Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-10-2014 01 Ran by Milena (administrator) on MILENA-PC on 20-10-2014 23:15:12 Running from D:\Downloads Loaded Profile: Milena (Available profiles: Milena) Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Polski (Polska) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Spotify Ltd) C:\Users\Milena\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (http://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Farbar) D:\Downloads\FRST64 (1).exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM-x32\...\Run: [avast] => C:\Program Files\AVAST Software\Avast\avastUI.exe [4297136 2012-10-31] (AVAST Software) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKU\S-1-5-21-2645612404-3362373214-1021503197-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [4910912 2011-08-02] (DT Soft Ltd) HKU\S-1-5-21-2645612404-3362373214-1021503197-1000\...\Run: [ALLUpdate] => C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe [2995712 2013-01-23] (ALLPlayer Group Ltd.) HKU\S-1-5-21-2645612404-3362373214-1021503197-1000\...\Run: [NetLimiter] => C:\Program Files\NetLimiter 3\NLClientApp.exe /tray HKU\S-1-5-21-2645612404-3362373214-1021503197-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe HKU\S-1-5-21-2645612404-3362373214-1021503197-1000\...\Run: [Spotify Web Helper] => C:\Users\Milena\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1514040 2014-10-12] (Spotify Ltd) HKU\S-1-5-21-2645612404-3362373214-1021503197-1000\...\Run: [LiveSupport] => "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log HKU\S-1-5-21-2645612404-3362373214-1021503197-1000\...\Run: [uTorrent] => C:\Users\Milena\AppData\Roaming\uTorrent\uTorrent.exe [1385808 2014-10-01] (BitTorrent Inc.) HKU\S-1-5-21-2645612404-3362373214-1021503197-1000\...\MountPoints2: {0f44e2ff-e765-11e0-9920-001377ab3a2c} - F:\Setup.exe Startup: C:\Users\Milena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk ShortcutTarget: Facebook Messenger.lnk -> C:\Users\Milena\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (No File) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net) ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net) ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net) ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net) ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net) ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net) ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net) ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net) ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net) ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Milena\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Milena\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Milena\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Milena\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Milena\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Milena\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Milena\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.awesomehp.com/web/?type=ds&ts=1391963989&from=ild&uid=HitachiXHTS543225L9A300_080911FB0D00LJG2J3DAX&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com/?type=hp&ts=1391963989&from=ild&uid=HitachiXHTS543225L9A300_080911FB0D00LJG2J3DAX HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.awesomehp.com/?type=hp&ts=1391963989&from=ild&uid=HitachiXHTS543225L9A300_080911FB0D00LJG2J3DAX HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.awesomehp.com/web/?type=ds&ts=1391963989&from=ild&uid=HitachiXHTS543225L9A300_080911FB0D00LJG2J3DAX&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.awesomehp.com/web/?type=ds&ts=1391963989&from=ild&uid=HitachiXHTS543225L9A300_080911FB0D00LJG2J3DAX&q={searchTerms} URLSearchHook: HKCU - (No Name) - {50fafaf0-70a9-419d-a109-fa4b4ffd4e37} - No File StartMenuInternet: IEXPLORE.EXE - iexplore.exe SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.awesomehp.com/web/?type=ds&ts=1391963989&from=ild&uid=HitachiXHTS543225L9A300_080911FB0D00LJG2J3DAX&q={searchTerms} SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.awesomehp.com/web/?type=ds&ts=1391963989&from=ild&uid=HitachiXHTS543225L9A300_080911FB0D00LJG2J3DAX&q={searchTerms} SearchScopes: HKLM-x32 - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://startsear.ch/?aff=2&src=sp&cf=3790d313-8e49-11e1-ba11-001377ab3a2c&q={searchTerms} SearchScopes: HKCU - DefaultScope {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = http://mystart.incredibar.com/mb128/?search={searchTerms}&loc=IB_DS&a=6PQPrEquaW&i=26 SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://startsear.ch/?aff=2&src=sp&cf=3790d313-8e49-11e1-ba11-001377ab3a2c&q={searchTerms} SearchScopes: HKCU - {3EE8D17F-A7D2-4700-8E7F-24FAAE877F57} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3106777 SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear SearchScopes: HKCU - {935E1460-F7F9-45AA-8ABB-E07B7975129E} URL = http://search.babylon.com/?q={searchTerms}&AF=100482&babsrc=SP_ss&mntrId=ca66938a000000000000001377ab3a2c SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = http://mystart.incredibar.com/mb128/?search={searchTerms}&loc=IB_DS&a=6PQPrEquaW&i=26 BHO: avast! WebRep -> {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: IB Updater -> {336D0C35-8A85-403a-B9D2-65C292C39087} -> C:\Program Files\IB Updater\Extension64.dll No File BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\java\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! WebRep -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Pomocnik logowania za pomocą identyfikatora Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\java\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: IplexToALLPlayer -> {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} -> C:\Program Files (x86)\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.) Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) Toolbar: HKLM-x32 - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) Toolbar: HKCU - No Name - {50FAFAF0-70A9-419D-A109-FA4B4FFD4E37} - No File DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{3BD13534-736D-4F9A-9B61-E3929D15F34B}: [NameServer] 8.8.8.8,8.8.4.4 FireFox: ======== FF ProfilePath: C:\Users\Milena\AppData\Roaming\Mozilla\Firefox\Profiles\oupz0xfc.default-1385764882429 FF NewTab: chrome://quick_start/content/index.html FF DefaultSearchEngine: awesomehp FF SelectedSearchEngine: awesomehp FF Homepage: hxxp://www.awesomehp.com/?type=hp&ts=1391963989&from=ild&uid=HitachiXHTS543225L9A300_080911FB0D00LJG2J3DAX FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll () FF Plugin: @java.com/DTPlugin,version=10.4.1 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.4.1 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll () FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> D:\java\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> D:\java\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader -> D:\Programy\adobe reader\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF user.js: detected! => C:\Users\Milena\AppData\Roaming\Mozilla\Firefox\Profiles\oupz0xfc.default-1385764882429\user.js FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npvsharetvplg.dll (LiveVDO ) FF Extension: Quick Start - C:\Users\Milena\AppData\Roaming\Mozilla\Firefox\Profiles\oupz0xfc.default-1385764882429\Extensions\quick_start@gmail.com [2014-05-29] FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-10-15] FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-10-15] FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-10-15] FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\IB Updater\Firefox FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! WebRep - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-09-25] Chrome: ======= CHR HomePage: Default -> hxxp://www.awesomehp.com/?type=hp&ts=1391963989&from=ild&uid=HitachiXHTS543225L9A300_080911FB0D00LJG2J3DAX CHR StartupUrls: Default -> "hxxp://www.gazeta.pl/0,0.html?p=138", "hxxp://www.gazeta.pl/0,0.html?p=137" CHR Profile: C:\Users\Milena\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Fancy Gaming Simplifier) - C:\Users\Milena\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahcaniaehcjkignnobkmdgacafghkplh [2011-10-31] CHR Extension: (YouTube) - C:\Users\Milena\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-23] CHR Extension: (Adblock Plus) - C:\Users\Milena\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-04-27] CHR Extension: (Szukaj w Google) - C:\Users\Milena\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-23] CHR Extension: (Mail Checker Plus for Google Mail™) - C:\Users\Milena\AppData\Local\Google\Chrome\User Data\Default\Extensions\gffjhibehnempbkeheiccaincokdjbfe [2011-10-18] CHR Extension: (di.slik.es - the Facebook Dislike Button) - C:\Users\Milena\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhececbeknnflihipbjdccepbnblahkl [2011-11-28] CHR Extension: (Skype Click to Call) - C:\Users\Milena\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-07-21] CHR Extension: (Google Wallet) - C:\Users\Milena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24] CHR Extension: (Gmail) - C:\Users\Milena\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-23] CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\IB Updater\source.crx [] CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\IB Updater\source.crx [] CHR HKLM-x32\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2011-09-25] CHR HKLM-x32\...\Chrome\Extension: [jbpkiefagocgkmemidfngdkamloieekf] - C:\Program Files (x86)\TornTV.com\torn10.crx [2011-09-25] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14] CHR HKLM-x32\...\Chrome\Extension: [pbiamblgmkgbcgbcgejjgebalncpmhnp] - C:\Program Files (x86)\StartSearch plugin\vshareplg.crx [2014-07-14] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [44808 2012-10-31] (AVAST Software) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [25232 2012-10-31] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [71600 2012-10-31] (AVAST Software) R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [54072 2012-10-15] (AVAST Software) R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [984144 2012-10-31] (AVAST Software) R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [370288 2012-10-31] (AVAST Software) R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [59728 2012-10-31] (AVAST Software) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [270912 2011-09-25] (DT Soft Ltd) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-04-30] (Duplex Secure Ltd.) S3 NLNdisMP; system32\DRIVERS\nlndis.sys [X] S3 NLNdisPT; system32\DRIVERS\nlndis.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-19 00:20 - 2014-10-19 00:20 - 00089230 _____ () C:\Users\Milena\Desktop\Extras.Txt 2014-10-18 23:48 - 2014-10-20 23:15 - 00000000 ___DC () C:\FRST 2014-10-18 23:47 - 2014-10-18 23:47 - 00007093 _____ () C:\Users\Milena\Documents\1810.txt 2014-10-18 00:35 - 2014-10-18 00:35 - 00009212 _____ () C:\Users\Milena\Documents\1710.txt 2014-10-17 19:26 - 2014-10-17 19:45 - 00000000 ____D () C:\Users\Milena\Desktop\mat 2014-10-17 10:48 - 2014-10-10 04:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-10-17 10:48 - 2014-10-10 04:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2014-10-17 10:48 - 2014-10-10 04:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-10-17 10:46 - 2014-10-07 04:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-10-17 10:46 - 2014-10-07 04:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-10-17 10:46 - 2014-09-29 02:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-10-17 10:46 - 2014-09-26 00:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-10-17 10:46 - 2014-09-26 00:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-10-17 10:46 - 2014-09-26 00:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-10-17 10:46 - 2014-09-26 00:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-10-17 10:46 - 2014-09-26 00:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-10-17 10:46 - 2014-09-26 00:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-10-17 10:46 - 2014-09-19 03:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-10-17 10:46 - 2014-09-19 03:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-10-17 10:46 - 2014-09-19 03:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-10-17 10:46 - 2014-09-19 03:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-10-17 10:46 - 2014-09-19 03:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-10-17 10:46 - 2014-09-19 03:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-10-17 10:46 - 2014-09-19 03:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-10-17 10:46 - 2014-09-19 03:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-10-17 10:46 - 2014-09-19 03:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-10-17 10:46 - 2014-09-19 03:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-10-17 10:46 - 2014-09-19 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-10-17 10:46 - 2014-09-19 03:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-10-17 10:46 - 2014-09-19 03:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-10-17 10:46 - 2014-09-19 03:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-10-17 10:46 - 2014-09-19 03:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-10-17 10:46 - 2014-09-19 03:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-10-17 10:46 - 2014-09-19 02:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-10-17 10:46 - 2014-09-19 02:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-10-17 10:46 - 2014-09-19 02:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-10-17 10:46 - 2014-09-19 02:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-10-17 10:46 - 2014-09-19 02:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-10-17 10:46 - 2014-09-19 02:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-10-17 10:46 - 2014-09-19 02:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-10-17 10:46 - 2014-09-19 02:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-10-17 10:46 - 2014-09-19 02:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-10-17 10:46 - 2014-09-19 02:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-10-17 10:46 - 2014-09-19 02:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-10-17 10:46 - 2014-09-19 02:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-10-17 10:46 - 2014-09-19 02:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-10-17 10:46 - 2014-09-19 02:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-10-17 10:46 - 2014-09-19 01:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-10-17 10:46 - 2014-09-19 01:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-10-17 10:46 - 2014-09-19 01:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-10-17 10:46 - 2014-06-19 00:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll 2014-10-17 10:46 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll 2014-10-17 10:46 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll 2014-10-17 10:46 - 2014-06-19 00:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll 2014-10-17 10:46 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll 2014-10-17 10:46 - 2014-06-19 00:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll 2014-10-17 10:45 - 2014-09-26 00:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-10-17 10:45 - 2014-09-19 04:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-10-17 10:45 - 2014-09-19 03:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-10-17 10:45 - 2014-09-19 03:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-10-17 10:45 - 2014-09-19 03:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-10-17 10:45 - 2014-09-19 03:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-10-17 10:45 - 2014-09-19 03:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-10-17 10:45 - 2014-09-19 03:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-10-17 10:45 - 2014-09-19 03:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-10-17 10:45 - 2014-09-19 03:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-10-17 10:45 - 2014-09-19 03:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-10-17 10:45 - 2014-09-19 02:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-10-17 10:45 - 2014-09-19 02:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-10-17 10:45 - 2014-09-19 02:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-10-17 10:45 - 2014-09-19 01:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-10-17 10:45 - 2014-07-17 04:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2014-10-17 10:45 - 2014-07-17 04:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe 2014-10-17 10:45 - 2014-07-17 04:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2014-10-17 10:45 - 2014-07-17 04:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2014-10-17 10:45 - 2014-07-17 04:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll 2014-10-17 10:45 - 2014-07-17 04:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll 2014-10-17 10:45 - 2014-07-17 04:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-10-17 10:45 - 2014-07-17 04:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-10-17 10:45 - 2014-07-17 03:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll 2014-10-17 10:45 - 2014-07-17 03:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2014-10-17 10:45 - 2014-07-17 03:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe 2014-10-17 10:45 - 2014-07-17 03:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll 2014-10-17 10:45 - 2014-07-17 03:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-10-17 10:45 - 2014-07-17 03:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-10-17 10:45 - 2014-07-17 03:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys 2014-10-17 10:45 - 2014-07-17 03:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2014-10-17 10:44 - 2014-09-04 07:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll 2014-10-17 10:43 - 2014-09-18 04:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-10-17 10:43 - 2014-09-18 03:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2014-10-17 10:43 - 2014-09-13 03:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2014-10-17 10:43 - 2014-09-13 03:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll 2014-10-17 10:43 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll 2014-10-17 00:11 - 2014-10-17 00:11 - 00010368 _____ () C:\Users\Milena\Documents\1610.txt 2014-10-16 10:38 - 2014-10-16 10:38 - 00001055 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera 25.lnk 2014-10-15 23:54 - 2014-10-15 23:54 - 00010890 _____ () C:\Users\Milena\Documents\1510.txt 2014-10-15 17:00 - 2014-10-15 17:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-10-15 00:13 - 2014-10-15 00:13 - 00008668 _____ () C:\Users\Milena\Documents\1410.txt 2014-10-14 00:51 - 2014-10-14 00:51 - 00016104 _____ () C:\Users\Milena\Documents\1310.txt 2014-10-12 22:58 - 2014-10-12 22:58 - 00001109 _____ () C:\Users\Milena\Documents\1210.txt 2014-10-12 00:51 - 2014-10-12 00:51 - 00006058 _____ () C:\Users\Milena\Documents\111014.txt 2014-10-10 21:11 - 2014-10-10 21:11 - 00003777 _____ () C:\Users\Milena\Documents\101014a.txt 2014-10-10 00:17 - 2014-10-10 00:17 - 00010309 _____ () C:\Users\Milena\Documents\910.txt 2014-10-08 23:50 - 2014-10-08 23:50 - 00006307 _____ () C:\Users\Milena\Documents\810.txt 2014-10-08 00:49 - 2014-10-08 00:49 - 00001737 _____ () C:\Users\Milena\Documents\710aa.txt 2014-10-08 00:07 - 2014-10-08 00:07 - 00014667 _____ () C:\Users\Milena\Documents\710a.txt 2014-10-07 00:54 - 2014-10-07 00:54 - 00013205 _____ () C:\Users\Milena\Documents\610.txt 2014-10-06 00:08 - 2014-10-06 00:08 - 00011949 _____ () C:\Users\Milena\Documents\510.txt 2014-10-05 00:48 - 2014-10-05 00:48 - 00002768 _____ () C:\Users\Milena\Documents\410a.txt 2014-10-04 20:20 - 2014-10-04 20:20 - 00070263 _____ () C:\Users\Milena\Desktop\3.Days.to.Kill.2014.EXTENDED.BDRip.x264-SPARKS.torrent 2014-10-04 20:11 - 2014-10-04 20:11 - 00020595 _____ () C:\Users\Milena\Desktop\The.November.Man.2014.720p.WEBRIP.x264.AC3-EVE.torrent 2014-10-04 20:02 - 2014-10-04 20:02 - 00010227 _____ () C:\Users\Milena\Desktop\The.November.Man.2014.720p.HDRip.x264.AC3-FooKaS.torrent 2014-10-04 01:41 - 2014-10-04 01:41 - 00000685 _____ () C:\Users\Milena\Documents\310a.txt 2014-10-03 22:55 - 2014-10-03 22:55 - 00033156 _____ () C:\Users\Milena\Desktop\Sxtape.2013.1080p.BluRay.x264-ROVERS.txt 2014-10-03 22:38 - 2014-10-03 22:38 - 00010036 _____ () C:\Users\Milena\Desktop\Lucy.2014.HC.720p.HDRIP.x264.AC3.TiTAN.torrent 2014-10-03 22:24 - 2014-10-03 22:24 - 00030300 _____ () C:\Users\Milena\Desktop\22.Jump.Street.2014.720p.HDRiP.XVID-MAJESTIC.torrent 2014-10-03 20:42 - 2014-10-03 20:42 - 00002853 _____ () C:\Users\Milena\Documents\310.txt 2014-10-02 23:20 - 2014-10-02 23:20 - 00004254 _____ () C:\Users\Milena\Documents\210.txt 2014-10-02 00:00 - 2014-10-02 00:00 - 00009023 _____ () C:\Users\Milena\Documents\110.txt 2014-10-01 17:47 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2014-10-01 17:47 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2014-10-01 00:36 - 2014-10-01 00:36 - 00005694 _____ () C:\Users\Milena\Documents\309a.txt 2014-09-30 19:33 - 2014-09-30 19:33 - 00001926 _____ () C:\Users\Milena\Documents\309.txt 2014-09-30 00:49 - 2014-09-30 00:49 - 00012024 _____ () C:\Users\Milena\Documents\299.txt 2014-09-29 00:45 - 2014-09-29 00:45 - 00010100 _____ () C:\Users\Milena\Documents\289aaa.txt 2014-09-28 00:41 - 2014-09-28 00:41 - 00006613 _____ () C:\Users\Milena\Documents\279.txt 2014-09-27 00:55 - 2014-09-27 00:55 - 00013365 _____ () C:\Users\Milena\Documents\269.txt 2014-09-26 00:06 - 2014-09-26 00:06 - 00004824 _____ () C:\Users\Milena\Documents\259aaa.txt 2014-09-25 18:49 - 2014-09-25 19:43 - 00004042 _____ () C:\Users\Milena\Documents\259.txt 2014-09-25 17:36 - 2014-10-16 16:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak 2014-09-25 09:17 - 2014-09-25 09:17 - 00000000 ____D () C:\Users\Milena\.WebStorm8 2014-09-25 09:15 - 2014-10-08 20:10 - 00000000 ____D () C:\Program Files (x86)\JetBrains 2014-09-25 00:13 - 2014-09-25 00:13 - 00007229 _____ () C:\Users\Milena\Documents\249.txt 2014-09-24 14:34 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-09-24 14:34 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2014-09-23 23:58 - 2014-09-23 23:58 - 00012832 _____ () C:\Users\Milena\Documents\239.txt 2014-09-22 23:39 - 2014-09-22 23:39 - 00001986 _____ () C:\Users\Milena\Documents\229.txt 2014-09-22 00:24 - 2014-09-22 00:24 - 00001135 _____ () C:\Users\Milena\Documents\219.txt 2014-09-21 18:17 - 2014-09-21 18:17 - 00090193 _____ () C:\Users\Milena\Desktop\PocztaWP - 1 nowych.htm 2014-09-21 18:17 - 2014-09-21 18:17 - 00000000 ____D () C:\Users\Milena\Desktop\PocztaWP - 1 nowych_files 2014-09-21 00:40 - 2014-09-21 00:40 - 00000990 _____ () C:\Users\Milena\Documents\209.txt ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-20 23:16 - 2011-09-25 13:58 - 00000000 ____D () C:\Users\Milena\AppData\Roaming\Skype 2014-10-20 22:36 - 2012-11-24 18:40 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-10-20 22:30 - 2011-10-18 00:39 - 00001048 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-10-20 21:26 - 2011-09-25 12:54 - 01195942 _____ () C:\Windows\WindowsUpdate.log 2014-10-20 21:09 - 2014-02-13 19:37 - 00000000 ____D () C:\Users\Milena\AppData\Roaming\uTorrent 2014-10-20 17:30 - 2011-10-18 00:39 - 00001044 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-10-20 11:18 - 2009-07-14 06:45 - 00032016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-10-20 11:18 - 2009-07-14 06:45 - 00032016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-10-20 11:11 - 2012-04-08 18:02 - 00000000 ____D () C:\Users\Milena\AppData\Local\TSVNCache 2014-10-20 11:11 - 2009-07-14 06:51 - 00155938 _____ () C:\Windows\setupact.log 2014-10-20 11:10 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-10-19 23:58 - 2014-03-11 19:59 - 00000000 ____D () C:\Users\Milena\Desktop\download 2014-10-19 12:48 - 2010-11-21 05:47 - 00176086 _____ () C:\Windows\PFRO.log 2014-10-18 22:39 - 2014-03-28 19:00 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP 2014-10-18 22:37 - 2012-06-11 20:46 - 00000000 ____D () C:\Users\Milena\AppData\Local\Unity 2014-10-18 11:28 - 2009-07-14 06:45 - 00409688 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-10-18 11:26 - 2014-04-30 09:32 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-10-18 01:02 - 2011-09-25 13:38 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-10-18 00:38 - 2013-08-15 02:58 - 00000000 ____D () C:\Windows\system32\MRT 2014-10-18 00:38 - 2011-10-07 00:18 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-10-17 21:49 - 2014-05-10 16:40 - 00000000 ____D () C:\Users\Milena\AppData\Local\Battle.net 2014-10-17 21:49 - 2014-05-10 16:40 - 00000000 ____D () C:\Program Files (x86)\Battle.net 2014-10-17 16:30 - 2013-07-11 23:08 - 00000000 ____D () C:\Users\Milena\AppData\Roaming\Spotify 2014-10-17 16:27 - 2013-07-11 23:09 - 00000000 ____D () C:\Users\Milena\AppData\Local\Spotify 2014-10-17 10:35 - 2012-09-25 00:05 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-10-17 10:32 - 2012-06-02 21:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-10-16 10:38 - 2014-08-14 20:23 - 00003874 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1397210703 2014-10-16 10:38 - 2011-09-25 13:22 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-10-08 20:09 - 2012-05-14 11:55 - 00000000 ____D () C:\Program Files (x86)\Android 2014-10-08 20:08 - 2012-04-08 16:33 - 00000000 ____D () C:\Program Files (x86)\AIMP3 2014-10-03 11:06 - 2013-07-03 20:49 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2014-09-26 10:36 - 2012-11-24 18:40 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-09-26 10:36 - 2012-11-24 18:40 - 00003868 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-09-26 10:36 - 2011-09-25 13:17 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-09-25 09:17 - 2011-09-25 13:09 - 00000000 ____D () C:\Users\Milena 2014-09-22 23:46 - 2014-09-11 19:42 - 00000000 ____D () C:\ProgramData\Origin 2014-09-21 18:06 - 2011-02-04 19:38 - 01343244 _____ () C:\Windows\system32\perfh015.dat 2014-09-21 18:06 - 2011-02-04 19:38 - 00365826 _____ () C:\Windows\system32\perfc015.dat 2014-09-21 18:06 - 2009-07-14 07:13 - 00006264 _____ () C:\Windows\system32\PerfStringBackup.INI Some content of TEMP: ==================== C:\Users\Milena\AppData\Local\Temp\ose00000.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-10-18 17:35 ==================== End Of Log ============================