Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-02-2015 Ran by Daniel (administrator) on JACK on 12-02-2015 19:33:29 Running from C:\Users\Daniel\Downloads Loaded Profiles: Daniel (Available profiles: Daniel & Gość) Platform: Windows 8.1 Pro (X64) OS Language: Polski (Polska) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (AMD) C:\Windows\System32\atieclxx.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Dropbox, Inc.) C:\Users\Daniel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Martin Prikryl) C:\Program Files (x86)\WinSCP\WinSCP.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Microsoft Corporation) C:\Windows\System32\Taskmgr.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-09-29] (AVAST Software) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-15] (Apple Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation) HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-07-25] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [DBAgent] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1518664 2014-09-17] (Seagate Technology LLC) HKU\S-1-5-21-2360153012-2490105570-1480353351-1001\...\Run: [PeerBlock] => C:\Program Files\PeerBlock\peerblock.exe [2513992 2014-01-14] (PeerBlock, LLC) HKU\S-1-5-21-2360153012-2490105570-1480353351-1001\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup HKU\S-1-5-21-2360153012-2490105570-1480353351-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23308256 2015-01-15] (Google) HKU\S-1-5-21-2360153012-2490105570-1480353351-1001\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [127080 2014-09-17] (Seagate Technology LLC) HKU\S-1-5-21-2360153012-2490105570-1480353351-1001\...\Run: [Google Update] => C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2015-01-18] (Google Inc.) HKU\S-1-5-21-2360153012-2490105570-1480353351-1001\...\Run: [Google+ Auto Backup] => C:\Users\Daniel\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3746120 2014-08-12] (Google Inc.) HKU\S-1-5-21-2360153012-2490105570-1480353351-1001\...\MountPoints2: {aecf6252-547e-11e4-828f-6c626d0a9d4d} - "H:\Startme.exe" Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-2360153012-2490105570-1480353351-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/en-gb/?ocid=iehp HKU\S-1-5-21-2360153012-2490105570-1480353351-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie HKU\S-1-5-21-2360153012-2490105570-1480353351-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie SearchScopes: HKU\S-1-5-21-2360153012-2490105570-1480353351-1001 -> DefaultScope {6A1806CD-94D4-4689 URL = SearchScopes: HKU\S-1-5-21-2360153012-2490105570-1480353351-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) BHO-x32: No Name -> {50F4150A-48B2-417A-BE4C-C83F580FB904} -> No File BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation) Hosts: 127.0.0.1 commerce-kickstart-7-x-2-19-core.local Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @qq.com/npAndroidAssistant -> C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3188\npQQPhoneManagerExt.dll (腾讯公司) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2360153012-2490105570-1480353351-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Daniel\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online) FF Plugin HKU\S-1-5-21-2360153012-2490105570-1480353351-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Daniel\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKU\S-1-5-21-2360153012-2490105570-1480353351-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Daniel\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation) FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-05-23] Chrome: ======= CHR HomePage: Default -> hxxp://natemat.pl/122411,kobiety-wariuja-na-widok-striptizera-bo-ich-faceci-sa-zaniedbani-lub-nie-potrafia-sprzedac-swojej-atrakcyjnosci CHR StartupUrls: Default -> "hxxp://9gag.com/gag/ae3exPv", "hxxp://natemat.pl/122411,kobiety-wariuja-na-widok-striptizera-bo-ich-faceci-sa-zaniedbani-lub-nie-potrafia-sprzedac-swojej-atrakcyjnosci" CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter} CHR Profile: C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Context) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aalnjolghjkkogicompabhhbbkljnlka [2014-05-20] CHR Extension: (Magic Actions for YouTube™) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2014-11-19] CHR Extension: (Chrome Refresh) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aifhnlnghddfdaccgbbpbhjfkmncekmn [2015-01-03] CHR Extension: (Awesome Screenshot: Capture & Annotate) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce [2014-05-29] CHR Extension: (From Dust) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\anelkojiepicmcldgnmkplocifmegpfj [2014-05-20] CHR Extension: (Dokumenty Google) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-20] CHR Extension: (Dysk Google) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-20] CHR Extension: (Web Developer) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2014-05-20] CHR Extension: (ColorZilla) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2014-05-20] CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-20] CHR Extension: (Adblock Plus) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-05-20] CHR Extension: (Todoist for Gmail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\clgenfnodoocmhnlnpknojdbjjnmecff [2015-01-03] CHR Extension: (Szukaj w Google) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-20] CHR Extension: (Tampermonkey) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2014-05-20] CHR Extension: (PerfectPixel by WellDoneCode) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkaagdgjmgdmbnecmcefdhjekcoceebi [2014-12-10] CHR Extension: (Proxy SwitchySharp) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm [2014-11-07] CHR Extension: (Session Buddy) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2014-05-20] CHR Extension: (Gmail offline) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2014-05-20] CHR Extension: (busuu.com) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\epadnjldocmkadjbopkanclaamocokoo [2014-05-20] CHR Extension: (Dodatek Google Analytics Opt-out firmy Google) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2014-05-20] CHR Extension: (Pulpit zdalny Chrome) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2014-07-23] CHR Extension: (Avast Online Security) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-05-24] CHR Extension: (Przycisk Pin It) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2014-11-20] CHR Extension: (AppJump App Launcher and Organizer) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hccbinpobnjcpckmcfngmdpnbnjpmcbd [2014-05-20] CHR Extension: (Google Keep – notatki i listy) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2014-05-20] CHR Extension: (Deluminate) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\iebboopaeangfpceklajfohhbpkkfiaa [2014-11-11] CHR Extension: (WhatFont) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2014-05-20] CHR Extension: (colorPicker 0.9) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jegimleidpfmpepbfajjlielaheedkdo [2014-05-20] CHR Extension: (Analytics Blocker) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmcpbefnpobogldglnlikgojpaddibgb [2014-05-20] CHR Extension: (Any.do Extension) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdadialhpiikehpdeejjeiikopddkjem [2014-05-20] CHR Extension: (Auto HD For YouTube™) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2014-05-20] CHR Extension: (StayFocusd) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji [2014-05-20] CHR Extension: (Webcam Toy) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade [2014-05-20] CHR Extension: (Corporate Ipsum) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmadckmfehehmdnmhaebniooenedcbb [2014-05-20] CHR Extension: (User-Agent Switcher) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkmofgnohbedopheiphabfhfjgkhfcgf [2014-05-20] CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-01-15] CHR Extension: (Facebook Messenger) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdapmeleikeppmfgadilffngabfpibok [2014-10-22] CHR Extension: (Google Wallet) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-20] CHR Extension: (Any.do) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocgddccilgpeepgglnlpchkpgamkgmld [2014-05-20] CHR Extension: (Picasa) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2014-05-20] CHR Extension: (Click&Clean App) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2014-05-20] CHR Extension: (Gmail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-20] CHR Extension: (Secure Shell) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnhechapfaindjhompbnflcldabbghjo [2014-05-20] CHR Profile: C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1 CHR Extension: (Dokumenty Google) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-25] CHR Extension: (Dysk Google) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-25] CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-25] CHR Extension: (Adblock Plus) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-06-25] CHR Extension: (Szukaj w Google) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-25] CHR Extension: (Session Buddy) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2014-06-25] CHR Extension: (Avast Online Security) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-06-25] CHR Extension: (Przycisk Pin It) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2014-11-21] CHR Extension: (CPDD-Blossom) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jlialpgnoagkdecfaggejocpfdbommon [2014-06-25] CHR Extension: (Google Wallet) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-25] CHR Extension: (Gmail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-25] CHR HKU\S-1-5-21-2360153012-2490105570-1480353351-1001\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-09-29] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-09-29] (AVAST Software) S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed] S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed] R2 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16000 2014-09-17] (Seagate Technology LLC) R2 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [157776 2014-09-17] (Seagate Technology LLC) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 AIDA64Driver; C:\Users\Daniel\Downloads\Aida64 4.20.2800 Business\Aida64 4.20.2800 Business\App\AIDA64Business\kerneld.x64 [34136 2014-02-11] () S3 anvsnddrv; C:\Windows\system32\drivers\anvsnddrv.sys [33872 2012-05-17] (AnvSoft Inc.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-09-29] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-09-29] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-09-29] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-09-29] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-21] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-09-29] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-09-29] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-09-29] () S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider) S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider) S3 ggsomc; C:\Windows\System32\drivers\ggsomc.sys [30424 2014-07-27] (Sony Mobile Communications) S3 qcusbser; C:\Windows\system32\DRIVERS\qcusbser.sys [242688 2013-04-24] (QUALCOMM Incorporated) S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation) S3 wovad_micarray; C:\Windows\system32\drivers\womic.sys [59856 2014-05-06] (Windows (R) Win 7 DDK provider) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-12 19:33 - 2015-02-12 19:33 - 00027026 _____ () C:\Users\Daniel\Downloads\FRST.txt 2015-02-12 19:33 - 2015-02-12 19:33 - 00000000 ____D () C:\FRST 2015-02-12 19:28 - 2015-02-12 19:28 - 02134016 _____ (Farbar) C:\Users\Daniel\Downloads\FRST64.exe 2015-02-12 19:28 - 2015-02-12 19:28 - 00380416 _____ () C:\Users\Daniel\Downloads\dot2v6c8.exe 2015-02-12 18:09 - 2015-01-23 04:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-02-12 18:09 - 2015-01-23 03:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-02-11 13:02 - 2015-01-15 22:43 - 00563504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2015-02-11 13:02 - 2015-01-15 22:43 - 00177984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-02-11 13:02 - 2015-01-14 04:22 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2015-02-11 13:02 - 2015-01-14 03:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2015-02-11 13:02 - 2015-01-13 22:11 - 01762840 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2015-02-11 13:02 - 2015-01-13 22:04 - 01489072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2015-02-11 13:02 - 2015-01-10 09:10 - 07472960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-02-11 13:02 - 2015-01-10 09:10 - 01733440 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-02-11 13:02 - 2015-01-10 08:28 - 01498360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-02-11 13:02 - 2014-12-09 03:45 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll 2015-02-11 13:02 - 2014-12-09 01:56 - 00538624 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll 2015-02-11 13:02 - 2014-10-29 02:51 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-02-11 13:02 - 2014-10-29 02:50 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-02-11 13:02 - 2014-10-29 02:06 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-02-11 13:02 - 2014-10-29 02:06 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-02-11 13:02 - 2014-10-29 02:02 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2015-02-11 13:02 - 2014-10-29 02:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2015-02-11 13:02 - 2014-10-29 01:57 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2015-02-11 13:02 - 2014-10-29 01:31 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-02-11 13:02 - 2014-10-29 01:15 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2015-02-11 13:02 - 2014-10-29 01:15 - 00005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2015-02-11 13:02 - 2014-10-29 01:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2015-02-11 13:02 - 2014-10-29 01:13 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2015-02-11 13:02 - 2014-10-29 01:13 - 00008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2015-02-11 13:01 - 2015-01-19 18:42 - 01487976 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll 2015-02-11 13:01 - 2015-01-12 03:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-02-11 13:01 - 2015-01-12 02:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-02-11 13:01 - 2015-01-12 02:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-02-11 13:01 - 2015-01-12 02:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-02-11 13:01 - 2015-01-12 02:34 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-02-11 13:01 - 2015-01-12 02:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-02-11 13:01 - 2015-01-12 02:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-02-11 13:01 - 2015-01-12 02:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-02-11 13:01 - 2015-01-12 02:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-02-11 13:01 - 2015-01-12 02:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-02-11 13:01 - 2015-01-12 02:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-02-11 13:01 - 2015-01-12 01:58 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2015-02-11 13:01 - 2015-01-12 01:55 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-02-11 13:01 - 2015-01-12 01:51 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2015-02-11 13:01 - 2015-01-12 01:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-02-11 13:01 - 2015-01-12 01:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-02-11 13:01 - 2015-01-12 01:48 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-02-11 13:01 - 2015-01-12 01:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-02-11 13:01 - 2015-01-12 01:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-02-11 13:01 - 2015-01-12 01:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-02-11 13:01 - 2015-01-12 01:34 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2015-02-11 13:01 - 2015-01-12 01:30 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2015-02-11 13:01 - 2015-01-12 01:27 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll 2015-02-11 13:01 - 2015-01-12 01:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-02-11 13:01 - 2015-01-12 01:25 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2015-02-11 13:01 - 2015-01-12 01:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-02-11 13:01 - 2015-01-12 01:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-02-11 13:01 - 2015-01-12 01:23 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-02-11 13:01 - 2015-01-12 01:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-02-11 13:01 - 2015-01-12 01:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-02-11 13:01 - 2015-01-12 01:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-02-11 13:01 - 2015-01-12 01:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-02-11 13:01 - 2015-01-12 00:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-02-11 13:01 - 2015-01-12 00:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-02-11 13:01 - 2015-01-10 08:22 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-02-11 13:01 - 2015-01-10 07:00 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-02-11 13:01 - 2015-01-10 06:38 - 00359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-02-11 13:01 - 2014-12-19 08:57 - 00788680 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2015-02-11 13:01 - 2014-12-19 08:25 - 00602776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2015-02-11 13:01 - 2014-12-08 23:12 - 00391526 _____ () C:\Windows\system32\ApnDatabase.xml 2015-02-05 12:47 - 2015-02-05 12:47 - 00180224 _____ () C:\Users\Daniel\Downloads\86_arkusz_cash_flow.xls 2015-01-30 18:19 - 2015-01-30 18:19 - 00130638 _____ () C:\Users\Daniel\Downloads\Ricoh_MemoryStick_Driver_6.13.3.3_x64.zip 2015-01-30 17:46 - 2015-01-30 17:47 - 06960406 _____ () C:\Users\Daniel\Downloads\Atheros_WLAN_Driver_7.7.0.429_x32.zip 2015-01-30 17:44 - 2015-01-30 17:45 - 16800744 _____ (Sony Corporation) C:\Users\Daniel\Downloads\EP0000221850.exe 2015-01-30 17:43 - 2015-01-30 17:43 - 00534632 _____ () C:\Users\Daniel\Downloads\Atheros_WLAN_Driver_8.0.0.279_x64.zip 2015-01-29 22:28 - 2015-01-29 22:28 - 00000000 ____D () C:\Users\Daniel\Downloads\P90X3 (Dual Audio Workouts + Nutrition + Schedule) 2015-01-29 12:36 - 2015-01-29 12:36 - 00137687 _____ () C:\Users\Daniel\Downloads\winmtr_bin_0.8.zip 2015-01-29 12:36 - 2015-01-29 12:36 - 00000000 ____D () C:\Users\Daniel\Desktop\winmtr_bin_0.8 2015-01-29 12:12 - 2015-01-29 12:12 - 00002428 _____ () C:\Users\Daniel\Desktop\Database.kdb 2015-01-27 23:47 - 2015-01-27 23:47 - 02270555 _____ () C:\Users\Daniel\Downloads\ckeditor_3.6.1.zip 2015-01-27 23:47 - 2015-01-27 23:47 - 00000000 ____D () C:\Users\Daniel\Downloads\ckeditor_3.6.1 2015-01-27 23:44 - 2015-01-27 23:44 - 01836532 _____ () C:\Users\Daniel\Downloads\ckeditor_3.0.zip 2015-01-27 23:44 - 2015-01-27 23:44 - 00000000 ____D () C:\Users\Daniel\Downloads\ckeditor_3.0 2015-01-27 23:39 - 2015-01-27 23:39 - 01392607 _____ () C:\Users\Daniel\Downloads\ckeditor_4.4.7_full.zip 2015-01-27 23:39 - 2015-01-27 23:39 - 00000000 ____D () C:\Users\Daniel\Downloads\ckeditor_4.4.7_full 2015-01-27 23:30 - 2015-01-27 23:30 - 01312843 _____ () C:\Users\Daniel\Downloads\elFinder-2.x.zip 2015-01-27 23:30 - 2015-01-27 23:30 - 00000000 ____D () C:\Users\Daniel\Downloads\elFinder-2.x 2015-01-27 17:45 - 2015-01-27 17:45 - 00000000 ____D () C:\Users\Default\AppData\Local\Google 2015-01-27 17:45 - 2015-01-27 17:45 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google 2015-01-24 21:46 - 2015-01-24 21:46 - 00017972 _____ () C:\Users\Daniel\Downloads\nicEdit-5c4267506e3538b59e41657592a97dfe.zip 2015-01-24 21:46 - 2015-01-24 21:46 - 00000000 ____D () C:\Users\Daniel\Downloads\demos 2015-01-24 21:46 - 2014-04-20 03:18 - 00035176 ____N () C:\Users\Daniel\Downloads\nicEdit.js 2015-01-24 21:31 - 2015-01-24 21:31 - 01391743 _____ () C:\Users\Daniel\Downloads\ckeditor_4.4.6_full.zip 2015-01-24 21:31 - 2015-01-24 21:31 - 00000000 ____D () C:\Users\Daniel\Downloads\ckeditor 2015-01-24 21:23 - 2015-01-24 21:23 - 01044927 _____ () C:\Users\Daniel\Downloads\ckeditor_4.4.6_standard.zip 2015-01-20 20:06 - 2015-01-20 20:50 - 00000000 ____D () C:\Users\Daniel\Desktop\KeePass 2015-01-20 20:05 - 2015-01-20 20:05 - 01572612 _____ () C:\Users\Daniel\Downloads\KeePass-1.28.zip 2015-01-20 12:37 - 2015-01-20 12:37 - 02099585 _____ () C:\Users\Daniel\Downloads\SuperPNG_v2.5_win.zip 2015-01-18 22:04 - 2015-01-18 22:04 - 00003584 _____ () C:\Users\Daniel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-01-18 22:01 - 2015-01-18 22:01 - 01821192 _____ (Microsoft Corporation) C:\Users\Daniel\Downloads\vcredist_x86.exe 2015-01-18 21:56 - 2015-01-18 21:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenSSL 2015-01-18 21:56 - 2015-01-18 21:56 - 00000000 ____D () C:\OpenSSL-Win32 2015-01-18 21:56 - 2015-01-15 18:38 - 00274432 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Windows\SysWOW64\ssleay32.dll 2015-01-18 21:56 - 2015-01-15 18:38 - 00274432 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Windows\SysWOW64\libssl32.dll 2015-01-18 21:56 - 2015-01-15 18:37 - 01179648 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Windows\SysWOW64\libeay32.dll 2015-01-18 21:54 - 2015-01-18 21:54 - 02051981 _____ (OpenSSL Win32 Installer Team ) C:\Users\Daniel\Downloads\Win32OpenSSL_Light-1_0_1L.exe 2015-01-18 11:36 - 2015-02-12 18:45 - 00000922 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2360153012-2490105570-1480353351-1001UA.job 2015-01-18 11:36 - 2015-02-04 19:40 - 00003870 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2360153012-2490105570-1480353351-1001UA 2015-01-18 11:36 - 2015-02-04 19:40 - 00003490 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2360153012-2490105570-1480353351-1001Core 2015-01-18 11:36 - 2015-02-04 19:40 - 00000870 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2360153012-2490105570-1480353351-1001Core.job 2015-01-18 11:36 - 2015-01-18 11:36 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup 2015-01-18 11:35 - 2015-01-18 11:35 - 00001126 _____ () C:\Users\Public\Desktop\Picasa 3.lnk 2015-01-18 11:35 - 2015-01-18 11:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3 2015-01-18 11:34 - 2015-01-18 11:34 - 17385800 _____ (Google Inc.) C:\Users\Daniel\Downloads\picasa39-setup.exe 2015-01-15 17:52 - 2015-01-15 17:52 - 00003712 _____ () C:\Windows\System32\Tasks\Daniel Merge 2015-01-15 17:52 - 2015-01-15 17:52 - 00003696 _____ () C:\Windows\System32\Tasks\Daniel 2015-01-15 17:17 - 2015-01-15 17:17 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Nero 2015-01-15 17:16 - 2015-01-15 17:16 - 00003492 _____ () C:\Windows\System32\Tasks\Seagate_Install_Launch 2015-01-15 17:14 - 2015-01-15 17:14 - 00002733 _____ () C:\Users\Public\Desktop\Seagate Dashboard.lnk 2015-01-15 17:14 - 2015-01-15 17:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate Dashboard 2015-01-15 17:13 - 2015-01-15 17:13 - 00000000 ____D () C:\ProgramData\Nero 2015-01-15 17:13 - 2015-01-15 17:13 - 00000000 ____D () C:\Program Files (x86)\Seagate 2015-01-15 17:05 - 2015-01-15 17:05 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Seagate 2015-01-15 17:05 - 2015-01-15 17:05 - 00000000 ____D () C:\ProgramData\Seagate 2015-01-15 17:04 - 2015-01-15 17:04 - 00000000 ____D () C:\Windows\System32\Tasks\Leader Technologies 2015-01-15 17:02 - 2015-01-15 17:02 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Leadertech 2015-01-15 16:48 - 2015-02-12 19:16 - 00000000 ___RD () C:\Users\Daniel\Google Drive 2015-01-15 16:48 - 2015-01-15 16:48 - 00001740 _____ () C:\Users\Daniel\Desktop\Google Drive.lnk 2015-01-15 15:56 - 2015-01-27 17:45 - 00002058 _____ () C:\Users\Public\Desktop\Google Slides.lnk 2015-01-15 15:56 - 2015-01-27 17:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2015-01-15 15:55 - 2015-01-15 15:55 - 00880784 _____ (Google Inc.) C:\Users\Daniel\Downloads\googledrivesync.exe 2015-01-15 14:33 - 2015-01-15 14:33 - 02774136 _____ (PortableApps.com) C:\Users\Daniel\Downloads\HTTrackPortable_3.46-1_Development_Test_1.paf.exe 2015-01-15 14:33 - 2015-01-15 14:33 - 00000000 ____D () C:\Users\Daniel\Downloads\HTTrackPortable 2015-01-15 14:31 - 2015-01-15 15:43 - 00000000 ____D () C:\Users\Daniel\Desktop\AntyZUS 2015-01-14 21:18 - 2015-01-14 21:19 - 00000000 ____D () C:\Users\Daniel\Downloads\Masfel 2015-01-14 17:38 - 2015-01-14 17:38 - 00044757 _____ () C:\Users\Daniel\Downloads\tree_bark.zip 2015-01-14 17:11 - 2015-01-14 17:11 - 00166289 _____ () C:\Users\Daniel\Downloads\ricepaper_v3.zip 2015-01-14 17:11 - 2015-01-14 17:11 - 00000000 ____D () C:\Users\Daniel\Desktop\ricepaper_v3 2015-01-14 16:57 - 2015-01-14 16:57 - 00045375 _____ () C:\Users\Daniel\Downloads\crossword.zip 2015-01-14 14:15 - 2015-01-14 14:15 - 00414956 _____ () C:\Users\Daniel\Downloads\p177i35t6s10uj1srr1dk73f92dg18.zip 2015-01-14 05:14 - 2014-12-19 06:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2015-01-14 05:14 - 2014-12-12 02:04 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe 2015-01-14 05:14 - 2014-12-12 00:51 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys 2015-01-14 05:14 - 2014-12-09 01:50 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll 2015-01-14 05:14 - 2014-12-08 19:42 - 00535640 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2015-01-14 05:14 - 2014-12-08 19:42 - 00531616 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll 2015-01-14 05:14 - 2014-12-08 19:42 - 00448792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll 2015-01-14 05:14 - 2014-12-08 19:42 - 00413248 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll 2015-01-14 05:14 - 2014-12-08 19:42 - 00372408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll 2015-01-14 05:14 - 2014-12-08 19:42 - 00108944 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2015-01-14 05:14 - 2014-12-08 19:42 - 00038264 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe 2015-01-14 05:14 - 2014-12-08 19:42 - 00033584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe 2015-01-14 05:14 - 2014-12-06 03:17 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll 2015-01-14 05:14 - 2014-12-06 01:41 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll 2015-01-14 05:14 - 2014-12-06 01:35 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll 2015-01-14 05:14 - 2014-10-29 04:00 - 00465320 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe 2015-01-14 05:14 - 2014-10-29 04:00 - 00139984 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe 2015-01-14 05:14 - 2014-10-29 03:52 - 00500016 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2015-01-14 05:14 - 2014-10-29 03:52 - 00482872 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2015-01-14 05:14 - 2014-10-29 03:52 - 00394120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2015-01-14 05:14 - 2014-10-29 03:52 - 00272248 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2015-01-14 05:14 - 2014-10-29 03:12 - 00413136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe 2015-01-14 05:14 - 2014-10-29 03:12 - 00136296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe 2015-01-14 05:14 - 2014-10-29 03:07 - 00424544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2015-01-14 05:14 - 2014-10-29 03:07 - 00370424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2015-01-14 05:14 - 2014-10-29 03:07 - 00344536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll 2015-01-14 05:14 - 2014-10-29 02:44 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll 2015-01-14 05:14 - 2014-10-29 01:59 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll 2015-01-14 05:14 - 2014-10-29 01:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll 2015-01-14 05:14 - 2014-10-29 01:02 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2015-01-14 05:14 - 2014-10-29 01:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-12 19:32 - 2014-05-20 22:08 - 01184321 _____ () C:\Windows\WindowsUpdate.log 2015-02-12 19:28 - 2014-05-30 18:36 - 00000000 __RDO () C:\Users\Daniel\OneDrive 2015-02-12 19:28 - 2014-05-21 15:40 - 00604160 ___SH () C:\Users\Daniel\Desktop\Thumbs.db 2015-02-12 19:22 - 2014-11-03 18:14 - 00000578 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2360153012-2490105570-1480353351-1001.job 2015-02-12 19:21 - 2014-05-20 22:15 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2360153012-2490105570-1480353351-1001 2015-02-12 19:19 - 2014-10-28 19:55 - 00000600 _____ () C:\Users\Daniel\AppData\Local\PUTTY.RND 2015-02-12 19:17 - 2014-10-31 16:11 - 00000000 ___RD () C:\Users\Daniel\Dropbox 2015-02-12 19:17 - 2014-10-31 16:06 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Dropbox 2015-02-12 19:14 - 2014-05-20 22:23 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-02-12 19:02 - 2014-05-24 23:53 - 00000600 _____ () C:\Users\Daniel\AppData\Roaming\winscp.rnd 2015-02-12 19:00 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\sru 2015-02-12 18:49 - 2014-05-20 22:23 - 00000916 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-02-12 18:33 - 2014-10-31 16:11 - 00001066 _____ () C:\Users\Daniel\Desktop\Dropbox.lnk 2015-02-12 18:33 - 2014-10-31 16:07 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-02-12 18:14 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\rescache 2015-02-12 18:10 - 2013-08-22 15:20 - 00000000 ____D () C:\Windows\CbsTemp 2015-02-12 17:57 - 2013-08-22 14:46 - 00177944 _____ () C:\Windows\setupact.log 2015-02-12 17:57 - 2013-08-22 14:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-02-12 17:57 - 2013-08-22 14:44 - 05061368 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-02-12 00:15 - 2013-08-22 13:25 - 00262144 ___SH () C:\Windows\system32\config\BBI 2015-02-11 13:27 - 2014-05-21 12:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2015-02-11 13:27 - 2014-05-21 12:22 - 00000000 ____D () C:\ProgramData\Microsoft Help 2015-02-11 13:27 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\AppReadiness 2015-02-11 13:23 - 2014-05-20 22:17 - 00000000 ____D () C:\ProgramData\Package Cache 2015-02-11 13:20 - 2014-05-24 10:25 - 00000000 ____D () C:\Windows\system32\MRT 2015-02-11 13:10 - 2014-05-24 10:25 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-02-11 13:09 - 2013-08-22 13:25 - 00000202 _____ () C:\Windows\win.ini 2015-02-11 03:15 - 2014-05-25 17:56 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\foobar2000 2015-02-10 22:35 - 2014-11-03 18:14 - 00003572 _____ () C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-2360153012-2490105570-1480353351-1001 2015-02-10 20:35 - 2014-10-21 17:36 - 00000000 ____D () C:\KMPlayer 2015-02-07 17:50 - 2014-10-29 20:24 - 00002209 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2015-02-05 12:48 - 2014-05-20 22:10 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Packages 2015-02-05 11:51 - 2014-05-20 22:12 - 01825074 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-02-05 11:51 - 2013-08-22 23:12 - 00810002 _____ () C:\Windows\system32\perfh015.dat 2015-02-05 11:51 - 2013-08-22 23:12 - 00167164 _____ () C:\Windows\system32\perfc015.dat 2015-02-04 19:44 - 2014-05-20 22:23 - 00003888 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-02-04 19:44 - 2014-05-20 22:23 - 00003652 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-02-03 19:31 - 2014-08-15 13:44 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-02-03 19:31 - 2014-08-15 13:44 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-01-29 22:43 - 2014-06-08 18:20 - 00000000 ____D () C:\Program Files\PeerBlock 2015-01-29 22:43 - 2014-05-24 22:19 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\uTorrent 2015-01-29 13:11 - 2014-12-03 19:04 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\GitHub 2015-01-29 13:11 - 2014-12-03 19:04 - 00000000 ____D () C:\Users\Daniel\AppData\Local\GitHub 2015-01-29 11:35 - 2014-12-03 19:02 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Deployment 2015-01-24 21:50 - 2014-05-21 22:56 - 00879104 ___SH () C:\Users\Daniel\Downloads\Thumbs.db 2015-01-19 15:27 - 2014-05-23 21:16 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2015-01-18 21:51 - 2014-11-16 21:12 - 00000000 ____D () C:\Users\Daniel\Desktop\Herbal 2015-01-18 19:39 - 2014-06-10 18:27 - 00000000 ____D () C:\Users\Gość\AppData\Local\Google 2015-01-18 11:52 - 2014-11-16 21:03 - 00000000 ____D () C:\Users\Daniel\Desktop\Foty 2015-01-18 11:45 - 2014-11-30 16:57 - 00000000 ____D () C:\Users\Daniel\Desktop\Dane 2015-01-18 11:36 - 2014-05-20 22:23 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Google 2015-01-18 11:35 - 2014-05-20 22:23 - 00000000 ____D () C:\Program Files (x86)\Google 2015-01-15 16:48 - 2014-05-20 22:10 - 00000000 ____D () C:\Users\Daniel 2015-01-15 10:20 - 2014-12-20 18:53 - 00001718 _____ () C:\Users\Daniel\Desktop\MPC-HC x64.lnk ==================== Files in the root of some directories ======= 2014-05-24 23:53 - 2015-02-12 19:02 - 0000600 _____ () C:\Users\Daniel\AppData\Roaming\winscp.rnd 2014-05-21 15:40 - 2014-05-29 23:34 - 0001456 _____ () C:\Users\Daniel\AppData\Local\Adobe Save for Web 12.0 Prefs 2015-01-18 22:04 - 2015-01-18 22:04 - 0003584 _____ () C:\Users\Daniel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-10-28 19:55 - 2015-02-12 19:19 - 0000600 _____ () C:\Users\Daniel\AppData\Local\PUTTY.RND 2014-06-11 21:06 - 2015-01-07 08:47 - 0001818 _____ () C:\ProgramData\hpzinstall.log Some content of TEMP: ==================== C:\Users\Daniel\AppData\Local\Temp\bdfilters.dll C:\Users\Daniel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpyqadrt.dll C:\Users\Daniel\AppData\Local\Temp\mny51D7.exe C:\Users\Daniel\AppData\Local\Temp\ochelper.dll C:\Users\Daniel\AppData\Local\Temp\ochelper.exe C:\Users\Daniel\AppData\Local\Temp\ose00000.exe C:\Users\Daniel\AppData\Local\Temp\PIPInstaller_PTV_.exe C:\Users\Daniel\AppData\Local\Temp\procexp64.exe C:\Users\Daniel\AppData\Local\Temp\zds_shuaji_update_190716.exe C:\Users\Daniel\AppData\Local\Temp\zds_tmp.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed testsigning: ==> testsigning is on. Check for possible unsigned rootkit driver <===== ATTENTION! LastRegBack: 2015-02-11 13:03 ==================== End Of Log ============================