Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-07-2013 Ran by Dell (administrator) on 04-07-2013 18:09:10 Running from C:\Users\Dell\AppData\Local\Temp\is1971879534 Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polish Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe (Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe (ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidFind.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apntex.exe (Facebook) C:\Users\Dell\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Nokia) C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Nokia.) C:\Program Files (x86)\Nokia\PC Connectivity Solution\ServiceLayer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Doctor Web, Ltd.) C:\Users\Dell\AppData\Local\Temp\90B5A7F-70748CE-A7277319-9CCCA077\hqdwn1nh.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe () C:\Program Files (x86)\Nokia\PC Connectivity Solution\Transports\NclUSBSrv64.exe () C:\Program Files (x86)\Nokia\PC Connectivity Solution\Transports\NclRSSrv.exe () C:\Users\Dell\Downloads\setup.exe (Farbar) C:\Users\Dell\AppData\Local\Temp\IS1971~1\103316~1.EXE ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [10918504 2010-06-15] (Realtek Semiconductor) HKLM\...\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe [392048 2010-06-05] (Alps Electric Co., Ltd.) HKLM\...\Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe [3200672 2010-06-30] (Dell Inc.) HKLM\...\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice [2919168 2010-11-04] (ESET) HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation) HKCU\...\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [1475584 2010-11-20] (Microsoft Corporation) HKCU\...\Run: [Facebook Update] "C:\Users\Dell\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [138096 2012-07-26] (Facebook Inc.) HKCU\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [3674320 2013-01-08] (DT Soft Ltd) HKCU\...\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [18678376 2013-04-19] (Skype Technologies S.A.) HKCU\...\Run: [ALLUpdate] "C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe" "sleep" [2995712 2013-04-14] (ALLPlayer Group Ltd.) HKCU\...\Run: [GoogleChromeAutoLaunch_D622EF8A2681BC7366969A9522AD93CD] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window [846288 2013-06-26] (Google Inc.) MountPoints2: {0e1f4583-84b9-11e1-91d0-782bcbde330c} - F:\MicroLauncher.exe HKLM-x32\...\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-06-08] (Intel Corporation) HKLM-x32\...\Run: [] [x] HKLM-x32\...\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles [x] HKLM-x32\...\Run: [Nokia FastStart] "C:\Program Files (x86)\Nokia\Nokia Music\NokiaMusic.exe" /command:faststart [2376992 2009-02-26] (Nokia) HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [BEWINTERNET-PLSessionManager] "C:\Program Files (x86)\OrangeBS\BEWInternet-PL\SessionManager\SessionManager.exe" [x] HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.) Startup: C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk ShortcutTarget: Facebook Messenger.lnk -> C:\Users\Dell\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (Facebook) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl/0,0.html?p=143/ HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com SearchScopes: HKCU - {B224AA02-F7C8-3A2B-859F-560B80767E4A} URL = http://kl.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=876&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.5.0&install_country=PL&install_date=20130313&user_guid=548E09B3D5A144A496F99D1BFE148E41&machine_id=c222aefb817e25d4ec1f70ead67420a1&browser=IE&os=win&os_version=6.1-x64-SP1&iesrc={referrer:source} BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: ALLYouTubeDownloader - {61DB16C5-B733-43F4-872E-B20DC9E72740} - C:\PROGRA~2\ALLYOU~1\ALLYOU~1.DLL (ALLCinema Ltd.) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: SelectionLinks - {7825CFB6-490A-436B-9F26-4A7B5CFC01A9} - C:\Program Files (x86)\OApps\SelectionLinks.dll No File BHO-x32: Pomocnik logowania za pomocą identyfikatora Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation) BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: IplexToALLPlayer - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~2\ALLPLA~1\Iplex\IPLEXT~1.DLL (ALLCinema Ltd.) Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4 FireFox: ======== FF ProfilePath: C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\4n6lokue.default FF SelectedSearchEngine: Yahoo FF Homepage: hxxp://www.gazeta.pl/0,0.html?p=143 FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll () FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=10.13.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.13.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 - C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 - C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Dell\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF Plugin HKCU: facebook.com/fbDesktopPlugin - C:\Users\Dell\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.) FF Extension: No Name - C:\Users\Dell\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} FF Extension: ADDICT-THING - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\4n6lokue.default\Extensions\4fe0ca1770d36@4fe0ca1770d6f.info FF Extension: Pocket - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\4n6lokue.default\Extensions\isreaditlater@ideashower.com FF Extension: Purple Fox - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\4n6lokue.default\Extensions\{3ffb7be0-8bde-11de-8a39-0800200c9a66} FF Extension: SelectionLinks - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\4n6lokue.default\Extensions\{FA241C9F-3382-4693-9D99-C4BDEAEDFF5D} FF Extension: IplextoALL - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\4n6lokue.default\Extensions\IplextoALL@ALLPlayer.org.xpi FF Extension: me - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\4n6lokue.default\Extensions\me@paprikka.pl.xpi FF Extension: YouTubetoALL - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\4n6lokue.default\Extensions\YouTubetoALL@ALLPlayer.org.xpi FF Extension: No Name - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\4n6lokue.default\Extensions\{4176DFF4-4698-11DE-BEEB-45DA55D89593}.xpi FF Extension: No Name - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\4n6lokue.default\Extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi FF Extension: No Name - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\4n6lokue.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi FF Extension: No Name - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\4n6lokue.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi FF Extension: z - C:\Program Files (x86)\Mozilla Firefox\extensions\{3faef1b5-5957-4252-01db-5d6ed69db89d} FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] C:\Program Files\Web Assistant\Firefox FF HKLM\...\Firefox\Extensions: [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}] C:\Program Files\Web Assistant\Firefox FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird Chrome: ======= ==================== Services (Whitelisted) ================= S3 EhttpSrv; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [42360 2010-11-04] (ESET) R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [810144 2010-11-04] (ESET) S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R3 ServiceLayer; C:\Program Files (x86)\Nokia\PC Connectivity Solution\ServiceLayer.exe [620544 2008-11-11] (Nokia.) ==================== Drivers (Whitelisted) ==================== R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-01-30] (DT Soft Ltd) R2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [170104 2010-09-03] (ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [141264 2010-07-29] (ESET) R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [171152 2010-07-29] (ESET) R3 Epfwndis; C:\Windows\System32\DRIVERS\Epfwndis.sys [33632 2010-07-29] (ESET) R2 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [50624 2010-07-29] (ESET) S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) S3 nmwcdcx64; C:\Windows\System32\drivers\ccdcmbox64.sys [25088 2008-09-15] (Nokia) S3 nmwcdx64; C:\Windows\System32\drivers\ccdcmbx64.sys [18944 2008-09-15] (Nokia) S3 upperdev; C:\Windows\System32\DRIVERS\usbser_lowerfltx64.sys [8704 2008-09-15] (Windows (R) Codename Longhorn DDK provider) S3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltx64j.sys [8704 2008-09-15] (Windows (R) Codename Longhorn DDK provider) S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-07-04 18:09 - 2013-07-04 18:09 - 00000000 ____D C:\FRST 2013-07-04 18:07 - 2013-07-04 18:07 - 00000730 ____A C:\Users\Dell\Desktop\Continue Download Helper Installation.lnk 2013-07-04 18:04 - 2013-07-04 18:04 - 00000000 ____D C:\Users\Dell\AppData\Roaming\eIntaller 2013-07-04 18:02 - 2013-07-04 18:02 - 00654904 ____A C:\Users\Dell\Downloads\setup.exe 2013-07-04 16:28 - 2013-07-04 16:28 - 00062524 ____A C:\Users\Dell\Desktop\Extras.Txt 2013-07-04 16:27 - 2013-07-04 16:27 - 00104364 ____A C:\Users\Dell\Desktop\OTL.Txt 2013-07-04 16:27 - 2013-07-04 16:27 - 00062524 ____A C:\Users\Dell\Downloads\Extras.Txt 2013-07-04 16:26 - 2013-07-04 16:26 - 00104364 ____A C:\Users\Dell\Downloads\OTL.Txt 2013-07-04 16:14 - 2013-07-04 16:14 - 00602112 ____A (OldTimer Tools) C:\Users\Dell\Downloads\OTL.exe 2013-07-04 15:35 - 2013-07-04 15:35 - 00000000 ____D C:\Users\Dell\Doctor Web 2013-07-04 15:33 - 2013-07-04 15:34 - 123564120 ____A C:\Users\Dell\Downloads\drweb-cureit.exe 2013-07-04 15:25 - 2013-07-04 15:25 - 00000000 ____D C:\Users\Dell\AppData\Roaming\Malwarebytes 2013-07-04 15:25 - 2013-07-04 15:25 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-07-04 15:25 - 2013-07-04 15:25 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-07-04 15:25 - 2013-04-04 14:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys 2013-07-04 15:24 - 2013-07-04 15:24 - 10285040 ____A (Malwarebytes Corporation ) C:\Users\Dell\Downloads\mbam-setup-1.75.0.1300.exe 2013-07-04 15:21 - 2013-07-04 15:21 - 00027565 ____A C:\Users\Dell\Desktop\AdwCleaner[S1].txt 2013-07-04 15:13 - 2013-07-04 15:14 - 00027565 ____A C:\AdwCleaner[S1].txt 2013-07-04 15:13 - 2013-07-04 15:13 - 00650027 ____A C:\Users\Dell\Downloads\adwcleaner.exe 2013-07-04 14:59 - 2013-07-04 15:00 - 03021720 ____A (Enigma Software Group USA, LLC.) C:\Users\Dell\Downloads\SpyHunter4.exe 2013-07-04 14:58 - 2013-07-04 14:58 - 15397208 ____A C:\Users\Dell\Downloads\SpyHunter 4.1.11.0 [ENG] [Crack].exe 2013-07-04 13:18 - 2013-07-04 13:18 - 00000000 ____D C:\Program Files\Enigma Software Group 2013-07-04 13:18 - 2013-07-04 13:18 - 00000000 ____A C:\autoexec.bat 2013-07-04 13:17 - 2013-07-04 15:12 - 00000000 ____D C:\Windows\BCD5545077AC4347B24F654B1189F8D4.TMP 2013-07-04 13:15 - 2013-07-04 13:15 - 00726464 ____A (Enigma Software Group USA, LLC.) C:\Users\Dell\Downloads\SpyHunter-Installer.exe 2013-07-04 13:05 - 2013-07-04 13:05 - 00314976 ____A C:\Users\Dell\Downloads\iSafe.exe 2013-07-03 11:18 - 2013-07-03 11:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-07-02 22:53 - 2013-07-04 15:15 - 00000112 ____A C:\Windows\setupact.log 2013-07-02 22:53 - 2013-07-02 22:53 - 00000000 ____A C:\Windows\setuperr.log 2013-07-02 22:52 - 2013-07-04 15:15 - 00001848 ____A C:\Windows\PFRO.log 2013-07-01 22:26 - 2013-07-01 22:26 - 00000000 ____D C:\Users\Dell\AppData\Roaming\NapiProjekt 2013-07-01 22:16 - 2013-07-01 22:16 - 00001041 ____A C:\Users\Public\Desktop\ALL Media Server.lnk 2013-07-01 22:16 - 2013-07-01 22:16 - 00000981 ____A C:\Users\Dell\Desktop\ALLPlayer.lnk 2013-07-01 22:16 - 2013-07-01 22:16 - 00000932 ____A C:\Users\Dell\Desktop\NapiProjekt.lnk 2013-07-01 22:16 - 2013-07-01 22:16 - 00000000 ____D C:\Users\Dell\AppData\Local\ALLMediaServer 2013-07-01 22:16 - 2013-07-01 22:16 - 00000000 ____D C:\Program Files (x86)\NapiProjekt 2013-07-01 22:16 - 2013-07-01 22:16 - 00000000 ____D C:\Program Files (x86)\ALLYouTubeDownloader 2013-07-01 22:16 - 2013-07-01 22:16 - 00000000 ____D C:\Program Files (x86)\ALLMediaServer 2013-07-01 22:12 - 2013-07-02 21:18 - 00000000 ____D C:\Program Files (x86)\MyPC Backup 2013-07-01 22:12 - 2013-07-01 22:14 - 39065119 ____A (ALLPlayer ) C:\Users\Dell\Downloads\ALLPlayerEN.exe 2013-07-01 22:08 - 2013-07-01 22:18 - 00080384 ____A C:\Windows\SysWOW64\mkzlib.dll 2013-07-01 22:08 - 2013-07-01 22:18 - 00024576 ____A C:\Windows\SysWOW64\mkunicode.dll 2013-07-01 22:08 - 2013-07-01 22:08 - 00000000 ____D C:\Windows\SysWOW64\XVID 2013-07-01 22:08 - 2013-07-01 22:08 - 00000000 ____D C:\Windows\SysWOW64\X264 2013-07-01 22:08 - 2013-07-01 22:08 - 00000000 ____D C:\Windows\SysWOW64\SUB 2013-07-01 22:08 - 2013-07-01 22:08 - 00000000 ____D C:\Windows\SysWOW64\QUARTZ 2013-07-01 22:08 - 2013-07-01 22:08 - 00000000 ____D C:\Windows\SysWOW64\OGG 2013-07-01 22:08 - 2013-07-01 22:08 - 00000000 ____D C:\Windows\SysWOW64\MPEG2 2013-07-01 22:08 - 2013-07-01 22:08 - 00000000 ____D C:\Windows\SysWOW64\LAV 2013-07-01 22:08 - 2013-07-01 22:08 - 00000000 ____D C:\Windows\SysWOW64\HAALI 2013-07-01 22:08 - 2013-07-01 22:08 - 00000000 ____D C:\Windows\SysWOW64\GABEST 2013-07-01 22:08 - 2013-07-01 22:08 - 00000000 ____D C:\Windows\SysWOW64\FLV 2013-07-01 22:08 - 2013-07-01 22:08 - 00000000 ____D C:\Windows\SysWOW64\DIVX 2013-07-01 22:08 - 2013-07-01 22:08 - 00000000 ____D C:\Windows\SysWOW64\APE 2013-07-01 22:08 - 2013-07-01 22:08 - 00000000 ____D C:\Windows\SysWOW64\AAC 2013-06-29 13:32 - 2013-04-28 23:59 - 00000000 ____D C:\Users\Dell\SimCity 5 2013 Origin Key Generator 2013-06-25 12:48 - 2013-06-26 19:11 - 00000000 ____D C:\Users\Dell\Kolaż 2013-06-22 14:53 - 2013-06-22 14:54 - 00000000 ____D C:\Users\Dell\Nowy folder (2) 2013-06-18 17:59 - 2013-06-25 12:18 - 00000000 ____D C:\Users\Dell\s2 2013-06-17 03:01 - 2013-06-08 16:08 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2013-06-17 03:01 - 2013-06-08 16:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2013-06-17 03:01 - 2013-06-08 16:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2013-06-17 03:01 - 2013-06-08 16:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2013-06-17 03:01 - 2013-06-08 14:28 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2013-06-17 03:01 - 2013-06-08 13:42 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-06-17 03:01 - 2013-06-08 13:40 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-06-17 03:01 - 2013-06-08 13:40 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-06-17 03:01 - 2013-06-08 13:40 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-06-17 03:01 - 2013-06-08 13:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-06-17 03:00 - 2013-06-08 16:07 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2013-06-17 03:00 - 2013-06-08 13:40 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-06-15 03:02 - 2013-05-17 03:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-06-15 03:02 - 2013-05-17 03:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-06-15 03:02 - 2013-05-17 03:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-06-15 03:02 - 2013-05-17 03:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-06-15 03:02 - 2013-05-17 03:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-06-15 03:02 - 2013-05-17 03:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-06-15 03:02 - 2013-05-17 03:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-06-15 03:02 - 2013-05-17 03:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-06-15 03:02 - 2013-05-17 02:59 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2013-06-15 03:02 - 2013-05-17 02:59 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe 2013-06-15 03:02 - 2013-05-17 02:58 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2013-06-15 03:02 - 2013-05-17 02:58 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2013-06-15 03:02 - 2013-05-17 02:58 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2013-06-15 03:02 - 2013-05-17 02:58 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll 2013-06-15 03:02 - 2013-05-17 02:58 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll 2013-06-15 03:02 - 2013-05-17 02:58 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2013-06-15 03:02 - 2013-05-17 02:58 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll 2013-06-15 03:02 - 2013-05-14 14:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe 2013-06-15 03:02 - 2013-05-14 10:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-06-13 16:03 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys 2013-06-13 16:03 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll 2013-06-13 16:03 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll 2013-06-13 16:02 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll 2013-06-13 16:02 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll 2013-06-13 15:57 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll 2013-06-13 15:57 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll 2013-06-13 15:57 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll 2013-06-13 15:57 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll 2013-06-13 15:57 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2013-06-13 15:57 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2013-06-13 15:57 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2013-06-13 15:57 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe 2013-06-13 15:57 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe 2013-06-13 15:57 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll 2013-06-13 15:57 - 2013-04-17 09:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2013-06-13 15:57 - 2013-04-17 08:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll 2013-06-13 15:56 - 2013-04-26 01:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll 2013-06-13 15:56 - 2013-04-01 00:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll 2013-06-12 16:03 - 2013-06-12 16:03 - 09089416 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2013-06-10 16:39 - 2013-07-04 15:14 - 01232350 ____A C:\Windows\WindowsUpdate.log 2013-06-09 21:04 - 2013-06-09 21:28 - 00210932 ____A C:\Users\Dell\Test IQ.pptx ==================== One Month Modified Files and Folders ======= 2013-07-04 18:09 - 2013-07-04 18:09 - 00000000 ____D C:\FRST 2013-07-04 18:07 - 2013-07-04 18:07 - 00000730 ____A C:\Users\Dell\Desktop\Continue Download Helper Installation.lnk 2013-07-04 18:04 - 2013-07-04 18:04 - 00000000 ____D C:\Users\Dell\AppData\Roaming\eIntaller 2013-07-04 18:03 - 2013-03-24 04:04 - 00000930 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-07-04 18:02 - 2013-07-04 18:02 - 00654904 ____A C:\Users\Dell\Downloads\setup.exe 2013-07-04 18:00 - 2013-02-07 11:37 - 00001044 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-07-04 17:57 - 2011-04-01 10:52 - 00706762 ____A C:\Windows\System32\perfh015.dat 2013-07-04 17:57 - 2011-04-01 10:52 - 00138712 ____A C:\Windows\System32\perfc015.dat 2013-07-04 17:57 - 2009-07-14 07:13 - 01575004 ____A C:\Windows\System32\PerfStringBackup.INI 2013-07-04 17:54 - 2011-10-01 17:59 - 00000000 ____D C:\Users\Dell\AppData\Roaming\Skype 2013-07-04 16:28 - 2013-07-04 16:28 - 00062524 ____A C:\Users\Dell\Desktop\Extras.Txt 2013-07-04 16:27 - 2013-07-04 16:27 - 00104364 ____A C:\Users\Dell\Desktop\OTL.Txt 2013-07-04 16:27 - 2013-07-04 16:27 - 00062524 ____A C:\Users\Dell\Downloads\Extras.Txt 2013-07-04 16:26 - 2013-07-04 16:26 - 00104364 ____A C:\Users\Dell\Downloads\OTL.Txt 2013-07-04 16:14 - 2013-07-04 16:14 - 00602112 ____A (OldTimer Tools) C:\Users\Dell\Downloads\OTL.exe 2013-07-04 15:51 - 2011-10-27 18:36 - 00000924 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-145809455-3699547568-2411523952-1000UA.job 2013-07-04 15:35 - 2013-07-04 15:35 - 00000000 ____D C:\Users\Dell\Doctor Web 2013-07-04 15:35 - 2011-05-12 13:57 - 00000000 ____D C:\users\Dell 2013-07-04 15:34 - 2013-07-04 15:33 - 123564120 ____A C:\Users\Dell\Downloads\drweb-cureit.exe 2013-07-04 15:25 - 2013-07-04 15:25 - 00000000 ____D C:\Users\Dell\AppData\Roaming\Malwarebytes 2013-07-04 15:25 - 2013-07-04 15:25 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-07-04 15:25 - 2013-07-04 15:25 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-07-04 15:24 - 2013-07-04 15:24 - 10285040 ____A (Malwarebytes Corporation ) C:\Users\Dell\Downloads\mbam-setup-1.75.0.1300.exe 2013-07-04 15:23 - 2009-07-14 06:45 - 00013872 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-07-04 15:23 - 2009-07-14 06:45 - 00013872 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-07-04 15:21 - 2013-07-04 15:21 - 00027565 ____A C:\Users\Dell\Desktop\AdwCleaner[S1].txt 2013-07-04 15:15 - 2013-07-02 22:53 - 00000112 ____A C:\Windows\setupact.log 2013-07-04 15:15 - 2013-07-02 22:52 - 00001848 ____A C:\Windows\PFRO.log 2013-07-04 15:15 - 2013-02-07 11:37 - 00001040 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-07-04 15:15 - 2012-05-09 22:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-07-04 15:15 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT 2013-07-04 15:14 - 2013-07-04 15:13 - 00027565 ____A C:\AdwCleaner[S1].txt 2013-07-04 15:14 - 2013-06-10 16:39 - 01232350 ____A C:\Windows\WindowsUpdate.log 2013-07-04 15:14 - 2013-01-09 12:07 - 00001011 ____A C:\Users\Dell\Desktop\Mozilla Firefox.lnk 2013-07-04 15:13 - 2013-07-04 15:13 - 00650027 ____A C:\Users\Dell\Downloads\adwcleaner.exe 2013-07-04 15:12 - 2013-07-04 13:17 - 00000000 ____D C:\Windows\BCD5545077AC4347B24F654B1189F8D4.TMP 2013-07-04 15:00 - 2013-07-04 14:59 - 03021720 ____A (Enigma Software Group USA, LLC.) C:\Users\Dell\Downloads\SpyHunter4.exe 2013-07-04 14:58 - 2013-07-04 14:58 - 15397208 ____A C:\Users\Dell\Downloads\SpyHunter 4.1.11.0 [ENG] [Crack].exe 2013-07-04 13:18 - 2013-07-04 13:18 - 00000000 ____D C:\Program Files\Enigma Software Group 2013-07-04 13:18 - 2013-07-04 13:18 - 00000000 ____A C:\autoexec.bat 2013-07-04 13:15 - 2013-07-04 13:15 - 00726464 ____A (Enigma Software Group USA, LLC.) C:\Users\Dell\Downloads\SpyHunter-Installer.exe 2013-07-04 13:05 - 2013-07-04 13:05 - 00314976 ____A C:\Users\Dell\Downloads\iSafe.exe 2013-07-04 12:51 - 2011-10-27 18:35 - 00000902 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-145809455-3699547568-2411523952-1000Core.job 2013-07-03 11:19 - 2013-07-03 11:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-07-02 22:53 - 2013-07-02 22:53 - 00000000 ____A C:\Windows\setuperr.log 2013-07-02 22:46 - 2012-07-05 13:13 - 00000000 ____D C:\Users\Dell\AppData\Roaming\uTorrent 2013-07-02 22:46 - 2011-05-12 15:26 - 00000000 ____D C:\Users\Dell\AppData\Roaming\SoftGrid Client 2013-07-02 21:18 - 2013-07-01 22:12 - 00000000 ____D C:\Program Files (x86)\MyPC Backup 2013-07-02 21:17 - 2012-07-20 09:35 - 00000000 ____D C:\Users\Dell\Filmy 2013-07-02 21:09 - 2012-06-19 20:55 - 00000000 ____D C:\Program Files (x86)\Driver Pro 2013-07-02 21:08 - 2012-04-14 10:09 - 00000000 ____D C:\Program Files (x86)\OrangeBS 2013-07-01 22:26 - 2013-07-01 22:26 - 00000000 ____D C:\Users\Dell\AppData\Roaming\NapiProjekt 2013-07-01 22:19 - 2011-05-12 16:05 - 00258048 ____A C:\Windows\SysWOW64\libFLAC.dll 2013-07-01 22:18 - 2013-07-01 22:08 - 00080384 ____A C:\Windows\SysWOW64\mkzlib.dll 2013-07-01 22:18 - 2013-07-01 22:08 - 00024576 ____A C:\Windows\SysWOW64\mkunicode.dll 2013-07-01 22:16 - 2013-07-01 22:16 - 00001041 ____A C:\Users\Public\Desktop\ALL Media Server.lnk 2013-07-01 22:16 - 2013-07-01 22:16 - 00000981 ____A C:\Users\Dell\Desktop\ALLPlayer.lnk 2013-07-01 22:16 - 2013-07-01 22:16 - 00000932 ____A C:\Users\Dell\Desktop\NapiProjekt.lnk 2013-07-01 22:16 - 2013-07-01 22:16 - 00000000 ____D C:\Users\Dell\AppData\Local\ALLMediaServer 2013-07-01 22:16 - 2013-07-01 22:16 - 00000000 ____D C:\Program Files (x86)\NapiProjekt 2013-07-01 22:16 - 2013-07-01 22:16 - 00000000 ____D C:\Program Files (x86)\ALLYouTubeDownloader 2013-07-01 22:16 - 2013-07-01 22:16 - 00000000 ____D C:\Program Files (x86)\ALLMediaServer 2013-07-01 22:16 - 2011-05-12 16:04 - 00000000 ____D C:\Program Files (x86)\ALLPlayer 2013-07-01 22:15 - 2011-05-12 16:05 - 00000000 ____D C:\Users\Dell\AppData\Local\ALLPlayer 2013-07-01 22:14 - 2013-07-01 22:12 - 39065119 ____A (ALLPlayer ) C:\Users\Dell\Downloads\ALLPlayerEN.exe 2013-07-01 22:10 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Resources 2013-07-01 22:08 - 2013-07-01 22:08 - 00000000 ____D C:\Windows\SysWOW64\XVID 2013-07-01 22:08 - 2013-07-01 22:08 - 00000000 ____D C:\Windows\SysWOW64\X264 2013-07-01 22:08 - 2013-07-01 22:08 - 00000000 ____D C:\Windows\SysWOW64\SUB 2013-07-01 22:08 - 2013-07-01 22:08 - 00000000 ____D C:\Windows\SysWOW64\QUARTZ 2013-07-01 22:08 - 2013-07-01 22:08 - 00000000 ____D C:\Windows\SysWOW64\OGG 2013-07-01 22:08 - 2013-07-01 22:08 - 00000000 ____D C:\Windows\SysWOW64\MPEG2 2013-07-01 22:08 - 2013-07-01 22:08 - 00000000 ____D C:\Windows\SysWOW64\LAV 2013-07-01 22:08 - 2013-07-01 22:08 - 00000000 ____D C:\Windows\SysWOW64\HAALI 2013-07-01 22:08 - 2013-07-01 22:08 - 00000000 ____D C:\Windows\SysWOW64\GABEST 2013-07-01 22:08 - 2013-07-01 22:08 - 00000000 ____D C:\Windows\SysWOW64\FLV 2013-07-01 22:08 - 2013-07-01 22:08 - 00000000 ____D C:\Windows\SysWOW64\DIVX 2013-07-01 22:08 - 2013-07-01 22:08 - 00000000 ____D C:\Windows\SysWOW64\APE 2013-07-01 22:08 - 2013-07-01 22:08 - 00000000 ____D C:\Windows\SysWOW64\AAC 2013-06-26 19:11 - 2013-06-25 12:48 - 00000000 ____D C:\Users\Dell\Kolaż 2013-06-25 16:57 - 2011-05-13 07:50 - 00000000 ___RD C:\Users\Dell\Zdjęcia 2013-06-25 13:44 - 2013-05-24 20:39 - 00000000 ____D C:\Users\Dell\PAZNOKCIE 2013-06-25 12:18 - 2013-06-18 17:59 - 00000000 ____D C:\Users\Dell\s2 2013-06-24 18:32 - 2011-10-09 16:36 - 00000000 ___HD C:\Users\Dell\Desktop\.picasaoriginals 2013-06-22 14:54 - 2013-06-22 14:53 - 00000000 ____D C:\Users\Dell\Nowy folder (2) 2013-06-19 17:46 - 2011-08-05 18:59 - 00000000 ____D C:\Users\Dell\AppData\Local\Windows Live 2013-06-17 19:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache 2013-06-17 16:45 - 2013-05-03 20:10 - 00000000 ____D C:\Users\Dell\Nowy folder 2013-06-17 16:45 - 2013-02-26 19:20 - 00000000 ____D C:\Users\Dell\Emilka 2013-06-15 03:05 - 2011-06-10 20:50 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-06-15 03:02 - 2011-05-12 16:07 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe 2013-06-12 16:03 - 2013-06-12 16:03 - 09089416 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2013-06-12 16:03 - 2013-03-24 04:04 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-06-12 16:03 - 2011-12-06 18:27 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-06-10 16:39 - 2011-05-12 16:04 - 00000000 ____D C:\Users\Dell\AppData\Roaming\Winamp 2013-06-09 21:28 - 2013-06-09 21:04 - 00210932 ____A C:\Users\Dell\Test IQ.pptx 2013-06-08 16:08 - 2013-06-17 03:01 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2013-06-08 16:07 - 2013-06-17 03:00 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2013-06-08 16:06 - 2013-06-17 03:01 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2013-06-08 16:06 - 2013-06-17 03:01 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2013-06-08 16:06 - 2013-06-17 03:01 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2013-06-08 14:28 - 2013-06-17 03:01 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2013-06-08 13:42 - 2013-06-17 03:01 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-06-08 13:40 - 2013-06-17 03:01 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-06-08 13:40 - 2013-06-17 03:01 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-06-08 13:40 - 2013-06-17 03:01 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-06-08 13:40 - 2013-06-17 03:00 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-06-08 13:13 - 2013-06-17 03:01 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-06-23 10:16 ==================== End Of Log ============================