Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-10-2013 Ran by Paulina (administrator) on LAPTOP on 04-10-2013 13:49:57 Running from E:\ Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Polish Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) =================== (Microsoft Corporation) C:\Windows\system32\WLANExt.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Microsoft Corporation) C:\Windows\system32\PrintIsolationHost.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe (Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidFind.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apntex.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [501104 2011-03-29] (Alps Electric Co., Ltd.) HKLM\...\Run: [Broadcom Wireless Manager UI] - C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [5941760 2012-04-21] (Dell Inc.) HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] () HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com SearchScopes: HKLM - DefaultScope value is missing. BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: IplexToALLPlayer - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~1\ALLPLA~1\Iplex\IPLEXT~1.DLL (ALLCinema Ltd.) DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) Hosts: 127.0.0.1 localhost Tcpip\Parameters: [DhcpNameServer] 192.168.1.100 Chrome: ======= CHR Extension: (Przelewy24) - C:\Users\Paulina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiicmmpkicnndkhlnnloilpgncbpkbjj\6.5_0 CHR Extension: (YouTube) - C:\Users\Paulina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Google Search) - C:\Users\Paulina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (Chrome In-App Payments service) - C:\Users\Paulina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0 CHR Extension: (Gmail) - C:\Users\Paulina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1 ========================== Services (Whitelisted) ================= R2 AVP; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-06-17] (Kaspersky Lab ZAO) S4 Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.) S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [276248 2012-03-19] (Intel Corporation) S4 Internet w Cyfrowym Polsacie. RunOuc; C:\Program Files\Internet w Cyfrowym Polsacie\UpdateDog\ouc.exe [246112 2013-01-18] () R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) S4 Mobile Partner. RunOuc; C:\Program Files\Mobile Partner\UpdateDog\ouc.exe [655744 2012-09-22] () S4 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) S2 HWDeviceService.exe; "C:\ProgramData\DatacardService\HWDeviceService.exe" -/service [x] S2 PLAY ONLINE. RunOuc; C:\Program Files\PLAY ONLINE\UpdateDog\ouc.exe [x] ==================== Drivers (Whitelisted) ==================== S3 BCM42RLY; C:\Windows\System32\drivers\BCM42RLY.sys [18496 2012-04-21] (Broadcom Corporation) R3 BTWAMPFL; C:\Windows\System32\DRIVERS\btwampfl.sys [302120 2011-02-08] (Broadcom Corporation.) R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation) S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [65896 2013-07-25] (FTDI Ltd.) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [135776 2013-05-06] (Kaspersky Lab ZAO) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [573536 2013-08-29] (Kaspersky Lab ZAO) R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [25696 2013-06-10] (Kaspersky Lab ZAO) R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [25696 2013-05-05] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [25696 2013-05-05] (Kaspersky Lab ZAO) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [14432 2013-04-12] (Kaspersky Lab ZAO) R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [45024 2013-05-14] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [145120 2013-06-06] (Kaspersky Lab ZAO) S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [77528 2013-10-04] (MalwareBytes) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation) R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [41088 2010-10-19] (Intel Corporation) U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation) S3 BTATH_BUS; system32\DRIVERS\btath_bus.sys [x] S3 catchme; \??\C:\Users\Paulina\AppData\Local\Temp\catchme.sys [x] S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [x] S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [x] S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [x] S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [x] S3 huawei_cdcecm; system32\DRIVERS\ew_jucdcecm.sys [x] S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [x] S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [x] S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [x] S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [x] U5 klflt; C:\Windows\System32\Drivers\klflt.sys [94304 2013-06-08] (Kaspersky Lab ZAO) U3 TrueSight; \??\C:\Windows\system32\TrueSight.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-10-04 13:41 - 2013-10-04 13:41 - 00000000 ____D C:\FRST 2013-10-04 13:29 - 2013-10-04 13:29 - 00000000 ____D C:\Users\av\AppData\Local\CrashDumps 2013-10-04 13:26 - 2013-10-04 13:25 - 00377856 _____ C:\Users\av\Desktop\g2mzy9lz.exe 2013-10-04 13:22 - 2013-10-04 13:22 - 00148648 _____ C:\Windows\Minidump\100413-24055-01.dmp 2013-10-04 13:16 - 2013-10-04 11:41 - 262852608 _____ (Kaspersky Lab) C:\Users\av\Desktop\kis14.0.0.4651pl-pl.exe 2013-10-04 13:14 - 2013-10-04 13:14 - 00001381 _____ C:\Users\av\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2013-10-04 13:14 - 2013-10-04 13:14 - 00000000 ____D C:\Users\av\AppData\Roaming\Adobe 2013-10-04 13:13 - 2013-10-04 13:15 - 00000000 ____D C:\Users\av 2013-10-04 13:13 - 2013-10-04 13:13 - 00000020 ___SH C:\Users\av\ntuser.ini 2013-10-04 13:13 - 2013-10-04 13:13 - 00000000 _SHDL C:\Users\av\Ustawienia lokalne 2013-10-04 13:13 - 2013-10-04 13:13 - 00000000 _SHDL C:\Users\av\Szablony 2013-10-04 13:13 - 2013-10-04 13:13 - 00000000 _SHDL C:\Users\av\Moje dokumenty 2013-10-04 13:13 - 2013-10-04 13:13 - 00000000 _SHDL C:\Users\av\Menu Start 2013-10-04 13:13 - 2013-10-04 13:13 - 00000000 _SHDL C:\Users\av\Documents\Moje wideo 2013-10-04 13:13 - 2013-10-04 13:13 - 00000000 _SHDL C:\Users\av\Documents\Moje obrazy 2013-10-04 13:13 - 2013-10-04 13:13 - 00000000 _SHDL C:\Users\av\Documents\Moja muzyka 2013-10-04 13:13 - 2013-10-04 13:13 - 00000000 _SHDL C:\Users\av\Dane aplikacji 2013-10-04 13:13 - 2013-10-04 13:13 - 00000000 _SHDL C:\Users\av\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2013-10-04 13:13 - 2013-10-04 13:13 - 00000000 _SHDL C:\Users\av\AppData\Local\Historia 2013-10-04 13:13 - 2013-10-04 13:13 - 00000000 _SHDL C:\Users\av\AppData\Local\Dane aplikacji 2013-10-04 13:13 - 2013-10-04 13:13 - 00000000 ____D C:\Users\av\AppData\Local\VirtualStore 2013-10-04 13:13 - 2013-07-02 23:57 - 00001839 _____ C:\Users\av\Desktop\ib.lnk 2013-10-04 13:13 - 2013-07-02 23:57 - 00000000 ____D C:\Users\av\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OLYMPUS ib 2013-10-04 13:13 - 2013-03-17 20:10 - 00000000 ____D C:\Users\av\AppData\Roaming\Macromedia 2013-10-04 13:13 - 2012-05-12 10:50 - 00000000 ____D C:\Users\av\AppData\Local\Microsoft Help 2013-10-04 13:13 - 2009-07-14 06:42 - 00000000 ___RD C:\Users\av\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2013-10-04 13:13 - 2009-07-14 06:37 - 00000000 ___RD C:\Users\av\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2013-10-04 13:08 - 2013-10-04 13:08 - 00152776 _____ C:\Windows\Minidump\100413-40591-01.dmp 2013-10-04 13:07 - 2013-10-04 13:07 - 00001054 _____ C:\Users\Public\Desktop\Kaspersky Internet Security.lnk 2013-10-04 13:05 - 2013-10-04 13:50 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2013-10-04 13:05 - 2013-10-04 13:05 - 00000000 ____D C:\Windows\ELAMBKUP 2013-10-04 13:05 - 2013-10-04 13:05 - 00000000 ____D C:\Program Files\Kaspersky Lab 2013-10-04 13:04 - 2013-08-29 11:45 - 00573536 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys 2013-10-04 13:04 - 2013-06-08 20:18 - 00094304 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys 2013-10-04 13:03 - 2013-10-04 13:03 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files 2013-10-04 13:02 - 2013-10-04 11:41 - 262852608 _____ (Kaspersky Lab) C:\Users\Paulina\Desktop\kis14.0.0.4651pl-pl.exe 2013-10-04 11:41 - 2013-10-04 11:41 - 00148648 _____ C:\Windows\Minidump\100413-27502-01.dmp 2013-10-04 11:34 - 2013-10-04 11:34 - 00148648 _____ C:\Windows\Minidump\100413-18876-01.dmp 2013-10-04 11:15 - 2013-10-04 11:18 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2013-10-04 11:14 - 2013-10-04 11:14 - 00077528 _____ (MalwareBytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2013-10-04 10:58 - 2013-10-04 10:58 - 00000000 ____D C:\TDSSKiller_Quarantine 2013-10-04 10:48 - 2013-10-04 10:48 - 00148648 _____ C:\Windows\Minidump\100413-33306-01.dmp 2013-10-04 10:41 - 2013-10-04 10:41 - 00000000 ____D C:\Windows\pss 2013-10-04 10:37 - 2013-10-04 10:37 - 00148648 _____ C:\Windows\Minidump\100413-29936-01.dmp 2013-10-04 10:31 - 2013-10-04 10:31 - 00148648 _____ C:\Windows\Minidump\100413-27861-01.dmp 2013-10-03 16:29 - 2013-10-03 16:30 - 00148648 _____ C:\Windows\Minidump\100313-28142-01.dmp 2013-10-03 16:24 - 2013-10-03 16:24 - 00148648 _____ C:\Windows\Minidump\100313-29655-01.dmp 2013-10-03 16:19 - 2013-10-03 16:19 - 00148648 _____ C:\Windows\Minidump\100313-27861-01.dmp 2013-10-03 16:14 - 2013-10-03 16:14 - 00148648 _____ C:\Windows\Minidump\100313-27565-01.dmp 2013-10-03 15:53 - 2013-10-03 15:53 - 00148648 _____ C:\Windows\Minidump\100313-16832-01.dmp 2013-10-03 15:38 - 2013-10-03 15:40 - 00002110 _____ C:\Users\Paulina\Desktop\Rkill.txt 2013-10-02 16:19 - 2013-10-02 16:19 - 00148648 _____ C:\Windows\Minidump\100213-57455-01.dmp 2013-10-02 16:12 - 2013-10-02 16:13 - 00148648 _____ C:\Windows\Minidump\100213-59124-01.dmp 2013-10-02 16:05 - 2013-10-02 16:05 - 00003536 ____N C:\bootsqm.dat 2013-10-02 14:38 - 2013-10-02 14:38 - 00148648 _____ C:\Windows\Minidump\100213-39390-01.dmp 2013-10-02 14:36 - 2013-10-02 14:36 - 00000000 ____D C:\Users\Paulina\AppData\Roaming\Malwarebytes 2013-10-02 14:35 - 2013-10-04 02:41 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware 2013-10-02 14:35 - 2013-10-02 14:35 - 00001027 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-10-02 14:35 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2013-10-02 14:15 - 2013-10-04 11:14 - 00000000 ____D C:\Users\Paulina\Desktop\mbar 2013-10-02 14:15 - 2013-10-02 14:15 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-10-02 13:55 - 2013-10-04 02:41 - 00000000 ____D C:\Users\Paulina\Desktop\RK_Quarantine 2013-10-02 13:45 - 2013-10-02 13:46 - 00148648 _____ C:\Windows\Minidump\100213-33477-01.dmp 2013-10-02 13:40 - 2013-10-02 13:41 - 00148648 _____ C:\Windows\Minidump\100213-73133-01.dmp 2013-10-02 13:38 - 2013-10-02 13:38 - 00000000 ____D C:\Windows\ERUNT 2013-10-02 13:29 - 2013-10-02 13:30 - 00000000 ____D C:\AdwCleaner 2013-10-02 13:27 - 2013-10-02 13:27 - 00013339 _____ C:\ComboFix.txt 2013-10-02 13:12 - 2013-10-02 13:27 - 00000000 ____D C:\Qoobox 2013-10-02 13:12 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe 2013-10-02 13:12 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe 2013-10-02 13:12 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2013-10-02 13:12 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2013-10-02 13:12 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2013-10-02 13:12 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe 2013-10-02 13:12 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe 2013-10-02 13:12 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe 2013-10-02 13:11 - 2013-10-04 02:41 - 00000000 ____D C:\Windows\erdnt 2013-10-02 13:09 - 2013-10-02 14:45 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0 2013-10-02 13:03 - 2013-10-02 13:03 - 00148648 _____ C:\Windows\Minidump\100213-23665-01.dmp 2013-10-02 11:00 - 2013-10-02 11:00 - 00148648 _____ C:\Windows\Minidump\100213-18704-01.dmp 2013-10-01 08:47 - 2013-10-01 08:48 - 00148648 _____ C:\Windows\Minidump\100113-28329-01.dmp 2013-09-30 22:03 - 2013-09-30 22:03 - 00148648 _____ C:\Windows\Minidump\093013-31933-01.dmp 2013-09-30 21:58 - 2013-09-30 21:58 - 00148648 _____ C:\Windows\Minidump\093013-32339-01.dmp 2013-09-30 21:53 - 2013-09-30 21:53 - 00148648 _____ C:\Windows\Minidump\093013-31995-01.dmp 2013-09-30 21:49 - 2013-09-30 21:49 - 00148648 _____ C:\Windows\Minidump\093013-30669-01.dmp 2013-09-30 21:44 - 2013-09-30 21:44 - 00148648 _____ C:\Windows\Minidump\093013-31278-02.dmp 2013-09-30 21:39 - 2013-09-30 21:39 - 00148648 _____ C:\Windows\Minidump\093013-32526-01.dmp 2013-09-30 21:34 - 2013-09-30 21:35 - 00148648 _____ C:\Windows\Minidump\093013-31652-01.dmp 2013-09-30 21:30 - 2013-09-30 21:30 - 00148648 _____ C:\Windows\Minidump\093013-32448-01.dmp 2013-09-30 21:25 - 2013-09-30 21:25 - 00148648 _____ C:\Windows\Minidump\093013-31839-01.dmp 2013-09-30 21:20 - 2013-09-30 21:21 - 00148648 _____ C:\Windows\Minidump\093013-31683-01.dmp 2013-09-30 21:16 - 2013-09-30 21:16 - 00148648 _____ C:\Windows\Minidump\093013-33212-01.dmp 2013-09-30 21:11 - 2013-09-30 21:11 - 00148648 _____ C:\Windows\Minidump\093013-31964-02.dmp 2013-09-30 21:06 - 2013-09-30 21:06 - 00148648 _____ C:\Windows\Minidump\093013-31325-01.dmp 2013-09-30 21:01 - 2013-09-30 21:02 - 00148648 _____ C:\Windows\Minidump\093013-31590-01.dmp 2013-09-30 20:57 - 2013-09-30 20:57 - 00148648 _____ C:\Windows\Minidump\093013-31106-01.dmp 2013-09-30 20:52 - 2013-09-30 20:52 - 00148648 _____ C:\Windows\Minidump\093013-32385-01.dmp 2013-09-30 20:47 - 2013-09-30 20:48 - 00148648 _____ C:\Windows\Minidump\093013-32947-01.dmp 2013-09-30 20:43 - 2013-09-30 20:43 - 00148648 _____ C:\Windows\Minidump\093013-32744-01.dmp 2013-09-30 20:38 - 2013-09-30 20:38 - 00148648 _____ C:\Windows\Minidump\093013-30966-01.dmp 2013-09-30 20:33 - 2013-09-30 20:33 - 00148648 _____ C:\Windows\Minidump\093013-31949-01.dmp 2013-09-30 20:28 - 2013-09-30 20:29 - 00148648 _____ C:\Windows\Minidump\093013-30700-01.dmp 2013-09-30 20:24 - 2013-09-30 20:24 - 00148648 _____ C:\Windows\Minidump\093013-31262-01.dmp 2013-09-30 20:19 - 2013-09-30 20:19 - 00148648 _____ C:\Windows\Minidump\093013-33821-01.dmp 2013-09-30 20:14 - 2013-09-30 20:15 - 00148648 _____ C:\Windows\Minidump\093013-31403-01.dmp 2013-09-30 20:10 - 2013-09-30 20:10 - 00148648 _____ C:\Windows\Minidump\093013-31122-01.dmp 2013-09-30 20:05 - 2013-09-30 20:05 - 00148648 _____ C:\Windows\Minidump\093013-24460-01.dmp 2013-09-30 20:01 - 2013-09-30 20:01 - 00148648 _____ C:\Windows\Minidump\093013-26254-01.dmp 2013-09-30 19:56 - 2013-09-30 19:57 - 00148648 _____ C:\Windows\Minidump\093013-27097-01.dmp 2013-09-30 19:52 - 2013-09-30 19:52 - 00148648 _____ C:\Windows\Minidump\093013-27596-01.dmp 2013-09-30 17:41 - 2013-09-30 17:41 - 00000000 ____D C:\Program Files\ESET 2013-09-30 17:40 - 2013-09-30 17:41 - 02347384 _____ (ESET) C:\Users\Paulina\Downloads\esetsmartinstaller_plk (4).exe 2013-09-30 17:39 - 2013-10-04 02:41 - 00000000 ____D C:\Users\Paulina\AppData\Roaming\ArcaVirMicroScan 2013-09-30 17:39 - 2013-09-30 17:39 - 00258640 _____ (ArcaBit) C:\Users\Paulina\Downloads\arcavirmicroscan.exe 2013-09-29 21:50 - 2013-09-29 21:50 - 02347384 _____ (ESET) C:\Users\Paulina\Downloads\esetsmartinstaller_plk (3).exe 2013-09-29 21:44 - 2013-09-29 21:44 - 02347384 _____ (ESET) C:\Users\Paulina\Downloads\esetsmartinstaller_plk (2).exe 2013-09-29 21:44 - 2013-09-29 21:44 - 02347384 _____ (ESET) C:\Users\Paulina\Downloads\esetsmartinstaller_plk (1).exe 2013-09-29 21:37 - 2013-09-29 21:37 - 02347384 _____ (ESET) C:\Users\Paulina\Downloads\esetsmartinstaller_plk.exe 2013-09-29 21:33 - 2013-10-04 02:41 - 00000000 ____D C:\ProgramData\OnlineUpdate 2013-09-29 21:33 - 2013-09-29 21:33 - 00000000 ____D C:\ProgramData\log 2013-09-29 21:09 - 2013-09-29 21:09 - 00000000 ___HD C:\Windows\AxInstSV 2013-09-29 21:09 - 2013-09-29 21:09 - 00000000 ____D C:\Program Files\SkanerOnline 2013-09-29 19:39 - 2013-09-29 19:39 - 00000000 ____D C:\Users\Paulina\Desktop\Ramones - Rockaway Beach (Drums Backing Track Cover)_data 2013-09-29 19:34 - 2013-09-29 19:47 - 00000000 ____D C:\Users\Paulina\Desktop\rockaway beach 2013-09-29 18:49 - 2013-10-04 02:41 - 00000000 ____D C:\Program Files\VstPlugins 2013-09-29 18:49 - 2013-09-29 18:49 - 00000000 ____D C:\Program Files\Toontrack 2013-09-29 17:57 - 2013-10-04 02:41 - 00000000 ____D C:\Users\Paulina\Desktop\EZDrummer 2013-09-29 15:24 - 2013-10-04 02:41 - 00000000 ____D C:\Users\Paulina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2 2013-09-29 15:24 - 2013-10-04 02:41 - 00000000 ____D C:\Program Files\ASIO4ALL v2 2013-09-29 15:24 - 2013-09-29 15:24 - 00001056 _____ C:\Users\Paulina\Desktop\ASIO4ALL v2 Instruction Manual.lnk 2013-09-29 15:23 - 2013-09-29 15:23 - 00413183 _____ C:\Users\Paulina\Desktop\ASIO4ALL_2_9_English.exe 2013-09-29 15:04 - 2013-10-04 02:41 - 00000000 ____D C:\Users\Paulina\Desktop\REAPER 2013-09-29 14:41 - 2013-09-29 15:01 - 74907648 _____ (Cockos Incorporated) C:\Users\Paulina\Desktop\REAPER.exe 2013-09-29 14:32 - 2013-10-04 02:41 - 00000000 ____D C:\Users\Paulina\AppData\Roaming\REAPER 2013-09-29 14:32 - 2013-09-29 14:41 - 00000000 ____D C:\Program Files\REAPER 2013-09-29 13:57 - 2013-09-29 13:57 - 00048271 _____ C:\Users\Paulina\Desktop\Turbonegro - Good Head perkusja midi.mid 2013-09-28 18:48 - 2013-09-28 18:48 - 00027876 _____ C:\Users\Paulina\Desktop\Turbonegro - Good Head v1.gp4 2013-09-28 16:06 - 2013-09-28 16:16 - 246185648 _____ (Kaspersky Lab) C:\Users\Paulina\Downloads\kav14.0.0.4651pl-pl (1).exe 2013-09-28 15:21 - 2013-09-28 15:27 - 246185648 _____ (Kaspersky Lab) C:\Users\Paulina\Downloads\kav14.0.0.4651pl-pl.exe 2013-09-25 22:40 - 2013-09-25 22:40 - 00000000 ____D C:\Users\Paulina\Documents\Media Go 2013-09-25 22:39 - 2013-10-04 02:41 - 00000000 ____D C:\Users\Paulina\AppData\Local\Sony 2013-09-25 22:39 - 2013-09-25 22:39 - 00001815 _____ C:\Users\Public\Desktop\Media Go.lnk 2013-09-25 22:38 - 2013-10-04 02:41 - 00000000 ____D C:\Program Files\Common Files\Sony Shared 2013-09-25 22:38 - 2013-09-25 22:38 - 00000000 ____D C:\ProgramData\Sony Corporation 2013-09-25 22:36 - 2013-10-04 02:41 - 00000000 ____D C:\Program Files\Sony Media Go Install 2013-09-25 22:36 - 2013-09-25 22:40 - 00000000 ____D C:\Users\Paulina\AppData\Roaming\Sony 2013-09-25 22:31 - 2013-09-25 22:31 - 00002004 _____ C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk 2013-09-25 22:30 - 2013-09-25 22:39 - 00000000 ____D C:\Program Files\Sony 2013-09-25 22:30 - 2013-09-25 22:30 - 00000000 ____D C:\ProgramData\Sony 2013-09-19 16:31 - 2013-09-19 16:31 - 00000997 _____ C:\Users\Public\Desktop\Mobile Partner.lnk 2013-09-19 16:31 - 2013-09-19 16:31 - 00000000 ____D C:\ProgramData\Mobile Partner 2013-09-19 16:29 - 2013-09-19 16:31 - 00000000 ____D C:\Program Files\Mobile Partner 2013-09-19 11:17 - 2013-09-19 11:17 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ew_jucdcecm_01007.Wdf 2013-09-18 20:36 - 2013-09-18 20:36 - 00000124 _____ C:\Users\Paulina\Desktop\BRAGA Lampa Sufitowa Nowoczesna,Plafon Aluminium MaxLight 1606-4.url 2013-09-16 17:11 - 2013-09-16 17:11 - 00015989 _____ C:\Users\Paulina\Downloads\podyplomowe wyszkow 2013_2014 (1).xlsx 2013-09-16 17:05 - 2013-09-16 17:05 - 00015989 _____ C:\Users\Paulina\Downloads\podyplomowe wyszkow 2013_2014.xlsx 2013-09-15 12:41 - 2013-09-15 12:25 - 11031596 _____ C:\Users\Paulina\Desktop\perkusja rockaway beach.wav 2013-09-15 12:41 - 2013-09-15 12:21 - 11264044 _____ C:\Users\Paulina\Desktop\perkusja good boy.wav 2013-09-14 20:09 - 2013-09-14 20:09 - 00011898 _____ C:\Users\Paulina\Downloads\gg_allin_bite_it_you_scum.gp5 2013-09-14 19:41 - 2013-09-14 19:41 - 00011898 _____ C:\Users\Paulina\Desktop\gg-allin-bite_it_you_scum.gp3 2013-09-14 19:32 - 2013-09-14 19:32 - 00000000 ____D C:\Users\Paulina\Desktop\Guitar Pro 5.2! Nowa wersja! 2013-09-12 09:02 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-09-12 09:02 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-09-12 09:02 - 2013-08-10 05:59 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-09-12 09:02 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-09-12 09:02 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-09-12 09:02 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-09-12 09:02 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-09-12 09:02 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-09-12 09:02 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-09-12 09:02 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-09-12 09:02 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-09-12 09:02 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-09-12 09:02 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-09-12 09:02 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-09-12 09:02 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-09-12 09:02 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-09-11 12:21 - 2013-09-12 22:24 - 00000000 ____D C:\Users\Paulina\Desktop\staż dyplomowany 2013-09-11 08:42 - 2013-09-11 08:42 - 00023627 _____ C:\Users\Paulina\Downloads\pd5_a_szynglewska_1_20040903.zip 2013-09-11 08:26 - 2013-08-08 03:03 - 02348544 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2013-09-11 08:26 - 2013-08-05 03:56 - 00133056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys 2013-09-11 08:26 - 2013-08-02 03:50 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2013-09-11 08:26 - 2013-08-02 03:49 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2013-09-11 08:26 - 2013-08-02 03:49 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2013-09-11 08:26 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2013-09-11 08:26 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2013-09-11 08:26 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2013-09-11 08:26 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2013-09-11 08:26 - 2013-08-02 02:52 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2013-09-11 08:26 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2013-09-11 08:26 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll 2013-09-11 08:25 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2013-09-11 08:25 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2013-09-11 08:25 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2013-09-11 08:25 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2013-09-11 08:25 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2013-09-11 08:25 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2013-09-11 08:25 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2013-09-11 08:25 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2013-09-11 08:25 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2013-09-11 08:25 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2013-09-11 08:25 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2013-09-11 08:25 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2013-09-11 08:25 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2013-09-11 08:25 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2013-09-11 08:25 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2013-09-11 08:25 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2013-09-11 08:25 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2013-09-11 08:25 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2013-09-11 08:25 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2013-09-11 08:25 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2013-09-11 08:25 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2013-09-11 08:25 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2013-09-11 08:25 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2013-09-11 08:25 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll ==================== One Month Modified Files and Folders ======= 2013-10-04 13:51 - 2012-04-15 17:10 - 01241455 _____ C:\Windows\WindowsUpdate.log 2013-10-04 13:50 - 2013-10-04 13:05 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2013-10-04 13:48 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-10-04 13:48 - 2009-07-14 06:39 - 00160840 _____ C:\Windows\setupact.log 2013-10-04 13:41 - 2013-10-04 13:41 - 00000000 ____D C:\FRST 2013-10-04 13:37 - 2012-05-23 21:54 - 00000000 ____D C:\Users\Paulina\AppData\Local\CrashDumps 2013-10-04 13:33 - 2013-01-06 23:06 - 00000000 ____D C:\Users\Paulina\Desktop\szkoła 2013-10-04 13:31 - 2013-08-29 00:04 - 00000000 ____D C:\Windows\Minidump 2013-10-04 13:30 - 2013-08-29 00:03 - 203985669 _____ C:\Windows\MEMORY.DMP 2013-10-04 13:29 - 2013-10-04 13:29 - 00000000 ____D C:\Users\av\AppData\Local\CrashDumps 2013-10-04 13:25 - 2013-10-04 13:26 - 00377856 _____ C:\Users\av\Desktop\g2mzy9lz.exe 2013-10-04 13:22 - 2013-10-04 13:22 - 00148648 _____ C:\Windows\Minidump\100413-24055-01.dmp 2013-10-04 13:21 - 2009-07-14 06:34 - 00015344 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-10-04 13:21 - 2009-07-14 06:34 - 00015344 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-10-04 13:18 - 2012-04-21 13:09 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-10-04 13:18 - 2012-04-15 17:21 - 01628652 _____ C:\Windows\system32\PerfStringBackup.INI 2013-10-04 13:18 - 2009-07-14 10:07 - 00735884 _____ C:\Windows\system32\perfh015.dat 2013-10-04 13:18 - 2009-07-14 10:07 - 00148278 _____ C:\Windows\system32\perfc015.dat 2013-10-04 13:15 - 2013-10-04 13:13 - 00000000 ____D C:\Users\av 2013-10-04 13:14 - 2013-10-04 13:14 - 00001381 _____ C:\Users\av\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2013-10-04 13:14 - 2013-10-04 13:14 - 00000000 ____D C:\Users\av\AppData\Roaming\Adobe 2013-10-04 13:13 - 2013-10-04 13:13 - 00000020 ___SH C:\Users\av\ntuser.ini 2013-10-04 13:13 - 2013-10-04 13:13 - 00000000 _SHDL C:\Users\av\Ustawienia lokalne 2013-10-04 13:13 - 2013-10-04 13:13 - 00000000 _SHDL C:\Users\av\Szablony 2013-10-04 13:13 - 2013-10-04 13:13 - 00000000 _SHDL C:\Users\av\Moje dokumenty 2013-10-04 13:13 - 2013-10-04 13:13 - 00000000 _SHDL C:\Users\av\Menu Start 2013-10-04 13:13 - 2013-10-04 13:13 - 00000000 _SHDL C:\Users\av\Documents\Moje wideo 2013-10-04 13:13 - 2013-10-04 13:13 - 00000000 _SHDL C:\Users\av\Documents\Moje obrazy 2013-10-04 13:13 - 2013-10-04 13:13 - 00000000 _SHDL C:\Users\av\Documents\Moja muzyka 2013-10-04 13:13 - 2013-10-04 13:13 - 00000000 _SHDL C:\Users\av\Dane aplikacji 2013-10-04 13:13 - 2013-10-04 13:13 - 00000000 _SHDL C:\Users\av\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2013-10-04 13:13 - 2013-10-04 13:13 - 00000000 _SHDL C:\Users\av\AppData\Local\Historia 2013-10-04 13:13 - 2013-10-04 13:13 - 00000000 _SHDL C:\Users\av\AppData\Local\Dane aplikacji 2013-10-04 13:13 - 2013-10-04 13:13 - 00000000 ____D C:\Users\av\AppData\Local\VirtualStore 2013-10-04 13:08 - 2013-10-04 13:08 - 00152776 _____ C:\Windows\Minidump\100413-40591-01.dmp 2013-10-04 13:08 - 2012-04-26 17:01 - 00059738 _____ C:\Windows\PFRO.log 2013-10-04 13:07 - 2013-10-04 13:07 - 00001054 _____ C:\Users\Public\Desktop\Kaspersky Internet Security.lnk 2013-10-04 13:05 - 2013-10-04 13:05 - 00000000 ____D C:\Windows\ELAMBKUP 2013-10-04 13:05 - 2013-10-04 13:05 - 00000000 ____D C:\Program Files\Kaspersky Lab 2013-10-04 13:03 - 2013-10-04 13:03 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files 2013-10-04 13:00 - 2012-04-22 18:38 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1728207851-1774537144-310024129-1000UA.job 2013-10-04 11:41 - 2013-10-04 13:16 - 262852608 _____ (Kaspersky Lab) C:\Users\av\Desktop\kis14.0.0.4651pl-pl.exe 2013-10-04 11:41 - 2013-10-04 13:02 - 262852608 _____ (Kaspersky Lab) C:\Users\Paulina\Desktop\kis14.0.0.4651pl-pl.exe 2013-10-04 11:41 - 2013-10-04 11:41 - 00148648 _____ C:\Windows\Minidump\100413-27502-01.dmp 2013-10-04 11:34 - 2013-10-04 11:34 - 00148648 _____ C:\Windows\Minidump\100413-18876-01.dmp 2013-10-04 11:18 - 2013-10-04 11:15 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2013-10-04 11:14 - 2013-10-04 11:14 - 00077528 _____ (MalwareBytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2013-10-04 11:14 - 2013-10-02 14:15 - 00000000 ____D C:\Users\Paulina\Desktop\mbar 2013-10-04 10:58 - 2013-10-04 10:58 - 00000000 ____D C:\TDSSKiller_Quarantine 2013-10-04 10:48 - 2013-10-04 10:48 - 00148648 _____ C:\Windows\Minidump\100413-33306-01.dmp 2013-10-04 10:41 - 2013-10-04 10:41 - 00000000 ____D C:\Windows\pss 2013-10-04 10:37 - 2013-10-04 10:37 - 00148648 _____ C:\Windows\Minidump\100413-29936-01.dmp 2013-10-04 10:31 - 2013-10-04 10:31 - 00148648 _____ C:\Windows\Minidump\100413-27861-01.dmp 2013-10-04 02:42 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\pl-PL 2013-10-04 02:41 - 2013-10-02 14:35 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware 2013-10-04 02:41 - 2013-10-02 13:55 - 00000000 ____D C:\Users\Paulina\Desktop\RK_Quarantine 2013-10-04 02:41 - 2013-10-02 13:11 - 00000000 ____D C:\Windows\erdnt 2013-10-04 02:41 - 2013-09-30 17:39 - 00000000 ____D C:\Users\Paulina\AppData\Roaming\ArcaVirMicroScan 2013-10-04 02:41 - 2013-09-29 21:33 - 00000000 ____D C:\ProgramData\OnlineUpdate 2013-10-04 02:41 - 2013-09-29 18:49 - 00000000 ____D C:\Program Files\VstPlugins 2013-10-04 02:41 - 2013-09-29 17:57 - 00000000 ____D C:\Users\Paulina\Desktop\EZDrummer 2013-10-04 02:41 - 2013-09-29 15:24 - 00000000 ____D C:\Users\Paulina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2 2013-10-04 02:41 - 2013-09-29 15:24 - 00000000 ____D C:\Program Files\ASIO4ALL v2 2013-10-04 02:41 - 2013-09-29 15:04 - 00000000 ____D C:\Users\Paulina\Desktop\REAPER 2013-10-04 02:41 - 2013-09-29 14:32 - 00000000 ____D C:\Users\Paulina\AppData\Roaming\REAPER 2013-10-04 02:41 - 2013-09-25 22:39 - 00000000 ____D C:\Users\Paulina\AppData\Local\Sony 2013-10-04 02:41 - 2013-09-25 22:38 - 00000000 ____D C:\Program Files\Common Files\Sony Shared 2013-10-04 02:41 - 2013-09-25 22:36 - 00000000 ____D C:\Program Files\Sony Media Go Install 2013-10-04 02:41 - 2013-02-01 18:32 - 00000000 ___RD C:\Program Files\Skype 2013-10-04 02:41 - 2013-02-01 18:32 - 00000000 ____D C:\ProgramData\Skype 2013-10-04 02:41 - 2013-02-01 18:32 - 00000000 ____D C:\Program Files\Common Files\Skype 2013-10-04 02:41 - 2012-10-27 19:28 - 00000000 ____D C:\Users\Paulina\AppData\Roaming\Winamp 2013-10-04 02:41 - 2012-09-23 16:51 - 00000000 ____D C:\Users\Paulina\AppData\Roaming\Audacity 2013-10-04 02:41 - 2012-07-07 20:59 - 00000000 ____D C:\Users\Paulina\AppData\Local\Downloaded Installations 2013-10-04 02:41 - 2012-04-15 20:19 - 00000000 ____D C:\Users\Paulina 2013-10-04 02:41 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\wfp 2013-10-03 16:30 - 2013-10-03 16:29 - 00148648 _____ C:\Windows\Minidump\100313-28142-01.dmp 2013-10-03 16:24 - 2013-10-03 16:24 - 00148648 _____ C:\Windows\Minidump\100313-29655-01.dmp 2013-10-03 16:19 - 2013-10-03 16:19 - 00148648 _____ C:\Windows\Minidump\100313-27861-01.dmp 2013-10-03 16:14 - 2013-10-03 16:14 - 00148648 _____ C:\Windows\Minidump\100313-27565-01.dmp 2013-10-03 15:53 - 2013-10-03 15:53 - 00148648 _____ C:\Windows\Minidump\100313-16832-01.dmp 2013-10-03 15:40 - 2013-10-03 15:38 - 00002110 _____ C:\Users\Paulina\Desktop\Rkill.txt 2013-10-02 16:19 - 2013-10-02 16:19 - 00148648 _____ C:\Windows\Minidump\100213-57455-01.dmp 2013-10-02 16:13 - 2013-10-02 16:12 - 00148648 _____ C:\Windows\Minidump\100213-59124-01.dmp 2013-10-02 16:05 - 2013-10-02 16:05 - 00003536 ____N C:\bootsqm.dat 2013-10-02 14:45 - 2013-10-02 13:09 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0 2013-10-02 14:38 - 2013-10-02 14:38 - 00148648 _____ C:\Windows\Minidump\100213-39390-01.dmp 2013-10-02 14:36 - 2013-10-02 14:36 - 00000000 ____D C:\Users\Paulina\AppData\Roaming\Malwarebytes 2013-10-02 14:35 - 2013-10-02 14:35 - 00001027 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-10-02 14:15 - 2013-10-02 14:15 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-10-02 13:46 - 2013-10-02 13:45 - 00148648 _____ C:\Windows\Minidump\100213-33477-01.dmp 2013-10-02 13:41 - 2013-10-02 13:40 - 00148648 _____ C:\Windows\Minidump\100213-73133-01.dmp 2013-10-02 13:38 - 2013-10-02 13:38 - 00000000 ____D C:\Windows\ERUNT 2013-10-02 13:30 - 2013-10-02 13:29 - 00000000 ____D C:\AdwCleaner 2013-10-02 13:27 - 2013-10-02 13:27 - 00013339 _____ C:\ComboFix.txt 2013-10-02 13:27 - 2013-10-02 13:12 - 00000000 ____D C:\Qoobox 2013-10-02 13:27 - 2009-07-14 04:37 - 00000000 ___RD C:\Users\Public 2013-10-02 13:24 - 2009-07-14 04:04 - 00000215 _____ C:\Windows\system.ini 2013-10-02 13:06 - 2012-04-23 20:33 - 00000000 ____D C:\Users\Paulina\AppData\Local\PokerStars.EU 2013-10-02 13:06 - 2012-04-23 20:33 - 00000000 ____D C:\Program Files\PokerStars.EU 2013-10-02 13:03 - 2013-10-02 13:03 - 00148648 _____ C:\Windows\Minidump\100213-23665-01.dmp 2013-10-02 11:00 - 2013-10-02 11:00 - 00148648 _____ C:\Windows\Minidump\100213-18704-01.dmp 2013-10-01 08:48 - 2013-10-01 08:47 - 00148648 _____ C:\Windows\Minidump\100113-28329-01.dmp 2013-09-30 22:03 - 2013-09-30 22:03 - 00148648 _____ C:\Windows\Minidump\093013-31933-01.dmp 2013-09-30 21:58 - 2013-09-30 21:58 - 00148648 _____ C:\Windows\Minidump\093013-32339-01.dmp 2013-09-30 21:53 - 2013-09-30 21:53 - 00148648 _____ C:\Windows\Minidump\093013-31995-01.dmp 2013-09-30 21:49 - 2013-09-30 21:49 - 00148648 _____ C:\Windows\Minidump\093013-30669-01.dmp 2013-09-30 21:44 - 2013-09-30 21:44 - 00148648 _____ C:\Windows\Minidump\093013-31278-02.dmp 2013-09-30 21:39 - 2013-09-30 21:39 - 00148648 _____ C:\Windows\Minidump\093013-32526-01.dmp 2013-09-30 21:35 - 2013-09-30 21:34 - 00148648 _____ C:\Windows\Minidump\093013-31652-01.dmp 2013-09-30 21:30 - 2013-09-30 21:30 - 00148648 _____ C:\Windows\Minidump\093013-32448-01.dmp 2013-09-30 21:25 - 2013-09-30 21:25 - 00148648 _____ C:\Windows\Minidump\093013-31839-01.dmp 2013-09-30 21:21 - 2013-09-30 21:20 - 00148648 _____ C:\Windows\Minidump\093013-31683-01.dmp 2013-09-30 21:16 - 2013-09-30 21:16 - 00148648 _____ C:\Windows\Minidump\093013-33212-01.dmp 2013-09-30 21:11 - 2013-09-30 21:11 - 00148648 _____ C:\Windows\Minidump\093013-31964-02.dmp 2013-09-30 21:06 - 2013-09-30 21:06 - 00148648 _____ C:\Windows\Minidump\093013-31325-01.dmp 2013-09-30 21:02 - 2013-09-30 21:01 - 00148648 _____ C:\Windows\Minidump\093013-31590-01.dmp 2013-09-30 20:57 - 2013-09-30 20:57 - 00148648 _____ C:\Windows\Minidump\093013-31106-01.dmp 2013-09-30 20:52 - 2013-09-30 20:52 - 00148648 _____ C:\Windows\Minidump\093013-32385-01.dmp 2013-09-30 20:48 - 2013-09-30 20:47 - 00148648 _____ C:\Windows\Minidump\093013-32947-01.dmp 2013-09-30 20:43 - 2013-09-30 20:43 - 00148648 _____ C:\Windows\Minidump\093013-32744-01.dmp 2013-09-30 20:38 - 2013-09-30 20:38 - 00148648 _____ C:\Windows\Minidump\093013-30966-01.dmp 2013-09-30 20:33 - 2013-09-30 20:33 - 00148648 _____ C:\Windows\Minidump\093013-31949-01.dmp 2013-09-30 20:29 - 2013-09-30 20:28 - 00148648 _____ C:\Windows\Minidump\093013-30700-01.dmp 2013-09-30 20:24 - 2013-09-30 20:24 - 00148648 _____ C:\Windows\Minidump\093013-31262-01.dmp 2013-09-30 20:19 - 2013-09-30 20:19 - 00148648 _____ C:\Windows\Minidump\093013-33821-01.dmp 2013-09-30 20:15 - 2013-09-30 20:14 - 00148648 _____ C:\Windows\Minidump\093013-31403-01.dmp 2013-09-30 20:10 - 2013-09-30 20:10 - 00148648 _____ C:\Windows\Minidump\093013-31122-01.dmp 2013-09-30 20:05 - 2013-09-30 20:05 - 00148648 _____ C:\Windows\Minidump\093013-24460-01.dmp 2013-09-30 20:01 - 2013-09-30 20:01 - 00148648 _____ C:\Windows\Minidump\093013-26254-01.dmp 2013-09-30 19:57 - 2013-09-30 19:56 - 00148648 _____ C:\Windows\Minidump\093013-27097-01.dmp 2013-09-30 19:52 - 2013-09-30 19:52 - 00148648 _____ C:\Windows\Minidump\093013-27596-01.dmp 2013-09-30 19:43 - 2012-04-18 13:23 - 00000000 ____D C:\ProgramData\DatacardService 2013-09-30 19:35 - 2013-02-01 18:32 - 00000000 ____D C:\Users\Paulina\AppData\Roaming\Skype 2013-09-30 17:41 - 2013-09-30 17:41 - 00000000 ____D C:\Program Files\ESET 2013-09-30 17:41 - 2013-09-30 17:40 - 02347384 _____ (ESET) C:\Users\Paulina\Downloads\esetsmartinstaller_plk (4).exe 2013-09-30 17:39 - 2013-09-30 17:39 - 00258640 _____ (ArcaBit) C:\Users\Paulina\Downloads\arcavirmicroscan.exe 2013-09-30 13:06 - 2009-07-14 06:53 - 00032604 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2013-09-30 06:48 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET 2013-09-29 21:50 - 2013-09-29 21:50 - 02347384 _____ (ESET) C:\Users\Paulina\Downloads\esetsmartinstaller_plk (3).exe 2013-09-29 21:44 - 2013-09-29 21:44 - 02347384 _____ (ESET) C:\Users\Paulina\Downloads\esetsmartinstaller_plk (2).exe 2013-09-29 21:44 - 2013-09-29 21:44 - 02347384 _____ (ESET) C:\Users\Paulina\Downloads\esetsmartinstaller_plk (1).exe 2013-09-29 21:37 - 2013-09-29 21:37 - 02347384 _____ (ESET) C:\Users\Paulina\Downloads\esetsmartinstaller_plk.exe 2013-09-29 21:33 - 2013-09-29 21:33 - 00000000 ____D C:\ProgramData\log 2013-09-29 21:31 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\registration 2013-09-29 21:09 - 2013-09-29 21:09 - 00000000 ___HD C:\Windows\AxInstSV 2013-09-29 21:09 - 2013-09-29 21:09 - 00000000 ____D C:\Program Files\SkanerOnline 2013-09-29 20:53 - 2012-07-17 19:22 - 00000000 ____D C:\Program Files\Zune 2013-09-29 20:14 - 2012-04-22 18:38 - 00001014 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1728207851-1774537144-310024129-1000Core.job 2013-09-29 19:47 - 2013-09-29 19:34 - 00000000 ____D C:\Users\Paulina\Desktop\rockaway beach 2013-09-29 19:39 - 2013-09-29 19:39 - 00000000 ____D C:\Users\Paulina\Desktop\Ramones - Rockaway Beach (Drums Backing Track Cover)_data 2013-09-29 18:49 - 2013-09-29 18:49 - 00000000 ____D C:\Program Files\Toontrack 2013-09-29 15:24 - 2013-09-29 15:24 - 00001056 _____ C:\Users\Paulina\Desktop\ASIO4ALL v2 Instruction Manual.lnk 2013-09-29 15:23 - 2013-09-29 15:23 - 00413183 _____ C:\Users\Paulina\Desktop\ASIO4ALL_2_9_English.exe 2013-09-29 15:01 - 2013-09-29 14:41 - 74907648 _____ (Cockos Incorporated) C:\Users\Paulina\Desktop\REAPER.exe 2013-09-29 14:41 - 2013-09-29 14:32 - 00000000 ____D C:\Program Files\REAPER 2013-09-29 13:57 - 2013-09-29 13:57 - 00048271 _____ C:\Users\Paulina\Desktop\Turbonegro - Good Head perkusja midi.mid 2013-09-28 18:48 - 2013-09-28 18:48 - 00027876 _____ C:\Users\Paulina\Desktop\Turbonegro - Good Head v1.gp4 2013-09-28 16:16 - 2013-09-28 16:06 - 246185648 _____ (Kaspersky Lab) C:\Users\Paulina\Downloads\kav14.0.0.4651pl-pl (1).exe 2013-09-28 15:27 - 2013-09-28 15:21 - 246185648 _____ (Kaspersky Lab) C:\Users\Paulina\Downloads\kav14.0.0.4651pl-pl.exe 2013-09-25 22:40 - 2013-09-25 22:40 - 00000000 ____D C:\Users\Paulina\Documents\Media Go 2013-09-25 22:40 - 2013-09-25 22:36 - 00000000 ____D C:\Users\Paulina\AppData\Roaming\Sony 2013-09-25 22:40 - 2012-07-17 19:24 - 00000000 ___RD C:\Users\Paulina\Podcasts 2013-09-25 22:39 - 2013-09-25 22:39 - 00001815 _____ C:\Users\Public\Desktop\Media Go.lnk 2013-09-25 22:39 - 2013-09-25 22:30 - 00000000 ____D C:\Program Files\Sony 2013-09-25 22:38 - 2013-09-25 22:38 - 00000000 ____D C:\ProgramData\Sony Corporation 2013-09-25 22:31 - 2013-09-25 22:31 - 00002004 _____ C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk 2013-09-25 22:30 - 2013-09-25 22:30 - 00000000 ____D C:\ProgramData\Sony 2013-09-25 22:30 - 2012-04-18 14:42 - 00000000 ___HD C:\Program Files\InstallShield Installation Information 2013-09-21 19:17 - 2012-04-22 18:41 - 00002372 _____ C:\Users\Paulina\Desktop\Google Chrome.lnk 2013-09-19 19:18 - 2012-04-21 13:09 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2013-09-19 19:18 - 2012-04-21 13:09 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2013-09-19 16:31 - 2013-09-19 16:31 - 00000997 _____ C:\Users\Public\Desktop\Mobile Partner.lnk 2013-09-19 16:31 - 2013-09-19 16:31 - 00000000 ____D C:\ProgramData\Mobile Partner 2013-09-19 16:31 - 2013-09-19 16:29 - 00000000 ____D C:\Program Files\Mobile Partner 2013-09-19 11:17 - 2013-09-19 11:17 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ew_jucdcecm_01007.Wdf 2013-09-18 20:36 - 2013-09-18 20:36 - 00000124 _____ C:\Users\Paulina\Desktop\BRAGA Lampa Sufitowa Nowoczesna,Plafon Aluminium MaxLight 1606-4.url 2013-09-16 17:11 - 2013-09-16 17:11 - 00015989 _____ C:\Users\Paulina\Downloads\podyplomowe wyszkow 2013_2014 (1).xlsx 2013-09-16 17:05 - 2013-09-16 17:05 - 00015989 _____ C:\Users\Paulina\Downloads\podyplomowe wyszkow 2013_2014.xlsx 2013-09-15 12:25 - 2013-09-15 12:41 - 11031596 _____ C:\Users\Paulina\Desktop\perkusja rockaway beach.wav 2013-09-15 12:21 - 2013-09-15 12:41 - 11264044 _____ C:\Users\Paulina\Desktop\perkusja good boy.wav 2013-09-14 20:09 - 2013-09-14 20:09 - 00011898 _____ C:\Users\Paulina\Downloads\gg_allin_bite_it_you_scum.gp5 2013-09-14 19:41 - 2013-09-14 19:41 - 00011898 _____ C:\Users\Paulina\Desktop\gg-allin-bite_it_you_scum.gp3 2013-09-14 19:33 - 2013-02-19 20:48 - 00000000 ____D C:\Program Files\Guitar Pro 5 2013-09-14 19:32 - 2013-09-14 19:32 - 00000000 ____D C:\Users\Paulina\Desktop\Guitar Pro 5.2! Nowa wersja! 2013-09-12 22:24 - 2013-09-11 12:21 - 00000000 ____D C:\Users\Paulina\Desktop\staż dyplomowany 2013-09-12 21:23 - 2012-10-06 18:07 - 00000000 ____D C:\Users\Paulina\Desktop\Combat.Wings 2013-09-12 09:38 - 2009-07-14 06:33 - 00462096 _____ C:\Windows\system32\FNTCACHE.DAT 2013-09-12 09:19 - 2012-05-09 14:44 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-09-12 08:58 - 2013-07-20 10:59 - 00000000 ____D C:\Windows\system32\MRT 2013-09-12 08:54 - 2012-04-25 21:52 - 76725432 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-09-11 08:42 - 2013-09-11 08:42 - 00023627 _____ C:\Users\Paulina\Downloads\pd5_a_szynglewska_1_20040903.zip 2013-09-10 19:00 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF Some content of TEMP: ==================== C:\Users\Paulina\AppData\Local\temp\ntdll_dump.dll ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-09-23 17:29 ==================== End Of Log ============================