Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-09-2014 Ran by Mirek (administrator) on MIREK-KOMPUTER on 01-10-2014 20:19:43 Running from C:\Users\Mirek\Desktop\Nowy folder Loaded Profile: Mirek (Available profiles: Mirek & Gość) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polski (Polska) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AuthenTec, Inc.) C:\Program Files (x86)\Fingerprint Sensor\AtService.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Egis Technology Inc.) C:\Program Files (x86)\Acer Bio Protection\CompPtcVUI.exe (Microsoft Corporation) C:\Windows\System32\wisptis.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe (Microsoft Corporation) C:\Windows\System32\lpksetup.exe (ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe (Nero AG) C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe (Microsoft Corporation) C:\Windows\System32\wisptis.exe (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe (Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Egis Technology Inc.) C:\Program Files (x86)\Acer Bio Protection\BASVC.exe (UASSOFT.COM) C:\Program Files (x86)\Keyboard Driver\KMWDSrv.exe (Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe (NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NTI, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe (Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe (Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Cisco Systems, Inc.) C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe (UASSOFT.COM) C:\Program Files (x86)\Keyboard Driver\StartAutorun.exe (CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (Acer Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (UASSOFT.COM) C:\Program Files (x86)\Keyboard Driver\KMCONFIG.exe (UASSOFT.COM) C:\Program Files (x86)\Keyboard Driver\KMProcess.exe (Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Cisco Systems, Inc.) C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe (Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8060960 2009-08-06] (Realtek Semiconductor) HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [818720 2010-02-26] (Acer Incorporated) HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation) HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-05-27] (Egis Technology Inc.) HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [265984 2010-06-29] (NewTech Infosystems, Inc.) HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-03-11] (Egis Technology Inc.) HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-03-11] (Egis Technology Inc.) HKLM-x32\...\Run: [VitaKeyPdtWzd] => c:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe [3568640 2009-09-26] (Egis Technology Inc.) HKLM-x32\...\Run: [nmctxth] => C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe [647216 2009-07-07] (Cisco Systems, Inc.) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation) HKLM-x32\...\Run: [KMCONFIG] => C:\Program Files (x86)\Keyboard Driver\StartAutorun.exe KMConfig.exe HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM-x32\...\Run: [ArcadeDeluxeAgent] => C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [419112 2011-01-28] (CyberLink Corp.) HKLM-x32\...\Run: [PlayMovie] => C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [181480 2011-01-28] (Acer Corp.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated) HKU\S-1-5-21-973079480-2824512842-765516030-1000\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-973079480-2824512842-765516030-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\S-1-5-21-973079480-2824512842-765516030-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 Startup: C:\Users\Mirek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\aluagent.lnk ShortcutTarget: aluagent.lnk -> C:\ProgramData\Acer\Acer Updater\aluagent.exe (Acer Incorporated) ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File ShellIconOverlayIdentifiers: egisPSDP -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\psdprotect.dll (Egis Technology Inc.) ShellIconOverlayIdentifiers-x32: egisPSDP -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x86\psdprotect.dll (Egis Technology Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch SearchScopes: HKLM - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms} SearchScopes: HKLM-x32 - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms} SearchScopes: HKCU - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms} BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll (Cisco Systems, Inc.) Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) Handler-x32: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 86.63.64.49 86.63.64.48 FireFox: ======== FF ProfilePath: C:\Users\Mirek\AppData\Roaming\Mozilla\Firefox\Profiles\64twauqf.default-1412020477115 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll () FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 -> C:\Program Files (x86)\Virtual Earth 3D\ () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/VirtualEarth3D,version=4.0 -> C:\Program Files (x86)\Virtual Earth 3D\ () FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) Chrome: ======= ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY) R2 ATService; C:\Program Files (x86)\Fingerprint Sensor\AtService.exe [1815800 2009-09-21] (AuthenTec, Inc.) R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed] R2 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [98304 2010-09-17] (Firebird Project) [File not signed] R3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [3735552 2010-09-17] (Firebird Project) [File not signed] R2 IGBASVC; c:\Program Files (x86)\Acer Bio Protection\BASVC.exe [3449856 2009-09-26] (Egis Technology Inc.) [File not signed] R2 KMWDSERVICE; C:\Program Files (x86)\Keyboard Driver\KMWDSrv.exe [1821184 2009-08-31] (UASSOFT.COM) [File not signed] R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC) S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-27] (Egis Technology Inc.) R2 NTISchedulerSvc; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [144640 2010-04-17] (NTI, Inc.) S4 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) S3 mtkmbim; C:\Windows\System32\DRIVERS\mtkmbim7_x64.sys [208896 2012-12-13] (MediaTek Inc.) S3 wdf_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [81408 2013-02-21] (MediaTek Inc.) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-30 19:07 - 2014-09-30 19:07 - 00000000 ____D () C:\Users\Dom 2014-09-30 00:15 - 2014-09-30 00:16 - 00455816 _____ () C:\Windows\Minidump\093014-42915-01.dmp 2014-09-29 22:00 - 2014-09-29 22:00 - 01373475 _____ () C:\Users\Mirek\Downloads\adwcleaner_3.310.exe 2014-09-29 21:38 - 2014-09-29 21:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-09-29 20:09 - 2014-10-01 20:19 - 00000000 ____D () C:\Users\Mirek\Desktop\Nowy folder 2014-09-28 09:54 - 2014-09-28 09:55 - 00000000 ____D () C:\sfzone_profile 2014-09-28 09:44 - 2014-09-30 00:15 - 490802160 _____ () C:\Windows\MEMORY.DMP 2014-09-26 21:18 - 2014-09-30 19:05 - 00000000 ____D () C:\Users\Mirek\Downloads\Nowy folder 2014-09-26 18:10 - 2014-10-01 19:42 - 00000000 ____D () C:\Program Files (x86)\WinRAR 2014-09-26 17:12 - 2014-09-29 22:10 - 00000000 ____D () C:\Windows\system32\log 2014-09-25 11:39 - 2014-09-25 11:39 - 00027356 _____ () C:\ComboFix.txt 2014-09-25 10:59 - 2014-10-01 20:12 - 00877808 _____ () C:\Windows\PFRO.log 2014-09-23 21:11 - 2014-09-23 21:11 - 00000000 _____ () C:\autoexec.bat 2014-09-22 23:48 - 2014-10-01 20:12 - 00003424 _____ () C:\Windows\setupact.log 2014-09-22 23:48 - 2014-09-22 23:48 - 00000000 _____ () C:\Windows\setuperr.log 2014-09-14 23:28 - 2014-09-29 22:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-09-14 23:28 - 2014-09-14 23:28 - 00001123 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-09-14 23:23 - 2014-09-14 23:23 - 00010152 _____ () C:\Users\Mirek\Documents\cc_20140914_232339.reg 2014-09-10 12:53 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-09-10 12:53 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-09-10 12:53 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-09-10 12:53 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-09-10 12:53 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-09-10 12:53 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-09-10 12:53 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-09-10 12:53 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-09-10 12:53 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-09-10 12:53 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-09-10 12:53 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-09-10 12:53 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-09-10 12:53 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-09-10 12:53 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-09-10 12:53 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-09-10 12:53 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-09-10 12:53 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-09-10 12:53 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-09-10 12:53 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-09-10 12:53 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-09-10 12:53 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-09-10 12:53 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-09-10 12:53 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-09-10 12:53 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-09-10 12:53 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-09-10 12:53 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-09-10 12:53 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-09-10 12:53 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-09-10 12:53 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-09-10 12:53 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-09-10 12:53 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-09-10 12:53 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-09-10 12:53 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-09-10 12:53 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-09-10 12:53 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-09-10 12:53 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-09-10 12:53 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-09-10 12:53 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-09-10 12:53 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-09-10 12:53 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-09-10 12:53 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-09-10 12:53 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-09-10 12:53 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-09-10 12:53 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-09-10 12:53 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-09-10 12:53 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-09-10 12:53 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-09-10 12:53 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-09-10 12:53 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-09-10 12:53 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-09-10 12:53 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-09-10 12:53 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-09-10 12:53 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-09-10 12:53 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-09-10 12:53 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-09-10 12:53 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-09-10 12:35 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-09-10 12:35 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-09-10 12:35 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-09-10 12:35 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-09-10 12:35 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-09-07 13:45 - 2014-09-07 13:45 - 00000807 _____ () C:\Users\Mirek\Downloads\150006095140002_874558.ZRZ 2014-09-07 13:41 - 2014-09-07 13:41 - 00001056 _____ () C:\Users\Mirek\Downloads\150006095140002_116_14196711.SWZ 2014-09-07 12:45 - 2014-09-07 12:45 - 00000569 _____ () C:\Users\Mirek\Downloads\150006095140002_139_9318837.PZP 2014-09-07 12:45 - 2014-09-07 12:45 - 00000569 _____ () C:\Users\Mirek\Downloads\150006095140002_139_9318837(1).PZP 2014-09-07 12:36 - 2014-09-07 12:36 - 00007454 _____ () C:\Users\Mirek\Downloads\150006095140002_865292.ZRZ 2014-09-07 12:35 - 2014-09-07 12:35 - 00000959 _____ () C:\Users\Mirek\Downloads\150006095140002_113_14099416.SWZ 2014-09-07 12:34 - 2014-09-07 12:34 - 00009792 _____ () C:\Users\Mirek\Downloads\150006095140002_137_9218519.PZW 2014-09-07 12:33 - 2014-09-07 12:33 - 00000684 _____ () C:\Users\Mirek\Downloads\150006095140002_137_9218519.PZP 2014-09-01 19:29 - 2014-09-01 19:29 - 00000643 _____ () C:\Users\Mirek\Downloads\150006095130002_122_8396694.PZR 2014-09-01 19:28 - 2014-09-01 19:28 - 00000644 _____ () C:\Users\Mirek\Downloads\150006095130002_116_8128262.PZR 2014-09-01 19:28 - 2014-09-01 19:28 - 00000642 _____ () C:\Users\Mirek\Downloads\150006095130002_121_8305062.PZR 2014-09-01 19:28 - 2014-09-01 19:28 - 00000642 _____ () C:\Users\Mirek\Downloads\150006095130002_118_8203185.PZR 2014-09-01 19:28 - 2014-09-01 19:28 - 00000642 _____ () C:\Users\Mirek\Downloads\150006095130002_113_8008906.PZR 2014-09-01 19:27 - 2014-09-01 19:27 - 00000642 _____ () C:\Users\Mirek\Downloads\150006095130002_112_7916992.PZR 2014-09-01 18:53 - 2014-09-01 18:53 - 00010320 _____ () C:\Users\Mirek\Downloads\150006095130002_122_8396694.PZW 2014-09-01 18:52 - 2014-09-01 18:52 - 00008807 _____ () C:\Users\Mirek\Downloads\150006095130002_121_8305062.PZW 2014-09-01 18:51 - 2014-09-01 18:52 - 00010471 _____ () C:\Users\Mirek\Downloads\150006095130002_118_8203185.PZW 2014-09-01 18:51 - 2014-09-01 18:51 - 00009235 _____ () C:\Users\Mirek\Downloads\150006095130002_116_8128262.PZW 2014-09-01 18:50 - 2014-09-01 18:50 - 00010074 _____ () C:\Users\Mirek\Downloads\150006095130002_113_8008906.PZW 2014-09-01 18:50 - 2014-09-01 18:50 - 00009512 _____ () C:\Users\Mirek\Downloads\150006095130002_112_7916992.PZW 2014-09-01 18:41 - 2014-09-15 21:01 - 00000000 ____D () C:\Users\Mirek\AppData\Local\Adobe ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-01 20:20 - 2014-07-05 18:43 - 00000000 ____D () C:\FRST 2014-10-01 20:19 - 2011-03-25 09:52 - 01836638 _____ () C:\Windows\WindowsUpdate.log 2014-10-01 20:13 - 2013-02-17 23:58 - 00001042 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-10-01 20:13 - 2012-08-28 21:30 - 00000000 ____D () C:\Temp 2014-10-01 20:12 - 2011-07-18 17:41 - 00000000 ____D () C:\ProgramData\AVAST Software 2014-10-01 20:12 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-10-01 19:58 - 2012-07-06 23:21 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-10-01 19:48 - 2013-02-17 23:58 - 00001046 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-10-01 19:45 - 2009-07-14 06:45 - 00017600 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-10-01 19:45 - 2009-07-14 06:45 - 00017600 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-10-01 19:42 - 2011-06-13 21:05 - 00000000 ____D () C:\Users\Mirek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2014-10-01 19:42 - 2011-06-13 21:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2014-09-30 00:15 - 2011-08-09 17:39 - 00000000 ____D () C:\Windows\Minidump 2014-09-29 19:53 - 2011-03-25 10:43 - 00756684 _____ () C:\Windows\system32\perfh015.dat 2014-09-29 19:53 - 2011-03-25 10:43 - 00161906 _____ () C:\Windows\system32\perfc015.dat 2014-09-29 19:53 - 2009-07-14 07:13 - 01705794 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-09-29 19:19 - 2013-04-15 20:56 - 00000000 ____D () C:\Program Files (x86)\Rossmann 2014-09-28 09:36 - 2009-07-14 07:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-09-26 19:18 - 2014-02-27 18:23 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-09-26 16:54 - 2011-06-10 16:20 - 00001425 _____ () C:\Users\Mirek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-09-25 11:27 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini 2014-09-25 10:57 - 2009-07-14 04:34 - 80740352 _____ () C:\Windows\system32\config\software.bak 2014-09-25 10:57 - 2009-07-14 04:34 - 24641536 _____ () C:\Windows\system32\config\system.bak 2014-09-25 10:57 - 2009-07-14 04:34 - 00221184 _____ () C:\Windows\system32\config\default.bak 2014-09-25 10:57 - 2009-07-14 04:34 - 00094208 _____ () C:\Windows\system32\config\sam.bak 2014-09-25 10:57 - 2009-07-14 04:34 - 00028672 _____ () C:\Windows\system32\config\security.bak 2014-09-25 10:56 - 2014-02-27 18:27 - 00000000 ____D () C:\Windows\erdnt 2014-09-25 09:42 - 2011-08-08 20:01 - 00000000 ____D () C:\ProgramData\firebird 2014-09-25 04:23 - 2014-04-17 09:24 - 00000000 ____D () C:\Users\Gość 2014-09-25 04:22 - 2010-09-23 21:04 - 00000000 ___RD () C:\Users\Public\Recorded TV 2014-09-25 04:22 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration 2014-09-24 19:18 - 2012-07-06 23:21 - 00003868 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-09-24 19:13 - 2012-04-01 08:39 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-09-24 19:13 - 2011-06-10 19:24 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-09-24 18:27 - 2011-06-10 16:08 - 00000000 ____D () C:\Users\Mirek 2014-09-23 20:09 - 2012-03-04 12:22 - 00009728 ___SH () C:\Users\Mirek\Thumbs.db 2014-09-21 21:57 - 2012-04-05 18:32 - 00000000 ____D () C:\Users\Mirek\Documents\ROZLICZENIA_ALA 2014-09-21 21:55 - 2014-01-16 13:31 - 00000000 ____D () C:\Users\Mirek\Desktop\Camera 2014-09-21 21:50 - 2014-07-05 18:35 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2014-09-15 09:06 - 2011-07-17 22:27 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2014-09-13 21:44 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-09-13 02:01 - 2014-02-16 15:05 - 00000000 ____D () C:\Users\Mirek\AppData\Local\Battle.net 2014-09-13 00:27 - 2014-02-16 15:05 - 00000000 ____D () C:\Program Files (x86)\Battle.net 2014-09-12 14:27 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-09-10 12:50 - 2012-08-28 22:05 - 01678400 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2014-09-10 12:47 - 2013-07-11 23:33 - 00000000 ____D () C:\Windows\system32\MRT 2014-09-10 12:40 - 2011-06-11 08:34 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-09-28 08:06 ==================== End Of Log ============================