Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-02-2013 03 Ran by SYSTEM at 02-02-2013 14:21:43 Running from K:\ Windows 7 Professional Service Pack 1 (X64) OS Language: Polish The current controlset is ControlSet001 ==================== Registry (Whitelisted) =================== HKLM\...\Run: [DBRMTray] C:\Dell\DBRM\Reminder\DbrmTrayIcon.exe [227328 2011-03-08] (Dell Computer Corporation) HKLM\...\Run: [MSC] "C:\Program Files\Microsoft Security Client\mssecex.exe" -hide -runkey [x] HKLM-x32\...\Run: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" [87336 2010-10-01] (CyberLink Corp.) HKLM-x32\...\Run: [PDVD9LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe" [50472 2010-09-17] (CyberLink Corp.) HKLM-x32\...\Run: [] [x] HKLM-x32\...\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [240112 2010-11-25] (Sonic Solutions) HKLM-x32\...\Run: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [514544 2010-11-17] () HKLM-x32\...\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe" [74752 2011-12-09] (Nullsoft, Inc.) HKLM-x32\...\Run: [ExpressFiles] "C:\Program Files (x86)\ExpressFiles\ExpressFiles.exe" -tray [326776 2012-01-17] (http://www.express-files.com/) HKLM-x32\...\Run: [Browsers Protector] C:\Program Files (x86)\Browsers Protector\regmon32.exe [147784 2012-02-15] () HKLM-x32\...\Run: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe" [524288 2010-11-18] (Spigot, Inc.) HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [937920 2011-06-06] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe [115032 2012-05-29] (SweetIM Technologies Ltd.) HKLM-x32\...\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe [231768 2012-08-15] (SweetIM Technologies Ltd.) HKU\admin_gmina_zaluski\...\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden [455968 2007-08-23] (Hewlett-Packard Company) HKU\admin_gmina_zaluski\...\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_Plugin.exe -update plugin [247968 2012-01-11] (Adobe Systems, Inc.) HKU\ANNA\...\Run: [IPLA!] C:\Program Files (x86)\ipla\ipla.exe /autorun [20853232 2012-10-19] (Redefine Sp z o.o.) HKU\ANNA\...\Run: [PCSpeedUp] C:\Program Files (x86)\Przyspiesz Komputer\PCSpeedUp.lnk [2235 2012-01-13] () HKU\ANNA\...\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED [735608 2013-01-21] (BitTorrent, Inc.) HKU\ANNA\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe" [152872 2007-06-27] (Nero AG) HKU\ANNA\...\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden [455968 2007-08-23] (Hewlett-Packard Company) HKU\ANNA\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [369200 2009-10-30] (DT Soft Ltd) HKU\ANNA\...\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [17355912 2012-05-03] (Skype Technologies S.A.) HKU\ANNA\...\Run: [Greenshot] C:\Program Files (x86)\Greenshot\Greenshot.exe [548864 2010-07-12] () HKU\ANNA\...\Run: [Optimizer Pro] C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe [79664 2012-06-10] (PC Utilities Pro) HKU\Goœæ\...\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED [735608 2013-01-21] (BitTorrent, Inc.) HKU\Goœæ\...\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden [455968 2007-08-23] (Hewlett-Packard Company) HKU\Goœæ\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe" [152872 2007-06-27] (Nero AG) HKU\Goœæ\...\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent [1597864 2013-01-30] (Valve Corporation) HKU\Goœæ\...\Run: [BitTorrent] "C:\Users\Goœæ\Downloads\BitTorrent-7.0.exe" /MINIMIZED [x] HKU\Goœæ\...\Run: [Optimizer Pro] C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe [79664 2012-06-10] (PC Utilities Pro) HKU\Goœæ\...\Winlogon: [Shell] explorer.exe,C:\Users\Goœæ\AppData\Roaming\skype.dat [110592 2011-11-17] () HKLM\...\RunOnce: [DBRMTray] C:\Dell\DBRM\Reminder\TrayApp.exe [7168 2010-02-05] (Microsoft) Tcpip\Parameters: [DhcpNameServer] 10.10.15.1 ==================== Services (Whitelisted) =================== 2 DokanMounter; C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe [14848 2011-01-10] () 2 MsMpSvc; "C:\Program Files\Microsoft Security Client\MsMpEng.exe" [12600 2012-03-26] (Microsoft Corporation) 3 NisSrv; "C:\Program Files\Microsoft Security Client\NisSrv.exe" [291696 2012-03-26] (Microsoft Corporation) 3 NMIndexingService; "C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe" [279848 2007-06-27] (Nero AG) 2 PCSUService; C:\Program Files (x86)\Przyspiesz Komputer\PCSUService.exe [235232 2011-11-07] () 2 SpyHunter 4 Service; C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [1024384 2013-01-14] (Enigma Software Group USA, LLC.) ==================== Drivers (Whitelisted) ===================== 2 Dokan; C:\Windows\System32\Drivers\Dokan.sys [120408 2011-01-10] (Windows (R) Win 7 DDK provider) 3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [13088 2011-03-02] () 3 EsgScanner; C:\Windows\System32\Drivers\EsgScanner.sys [22704 2012-06-22] () 0 MpFilter; C:\Windows\System32\Drivers\MpFilter.sys [203888 2012-03-20] (Microsoft Corporation) 3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [98688 2012-03-20] (Microsoft Corporation) 3 s1039bus; C:\Windows\System32\Drivers\s1039bus.sys [127600 2010-03-15] (MCCI Corporation) 0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2012-05-10] (Duplex Secure Ltd.) 3 tizeqdrv; \??\C:\Users\ANNA\AppData\Roaming\TZAC2\tizeq64.sys [553656 2012-05-10] () 3 catchme; \??\C:\ComboFix\catchme.sys [x] ==================== NetSvcs (Whitelisted) ==================== ==================== One Month Created Files and Folders ======== 2013-02-02 13:46 - 2013-02-02 13:48 - 01464583 ____A (Farbar) C:\Users\ANNA\Downloads\FRST64.exe 2013-02-02 12:52 - 2013-02-01 20:49 - 00581224 ____A C:\OTL(19450).exe 2013-02-02 12:24 - 2013-02-02 12:24 - 00262144 ____A C:\Windows\Minidump\020213-27066-01.dmp 2013-02-02 12:24 - 2013-02-02 12:24 - 00000000 ____D C:\Windows\Minidump 2013-02-02 11:11 - 2013-02-02 11:11 - 00077134 ____A C:\Users\ANNA\Desktop\Extras.Txt 2013-02-02 10:59 - 2013-02-02 10:59 - 00098848 ____A C:\Users\ANNA\Desktop\OTL.Txt 2013-02-02 10:58 - 2013-02-02 10:58 - 00098848 ____A C:\Users\ANNA\Downloads\OTL.Txt 2013-02-02 10:58 - 2013-02-02 10:58 - 00077134 ____A C:\Users\ANNA\Downloads\Extras.Txt 2013-02-01 23:41 - 2013-02-01 23:41 - 00022452 ____A C:\Users\ANNA\Desktop\combofix.txt 2013-02-01 23:29 - 2013-02-01 23:29 - 00022452 ____A C:\ComboFix.txt 2013-02-01 23:24 - 2011-06-26 07:45 - 00256000 ____A C:\Windows\PEV.exe 2013-02-01 23:24 - 2010-11-07 18:20 - 00208896 ____A C:\Windows\MBR.exe 2013-02-01 23:24 - 2009-04-20 05:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe 2013-02-01 23:24 - 2000-08-31 01:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe 2013-02-01 23:24 - 2000-08-31 01:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe 2013-02-01 23:24 - 2000-08-31 01:00 - 00098816 ____A C:\Windows\sed.exe 2013-02-01 23:24 - 2000-08-31 01:00 - 00080412 ____A C:\Windows\grep.exe 2013-02-01 23:24 - 2000-08-31 01:00 - 00068096 ____A C:\Windows\zip.exe 2013-02-01 23:23 - 2013-02-01 23:29 - 00000000 ___AD C:\Qoobox 2013-02-01 23:23 - 2013-02-01 23:28 - 00000000 ____D C:\Windows\erdnt 2013-02-01 23:15 - 2013-02-01 23:23 - 05030042 ____R (Swearware) C:\Users\ANNA\Downloads\ComboFix.exe 2013-02-01 22:49 - 2013-02-01 22:49 - 00001155 ____A C:\Users\ANNA\Desktop\WorldOfTanks — skrót.lnk 2013-02-01 20:48 - 2013-02-01 20:49 - 00581224 ____A C:\Users\ANNA\Downloads\OTL(19450).exe 2013-02-01 20:18 - 2013-02-01 20:18 - 00002258 ____A C:\Users\ANNA\Desktop\SpyHunter.lnk 2013-02-01 20:18 - 2013-02-01 20:18 - 00000000 ____D C:\sh4ldr 2013-02-01 20:18 - 2013-02-01 20:18 - 00000000 ____D C:\Program Files\Enigma Software Group 2013-02-01 20:18 - 2013-02-01 20:18 - 00000000 ____A C:\autoexec.bat 2013-02-01 20:18 - 2012-06-22 11:01 - 00022704 ____A C:\Windows\System32\Drivers\EsgScanner.sys 2013-02-01 20:17 - 2013-02-01 20:18 - 00000000 ____D C:\Windows\CD6329998BB745B5918E011545F6BB1D.TMP 2013-02-01 18:53 - 2013-02-01 18:54 - 00726464 ____A (Enigma Software Group USA, LLC.) C:\Users\ANNA\Downloads\SpyHunter-Installer.exe 2013-02-01 18:34 - 2013-02-02 13:39 - 00000004 ____A C:\Users\Goœæ\AppData\Roaming\skype.ini 2013-01-30 17:28 - 2013-01-30 17:34 - 00001109 ____A C:\Users\Public\Desktop\Unreal Antologia.lnk 2013-01-30 17:23 - 2013-01-30 17:34 - 00000000 ____D C:\Program Files (x86)\Unreal Antologia 2013-01-30 17:23 - 2013-01-30 17:23 - 00003943 ____A C:\Windows\SysWOW64\ST5UNST.LOG 2013-01-30 17:23 - 1998-01-24 03:39 - 00196880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\richtx32.ocx 2013-01-30 17:23 - 1997-07-19 17:01 - 00192784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\TABCTL32.OCX 2013-01-30 17:23 - 1997-01-16 10:11 - 00075536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\picclp32.ocx 2013-01-30 17:23 - 1995-07-26 01:00 - 00200704 ____A (Sheridan Software Systems, Inc.) C:\Windows\SysWOW64\threed32.ocx 2013-01-30 17:23 - 1995-07-26 01:00 - 00089600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\grid32.ocx 2013-01-30 17:23 - 1995-07-26 01:00 - 00078848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msoutl32.ocx 2013-01-30 15:37 - 2013-01-30 15:37 - 00000000 ____D C:\Users\Goœæ\Downloads\Parov Stelar - The Princess - 2012 2013-01-30 11:25 - 2013-01-30 11:25 - 00305610 ____A C:\Users\Goœæ\Downloads\rld-bspc.7z 2013-01-30 11:21 - 2013-01-30 11:21 - 00000000 ____D C:\Users\Goœæ\Tracing 2013-01-29 22:53 - 2013-01-30 01:07 - 00000000 ____D C:\Users\Goœæ\Downloads\[MT] Ted.2012.WEBRiP NAPISY PL [AgusiQ] 2013-01-29 22:50 - 2013-01-29 22:50 - 00000000 ____D C:\Users\Goœæ\Downloads\Ted 2013-01-29 21:45 - 2013-01-29 21:45 - 00000000 ____D C:\Users\ANNA\AppData\Roaming\SoftGrid Client 2013-01-29 21:30 - 2013-01-30 11:09 - 00000000 ____D C:\Users\Goœæ\Desktop\Battlestations Pacific 2013-01-29 14:34 - 2013-01-29 14:35 - 00000000 ____D C:\Users\Goœæ\Downloads\Silent Hill Revelation 2012 TS XviD AC3-ADTRG 2013-01-29 10:22 - 2013-01-29 10:22 - 00000000 ____D C:\Users\Goœæ\AppData\Local\signal studios 2013-01-29 10:21 - 2013-01-29 10:21 - 00002179 ____A C:\Users\Public\Desktop\Toy Soldiers.lnk 2013-01-29 10:20 - 2013-01-29 10:20 - 00000000 ____D C:\Program Files (x86)\Microsoft Games Studios 2013-01-28 20:23 - 2013-01-28 20:23 - 00178800 ____A (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt_x64.dll 2013-01-24 12:19 - 2013-01-24 12:19 - 00000000 ____D C:\Users\Goœæ\Documents\SCi 2013-01-21 17:50 - 2013-01-21 17:50 - 00001330 ____A C:\Windows\DIFx.log 2013-01-21 17:29 - 2013-01-29 21:48 - 00000000 ____D C:\Users\All Users\THQ 2013-01-21 17:05 - 2013-01-29 21:48 - 00000000 ____D C:\Program Files (x86)\THQ 2013-01-21 12:26 - 2013-02-02 14:18 - 00000000 ____D C:\Users\ANNA\AppData\Roaming\uTorrent 2013-01-21 12:26 - 2013-01-21 12:26 - 00000949 ____A C:\Users\Public\Desktop\µTorrent.lnk 2013-01-21 12:26 - 2013-01-21 12:26 - 00000000 ____D C:\Program Files (x86)\uTorrent 2013-01-18 22:19 - 2013-01-18 22:19 - 00001778 ____A C:\Users\Public\Desktop\Colin McRae Rally 3.lnk 2013-01-18 22:18 - 2013-01-18 22:57 - 00000000 ____D C:\Program Files (x86)\Colin McRae Rally 3 2013-01-16 21:02 - 2013-01-16 21:28 - 00000000 ____D C:\Users\Goœæ\Desktop\html Krzysztof Wilczewski czo³gi 2013-01-14 21:36 - 2013-01-14 21:36 - 00002028 ____A C:\Users\Public\Desktop\AK vs DR.lnk 2013-01-14 21:34 - 2013-01-14 21:34 - 00000000 ____D C:\Program Files (x86)\Monte Cristo 2013-01-14 16:00 - 2013-01-19 17:49 - 00000000 ____D C:\Users\Goœæ\Desktop\Nowy folder 2013-01-11 23:19 - 2013-01-14 21:33 - 684304384 ____A C:\Users\Goœæ\Downloads\AK vs DR.iso 2013-01-11 18:58 - 2013-01-11 19:19 - 00000000 ____D C:\Users\Goœæ\Downloads\Prometheus 2012 720p BRRip Srkfan (SilverTorrent) 2013-01-08 15:29 - 2013-01-09 15:46 - 00000000 ____D C:\Users\Goœæ\Downloads\The Cabin In The Woods 2011 DVDRiP XViD-EXViD 2013-01-08 14:52 - 2013-01-08 14:53 - 00809288 ____A (OOO Industry) C:\Users\Goœæ\Downloads\Chuck_S04E08_HDTV_XviD-LOL_[eztv]_secure.exe 2013-01-06 19:58 - 2013-01-06 19:58 - 00018132 ____A C:\Users\Goœæ\Downloads\Hobbit_The_(NAPISY-36835).NS.zip 2013-01-06 15:10 - 2013-01-06 15:11 - 00117220 ____A C:\Users\Goœæ\Downloads\10000000 in 1.zip 2013-01-06 15:10 - 2013-01-06 15:10 - 00500993 ____A C:\Users\Goœæ\Downloads\3 in 1.zip 2013-01-06 00:47 - 2013-01-09 21:59 - 00000000 ____D C:\Users\Goœæ\Downloads\Yeskov_O_W_P 2013-01-04 17:34 - 2013-01-14 20:42 - 00000000 ____D C:\Users\Goœæ\Desktop\pegasus ==================== One Month Modified Files and Folders ======= 2013-02-02 14:21 - 2013-02-02 14:21 - 00000000 ____D C:\FRST 2013-02-02 14:18 - 2013-01-21 12:26 - 00000000 ____D C:\Users\ANNA\AppData\Roaming\uTorrent 2013-02-02 14:18 - 2011-11-30 20:06 - 01244594 ____A C:\Windows\WindowsUpdate.log 2013-02-02 14:18 - 2009-07-14 05:45 - 00025040 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-02-02 14:18 - 2009-07-14 05:45 - 00025040 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-02-02 14:14 - 2012-08-31 12:13 - 00000000 ____D C:\Users\All Users\Razoss 2013-02-02 14:14 - 2012-01-12 18:32 - 00000000 ____D C:\Users\ANNA\AppData\Roaming\ipla 2013-02-02 14:14 - 2009-07-14 06:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT 2013-02-02 14:14 - 2009-07-14 05:51 - 00086771 ____A C:\Windows\setupact.log 2013-02-02 13:51 - 2012-01-12 21:32 - 00000000 ____D C:\Users\Goœæ\AppData\Roaming\uTorrent 2013-02-02 13:48 - 2013-02-02 13:46 - 01464583 ____A (Farbar) C:\Users\ANNA\Downloads\FRST64.exe 2013-02-02 13:47 - 2010-11-21 13:53 - 00740310 ____A C:\Windows\System32\perfh015.dat 2013-02-02 13:47 - 2010-11-21 13:53 - 00155640 ____A C:\Windows\System32\perfc015.dat 2013-02-02 13:47 - 2009-07-14 06:13 - 01670756 ____A C:\Windows\System32\PerfStringBackup.INI 2013-02-02 13:41 - 2012-04-08 15:34 - 00000000 ____D C:\Users\ANNA\AppData\Local\CrashDumps 2013-02-02 13:39 - 2013-02-01 18:34 - 00000004 ____A C:\Users\Goœæ\AppData\Roaming\skype.ini 2013-02-02 13:38 - 2012-03-04 16:07 - 00000000 ____D C:\Program Files (x86)\Steam 2013-02-02 13:05 - 2012-10-28 21:46 - 00000000 ____D C:\Users\ANNA\AppData\Local\DirectDownloader 2013-02-02 12:48 - 2012-01-11 11:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-02-02 12:24 - 2013-02-02 12:24 - 00262144 ____A C:\Windows\Minidump\020213-27066-01.dmp 2013-02-02 12:24 - 2013-02-02 12:24 - 00000000 ____D C:\Windows\Minidump 2013-02-02 12:23 - 2011-12-18 12:01 - 00000000 ____D C:\users\Goœæ 2013-02-02 12:23 - 2011-12-18 12:00 - 00000000 ____D C:\users\ANNA 2013-02-02 12:23 - 2011-12-18 11:58 - 00000000 ____D C:\users\admin_gmina_zaluski 2013-02-02 12:23 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration 2013-02-02 11:11 - 2013-02-02 11:11 - 00077134 ____A C:\Users\ANNA\Desktop\Extras.Txt 2013-02-02 10:59 - 2013-02-02 10:59 - 00098848 ____A C:\Users\ANNA\Desktop\OTL.Txt 2013-02-02 10:58 - 2013-02-02 10:58 - 00098848 ____A C:\Users\ANNA\Downloads\OTL.Txt 2013-02-02 10:58 - 2013-02-02 10:58 - 00077134 ____A C:\Users\ANNA\Downloads\Extras.Txt 2013-02-01 23:45 - 2012-06-19 18:46 - 00000000 ____D C:\Users\ANNA\AppData\Roaming\Skype 2013-02-01 23:42 - 2010-11-21 04:47 - 00642250 ____A C:\Windows\PFRO.log 2013-02-01 23:41 - 2013-02-01 23:41 - 00022452 ____A C:\Users\ANNA\Desktop\combofix.txt 2013-02-01 23:29 - 2013-02-01 23:29 - 00022452 ____A C:\ComboFix.txt 2013-02-01 23:29 - 2013-02-01 23:23 - 00000000 ___AD C:\Qoobox 2013-02-01 23:29 - 2009-07-14 04:20 - 00000000 __RHD C:\users\Default 2013-02-01 23:28 - 2013-02-01 23:23 - 00000000 ____D C:\Windows\erdnt 2013-02-01 23:28 - 2009-07-14 03:34 - 00000215 ____A C:\Windows\system.ini 2013-02-01 23:23 - 2013-02-01 23:15 - 05030042 ____R (Swearware) C:\Users\ANNA\Downloads\ComboFix.exe 2013-02-01 22:49 - 2013-02-01 22:49 - 00001155 ____A C:\Users\ANNA\Desktop\WorldOfTanks — skrót.lnk 2013-02-01 21:01 - 2012-01-17 23:09 - 00000000 ____D C:\Windows\System32\appmgmt 2013-02-01 20:49 - 2013-02-02 12:52 - 00581224 ____A C:\OTL(19450).exe 2013-02-01 20:49 - 2013-02-01 20:48 - 00581224 ____A C:\Users\ANNA\Downloads\OTL(19450).exe 2013-02-01 20:23 - 2011-12-18 12:00 - 00000000 ____D C:\Users\ANNA\AppData\Local\VirtualStore 2013-02-01 20:20 - 2012-12-19 18:07 - 00001721 ____A C:\Users\Goœæ\Desktop\Battlestationsmidway — skrót.lnk 2013-02-01 20:18 - 2013-02-01 20:18 - 00002258 ____A C:\Users\ANNA\Desktop\SpyHunter.lnk 2013-02-01 20:18 - 2013-02-01 20:18 - 00000000 ____D C:\sh4ldr 2013-02-01 20:18 - 2013-02-01 20:18 - 00000000 ____D C:\Program Files\Enigma Software Group 2013-02-01 20:18 - 2013-02-01 20:18 - 00000000 ____A C:\autoexec.bat 2013-02-01 20:18 - 2013-02-01 20:17 - 00000000 ____D C:\Windows\CD6329998BB745B5918E011545F6BB1D.TMP 2013-02-01 18:54 - 2013-02-01 18:53 - 00726464 ____A (Enigma Software Group USA, LLC.) C:\Users\ANNA\Downloads\SpyHunter-Installer.exe 2013-02-01 18:46 - 2012-01-12 18:32 - 00000000 ____D C:\Users\All Users\ipla 2013-01-31 11:58 - 2012-08-29 16:21 - 00000000 ____D C:\Users\Goœæ\Desktop\czo³gi 2013-01-30 17:34 - 2013-01-30 17:28 - 00001109 ____A C:\Users\Public\Desktop\Unreal Antologia.lnk 2013-01-30 17:34 - 2013-01-30 17:23 - 00000000 ____D C:\Program Files (x86)\Unreal Antologia 2013-01-30 17:23 - 2013-01-30 17:23 - 00003943 ____A C:\Windows\SysWOW64\ST5UNST.LOG 2013-01-30 15:37 - 2013-01-30 15:37 - 00000000 ____D C:\Users\Goœæ\Downloads\Parov Stelar - The Princess - 2012 2013-01-30 15:25 - 2012-01-12 22:00 - 00000000 ____D C:\Users\Goœæ\Desktop\justyna 2013-01-30 11:53 - 2010-11-21 04:27 - 00273840 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe 2013-01-30 11:25 - 2013-01-30 11:25 - 00305610 ____A C:\Users\Goœæ\Downloads\rld-bspc.7z 2013-01-30 11:21 - 2013-01-30 11:21 - 00000000 ____D C:\Users\Goœæ\Tracing 2013-01-30 11:09 - 2013-01-29 21:30 - 00000000 ____D C:\Users\Goœæ\Desktop\Battlestations Pacific 2013-01-30 01:07 - 2013-01-29 22:53 - 00000000 ____D C:\Users\Goœæ\Downloads\[MT] Ted.2012.WEBRiP NAPISY PL [AgusiQ] 2013-01-29 22:53 - 2012-12-22 21:47 - 00001643 ____A C:\Users\ANNA\Desktop\Battlestations Pacific by TPTB.lnk 2013-01-29 22:50 - 2013-01-29 22:50 - 00000000 ____D C:\Users\Goœæ\Downloads\Ted 2013-01-29 22:50 - 2012-07-24 09:52 - 00000000 ____D C:\Windows\SysWOW64\directx 2013-01-29 22:50 - 2011-11-30 20:32 - 00394842 ____A C:\Windows\DirectX.log 2013-01-29 22:10 - 2011-12-18 12:05 - 00085160 ____A C:\Users\ANNA\AppData\Local\GDIPFONTCACHEV1.DAT 2013-01-29 21:48 - 2013-01-21 17:29 - 00000000 ____D C:\Users\All Users\THQ 2013-01-29 21:48 - 2013-01-21 17:05 - 00000000 ____D C:\Program Files (x86)\THQ 2013-01-29 21:48 - 2012-08-17 21:50 - 00000000 ____D C:\Users\ANNA\Documents\My Games 2013-01-29 21:48 - 2011-11-30 20:31 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-01-29 21:47 - 2011-11-30 20:30 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2013-01-29 21:45 - 2013-01-29 21:45 - 00000000 ____D C:\Users\ANNA\AppData\Roaming\SoftGrid Client 2013-01-29 21:45 - 2012-11-20 21:27 - 00000000 ____D C:\Program Files (x86)\IVONA 2013-01-29 14:35 - 2013-01-29 14:34 - 00000000 ____D C:\Users\Goœæ\Downloads\Silent Hill Revelation 2012 TS XviD AC3-ADTRG 2013-01-29 10:22 - 2013-01-29 10:22 - 00000000 ____D C:\Users\Goœæ\AppData\Local\signal studios 2013-01-29 10:21 - 2013-01-29 10:21 - 00002179 ____A C:\Users\Public\Desktop\Toy Soldiers.lnk 2013-01-29 10:20 - 2013-01-29 10:20 - 00000000 ____D C:\Program Files (x86)\Microsoft Games Studios 2013-01-28 20:24 - 2012-03-06 12:08 - 00000000 ____D C:\Users\Goœæ\AppData\Local\CrashDumps 2013-01-28 20:23 - 2013-01-28 20:23 - 00178800 ____A (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt_x64.dll 2013-01-26 14:47 - 2012-02-01 17:32 - 00000119 ____A C:\Users\Goœæ\AppData\default.pls 2013-01-25 18:50 - 2011-12-18 17:03 - 00085160 ____A C:\Users\Goœæ\AppData\Local\GDIPFONTCACHEV1.DAT 2013-01-25 18:49 - 2009-07-14 05:45 - 00359008 ____A C:\Windows\System32\FNTCACHE.DAT 2013-01-24 12:19 - 2013-01-24 12:19 - 00000000 ____D C:\Users\Goœæ\Documents\SCi 2013-01-21 17:57 - 2012-08-17 13:36 - 00000000 ____D C:\Users\Goœæ\Documents\My Games 2013-01-21 17:50 - 2013-01-21 17:50 - 00001330 ____A C:\Windows\DIFx.log 2013-01-21 12:26 - 2013-01-21 12:26 - 00000949 ____A C:\Users\Public\Desktop\µTorrent.lnk 2013-01-21 12:26 - 2013-01-21 12:26 - 00000000 ____D C:\Program Files (x86)\uTorrent 2013-01-19 17:49 - 2013-01-14 16:00 - 00000000 ____D C:\Users\Goœæ\Desktop\Nowy folder 2013-01-18 22:57 - 2013-01-18 22:18 - 00000000 ____D C:\Program Files (x86)\Colin McRae Rally 3 2013-01-18 22:19 - 2013-01-18 22:19 - 00001778 ____A C:\Users\Public\Desktop\Colin McRae Rally 3.lnk 2013-01-16 21:28 - 2013-01-16 21:02 - 00000000 ____D C:\Users\Goœæ\Desktop\html Krzysztof Wilczewski czo³gi 2013-01-15 22:06 - 2009-07-14 06:08 - 00032604 ____A C:\Windows\Tasks\SCHEDLGU.TXT 2013-01-15 20:39 - 2011-11-30 20:39 - 00000000 ____D C:\Users\All Users\Sonic 2013-01-14 21:36 - 2013-01-14 21:36 - 00002028 ____A C:\Users\Public\Desktop\AK vs DR.lnk 2013-01-14 21:34 - 2013-01-14 21:34 - 00000000 ____D C:\Program Files (x86)\Monte Cristo 2013-01-14 21:33 - 2013-01-11 23:19 - 684304384 ____A C:\Users\Goœæ\Downloads\AK vs DR.iso 2013-01-14 21:24 - 2012-01-13 16:01 - 00000000 ____D C:\Users\Goœæ\Desktop\kyko 2013-01-14 20:42 - 2013-01-04 17:34 - 00000000 ____D C:\Users\Goœæ\Desktop\pegasus 2013-01-11 19:19 - 2013-01-11 18:58 - 00000000 ____D C:\Users\Goœæ\Downloads\Prometheus 2012 720p BRRip Srkfan (SilverTorrent) 2013-01-10 20:29 - 2012-07-01 06:38 - 00000000 ___RD C:\Users\Goœæ\Desktop\Dokumenty 2013-01-10 20:29 - 2012-01-11 23:26 - 00000000 ____D C:\Users\Goœæ\Desktop\miki 2013-01-10 06:35 - 2012-06-29 20:01 - 00000000 ____D C:\Users\Goœæ\AppData\Roaming\SoftGrid Client 2013-01-09 21:59 - 2013-01-06 00:47 - 00000000 ____D C:\Users\Goœæ\Downloads\Yeskov_O_W_P 2013-01-09 15:46 - 2013-01-08 15:29 - 00000000 ____D C:\Users\Goœæ\Downloads\The Cabin In The Woods 2011 DVDRiP XViD-EXViD 2013-01-08 14:53 - 2013-01-08 14:52 - 00809288 ____A (OOO Industry) C:\Users\Goœæ\Downloads\Chuck_S04E08_HDTV_XviD-LOL_[eztv]_secure.exe 2013-01-06 19:58 - 2013-01-06 19:58 - 00018132 ____A C:\Users\Goœæ\Downloads\Hobbit_The_(NAPISY-36835).NS.zip 2013-01-06 18:04 - 2012-11-07 21:05 - 00000000 ___RD C:\Users\Goœæ\Desktop\Programy 2013-01-06 15:11 - 2013-01-06 15:10 - 00117220 ____A C:\Users\Goœæ\Downloads\10000000 in 1.zip 2013-01-06 15:10 - 2013-01-06 15:10 - 00500993 ____A C:\Users\Goœæ\Downloads\3 in 1.zip 2013-01-05 13:44 - 2012-12-19 14:24 - 00000000 ____D C:\Users\Goœæ\AppData\Roaming\NtDLL Host ==================== Known DLLs (Whitelisted) ================= ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== EXE ASSOCIATION ===================== HKLM\...\.exe: exefile => OK HKLM\...\exefile\DefaultIcon: %1 => OK HKLM\...\exefile\open\command: "%1" %* => OK ==================== Restore Points ========================= Restore point made on: 2013-02-01 21:01:33 Restore point made on: 2013-02-02 00:05:45 Restore point made on: 2013-02-02 13:19:45 ==================== Memory info =========================== Percentage of memory in use: 15% Total physical RAM: 3992.94 MB Available physical RAM: 3371.75 MB Total Pagefile: 3991.14 MB Available Pagefile: 3356.91 MB Total Virtual: 8192 MB Available Virtual: 8191.89 MB ==================== Partitions ============================= 1 Drive c: (OS) (Fixed) (Total:226.48 GB) (Free:5.85 GB) NTFS 2 Drive d: () (Fixed) (Total:226.48 GB) (Free:210.17 GB) NTFS 8 Drive k: () (Removable) (Total:7.62 GB) (Free:6.86 GB) NTFS 9 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS 10 Drive y: (RECOVERY) (Fixed) (Total:12.76 GB) (Free:5.96 GB) NTFS ==>[System with boot components (obtained from reading drive)] Nr dysku Stan Rozmiar Wolne Dyn GPT -------- ------------- ------- ------- --- --- Dysk 0 Online 465 GB 1024 KB Dysk 1 Brak no˜nika 0 B 0 B Dysk 2 Brak no˜nika 0 B 0 B Dysk 3 Brak no˜nika 0 B 0 B Dysk 4 Brak no˜nika 0 B 0 B Dysk 5 Online 7800 MB 0 B Partitions of Disk 0: =============== Identyfikator dysku: FA1A4AEC Partycja ### Typ Rozmiar Przesuni©cie ------------- ---------------- ------- ------------ Partycja 1 OEM 39 MB 31 KB Partycja 2 Podstawowy 12 GB 40 MB Partycja 3 Podstawowy 226 GB 12 GB Partycja 0 Rozszerzony 226 GB 239 GB Partycja 4 Logiczny 226 GB 239 GB ================================================================================== Disk: 0 Partycja 1 Typ : DE Ukryta : Tak Aktywna : Nie Przesuni©cie w bajtach: 32256 Wolumin ### Lit Etykieta Fs Typ Rozmiar Stan Info ----------- --- ----------- ----- ---------- ------- --------- -------- * Wolumin 9 FAT Partycja 39 MB Zdrowy Ukryty ========================================================= Disk: 0 Partycja 2 Typ : 07 Ukryta : Nie Aktywna : Tak Przesuni©cie w bajtach: 41943040 Wolumin ### Lit Etykieta Fs Typ Rozmiar Stan Info ----------- --- ----------- ----- ---------- ------- --------- -------- * Wolumin 1 Y RECOVERY NTFS Partycja 12 GB Zdrowy ========================================================= Disk: 0 Partycja 3 Typ : 07 Ukryta : Nie Aktywna : Nie Przesuni©cie w bajtach: 13742637056 Wolumin ### Lit Etykieta Fs Typ Rozmiar Stan Info ----------- --- ----------- ----- ---------- ------- --------- -------- * Wolumin 2 C OS NTFS Partycja 226 GB Zdrowy ========================================================= Disk: 0 Partycja 4 Typ : 07 Ukryta : Nie Aktywna : Nie Przesuni©cie w bajtach: 256924188672 Wolumin ### Lit Etykieta Fs Typ Rozmiar Stan Info ----------- --- ----------- ----- ---------- ------- --------- -------- * Wolumin 3 D NTFS Partycja 226 GB Zdrowy ========================================================= Partitions of Disk 5: =============== Identyfikator dysku: 005F51EA Partycja ### Typ Rozmiar Przesuni©cie ------------- ---------------- ------- ------------ Partycja 1 Podstawowy 7799 MB 32 KB ================================================================================== Disk: 5 Partycja 1 Typ : 07 Ukryta : Nie Aktywna : Tak Przesuni©cie w bajtach: 32768 Wolumin ### Lit Etykieta Fs Typ Rozmiar Stan Info ----------- --- ----------- ----- ---------- ------- --------- -------- * Wolumin 8 K NTFS Wymienny 7799 MB Zdrowy ========================================================= Last Boot: 2013-01-24 14:03 ==================== End Of Log =============================