Wedle życzenia :
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-04-2014
Ran by Karol (administrator) on KAROL-KOMPUTER on 22-04-2014 22:21:11
Running from C:\Users\Karol\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polish
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
() C:\Program Files (x86)\Sapphire TRIXX\TRIXX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(AIMP DevTeam) C:\Program Files (x86)\AIMP3\AIMP3.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] = & gt; C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [CanonMyPrinter] = & gt; C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2782096 2010-07-25] (CANON INC.)
HKLM-x32\...\Run: [NSU_agent] = & gt; C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe [190768 2012-02-28] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] = & gt; C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [NPSStartup] = & gt; [X]
HKLM-x32\...\Run: [Adobe ARM] = & gt; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] = & gt; C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704 2014-04-20] (AVAST Software)
HKU\.DEFAULT\...\Run: [Autodesk Sync] = & gt; C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-571799396-3242041642-3986951916-1001\...\Run: [Unified Remote v2] = & gt; C:\Program Files (x86)\Unified Remote\RemoteServer.exe [332496 2014-02-24] (Unified Intents AB)
HKU\S-1-5-21-571799396-3242041642-3986951916-1001\...\Policies\Explorer: []
HKU\S-1-5-21-571799396-3242041642-3986951916-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-571799396-3242041642-3986951916-1001\...\MountPoints2: {4e414f42-52c0-11e3-95fc-001d7d056dee} - K:\Startme.exe
HKU\S-1-5-21-571799396-3242041642-3986951916-1001\...\MountPoints2: {d3c989f7-2299-11e3-b93b-001d7d056dee} - J:\autorun.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKLM - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.dosearches.com/web/?utm_source=b & utm_medium=cor & utm_campaign=rg & utm_content=ds & from=cor & uid=SAMSUNGXHD103SI_S1VSJ1RZ503309 & ts=1384034024 & type=default & q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKLM-x32 - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.100.252
FireFox:
========
FF ProfilePath: C:\Users\Karol\AppData\Roaming\Mozilla\Firefox\Profiles\h2idst3d.default-1398026934925
FF NewTab: about:blank
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: onet.pl
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: ClipConverter Desktop - C:\Users\Karol\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\desktop@clipconverter.cc.xpi [2013-11-03]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-09-11]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-10-01]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-10-01]
==================== Services (Whitelisted) =================
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-20] (AVAST Software)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [137680 2010-07-27] ()
==================== Drivers (Whitelisted) ====================
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-04-20] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-20] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-20] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-04-20] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-04-20] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-04-20] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-04-20] ()
S3 athrusb; C:\Windows\System32\DRIVERS\athrxusb.sys [1075712 2008-07-29] (Atheros Communications, Inc.)
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [29184 2009-08-13] (CSR, plc)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-09-21] (Disc Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] ()
S3 iSafeKrnl; C:\Program Files (x86)\iSafe\iSafeKrnl.sys [232960 2014-04-18] (Elex do Brasil Participações Ltda)
S3 iSafeKrnlBoot; C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys [43520 2014-04-18] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlKit; C:\Program Files (x86)\iSafe\iSafeKrnlKit.sys [66048 2014-04-18] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Program Files (x86)\iSafe\iSafeNetFilter.sys [48128 2014-04-18] (Elex do Brasil Participações Ltda)
R3 V0260VID; C:\Windows\System32\DRIVERS\V0260Vid.sys [189664 2007-07-18] (Creative Technology Ltd.)
R3 TRIXX; \??\C:\Users\Karol\AppData\Local\Temp\TRIXX.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-22 22:21 - 2014-04-22 22:21 - 00010497 _____ () C:\Users\Karol\Desktop\FRST.txt
2014-04-22 22:20 - 2014-04-22 22:21 - 00000000 ____D () C:\FRST
2014-04-22 22:19 - 2014-04-22 22:20 - 02061312 _____ (Farbar) C:\Users\Karol\Desktop\FRST64.exe
2014-04-22 22:16 - 2014-04-22 22:16 - 92597371 _____ () C:\Users\Karol\Desktop\drweb-600-livecd.iso.part
2014-04-22 22:16 - 2014-04-22 22:16 - 00000000 _____ () C:\Users\Karol\Desktop\drweb-600-livecd.iso
2014-04-22 21:49 - 2014-04-22 21:54 - 00002636 _____ () C:\Users\Karol\Desktop\AdwCleaner[S0].txt
2014-04-22 21:18 - 2014-04-22 21:21 - 17514868 _____ (Malwarebytes Corporation ) C:\Users\Karol\Desktop\mbam-setup.exe
2014-04-22 21:16 - 2014-04-22 21:55 - 00000000 ____D () C:\AdwCleaner
2014-04-22 21:16 - 2014-04-22 21:16 - 00602112 _____ (OldTimer Tools) C:\Users\Karol\Desktop\OTL.exe
2014-04-22 21:15 - 2014-04-22 21:16 - 01345581 _____ () C:\Users\Karol\Desktop\adwcleaner.exe
2014-04-22 20:49 - 2014-04-22 20:49 - 00002940 _____ () C:\Windows\System32\Tasks\{A83864BB-7682-40E3-A482-952C7C7D6251}
2014-04-22 20:47 - 2014-04-22 20:47 - 00002940 _____ () C:\Windows\System32\Tasks\{BBAFB171-A1B5-439A-9F7C-E967842BA60A}
2014-04-22 20:47 - 2014-04-22 20:47 - 00002940 _____ () C:\Windows\System32\Tasks\{375CCC83-190F-49F1-AB5C-018582A88C0A}
2014-04-22 20:03 - 2014-04-22 20:08 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-22 20:03 - 2014-03-02 14:05 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-21 12:25 - 2014-04-21 12:25 - 00002972 _____ () C:\Windows\System32\Tasks\{280C2FDD-B916-4055-A17B-00F60C3FB733}
2014-04-21 12:22 - 2014-04-21 12:22 - 00002972 _____ () C:\Windows\System32\Tasks\{3E213707-58CF-4F2A-ADD3-33CB491E8C76}
2014-04-21 12:21 - 2014-04-21 12:21 - 00002972 _____ () C:\Windows\System32\Tasks\{93736FE3-131B-4DA5-9820-A0865857A872}
2014-04-20 22:56 - 2014-04-22 20:26 - 00000000 ____D () C:\Program Files (x86)\iSafe
2014-04-20 22:56 - 2014-04-20 22:56 - 00001796 _____ () C:\Users\Public\Desktop\YAC.lnk
2014-04-20 22:56 - 2014-04-20 22:56 - 00000000 ____D () C:\Windows\system32\log
2014-04-20 22:56 - 2014-04-18 13:32 - 00043520 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeKrnlBoot.sys
2014-04-20 21:04 - 2014-04-20 21:04 - 00000000 ____D () C:\Users\Karol\AppData\Roaming\AVAST Software
2014-04-20 21:02 - 2014-04-22 21:52 - 00000336 _____ () C:\Windows\setupact.log
2014-04-20 21:02 - 2014-04-21 11:41 - 00157394 _____ () C:\Windows\PFRO.log
2014-04-20 21:02 - 2014-04-20 21:02 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-20 19:23 - 2014-04-20 19:23 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-04-20 19:23 - 2014-04-20 19:23 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-20 19:23 - 2014-04-20 19:23 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-04-20 18:32 - 2014-04-20 18:32 - 00000000 ____D () C:\Windows\pss
2014-04-17 20:50 - 2014-04-17 20:50 - 00004030 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-17 20:50 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-17 20:50 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-17 20:50 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-17 20:50 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-16 20:35 - 2014-04-16 20:35 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-04-16 20:31 - 2014-04-16 20:31 - 00000000 ____D () C:\ProgramData\Orion
2014-04-16 20:30 - 2014-04-16 20:30 - 00001950 _____ () C:\Users\Karol\Desktop\Sąsiedzi z piekła rodem - Jazdy z gwiazdą!.lnk
2014-04-16 20:29 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-04-16 20:29 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2014-04-16 20:29 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2014-04-16 20:29 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-04-16 20:29 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-04-16 20:29 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2014-04-16 20:29 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2014-04-16 20:29 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2014-04-16 20:26 - 2014-04-16 20:26 - 00000000 ____D () C:\Users\Karol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jazdy z gwiazda
2014-04-16 20:23 - 2014-04-16 20:25 - 00000000 ____D () C:\Program Files (x86)\Jazdy z gwiazda
2014-04-16 20:23 - 2014-04-16 20:23 - 00000000 ____D () C:\Users\Karol\AppData\Roaming\InstallShield
2014-04-15 19:23 - 2014-04-15 19:23 - 00000000 ____D () C:\Users\Karol\Desktop\206
2014-04-14 23:05 - 2014-04-14 23:05 - 00001208 _____ () C:\Users\Public\Desktop\CWK.lnk
2014-04-14 23:05 - 2014-04-14 23:05 - 00000000 ____D () C:\Program Files (x86)\Damian Pasternak
2014-04-14 15:13 - 2014-04-14 15:13 - 00000000 ____D () C:\Users\Karol\AppData\Local\Skype
2014-04-14 15:12 - 2014-04-14 15:12 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-04-11 21:46 - 2014-03-06 12:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-11 21:46 - 2014-03-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-11 21:46 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-11 21:46 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-11 21:46 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-11 21:46 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-11 21:46 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-11 21:46 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-11 21:46 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-11 21:46 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-11 21:46 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-11 21:46 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-11 21:46 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-11 21:46 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-11 21:46 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-11 21:46 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-11 21:46 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-11 21:46 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-11 21:46 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-11 21:46 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-11 21:46 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-11 21:46 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-11 21:46 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-11 21:46 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-11 21:46 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-11 21:46 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-11 21:46 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-11 21:46 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-11 21:46 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-11 21:46 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-11 21:46 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-11 21:46 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-11 21:46 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-11 21:46 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-11 21:46 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-11 21:46 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-11 21:46 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-11 21:46 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-11 21:46 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-11 21:46 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-11 21:46 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-11 21:46 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-11 21:46 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-11 21:45 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-11 21:45 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-11 21:45 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-11 21:45 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-11 21:45 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-09 19:35 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 19:35 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-09 19:35 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-09 19:35 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-09 19:35 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-09 19:35 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-09 19:35 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-09 19:35 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-09 19:35 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-09 19:35 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-09 19:35 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-01 07:32 - 2014-04-01 07:32 - 00003088 _____ () C:\Windows\System32\Tasks\{C9791F39-3CE8-454F-BC6B-121CD2090867}
2014-03-30 13:19 - 2014-04-17 19:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-23 17:26 - 2014-03-23 17:26 - 00000000 ____D () C:\Users\Karol\AppData\Roaming\ImgBurn
2014-03-23 17:21 - 2014-03-23 17:21 - 00001881 _____ () C:\Users\Public\Desktop\ImgBurn.lnk
2014-03-23 17:21 - 2014-03-23 17:21 - 00000000 ____D () C:\Program Files (x86)\ImgBurn
2014-03-23 17:10 - 2014-03-23 17:27 - 00000000 ____D () C:\Users\Karol\Desktop\Kon-Boot 2.3 (For Windows 7 8 8.1)(malestom)
2014-03-23 12:21 - 2014-03-23 12:22 - 00000000 ____D () C:\Users\Karol\AppData\Local\Canon Easy-PhotoPrint EX
2014-03-23 12:21 - 2014-03-23 12:21 - 00000000 ___HD () C:\ProgramData\CanonIJEPPEX
==================== One Month Modified Files and Folders =======
2014-04-22 22:21 - 2014-04-22 22:21 - 00010497 _____ () C:\Users\Karol\Desktop\FRST.txt
2014-04-22 22:21 - 2014-04-22 22:20 - 00000000 ____D () C:\FRST
2014-04-22 22:20 - 2014-04-22 22:19 - 02061312 _____ (Farbar) C:\Users\Karol\Desktop\FRST64.exe
2014-04-22 22:19 - 2013-09-12 18:43 - 00001046 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-22 22:16 - 2014-04-22 22:16 - 92597371 _____ () C:\Users\Karol\Desktop\drweb-600-livecd.iso.part
2014-04-22 22:16 - 2014-04-22 22:16 - 00000000 _____ () C:\Users\Karol\Desktop\drweb-600-livecd.iso
2014-04-22 22:14 - 2013-09-11 21:38 - 00000000 ____D () C:\Users\Karol\AppData\Roaming\AIMP3
2014-04-22 22:00 - 2009-07-14 06:45 - 00021264 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-22 22:00 - 2009-07-14 06:45 - 00021264 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-22 21:57 - 2013-09-11 20:21 - 01122031 _____ () C:\Windows\WindowsUpdate.log
2014-04-22 21:55 - 2014-04-22 21:16 - 00000000 ____D () C:\AdwCleaner
2014-04-22 21:54 - 2014-04-22 21:49 - 00002636 _____ () C:\Users\Karol\Desktop\AdwCleaner[S0].txt
2014-04-22 21:53 - 2013-09-12 18:43 - 00001042 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-22 21:53 - 2013-09-11 21:36 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-22 21:52 - 2014-04-20 21:02 - 00000336 _____ () C:\Windows\setupact.log
2014-04-22 21:52 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-22 21:21 - 2014-04-22 21:18 - 17514868 _____ (Malwarebytes Corporation ) C:\Users\Karol\Desktop\mbam-setup.exe
2014-04-22 21:16 - 2014-04-22 21:16 - 00602112 _____ (OldTimer Tools) C:\Users\Karol\Desktop\OTL.exe
2014-04-22 21:16 - 2014-04-22 21:15 - 01345581 _____ () C:\Users\Karol\Desktop\adwcleaner.exe
2014-04-22 20:54 - 2013-09-11 21:32 - 00000000 ____D () C:\Users\Karol\AppData\Roaming\Skype
2014-04-22 20:49 - 2014-04-22 20:49 - 00002940 _____ () C:\Windows\System32\Tasks\{A83864BB-7682-40E3-A482-952C7C7D6251}
2014-04-22 20:47 - 2014-04-22 20:47 - 00002940 _____ () C:\Windows\System32\Tasks\{BBAFB171-A1B5-439A-9F7C-E967842BA60A}
2014-04-22 20:47 - 2014-04-22 20:47 - 00002940 _____ () C:\Windows\System32\Tasks\{375CCC83-190F-49F1-AB5C-018582A88C0A}
2014-04-22 20:26 - 2014-04-20 22:56 - 00000000 ____D () C:\Program Files (x86)\iSafe
2014-04-22 20:08 - 2014-04-22 20:03 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-22 19:56 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-04-21 12:43 - 2013-09-11 21:21 - 00000000 ____D () C:\Users\Karol\AppData\Local\Adobe
2014-04-21 12:25 - 2014-04-21 12:25 - 00002972 _____ () C:\Windows\System32\Tasks\{280C2FDD-B916-4055-A17B-00F60C3FB733}
2014-04-21 12:22 - 2014-04-21 12:22 - 00002972 _____ () C:\Windows\System32\Tasks\{3E213707-58CF-4F2A-ADD3-33CB491E8C76}
2014-04-21 12:21 - 2014-04-21 12:21 - 00002972 _____ () C:\Windows\System32\Tasks\{93736FE3-131B-4DA5-9820-A0865857A872}
2014-04-21 11:41 - 2014-04-20 21:02 - 00157394 _____ () C:\Windows\PFRO.log
2014-04-20 22:56 - 2014-04-20 22:56 - 00001796 _____ () C:\Users\Public\Desktop\YAC.lnk
2014-04-20 22:56 - 2014-04-20 22:56 - 00000000 ____D () C:\Windows\system32\log
2014-04-20 21:04 - 2014-04-20 21:04 - 00000000 ____D () C:\Users\Karol\AppData\Roaming\AVAST Software
2014-04-20 21:02 - 2014-04-20 21:02 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-20 19:43 - 2013-09-11 21:36 - 00002026 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-04-20 19:27 - 2013-12-19 22:44 - 00000000 ____D () C:\Windows\Minidump
2014-04-20 19:27 - 2013-09-21 10:52 - 00000000 ____D () C:\Users\Karol\AppData\Roaming\DAEMON Tools Lite
2014-04-20 19:27 - 2013-09-12 17:27 - 00000000 ____D () C:\Users\Karol\AppData\Roaming\uTorrent
2014-04-20 19:23 - 2014-04-20 19:23 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-04-20 19:23 - 2014-04-20 19:23 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-20 19:23 - 2014-04-20 19:23 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-04-20 19:23 - 2013-09-11 21:36 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-20 19:23 - 2013-09-11 21:36 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-20 19:23 - 2013-09-11 21:36 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-20 19:23 - 2013-09-11 21:36 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-20 19:23 - 2013-09-11 21:36 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-20 19:23 - 2013-09-11 21:36 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-20 19:23 - 2013-09-11 21:36 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-20 19:19 - 2013-09-11 21:35 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-04-20 19:18 - 2013-09-11 21:36 - 00000000 _____ () C:\Windows\SysWOW64\config.nt
2014-04-20 18:32 - 2014-04-20 18:32 - 00000000 ____D () C:\Windows\pss
2014-04-18 13:32 - 2014-04-20 22:56 - 00043520 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeKrnlBoot.sys
2014-04-17 20:51 - 2013-11-23 16:07 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-17 20:50 - 2014-04-17 20:50 - 00004030 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-17 20:50 - 2013-11-23 16:06 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-17 19:17 - 2014-03-30 13:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-16 20:35 - 2014-04-16 20:35 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-04-16 20:31 - 2014-04-16 20:31 - 00000000 ____D () C:\ProgramData\Orion
2014-04-16 20:30 - 2014-04-16 20:30 - 00001950 _____ () C:\Users\Karol\Desktop\Sąsiedzi z piekła rodem - Jazdy z gwiazdą!.lnk
2014-04-16 20:26 - 2014-04-16 20:26 - 00000000 ____D () C:\Users\Karol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jazdy z gwiazda
2014-04-16 20:25 - 2014-04-16 20:23 - 00000000 ____D () C:\Program Files (x86)\Jazdy z gwiazda
2014-04-16 20:23 - 2014-04-16 20:23 - 00000000 ____D () C:\Users\Karol\AppData\Roaming\InstallShield
2014-04-16 20:23 - 2013-09-23 17:35 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-15 21:54 - 2013-10-10 18:07 - 00000000 ____D () C:\Users\Karol\Desktop\skuter
2014-04-15 19:23 - 2014-04-15 19:23 - 00000000 ____D () C:\Users\Karol\Desktop\206
2014-04-14 23:05 - 2014-04-14 23:05 - 00001208 _____ () C:\Users\Public\Desktop\CWK.lnk
2014-04-14 23:05 - 2014-04-14 23:05 - 00000000 ____D () C:\Program Files (x86)\Damian Pasternak
2014-04-14 20:13 - 2014-04-17 20:50 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-14 20:05 - 2014-04-17 20:50 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-14 20:05 - 2014-04-17 20:50 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-14 20:04 - 2014-04-17 20:50 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-14 17:54 - 2011-02-04 19:20 - 00737730 _____ () C:\Windows\system32\perfh015.dat
2014-04-14 17:54 - 2011-02-04 19:20 - 00154418 _____ () C:\Windows\system32\perfc015.dat
2014-04-14 17:54 - 2009-07-14 07:13 - 01662556 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-14 15:13 - 2014-04-14 15:13 - 00000000 ____D () C:\Users\Karol\AppData\Local\Skype
2014-04-14 15:13 - 2013-09-11 21:32 - 00000000 ____D () C:\ProgramData\Skype
2014-04-14 15:12 - 2014-04-14 15:12 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-04-14 15:12 - 2013-09-11 21:32 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-04-12 12:04 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-04 20:18 - 2014-03-20 21:20 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-04-01 13:07 - 2013-09-12 18:43 - 00004042 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-01 13:07 - 2013-09-12 18:43 - 00003790 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-01 07:32 - 2014-04-01 07:32 - 00003088 _____ () C:\Windows\System32\Tasks\{C9791F39-3CE8-454F-BC6B-121CD2090867}
2014-03-31 21:19 - 2009-07-14 04:34 - 00000250 _____ () C:\Windows\system.ini
2014-03-31 12:03 - 2013-09-11 21:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-31 09:35 - 2010-11-21 05:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-03-25 13:51 - 2013-09-11 21:15 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-25 13:51 - 2013-09-11 21:15 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-23 17:27 - 2014-03-23 17:10 - 00000000 ____D () C:\Users\Karol\Desktop\Kon-Boot 2.3 (For Windows 7 8 8.1)(malestom)
2014-03-23 17:26 - 2014-03-23 17:26 - 00000000 ____D () C:\Users\Karol\AppData\Roaming\ImgBurn
2014-03-23 17:21 - 2014-03-23 17:21 - 00001881 _____ () C:\Users\Public\Desktop\ImgBurn.lnk
2014-03-23 17:21 - 2014-03-23 17:21 - 00000000 ____D () C:\Program Files (x86)\ImgBurn
2014-03-23 15:18 - 2013-11-21 21:46 - 00000000 ____D () C:\Users\Karol\Desktop\KOPIA KARTY
2014-03-23 12:22 - 2014-03-23 12:21 - 00000000 ____D () C:\Users\Karol\AppData\Local\Canon Easy-PhotoPrint EX
2014-03-23 12:21 - 2014-03-23 12:21 - 00000000 ___HD () C:\ProgramData\CanonIJEPPEX
Some content of TEMP:
====================
C:\Users\Karol\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe = & gt; MD5 is legit
C:\Windows\System32\wininit.exe = & gt; MD5 is legit
C:\Windows\SysWOW64\wininit.exe = & gt; MD5 is legit
C:\Windows\explorer.exe = & gt; MD5 is legit
C:\Windows\SysWOW64\explorer.exe = & gt; MD5 is legit
C:\Windows\System32\svchost.exe = & gt; MD5 is legit
C:\Windows\SysWOW64\svchost.exe = & gt; MD5 is legit
C:\Windows\System32\services.exe = & gt; MD5 is legit
C:\Windows\System32\User32.dll = & gt; MD5 is legit
C:\Windows\SysWOW64\User32.dll = & gt; MD5 is legit
C:\Windows\System32\userinit.exe = & gt; MD5 is legit
C:\Windows\SysWOW64\userinit.exe = & gt; MD5 is legit
C:\Windows\System32\rpcss.dll = & gt; MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys = & gt; MD5 is legit
LastRegBack: 2014-03-30 19:55
==================== End Of Log ============================