Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014  01 ([color=red]ATTENTION: ====> FRST version is 31 days old and could be outdated[/color])
Ran by Wlasciciel (administrator) on WLASCICIEL-TOSH on 13-04-2014 17:59:26
Running from C:\Users\Wlasciciel\Desktop
Microsoft Windows 7 Starter  Service Pack 1 (X86) OS Language: Polish
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
() C:\Program Files\Samsung\USB Drivers\26_VIA_driver2\x86\VIAService.exe
(Teruten) C:\Windows\system32\FsUsbExService.Exe
(Realsil Microelectronics Inc.) C:\Program Files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(TOSHIBA Corporation) C:\Windows\system32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(AMD) C:\Windows\system32\atieclxx.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(Nero AG) C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe
(Toshiba Europe GmbH) C:\Program Files\Toshiba TEMPRO\TemproTray.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
(TOSHIBA CORPORATION) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
(Nero AG) c:\Program Files\Nero\Update\NASvc.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(Google Inc.) C:\Users\Wlasciciel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Wlasciciel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Wlasciciel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Wlasciciel\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [TosNC] - C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [468392 2010-11-16] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] - C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [31648 2010-07-09] (TOSHIBA Corporation)
HKLM\...\Run: [NBAgent] - c:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe [1234216 2010-09-02] (Nero AG)
HKLM\...\Run: [Toshiba TEMPRO] - C:\Program Files\Toshiba TEMPRO\TemproTray.exe [1050072 2010-05-11] (Toshiba Europe GmbH)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2010-11-10] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [SVPWUTIL] - C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [532480 2010-11-09] (TOSHIBA)
HKLM\...\Run: [HWSetup] - C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [425984 2010-03-04] (TOSHIBA Electronics, Inc.)
HKLM\...\Run: [KeNotify] - C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [35440 2010-09-14] (TOSHIBA CORPORATION)
HKLM\...\Run: [TPwrMain] - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [521640 2010-09-28] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] - C:\Program Files\Toshiba\SmoothView\SmoothView.exe [521528 2009-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [742776 2010-10-28] (TOSHIBA Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [9874024 2010-11-16] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [1522280 2010-11-11] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1697064 2010-03-10] (Synaptics Incorporated)
HKLM\...\Run: [ITSecMng] - C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [83336 2009-07-22] (TOSHIBA CORPORATION)
HKLM\...\Run: [TSleepSrv] - C:\Program Files\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe [252792 2010-06-04] (TOSHIBA)
HKLM\...\Run: [Teco] - C:\Program Files\TOSHIBA\TECO\Teco.exe [1349032 2010-07-28] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [611672 2010-02-05] (TOSHIBA Corporation)
HKLM\...\Run: [TWebCamera] - C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2475384 2010-11-02] (TOSHIBA CORPORATION.)
HKLM\...\Run: [TosVolRegulator] - C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [22840 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [951576 2014-03-11] (Microsoft Corporation)
HKU\.DEFAULT\...\Run: [TOSHIBA Online Product Information] - C:\Program Files\TOSHIBA\TOSHIBA Online Product Information\topi.exe [4581280 2010-03-03] (TOSHIBA)
HKU\S-1-5-21-2796248701-2872564765-231611817-1000\...\Run: [Facebook Update] - C:\Users\Wlasciciel\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-03-10] (Facebook Inc.)
HKU\S-1-5-21-2796248701-2872564765-231611817-1000\...\Run: [ChomikBox] - C:\Program Files\ChomikBox\chomikbox.exe [6033408 2014-03-22] ( )
HKU\S-1-5-21-2796248701-2872564765-231611817-1000\...\Run: [Google Update] - C:\Users\Wlasciciel\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-09-09] (Google Inc.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {5E6C2FF7-1162-42BD-9917-8C120AD3DDE9} URL = http://rover.ebay.com/rover/1/4908-44618-9400-8/4?satitle={searchTerms}
SearchScopes: HKCU - {ABE7EB7D-CDF2-4C58-A062-7A4DAE568FB7} URL = http://www.amazon.co.uk/gp/search?ie=UTF8&keywords={searchTerms}&tag=tochibauk-win7-ie-search-21&index=blended&linkCode=ur2
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll No File
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Wlasciciel\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Wlasciciel\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Wlasciciel\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\fcmdSrchddr.xml
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF

Chrome: 
=======
CHR Extension: (Google Wallet) - C:\Users\Wlasciciel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]

========================== Services (Whitelisted) =================

R2 CDMA Device Service; C:\Program Files\Samsung\USB Drivers\26_VIA_driver2\x86\VIAService.exe [63488 2011-08-02] ()
R2 cfWiMAXService; C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe [185712 2010-01-28] (TOSHIBA CORPORATION)
R2 ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [46448 2009-03-10] (TOSHIBA CORPORATION)
R2 IconMan_R; C:\Program Files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [1809920 2010-08-04] (Realsil Microelectronics Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)
R2 NAUpdate; c:\Program Files\Nero\Update\NASvc.exe [503080 2010-05-04] (Nero AG)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation)
S3 TemproMonitoringService; C:\Program Files\Toshiba TEMPRO\TemproSvc.exe [124368 2010-05-11] (Toshiba Europe GmbH)
S3 TMachInfo; C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [51576 2010-07-01] (TOSHIBA Corporation)
R2 TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [189880 2010-07-28] (TOSHIBA Corporation)
R3 TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [111960 2010-02-05] (TOSHIBA Corporation)

==================== Drivers (Whitelisted) ====================

R0 amd_sata; C:\Windows\System32\DRIVERS\amd_sata.sys [63616 2010-08-14] (Advanced Micro Devices)
R0 amd_xata; C:\Windows\System32\DRIVERS\amd_xata.sys [32384 2010-08-14] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW73.sys [102416 2010-09-24] (ATI Technologies, Inc.)
R3 BtFilter; C:\Windows\System32\DRIVERS\btfilter.sys [33640 2010-10-18] (Atheros)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2013-02-05] ()
R0 LPCFilter; C:\Windows\System32\DRIVERS\LPCFilter.sys [36208 2009-07-30] (COMPAL ELECTRONIC INC.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)
R3 PGEffect; C:\Windows\System32\DRIVERS\pgeffect.sys [24064 2009-06-22] (TOSHIBA Corporation)
R1 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [5632 2006-07-24] ()
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-12 21:32 - 2014-04-12 21:32 - 00000056 _____ () C:\Windows\setupact.log
2014-04-12 21:32 - 2014-04-12 21:32 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-12 21:15 - 2014-04-12 21:15 - 00001004 _____ () C:\Users\Wlasciciel\Documents\cc_20140412_211501.reg
2014-04-12 21:14 - 2014-04-12 21:14 - 00009620 _____ () C:\Users\Wlasciciel\Documents\cc_20140412_211408.reg
2014-04-11 14:06 - 2014-04-11 14:11 - 759152367 _____ () C:\Users\Wlasciciel\Downloads\Chce Się Żyć.avi
2014-04-11 08:06 - 2014-04-11 08:10 - 734023388 _____ () C:\Users\Wlasciciel\Downloads\Ida chomikuj.avi
2014-04-09 23:16 - 2014-04-09 23:16 - 00084102 _____ () C:\Users\Wlasciciel\Downloads\OTL.Txt
2014-04-09 23:16 - 2014-04-09 23:16 - 00003641 _____ () C:\Users\Wlasciciel\Downloads\AdwCleanerR1.txt
2014-04-09 23:16 - 2014-04-09 23:16 - 00003413 _____ () C:\Users\Wlasciciel\Downloads\AdwCleanerS1.txt
2014-04-09 23:03 - 2014-04-09 22:42 - 00003413 _____ () C:\Users\Wlasciciel\Desktop\AdwCleaner[S1].txt
2014-04-09 23:03 - 2014-04-09 22:41 - 00003641 _____ () C:\Users\Wlasciciel\Desktop\AdwCleaner[R1].txt
2014-04-09 22:34 - 2014-03-04 11:17 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 22:34 - 2014-02-04 04:07 - 00234432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-09 22:34 - 2014-02-04 04:07 - 00149440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-09 22:34 - 2014-02-04 04:07 - 00027072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-09 22:34 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-09 22:34 - 2014-01-24 04:18 - 01212352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-09 22:32 - 2014-04-09 22:33 - 01426178 _____ () C:\Users\Wlasciciel\Desktop\adwcleaner.exe
2014-04-06 23:30 - 2014-04-06 23:30 - 00006698 _____ () C:\Users\Wlasciciel\Documents\cc_20140406_233040.reg
2014-04-06 23:19 - 2014-04-06 23:19 - 00347816 _____ (Microsoft Corporation) C:\Users\Wlasciciel\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.196320249845179479.2.1.Run.exe
2014-04-04 22:47 - 2014-04-04 22:47 - 00064329 _____ () C:\Users\Wlasciciel\Desktop\Shortcut.txt
2014-04-04 22:45 - 2014-04-04 22:47 - 00038712 _____ () C:\Users\Wlasciciel\Desktop\Addition.txt
2014-04-04 22:44 - 2014-04-13 17:59 - 00015173 _____ () C:\Users\Wlasciciel\Desktop\FRST.txt
2014-04-04 22:40 - 2014-04-13 17:59 - 00000000 ____D () C:\FRST
2014-04-04 17:21 - 2014-04-04 17:21 - 00061162 _____ () C:\Users\Wlasciciel\Desktop\Extras.Txt
2014-04-04 17:18 - 2014-04-09 23:00 - 00084102 _____ () C:\Users\Wlasciciel\Desktop\OTL.Txt
2014-04-04 16:45 - 2014-04-04 16:46 - 00380416 _____ () C:\Users\Wlasciciel\Desktop\d6btvk2l.exe
2014-04-04 16:41 - 2014-04-04 16:42 - 00602112 _____ (OldTimer Tools) C:\Users\Wlasciciel\Desktop\OTL.exe
2014-04-04 16:39 - 2014-04-04 16:40 - 01145856 _____ (Farbar) C:\Users\Wlasciciel\Desktop\FRST.exe
2014-04-04 16:08 - 2014-04-04 16:08 - 00063258 _____ () C:\Users\Wlasciciel\Documents\cc_20140404_160835.reg
2014-04-04 07:34 - 2014-04-04 07:35 - 02347384 _____ (ESET) C:\Users\Wlasciciel\Downloads\esetsmartinstaller_plk.exe
2014-04-02 09:55 - 2014-04-02 09:58 - 537040896 _____ () C:\Users\Wlasciciel\Downloads\Lalka.E09 - Dusza w letargu.avi
2014-04-02 08:05 - 2014-04-02 08:21 - 538296320 _____ () C:\Users\Wlasciciel\Downloads\Lalka.E07 - Ciąg dalszy pamiętnika starego subiekta.avi
2014-04-02 08:05 - 2014-04-02 08:21 - 538247168 _____ () C:\Users\Wlasciciel\Downloads\Lalka.E08 - Damy i kobiety.avi
2014-04-02 08:05 - 2014-04-02 08:20 - 537511936 _____ () C:\Users\Wlasciciel\Downloads\Lalka.E05 - Widziadło.avi
2014-04-02 08:04 - 2014-04-02 08:19 - 537491456 _____ () C:\Users\Wlasciciel\Downloads\Lalka.E06 - Wiejskie rozrywki.avi
2014-04-01 12:24 - 2014-04-01 12:35 - 538583040 _____ () C:\Users\Wlasciciel\Downloads\Lalka.E04 - Pierwsze ostrzeżenie.avi
2014-04-01 12:24 - 2014-04-01 12:35 - 537432064 _____ () C:\Users\Wlasciciel\Downloads\Lalka.E03 - Wielkopańskie zabawy.avi
2014-04-01 12:23 - 2014-04-01 12:34 - 537387008 _____ () C:\Users\Wlasciciel\Downloads\Lalka.E02 - Pamiętnik starego subiekta.avi
2014-04-01 12:23 - 2014-04-01 12:33 - 536999936 _____ () C:\Users\Wlasciciel\Downloads\Lalka.E01 - Powrót.avi
2014-03-27 11:43 - 2014-03-27 11:51 - 697697294 _____ () C:\Users\Wlasciciel\Downloads\Habemus Papam - mamy papieża.AVI
2014-03-21 13:06 - 2014-03-21 13:10 - 00464199 _____ () C:\Users\Wlasciciel\Downloads\VZM-1C(2) - Wykaz faktur i wartości poniesionych wydatków nieodliczonych w ramach ulg mieszkaniowych, opodatkowanych podatkiem VAT wg stawki 23%.gofin
2014-03-21 13:02 - 2014-03-21 13:02 - 02075714 _____ () C:\Users\Wlasciciel\Downloads\VZM-1(5) - Wniosek o zwrot niektórych wydatków związanych z budownictwem mieszkaniowym.gofin
2014-03-21 12:00 - 2014-04-09 10:46 - 00000000 ____D () C:\Program Files\HypeNet
2014-03-21 11:57 - 2014-04-09 10:52 - 00000000 ____D () C:\Users\Wlasciciel\AppData\Roaming\qone8
2014-03-21 11:56 - 2014-03-21 11:56 - 00000000 ____D () C:\Users\Wlasciciel\AppData\Roaming\ BROTHER DCP-145C user guide
2014-03-21 11:53 - 2014-03-21 11:54 - 00692872 _____ (LiveSoftAction) C:\Users\Wlasciciel\Downloads\BROTHER DCP-145C user guide provided through pdfretriever.com.exe
2014-03-20 21:24 - 2014-03-20 21:24 - 02068986 _____ () C:\Users\Wlasciciel\Downloads\361 (1).gofin
2014-03-20 15:16 - 2014-03-20 15:17 - 00463838 _____ () C:\Users\Wlasciciel\Downloads\365.gofin
2014-03-20 08:54 - 2014-03-20 21:26 - 02075190 _____ () C:\Users\Wlasciciel\Downloads\361.gofin
2014-03-20 08:52 - 2014-03-20 08:52 - 08757248 _____ () C:\Users\Wlasciciel\Downloads\DrukiGofin_2.1.15.0_n (1).msi
2014-03-20 08:50 - 2014-03-20 08:50 - 08757248 _____ () C:\Users\Wlasciciel\Downloads\DrukiGofin_2.1.15.0_n.msi
2014-03-20 08:36 - 2014-03-20 08:55 - 00000000 ____D () C:\Users\Wlasciciel\AppData\Roaming\GofinDruki
2014-03-20 08:36 - 2014-03-20 08:36 - 00001063 _____ () C:\Users\Public\Desktop\DRUKI Gofin.lnk
2014-03-20 08:36 - 2014-03-20 08:36 - 00000000 ____D () C:\Program Files\GOFIN
2014-03-20 08:32 - 2014-03-20 08:33 - 08757248 _____ () C:\Users\Wlasciciel\Downloads\DrukiGofin_2.1.15.0_w.msi
2014-03-20 08:32 - 2014-03-20 08:33 - 08757248 _____ () C:\Users\Wlasciciel\Downloads\DrukiGofin_2.1.15.0_w (1).msi
2014-03-14 14:00 - 2014-02-07 03:07 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-14 14:00 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-14 14:00 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-14 14:00 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-14 14:00 - 2014-01-28 04:07 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll

==================== One Month Modified Files and Folders =======

2014-04-13 18:00 - 2014-04-04 22:44 - 00015173 _____ () C:\Users\Wlasciciel\Desktop\FRST.txt
2014-04-13 17:59 - 2014-04-04 22:40 - 00000000 ____D () C:\FRST
2014-04-13 17:51 - 2010-12-09 08:48 - 01672142 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-13 17:51 - 2009-07-14 10:07 - 00741140 _____ () C:\Windows\system32\perfh015.dat
2014-04-13 17:51 - 2009-07-14 10:07 - 00156424 _____ () C:\Windows\system32\perfc015.dat
2014-04-13 17:50 - 2011-09-09 07:18 - 00001078 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2796248701-2872564765-231611817-1000UA.job
2014-04-13 17:49 - 2013-10-11 12:22 - 01461037 _____ () C:\Windows\WindowsUpdate.log
2014-04-13 17:49 - 2013-03-30 10:49 - 00001044 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-13 17:49 - 2013-03-10 20:38 - 00000948 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2796248701-2872564765-231611817-1000UA.job
2014-04-13 17:49 - 2012-04-13 08:02 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-13 00:34 - 2013-03-30 10:49 - 00001040 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-13 00:29 - 2011-09-09 07:18 - 00001026 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2796248701-2872564765-231611817-1000Core.job
2014-04-12 21:40 - 2009-07-14 06:34 - 00014304 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-12 21:40 - 2009-07-14 06:34 - 00014304 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-12 21:34 - 2013-09-04 21:38 - 00000000 ____D () C:\Users\Wlasciciel\.gstreamer-0.10
2014-04-12 21:34 - 2013-09-04 21:37 - 00000000 ____D () C:\Users\Wlasciciel\AppData\Local\ChomikBox
2014-04-12 21:33 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-12 21:32 - 2014-04-12 21:32 - 00000056 _____ () C:\Windows\setupact.log
2014-04-12 21:32 - 2014-04-12 21:32 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-12 21:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\pl-PL
2014-04-12 21:23 - 2013-07-25 10:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-12 21:22 - 2011-09-10 13:17 - 88028728 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-12 21:15 - 2014-04-12 21:15 - 00001004 _____ () C:\Users\Wlasciciel\Documents\cc_20140412_211501.reg
2014-04-12 21:14 - 2014-04-12 21:14 - 00009620 _____ () C:\Users\Wlasciciel\Documents\cc_20140412_211408.reg
2014-04-12 20:40 - 2013-03-10 20:38 - 00000926 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2796248701-2872564765-231611817-1000Core.job
2014-04-11 14:11 - 2014-04-11 14:06 - 759152367 _____ () C:\Users\Wlasciciel\Downloads\Chce Się Żyć.avi
2014-04-11 08:10 - 2014-04-11 08:06 - 734023388 _____ () C:\Users\Wlasciciel\Downloads\Ida chomikuj.avi
2014-04-09 23:16 - 2014-04-09 23:16 - 00084102 _____ () C:\Users\Wlasciciel\Downloads\OTL.Txt
2014-04-09 23:16 - 2014-04-09 23:16 - 00003641 _____ () C:\Users\Wlasciciel\Downloads\AdwCleanerR1.txt
2014-04-09 23:16 - 2014-04-09 23:16 - 00003413 _____ () C:\Users\Wlasciciel\Downloads\AdwCleanerS1.txt
2014-04-09 23:00 - 2014-04-04 17:18 - 00084102 _____ () C:\Users\Wlasciciel\Desktop\OTL.Txt
2014-04-09 22:42 - 2014-04-09 23:03 - 00003413 _____ () C:\Users\Wlasciciel\Desktop\AdwCleaner[S1].txt
2014-04-09 22:42 - 2013-10-11 12:15 - 00000000 ____D () C:\AdwCleaner
2014-04-09 22:41 - 2014-04-09 23:03 - 00003641 _____ () C:\Users\Wlasciciel\Desktop\AdwCleaner[R1].txt
2014-04-09 22:35 - 2011-09-09 07:19 - 00000000 ____D () C:\Users\Wlasciciel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-04-09 22:33 - 2014-04-09 22:32 - 01426178 _____ () C:\Users\Wlasciciel\Desktop\adwcleaner.exe
2014-04-09 10:52 - 2014-03-21 11:57 - 00000000 ____D () C:\Users\Wlasciciel\AppData\Roaming\qone8
2014-04-09 10:46 - 2014-03-21 12:00 - 00000000 ____D () C:\Program Files\HypeNet
2014-04-09 10:28 - 2009-07-14 04:04 - 00000505 _____ () C:\Windows\win.ini
2014-04-09 10:10 - 2011-09-06 19:12 - 00000000 ____D () C:\Users\Wlasciciel\AppData\Roaming\Opera
2014-04-09 10:10 - 2011-09-06 19:11 - 00000000 ____D () C:\Program Files\Opera
2014-04-09 10:09 - 2011-09-06 19:24 - 00000000 ____D () C:\Users\Wlasciciel\AppData\Roaming\Mozilla
2014-04-09 10:09 - 2011-09-06 19:24 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-04-07 01:26 - 2011-09-14 20:49 - 00000000 ____D () C:\Users\Wlasciciel\AppData\Roaming\SoftGrid Client
2014-04-06 23:30 - 2014-04-06 23:30 - 00006698 _____ () C:\Users\Wlasciciel\Documents\cc_20140406_233040.reg
2014-04-06 23:19 - 2014-04-06 23:19 - 00347816 _____ (Microsoft Corporation) C:\Users\Wlasciciel\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.196320249845179479.2.1.Run.exe
2014-04-04 22:47 - 2014-04-04 22:47 - 00064329 _____ () C:\Users\Wlasciciel\Desktop\Shortcut.txt
2014-04-04 22:47 - 2014-04-04 22:45 - 00038712 _____ () C:\Users\Wlasciciel\Desktop\Addition.txt
2014-04-04 17:21 - 2014-04-04 17:21 - 00061162 _____ () C:\Users\Wlasciciel\Desktop\Extras.Txt
2014-04-04 16:46 - 2014-04-04 16:45 - 00380416 _____ () C:\Users\Wlasciciel\Desktop\d6btvk2l.exe
2014-04-04 16:42 - 2014-04-04 16:41 - 00602112 _____ (OldTimer Tools) C:\Users\Wlasciciel\Desktop\OTL.exe
2014-04-04 16:40 - 2014-04-04 16:39 - 01145856 _____ (Farbar) C:\Users\Wlasciciel\Desktop\FRST.exe
2014-04-04 16:08 - 2014-04-04 16:08 - 00063258 _____ () C:\Users\Wlasciciel\Documents\cc_20140404_160835.reg
2014-04-04 15:17 - 2010-12-09 10:08 - 00000000 ____D () C:\Program Files\Java
2014-04-04 14:51 - 2009-07-14 06:53 - 00032590 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-04 07:35 - 2014-04-04 07:34 - 02347384 _____ (ESET) C:\Users\Wlasciciel\Downloads\esetsmartinstaller_plk.exe
2014-04-03 12:24 - 2011-09-06 15:36 - 00000000 ____D () C:\Users\Wlasciciel
2014-04-03 12:24 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\wfp
2014-04-03 12:23 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\registration
2014-04-02 09:58 - 2014-04-02 09:55 - 537040896 _____ () C:\Users\Wlasciciel\Downloads\Lalka.E09 - Dusza w letargu.avi
2014-04-02 08:21 - 2014-04-02 08:05 - 538296320 _____ () C:\Users\Wlasciciel\Downloads\Lalka.E07 - Ciąg dalszy pamiętnika starego subiekta.avi
2014-04-02 08:21 - 2014-04-02 08:05 - 538247168 _____ () C:\Users\Wlasciciel\Downloads\Lalka.E08 - Damy i kobiety.avi
2014-04-02 08:20 - 2014-04-02 08:05 - 537511936 _____ () C:\Users\Wlasciciel\Downloads\Lalka.E05 - Widziadło.avi
2014-04-02 08:19 - 2014-04-02 08:04 - 537491456 _____ () C:\Users\Wlasciciel\Downloads\Lalka.E06 - Wiejskie rozrywki.avi
2014-04-01 12:35 - 2014-04-01 12:24 - 538583040 _____ () C:\Users\Wlasciciel\Downloads\Lalka.E04 - Pierwsze ostrzeżenie.avi
2014-04-01 12:35 - 2014-04-01 12:24 - 537432064 _____ () C:\Users\Wlasciciel\Downloads\Lalka.E03 - Wielkopańskie zabawy.avi
2014-04-01 12:34 - 2014-04-01 12:23 - 537387008 _____ () C:\Users\Wlasciciel\Downloads\Lalka.E02 - Pamiętnik starego subiekta.avi
2014-04-01 12:33 - 2014-04-01 12:23 - 536999936 _____ () C:\Users\Wlasciciel\Downloads\Lalka.E01 - Powrót.avi
2014-03-27 13:55 - 2013-07-10 16:48 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-03-27 13:54 - 2013-07-10 18:35 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-03-27 11:51 - 2014-03-27 11:43 - 697697294 _____ () C:\Users\Wlasciciel\Downloads\Habemus Papam - mamy papieża.AVI
2014-03-25 08:25 - 2013-09-04 21:37 - 00000000 ____D () C:\Program Files\ChomikBox
2014-03-25 08:24 - 2010-12-09 10:33 - 00000000 ____D () C:\Program Files\Common Files\Adobe AIR
2014-03-21 13:10 - 2014-03-21 13:06 - 00464199 _____ () C:\Users\Wlasciciel\Downloads\VZM-1C(2) - Wykaz faktur i wartości poniesionych wydatków nieodliczonych w ramach ulg mieszkaniowych, opodatkowanych podatkiem VAT wg stawki 23%.gofin
2014-03-21 13:02 - 2014-03-21 13:02 - 02075714 _____ () C:\Users\Wlasciciel\Downloads\VZM-1(5) - Wniosek o zwrot niektórych wydatków związanych z budownictwem mieszkaniowym.gofin
2014-03-21 11:56 - 2014-03-21 11:56 - 00000000 ____D () C:\Users\Wlasciciel\AppData\Roaming\ BROTHER DCP-145C user guide
2014-03-21 11:54 - 2014-03-21 11:53 - 00692872 _____ (LiveSoftAction) C:\Users\Wlasciciel\Downloads\BROTHER DCP-145C user guide provided through pdfretriever.com.exe
2014-03-20 21:26 - 2014-03-20 08:54 - 02075190 _____ () C:\Users\Wlasciciel\Downloads\361.gofin
2014-03-20 21:24 - 2014-03-20 21:24 - 02068986 _____ () C:\Users\Wlasciciel\Downloads\361 (1).gofin
2014-03-20 15:17 - 2014-03-20 15:16 - 00463838 _____ () C:\Users\Wlasciciel\Downloads\365.gofin
2014-03-20 08:55 - 2014-03-20 08:36 - 00000000 ____D () C:\Users\Wlasciciel\AppData\Roaming\GofinDruki
2014-03-20 08:52 - 2014-03-20 08:52 - 08757248 _____ () C:\Users\Wlasciciel\Downloads\DrukiGofin_2.1.15.0_n (1).msi
2014-03-20 08:50 - 2014-03-20 08:50 - 08757248 _____ () C:\Users\Wlasciciel\Downloads\DrukiGofin_2.1.15.0_n.msi
2014-03-20 08:40 - 2011-09-06 15:38 - 00058016 _____ () C:\Users\Wlasciciel\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-20 08:36 - 2014-03-20 08:36 - 00001063 _____ () C:\Users\Public\Desktop\DRUKI Gofin.lnk
2014-03-20 08:36 - 2014-03-20 08:36 - 00000000 ____D () C:\Program Files\GOFIN
2014-03-20 08:33 - 2014-03-20 08:32 - 08757248 _____ () C:\Users\Wlasciciel\Downloads\DrukiGofin_2.1.15.0_w.msi
2014-03-20 08:33 - 2014-03-20 08:32 - 08757248 _____ () C:\Users\Wlasciciel\Downloads\DrukiGofin_2.1.15.0_w (1).msi
2014-03-17 10:48 - 2009-07-14 06:33 - 00267040 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-17 10:46 - 2010-12-09 10:32 - 00000000 ____D () C:\Program Files\Microsoft Silverlight

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-07 01:01

==================== End Of Log ============================