Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-09-2014 01 Ran by Media (administrator) on MEDIA-KOMPUTER on 23-09-2014 04:07:46 Running from C:\Users\Media\Desktop\Nowy folder Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polski (Polska) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe (Redefine Sp z o.o.) C:\Program Files (x86)\ipla\ipla.exe (Nokia) C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe (DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Vimicro) C:\Program Files (x86)\USB Camera2\VM332_STI.EXE (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe (Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Lenovo) C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe (CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\splwow64.exe (CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE (CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2294568 2010-09-03] (Synaptics Incorporated) HKLM\...\Run: [Lenovo EE Boot Optimizer] => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [114688 2012-01-10] (Lenovo) HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9753024 2012-01-10] (Lenovo (Beijing) Limited) HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5908928 2012-01-10] (Lenovo(beijing) Limited) HKLM\...\Run: [Zune Launcher] => C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-08-10] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [332BigDog] => C:\Program Files (x86)\USB Camera2\VM332_STI.EXE [536576 2010-01-19] (Vimicro) HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2010-07-26] (CyberLink Corp.) HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2011-01-29] (CyberLink) HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [228448 2011-01-29] (CyberLink Corp.) HKLM-x32\...\Run: [VeriFaceManager] => C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056 2012-01-10] (Lenovo) HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.) HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.) HKU\S-1-5-21-2002578763-3834841585-2894884081-1001\...\Run: [RGSC] => C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent HKU\S-1-5-21-2002578763-3834841585-2894884081-1001\...\Run: [IPLA!] => C:\Program Files (x86)\ipla\ipla.exe [21421664 2014-08-12] (Redefine Sp z o.o.) HKU\S-1-5-21-2002578763-3834841585-2894884081-1001\...\Run: [PC Suite Tray] => C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1451520 2009-11-11] (Nokia) HKU\S-1-5-21-2002578763-3834841585-2894884081-1001\...\Run: [Facebook Update] => C:\Users\Media\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-08-30] (Facebook Inc.) HKU\S-1-5-21-2002578763-3834841585-2894884081-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [369200 2009-10-30] (DT Soft Ltd) HKU\S-1-5-21-2002578763-3834841585-2894884081-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21653096 2014-07-24] (Skype Technologies S.A.) HKU\S-1-5-21-2002578763-3834841585-2894884081-1001\...\Run: [Yahoo! Search] => C:\Users\Media\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.12.4\dsrlte.exe HKU\S-1-5-21-2002578763-3834841585-2894884081-1001\...\MountPoints2: {6357cb72-1b02-11e4-9f5e-803bc867c3af} - E:\setup.exe ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File ShellIconOverlayIdentifiers: VeriFace Enc -> {771C7324-DA80-49D3-8017-753B0AF60951} => C:\windows\system32\IcnOvrly.dll () ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1Qzuzy0C0ByBtD0DtC0D0EyDtAyB0C0CyByDtN0D0Tzu0CtByEyCtN1L2XzutBtFtCtFtCtFtAtCtB&cr=409711820 SearchScopes: HKLM-x32 - Backup.Old.DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} SearchScopes: HKLM-x32 - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1Qzuzy0C0ByBtD0DtC0D0EyDtAyB0C0CyByDtN0D0Tzu0CtByEyCtN1L2XzutBtFtCtFtCtFtAtCtB&cr=409711820 SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENN_plPL493 SearchScopes: HKCU - Backup.Old.DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENN_plPL493 BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) BHO-x32: Pomocnik logowania za pomocą identyfikatora Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Tcpip\Parameters: [DhcpNameServer] 10.65.4.24 10.112.102.120 10.65.4.26 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll () FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll () FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Media\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) Chrome: ======= CHR Profile: C:\Users\Media\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (SiteAdvisor) - C:\Users\Media\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2012-07-10] CHR Extension: (Google Wallet) - C:\Users\Media\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-25] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [365568 2011-08-10] (Advanced Micro Devices, Inc.) [File not signed] R3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [657408 2009-10-27] (Nokia) [File not signed] S2 Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2014-08-03] () [File not signed] U3 aj1pazv8; C:\Windows\System32\Drivers\aj1pazv8.sys [0 ] (Microsoft Corporation) U3 BcmSqlStartupSvc; No ImagePath U2 CLKMSVC10_3A60B698; No ImagePath U2 CLKMSVC10_C3B3B687; No ImagePath U2 DriverService; No ImagePath U2 IAStorDataMgrSvc; No ImagePath U2 iATAgentService; No ImagePath U2 idealife Update Service; No ImagePath U3 IGRS; No ImagePath U2 IviRegMgr; No ImagePath U2 nvUpdatusService; No ImagePath U2 Oasis2Service; No ImagePath U2 PCCarerService; No ImagePath U2 ReadyComm.DirectRouter; No ImagePath U2 RichVideo; No ImagePath U2 RtLedService; No ImagePath U2 SeaPort; No ImagePath U2 SoftwareService; No ImagePath U3 SQLWriter; No ImagePath U2 Stereo Service; No ImagePath ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-23 04:06 - 2014-09-23 04:07 - 00000000 ____D () C:\FRST 2014-09-23 03:49 - 2014-09-23 04:07 - 00000000 ____D () C:\Users\Media\Desktop\Nowy folder 2014-09-23 02:00 - 2014-09-23 02:39 - 00000000 ____D () C:\AdwCleaner 2014-09-22 23:36 - 2014-09-22 23:36 - 00000000 ____D () C:\Nowy folder 2014-09-22 23:15 - 2014-09-23 02:25 - 00000000 ____D () C:\windows\system32\MRT 2014-09-22 23:15 - 2014-08-29 13:01 - 101694776 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe 2014-09-22 22:54 - 2014-09-22 22:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack 2014-09-22 22:54 - 2014-09-22 22:54 - 00000000 ____D () C:\Program Files (x86)\K-Lite Codec Pack 2014-09-22 22:54 - 2013-12-01 14:10 - 00257624 _____ () C:\windows\system32\unrar64.dll 2014-09-16 16:18 - 2014-09-16 16:23 - 00000000 ____D () C:\Program Files\Zune 2014-09-16 16:18 - 2014-09-16 16:18 - 00000887 _____ () C:\Users\Public\Desktop\Zune.lnk 2014-09-16 16:18 - 2014-09-16 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zune 2014-09-14 11:08 - 2014-09-14 11:09 - 00000000 ____D () C:\Users\Media\AppData\Local\{24ECEFD7-0769-451C-B01A-5B013E9FFFC5} 2014-09-14 10:56 - 2014-09-14 10:56 - 00000000 __SHD () C:\Users\Media\AppData\Local\EmieUserList 2014-09-14 10:56 - 2014-09-14 10:56 - 00000000 __SHD () C:\Users\Media\AppData\Local\EmieSiteList 2014-09-13 13:41 - 2014-09-13 13:41 - 00003504 _____ () C:\windows\System32\Tasks\Yahoo! Search Udpater 2014-09-11 18:22 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll 2014-09-11 18:22 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll 2014-09-11 18:22 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll 2014-09-11 18:22 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb 2014-09-11 18:22 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll 2014-09-11 18:22 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll 2014-09-11 18:22 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll 2014-09-11 18:22 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll 2014-09-11 18:22 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll 2014-09-11 18:22 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll 2014-09-11 18:22 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll 2014-09-11 18:22 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll 2014-09-11 18:22 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll 2014-09-11 18:22 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll 2014-09-11 18:22 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll 2014-09-11 18:22 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll 2014-09-11 18:22 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll 2014-09-11 18:22 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe 2014-09-11 18:22 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe 2014-09-11 18:22 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb 2014-09-11 18:22 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe 2014-09-11 18:22 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll 2014-09-11 18:22 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll 2014-09-11 18:22 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll 2014-09-11 18:22 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll 2014-09-11 18:22 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll 2014-09-11 18:22 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll 2014-09-11 18:22 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll 2014-09-11 18:22 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll 2014-09-11 18:22 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll 2014-09-11 18:22 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll 2014-09-11 18:22 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll 2014-09-11 18:22 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll 2014-09-11 18:22 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll 2014-09-11 18:22 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe 2014-09-11 18:22 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll 2014-09-11 18:22 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll 2014-09-11 18:22 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll 2014-09-11 18:22 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe 2014-09-11 18:22 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl 2014-09-11 18:22 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll 2014-09-11 18:22 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-09-11 18:22 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll 2014-09-11 18:22 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll 2014-09-11 18:22 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll 2014-09-11 18:22 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll 2014-09-11 18:22 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll 2014-09-11 18:22 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll 2014-09-11 18:22 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll 2014-09-11 18:22 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl 2014-09-11 18:22 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll 2014-09-11 18:22 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll 2014-09-11 18:22 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll 2014-09-11 18:22 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll 2014-09-11 18:22 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll 2014-09-11 18:22 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll 2014-09-11 17:22 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll 2014-09-11 17:22 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2vdec.dll 2014-09-10 15:08 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\windows\system32\TSWorkspace.dll 2014-09-10 15:07 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSWorkspace.dll 2014-09-10 15:07 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll 2014-09-10 15:07 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll 2014-09-10 15:04 - 2014-09-10 15:04 - 00000000 ___HD () C:\windows\AxInstSV 2014-09-10 14:58 - 2014-09-10 14:58 - 00000000 ____D () C:\Users\Media\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\magnet 1 język niemiecki dla gimnazjum 2014-09-10 14:58 - 2014-09-10 14:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\magnet 1 język niemiecki dla gimnazjum 2014-09-10 14:57 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll 2014-09-10 14:57 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll 2014-09-10 14:57 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll 2014-09-10 14:57 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll 2014-09-10 14:57 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll 2014-09-10 14:56 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll 2014-09-10 14:56 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll 2014-09-10 14:54 - 2014-09-10 14:58 - 00000000 ____D () C:\lekcje lp 2014-09-01 14:35 - 2014-09-01 14:39 - 01056820 _____ () C:\Users\Media\Downloads\install_flashplayer14x32au_chrd_dn_aaa_aih.exe 2014-08-28 14:00 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll 2014-08-28 14:00 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll 2014-08-28 14:00 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys 2014-08-27 10:37 - 2014-08-27 10:37 - 00002517 _____ () C:\Users\Public\Desktop\Skype.lnk 2014-08-27 10:37 - 2014-08-27 10:37 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-08-27 10:37 - 2014-08-27 10:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-08-27 10:36 - 2014-08-27 09:34 - 35596384 _____ (Skype Technologies S.A.) C:\Users\Media\Desktop\SkypeSetupFull (1).exe 2014-08-26 20:10 - 2014-08-26 20:10 - 00003124 _____ () C:\windows\System32\Tasks\{8EF28BDF-2984-45E8-84E2-C6EF3A9A3C7B} 2014-08-26 20:04 - 2014-08-26 20:04 - 01677928 _____ (Skype Technologies S.A.) C:\Users\Media\Downloads\SkypeSetup (2).exe 2014-08-26 19:35 - 2014-08-26 19:35 - 00003160 _____ () C:\windows\System32\Tasks\{0C388623-8430-4ACD-9A98-5D2127440A32} 2014-08-26 19:25 - 2014-08-26 19:32 - 21255560 _____ () C:\Users\Media\Downloads\SkypeSetupFull (1).exe 2014-08-26 19:11 - 2014-08-26 19:11 - 35594848 _____ () C:\Users\Media\Downloads\SkypeSetup_Full.exe 2014-08-26 19:03 - 2014-08-26 19:03 - 00803112 _____ ( ) C:\Users\Media\Downloads\Skype(13018) (1).exe ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-23 04:07 - 2014-09-23 04:06 - 00000000 ____D () C:\FRST 2014-09-23 04:07 - 2014-09-23 03:49 - 00000000 ____D () C:\Users\Media\Desktop\Nowy folder 2014-09-23 03:51 - 2012-01-10 06:05 - 01408441 _____ () C:\windows\WindowsUpdate.log 2014-09-23 03:43 - 2009-07-14 06:45 - 00028704 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-09-23 03:43 - 2009-07-14 06:45 - 00028704 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-09-23 03:11 - 2012-07-13 10:47 - 00000000 ____D () C:\Users\Media\AppData\Roaming\Skype 2014-09-23 03:10 - 2012-11-01 12:22 - 00000000 ____D () C:\Users\Media\AppData\Roaming\ipla 2014-09-23 03:10 - 2012-01-10 06:57 - 00000000 ____D () C:\ProgramData\VeriFace 2014-09-23 03:09 - 2012-05-25 16:56 - 05081759 _____ () C:\FaceProv.log 2014-09-23 03:09 - 2012-01-10 07:11 - 00122091 _____ () C:\windows\system32\fastboot.set 2014-09-23 03:09 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT 2014-09-23 03:09 - 2009-07-14 06:51 - 00262258 _____ () C:\windows\setupact.log 2014-09-23 02:40 - 2010-11-21 05:47 - 00913696 _____ () C:\windows\PFRO.log 2014-09-23 02:39 - 2014-09-23 02:00 - 00000000 ____D () C:\AdwCleaner 2014-09-23 02:25 - 2014-09-22 23:15 - 00000000 ____D () C:\windows\system32\MRT 2014-09-23 02:25 - 2013-08-30 14:20 - 00000928 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2002578763-3834841585-2894884081-1001UA.job 2014-09-23 02:20 - 2013-09-15 10:09 - 00000000 ____D () C:\ProgramData\AVAST Software 2014-09-23 02:07 - 2013-12-20 19:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-09-23 02:07 - 2013-05-19 20:31 - 00000000 ____D () C:\Users\Media\AppData\Roaming\SoftGrid Client 2014-09-23 02:07 - 2012-05-25 16:57 - 00001176 _____ () C:\Users\Media\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-09-23 02:07 - 2012-05-25 16:56 - 00000000 ____D () C:\Users\Media 2014-09-22 23:36 - 2014-09-22 23:36 - 00000000 ____D () C:\Nowy folder 2014-09-22 22:54 - 2014-09-22 22:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack 2014-09-22 22:54 - 2014-09-22 22:54 - 00000000 ____D () C:\Program Files (x86)\K-Lite Codec Pack 2014-09-22 22:53 - 2014-06-01 11:58 - 00000955 _____ () C:\Users\Public\Desktop\ipla.lnk 2014-09-22 22:53 - 2012-11-01 12:22 - 00000000 ____D () C:\Program Files (x86)\ipla 2014-09-22 22:52 - 2012-11-01 12:22 - 00000000 ____D () C:\ProgramData\ipla 2014-09-22 22:51 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries 2014-09-21 14:25 - 2013-08-30 14:20 - 00000906 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2002578763-3834841585-2894884081-1001Core.job 2014-09-21 13:33 - 2014-07-21 14:10 - 00000000 ____D () C:\Users\Media\Desktop\Cliver filmiki 2014-09-21 13:33 - 2014-07-21 11:36 - 00000000 ____D () C:\Users\Media\Desktop\Cliver!! 2014-09-21 13:28 - 2014-06-26 17:03 - 00003884 _____ () C:\windows\System32\Tasks\Opera scheduled Autoupdate 1388755162 2014-09-21 13:28 - 2014-01-03 15:19 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-09-16 19:15 - 2009-07-14 04:34 - 00000529 _____ () C:\windows\win.ini 2014-09-16 16:23 - 2014-09-16 16:18 - 00000000 ____D () C:\Program Files\Zune 2014-09-16 16:18 - 2014-09-16 16:18 - 00000887 _____ () C:\Users\Public\Desktop\Zune.lnk 2014-09-16 16:18 - 2014-09-16 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zune 2014-09-16 16:10 - 2013-10-27 17:57 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe 2014-09-16 16:10 - 2013-10-27 17:57 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-09-16 16:07 - 2012-05-25 16:58 - 00060824 _____ () C:\Users\Media\AppData\Local\GDIPFONTCACHEV1.DAT 2014-09-14 11:14 - 2014-03-23 20:47 - 00000000 ___RD () C:\Users\Media\Desktop\filmy 2014-09-14 11:09 - 2014-09-14 11:08 - 00000000 ____D () C:\Users\Media\AppData\Local\{24ECEFD7-0769-451C-B01A-5B013E9FFFC5} 2014-09-14 11:07 - 2013-02-01 17:47 - 00000000 ___RD () C:\Users\Media\Desktop\Dokumenty 2014-09-14 11:07 - 2012-08-08 13:32 - 00000000 ____D () C:\Users\Media\Desktop\rzeczy 2014-09-14 11:06 - 2013-02-01 17:46 - 00000000 ____D () C:\Users\Media\Desktop\Gry 2014-09-14 11:04 - 2013-05-18 08:43 - 00000000 ___RD () C:\Users\Media\Desktop\muza 2014-09-14 10:57 - 2012-01-10 07:08 - 00000000 ____D () C:\Program Files (x86)\Google 2014-09-14 10:56 - 2014-09-14 10:56 - 00000000 __SHD () C:\Users\Media\AppData\Local\EmieUserList 2014-09-14 10:56 - 2014-09-14 10:56 - 00000000 __SHD () C:\Users\Media\AppData\Local\EmieSiteList 2014-09-14 10:47 - 2014-05-22 17:43 - 00000000 ____D () C:\Users\Media\Desktop\DCIM 2014-09-13 13:41 - 2014-09-13 13:41 - 00003504 _____ () C:\windows\System32\Tasks\Yahoo! Search Udpater 2014-09-13 13:37 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\PolicyDefinitions 2014-09-11 17:21 - 2014-05-10 08:27 - 00000000 ___SD () C:\windows\system32\CompatTel 2014-09-10 15:04 - 2014-09-10 15:04 - 00000000 ___HD () C:\windows\AxInstSV 2014-09-10 14:58 - 2014-09-10 14:58 - 00000000 ____D () C:\Users\Media\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\magnet 1 język niemiecki dla gimnazjum 2014-09-10 14:58 - 2014-09-10 14:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\magnet 1 język niemiecki dla gimnazjum 2014-09-10 14:58 - 2014-09-10 14:54 - 00000000 ____D () C:\lekcje lp 2014-09-10 14:52 - 2013-02-01 17:46 - 00000000 ___RD () C:\Users\Media\Desktop\Zdjęcia 2014-09-05 04:10 - 2014-09-10 14:56 - 00578048 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll 2014-09-05 04:05 - 2014-09-10 14:56 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll 2014-09-04 14:57 - 2014-07-30 19:41 - 00000000 ____D () C:\Users\Media\Desktop\;) 2014-09-03 15:56 - 2013-03-10 20:16 - 00000000 ____D () C:\ProgramData\CanonIJPLM 2014-09-01 14:39 - 2014-09-01 14:35 - 01056820 _____ () C:\Users\Media\Downloads\install_flashplayer14x32au_chrd_dn_aaa_aih.exe 2014-08-29 13:01 - 2014-09-22 23:15 - 101694776 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe 2014-08-29 09:03 - 2009-07-14 06:45 - 00271080 _____ () C:\windows\system32\FNTCACHE.DAT 2014-08-27 10:50 - 2012-07-10 17:09 - 00000000 ____D () C:\Users\Media\AppData\Local\Google 2014-08-27 10:37 - 2014-08-27 10:37 - 00002517 _____ () C:\Users\Public\Desktop\Skype.lnk 2014-08-27 10:37 - 2014-08-27 10:37 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-08-27 10:37 - 2014-08-27 10:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-08-27 10:37 - 2012-07-13 10:47 - 00000000 ____D () C:\ProgramData\Skype 2014-08-27 09:34 - 2014-08-27 10:36 - 35596384 _____ (Skype Technologies S.A.) C:\Users\Media\Desktop\SkypeSetupFull (1).exe 2014-08-26 20:10 - 2014-08-26 20:10 - 00003124 _____ () C:\windows\System32\Tasks\{8EF28BDF-2984-45E8-84E2-C6EF3A9A3C7B} 2014-08-26 20:04 - 2014-08-26 20:04 - 01677928 _____ (Skype Technologies S.A.) C:\Users\Media\Downloads\SkypeSetup (2).exe 2014-08-26 19:35 - 2014-08-26 19:35 - 00003160 _____ () C:\windows\System32\Tasks\{0C388623-8430-4ACD-9A98-5D2127440A32} 2014-08-26 19:32 - 2014-08-26 19:25 - 21255560 _____ () C:\Users\Media\Downloads\SkypeSetupFull (1).exe 2014-08-26 19:11 - 2014-08-26 19:11 - 35594848 _____ () C:\Users\Media\Downloads\SkypeSetup_Full.exe 2014-08-26 19:03 - 2014-08-26 19:03 - 00803112 _____ ( ) C:\Users\Media\Downloads\Skype(13018) (1).exe 2014-08-25 06:53 - 2010-11-21 05:27 - 00270496 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe Some content of TEMP: ==================== C:\Users\Media\AppData\Local\Temp\gg10.upgr.exe C:\Users\Media\AppData\Local\Temp\GoogleSetup.exe C:\Users\Media\AppData\Local\Temp\gwunstal.exe C:\Users\Media\AppData\Local\Temp\i4jdel0.exe C:\Users\Media\AppData\Local\Temp\i4jdel1.exe C:\Users\Media\AppData\Local\Temp\ICReinstall_DownloadManagerSetup.exe C:\Users\Media\AppData\Local\Temp\ICReinstall_Minecraft_Downloader.exe C:\Users\Media\AppData\Local\Temp\ipl167C.tmp.exe C:\Users\Media\AppData\Local\Temp\ipl1AFE.tmp.exe C:\Users\Media\AppData\Local\Temp\ipl1BAA.tmp.exe C:\Users\Media\AppData\Local\Temp\ipl1BAB.tmp.exe C:\Users\Media\AppData\Local\Temp\ipl1C17.tmp.exe C:\Users\Media\AppData\Local\Temp\ipl1EA6.tmp.exe C:\Users\Media\AppData\Local\Temp\ipl1FB0.tmp.exe C:\Users\Media\AppData\Local\Temp\ipl207A.tmp.exe C:\Users\Media\AppData\Local\Temp\ipl241.tmp.exe C:\Users\Media\AppData\Local\Temp\ipl250C.tmp.exe C:\Users\Media\AppData\Local\Temp\ipl277C.tmp.exe C:\Users\Media\AppData\Local\Temp\ipl27CA.tmp.exe C:\Users\Media\AppData\Local\Temp\ipl2BB1.tmp.exe C:\Users\Media\AppData\Local\Temp\ipl2D75.tmp.exe C:\Users\Media\AppData\Local\Temp\ipl3301.tmp.exe C:\Users\Media\AppData\Local\Temp\ipl35CF.tmp.exe C:\Users\Media\AppData\Local\Temp\ipl444.tmp.exe C:\Users\Media\AppData\Local\Temp\ipl447B.tmp.exe C:\Users\Media\AppData\Local\Temp\ipl447E.tmp.exe C:\Users\Media\AppData\Local\Temp\ipl46CF.tmp.exe C:\Users\Media\AppData\Local\Temp\ipl4E2F.tmp.exe C:\Users\Media\AppData\Local\Temp\ipl4E9D.tmp.exe C:\Users\Media\AppData\Local\Temp\ipl5070.tmp.exe C:\Users\Media\AppData\Local\Temp\ipl562A.tmp.exe C:\Users\Media\AppData\Local\Temp\ipl5D4B.tmp.exe C:\Users\Media\AppData\Local\Temp\ipl5F8.tmp.exe C:\Users\Media\AppData\Local\Temp\ipl6028.tmp.exe C:\Users\Media\AppData\Local\Temp\ipl627.tmp.exe C:\Users\Media\AppData\Local\Temp\ipl63F0.tmp.exe C:\Users\Media\AppData\Local\Temp\ipl66BD.tmp.exe C:\Users\Media\AppData\Local\Temp\ipl71C5.tmp.exe C:\Users\Media\AppData\Local\Temp\ipl73F7.tmp.exe C:\Users\Media\AppData\Local\Temp\ipl7454.tmp.exe C:\Users\Media\AppData\Local\Temp\ipl74F0.tmp.exe C:\Users\Media\AppData\Local\Temp\ipl7D97.tmp.exe C:\Users\Media\AppData\Local\Temp\ipl8065.tmp.exe C:\Users\Media\AppData\Local\Temp\ipl82A.tmp.exe C:\Users\Media\AppData\Local\Temp\ipl87A5.tmp.exe C:\Users\Media\AppData\Local\Temp\ipl89C8.tmp.exe C:\Users\Media\AppData\Local\Temp\ipl8FB1.tmp.exe C:\Users\Media\AppData\Local\Temp\ipl9404.tmp.exe C:\Users\Media\AppData\Local\Temp\ipl94B0.tmp.exe C:\Users\Media\AppData\Local\Temp\ipl973F.tmp.exe C:\Users\Media\AppData\Local\Temp\ipl98A6.tmp.exe C:\Users\Media\AppData\Local\Temp\ipl9C8C.tmp.exe C:\Users\Media\AppData\Local\Temp\iplA0C1.tmp.exe C:\Users\Media\AppData\Local\Temp\iplA10F.tmp.exe C:\Users\Media\AppData\Local\Temp\iplA42A.tmp.exe C:\Users\Media\AppData\Local\Temp\iplA707.tmp.exe C:\Users\Media\AppData\Local\Temp\iplA8AD.tmp.exe C:\Users\Media\AppData\Local\Temp\iplA977.tmp.exe C:\Users\Media\AppData\Local\Temp\iplAA13.tmp.exe C:\Users\Media\AppData\Local\Temp\iplAC93.tmp.exe C:\Users\Media\AppData\Local\Temp\iplAEF3.tmp.exe C:\Users\Media\AppData\Local\Temp\iplB06A.tmp.exe C:\Users\Media\AppData\Local\Temp\iplB2DA.tmp.exe C:\Users\Media\AppData\Local\Temp\iplB318.tmp.exe C:\Users\Media\AppData\Local\Temp\iplB3F3.tmp.exe C:\Users\Media\AppData\Local\Temp\iplB412.tmp.exe C:\Users\Media\AppData\Local\Temp\iplB643.tmp.exe C:\Users\Media\AppData\Local\Temp\iplB70E.tmp.exe C:\Users\Media\AppData\Local\Temp\iplB7F9.tmp.exe C:\Users\Media\AppData\Local\Temp\iplB930.tmp.exe C:\Users\Media\AppData\Local\Temp\iplB9DC.tmp.exe C:\Users\Media\AppData\Local\Temp\iplBA78.tmp.exe C:\Users\Media\AppData\Local\Temp\iplBD55.tmp.exe C:\Users\Media\AppData\Local\Temp\iplBDF1.tmp.exe C:\Users\Media\AppData\Local\Temp\iplBE10.tmp.exe C:\Users\Media\AppData\Local\Temp\iplC1F7.tmp.exe C:\Users\Media\AppData\Local\Temp\iplC4A5.tmp.exe C:\Users\Media\AppData\Local\Temp\iplC705.tmp.exe C:\Users\Media\AppData\Local\Temp\iplC7E.tmp.exe C:\Users\Media\AppData\Local\Temp\iplC947.tmp.exe C:\Users\Media\AppData\Local\Temp\iplC948.tmp.exe C:\Users\Media\AppData\Local\Temp\iplC956.tmp.exe C:\Users\Media\AppData\Local\Temp\iplC995.tmp.exe C:\Users\Media\AppData\Local\Temp\iplCAAD.tmp.exe C:\Users\Media\AppData\Local\Temp\iplCBE5.tmp.exe C:\Users\Media\AppData\Local\Temp\iplCC72.tmp.exe C:\Users\Media\AppData\Local\Temp\iplD519.tmp.exe C:\Users\Media\AppData\Local\Temp\iplD5D4.tmp.exe C:\Users\Media\AppData\Local\Temp\iplD5D5.tmp.exe C:\Users\Media\AppData\Local\Temp\iplD779.tmp.exe C:\Users\Media\AppData\Local\Temp\iplD883.tmp.exe C:\Users\Media\AppData\Local\Temp\iplDF94.tmp.exe C:\Users\Media\AppData\Local\Temp\iplE233.tmp.exe C:\Users\Media\AppData\Local\Temp\iplE35B.tmp.exe C:\Users\Media\AppData\Local\Temp\iplE3A9.tmp.exe C:\Users\Media\AppData\Local\Temp\iplE3D8.tmp.exe C:\Users\Media\AppData\Local\Temp\iplE455.tmp.exe C:\Users\Media\AppData\Local\Temp\iplE58D.tmp.exe C:\Users\Media\AppData\Local\Temp\iplE86B.tmp.exe C:\Users\Media\AppData\Local\Temp\iplED5A.tmp.exe C:\Users\Media\AppData\Local\Temp\iplEFCA.tmp.exe C:\Users\Media\AppData\Local\Temp\iplF027.tmp.exe C:\Users\Media\AppData\Local\Temp\iplF037.tmp.exe C:\Users\Media\AppData\Local\Temp\iplF6DC.tmp.exe C:\Users\Media\AppData\Local\Temp\iplF70A.tmp.exe C:\Users\Media\AppData\Local\Temp\iplF8DE.tmp.exe C:\Users\Media\AppData\Local\Temp\iplF9B9.tmp.exe C:\Users\Media\AppData\Local\Temp\iplFB7D.tmp.exe C:\Users\Media\AppData\Local\Temp\iplFD8.tmp.exe C:\Users\Media\AppData\Local\Temp\iplFEB8.tmp.exe C:\Users\Media\AppData\Local\Temp\iplFF7.tmp.exe C:\Users\Media\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe C:\Users\Media\AppData\Local\Temp\MSETUP4.EXE C:\Users\Media\AppData\Local\Temp\myzzy80d.dll C:\Users\Media\AppData\Local\Temp\nse6FE4.tmp.exe C:\Users\Media\AppData\Local\Temp\PicasaUpdater_73dc.exe C:\Users\Media\AppData\Local\Temp\Quarantine.exe C:\Users\Media\AppData\Local\Temp\Shortcut_sweetimsetup.exe C:\Users\Media\AppData\Local\Temp\SIMEEI2Installer.exe C:\Users\Media\AppData\Local\Temp\SIMEEIInstaller.exe C:\Users\Media\AppData\Local\Temp\SkypeSetup.exe C:\Users\Media\AppData\Local\Temp\SQLite.dll C:\Users\Media\AppData\Local\Temp\uninst1.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2012-07-08 16:46 ==================== End Of Log ============================