Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-07-2013
Ran by Herbar (administrator) on 25-07-2013 10:15:30
Running from C:\Users\Herbar\Downloads
Microsoft Windows 7 Home Premium  (X86) OS Language: Polish
Internet Explorer Version 8
Boot Mode: Safe Mode (with Networking)

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\cmd.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(OldTimer Tools) C:\Users\Herbar\Downloads\OTL.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\mmc.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\prevhost.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10996368 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [36864 2007-03-21] ()
HKLM\...\Run: [KeePass 2 PreLoad] - "F:\KeePass Password Safe 2\KeePass.exe" --preload [x]
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [947152 2013-01-27] (Microsoft Corporation)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Runonce: [] -  [x]
HKCU\...\Run: [Trans] - C:\Program Files\Trans\trans.exe [4839968 2013-06-14] ()
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [19873896 2013-06-21] (Skype Technologies S.A.)
Startup: C:\Users\Herbar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MapowanieDyskow.exe ()
Startup: C:\Users\Herbar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk
ShortcutTarget: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www1.delta-search.com/?babsrc=HP_ss&mntrId=440F0016E6875758&affID=119357&tsp=4952
HKCU\Software\Microsoft\Internet Explorer\Main,Default_search_url = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_page_url = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Search bar = http://search.msn.com/spbasic.htm
URLSearchHook: (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} -  No File
SearchScopes: HKCU - ${searchCLSID} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=440F0016E6875758&affID=119357&tsp=4952
SearchScopes: HKCU - {95DA8C02-80C3-461A-81A8-7ADB64197A70} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=crm&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYPL&apn_uid=E5708B65-744A-4572-8B0E-CE5542973FCE&apn_sauid=8635A7A4-00DE-4C5D-83FE-33218EBC9102
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

Chrome: 
=======
CHR HomePage: hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=440F0016E6875758&affID=119357&tsp=4952
CHR Extension: (AdBlock) - C:\Users\Herbar\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.2_0

========================== Services (Whitelisted) =================

S2 LVCOMSer; C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [186904 2007-07-20] (Logitech Inc.)
S2 LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [141848 2007-07-20] (Logitech Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [20456 2013-01-27] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [295232 2013-01-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [50080 2012-11-30] (G Data Software AG)
S2 Hardlock; C:\Windows\system32\drivers\hardlock.sys [693760 2006-11-22] (Aladdin Knowledge Systems Ltd.)
R0 JRAID; C:\Windows\System32\DRIVERS\jraid.sys [83296 2008-11-04] (JMicron Technology Corp.)
S3 LVcKap; C:\Windows\System32\DRIVERS\LVcKap.sys [2109592 2007-07-20] (Logitech Inc.)
S3 LVMVDrv; C:\Windows\System32\DRIVERS\LVMVDrv.sys [2142488 2007-07-20] (Logitech Inc.)
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25624 2007-07-18] ()
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [195296 2013-01-20] (Microsoft Corporation)
S3 cpuz135; \??\C:\Users\Herbar\AppData\Local\Temp\cpuz135\cpuz135_x32.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-25 10:15 - 2013-07-25 10:15 - 00000000 ____D C:\FRST
2013-07-25 10:14 - 2013-07-25 10:14 - 01220306 _____ (Farbar) C:\Users\Herbar\Downloads\FRST.exe
2013-07-25 10:12 - 2013-07-25 10:12 - 00015913 _____ C:\Users\Herbar\Desktop\OTLogs.zip
2013-07-25 10:12 - 2013-07-25 09:51 - 00053890 _____ C:\Users\Herbar\Desktop\OTL.Txt
2013-07-25 10:12 - 2013-07-25 09:51 - 00047228 _____ C:\Users\Herbar\Desktop\Extras.Txt
2013-07-25 10:01 - 2013-07-25 10:01 - 01005568 _____ (Microsoft Corporation) C:\Users\Herbar\Downloads\dotNetFx45_Full_setup.exe
2013-07-25 09:58 - 2013-07-25 09:58 - 02869264 _____ (Microsoft Corporation) C:\Users\Herbar\Downloads\dotNetFx35setup.exe
2013-07-25 09:51 - 2013-07-25 09:51 - 00053890 _____ C:\Users\Herbar\Downloads\OTL.Txt
2013-07-25 09:51 - 2013-07-25 09:51 - 00047228 _____ C:\Users\Herbar\Downloads\Extras.Txt
2013-07-25 09:48 - 2013-07-25 09:48 - 00602112 _____ (OldTimer Tools) C:\Users\Herbar\Downloads\OTL.exe
2013-07-25 09:46 - 2013-07-25 09:48 - 158286653 _____ C:\Users\Herbar\Downloads\Windows6.1-KB947821-v27-x86.msu
2013-07-25 09:32 - 2013-07-25 09:33 - 00000050 _____ C:\Users\Herbar\Downloads\null
2013-07-25 09:32 - 2013-07-25 09:32 - 00029696 _____ C:\Users\Herbar\Downloads\CBSFilter.exe
2013-07-25 09:25 - 2013-07-25 09:32 - 563934504 _____ (Microsoft Corporation) C:\Users\Herbar\Downloads\windows6.1-KB976932-X86.exe
2013-07-25 09:22 - 2013-07-25 09:23 - 00000000 ____D C:\UsbFix
2013-07-25 09:22 - 2013-07-25 09:22 - 01030081 _____ (El Desaparecido - SosVirus.net) C:\Users\Herbar\Downloads\UsbFix (1).exe
2013-07-25 09:04 - 2013-07-25 09:06 - 94088076 _____ C:\Users\Herbar\Downloads\ostropest.zip
2013-07-24 17:18 - 2013-07-24 17:19 - 00173620 _____ C:\Users\Herbar\Downloads\WindowsUpdateDiagnostic.diagcab
2013-07-23 16:11 - 2013-07-24 16:10 - 00000000 ____D C:\e695489a95cfa745611cc8c4d98f1d
2013-07-23 16:11 - 2013-07-23 16:11 - 00000000 ____D C:\Windows\system32\EventProviders
2013-07-23 11:50 - 2013-07-23 11:50 - 00000000 ____D C:\Users\Herbar\AppData\Roaming\Comarch
2013-07-23 10:41 - 2013-07-23 10:41 - 23687168 _____ C:\Users\Herbar\Downloads\SkypeSetup(dobreprogramy.pl).msi
2013-07-23 10:41 - 2013-07-23 10:41 - 00002503 _____ C:\Users\Public\Desktop\Skype.lnk
2013-07-23 10:41 - 2013-07-23 10:41 - 00000000 ___RD C:\Program Files\Skype
2013-07-23 10:41 - 2013-07-23 10:41 - 00000000 ____D C:\Program Files\Common Files\Skype
2013-07-23 10:40 - 2013-07-23 10:41 - 00715888 _____ C:\Users\Herbar\Downloads\Skype(13018) (1).exe
2013-07-23 10:40 - 2013-07-23 10:40 - 00000000 ____D C:\Windows\system32\searchplugins
2013-07-23 10:40 - 2013-07-23 10:40 - 00000000 ____D C:\Windows\system32\Extensions
2013-07-23 10:40 - 2013-07-23 10:40 - 00000000 ____D C:\Users\Herbar\AppData\Roaming\Babylon
2013-07-23 10:40 - 2013-07-23 10:40 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-07-23 10:40 - 2013-07-23 10:40 - 00000000 ____D C:\ProgramData\Babylon
2013-07-23 10:40 - 2013-07-23 10:40 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-07-23 10:39 - 2013-07-23 10:39 - 00715888 _____ C:\Users\Herbar\Downloads\Skype(13018).exe
2013-07-22 16:26 - 2013-07-22 16:26 - 00000000 ____D C:\Program Files\Microsoft CAPICOM 2.1.0.2
2013-07-22 16:15 - 2013-07-22 16:17 - 00004610 _____ C:\Windows\IE9_main.log
2013-07-22 16:11 - 2013-07-22 16:11 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-07-22 16:11 - 2013-07-22 16:11 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-07-22 16:08 - 2013-07-22 16:08 - 00286330 _____ C:\Windows\msxml4-KB954430-enu.LOG
2013-07-22 16:07 - 2013-07-22 16:08 - 00288924 _____ C:\Windows\msxml4-KB973688-enu.LOG
2013-07-22 07:22 - 2011-04-09 07:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2013-07-19 16:24 - 2013-07-19 16:25 - 00000000 ____D C:\Program Files\NirSoft
2013-07-19 16:23 - 2013-07-19 16:23 - 00128202 _____ C:\Users\Herbar\Downloads\mailpv_setup.exe
2013-07-19 12:25 - 2013-07-19 12:25 - 01187129 _____ C:\Upload_UsbFix.zip
2013-07-19 12:16 - 2013-07-19 12:16 - 01030081 _____ (El Desaparecido - SosVirus.net) C:\Users\Herbar\Downloads\usbfix.exe
2013-07-19 11:44 - 2012-02-15 07:44 - 00826368 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2013-07-19 11:44 - 2012-02-15 06:22 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2013-07-19 11:44 - 2012-02-15 06:22 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2013-07-19 11:44 - 2010-01-09 08:52 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\cabview.dll
2013-07-19 11:07 - 2012-06-03 00:19 - 01933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-07-19 11:07 - 2012-06-03 00:19 - 00053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-07-19 11:07 - 2012-06-03 00:19 - 00045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2013-07-19 11:07 - 2012-06-03 00:12 - 02422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-07-19 11:06 - 2012-06-03 00:19 - 00577048 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-07-19 11:06 - 2012-06-03 00:19 - 00035864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2013-07-19 11:06 - 2012-06-03 00:12 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-07-19 11:06 - 2012-06-02 15:19 - 00171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-07-19 11:06 - 2012-06-02 15:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-07-19 11:03 - 2013-07-19 11:03 - 00002154 _____ C:\Windows\epplauncher.mif
2013-07-19 11:03 - 2013-07-19 11:03 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-07-19 11:03 - 2010-04-09 09:24 - 01285000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-07-19 11:03 - 2010-04-09 09:24 - 00240008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2013-07-19 10:58 - 2013-07-19 10:58 - 04396440 _____ (Piriform Ltd) C:\Users\Herbar\Downloads\ccsetup403.exe
2013-07-19 10:39 - 2013-07-19 10:40 - 11120080 _____ (Microsoft Corporation) C:\Users\Herbar\Downloads\mseinstall.exe
2013-07-19 09:26 - 2013-07-19 09:26 - 00031517 _____ C:\Users\Mirek Michalak\Downloads\sleep.zip
2013-07-19 08:50 - 2013-07-19 08:50 - 00000151 _____ C:\Windows\ODBC.INI
2013-07-19 08:49 - 2013-07-19 08:49 - 00002709 _____ C:\Users\Public\Desktop\Comarch OPT!MA.lnk
2013-07-19 08:47 - 2013-07-19 08:49 - 00000000 ___RD C:\Program Files\CDN OPT!MA
2013-07-19 08:47 - 2013-07-19 08:47 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2013-07-19 08:47 - 2013-07-19 08:47 - 00000000 ____D C:\Program Files\Business Objects
2013-07-19 08:46 - 2013-07-19 08:46 - 00006056 _____ C:\Windows\aksdrvsetup.log
2013-07-19 08:46 - 2013-07-19 08:46 - 00000000 ____D C:\Program Files\MSXML 4.0
2013-07-19 08:46 - 2013-07-19 08:46 - 00000000 ____D C:\Program Files\MSSOAP
2013-07-19 08:46 - 2009-06-10 23:42 - 00002577 _____ C:\Windows\system32\config.hsp
2013-07-19 08:46 - 2006-11-22 10:01 - 00693760 _____ (Aladdin Knowledge Systems Ltd.) C:\Windows\system32\Drivers\hardlock.sys
2013-07-19 08:15 - 2013-07-19 08:15 - 00000000 ____D C:\Windows\pss
2013-07-17 12:43 - 2013-07-17 12:43 - 00000648 _____ C:\Users\Mirek Michalak\Desktop\Mirek na HP.lnk
2013-07-11 14:39 - 2013-07-11 14:39 - 202869621 _____ C:\Windows\MEMORY.DMP
2013-07-11 14:39 - 2013-07-11 14:39 - 00159480 _____ C:\Windows\Minidump\071113-22401-01.dmp
2013-07-11 14:39 - 2013-07-11 14:39 - 00000000 ____D C:\Windows\Minidump
2013-06-28 16:37 - 2013-06-28 16:37 - 00232541 _____ C:\Users\Mirek Michalak\Downloads\Zalacznik_1_wniosek_excel_2007.zip
2013-06-28 11:50 - 2013-06-28 12:25 - 00000000 ____D C:\Program Files\Mozilla Thunderbird

==================== One Month Modified Files and Folders =======

2013-07-25 10:15 - 2013-07-25 10:15 - 00000000 ____D C:\FRST
2013-07-25 10:14 - 2013-07-25 10:14 - 01220306 _____ (Farbar) C:\Users\Herbar\Downloads\FRST.exe
2013-07-25 10:12 - 2013-07-25 10:12 - 00015913 _____ C:\Users\Herbar\Desktop\OTLogs.zip
2013-07-25 10:12 - 2012-11-30 11:17 - 00000000 ___RD C:\Users\Herbar\Desktop
2013-07-25 10:01 - 2013-07-25 10:01 - 01005568 _____ (Microsoft Corporation) C:\Users\Herbar\Downloads\dotNetFx45_Full_setup.exe
2013-07-25 09:58 - 2013-07-25 09:58 - 02869264 _____ (Microsoft Corporation) C:\Users\Herbar\Downloads\dotNetFx35setup.exe
2013-07-25 09:51 - 2013-07-25 10:12 - 00053890 _____ C:\Users\Herbar\Desktop\OTL.Txt
2013-07-25 09:51 - 2013-07-25 10:12 - 00047228 _____ C:\Users\Herbar\Desktop\Extras.Txt
2013-07-25 09:51 - 2013-07-25 09:51 - 00053890 _____ C:\Users\Herbar\Downloads\OTL.Txt
2013-07-25 09:51 - 2013-07-25 09:51 - 00047228 _____ C:\Users\Herbar\Downloads\Extras.Txt
2013-07-25 09:48 - 2013-07-25 09:48 - 00602112 _____ (OldTimer Tools) C:\Users\Herbar\Downloads\OTL.exe
2013-07-25 09:48 - 2013-07-25 09:46 - 158286653 _____ C:\Users\Herbar\Downloads\Windows6.1-KB947821-v27-x86.msu
2013-07-25 09:45 - 2012-11-30 13:02 - 00000000 ____D C:\Users\Herbar\AppData\Roaming\Skype
2013-07-25 09:33 - 2013-07-25 09:32 - 00000050 _____ C:\Users\Herbar\Downloads\null
2013-07-25 09:32 - 2013-07-25 09:32 - 00029696 _____ C:\Users\Herbar\Downloads\CBSFilter.exe
2013-07-25 09:32 - 2013-07-25 09:25 - 563934504 _____ (Microsoft Corporation) C:\Users\Herbar\Downloads\windows6.1-KB976932-X86.exe
2013-07-25 09:23 - 2013-07-25 09:22 - 00000000 ____D C:\UsbFix
2013-07-25 09:22 - 2013-07-25 09:22 - 01030081 _____ (El Desaparecido - SosVirus.net) C:\Users\Herbar\Downloads\UsbFix (1).exe
2013-07-25 09:06 - 2013-07-25 09:04 - 94088076 _____ C:\Users\Herbar\Downloads\ostropest.zip
2013-07-25 08:16 - 2012-11-30 11:19 - 01523412 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-25 08:16 - 2009-07-14 10:07 - 00687590 _____ C:\Windows\system32\perfh015.dat
2013-07-25 08:16 - 2009-07-14 10:07 - 00131176 _____ C:\Windows\system32\perfc015.dat
2013-07-25 08:06 - 2009-07-14 06:34 - 00019904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-25 08:06 - 2009-07-14 06:34 - 00019904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-25 08:02 - 2012-11-30 11:10 - 01371282 _____ C:\Windows\WindowsUpdate.log
2013-07-25 07:51 - 2012-11-30 12:03 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-25 07:51 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-25 07:51 - 2009-07-14 06:39 - 00044787 _____ C:\Windows\setupact.log
2013-07-24 17:19 - 2013-07-24 17:18 - 00173620 _____ C:\Users\Herbar\Downloads\WindowsUpdateDiagnostic.diagcab
2013-07-24 17:14 - 2009-07-14 06:33 - 00412056 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-24 17:05 - 2009-07-14 10:28 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-24 17:05 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\pl-PL
2013-07-24 17:05 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\DriverStore
2013-07-24 17:05 - 2009-07-14 04:37 - 00000000 ____D C:\Program Files\Common Files\System
2013-07-24 16:32 - 2013-02-21 11:12 - 00001052 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-24 16:30 - 2012-12-03 11:36 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-24 16:10 - 2013-07-23 16:11 - 00000000 ____D C:\e695489a95cfa745611cc8c4d98f1d
2013-07-24 16:10 - 2013-03-07 10:01 - 00000000 ____D C:\Users\Gość
2013-07-24 16:10 - 2013-02-20 10:49 - 00000000 ____D C:\Users\Mirek Michalak
2013-07-24 16:10 - 2012-11-30 11:17 - 00000000 ____D C:\Users\Herbar
2013-07-24 16:10 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\wfp
2013-07-24 16:10 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\MUI
2013-07-24 16:10 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2013-07-24 16:10 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\AppCompat
2013-07-24 16:10 - 2009-07-14 04:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-07-24 16:09 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\registration
2013-07-23 16:11 - 2013-07-23 16:11 - 00000000 ____D C:\Windows\system32\EventProviders
2013-07-23 16:11 - 2012-11-30 11:37 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-23 15:53 - 2009-07-14 04:04 - 00000478 _____ C:\Windows\win.ini
2013-07-23 11:50 - 2013-07-23 11:50 - 00000000 ____D C:\Users\Herbar\AppData\Roaming\Comarch
2013-07-23 10:42 - 2012-11-30 13:01 - 00000000 ____D C:\ProgramData\Skype
2013-07-23 10:41 - 2013-07-23 10:41 - 23687168 _____ C:\Users\Herbar\Downloads\SkypeSetup(dobreprogramy.pl).msi
2013-07-23 10:41 - 2013-07-23 10:41 - 00002503 _____ C:\Users\Public\Desktop\Skype.lnk
2013-07-23 10:41 - 2013-07-23 10:41 - 00000000 ___RD C:\Program Files\Skype
2013-07-23 10:41 - 2013-07-23 10:41 - 00000000 ____D C:\Program Files\Common Files\Skype
2013-07-23 10:41 - 2013-07-23 10:40 - 00715888 _____ C:\Users\Herbar\Downloads\Skype(13018) (1).exe
2013-07-23 10:41 - 2009-07-14 04:37 - 00000000 __RHD C:\Users\Public\Desktop
2013-07-23 10:40 - 2013-07-23 10:40 - 00000000 ____D C:\Windows\system32\searchplugins
2013-07-23 10:40 - 2013-07-23 10:40 - 00000000 ____D C:\Windows\system32\Extensions
2013-07-23 10:40 - 2013-07-23 10:40 - 00000000 ____D C:\Users\Herbar\AppData\Roaming\Babylon
2013-07-23 10:40 - 2013-07-23 10:40 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-07-23 10:40 - 2013-07-23 10:40 - 00000000 ____D C:\ProgramData\Babylon
2013-07-23 10:40 - 2013-07-23 10:40 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-07-23 10:39 - 2013-07-23 10:39 - 00715888 _____ C:\Users\Herbar\Downloads\Skype(13018).exe
2013-07-23 08:32 - 2013-02-21 11:12 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-23 07:55 - 2013-02-21 11:12 - 00108824 _____ C:\Users\Mirek Michalak\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-23 06:36 - 2012-11-30 11:22 - 00108824 _____ C:\Users\Herbar\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-23 06:26 - 2012-11-30 11:48 - 00285534 _____ C:\Windows\PFRO.log
2013-07-22 16:26 - 2013-07-22 16:26 - 00000000 ____D C:\Program Files\Microsoft CAPICOM 2.1.0.2
2013-07-22 16:17 - 2013-07-22 16:15 - 00004610 _____ C:\Windows\IE9_main.log
2013-07-22 16:12 - 2012-11-30 11:38 - 00000000 ____D C:\Program Files\Microsoft Works
2013-07-22 16:11 - 2013-07-22 16:11 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-07-22 16:11 - 2013-07-22 16:11 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-07-22 16:08 - 2013-07-22 16:08 - 00286330 _____ C:\Windows\msxml4-KB954430-enu.LOG
2013-07-22 16:08 - 2013-07-22 16:07 - 00288924 _____ C:\Windows\msxml4-KB973688-enu.LOG
2013-07-19 16:25 - 2013-07-19 16:24 - 00000000 ____D C:\Program Files\NirSoft
2013-07-19 16:23 - 2013-07-19 16:23 - 00128202 _____ C:\Users\Herbar\Downloads\mailpv_setup.exe
2013-07-19 12:25 - 2013-07-19 12:25 - 01187129 _____ C:\Upload_UsbFix.zip
2013-07-19 12:16 - 2013-07-19 12:16 - 01030081 _____ (El Desaparecido - SosVirus.net) C:\Users\Herbar\Downloads\usbfix.exe
2013-07-19 11:49 - 2012-11-30 12:02 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-07-19 11:13 - 2013-02-20 10:49 - 00000000 ___RD C:\Users\Mirek Michalak\Desktop
2013-07-19 11:03 - 2013-07-19 11:03 - 00002154 _____ C:\Windows\epplauncher.mif
2013-07-19 11:03 - 2013-07-19 11:03 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-07-19 11:01 - 2012-11-30 12:15 - 00000000 ____D C:\ProgramData\G DATA
2013-07-19 11:01 - 2012-11-30 12:15 - 00000000 ____D C:\Program Files\G Data
2013-07-19 10:58 - 2013-07-19 10:58 - 04396440 _____ (Piriform Ltd) C:\Users\Herbar\Downloads\ccsetup403.exe
2013-07-19 10:42 - 2012-11-30 12:14 - 00000000 ____D C:\Users\Herbar\AppData\Local\Downloaded Installations
2013-07-19 10:40 - 2013-07-19 10:39 - 11120080 _____ (Microsoft Corporation) C:\Users\Herbar\Downloads\mseinstall.exe
2013-07-19 09:34 - 2012-11-30 11:17 - 00000000 ____D C:\Users\Herbar\AppData\Local\VirtualStore
2013-07-19 09:27 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system
2013-07-19 09:26 - 2013-07-19 09:26 - 00031517 _____ C:\Users\Mirek Michalak\Downloads\sleep.zip
2013-07-19 08:51 - 2009-07-14 06:53 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-19 08:50 - 2013-07-19 08:50 - 00000151 _____ C:\Windows\ODBC.INI
2013-07-19 08:49 - 2013-07-19 08:49 - 00002709 _____ C:\Users\Public\Desktop\Comarch OPT!MA.lnk
2013-07-19 08:49 - 2013-07-19 08:47 - 00000000 ___RD C:\Program Files\CDN OPT!MA
2013-07-19 08:49 - 2009-07-14 04:04 - 00017486 _____ C:\Windows\system32\Drivers\etc\services
2013-07-19 08:47 - 2013-07-19 08:47 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2013-07-19 08:47 - 2013-07-19 08:47 - 00000000 ____D C:\Program Files\Business Objects
2013-07-19 08:46 - 2013-07-19 08:46 - 00006056 _____ C:\Windows\aksdrvsetup.log
2013-07-19 08:46 - 2013-07-19 08:46 - 00000000 ____D C:\Program Files\MSXML 4.0
2013-07-19 08:46 - 2013-07-19 08:46 - 00000000 ____D C:\Program Files\MSSOAP
2013-07-19 08:46 - 2009-07-14 04:04 - 00002624 _____ C:\Windows\system32\config.nt
2013-07-19 08:44 - 2012-11-30 11:49 - 00000000 ____D C:\Program Files\Common Files\InstallShield
2013-07-19 08:15 - 2013-07-19 08:15 - 00000000 ____D C:\Windows\pss
2013-07-17 12:43 - 2013-07-17 12:43 - 00000648 _____ C:\Users\Mirek Michalak\Desktop\Mirek na HP.lnk
2013-07-15 08:35 - 2013-02-21 11:14 - 00002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-11 14:39 - 2013-07-11 14:39 - 202869621 _____ C:\Windows\MEMORY.DMP
2013-07-11 14:39 - 2013-07-11 14:39 - 00159480 _____ C:\Windows\Minidump\071113-22401-01.dmp
2013-07-11 14:39 - 2013-07-11 14:39 - 00000000 ____D C:\Windows\Minidump
2013-07-11 11:25 - 2013-03-15 08:58 - 00000000 ____D C:\Users\Mirek Michalak\Desktop\Nowy folder
2013-07-08 13:13 - 2012-12-10 09:46 - 00000000 ____D C:\Users\Herbar\Desktop\TRANSPORT
2013-06-28 16:37 - 2013-06-28 16:37 - 00232541 _____ C:\Users\Mirek Michalak\Downloads\Zalacznik_1_wniosek_excel_2007.zip
2013-06-28 16:37 - 2013-02-20 10:49 - 00000000 ____D C:\Users\Mirek Michalak\AppData\Local\VirtualStore
2013-06-28 16:32 - 2012-12-13 14:56 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-06-28 12:25 - 2013-06-28 11:50 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
2013-06-28 12:25 - 2013-05-15 08:17 - 00000000 ____D C:\Program Files\Mozilla Thunderbird.bak
2013-06-28 09:54 - 2013-03-13 15:46 - 00000000 ____D C:\Program Files\Java
2013-06-28 09:54 - 2009-07-14 10:27 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-06-28 09:54 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF
2013-06-28 09:53 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\LogFiles

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-23 07:36

==================== End Of Log ============================