Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-10-2014 Ran by Toshiba (administrator) on TOSHIBA-TOSH on 12-10-2014 17:39:53 Running from C:\Users\Toshiba\Desktop Loaded Profiles: Toshiba & UpdatusUser (Available profiles: Toshiba & UpdatusUser) Platform: Windows 7 Home Premium (X64) OS Language: Polski (Polska) Internet Explorer Version 8 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe (TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation.) C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe () C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Autodesk, Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe (Dassault Systèmes SolidWorks Corp.) D:\SolidWorks\Solid Works2013\sldworks_fs.exe (Dassault Systemes) D:\Programy\B20\intel_a\code\bin\CATSysDemon.exe () C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\WUDHost.exe ( ) C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\HomeGroupListener.exe () C:\Users\Toshiba\Videos\napsnap.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\basebrd.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe () C:\Program Files (x86)\PennyBee\PennyBee.exe (Solid Documents, LLC) C:\Program Files (x86)\SolidDocuments\Solid Converter PDF\SCPDF\SolidConverterPDFServicex64.exe (TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe (AVG) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe (Microsoft Corporation) C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\shellbrd.exe () C:\Users\Toshiba\Videos\mfcmifc.exe () C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\ospsvc.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE () C:\Program Files (x86)\PennyBee\PennyBeeW.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (AVG) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe () C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\NetTcpPortSharing.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (Google Inc.) C:\Users\Toshiba\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Toshiba\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Toshiba\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Toshiba\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Toshiba\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Toshiba\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Toshiba\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Toshiba\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Toshiba\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Toshiba\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2009-08-03] (TOSHIBA Corporation) HKLM\...\Run: [ThpSrv] => C:\Windows\system32\thpsrv /logon HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [35160 2009-08-06] (TOSHIBA Corporation) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7982112 2009-08-03] (Realtek Semiconductor) HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [497504 2009-08-21] (TOSHIBA Corporation) HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation) HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [909624 2009-08-05] (TOSHIBA Corporation) HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [711000 2009-08-04] (TOSHIBA Corporation) HKLM\...\Run: [HDMICtrlMan] => C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [1032536 2009-08-03] (TOSHIBA Corporation.) HKLM\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [415680 2012-02-06] (Autodesk, Inc.) HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-10-18] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM-x32\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [423936 2009-06-02] (TOSHIBA Electronics, Inc.) HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34088 2009-01-13] (TOSHIBA CORPORATION) HKLM-x32\...\Run: [TUSBSleepChargeSrv] => C:\Program Files (x86)\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe [252288 2009-07-02] (TOSHIBA) HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296056 2012-04-16] (RealNetworks, Inc.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [3521424 2012-03-31] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252296 2012-01-17] (Sun Microsystems, Inc.) HKLM-x32\...\Run: [ADSK DLMSession] => C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [1632216 2012-07-23] (Autodesk, Inc.) HKLM\...\Policies\Explorer\Run: [9608] => C:\ProgramData\Local Settings\Temp\ccapwi.cmd [164214 2009-07-14] ( (Lampi)) HKU\S-1-5-21-2754264385-1261652437-1540506145-1000\...\Run: [ares] => "C:\Program Files (x86)\Ares\Ares.exe" -h HKU\S-1-5-21-2754264385-1261652437-1540506145-1000\...\Run: [Google Update] => "C:\Users\Toshiba\AppData\Local\Google\Update\GoogleUpdate.exe" /c HKU\S-1-5-21-2754264385-1261652437-1540506145-1000\...\Run: [KiesHelper] => C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe [954256 2012-03-31] (Samsung) HKU\S-1-5-21-2754264385-1261652437-1540506145-1000\...\Run: [KiesPDLR] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [21392 2012-03-31] () HKU\S-1-5-21-2754264385-1261652437-1540506145-1000\...\Run: [msnmsgr] => ~"C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background HKU\S-1-5-21-2754264385-1261652437-1540506145-1000\...\Run: [Akamai NetSession Interface] => "C:\Users\Toshiba\AppData\Local\Akamai\netsession_win.exe" HKU\S-1-5-21-2754264385-1261652437-1540506145-1000\...\Run: [ALLUpdate] => C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe [2991616 2012-10-09] (ALLCinema) HKU\S-1-5-21-2754264385-1261652437-1540506145-1000\...\Run: [Mnamay] => C:\Users\Toshiba\AppData\Roaming\Mnamay.exe HKU\S-1-5-21-2754264385-1261652437-1540506145-1000\...\Run: [IPLA!] => C:\Program Files (x86)\ipla\ipla.exe [21370976 2014-07-21] (Redefine Sp z o.o.) HKU\S-1-5-21-2754264385-1261652437-1540506145-1000\...\Run: [AdobeUpdate] => wscript "C:\Users\Toshiba\AppData\Roaming\AdobeX2\invis.vbs" "C:\Users\Toshiba\AppData\Roaming\AdobeX2\bat.bat" HKU\S-1-5-21-2754264385-1261652437-1540506145-1000\...\Run: [EADM] => D:\Gry\Origin\Origin.exe [3600216 2014-09-16] (Electronic Arts) HKU\S-1-5-21-2754264385-1261652437-1540506145-1000\...\Run: [Tiny download manager] => C:\Users\Toshiba\AppData\Local\DM\TinyDM.exe [289752 2014-08-18] (http://www.tinydm.com/) HKU\S-1-5-21-2754264385-1261652437-1540506145-1000\...\RunOnce: [Microsoft Office Software Protection Platform Service] => C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\ospsvc.exe [12288 2014-10-05] () HKU\S-1-5-21-2754264385-1261652437-1540506145-1000\...\RunOnce: [Standard Dynamic Printing Port Monitor] => C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\NetTcpPortSharing.exe [8192 2014-10-08] () HKU\S-1-5-21-2754264385-1261652437-1540506145-1000\...\RunOnce: [MFC Managed Interfaces Library] => C:\Users\Toshiba\Videos\mfcmifc.exe [16896 2014-10-05] () HKU\S-1-5-21-2754264385-1261652437-1540506145-1000\...\RunOnce: [Disk Management Snap-in] => C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\shellbrd.exe [11776 2014-10-05] (Microsoft Corporation) HKU\S-1-5-21-2754264385-1261652437-1540506145-1000\...\MountPoints2: H - H:\LaunchU3.exe -a HKU\S-1-5-21-2754264385-1261652437-1540506145-1000\...\MountPoints2: {220254cc-bbdc-11e3-ab43-002622e9499f} - G:\Startme.exe HKU\S-1-5-21-2754264385-1261652437-1540506145-1000\...\MountPoints2: {353e2118-0f71-11e0-a9db-002622e9499f} - F:\autorun.exe HKU\S-1-5-21-2754264385-1261652437-1540506145-1000\...\MountPoints2: {7acf9e75-755a-11e3-9e20-0026b646b5b2} - H:\LaunchU3.exe -a HKU\S-1-5-21-2754264385-1261652437-1540506145-1000\...\MountPoints2: {a141f1c8-2d4d-11e0-a94a-0026b646b5b2} - G:\USBAutoRun.exe AppInit_DLLs: c:\progra~3\bitguard\271832~1.68\{c16c1~1\loader.dll => c:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\loader.dll [1958880 2013-11-18] () AppInit_DLLs: c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll => c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll File Not Found Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SolidWorks 2013 Fast Start.lnk ShortcutTarget: SolidWorks 2013 Fast Start.lnk -> C:\Windows\Installer\{B6B5EA7E-B91F-443D-A958-B0062FB53804}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software, Inc.) ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.) ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll No File ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll No File ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll No File ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll No File GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.interia.pl/#utm_source=instalki&utm_medium=installer&utm_campaign=instalki HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp&ts=1408356855&from=exp&uid=TOSHIBAXMK5055GSX_X9SHC3K5TXXX9SHC3K5T HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?type=ds&ts=1408356855&from=exp&uid=TOSHIBAXMK5055GSX_X9SHC3K5TXXX9SHC3K5T&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp&ts=1408356855&from=exp&uid=TOSHIBAXMK5055GSX_X9SHC3K5TXXX9SHC3K5T HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.interia.pl/#utm_source=instalki&utm_medium=installer&utm_campaign=instalki HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?type=ds&ts=1408356855&from=exp&uid=TOSHIBAXMK5055GSX_X9SHC3K5TXXX9SHC3K5T&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?type=ds&ts=1408356855&from=exp&uid=TOSHIBAXMK5055GSX_X9SHC3K5TXXX9SHC3K5T&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp&ts=1408356855&from=exp&uid=TOSHIBAXMK5055GSX_X9SHC3K5TXXX9SHC3K5T HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.interia.pl/#utm_source=instalki&utm_medium=installer&utm_campaign=instalki HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?type=ds&ts=1408356855&from=exp&uid=TOSHIBAXMK5055GSX_X9SHC3K5TXXX9SHC3K5T&q={searchTerms} URLSearchHook: ATTENTION ==> Default URLSearchHook is missing. URLSearchHook: HKCU - (No Name) - {8c5878d0-6106-423b-aaa8-144c143dbf44} - No File URLSearchHook: HKCU - (No Name) - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - No File StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://pl.v9.com/?utm_source=b&utm_medium=cor SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?type=ds&ts=1408356855&from=exp&uid=TOSHIBAXMK5055GSX_X9SHC3K5TXXX9SHC3K5T&q={searchTerms} SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?type=ds&ts=1408356855&from=exp&uid=TOSHIBAXMK5055GSX_X9SHC3K5TXXX9SHC3K5T&q={searchTerms} SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?type=ds&ts=1408356855&from=exp&uid=TOSHIBAXMK5055GSX_X9SHC3K5TXXX9SHC3K5T&q={searchTerms} SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?type=ds&ts=1408356855&from=exp&uid=TOSHIBAXMK5055GSX_X9SHC3K5TXXX9SHC3K5T&q={searchTerms} SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.searchgol.com/?q={searchTerms}&babsrc=SP_ss&mntrId=409C0026B646B5B2&affID=119357&tsp=5020 SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.searchgol.com/?q={searchTerms}&babsrc=SP_ss&mntrId=409C0026B646B5B2&affID=119357&tsp=5020 SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?type=ds&ts=1408356855&from=exp&uid=TOSHIBAXMK5055GSX_X9SHC3K5TXXX9SHC3K5T&q={searchTerms} SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = SearchScopes: HKCU - {E9B91B8B-7B9C-404D-8195-97652674605A} URL = http://www.amazon.co.uk/gp/search?ie=UTF8&keywords={searchTerms}&tag=tochibauk-win7-ie-search-21&index=blended&linkCode=ur2 SearchScopes: HKCU - {F7F9D926-BE68-47C2-892F-BBF6A153BAC2} URL = http://rover.ebay.com/rover/1/710-44557-9400-9/4?satitle={searchTerms} BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) BHO-x32: ALLYouTubeDownloader -> {61DB16C5-B733-43F4-872E-B20DC9E72740} -> C:\Program Files (x86)\ALLYouTubeDownloader\ALLYouTubeDownloader.dll (ALLCinema Ltd.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: IplexToALLPlayer -> {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} -> C:\Program Files (x86)\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.) Toolbar: HKCU - No Name - {8C5878D0-6106-423B-AAA8-144C143DBF44} - No File Toolbar: HKCU - No Name - {B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14} - No File DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://active.macromedia.com/flash4/cabs/swflash.cab Tcpip\Parameters: [DhcpNameServer] 62.179.1.63 62.179.1.62 FireFox: ======== FF ProfilePath: C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\mw90ecpl.default FF Homepage: user_pref("browser.startup.homepage", ); FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll () FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll () FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.19 -> C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc) FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Toshiba\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Toshiba\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\webssearches.xml FF Extension: cosstminn - C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\mw90ecpl.default\Extensions\eiieoiycd@joy-.org [2014-09-08] FF Extension: Firefox Old Version Update Hotfix - C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\mw90ecpl.default\Extensions\firefox-hotfix@mozilla.org [2014-09-08] FF Extension: Firefox Old Version Update Hotfix - C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\mw90ecpl.default\Extensions\firefox-hotfix@mozilla.org.xpi [2014-09-08] Chrome: ======= CHR Profile: C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Dysk Google) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-05] CHR Extension: (AdBlock) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-09-30] CHR Extension: (IE Tab) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2014-06-23] CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2013-05-25] CHR Extension: (Google Wallet) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30] CHR Extension: (cosstminn) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppahdjodapkenchnkapleieealnolggi [2014-08-18] CHR Extension: (cosstminn) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppahdjodapkenchnkapleieealnolggi\2.0 [2014-08-18] CHR HKCU\...\Chrome\Extension: [dknkjnkhedbanphkkpbpcgoblmkbfhlf] - C:\Users\Toshiba\AppData\Local\CRE\dknkjnkhedbanphkkpbpcgoblmkbfhlf.crx [2012-09-09] CHR HKLM-x32\...\Chrome\Extension: [dknkjnkhedbanphkkpbpcgoblmkbfhlf] - C:\Users\Toshiba\AppData\Local\CRE\dknkjnkhedbanphkkpbpcgoblmkbfhlf.crx [2012-09-09] CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-04-16] CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-08-18] CHR StartMenuInternet: Google Chrome - C:\Users\Toshiba\AppData\Local\Google\Chrome\Application\chrome.exe http://istart.webssearches.com/?type=sc&ts=1408356855&from=exp&uid=TOSHIBAXMK5055GSX_X9SHC3K5TXXX9SHC3K5T CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.) R2 BBDemon; D:\Programy\B20\intel_a\code\bin\CATSysDemon.exe [36864 2010-01-09] (Dassault Systemes) [File not signed] S3 CoordinatorServiceHost; D:\SolidWorks\Solid Works2013\swScheduler\DTSCoordinatorService.exe [77352 2013-10-01] (Dassault Systèmes SolidWorks Corp.) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed] R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15122208 2013-10-18] (NVIDIA Corporation) R2 PennyBee; C:\Program Files (x86)\PennyBee\PennyBee.exe [57856 2014-08-18] () [File not signed] R2 SCPDFReadSpool; C:\Program Files (x86)\SolidDocuments\Solid Converter PDF\SCPDF\SolidConverterPDFServicex64.exe [209920 2011-10-21] (Solid Documents, LLC) [File not signed] S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2012-04-02] (SolidWorks) [File not signed] R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2183992 2014-03-22] (AVG) S2 Microsoft Security Center; C:\Windows\SysWOW64\Explorer\svchost.exe [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 LUMDriver; C:\Windows\system32\drivers\LUMDriver.sys [24848 2008-01-02] (IBM) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-09-28] (NVIDIA Corporation) S3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [416768 2009-06-10] (Realtek Semiconductor Corporation ) R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2014-02-10] (TuneUp Software) U2 BHDrvx64; No ImagePath S4 sptd; System32\Drivers\sptd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-12 17:40 - 2014-10-12 17:40 - 00602112 _____ (OldTimer Tools) C:\Users\Toshiba\Desktop\OTL.exe 2014-10-12 17:39 - 2014-10-12 17:40 - 00026160 _____ () C:\Users\Toshiba\Desktop\FRST.txt 2014-10-12 17:39 - 2014-10-12 17:39 - 00000000 ____D () C:\FRST 2014-10-12 17:38 - 2014-10-12 17:39 - 02110464 _____ (Farbar) C:\Users\Toshiba\Desktop\FRST64.exe 2014-10-12 17:24 - 2014-10-12 17:24 - 00623224 _____ (Duplex Secure Ltd.) C:\Users\Toshiba\Desktop\SPTDinst-v186-x64.exe 2014-10-06 14:34 - 2014-10-06 14:34 - 00002762 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 2014-10-04 22:32 - 2014-10-04 22:32 - 00002222 _____ () C:\Users\Public\Desktop\AVG Konserwacja 1 kliknięciem.lnk 2014-10-04 22:32 - 2014-10-04 22:32 - 00002192 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2014.lnk 2014-10-04 22:32 - 2014-10-04 22:32 - 00002180 _____ () C:\Users\Public\Desktop\AVG PC TuneUp 2014.lnk 2014-10-04 22:32 - 2014-10-04 22:32 - 00000000 ____D () C:\Users\Toshiba\AppData\Local\AVG 2014-10-04 22:32 - 2014-10-04 22:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2014 2014-10-04 22:32 - 2014-10-04 22:32 - 00000000 ____D () C:\Program Files (x86)\AVG 2014-10-04 22:32 - 2014-03-22 22:09 - 00040248 _____ (AVG) C:\Windows\system32\TURegOpt.exe 2014-10-04 22:32 - 2014-03-22 22:09 - 00029496 _____ (AVG) C:\Windows\system32\authuitu.dll 2014-10-04 22:32 - 2014-03-22 22:09 - 00025400 _____ (AVG) C:\Windows\SysWOW64\authuitu.dll 2014-10-04 22:31 - 2014-10-04 23:26 - 00000000 ____D () C:\Users\Toshiba\AppData\Roaming\vlc 2014-10-04 22:30 - 2014-10-04 22:30 - 00001011 _____ () C:\Users\Toshiba\Desktop\NapiProjekt.lnk 2014-10-04 22:30 - 2014-10-04 22:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NapiProjekt 2014-10-04 22:30 - 2014-10-04 22:30 - 00000000 ____D () C:\Program Files (x86)\NapiProjekt 2014-10-04 22:29 - 2014-10-04 22:29 - 24658468 _____ () C:\Users\Toshiba\Downloads\vlc-2.1.5-win64.exe 2014-10-04 22:29 - 2014-10-04 22:29 - 00000878 _____ () C:\Users\Public\Desktop\VLC media player.lnk 2014-10-04 22:29 - 2014-10-04 22:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2014-10-04 22:29 - 2014-10-04 22:29 - 00000000 ____D () C:\Program Files\VideoLAN 2014-10-04 22:28 - 2014-10-04 22:28 - 00753704 _____ ( ) C:\Users\Toshiba\Desktop\pobierz_vlc-2.1.5-win64.exe 2014-10-04 22:26 - 2014-10-04 22:26 - 09989013 _____ ( ) C:\Users\Toshiba\Downloads\NapiProjektBuild_2.2.0.2399.exe 2014-10-04 22:26 - 2014-10-04 22:26 - 00753704 _____ ( ) C:\Users\Toshiba\Desktop\pobierz-NapiProjektBuild_2.2.0.2399.exe 2014-10-04 22:26 - 2014-10-04 22:26 - 00747456 _____ ( ) C:\Users\Toshiba\Desktop\Niepotwierdzony 126793.crdownload 2014-10-03 10:35 - 2014-10-03 10:35 - 540073488 _____ () C:\Windows\MEMORY.DMP 2014-10-03 10:35 - 2014-10-03 10:35 - 00290944 _____ () C:\Windows\Minidump\100314-25677-01.dmp 2014-09-30 20:40 - 2014-09-30 20:40 - 00290952 _____ () C:\Windows\Minidump\093014-20732-01.dmp 2014-09-30 18:55 - 2014-09-30 18:55 - 00000000 ____D () C:\Users\Toshiba\Desktop\Nowy folder 2014-09-30 18:52 - 2014-09-20 09:30 - 00000388 _____ () C:\Users\Toshiba\Desktop\instalacja składów fifa 14.txt 2014-09-30 18:52 - 2014-09-20 09:24 - 03292580 _____ () C:\Users\Toshiba\Desktop\Squads 20140920092436#Sklady DeMo and ikerek1111 2014-09-28 18:14 - 2014-08-10 20:25 - 240268907 _____ (PesCups.Ru ) C:\Users\Toshiba\Desktop\FIFA14Update7.1.exe 2014-09-28 17:10 - 2014-09-02 18:20 - 00000000 ____D () C:\Users\Toshiba\Desktop\trf.02.09.2014 2014-09-28 17:07 - 2014-09-28 18:13 - 240268990 _____ () C:\Users\Toshiba\Desktop\FIFA 14-Update v. 7.1 by PesCups.Ru.rar 2014-09-28 16:56 - 2014-09-12 00:37 - 00000000 ____D () C:\Users\Toshiba\Desktop\Squads+fix 2014-09-28 16:55 - 2014-09-28 16:55 - 06537320 _____ () C:\Users\Toshiba\Desktop\Squads+fix5^itsVario.com.rar 2014-09-17 16:45 - 2014-10-06 14:04 - 00001368 _____ () C:\Users\Toshiba\Desktop\Wyczyść rejestr za darmo!.lnk 2014-09-16 21:38 - 2014-09-16 21:38 - 00000000 ____D () C:\Users\Toshiba\restore 2014-09-16 20:11 - 2014-09-16 21:04 - 00000000 ____D () C:\Users\Toshiba\Desktop\djęcia 2014-09-16 19:53 - 2014-09-23 17:19 - 00000000 ____D () C:\ProgramData\tmp 2014-09-16 19:53 - 2014-09-23 17:05 - 00000000 ____D () C:\ProgramData\hps 2014-09-16 19:52 - 2014-09-16 19:52 - 00001279 _____ () C:\Users\Public\Desktop\Moja cewe fotoksiazka.lnk 2014-09-16 19:52 - 2014-09-16 19:52 - 00001264 _____ () C:\Users\Public\Desktop\CEWE-Podglad Zdjec.lnk 2014-09-16 19:52 - 2014-09-16 19:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Moja cewe fotoksiazka 2014-09-16 19:48 - 2014-09-16 19:48 - 00000000 ____D () C:\Program Files (x86)\CeWe Color 2014-09-16 19:47 - 2014-09-16 19:47 - 01639888 _____ () C:\Users\Toshiba\Desktop\setup_Moja_cewe_fotoksiazka.exe 2014-09-15 15:24 - 2014-09-15 15:24 - 02953056 _____ () C:\Users\Toshiba\Desktop\Semestr 1415 Zimowy.zip ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-12 17:26 - 2009-07-14 06:45 - 00016304 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-10-12 17:26 - 2009-07-14 06:45 - 00016304 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-10-12 17:12 - 2010-12-08 17:12 - 01337429 _____ () C:\Windows\WindowsUpdate.log 2014-10-12 17:11 - 2012-05-24 10:56 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-10-12 17:11 - 2012-02-06 14:24 - 00001066 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2754264385-1261652437-1540506145-1000UA.job 2014-10-12 15:53 - 2013-10-15 14:37 - 00000000 ____D () C:\Users\Toshiba\Documents\FIFA 14 2014-10-12 15:16 - 2014-08-18 12:15 - 00000360 ____H () C:\Windows\Tasks\couponsupport-S-649636217.job 2014-10-09 13:58 - 2010-12-25 17:41 - 00000000 ____D () C:\Users\Toshiba\AppData\Local\CrashDumps 2014-10-09 10:26 - 2010-12-08 17:47 - 00000000 ____D () C:\Users\Toshiba\AppData\Local\Google 2014-10-08 22:22 - 2009-07-14 06:51 - 00204785 _____ () C:\Windows\setupact.log 2014-10-08 22:21 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-10-08 22:20 - 2009-07-14 07:08 - 00032594 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-10-08 22:16 - 2013-10-15 14:32 - 00000000 ____D () C:\ProgramData\Origin 2014-10-08 22:12 - 2011-10-06 20:17 - 00000000 ____D () C:\Users\Toshiba\AppData\Roaming\ipla 2014-10-08 22:11 - 2012-02-06 14:24 - 00001014 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2754264385-1261652437-1540506145-1000Core.job 2014-10-06 14:07 - 2014-06-16 14:19 - 00000000 ____D () C:\Users\Toshiba\AppData\Roaming\systweak 2014-10-06 14:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-10-05 21:59 - 2012-10-03 13:32 - 00000000 ____D () C:\Users\Toshiba\AppData\Roaming\BitTorrent 2014-10-05 17:12 - 2013-06-09 10:38 - 01450980 _____ () C:\Windows\SysWOW64\debug.log 2014-10-04 22:31 - 2014-04-05 18:17 - 00000000 __SHD () C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} 2014-10-04 22:30 - 2014-04-05 18:17 - 00000000 ____D () C:\Users\Toshiba\AppData\Roaming\OpenCandy 2014-10-04 22:25 - 2012-06-04 16:20 - 00000000 ____D () C:\Program Files (x86)\VideoLAN 2014-10-04 22:24 - 2010-12-24 17:16 - 00000000 ____D () C:\Program Files (x86)\NAPI-PROJEKT 2014-10-03 10:35 - 2012-10-27 17:21 - 00000000 ____D () C:\Windows\Minidump 2014-09-30 16:43 - 2009-09-23 11:03 - 00736410 _____ () C:\Windows\PFRO.log 2014-09-26 18:10 - 2014-06-16 14:20 - 00003880 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1402921238 2014-09-26 18:10 - 2014-06-16 14:20 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-09-26 18:09 - 2012-05-24 10:56 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-09-26 18:09 - 2012-05-24 10:56 - 00003868 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-09-26 18:09 - 2011-12-20 23:51 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-09-23 20:35 - 2012-04-16 09:00 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk 2014-09-16 21:38 - 2010-12-08 17:38 - 00000000 ____D () C:\Users\Toshiba 2014-09-16 19:44 - 2014-01-03 14:48 - 00000000 ____D () C:\Users\Toshiba\Desktop\film-sob 2014-09-15 21:22 - 2013-03-24 21:42 - 00003352 _____ () C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2754264385-1261652437-1540506145-1000 2014-09-15 21:22 - 2013-03-24 21:42 - 00003222 _____ () C:\Windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2754264385-1261652437-1540506145-1000 2014-09-14 08:57 - 2009-07-14 06:45 - 00520520 _____ () C:\Windows\system32\FNTCACHE.DAT Some content of TEMP: ==================== C:\Users\Toshiba\AppData\Local\Temp\10187.exe C:\Users\Toshiba\AppData\Local\Temp\10367.exe C:\Users\Toshiba\AppData\Local\Temp\10796.exe C:\Users\Toshiba\AppData\Local\Temp\10922.exe C:\Users\Toshiba\AppData\Local\Temp\1098.exe C:\Users\Toshiba\AppData\Local\Temp\10984.exe C:\Users\Toshiba\AppData\Local\Temp\11175.exe C:\Users\Toshiba\AppData\Local\Temp\11373.exe C:\Users\Toshiba\AppData\Local\Temp\1156.exe C:\Users\Toshiba\AppData\Local\Temp\12615.exe C:\Users\Toshiba\AppData\Local\Temp\12940.exe C:\Users\Toshiba\AppData\Local\Temp\13033.exe C:\Users\Toshiba\AppData\Local\Temp\1335.exe C:\Users\Toshiba\AppData\Local\Temp\13781.exe C:\Users\Toshiba\AppData\Local\Temp\14186.exe C:\Users\Toshiba\AppData\Local\Temp\14199.exe C:\Users\Toshiba\AppData\Local\Temp\14426.exe C:\Users\Toshiba\AppData\Local\Temp\1526.exe C:\Users\Toshiba\AppData\Local\Temp\15419.exe C:\Users\Toshiba\AppData\Local\Temp\1581.exe C:\Users\Toshiba\AppData\Local\Temp\16236.exe C:\Users\Toshiba\AppData\Local\Temp\16462.exe C:\Users\Toshiba\AppData\Local\Temp\16894.exe C:\Users\Toshiba\AppData\Local\Temp\1691.exe C:\Users\Toshiba\AppData\Local\Temp\17071.exe C:\Users\Toshiba\AppData\Local\Temp\17144.exe C:\Users\Toshiba\AppData\Local\Temp\17654.exe C:\Users\Toshiba\AppData\Local\Temp\1776.exe C:\Users\Toshiba\AppData\Local\Temp\17864.exe C:\Users\Toshiba\AppData\Local\Temp\17870.exe C:\Users\Toshiba\AppData\Local\Temp\18113.exe C:\Users\Toshiba\AppData\Local\Temp\1842.exe C:\Users\Toshiba\AppData\Local\Temp\18910.exe C:\Users\Toshiba\AppData\Local\Temp\18930.exe C:\Users\Toshiba\AppData\Local\Temp\19390.exe C:\Users\Toshiba\AppData\Local\Temp\1949.exe C:\Users\Toshiba\AppData\Local\Temp\20055.exe C:\Users\Toshiba\AppData\Local\Temp\20682.exe C:\Users\Toshiba\AppData\Local\Temp\22242.exe C:\Users\Toshiba\AppData\Local\Temp\22422.exe C:\Users\Toshiba\AppData\Local\Temp\22501.exe C:\Users\Toshiba\AppData\Local\Temp\22509.exe C:\Users\Toshiba\AppData\Local\Temp\22973.exe C:\Users\Toshiba\AppData\Local\Temp\23210.exe C:\Users\Toshiba\AppData\Local\Temp\2388.exe C:\Users\Toshiba\AppData\Local\Temp\24892.exe C:\Users\Toshiba\AppData\Local\Temp\25376.exe C:\Users\Toshiba\AppData\Local\Temp\26265.exe C:\Users\Toshiba\AppData\Local\Temp\26418.exe C:\Users\Toshiba\AppData\Local\Temp\26782.exe C:\Users\Toshiba\AppData\Local\Temp\26815.exe C:\Users\Toshiba\AppData\Local\Temp\2747.exe C:\Users\Toshiba\AppData\Local\Temp\27872.exe C:\Users\Toshiba\AppData\Local\Temp\28512.exe C:\Users\Toshiba\AppData\Local\Temp\28920.exe C:\Users\Toshiba\AppData\Local\Temp\29178.exe C:\Users\Toshiba\AppData\Local\Temp\29296.exe C:\Users\Toshiba\AppData\Local\Temp\2955.exe C:\Users\Toshiba\AppData\Local\Temp\29955.exe C:\Users\Toshiba\AppData\Local\Temp\30781.exe C:\Users\Toshiba\AppData\Local\Temp\31347.exe C:\Users\Toshiba\AppData\Local\Temp\31539.exe C:\Users\Toshiba\AppData\Local\Temp\31789.exe C:\Users\Toshiba\AppData\Local\Temp\32251.exe C:\Users\Toshiba\AppData\Local\Temp\32437.exe C:\Users\Toshiba\AppData\Local\Temp\32592.exe C:\Users\Toshiba\AppData\Local\Temp\33071.exe C:\Users\Toshiba\AppData\Local\Temp\33520.exe C:\Users\Toshiba\AppData\Local\Temp\3402.exe C:\Users\Toshiba\AppData\Local\Temp\34245.exe C:\Users\Toshiba\AppData\Local\Temp\34596.exe C:\Users\Toshiba\AppData\Local\Temp\34801.exe C:\Users\Toshiba\AppData\Local\Temp\35016.exe C:\Users\Toshiba\AppData\Local\Temp\35192.exe C:\Users\Toshiba\AppData\Local\Temp\35453.exe C:\Users\Toshiba\AppData\Local\Temp\35473.exe C:\Users\Toshiba\AppData\Local\Temp\35752.exe C:\Users\Toshiba\AppData\Local\Temp\35859.exe C:\Users\Toshiba\AppData\Local\Temp\36472.exe C:\Users\Toshiba\AppData\Local\Temp\36655.exe C:\Users\Toshiba\AppData\Local\Temp\37093.exe C:\Users\Toshiba\AppData\Local\Temp\37140.exe C:\Users\Toshiba\AppData\Local\Temp\37362.exe C:\Users\Toshiba\AppData\Local\Temp\37539.exe C:\Users\Toshiba\AppData\Local\Temp\38071.exe C:\Users\Toshiba\AppData\Local\Temp\38463.exe C:\Users\Toshiba\AppData\Local\Temp\38626.exe C:\Users\Toshiba\AppData\Local\Temp\39591.exe C:\Users\Toshiba\AppData\Local\Temp\3998.exe C:\Users\Toshiba\AppData\Local\Temp\40078.exe C:\Users\Toshiba\AppData\Local\Temp\40238.exe C:\Users\Toshiba\AppData\Local\Temp\40529.exe C:\Users\Toshiba\AppData\Local\Temp\40842.exe C:\Users\Toshiba\AppData\Local\Temp\41973.exe C:\Users\Toshiba\AppData\Local\Temp\4200.exe C:\Users\Toshiba\AppData\Local\Temp\42045.exe C:\Users\Toshiba\AppData\Local\Temp\42697.exe C:\Users\Toshiba\AppData\Local\Temp\42737.exe C:\Users\Toshiba\AppData\Local\Temp\44413.exe C:\Users\Toshiba\AppData\Local\Temp\4445.exe C:\Users\Toshiba\AppData\Local\Temp\44828.exe C:\Users\Toshiba\AppData\Local\Temp\45458.exe C:\Users\Toshiba\AppData\Local\Temp\45531.exe C:\Users\Toshiba\AppData\Local\Temp\4579.exe C:\Users\Toshiba\AppData\Local\Temp\46539.exe C:\Users\Toshiba\AppData\Local\Temp\46631.exe C:\Users\Toshiba\AppData\Local\Temp\46905.exe C:\Users\Toshiba\AppData\Local\Temp\47069.exe C:\Users\Toshiba\AppData\Local\Temp\47284.exe C:\Users\Toshiba\AppData\Local\Temp\47356.exe C:\Users\Toshiba\AppData\Local\Temp\47419.exe C:\Users\Toshiba\AppData\Local\Temp\47705.exe C:\Users\Toshiba\AppData\Local\Temp\47809.exe C:\Users\Toshiba\AppData\Local\Temp\48322.exe C:\Users\Toshiba\AppData\Local\Temp\49243.exe C:\Users\Toshiba\AppData\Local\Temp\49715.exe C:\Users\Toshiba\AppData\Local\Temp\50148.exe C:\Users\Toshiba\AppData\Local\Temp\50414.exe C:\Users\Toshiba\AppData\Local\Temp\50580.exe C:\Users\Toshiba\AppData\Local\Temp\50684.exe C:\Users\Toshiba\AppData\Local\Temp\51214.exe C:\Users\Toshiba\AppData\Local\Temp\51406.exe C:\Users\Toshiba\AppData\Local\Temp\5155.exe C:\Users\Toshiba\AppData\Local\Temp\51668.exe C:\Users\Toshiba\AppData\Local\Temp\52126.exe C:\Users\Toshiba\AppData\Local\Temp\52552.exe C:\Users\Toshiba\AppData\Local\Temp\52828.exe C:\Users\Toshiba\AppData\Local\Temp\52947.exe C:\Users\Toshiba\AppData\Local\Temp\53402.exe C:\Users\Toshiba\AppData\Local\Temp\5343.exe C:\Users\Toshiba\AppData\Local\Temp\54017.exe C:\Users\Toshiba\AppData\Local\Temp\54297.exe C:\Users\Toshiba\AppData\Local\Temp\54383.exe C:\Users\Toshiba\AppData\Local\Temp\54604.exe C:\Users\Toshiba\AppData\Local\Temp\55300.exe C:\Users\Toshiba\AppData\Local\Temp\55601.exe C:\Users\Toshiba\AppData\Local\Temp\55614.exe C:\Users\Toshiba\AppData\Local\Temp\5677.exe C:\Users\Toshiba\AppData\Local\Temp\58106.exe C:\Users\Toshiba\AppData\Local\Temp\58348.exe C:\Users\Toshiba\AppData\Local\Temp\58419.exe C:\Users\Toshiba\AppData\Local\Temp\58631.exe C:\Users\Toshiba\AppData\Local\Temp\59590.exe C:\Users\Toshiba\AppData\Local\Temp\59823.exe C:\Users\Toshiba\AppData\Local\Temp\60002.exe C:\Users\Toshiba\AppData\Local\Temp\60496.exe C:\Users\Toshiba\AppData\Local\Temp\60583.exe C:\Users\Toshiba\AppData\Local\Temp\60613.exe C:\Users\Toshiba\AppData\Local\Temp\60816.exe C:\Users\Toshiba\AppData\Local\Temp\60947.exe C:\Users\Toshiba\AppData\Local\Temp\6095.exe C:\Users\Toshiba\AppData\Local\Temp\61429.exe C:\Users\Toshiba\AppData\Local\Temp\61908.exe C:\Users\Toshiba\AppData\Local\Temp\62277.exe C:\Users\Toshiba\AppData\Local\Temp\62523.exe C:\Users\Toshiba\AppData\Local\Temp\6290.exe C:\Users\Toshiba\AppData\Local\Temp\62992.exe C:\Users\Toshiba\AppData\Local\Temp\63000.exe C:\Users\Toshiba\AppData\Local\Temp\63114.exe C:\Users\Toshiba\AppData\Local\Temp\6330.exe C:\Users\Toshiba\AppData\Local\Temp\63449.exe C:\Users\Toshiba\AppData\Local\Temp\63469.exe C:\Users\Toshiba\AppData\Local\Temp\64698.exe C:\Users\Toshiba\AppData\Local\Temp\64887.exe C:\Users\Toshiba\AppData\Local\Temp\65032.exe C:\Users\Toshiba\AppData\Local\Temp\65168.exe C:\Users\Toshiba\AppData\Local\Temp\65669.exe C:\Users\Toshiba\AppData\Local\Temp\66030.exe C:\Users\Toshiba\AppData\Local\Temp\66135.exe C:\Users\Toshiba\AppData\Local\Temp\66149.exe C:\Users\Toshiba\AppData\Local\Temp\66214.exe C:\Users\Toshiba\AppData\Local\Temp\66573.exe C:\Users\Toshiba\AppData\Local\Temp\67090.exe C:\Users\Toshiba\AppData\Local\Temp\67105.exe C:\Users\Toshiba\AppData\Local\Temp\67626.exe C:\Users\Toshiba\AppData\Local\Temp\67669.exe C:\Users\Toshiba\AppData\Local\Temp\67904.exe C:\Users\Toshiba\AppData\Local\Temp\68659.exe C:\Users\Toshiba\AppData\Local\Temp\68888.exe C:\Users\Toshiba\AppData\Local\Temp\69228.exe C:\Users\Toshiba\AppData\Local\Temp\69364.exe C:\Users\Toshiba\AppData\Local\Temp\69434.exe C:\Users\Toshiba\AppData\Local\Temp\69645.exe C:\Users\Toshiba\AppData\Local\Temp\6972.exe C:\Users\Toshiba\AppData\Local\Temp\69963.exe C:\Users\Toshiba\AppData\Local\Temp\70151.exe C:\Users\Toshiba\AppData\Local\Temp\70259.exe C:\Users\Toshiba\AppData\Local\Temp\70325.exe C:\Users\Toshiba\AppData\Local\Temp\7033.exe C:\Users\Toshiba\AppData\Local\Temp\70551.exe C:\Users\Toshiba\AppData\Local\Temp\7158.exe C:\Users\Toshiba\AppData\Local\Temp\72014.exe C:\Users\Toshiba\AppData\Local\Temp\72937.exe C:\Users\Toshiba\AppData\Local\Temp\73200.exe C:\Users\Toshiba\AppData\Local\Temp\73278.exe C:\Users\Toshiba\AppData\Local\Temp\7363.exe C:\Users\Toshiba\AppData\Local\Temp\73639.exe C:\Users\Toshiba\AppData\Local\Temp\73848.exe C:\Users\Toshiba\AppData\Local\Temp\74457.exe C:\Users\Toshiba\AppData\Local\Temp\74479.exe C:\Users\Toshiba\AppData\Local\Temp\74985.exe C:\Users\Toshiba\AppData\Local\Temp\75167.exe C:\Users\Toshiba\AppData\Local\Temp\75297.exe C:\Users\Toshiba\AppData\Local\Temp\75654.exe C:\Users\Toshiba\AppData\Local\Temp\76184.exe C:\Users\Toshiba\AppData\Local\Temp\76589.exe C:\Users\Toshiba\AppData\Local\Temp\76618.exe C:\Users\Toshiba\AppData\Local\Temp\76621.exe C:\Users\Toshiba\AppData\Local\Temp\77397.exe C:\Users\Toshiba\AppData\Local\Temp\77473.exe C:\Users\Toshiba\AppData\Local\Temp\77680.exe C:\Users\Toshiba\AppData\Local\Temp\78042.exe C:\Users\Toshiba\AppData\Local\Temp\78168.exe C:\Users\Toshiba\AppData\Local\Temp\78559.exe C:\Users\Toshiba\AppData\Local\Temp\78822.exe C:\Users\Toshiba\AppData\Local\Temp\80002.exe C:\Users\Toshiba\AppData\Local\Temp\80331.exe C:\Users\Toshiba\AppData\Local\Temp\80516.exe C:\Users\Toshiba\AppData\Local\Temp\80881.exe C:\Users\Toshiba\AppData\Local\Temp\81707.exe C:\Users\Toshiba\AppData\Local\Temp\81898.exe C:\Users\Toshiba\AppData\Local\Temp\81981.exe C:\Users\Toshiba\AppData\Local\Temp\82566.exe C:\Users\Toshiba\AppData\Local\Temp\83467.exe C:\Users\Toshiba\AppData\Local\Temp\83532.exe C:\Users\Toshiba\AppData\Local\Temp\84006.exe C:\Users\Toshiba\AppData\Local\Temp\84279.exe C:\Users\Toshiba\AppData\Local\Temp\84415.exe C:\Users\Toshiba\AppData\Local\Temp\84535.exe C:\Users\Toshiba\AppData\Local\Temp\846.exe C:\Users\Toshiba\AppData\Local\Temp\8471.exe C:\Users\Toshiba\AppData\Local\Temp\85007.exe C:\Users\Toshiba\AppData\Local\Temp\87041.exe C:\Users\Toshiba\AppData\Local\Temp\87754.exe C:\Users\Toshiba\AppData\Local\Temp\88179.exe C:\Users\Toshiba\AppData\Local\Temp\88465.exe C:\Users\Toshiba\AppData\Local\Temp\88970.exe C:\Users\Toshiba\AppData\Local\Temp\89626.exe C:\Users\Toshiba\AppData\Local\Temp\89649.exe C:\Users\Toshiba\AppData\Local\Temp\90133.exe C:\Users\Toshiba\AppData\Local\Temp\90359.exe C:\Users\Toshiba\AppData\Local\Temp\90796.exe C:\Users\Toshiba\AppData\Local\Temp\90882.exe C:\Users\Toshiba\AppData\Local\Temp\91533.exe C:\Users\Toshiba\AppData\Local\Temp\92276.exe C:\Users\Toshiba\AppData\Local\Temp\92289.exe C:\Users\Toshiba\AppData\Local\Temp\93110.exe C:\Users\Toshiba\AppData\Local\Temp\93215.exe C:\Users\Toshiba\AppData\Local\Temp\94467.exe C:\Users\Toshiba\AppData\Local\Temp\9586.exe C:\Users\Toshiba\AppData\Local\Temp\96367.exe C:\Users\Toshiba\AppData\Local\Temp\97378.exe C:\Users\Toshiba\AppData\Local\Temp\99053.exe C:\Users\Toshiba\AppData\Local\Temp\99228.exe C:\Users\Toshiba\AppData\Local\Temp\99302.exe C:\Users\Toshiba\AppData\Local\Temp\99413.exe C:\Users\Toshiba\AppData\Local\Temp\99543.exe C:\Users\Toshiba\AppData\Local\Temp\9I3ztSJf7u.exe C:\Users\Toshiba\AppData\Local\Temp\appshat-distribution.exe C:\Users\Toshiba\AppData\Local\Temp\bitool.dll C:\Users\Toshiba\AppData\Local\Temp\DSSExp.exe C:\Users\Toshiba\AppData\Local\Temp\E92ayoDAIL.exe C:\Users\Toshiba\AppData\Local\Temp\ICReinstall_winamp565_Downloader.exe C:\Users\Toshiba\AppData\Local\Temp\ipl11BB.tmp.exe C:\Users\Toshiba\AppData\Local\Temp\ipl2A00.tmp.exe C:\Users\Toshiba\AppData\Local\Temp\ipl40C6.tmp.exe C:\Users\Toshiba\AppData\Local\Temp\ipl75F.tmp.exe C:\Users\Toshiba\AppData\Local\Temp\ipl94EE.tmp.exe C:\Users\Toshiba\AppData\Local\Temp\iplA5C0.tmp.exe C:\Users\Toshiba\AppData\Local\Temp\iplEFCA.tmp.exe C:\Users\Toshiba\AppData\Local\Temp\iplF0F2.tmp.exe C:\Users\Toshiba\AppData\Local\Temp\iplF768.tmp.exe C:\Users\Toshiba\AppData\Local\Temp\jre-7u40-windows-i586-iftw.exe C:\Users\Toshiba\AppData\Local\Temp\LCBS.exe C:\Users\Toshiba\AppData\Local\Temp\NEwBSDynDNS3.exe C:\Users\Toshiba\AppData\Local\Temp\OptimizerPro.exe C:\Users\Toshiba\AppData\Local\Temp\ose00000.exe C:\Users\Toshiba\AppData\Local\Temp\tbBit2.dll C:\Users\Toshiba\AppData\Local\Temp\tbBitT.dll C:\Users\Toshiba\AppData\Local\Temp\uninst1.exe C:\Users\Toshiba\AppData\Local\Temp\vlc-2.0.7-win32.exe C:\Users\Toshiba\AppData\Local\Temp\xAeDlmkgbB.exe C:\Users\Toshiba\AppData\Local\Temp\y9NvMJTKlt.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-10-02 11:46 ==================== End Of Log ============================