Scan result of Farbar Recovery Scan Tool (FRST written by farbar) Version: 14-03-2012 Ran by SYSTEM at 02-04-2012 21:51:14 Running from H:\ Windows 7 Home Premium (X86) OS Language: English(US) The current controlset is ControlSet002 ========================== Registry (Whitelisted) ============= HKLM\...\Run: [EfficientStickyNotes] [x] HKU\love sweets ^^\...\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2009-09-24] (Google Inc.) HKU\love sweets ^^\...\Policies\system: [LogonHoursAction] 2 HKU\love sweets ^^\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\matka\...\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2009-09-24] (Google Inc.) HKU\matka\...\Policies\system: [LogonHoursAction] 2 HKU\matka\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\Samsung\...\Policies\system: [LogonHoursAction] 2 HKU\Samsung\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\Wszyscy inni\...\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2009-09-24] (Google Inc.) HKU\Wszyscy inni\...\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized [14940040 2010-10-11] (Skype Technologies S.A.) HKU\Wszyscy inni\...\Policies\system: [LogonHoursAction] 2 HKU\Wszyscy inni\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\Zuzia2.Samsung-komp\...\Policies\system: [LogonHoursAction] 2 HKU\Zuzia2.Samsung-komp\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 Winlogon\Notify\igfxcui: igfxdev.dll (Intel Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 AppInit_DLLs: C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\datamngr.dll C:\PROGRA~1\BEARSH~1\MediaBar\DataMngr\IEBHO.dll C:\PROGRA~1\BEARSH~1\MediaBar\DataMngr\datamngr.dll ================================ Services (Whitelisted) ================== 4 BcmSqlStartupSvc; "C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe" [30312 2008-01-16] (Microsoft Corporation) 4 EPSON_EB_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE [143872 2007-12-17] (SEIKO EPSON CORPORATION) 4 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE [113664 2007-01-11] (SEIKO EPSON CORPORATION) 4 gupdate1caab4d5a783189; "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc [133104 2010-02-11] (Google Inc.) 4 gupdatem; "C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc [133104 2010-02-11] (Google Inc.) 4 McAfee SiteAdvisor Service; "C:\Program Files\McAfee\SiteAdvisor\McSACore.exe" [203280 2009-01-22] () 4 McComponentHostService; "C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe" [227232 2010-01-15] (McAfee, Inc.) 4 mcmscsvc; C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [865832 2009-10-28] (McAfee, Inc.) 4 McODS; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [365072 2009-10-28] (McAfee, Inc.) 2 McShield; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [144704 2009-11-04] (McAfee, Inc.) 3 McSysmon; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [606736 2009-11-04] (McAfee, Inc.) 4 MpfService; "C:\Program Files\McAfee\MPF\MPFSrv.exe" [895696 2009-10-27] (McAfee, Inc.) 4 MSK80Service; "C:\Program Files\McAfee\MSK\MskSrver.exe" [26640 2009-10-02] (McAfee, Inc.) 4 MSSQL$MSSMLBIZ; "C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sMSSMLBIZ [29293408 2010-12-10] (Microsoft Corporation) 4 MSSQLServerADHelper; "C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe" [44384 2010-12-10] (Microsoft Corporation) 4 OberonGameConsoleService; "C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe" [44312 2009-08-13] () 4 SQLBrowser; "C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe" [238944 2010-12-10] (Microsoft Corporation) 4 SQLWriter; "C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" [86880 2010-12-10] (Microsoft Corporation) 4 McNASvc; "c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe" [x] 4 McProxy; c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe [x] ========================== Drivers (Whitelisted) ============= 3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [35776 2011-05-13] (http://libusb-win32.sourceforge.net) 3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [79816 2009-11-04] (McAfee, Inc.) 3 mfebopk; C:\Windows\System32\drivers\mfebopk.sys [35272 2009-11-04] (McAfee, Inc.) 1 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [214664 2009-11-04] (McAfee, Inc.) 3 mferkdk; C:\Windows\System32\drivers\mferkdk.sys [34248 2009-11-04] (McAfee, Inc.) 3 mfesmfk; C:\Windows\System32\drivers\mfesmfk.sys [40552 2009-11-04] (McAfee, Inc.) 1 MPFP; C:\Windows\System32\Drivers\Mpfp.sys [130424 2009-04-08] (McAfee, Inc.) 1 SABI; \??\C:\windows\system32\Drivers\SABI.sys [10752 2009-05-27] (SAMSUNG ELECTRONICS) ========================== NetSvcs (Whitelisted) =========== ============ One Month Created Files and Folders ============== 2012-04-02 17:47 - 2009-07-13 17:15 - 0606208 ____A (Microsoft Corporation) C:\Windows\System32\mstime.dll 2012-04-02 17:47 - 2009-07-13 17:15 - 0018432 ____A (Microsoft Corporation) C:\Windows\System32\corpol.dll 2012-04-02 11:44 - 2012-04-02 11:44 - 0008212 ____A C:\Windows\mfebcdata 2012-04-02 10:07 - 2012-04-02 10:08 - 0040776 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamswissarmy.sys 2012-04-02 10:07 - 2012-04-02 10:07 - 0000000 ____D C:\Users\Samsung\AppData\Roaming\Malwarebytes 2012-04-02 10:07 - 2012-04-02 10:07 - 0000000 ____D C:\Users\All Users\Malwarebytes 2012-04-02 10:07 - 2012-04-02 10:07 - 0000000 ____D C:\ProgramData\Malwarebytes 2012-04-02 10:02 - 2012-04-02 11:35 - 0200316 ____A C:\Windows\ntbtlog.txt 2012-04-02 07:17 - 2012-04-02 07:17 - 0000000 ____D C:\Users\Samsung\AppData\Local\ElevatedDiagnostics 2012-04-02 04:55 - 2012-04-02 04:55 - 0000000 ____D C:\Program Files\ESET 2012-04-02 04:55 - 2012-03-31 23:56 - 2322184 ____A (ESET) C:\Users\Samsung\Desktop\esetsmartinstaller_plk.exe 2012-04-02 03:51 - 2012-04-02 03:51 - 0000000 ____D C:\Users\Zuzia2.Samsung-komp\AppData\Local\ElevatedDiagnostics 2012-04-01 11:37 - 2012-04-01 11:37 - 2421190 ____A C:\Users\Zuzia2.Samsung-komp\Documents\Nowy obraz mapy bitowej.bmp 2012-04-01 09:35 - 2012-04-01 09:36 - 0025088 ____A C:\Users\Zuzia2.Samsung-komp\Documents\Zdjecie2060.jpg 2012-04-01 09:35 - 2012-04-01 09:36 - 0021898 ____A C:\Users\Zuzia2.Samsung-komp\Documents\Zdjecie2061.jpg 2012-04-01 09:35 - 2012-04-01 09:35 - 0026908 ____A C:\Users\Zuzia2.Samsung-komp\Documents\Zdjecie2058.jpg 2012-04-01 09:35 - 2012-04-01 09:35 - 0000000 ____A C:\Users\Zuzia2.Samsung-komp\Documents\Zdjecie2059.jpg 2012-04-01 09:32 - 2012-04-01 09:32 - 0128760 ____A C:\Users\Zuzia2.Samsung-komp\AppData\Local\GDIPFONTCACHEV1.DAT 2012-04-01 09:30 - 2012-04-01 09:33 - 0549220 ____A C:\Users\Zuzia2.Samsung-komp\Desktop\liam_payne_png_2_by_xdetodounpocox-d4nx6tt.png 2012-04-01 09:27 - 2012-04-01 09:27 - 0000000 ____D C:\Users\Zuzia2.Samsung-komp\AppData\Local\cache 2012-04-01 09:26 - 2012-04-01 09:27 - 0000000 ____D C:\Users\Zuzia2.Samsung-komp\AppData\Roaming\Mozilla 2012-04-01 09:26 - 2012-04-01 09:26 - 0000000 ____D C:\Users\Zuzia2.Samsung-komp\AppData\Local\Mozilla 2012-04-01 01:21 - 2012-04-01 12:28 - 20814420 ____A C:\Users\Samsung\Desktop\launch.exe 2012-04-01 01:12 - 2012-04-01 01:12 - 0000000 ____D C:\Windows\pss 2012-04-01 00:52 - 2012-04-01 00:53 - 0000000 ____D C:\Users\Zuzia2.Samsung-komp\AppData\Roaming\Google 2012-04-01 00:52 - 2012-04-01 00:52 - 0000000 ____D C:\Users\Zuzia2.Samsung-komp\AppData\Roaming\Adobe 2012-04-01 00:51 - 2012-04-01 09:27 - 0000000 ____D C:\Users\Zuzia2.Samsung-komp\AppData\Roaming\Nowe Gadu-Gadu 2012-04-01 00:51 - 2012-04-01 00:52 - 0000000 ____D C:\Users\Zuzia2.Samsung-komp\AppData\Local\Google 2012-04-01 00:50 - 2012-02-22 23:18 - 0237072 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe 2012-03-31 23:40 - 2012-03-31 23:40 - 0000000 ____D C:\Users\Zuzia2.Samsung-komp\AppData\Roaming\Real 2012-03-31 23:40 - 2012-03-31 23:40 - 0000000 ____D C:\Users\Zuzia2.Samsung-komp\AppData\Roaming\Epson 2012-03-31 23:38 - 2012-03-31 23:38 - 0000174 ___SH C:\Users\Zuzia2.Samsung-komp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini 2012-03-31 23:37 - 2012-04-01 09:35 - 0000000 ____D C:\Users\Zuzia2.Samsung-komp\AppData\Local\VirtualStore 2012-03-31 23:37 - 2012-04-01 00:52 - 0000000 ____D C:\Users\Zuzia2.Samsung-komp\AppData\LocalLow 2012-03-31 23:37 - 2012-03-31 23:40 - 0001079 ____A C:\Users\Zuzia2.Samsung-komp\Desktop\CyberLink YouCam.lnk 2012-03-31 23:37 - 2012-03-31 23:38 - 0000000 ____D C:\users\Zuzia2.Samsung-komp 2012-03-31 23:37 - 2012-03-31 23:37 - 0000640 _RASH C:\Users\Zuzia2.Samsung-komp\ntuser.pol 2012-03-31 23:37 - 2012-03-31 23:37 - 0000020 ___SH C:\Users\Zuzia2.Samsung-komp\ntuser.ini 2012-03-31 23:37 - 2012-03-31 23:37 - 0000000 __SHD C:\Users\Zuzia2.Samsung-komp\Ustawienia lokalne 2012-03-31 23:37 - 2012-03-31 23:37 - 0000000 __SHD C:\Users\Zuzia2.Samsung-komp\Szablony 2012-03-31 23:37 - 2012-03-31 23:37 - 0000000 __SHD C:\Users\Zuzia2.Samsung-komp\PrintHood 2012-03-31 23:37 - 2012-03-31 23:37 - 0000000 __SHD C:\Users\Zuzia2.Samsung-komp\NetHood 2012-03-31 23:37 - 2012-03-31 23:37 - 0000000 __SHD C:\Users\Zuzia2.Samsung-komp\Moje dokumenty 2012-03-31 23:37 - 2012-03-31 23:37 - 0000000 __SHD C:\Users\Zuzia2.Samsung-komp\Menu Start 2012-03-31 23:37 - 2012-03-31 23:37 - 0000000 __SHD C:\Users\Zuzia2.Samsung-komp\Documents\Moje wideo 2012-03-31 23:37 - 2012-03-31 23:37 - 0000000 __SHD C:\Users\Zuzia2.Samsung-komp\Documents\Moje obrazy 2012-03-31 23:37 - 2012-03-31 23:37 - 0000000 __SHD C:\Users\Zuzia2.Samsung-komp\Documents\Moja muzyka 2012-03-31 23:37 - 2012-03-31 23:37 - 0000000 __SHD C:\Users\Zuzia2.Samsung-komp\Dane aplikacji 2012-03-31 23:37 - 2012-03-31 23:37 - 0000000 __SHD C:\Users\Zuzia2.Samsung-komp\AppData\Local\Temporary Internet Files 2012-03-31 23:37 - 2012-03-31 23:37 - 0000000 __SHD C:\Users\Zuzia2.Samsung-komp\AppData\Local\Historia 2012-03-31 23:37 - 2012-03-31 23:37 - 0000000 __SHD C:\Users\Zuzia2.Samsung-komp\AppData\Local\Dane aplikacji 2012-03-31 23:37 - 2011-08-20 14:36 - 0000000 ____D C:\Users\Zuzia2.Samsung-komp\AppData\Roaming\Macromedia 2012-03-31 23:37 - 2010-10-04 23:08 - 0000000 ____D C:\Users\Zuzia2.Samsung-komp\AppData\Local\Microsoft Help 2012-03-31 23:37 - 2009-09-24 17:55 - 0000000 ____D C:\Users\Zuzia2.Samsung-komp\AppData\Roaming\Media Center Programs 2012-03-31 14:02 - 2012-03-31 14:02 - 0073388 ____A C:\Users\matka\Documents\beznazwy.png 2012-03-31 13:55 - 2012-03-31 13:55 - 0029727 ____A C:\Users\matka\Documents\530878_221554157952858_100002948252741_446103_629448150_n_large.jpg 2012-03-31 12:39 - 2012-03-31 12:40 - 0509433 ____A C:\Users\Samsung\Desktop\liam_payne_png_2_by_xdetodounpocox-d4nx6tt.png 2012-03-31 12:39 - 2012-03-31 12:39 - 0063767 ____A C:\Users\Samsung\Desktop\1330028113_9177.jpg 2012-03-31 12:32 - 2012-03-31 12:32 - 0179456 ____A C:\Users\Samsung\Desktop\Liam-liam-payne-30152216-1280-1024.jpg 2012-03-31 12:26 - 2012-03-31 12:30 - 0553084 ____A C:\Users\Samsung\Desktop\ec0ff1c7002134c94eb6db1f.png 2012-03-31 07:07 - 2012-03-31 07:07 - 0024902 ____A C:\Users\Samsung\Desktop\bat 2.png 2012-03-31 07:06 - 2012-03-31 07:06 - 0024902 ____A C:\Users\Samsung\Documents\embl.png 2012-03-31 05:17 - 2012-03-31 05:18 - 0064254 ____A C:\Users\Samsung\Desktop\bat.png 2012-03-31 04:42 - 2012-03-31 04:55 - 0000000 ____D C:\Users\Samsung\Desktop\wiosna 2012-03-31 04:28 - 2012-03-31 04:28 - 0050410 ____A C:\Users\Samsung\Desktop\battttman.png 2012-03-31 04:18 - 2012-03-31 04:18 - 0005851 ____A C:\Users\Samsung\Desktop\default.jpeg 2012-03-26 09:27 - 2012-03-26 09:27 - 0000000 ____A C:\Users\Samsung\Documents\IMG_2849(3).jpg 2012-03-26 09:26 - 2012-03-26 09:26 - 0000000 ____A C:\Users\Samsung\Documents\IMG_2849(2).jpg 2012-03-26 09:25 - 2012-03-26 09:25 - 0000000 ____A C:\Users\Samsung\Documents\IMG_2849(1).jpg 2012-03-26 09:24 - 2012-03-26 09:24 - 0000000 ____A C:\Users\Samsung\Documents\IMG_2849.jpg 2012-03-22 12:57 - 2012-03-22 13:07 - 1909737 ____A C:\Users\Samsung\Documents\DSCN7099.JPG 2012-03-22 12:57 - 2012-03-22 12:57 - 0000000 ____A C:\Users\Samsung\Documents\DSCN7100.JPG 2012-03-22 12:57 - 2012-03-22 12:57 - 0000000 ____A C:\Users\Samsung\Documents\DSCN7098.JPG 2012-03-22 12:56 - 2012-03-22 13:07 - 1959096 ____A C:\Users\Samsung\Documents\DSCN7095.JPG 2012-03-22 12:56 - 2012-03-22 13:07 - 1945649 ____A C:\Users\Samsung\Documents\DSCN7089.JPG 2012-03-22 12:56 - 2012-03-22 13:07 - 1797108 ____A C:\Users\Samsung\Documents\DSCN7087.JPG 2012-03-22 12:56 - 2012-03-22 13:06 - 1634287 ____A C:\Users\Samsung\Documents\DSCN7084.JPG 2012-03-22 12:55 - 2012-03-22 13:06 - 1780472 ____A C:\Users\Samsung\Documents\DSCN7076.JPG 2012-03-22 12:55 - 2012-03-22 13:05 - 1814447 ____A C:\Users\Samsung\Documents\DSCN7075.JPG 2012-03-22 11:12 - 2012-03-22 11:12 - 4435968 ____A (Google Inc.) C:\Windows\System32\GPhotos.scr 2012-03-14 14:19 - 2011-11-19 06:25 - 3957616 ____A (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe 2012-03-14 14:19 - 2011-11-19 06:25 - 3902320 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe 2012-03-14 04:43 - 2012-02-09 21:41 - 1170944 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll 2012-03-14 04:43 - 2012-02-09 21:41 - 1074176 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll 2012-03-14 04:43 - 2012-02-09 21:41 - 0739840 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll 2012-03-14 04:43 - 2012-02-09 21:41 - 0218624 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll 2012-03-14 04:43 - 2012-02-09 21:41 - 0161792 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll 2012-03-14 04:43 - 2012-02-02 20:01 - 2341376 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys 2012-03-14 04:38 - 2012-01-24 21:44 - 0129536 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll 2012-03-14 04:38 - 2012-01-24 21:44 - 0057856 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll 2012-03-14 04:38 - 2012-01-24 21:40 - 0008192 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe 2012-03-14 04:37 - 2012-02-14 21:44 - 0826368 ____A (Microsoft Corporation) C:\Windows\System32\rdpcore.dll 2012-03-14 04:37 - 2012-02-14 20:22 - 0177152 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys 2012-03-14 04:37 - 2012-02-14 20:22 - 0024064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tdtcp.sys 2012-03-07 07:27 - 2012-03-07 07:28 - 1083355 ____A C:\Users\Samsung\Documents\2012-03-06 22.05.37.jpg 2012-03-05 06:32 - 2012-03-05 06:32 - 0022784 ____A C:\Users\Samsung\Documents\Zdjecie2044.jpg 2012-03-05 06:32 - 2012-03-05 06:32 - 0019142 ____A C:\Users\Samsung\Documents\Zdjecie2046.jpg 2012-03-05 06:32 - 2012-03-05 06:32 - 0000000 ____A C:\Users\Samsung\Documents\Zdjecie2048.jpg 2012-03-05 06:31 - 2012-03-05 06:31 - 0024807 ____A C:\Users\Samsung\Documents\Zdjecie2040.jpg 2012-03-05 06:31 - 2012-03-05 06:31 - 0020928 ____A C:\Users\Samsung\Documents\Zdjecie2045.jpg 2012-03-05 06:31 - 2012-03-05 06:31 - 0020180 ____A C:\Users\Samsung\Documents\Zdjecie2042.jpg 2012-03-05 06:31 - 2012-03-05 06:31 - 0016271 ____A C:\Users\Samsung\Documents\Zdjecie2043.jpg 2012-03-05 06:31 - 2012-03-05 06:31 - 0000000 ____A C:\Users\Samsung\Documents\Zdjecie2039.jpg ============ 3 Months Modified Files and Folders =============== 2012-04-02 21:51 - 2012-04-02 21:50 - 0000000 ___DC C:\FRST 2012-04-02 17:48 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\System32\com 2012-04-02 17:48 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\IME 2012-04-02 11:44 - 2012-04-02 11:44 - 0008212 ____A C:\Windows\mfebcdata 2012-04-02 11:44 - 2009-09-24 17:17 - 1900196 ____A C:\Windows\WindowsUpdate.log 2012-04-02 11:42 - 2009-09-24 17:14 - 2384941056 __ASH C:\hiberfil.sys 2012-04-02 11:35 - 2012-04-02 10:02 - 0200316 ____A C:\Windows\ntbtlog.txt 2012-04-02 10:43 - 2010-08-10 08:33 - 0000000 ____D C:\Users\Samsung\.gimp-2.6 2012-04-02 10:08 - 2012-04-02 10:07 - 0040776 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamswissarmy.sys 2012-04-02 10:07 - 2012-04-02 10:07 - 0000000 ____D C:\Users\Samsung\AppData\Roaming\Malwarebytes 2012-04-02 10:07 - 2012-04-02 10:07 - 0000000 ____D C:\Users\All Users\Malwarebytes 2012-04-02 10:07 - 2012-04-02 10:07 - 0000000 ____D C:\ProgramData\Malwarebytes 2012-04-02 10:04 - 2010-10-22 09:31 - 0000000 ____D C:\Users\Samsung\AppData\Roaming\PhotoScape 2012-04-02 09:56 - 2009-07-13 20:34 - 0014736 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2012-04-02 09:56 - 2009-07-13 20:34 - 0014736 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2012-04-02 07:17 - 2012-04-02 07:17 - 0000000 ____D C:\Users\Samsung\AppData\Local\ElevatedDiagnostics 2012-04-02 04:55 - 2012-04-02 04:55 - 0000000 ____D C:\Program Files\ESET 2012-04-02 03:52 - 2010-02-21 11:06 - 0000000 ____D C:\Users\Wszyscy inni\AppData\Roaming\Skype 2012-04-02 03:51 - 2012-04-02 03:51 - 0000000 ____D C:\Users\Zuzia2.Samsung-komp\AppData\Local\ElevatedDiagnostics 2012-04-01 12:29 - 2009-09-24 01:44 - 0033423 ____A C:\Windows\System32\Config.MPF 2012-04-01 12:28 - 2012-04-01 01:21 - 20814420 ____A C:\Users\Samsung\Desktop\launch.exe 2012-04-01 12:28 - 2011-01-01 13:07 - 0593920 ____A C:\Users\Samsung\Documents\MyStickyNotes.esn 2012-04-01 12:22 - 2010-02-11 11:21 - 0001032 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2012-04-01 11:56 - 2010-02-11 11:06 - 0000000 ____D C:\Users\Samsung\AppData\Roaming\Skype 2012-04-01 11:37 - 2012-04-01 11:37 - 2421190 ____A C:\Users\Zuzia2.Samsung-komp\Documents\Nowy obraz mapy bitowej.bmp 2012-04-01 11:33 - 2011-09-24 02:13 - 0001036 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cc7aa28ad669cd.job 2012-04-01 09:36 - 2012-04-01 09:35 - 0025088 ____A C:\Users\Zuzia2.Samsung-komp\Documents\Zdjecie2060.jpg 2012-04-01 09:36 - 2012-04-01 09:35 - 0021898 ____A C:\Users\Zuzia2.Samsung-komp\Documents\Zdjecie2061.jpg 2012-04-01 09:35 - 2012-04-01 09:35 - 0026908 ____A C:\Users\Zuzia2.Samsung-komp\Documents\Zdjecie2058.jpg 2012-04-01 09:35 - 2012-04-01 09:35 - 0000000 ____A C:\Users\Zuzia2.Samsung-komp\Documents\Zdjecie2059.jpg 2012-04-01 09:35 - 2012-03-31 23:37 - 0000000 ____D C:\Users\Zuzia2.Samsung-komp\AppData\Local\VirtualStore 2012-04-01 09:33 - 2012-04-01 09:30 - 0549220 ____A C:\Users\Zuzia2.Samsung-komp\Desktop\liam_payne_png_2_by_xdetodounpocox-d4nx6tt.png 2012-04-01 09:32 - 2012-04-01 09:32 - 0128760 ____A C:\Users\Zuzia2.Samsung-komp\AppData\Local\GDIPFONTCACHEV1.DAT 2012-04-01 09:27 - 2012-04-01 09:27 - 0000000 ____D C:\Users\Zuzia2.Samsung-komp\AppData\Local\cache 2012-04-01 09:27 - 2012-04-01 09:26 - 0000000 ____D C:\Users\Zuzia2.Samsung-komp\AppData\Roaming\Mozilla 2012-04-01 09:27 - 2012-04-01 00:51 - 0000000 ____D C:\Users\Zuzia2.Samsung-komp\AppData\Roaming\Nowe Gadu-Gadu 2012-04-01 09:26 - 2012-04-01 09:26 - 0000000 ____D C:\Users\Zuzia2.Samsung-komp\AppData\Local\Mozilla 2012-04-01 09:25 - 2011-01-06 14:48 - 0000000 ____D C:\Users\Samsung\AppData\Roaming\IMVU 2012-04-01 06:02 - 2010-02-11 11:12 - 0000000 ____D C:\Users\Samsung\AppData\Roaming\skypePM 2012-04-01 01:12 - 2012-04-01 01:12 - 0000000 ____D C:\Windows\pss 2012-04-01 00:55 - 2011-06-29 21:47 - 0000000 ____D C:\Users\Samsung\Tracing 2012-04-01 00:55 - 2010-04-24 12:55 - 0000000 ____D C:\Users\Samsung\AppData\Roaming\ipla 2012-04-01 00:53 - 2012-04-01 00:52 - 0000000 ____D C:\Users\Zuzia2.Samsung-komp\AppData\Roaming\Google 2012-04-01 00:52 - 2012-04-01 00:52 - 0000000 ____D C:\Users\Zuzia2.Samsung-komp\AppData\Roaming\Adobe 2012-04-01 00:52 - 2012-04-01 00:51 - 0000000 ____D C:\Users\Zuzia2.Samsung-komp\AppData\Local\Google 2012-04-01 00:52 - 2012-03-31 23:37 - 0000000 ____D C:\Users\Zuzia2.Samsung-komp\AppData\LocalLow 2012-04-01 00:43 - 2011-01-02 13:46 - 0000000 ____D C:\Users\Samsung\Documents\EfficientPIM AutoBackup 2012-04-01 00:37 - 2012-01-11 11:31 - 0000000 ____D C:\Users\Samsung\Desktop\Originals 2012-04-01 00:26 - 2012-02-09 17:49 - 0000000 ____D C:\Users\Samsung\Desktop\Z NIKKS 2012-03-31 23:56 - 2012-04-02 04:55 - 2322184 ____A (ESET) C:\Users\Samsung\Desktop\esetsmartinstaller_plk.exe 2012-03-31 23:40 - 2012-03-31 23:40 - 0000000 ____D C:\Users\Zuzia2.Samsung-komp\AppData\Roaming\Real 2012-03-31 23:40 - 2012-03-31 23:40 - 0000000 ____D C:\Users\Zuzia2.Samsung-komp\AppData\Roaming\Epson 2012-03-31 23:40 - 2012-03-31 23:37 - 0001079 ____A C:\Users\Zuzia2.Samsung-komp\Desktop\CyberLink YouCam.lnk 2012-03-31 23:38 - 2012-03-31 23:38 - 0000174 ___SH C:\Users\Zuzia2.Samsung-komp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini 2012-03-31 23:38 - 2012-03-31 23:37 - 0000000 ____D C:\users\Zuzia2.Samsung-komp 2012-03-31 23:38 - 2009-07-13 18:36 - 0000000 _SHDC C:\$Recycle.Bin 2012-03-31 23:37 - 2012-03-31 23:37 - 0000640 _RASH C:\Users\Zuzia2.Samsung-komp\ntuser.pol 2012-03-31 23:37 - 2012-03-31 23:37 - 0000020 ___SH C:\Users\Zuzia2.Samsung-komp\ntuser.ini 2012-03-31 23:37 - 2012-03-31 23:37 - 0000000 __SHD C:\Users\Zuzia2.Samsung-komp\Ustawienia lokalne 2012-03-31 23:37 - 2012-03-31 23:37 - 0000000 __SHD C:\Users\Zuzia2.Samsung-komp\Szablony 2012-03-31 23:37 - 2012-03-31 23:37 - 0000000 __SHD C:\Users\Zuzia2.Samsung-komp\PrintHood 2012-03-31 23:37 - 2012-03-31 23:37 - 0000000 __SHD C:\Users\Zuzia2.Samsung-komp\NetHood 2012-03-31 23:37 - 2012-03-31 23:37 - 0000000 __SHD C:\Users\Zuzia2.Samsung-komp\Moje dokumenty 2012-03-31 23:37 - 2012-03-31 23:37 - 0000000 __SHD C:\Users\Zuzia2.Samsung-komp\Menu Start 2012-03-31 23:37 - 2012-03-31 23:37 - 0000000 __SHD C:\Users\Zuzia2.Samsung-komp\Documents\Moje wideo 2012-03-31 23:37 - 2012-03-31 23:37 - 0000000 __SHD C:\Users\Zuzia2.Samsung-komp\Documents\Moje obrazy 2012-03-31 23:37 - 2012-03-31 23:37 - 0000000 __SHD C:\Users\Zuzia2.Samsung-komp\Documents\Moja muzyka 2012-03-31 23:37 - 2012-03-31 23:37 - 0000000 __SHD C:\Users\Zuzia2.Samsung-komp\Dane aplikacji 2012-03-31 23:37 - 2012-03-31 23:37 - 0000000 __SHD C:\Users\Zuzia2.Samsung-komp\AppData\Local\Temporary Internet Files 2012-03-31 23:37 - 2012-03-31 23:37 - 0000000 __SHD C:\Users\Zuzia2.Samsung-komp\AppData\Local\Historia 2012-03-31 23:37 - 2012-03-31 23:37 - 0000000 __SHD C:\Users\Zuzia2.Samsung-komp\AppData\Local\Dane aplikacji 2012-03-31 23:03 - 2009-07-13 20:53 - 0000006 ___AH C:\Windows\Tasks\SA.DAT 2012-03-31 23:03 - 2009-07-13 20:39 - 0176350 ____A C:\Windows\setupact.log 2012-03-31 14:02 - 2012-03-31 14:02 - 0073388 ____A C:\Users\matka\Documents\beznazwy.png 2012-03-31 13:55 - 2012-03-31 13:55 - 0029727 ____A C:\Users\matka\Documents\530878_221554157952858_100002948252741_446103_629448150_n_large.jpg 2012-03-31 13:55 - 2011-04-27 03:36 - 0000000 ____D C:\Users\matka\AppData\Local\VirtualStore 2012-03-31 13:37 - 2009-09-24 18:00 - 0744854 ____A C:\Windows\System32\perfh015.dat 2012-03-31 13:37 - 2009-09-24 18:00 - 0152746 ____A C:\Windows\System32\perfc015.dat 2012-03-31 13:37 - 2009-07-26 12:06 - 1681106 ____A C:\Windows\System32\PerfStringBackup.INI 2012-03-31 13:07 - 2009-12-21 02:20 - 0000000 ____D C:\Users\Samsung\AppData\LocalLow 2012-03-31 13:07 - 2009-12-21 02:20 - 0000000 ____D C:\users\Samsung 2012-03-31 12:40 - 2012-03-31 12:39 - 0509433 ____A C:\Users\Samsung\Desktop\liam_payne_png_2_by_xdetodounpocox-d4nx6tt.png 2012-03-31 12:39 - 2012-03-31 12:39 - 0063767 ____A C:\Users\Samsung\Desktop\1330028113_9177.jpg 2012-03-31 12:32 - 2012-03-31 12:32 - 0179456 ____A C:\Users\Samsung\Desktop\Liam-liam-payne-30152216-1280-1024.jpg 2012-03-31 12:30 - 2012-03-31 12:26 - 0553084 ____A C:\Users\Samsung\Desktop\ec0ff1c7002134c94eb6db1f.png 2012-03-31 07:07 - 2012-03-31 07:07 - 0024902 ____A C:\Users\Samsung\Desktop\bat 2.png 2012-03-31 07:07 - 2010-11-14 09:39 - 0507392 __ASH C:\Users\Samsung\Documents\Thumbs.db 2012-03-31 07:06 - 2012-03-31 07:06 - 0024902 ____A C:\Users\Samsung\Documents\embl.png 2012-03-31 07:00 - 2009-12-21 09:24 - 0000000 ____D C:\Users\Samsung\Documents\Youcam 2012-03-31 05:18 - 2012-03-31 05:17 - 0064254 ____A C:\Users\Samsung\Desktop\bat.png 2012-03-31 04:55 - 2012-03-31 04:42 - 0000000 ____D C:\Users\Samsung\Desktop\wiosna 2012-03-31 04:54 - 2011-11-12 11:02 - 0000000 ____D C:\Users\Samsung\Desktop\sesja z kika 2012-03-31 04:28 - 2012-03-31 04:28 - 0050410 ____A C:\Users\Samsung\Desktop\battttman.png 2012-03-31 04:18 - 2012-03-31 04:18 - 0005851 ____A C:\Users\Samsung\Desktop\default.jpeg 2012-03-28 05:27 - 2009-12-21 08:32 - 0006368 ____A C:\Users\Samsung\Desktop\grafiik.txt 2012-03-26 09:27 - 2012-03-26 09:27 - 0000000 ____A C:\Users\Samsung\Documents\IMG_2849(3).jpg 2012-03-26 09:26 - 2012-03-26 09:26 - 0000000 ____A C:\Users\Samsung\Documents\IMG_2849(2).jpg 2012-03-26 09:25 - 2012-03-26 09:25 - 0000000 ____A C:\Users\Samsung\Documents\IMG_2849(1).jpg 2012-03-26 09:24 - 2012-03-26 09:24 - 0000000 ____A C:\Users\Samsung\Documents\IMG_2849.jpg 2012-03-26 06:20 - 2010-10-05 11:57 - 0055296 ___AH C:\Users\Samsung\Desktop\photothumb.db 2012-03-25 02:21 - 2010-09-20 07:55 - 0115712 ___AH C:\Users\Samsung\Documents\photothumb.db 2012-03-23 10:11 - 2011-03-21 10:34 - 0000000 ____D C:\Users\Samsung\Desktop\.picasaoriginals 2012-03-22 13:07 - 2012-03-22 12:57 - 1909737 ____A C:\Users\Samsung\Documents\DSCN7099.JPG 2012-03-22 13:07 - 2012-03-22 12:56 - 1959096 ____A C:\Users\Samsung\Documents\DSCN7095.JPG 2012-03-22 13:07 - 2012-03-22 12:56 - 1945649 ____A C:\Users\Samsung\Documents\DSCN7089.JPG 2012-03-22 13:07 - 2012-03-22 12:56 - 1797108 ____A C:\Users\Samsung\Documents\DSCN7087.JPG 2012-03-22 13:06 - 2012-03-22 12:56 - 1634287 ____A C:\Users\Samsung\Documents\DSCN7084.JPG 2012-03-22 13:06 - 2012-03-22 12:55 - 1780472 ____A C:\Users\Samsung\Documents\DSCN7076.JPG 2012-03-22 13:05 - 2012-03-22 12:55 - 1814447 ____A C:\Users\Samsung\Documents\DSCN7075.JPG 2012-03-22 12:57 - 2012-03-22 12:57 - 0000000 ____A C:\Users\Samsung\Documents\DSCN7100.JPG 2012-03-22 12:57 - 2012-03-22 12:57 - 0000000 ____A C:\Users\Samsung\Documents\DSCN7098.JPG 2012-03-22 11:12 - 2012-03-22 11:12 - 4435968 ____A (Google Inc.) C:\Windows\System32\GPhotos.scr 2012-03-20 00:46 - 2010-04-26 03:26 - 0000000 ____D C:\Users\Wszyscy inni\AppData\Roaming\ipla 2012-03-15 00:50 - 2009-07-13 20:33 - 0468176 ____A C:\Windows\System32\FNTCACHE.DAT 2012-03-15 00:37 - 2009-12-21 02:24 - 0000000 ____D C:\Users\All Users\Microsoft Help 2012-03-15 00:37 - 2009-12-21 02:24 - 0000000 ____D C:\ProgramData\Microsoft Help 2012-03-15 00:35 - 2009-09-24 01:31 - 0000368 ____A C:\Windows\Tasks\McDefragTask.job 2012-03-13 10:43 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\Microsoft.NET 2012-03-07 07:28 - 2012-03-07 07:27 - 1083355 ____A C:\Users\Samsung\Documents\2012-03-06 22.05.37.jpg 2012-03-05 06:32 - 2012-03-05 06:32 - 0022784 ____A C:\Users\Samsung\Documents\Zdjecie2044.jpg 2012-03-05 06:32 - 2012-03-05 06:32 - 0019142 ____A C:\Users\Samsung\Documents\Zdjecie2046.jpg 2012-03-05 06:32 - 2012-03-05 06:32 - 0000000 ____A C:\Users\Samsung\Documents\Zdjecie2048.jpg 2012-03-05 06:31 - 2012-03-05 06:31 - 0024807 ____A C:\Users\Samsung\Documents\Zdjecie2040.jpg 2012-03-05 06:31 - 2012-03-05 06:31 - 0020928 ____A C:\Users\Samsung\Documents\Zdjecie2045.jpg 2012-03-05 06:31 - 2012-03-05 06:31 - 0020180 ____A C:\Users\Samsung\Documents\Zdjecie2042.jpg 2012-03-05 06:31 - 2012-03-05 06:31 - 0016271 ____A C:\Users\Samsung\Documents\Zdjecie2043.jpg 2012-03-05 06:31 - 2012-03-05 06:31 - 0000000 ____A C:\Users\Samsung\Documents\Zdjecie2039.jpg 2012-03-03 09:45 - 2010-03-19 10:43 - 0000000 ____D C:\Users\Wszyscy inni\Documents\Youcam 2012-02-28 02:17 - 2010-02-11 10:21 - 0000174 ___SH C:\Users\Wszyscy inni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini 2012-02-25 06:44 - 2012-02-25 06:44 - 0027186 ____A C:\Users\Samsung\Documents\SErc.png 2012-02-24 11:23 - 2011-05-06 15:02 - 0000000 ____D C:\Users\matka\AppData\Roaming\Nowe Gadu-Gadu 2012-02-24 10:34 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\System32\DriverStore 2012-02-24 01:12 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\System32\pl-PL 2012-02-24 00:57 - 2012-02-24 00:53 - 0004638 ____A C:\Windows\IE9_main.log 2012-02-24 00:55 - 2012-02-24 00:55 - 9705472 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2012-02-24 00:55 - 2012-02-24 00:55 - 3695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat 2012-02-24 00:55 - 2012-02-24 00:55 - 2382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2012-02-24 00:55 - 2012-02-24 00:55 - 1798656 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2012-02-24 00:55 - 2012-02-24 00:55 - 1792000 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2012-02-24 00:55 - 2012-02-24 00:55 - 1427456 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2012-02-24 00:55 - 2012-02-24 00:55 - 12282368 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2012-02-24 00:55 - 2012-02-24 00:55 - 1127424 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2012-02-24 00:55 - 2012-02-24 00:55 - 1103360 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2012-02-24 00:55 - 2012-02-24 00:55 - 0716800 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2012-02-24 00:55 - 2012-02-24 00:55 - 0580608 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2012-02-24 00:55 - 2012-02-24 00:55 - 0434176 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll 2012-02-24 00:55 - 2012-02-24 00:55 - 0420864 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2012-02-24 00:55 - 2012-02-24 00:55 - 0367104 ____A (Microsoft Corporation) C:\Windows\System32\html.iec 2012-02-24 00:55 - 2012-02-24 00:55 - 0353792 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll 2012-02-24 00:55 - 2012-02-24 00:55 - 0353584 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll 2012-02-24 00:55 - 2012-02-24 00:55 - 0231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2012-02-24 00:55 - 2012-02-24 00:55 - 0227840 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll 2012-02-24 00:55 - 2012-02-24 00:55 - 0223232 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll 2012-02-24 00:55 - 2012-02-24 00:55 - 0203776 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll 2012-02-24 00:55 - 2012-02-24 00:55 - 0176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2012-02-24 00:55 - 2012-02-24 00:55 - 0163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll 2012-02-24 00:55 - 2012-02-24 00:55 - 0162304 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll 2012-02-24 00:55 - 2012-02-24 00:55 - 0161792 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll 2012-02-24 00:55 - 2012-02-24 00:55 - 0152064 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe 2012-02-24 00:55 - 2012-02-24 00:55 - 0150528 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe 2012-02-24 00:55 - 2012-02-24 00:55 - 0142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2012-02-24 00:55 - 2012-02-24 00:55 - 0130560 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll 2012-02-24 00:55 - 2012-02-24 00:55 - 0123392 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll 2012-02-24 00:55 - 2012-02-24 00:55 - 0118784 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll 2012-02-24 00:55 - 2012-02-24 00:55 - 0110592 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll 2012-02-24 00:55 - 2012-02-24 00:55 - 0101888 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll 2012-02-24 00:55 - 2012-02-24 00:55 - 0086528 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll 2012-02-24 00:55 - 2012-02-24 00:55 - 0078848 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll 2012-02-24 00:55 - 2012-02-24 00:55 - 0076800 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe 2012-02-24 00:55 - 2012-02-24 00:55 - 0074752 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe 2012-02-24 00:55 - 2012-02-24 00:55 - 0074752 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll 2012-02-24 00:55 - 2012-02-24 00:55 - 0074240 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe 2012-02-24 00:55 - 2012-02-24 00:55 - 0072822 ____A C:\Windows\System32\ieuinit.inf 2012-02-24 00:55 - 2012-02-24 00:55 - 0072704 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2012-02-24 00:55 - 2012-02-24 00:55 - 0066048 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll 2012-02-24 00:55 - 2012-02-24 00:55 - 0065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2012-02-24 00:55 - 2012-02-24 00:55 - 0063488 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx 2012-02-24 00:55 - 2012-02-24 00:55 - 0054272 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll 2012-02-24 00:55 - 2012-02-24 00:55 - 0048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll 2012-02-24 00:55 - 2012-02-24 00:55 - 0041472 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll 2012-02-24 00:55 - 2012-02-24 00:55 - 0035840 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll 2012-02-24 00:55 - 2012-02-24 00:55 - 0031744 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll 2012-02-24 00:55 - 2012-02-24 00:55 - 0023552 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll 2012-02-24 00:55 - 2012-02-24 00:55 - 0011776 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe 2012-02-24 00:55 - 2012-02-24 00:55 - 0010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe 2012-02-23 07:15 - 2009-09-24 17:48 - 0681974 ____A C:\Windows\PFRO.log 2012-02-23 06:51 - 2009-07-13 18:37 - 0000000 ____D C:\Program Files\Common Files\microsoft shared 2012-02-23 06:42 - 2009-07-13 18:04 - 0000510 ____A C:\Windows\win.ini 2012-02-22 23:18 - 2012-04-01 00:50 - 0237072 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe 2012-02-22 12:29 - 2012-02-22 12:29 - 0027600 ____A C:\Users\Samsung\Documents\noos.jpg 2012-02-19 07:52 - 2011-04-27 03:36 - 0000174 ___SH C:\Users\matka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini 2012-02-19 06:21 - 2012-02-19 06:20 - 0064717 ____A C:\Users\Samsung\Documents\3124.jpg 2012-02-19 03:01 - 2009-12-21 02:37 - 0000174 ___SH C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini 2012-02-19 02:59 - 2009-12-21 02:35 - 0000000 ____D C:\Program Files\Microsoft Silverlight 2012-02-18 07:17 - 2011-07-28 15:06 - 0000497 ____A C:\Users\Samsung\Desktop\Originals.lnk 2012-02-16 07:36 - 2009-07-13 20:53 - 0032608 ____A C:\Windows\Tasks\SCHEDLGU.TXT 2012-02-14 21:44 - 2012-03-14 04:37 - 0826368 ____A (Microsoft Corporation) C:\Windows\System32\rdpcore.dll 2012-02-14 20:22 - 2012-03-14 04:37 - 0177152 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys 2012-02-14 20:22 - 2012-03-14 04:37 - 0024064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tdtcp.sys 2012-02-09 21:41 - 2012-03-14 04:43 - 1170944 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll 2012-02-09 21:41 - 2012-03-14 04:43 - 1074176 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll 2012-02-09 21:41 - 2012-03-14 04:43 - 0739840 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll 2012-02-09 21:41 - 2012-03-14 04:43 - 0218624 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll 2012-02-09 21:41 - 2012-03-14 04:43 - 0161792 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll 2012-02-08 05:26 - 2011-04-27 03:38 - 0000000 ____D C:\Users\matka\AppData\Local\Google 2012-02-08 05:26 - 2011-04-27 03:36 - 0000000 ____D C:\Users\matka\AppData\LocalLow 2012-02-04 09:37 - 2009-12-29 05:44 - 0000000 ____D C:\Users\All Users\OpenFM 2012-02-04 09:37 - 2009-12-29 05:44 - 0000000 ____D C:\ProgramData\OpenFM 2012-02-04 09:35 - 2012-02-04 09:35 - 0000000 ____D C:\Users\matka\.gstreamer-0.10 2012-02-04 09:35 - 2011-04-27 03:36 - 0000000 ____D C:\users\matka 2012-02-04 09:34 - 2012-02-04 09:34 - 0000000 ____D C:\Users\matka\AppData\Roaming\OpenFM 2012-02-03 12:04 - 2012-02-03 12:02 - 2848335 ____A C:\Users\Samsung\Documents\P1050354.JPG 2012-02-03 12:04 - 2011-09-10 12:41 - 0000692 ___AH C:\Users\Samsung\Documents\.picasa.ini 2012-02-03 11:48 - 2012-02-03 11:46 - 3600391 ____A C:\Users\Samsung\Documents\P1050154.JPG 2012-02-03 11:41 - 2012-02-03 11:39 - 3650636 ____A C:\Users\Samsung\Documents\P1050257.JPG 2012-02-03 11:02 - 2012-02-03 11:02 - 0053070 ____A C:\Users\Samsung\Documents\hahahnajlepsi.jpg 2012-02-03 10:55 - 2012-02-03 10:55 - 0025536 ____A C:\Users\Samsung\Documents\aaa.jpg 2012-02-03 03:55 - 2012-02-03 03:53 - 3013337 ____A C:\Users\Samsung\Documents\P1050554.JPG 2012-02-03 03:53 - 2012-02-03 03:51 - 3708442 ____A C:\Users\Samsung\Documents\P1050627.JPG 2012-02-03 03:46 - 2012-02-03 03:45 - 1720585 ____A C:\Users\Samsung\Documents\P1050631.JPG 2012-02-02 20:01 - 2012-03-14 04:43 - 2341376 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys 2012-02-02 10:42 - 2012-02-02 10:40 - 1239489 ____A C:\Users\Samsung\Documents\DSCN6503.JPG 2012-02-02 09:48 - 2011-02-04 14:06 - 0000000 ____D C:\Program Files\Mozilla Firefox 2012-02-01 05:26 - 2012-02-01 05:26 - 0001351 ____A C:\Users\Samsung\Desktop\Sticky Notes.lnk 2012-01-31 16:00 - 2009-09-24 01:31 - 0000348 ____A C:\Windows\Tasks\McQcTask.job 2012-01-31 11:11 - 2009-12-22 05:34 - 0000000 ____D C:\Users\Samsung\AppData\Roaming\Nowe Gadu-Gadu 2012-01-29 02:26 - 2010-04-24 12:55 - 0000000 ____D C:\Users\All Users\ipla 2012-01-29 02:26 - 2010-04-24 12:55 - 0000000 ____D C:\ProgramData\ipla 2012-01-27 13:40 - 2012-01-27 13:39 - 0021913 ____A C:\Users\Samsung\Documents\babajaga.jpg 2012-01-26 08:07 - 2012-01-26 08:07 - 0000091 ____A C:\Users\matka\Desktop\e04b75c626.jpeg.url 2012-01-24 21:44 - 2012-03-14 04:38 - 0129536 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll 2012-01-24 21:44 - 2012-03-14 04:38 - 0057856 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll 2012-01-24 21:40 - 2012-03-14 04:38 - 0008192 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe 2012-01-23 01:32 - 2010-06-01 01:36 - 0000000 ____D C:\Users\Wszyscy inni\Desktop\100OLYMP 2012-01-15 12:09 - 2012-01-15 12:08 - 0089312 ____A C:\Users\Samsung\Documents\oo.jpg 2012-01-15 11:39 - 2012-01-15 11:39 - 0012491 ____A C:\Users\Samsung\Documents\no.jpg 2012-01-14 11:55 - 2012-01-14 11:54 - 0113994 ____A C:\Users\Samsung\Documents\haha.jpg 2012-01-14 11:25 - 2012-01-14 11:24 - 1799750 ____A C:\Users\Samsung\Documents\P1040328.JPG 2012-01-14 09:38 - 2012-01-14 09:36 - 2123150 ____A C:\Users\Samsung\Documents\DSCN4596.JPG 2012-01-14 09:08 - 2012-01-14 09:07 - 0470450 ____A C:\Users\Samsung\Documents\zuzia.jpg 2012-01-14 08:19 - 2012-01-14 08:19 - 0000000 ____A C:\Users\Samsung\Documents\IMG_6389(2).JPG 2012-01-14 08:18 - 2012-01-14 08:18 - 0000000 ____A C:\Users\Samsung\Documents\IMG_6389(1).JPG 2012-01-14 08:17 - 2012-01-14 08:17 - 0000000 ____A C:\Users\Samsung\Documents\IMG_6389.JPG 2012-01-11 12:31 - 2012-01-11 12:30 - 0153652 ____A C:\Users\Samsung\Documents\hahaha.JPG 2012-01-07 14:04 - 2012-01-07 14:04 - 0907018 ____A C:\Users\Samsung\Documents\P1040214.JPG 2012-01-07 05:06 - 2012-01-07 05:06 - 0029685 ____A C:\Users\Samsung\Documents\ahaha.gif 2012-01-05 14:42 - 2012-01-05 14:42 - 0414368 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl 2012-01-05 14:37 - 2012-01-05 14:35 - 0000000 ____D C:\Program Files\McAfee Security Scan 2012-01-05 14:35 - 2012-01-05 14:35 - 0000000 ____D C:\Users\All Users\McAfee Security Scan 2012-01-05 14:35 - 2012-01-05 14:35 - 0000000 ____D C:\ProgramData\McAfee Security Scan 2012-01-04 01:03 - 2012-02-16 07:44 - 12868096 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll 2012-01-04 01:03 - 2012-02-16 07:44 - 0442880 ____A (Microsoft Corporation) C:\Windows\System32\ntshrui.dll ========================= Known DLLs (Whitelisted) ============ ========================= Bamital & volsnap Check ============ C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\User32.dll [2009-07-13 15:24] - [2009-07-13 17:16] - 0811520 ____A (Microsoft Corporation) 34B7E222E81FAFA885F0C5F2CFA56861 C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ========================= Memory info ====================== Percentage of memory in use: 15% Total physical RAM: 3032.61 MB Available physical RAM: 2573.16 MB Total Pagefile: 3028.83 MB Available Pagefile: 2578.61 MB Total Virtual: 2047.88 MB Available Virtual: 1970.31 MB ======================= Partitions ========================= 1 Drive c: () (Fixed) (Total:50.09 GB) (Free:1.58 GB) NTFS 2 Drive e: () (Fixed) (Total:167.7 GB) (Free:165.01 GB) NTFS 3 Drive f: (RECOVERY) (Fixed) (Total:15 GB) (Free:5.07 GB) NTFS ==>[System with boot components (obtained from reading drive)] 5 Drive h: (KWAS) (Removable) (Total:14.91 GB) (Free:5.54 GB) FAT32 6 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS 7 Drive y: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)] Disk ### Status Size Free Dyn Gpt -------- ------------- ------- ------- --- --- Disk 0 Online 232 GB 0 B Disk 1 Online 14 GB 0 B Partitions of Disk 0: =============== Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Recovery 15 GB 1024 KB Partition 2 Primary 100 MB 15 GB Partition 3 Primary 50 GB 15 GB Partition 4 Primary 167 GB 65 GB ====================================================================================================== Disk: 0 Partition 1 Type : 27 Hidden: Yes Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 4 F RECOVERY NTFS Partition 15 GB Healthy Hidden ====================================================================================================== Disk: 0 Partition 2 Type : 07 Hidden: No Active: Yes Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 1 Y SYSTEM NTFS Partition 100 MB Healthy ====================================================================================================== Disk: 0 Partition 3 Type : 07 Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 2 C NTFS Partition 50 GB Healthy ====================================================================================================== Disk: 0 Partition 4 Type : 07 Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 3 E NTFS Partition 167 GB Healthy ====================================================================================================== Partitions of Disk 1: =============== Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 14 GB 31 KB ====================================================================================================== Disk: 1 Partition 1 Type : 0B Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 5 H KWAS FAT32 Removable 14 GB Healthy ====================================================================================================== ========================================================== Last Boot: 2012-03-20 05:11 ======================= End Of Log ==========================