2014-03-03 23:45 - 00002462 _____ () C:\Users\Public\Desktop\Nokia Data Package Manager.lnk 2014-03-03 23:45 - 2014-03-03 23:45 - 00000000 ____D () C:\Users\ja\AppData\Roaming\Nokia 2014-03-03 21:41 - 2014-03-03 21:41 - 00000000 ____D () C:\Users\ja\AppData\Local\WinZip 2014-03-03 21:41 - 2014-03-03 21:39 - 00000000 ____D () C:\ProgramData\WinZip 2014-03-03 21:40 - 2014-03-03 21:39 - 00000000 ____D () C:\Program Files\WinZip 2014-03-03 08:49 - 2014-03-03 08:49 - 00122900 _____ () C:\Users\ja\Downloads\Patrick Frei PhoNetInfo v 3.20 S60v3 v5 S^3 Podpisana.sisx 2014-03-02 14:30 - 2013-11-12 10:19 - 00000131 _____ () C:\Users\ja\Desktop\adres.txt 2014-02-25 11:41 - 2014-03-07 21:51 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2014-02-25 11:41 - 2014-03-07 21:51 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2014-02-25 11:41 - 2014-03-07 21:51 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2014-02-23 17:36 - 2014-02-23 17:36 - 00290704 _____ () C:\Windows\Minidump\022314-15958-01.dmp 2014-02-23 17:36 - 2013-08-09 00:16 - 447511056 _____ () C:\Windows\MEMORY.DMP 2014-02-23 17:36 - 2013-08-09 00:16 - 00000000 ____D () C:\Windows\Minidump 2014-02-23 09:52 - 2014-02-23 09:52 - 00290696 _____ () C:\Windows\Minidump\022314-15116-01.dmp 2014-02-22 17:20 - 2013-08-01 22:33 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-02-22 17:20 - 2013-08-01 22:33 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-02-22 17:20 - 2013-08-01 22:33 - 00003868 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-02-21 08:18 - 2014-02-21 08:18 - 00290696 _____ () C:\Windows\Minidump\022114-14742-01.dmp 2014-02-21 08:17 - 2013-08-01 23:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-02-19 08:50 - 2014-03-07 19:56 - 00000545 _____ () C:\Windows\UC.PIF 2014-02-19 08:50 - 2014-03-07 19:56 - 00000545 _____ () C:\Windows\RAR.PIF 2014-02-19 08:50 - 2014-03-07 19:56 - 00000545 _____ () C:\Windows\PKZIP.PIF 2014-02-19 08:50 - 2014-03-07 19:56 - 00000545 _____ () C:\Windows\PKUNZIP.PIF 2014-02-19 08:50 - 2014-03-07 19:56 - 00000545 _____ () C:\Windows\LHA.PIF 2014-02-19 08:50 - 2014-03-07 19:56 - 00000545 _____ () C:\Windows\ARJ.PIF 2014-02-16 09:50 - 2014-02-16 09:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-02-08 16:46 - 2014-02-08 16:44 - 01593372 _____ () C:\Users\ja\Documents\W pierścieniu ognia.epub Some content of TEMP: ==================== C:\Users\ja\AppData\Local\Temp\avgnt.exe C:\Users\ja\AppData\Local\Temp\NOSEventMessages.dll C:\Users\ja\AppData\Local\Temp\SHSetup.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-03-02 13:43 ==================== End Of Log ============================