Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 19-07-2013 Ran by MARTYNA (administrator) on 21-07-2013 01:50:22 Running from C:\Users\MARTYNA\Downloads Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Polish Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) =================== (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe () C:\ProgramData\DatacardService\HWDeviceService.exe (Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe () C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation) C:\Windows\system32\igfxsrvc.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (OldTimer Tools) C:\Users\MARTYNA\Downloads\OTL.exe (Microsoft Corporation) C:\Windows\system32\wuauclt.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== MountPoints2: {113521aa-7f86-11e2-b785-0017c46af5c3} - F:\AutoRun.exe MountPoints2: {113521ad-7f86-11e2-b785-0017c46af5c3} - F:\AutoRun.exe MountPoints2: {113521cd-7f86-11e2-b785-00238b60d8ad} - F:\AutoRun.exe MountPoints2: {2fe07c94-313c-11e2-b5e1-0017c46af5c3} - F:\AutoRun.exe MountPoints2: {2fe07c99-313c-11e2-b5e1-00238b60d8ad} - F:\AutoRun.exe MountPoints2: {4ab81d34-3744-11e2-b5a4-0017c46af5c3} - F:\AutoRun.exe MountPoints2: {57321d81-444e-11e2-ba35-00238b60d8ad} - F:\AutoRun.exe MountPoints2: {65afd0c0-3064-11e2-8e52-00238b60d8ad} - F:\AutoRun.exe MountPoints2: {702be0b5-59b0-11e2-8815-00238b60d8ad} - F:\setup_vmc_lite.exe /checkApplicationPresence MountPoints2: {702be0b8-59b0-11e2-8815-00238b60d8ad} - F:\setup_vmc_lite.exe /checkApplicationPresence MountPoints2: {a124da46-2f89-11e2-b89b-0017c46af5c3} - G:\AutoRun.exe MountPoints2: {a124da4c-2f89-11e2-b89b-00238b60d8ad} - F:\AutoRun.exe MountPoints2: {e0e8a793-3738-11e2-b5b8-00238b60d8ad} - F:\AutoRun.exe HKU\Default\...\RunOnce: [mctadmin] - C:\Windows\System32\mctadmin.exe [ 2009-07-14] (Microsoft Corporation) HKU\Default User\...\RunOnce: [mctadmin] - C:\Windows\System32\mctadmin.exe [ 2009-07-14] (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) Handler: msdaipp - No CLSID Value - Tcpip\Parameters: [DhcpNameServer] 10.0.0.13 10.0.0.12 Tcpip\..\Interfaces\{CEFD78ED-1E1E-4AB0-BC54-D236E73ECCD1}: [NameServer] FireFox: ======== FF ProfilePath: C:\Users\MARTYNA\AppData\Roaming\Mozilla\Firefox\Profiles\7c4gn9av.default FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll () FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\MARTYNA\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\MARTYNA\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml FF Extension: Default - C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF HKLM\...\Firefox\Extensions: [wrc@avast.com] C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! WebRep - C:\Program Files\AVAST Software\Avast\WebRep\FF Chrome: ======= CHR HomePage: hxxp://www.google.com/ CHR RestoreOnStartup: "hxxp://google.pl/" CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter} CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\28.0.1500.72\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File CHR Plugin: (Java(TM) Platform SE 7 U9) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (McAfee Security Scanner +) - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll No File CHR Plugin: (Unity Player) - C:\Users\MARTYNA\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll No File CHR Plugin: (Java Deployment Toolkit 7.0.90.5) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File CHR Extension: (avast! WebRep) - C:\Users\MARTYNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0 CHR HKLM\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx ========================== Services (Whitelisted) ================= R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [44808 2012-10-31] (AVAST Software) R2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [271712 2011-03-14] () S2 Mobile Partner. RunOuc; C:\Program Files\Mobile Partner\UpdateDog\ouc.exe [655712 2012-07-25] () ==================== Drivers (Whitelisted) ==================== R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [21256 2012-10-31] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [58680 2012-10-31] (AVAST Software) R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [44784 2012-10-15] (AVAST Software) R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [738504 2012-10-31] (AVAST Software) R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [361032 2012-10-31] (AVAST Software) R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [54232 2012-10-31] (AVAST Software) S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [95616 2012-04-23] (Huawei Technologies Co., Ltd.) S3 huawei_ext_ctrl; C:\Windows\System32\DRIVERS\ew_juextctrl.sys [27520 2012-04-23] (Huawei Technologies Co., Ltd.) S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [202752 2012-04-23] (Huawei Technologies Co., Ltd.) R3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [347136 2009-07-14] (Realtek Semiconductor Corporation ) S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x] S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-07-21 01:49 - 2013-07-21 01:49 - 01219758 _____ (Farbar) C:\Users\MARTYNA\Downloads\FRST.exe 2013-07-21 01:49 - 2013-07-21 01:49 - 00000000 ____D C:\FRST 2013-07-21 01:47 - 2013-07-21 01:48 - 00000000 ____D C:\Users\MARTYNA\Desktop\Stare dane programu Firefox 2013-07-21 01:44 - 2013-07-21 01:44 - 00007793 _____ C:\Users\MARTYNA\Desktop\AdwCleaner[S1].txt 2013-07-21 01:41 - 2013-07-21 01:41 - 00007793 _____ C:\AdwCleaner[S1].txt 2013-07-21 01:41 - 2013-07-21 01:41 - 00000097 _____ C:\Windows\DeleteOnReboot.bat 2013-07-21 01:40 - 2013-07-21 01:41 - 00666633 _____ C:\Users\MARTYNA\Downloads\AdwCleaner.exe 2013-07-21 01:37 - 2013-07-21 01:37 - 00000000 __RSH C:\MSDOS.SYS 2013-07-21 01:37 - 2013-07-21 01:37 - 00000000 __RSH C:\IO.SYS 2013-07-20 19:07 - 2013-07-20 19:07 - 00041348 _____ C:\Users\MARTYNA\Desktop\logilaptop.zip 2013-07-20 18:47 - 2013-07-20 18:47 - 00377856 _____ C:\Users\MARTYNA\Downloads\yvf95twq.exe 2013-07-20 18:46 - 2013-07-20 18:46 - 00033666 _____ C:\Users\MARTYNA\Downloads\Extras.Txt 2013-07-20 18:44 - 2013-07-20 18:44 - 00065630 _____ C:\Users\MARTYNA\Downloads\OTL.Txt 2013-07-20 18:35 - 2013-07-20 18:35 - 00602112 _____ (OldTimer Tools) C:\Users\MARTYNA\Downloads\OTL.exe 2013-07-13 12:25 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-07-13 12:25 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-07-13 12:25 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-07-13 12:25 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-07-13 12:25 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-07-13 12:25 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-07-13 12:25 - 2013-06-12 01:43 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-07-13 12:25 - 2013-06-12 01:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-07-13 12:25 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-07-13 12:25 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-07-13 12:25 - 2013-06-12 01:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-07-13 12:25 - 2013-06-12 01:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-07-13 12:25 - 2013-06-12 01:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-07-13 12:25 - 2013-06-12 01:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-07-13 12:25 - 2013-06-12 00:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-07-13 12:25 - 2013-06-07 04:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-07-12 10:59 - 2013-06-05 05:05 - 02347520 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2013-07-12 10:59 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2013-07-12 10:59 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2013-07-12 10:59 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2013-07-09 08:37 - 2013-07-09 09:00 - 00000000 ____D C:\Users\MARTYNA\Desktop\103_FUJI 2013-07-08 15:29 - 2013-07-16 00:47 - 00000000 ____D C:\Users\MARTYNA\Desktop\obrona 2013-07-03 11:58 - 2013-07-03 12:01 - 00000000 ____D C:\Users\MARTYNA\Desktop\Moja praca mgr 2013-07-02 21:58 - 2013-07-02 21:59 - 00501248 _____ (Facebook Inc.) C:\Users\MARTYNA\Downloads\FacebookVideoCallSetup_v1.2.205.0 (1).exe 2013-07-02 21:55 - 2013-07-20 19:00 - 00000936 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-383471092-126505138-2303129587-1000UA.job 2013-07-02 21:55 - 2013-07-17 22:05 - 00000914 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-383471092-126505138-2303129587-1000Core.job 2013-07-02 21:55 - 2013-07-02 22:00 - 00000000 ____D C:\Users\MARTYNA\AppData\Local\Facebook 2013-07-02 21:54 - 2013-07-02 21:55 - 00501248 _____ (Facebook Inc.) C:\Users\MARTYNA\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe ==================== One Month Modified Files and Folders ======= 2013-07-21 01:49 - 2013-07-21 01:49 - 01219758 _____ (Farbar) C:\Users\MARTYNA\Downloads\FRST.exe 2013-07-21 01:49 - 2013-07-21 01:49 - 00000000 ____D C:\FRST 2013-07-21 01:48 - 2013-07-21 01:47 - 00000000 ____D C:\Users\MARTYNA\Desktop\Stare dane programu Firefox 2013-07-21 01:47 - 2012-11-16 03:17 - 00000000 ___RD C:\Users\MARTYNA\Desktop 2013-07-21 01:44 - 2013-07-21 01:44 - 00007793 _____ C:\Users\MARTYNA\Desktop\AdwCleaner[S1].txt 2013-07-21 01:43 - 2013-04-08 22:53 - 00001034 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-07-21 01:43 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-07-21 01:43 - 2009-07-14 06:39 - 00107901 _____ C:\Windows\setupact.log 2013-07-21 01:42 - 2012-11-17 06:18 - 00032500 _____ C:\Windows\PFRO.log 2013-07-21 01:42 - 2012-11-16 03:03 - 01217887 _____ C:\Windows\WindowsUpdate.log 2013-07-21 01:41 - 2013-07-21 01:41 - 00007793 _____ C:\AdwCleaner[S1].txt 2013-07-21 01:41 - 2013-07-21 01:41 - 00000097 _____ C:\Windows\DeleteOnReboot.bat 2013-07-21 01:41 - 2013-07-21 01:40 - 00666633 _____ C:\Users\MARTYNA\Downloads\AdwCleaner.exe 2013-07-21 01:39 - 2009-07-14 06:34 - 00019328 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-07-21 01:39 - 2009-07-14 06:34 - 00019328 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-07-21 01:38 - 2009-07-14 04:37 - 00000000 __RHD C:\Users\Public\Desktop 2013-07-21 01:37 - 2013-07-21 01:37 - 00000000 __RSH C:\MSDOS.SYS 2013-07-21 01:37 - 2013-07-21 01:37 - 00000000 __RSH C:\IO.SYS 2013-07-20 20:15 - 2013-02-15 23:42 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-07-20 20:14 - 2013-04-08 22:53 - 00001038 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-07-20 19:07 - 2013-07-20 19:07 - 00041348 _____ C:\Users\MARTYNA\Desktop\logilaptop.zip 2013-07-20 19:00 - 2013-07-02 21:55 - 00000936 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-383471092-126505138-2303129587-1000UA.job 2013-07-20 18:47 - 2013-07-20 18:47 - 00377856 _____ C:\Users\MARTYNA\Downloads\yvf95twq.exe 2013-07-20 18:46 - 2013-07-20 18:46 - 00033666 _____ C:\Users\MARTYNA\Downloads\Extras.Txt 2013-07-20 18:44 - 2013-07-20 18:44 - 00065630 _____ C:\Users\MARTYNA\Downloads\OTL.Txt 2013-07-20 18:35 - 2013-07-20 18:35 - 00602112 _____ (OldTimer Tools) C:\Users\MARTYNA\Downloads\OTL.exe 2013-07-19 18:30 - 2013-06-16 11:30 - 00000005 _____ C:\Users\MARTYNA\AppData\Roaming\WBPU-TTL.DAT 2013-07-17 22:05 - 2013-07-02 21:55 - 00000914 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-383471092-126505138-2303129587-1000Core.job 2013-07-16 00:47 - 2013-07-08 15:29 - 00000000 ____D C:\Users\MARTYNA\Desktop\obrona 2013-07-13 16:29 - 2012-11-16 03:20 - 01549696 _____ C:\Windows\system32\PerfStringBackup.INI 2013-07-13 16:29 - 2009-07-14 10:07 - 00697912 _____ C:\Windows\system32\perfh015.dat 2013-07-13 16:29 - 2009-07-14 10:07 - 00134990 _____ C:\Windows\system32\perfc015.dat 2013-07-13 13:03 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET 2013-07-13 12:49 - 2009-07-14 06:33 - 00413432 _____ C:\Windows\system32\FNTCACHE.DAT 2013-07-13 12:47 - 2012-12-22 21:36 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2013-07-13 12:46 - 2009-07-14 10:28 - 00000000 ____D C:\Program Files\Windows Journal 2013-07-13 12:46 - 2009-07-14 06:52 - 00000000 ____D C:\Program Files\Windows Defender 2013-07-13 12:24 - 2013-05-06 23:12 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-07-13 12:23 - 2013-04-08 23:03 - 00002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2013-07-13 12:20 - 2012-11-16 04:31 - 75699896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-07-09 09:00 - 2013-07-09 08:37 - 00000000 ____D C:\Users\MARTYNA\Desktop\103_FUJI 2013-07-03 12:01 - 2013-07-03 11:58 - 00000000 ____D C:\Users\MARTYNA\Desktop\Moja praca mgr 2013-07-02 22:00 - 2013-07-02 21:55 - 00000000 ____D C:\Users\MARTYNA\AppData\Local\Facebook 2013-07-02 21:59 - 2013-07-02 21:58 - 00501248 _____ (Facebook Inc.) C:\Users\MARTYNA\Downloads\FacebookVideoCallSetup_v1.2.205.0 (1).exe 2013-07-02 21:55 - 2013-07-02 21:54 - 00501248 _____ (Facebook Inc.) C:\Users\MARTYNA\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-07-13 13:30 ==================== End Of Log ============================