Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-01-2015
Ran by castletone77 (administrator) on CASTLE77 on 09-01-2015 15:57:19
Running from M:\frst64
Loaded Profile: castletone77 (Available profiles: castletone77)
Platform: Windows 8.1 (X64) OS Language: Angielski (Wielka Brytania)
Internet Explorer Version 11 (Default browser: Maxthon)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(Toolwiz) P:\ToolwizCareFree\ToolwizCares.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(OpenOffice.org) P:\OpenOffice info\program\program\soffice.exe
(OpenOffice.org) P:\OpenOffice info\program\program\soffice.bin
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Maxthon International ltd.) I:\maxthon 4\Maxthon\Bin\Maxthon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Maxthon International ltd.) I:\maxthon 4\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) I:\maxthon 4\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) I:\maxthon 4\Maxthon\Bin\Maxthon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Toolwiz.com) P:\ToolwizCareFree\ToolwizTools.exe
() C:\Users\castletone77\zainstalowane\screnSHU\screenSHU\screenSHU.exe
(Spotify Ltd) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
() C:\Users\castletone77\zainstalowane\screnSHU\screenSHU\screenSHU.exe
(Spotify Ltd) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Microsoft Corporation) C:\Windows\System32\snmptrap.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13261456 2012-11-29] (Realtek Semiconductor)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2565544 2012-10-31] ()
HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] ()
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [169896 2012-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA Corporation)
HKLM\...\Run: [SRS Premium Sound HD] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2172816 2012-10-22] (SRS Labs, Inc.)
HKLM-x32\...\Run: [Intel AppUp(R) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-12-18] (Intel Corporation)
HKLM-x32\...\Run: [TPUReg] => C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe [7152640 2012-12-05] (Pegatron Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3667472 2014-12-18] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-519654634-1475891941-3348864904-1001\...\Run: [ToolwizCareFree] => P:\ToolwizCareFree\ToolwizCares.exe [5274328 2014-06-11] (Toolwiz)
HKU\S-1-5-21-519654634-1475891941-3348864904-1001\...\Run: [DzieDdobry!] => C:\Users\castletone77\zainstalowane\DzieDdobry!\dziendobry.exe /auto
HKU\S-1-5-21-519654634-1475891941-3348864904-1001\...\Run: [GoogleChromeAutoLaunch_2650199CD79B17F993E2D9C6C21BCCDB] => C:\Users\castletone77\PRZEGLADARKI INTERNETOWE\Comodo\Dragon\dragon.exe [1328832 2014-01-28] (Comodo)
HKU\S-1-5-21-519654634-1475891941-3348864904-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-519654634-1475891941-3348864904-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [468192 2014-10-15] (Sony)
Startup: C:\Users\castletone77\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> P:\OpenOffice info\program\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab
HKU\S-1-5-21-519654634-1475891941-3348864904-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com?cid={1A924997-05DF-47E1-AA2E-1BC82D281FDD}&mid=87d5f506263547d29d3cf5b414eef035-39c2a54a361bd2b42d6085b5a4a07f1b218e2356&lang=pl&ds=AVG&coid=avgtbavg&cmpid=&pr=pr&d=2014-06-30 18:12:30&v=18.1.9.799&pid=safeguard&sg=&sap=hp
HKU\S-1-5-21-519654634-1475891941-3348864904-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========

Chrome: 
=======
CHR HomePage: Default -> 
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\castletone77\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (TooManyTabs for Chrome) - C:\Users\castletone77\AppData\Local\Google\Chrome\User Data\Default\Extensions\amigcgbheognjmfkaieeeadojiibgbdp [2014-06-09]
CHR Extension: (Dokumenty Google) - C:\Users\castletone77\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-29]
CHR Extension: (Dysk Google) - C:\Users\castletone77\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-29]
CHR Extension: (Session Manager) - C:\Users\castletone77\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbcnbpafconjjigibnhbfmmgdbbkcjfi [2014-06-02]
CHR Extension: (WOT) - C:\Users\castletone77\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-06-09]
CHR Extension: (YouTube) - C:\Users\castletone77\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-29]
CHR Extension: (Rainbow Theme) - C:\Users\castletone77\AppData\Local\Google\Chrome\User Data\Default\Extensions\chobckebbpepmfmijldieajjapbjadcm [2014-06-02]
CHR Extension: (Szukaj w Google) - C:\Users\castletone77\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-29]
CHR Extension: (Save my Tabs) - C:\Users\castletone77\AppData\Local\Google\Chrome\User Data\Default\Extensions\djadfifncobffjpicnkiegahdiobpaap [2014-06-09]
CHR Extension: (Session Buddy) - C:\Users\castletone77\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2014-06-09]
CHR Extension: (PanicButton) - C:\Users\castletone77\AppData\Local\Google\Chrome\User Data\Default\Extensions\faminaibgiklngmfpfbhmokfmnglamcm [2014-06-09]
CHR Extension: (Instant-Dictionary) - C:\Users\castletone77\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcjmbgoamdpbndikpbaoeoidaabejfmd [2014-06-09]
CHR Extension: (Lost in Tabs) - C:\Users\castletone77\AppData\Local\Google\Chrome\User Data\Default\Extensions\jflfpbmhoejnlfpclaigkejabomphcci [2014-06-02]
CHR Extension: (Cambridge Dictionaries Online) - C:\Users\castletone77\AppData\Local\Google\Chrome\User Data\Default\Extensions\jheadbpkjimjomnnfpeokkffdfjocekd [2014-06-02]
CHR Extension: (Spell checker and Grammar checker by Ginger) - C:\Users\castletone77\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdfieneakcjfaiglcfcgkidlkmlijjnh [2014-06-09]
CHR Extension: (Mark For Later) - C:\Users\castletone77\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfokknghaopioakjibdkmjoaghcileob [2014-06-02]
CHR Extension: (Earth TV) - C:\Users\castletone77\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpnmncjdpbehanjnmpmodhbheohhcpdn [2014-06-09]
CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\castletone77\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2014-06-09]
CHR Extension: (Ghostery) - C:\Users\castletone77\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2014-06-09]
CHR Extension: (English dictionary translate pronunciation) - C:\Users\castletone77\AppData\Local\Google\Chrome\User Data\Default\Extensions\neomigpibafpboiknmijddgnncengfnm [2014-06-09]
CHR Extension: (pliki do pobrania) - C:\Users\castletone77\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi [2014-06-09]
CHR Extension: (Google Wallet) - C:\Users\castletone77\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-29]
CHR Extension: (Cambridge Dictionaries Online) - C:\Users\castletone77\AppData\Local\Google\Chrome\User Data\Default\Extensions\oaioomolanclklopkbfkhbmjeddbgdbj [2014-06-02]
CHR Extension: (Adblock Pro) - C:\Users\castletone77\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2014-06-09]
CHR Extension: (Gmail) - C:\Users\castletone77\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-29]
CHR Extension: (Session box - Tabs manager, Sync...) - C:\Users\castletone77\AppData\Local\Google\Chrome\User Data\Default\Extensions\pljdghaomjmmleolekcgcamfpbhekbmc [2014-06-09]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 avgfws; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [1486664 2014-12-18] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3432976 2014-12-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [298080 2014-12-18] (AVG Technologies CZ, s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-06-03] (WildTangent)
R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe [156672 2011-10-13] () [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201872 2012-12-05] (Realtek Semiconductor)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116240 2013-01-04] (Toshiba Europe GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [260888 2014-12-08] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [203544 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [277784 2014-09-24] (AVG Technologies CZ, s.r.o.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R1 BTOWSFF; C:\WINDOWS\System32\Drivers\BTOWSFF.sys [33024 2014-06-11] (Toolwiz.com)
R0 BTOWSVF; C:\Windows\System32\Drivers\BTOWSVF.sys [52480 2014-06-11] (Toolwiz.com)
R0 KSafeDISK; C:\Windows\System32\Drivers\KSafeDISK.sys [52992 2014-06-11] (Toolwiz.com)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\Password Utility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [24208 2012-07-11] (Realtek Microelectronics)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2946264 2013-10-21] (Realtek Semiconductor Corporation                           )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-28] (Synaptics Incorporated)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [28632 2012-07-31] (Windows (R) Win 7 DDK provider)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-09 15:38 - 2015-01-09 15:38 - 00001558 _____ () C:\WINDOWS\PFRO.log
2015-01-08 13:52 - 2015-01-09 14:05 - 00124045 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-04 09:00 - 2015-01-09 09:36 - 00003757 _____ () C:\WINDOWS\system32\ScanResults.xml
2014-12-31 10:13 - 2015-01-09 09:32 - 00000464 _____ () C:\WINDOWS\system32\ScannerSettings
2014-12-30 16:38 - 2014-12-30 16:38 - 00001622 _____ () C:\Users\castletone77\Desktop\list.txt
2014-12-30 10:43 - 2015-01-09 15:57 - 00000000 ____D () C:\FRST
2014-12-26 16:59 - 2014-12-26 16:59 - 01054912 _____ (Adobe) C:\Users\castletone77\Downloads\install_flashplayer16x32au_mssd_aaa_aih.exe
2014-12-26 13:34 - 2014-12-26 13:34 - 00000000 __SHD () C:\Users\castletone77\AppData\Local\EmieBrowserModeList
2014-12-17 00:07 - 2014-12-17 00:07 - 00002125 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-12-17 00:07 - 2014-12-17 00:07 - 00000000 ____D () C:\ProgramData\Sony
2014-12-17 00:07 - 2014-12-17 00:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-12-17 00:07 - 2014-12-17 00:07 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-12-16 09:57 - 2014-12-16 09:57 - 00003046 _____ () C:\WINDOWS\System32\Tasks\{FE6D317A-BA0B-4F28-BC63-76EC8539E6A3}
2014-12-16 09:47 - 2014-11-26 21:10 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-12-16 09:47 - 2014-11-26 21:10 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-16 09:39 - 2014-12-16 09:39 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2014-12-12 17:13 - 2014-12-03 23:37 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-12-12 17:13 - 2014-12-03 23:09 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2014-12-12 17:13 - 2014-12-02 23:09 - 01083392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-12-12 17:13 - 2014-12-02 23:09 - 00740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2014-12-12 17:13 - 2014-12-02 23:09 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2014-12-12 17:13 - 2014-12-02 23:09 - 00396288 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-12-12 17:13 - 2014-12-02 23:09 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-12-12 17:13 - 2014-11-10 02:29 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2014-12-12 17:13 - 2014-11-10 01:51 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-12 17:13 - 2014-10-31 23:57 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-12-12 17:13 - 2014-10-31 23:47 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-12-12 17:13 - 2014-10-30 23:39 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-12-12 17:13 - 2014-10-30 23:38 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2014-12-12 16:42 - 2014-11-07 04:16 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-12-12 16:42 - 2014-11-07 03:26 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-12-12 16:42 - 2014-10-13 02:43 - 00153920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-12-12 16:42 - 2014-10-13 02:43 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-12-12 16:42 - 2014-10-13 02:43 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-12-12 16:41 - 2014-11-22 03:13 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-12-12 16:41 - 2014-11-22 02:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-12-12 16:41 - 2014-11-22 02:34 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-12-12 16:41 - 2014-11-22 02:22 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-12-12 16:41 - 2014-11-22 02:07 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-12-12 16:41 - 2014-11-22 02:01 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-12-12 16:41 - 2014-11-22 01:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-12-12 16:41 - 2014-11-22 01:43 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-12-12 16:41 - 2014-11-22 01:29 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-12-12 16:41 - 2014-11-22 01:28 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-12-12 16:41 - 2014-11-22 01:15 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-12-12 16:41 - 2014-11-22 01:13 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-12-12 16:41 - 2014-11-22 01:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-12-12 16:41 - 2014-11-22 01:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-12-12 16:41 - 2014-11-22 00:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-12-12 16:41 - 2014-11-22 00:54 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-12-12 16:41 - 2014-10-30 22:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-12-12 16:41 - 2014-10-30 22:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-12-12 16:40 - 2014-11-22 02:50 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-12-12 16:40 - 2014-11-22 02:49 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-12-12 16:40 - 2014-11-22 02:48 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-12-12 16:40 - 2014-11-22 02:35 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-12-12 16:40 - 2014-11-22 02:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-12-12 16:40 - 2014-11-22 02:06 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-12-12 16:40 - 2014-11-22 02:06 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-12-12 16:40 - 2014-11-22 02:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-12-12 16:40 - 2014-11-22 02:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-12-12 16:40 - 2014-11-22 01:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-12-12 16:40 - 2014-11-22 01:55 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-12-12 16:40 - 2014-11-22 01:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-12-12 16:40 - 2014-11-22 01:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-12-12 16:40 - 2014-11-22 01:49 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-12-12 16:40 - 2014-11-22 01:49 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-12-12 16:40 - 2014-11-22 01:35 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-12-12 16:40 - 2014-11-22 01:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-12-12 16:40 - 2014-11-22 01:33 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-12-12 16:40 - 2014-11-22 01:29 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-12-12 16:40 - 2014-11-22 01:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-12-12 16:40 - 2014-11-22 01:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-12-12 16:40 - 2014-11-22 01:23 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-12-12 16:40 - 2014-11-22 01:22 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-09 15:57 - 2014-06-30 17:12 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2015-01-09 15:57 - 2014-06-09 23:32 - 00000000 ____D () C:\ProgramData\MFAData
2015-01-09 15:50 - 2014-05-23 15:10 - 00000000 ____D () C:\Users\castletone77\AppData\Roaming\Skype
2015-01-09 15:50 - 2014-04-14 10:22 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-519654634-1475891941-3348864904-1001
2015-01-09 15:46 - 2014-06-11 20:16 - 00000000 ____D () C:\Users\castletone77\AppData\Roaming\Flock
2015-01-09 15:45 - 2014-04-17 16:59 - 00003954 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{4E0DDA10-8AFF-4F96-A5BC-EAEF757B255B}
2015-01-09 15:44 - 2014-04-15 22:49 - 00000000 ___DO () C:\Users\castletone77\OneDrive
2015-01-09 15:38 - 2013-08-22 14:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-09 15:33 - 2014-06-30 17:11 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar
2015-01-09 15:21 - 2014-04-15 10:39 - 00000930 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-09 15:00 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-09 14:36 - 2014-05-23 14:31 - 00000000 ____D () C:\Users\castletone77\AppData\Local\screenSHU
2015-01-09 14:24 - 2013-08-22 13:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-08 13:55 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-08 13:38 - 2014-07-31 17:06 - 00000000 ____D () C:\WINDOWS\Minidump
2015-01-08 10:24 - 2012-07-26 08:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2015-01-06 09:56 - 2014-10-21 10:02 - 00001022 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2015-01-06 09:56 - 2014-06-09 23:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-01-02 16:43 - 2013-08-22 13:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-12-31 10:15 - 2014-04-15 16:22 - 00000000 ____D () C:\Users\castletone77
2014-12-28 10:26 - 2014-04-15 10:27 - 00000000 ____D () C:\Users\castletone77\PRZEGLADARKI INTERNETOWE
2014-12-26 23:27 - 2014-04-14 18:44 - 00989456 _____ () C:\WINDOWS\system32\perfh015.dat
2014-12-26 23:27 - 2014-04-14 18:44 - 00207836 _____ () C:\WINDOWS\system32\perfc015.dat
2014-12-26 23:27 - 2014-03-18 15:26 - 02053990 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-12-26 13:33 - 2014-04-28 18:35 - 00000000 ____D () C:\Users\castletone77\AppData\Local\Adobe
2014-12-26 13:33 - 2014-04-15 10:39 - 00003818 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-12-19 22:07 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-12-19 21:45 - 2012-07-26 07:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-18 08:56 - 2014-08-19 23:27 - 00003908 _____ () C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1397558392
2014-12-17 08:39 - 2014-11-14 17:21 - 00000000 ____D () C:\Users\castletone77\Desktop\droga
2014-12-17 00:07 - 2013-01-30 17:47 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-16 09:39 - 2014-07-13 10:49 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-12-16 09:39 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\en-GB
2014-12-16 09:39 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-12-16 09:39 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-12-16 09:39 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\en-GB
2014-12-16 09:39 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-12-16 09:39 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2014-12-14 16:59 - 2014-04-15 08:26 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-14 16:52 - 2014-04-15 08:26 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-12-14 16:29 - 2014-04-29 14:20 - 00002214 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-14 15:51 - 2014-10-21 10:00 - 00000000 ____D () C:\ProgramData\AVG2015

Some content of TEMP:
====================
C:\Users\ADMINI~1\AppData\Local\Temp\PresentationCore.dll
C:\Users\ADMINI~1\AppData\Local\Temp\PresentationFramework.dll
C:\Users\ADMINI~1\AppData\Local\Temp\ReachFramework.dll
C:\Users\ADMINI~1\AppData\Local\Temp\UIAutomationProvider.dll
C:\Users\ADMINI~1\AppData\Local\Temp\UIAutomationTypes.dll
C:\Users\ADMINI~1\AppData\Local\Temp\WindowsBase.dll
C:\Users\ADMINI~1\AppData\Local\Temp\WindowsFormsIntegration.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-02 12:03

==================== End Of Log ============================