Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-10-2013 Ran by Windows 7 (administrator) on WINDOWS7 on 06-10-2013 10:35:25 Running from C:\Users\Windows 7\Downloads Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: Polish Internet Explorer Version 10 Boot Mode: Safe Mode (with Networking) ==================== Processes (Whitelisted) =================== (Microsoft Corporation) C:\Windows\system32\wermgr.exe (Intel Corporation) C:\Windows\system32\igfxsrvc.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe (Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe (Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7625248 2009-08-03] (Realtek Semiconductor) HKLM\...\Run: [TPwrMain] - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [480608 2009-11-05] (TOSHIBA Corporation) HKLM\...\Run: [HSON] - C:\Program Files\TOSHIBA\TBS\HSON.exe [55160 2009-03-09] (TOSHIBA Corporation) HKLM\...\Run: [SmoothView] - C:\Program Files\Toshiba\SmoothView\SmoothView.exe [521528 2009-08-13] (TOSHIBA Corporation) HKLM\...\Run: [00TCrdMain] - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [738616 2009-11-10] (TOSHIBA Corporation) HKLM\...\Run: [TFncKy] - TFncKy.exe HKLM\...\Run: [TDispVol] - C:\Windows\system32\TDispVol.exe [73728 2005-12-27] (TOSHIBA Corporation) HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1316136 2008-06-20] (Synaptics, Inc.) Winlogon\Notify\bnishji: C:\Users\Windows 7\AppData\Local\bnishji.dll () HKCU\...\Run: [bnishji] - rundll32 "C:\Users\Windows 7\AppData\Local\bnishji.dll",bnishji <===== ATTENTION HKCU\...\Run: [SearchProtection] - C:\Users\Windows 7\AppData\Roaming\Search Protection\SearchProtection.EXE [832360 2013-09-03] (Spigot, Inc.) MountPoints2: {beccd02a-ff8f-11e2-950c-806e6f6e6963} - E:\setup.exe MountPoints2: {d498a9e0-1473-11e3-a6bf-001b38b5e50e} - F:\Setup.exe ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchgol.com/?babsrc=HP_ss&mntrId=9AD3001B38B5E50E&affID=119357&tsp=5020 SearchScopes: HKCU - DefaultScope {919C25F7-026B-4BEF-BC7C-72934CDF8868} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=293224&p={searchTerms} SearchScopes: HKCU - {0D7562AE-8EF6-416d-A838-AB665251703A} URL = http://start.facemoods.com/?a=ddr&s={searchTerms}&f=4 SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.searchgol.com/?q={searchTerms}&babsrc=SP_ss&mntrId=9AD3001B38B5E50E&affID=119357&tsp=5020 SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = SearchScopes: HKCU - {919C25F7-026B-4BEF-BC7C-72934CDF8868} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=293224&p={searchTerms} BHO: CescrtHlpr Object - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files\facemoods.com\facemoods\1.4.17.3\bh\facemoods.dll (facemoods.com BHO) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - facemoods Toolbar - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files\facemoods.com\facemoods\1.4.17.3\facemoodsTlbr.dll (facemoods.com) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\SKYPE4~1.DLL (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 194.204.152.34 194.204.159.1 FireFox: ======== FF ProfilePath: C:\Users\Windows 7\AppData\Roaming\Mozilla\Firefox\Profiles\57jxv9t3.default FF user.js: detected! => C:\Users\Windows 7\AppData\Roaming\Mozilla\Firefox\Profiles\57jxv9t3.default\user.js FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll () FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.) FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\fcmdSrchddr.xml FF Extension: Facemoods - C:\Users\Windows 7\AppData\Roaming\Mozilla\Firefox\Profiles\57jxv9t3.default\Extensions\ffxtlbr@Facemoods.com FF Extension: ffextension - C:\Users\Windows 7\AppData\Roaming\Mozilla\Firefox\Profiles\57jxv9t3.default\Extensions\ffextension@weheartit.com.xpi FF Extension: firefox - C:\Users\Windows 7\AppData\Roaming\Mozilla\Firefox\Profiles\57jxv9t3.default\Extensions\firefox@webconnect.co.xpi ========================== Services (Whitelisted) ================= S2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [14336 2009-03-27] (LSI Corporation) S2 cfWiMAXService; C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe [185712 2009-08-10] (TOSHIBA CORPORATION) S2 ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [46448 2009-03-10] (TOSHIBA CORPORATION) S2 Update WebConnect; C:\Program Files\WebConnect\updateWebConnect.exe [65320 2013-10-04] (WebConnect) ==================== Drivers (Whitelisted) ==================== R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2013-09-03] (Disc Soft Ltd) S3 UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [17960 2009-04-10] (Chicony Electronics Co., Ltd.) U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-10-06 10:34 - 2013-10-06 10:34 - 01087213 _____ (Farbar) C:\Users\Windows 7\Downloads\FRST.exe 2013-10-06 10:34 - 2013-10-06 10:34 - 00602112 _____ (OldTimer Tools) C:\Users\Windows 7\Downloads\OTL.exe 2013-10-06 10:34 - 2013-10-06 10:34 - 00000000 ____D C:\FRST 2013-10-06 10:15 - 2013-09-29 22:36 - 00027648 _____ C:\Users\Windows 7\Desktop\photothumb.db 2013-10-06 09:32 - 2013-10-06 09:32 - 00145264 _____ C:\Windows\Minidump\100613-17144-01.dmp 2013-10-06 04:58 - 2013-10-06 05:00 - 00151496 _____ C:\Windows\Minidump\100613-25958-01.dmp 2013-10-06 02:43 - 2013-10-06 02:43 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Windows 7\Downloads\mbam-setup-1.75.0.1300.exe 2013-10-06 02:43 - 2013-10-06 02:43 - 00001071 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-10-06 02:43 - 2013-10-06 02:43 - 00000000 ____D C:\Users\Windows 7\AppData\Roaming\Malwarebytes 2013-10-06 02:43 - 2013-10-06 02:43 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-10-06 02:43 - 2013-10-06 02:43 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware 2013-10-06 02:43 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2013-10-06 02:42 - 2013-10-06 02:42 - 00685248 _____ C:\Users\Windows 7\Downloads\Malwarebytes-AntiMalware(13117).exe 2013-10-05 23:09 - 2013-10-06 09:32 - 157113789 _____ C:\Windows\MEMORY.DMP 2013-10-05 23:09 - 2013-10-06 09:32 - 00000000 ____D C:\Windows\Minidump 2013-10-05 23:09 - 2013-10-05 23:09 - 00000000 _____ C:\Windows\Minidump\100513-21543-01.dmp 2013-10-04 17:35 - 2013-10-04 17:35 - 00000000 ____D C:\Users\Windows 7\Desktop\muzodajnia 2013-10-04 16:45 - 2013-10-04 16:45 - 00000054 _____ C:\Users\Windows 7\Desktop\blablabla.txt 2013-10-04 08:38 - 2013-10-04 08:38 - 00000000 ____D C:\Users\Windows 7\AppData\Roaming\Babylon 2013-10-04 08:38 - 2013-10-04 08:38 - 00000000 ____D C:\ProgramData\Babylon 2013-10-04 08:38 - 2013-10-04 08:38 - 00000000 ____D C:\Program Files\facemoods.com 2013-10-04 08:38 - 2013-10-04 08:38 - 00000000 ____D C:\Intel 2013-10-04 00:52 - 2013-10-04 00:52 - 00000000 _____ C:\Users\Windows 7\Desktop\Nowy dokument tekstowy (2).txt 2013-10-03 22:14 - 2013-10-03 20:33 - 233265899 _____ C:\Users\Windows 7\Desktop\alldsmp4.mp4 2013-10-03 22:06 - 2013-10-03 22:13 - 233265975 _____ C:\Users\Windows 7\Downloads\alldsmp4.rar 2013-10-01 20:19 - 2013-09-30 09:12 - 204736330 _____ C:\Users\Windows 7\Desktop\MOV00076.MP4 2013-10-01 10:32 - 2013-10-01 10:32 - 00000000 ____D C:\Program Files\Mozilla Firefox 2013-10-01 07:08 - 2013-10-05 23:10 - 00001418 _____ C:\Windows\PFRO.log 2013-09-30 21:15 - 2013-10-02 21:41 - 00000000 ____D C:\Users\Windows 7\Desktop\muza 2013-09-30 11:26 - 2013-10-06 10:17 - 00002912 _____ C:\Windows\setupact.log 2013-09-30 11:26 - 2013-09-30 11:26 - 00000000 _____ C:\Windows\setuperr.log 2013-09-30 10:11 - 2013-09-30 10:11 - 00001021 _____ C:\Users\Windows 7\Desktop\Odkurzacz.lnk 2013-09-30 10:11 - 2013-09-30 10:11 - 00000000 ____D C:\Program Files\Odkurzacz 2013-09-30 10:10 - 2013-09-30 10:10 - 03841551 _____ (FranmoSoftware ) C:\Users\Windows 7\Downloads\odk13.4.0.1685setup.exe 2013-09-30 01:01 - 2013-09-30 01:02 - 00987743 _____ C:\Users\Windows 7\Downloads\yolo.rar 2013-09-29 23:05 - 2013-09-29 23:05 - 00000015 _____ C:\Users\Windows 7\Desktop\ngngn.txt 2013-09-29 22:33 - 2013-09-29 23:04 - 00000000 ____D C:\Users\Windows 7\AppData\Roaming\PhotoScape 2013-09-29 22:32 - 2013-09-29 22:32 - 00000993 _____ C:\Users\Windows 7\Desktop\PhotoScape.lnk 2013-09-29 22:32 - 2013-09-29 22:32 - 00000000 ____D C:\Program Files\PhotoScape 2013-09-29 22:31 - 2013-09-29 22:31 - 21331096 _____ (Mooii) C:\Users\Windows 7\Downloads\PhotoScape_V3.6.5(dobreprogramy.pl).exe 2013-09-29 22:31 - 2013-09-29 22:31 - 00001850 _____ C:\Users\Windows 7\Desktop\Search.lnk 2013-09-29 22:31 - 2013-09-29 22:31 - 00000000 ____D C:\ProgramData\DSearchLink 2013-09-29 22:29 - 2013-09-29 22:30 - 00685248 _____ C:\Users\Windows 7\Downloads\Photoscape(12505).exe 2013-09-29 21:38 - 2013-09-30 09:59 - 00000000 ____D C:\Users\Windows 7\AppData\Local\Google 2013-09-29 21:38 - 2013-09-29 21:38 - 00001068 _____ C:\Users\Public\Desktop\Picasa 3.lnk 2013-09-29 21:37 - 2013-09-30 09:59 - 00000000 ____D C:\Program Files\Google 2013-09-29 21:34 - 2013-09-29 21:35 - 14965064 _____ (Google Inc.) C:\Users\Windows 7\Downloads\picasa39-setup.exe 2013-09-27 22:10 - 2013-09-27 22:10 - 25772520 _____ (Microsoft Corporation) C:\Users\Windows 7\Downloads\wordview_pl-pl.exe 2013-09-27 22:09 - 2013-09-27 22:09 - 00685248 _____ C:\Users\Windows 7\Downloads\Word-Viewer(12113).exe 2013-09-27 11:55 - 2013-09-27 22:13 - 00000000 ____D C:\Program Files\Microsoft Office 2013-09-27 11:54 - 2013-09-27 22:12 - 00000000 ____D C:\Program Files\MSECache 2013-09-27 11:53 - 2013-09-27 11:53 - 77738888 _____ (Microsoft Corporation) C:\Users\Windows 7\Downloads\ExcelViewer.exe 2013-09-27 11:50 - 2013-09-27 11:50 - 00685248 _____ C:\Users\Windows 7\Downloads\Excel-Viewer(12201).exe 2013-09-27 09:36 - 2013-09-27 09:36 - 00020480 _____ C:\Users\Windows 7\Downloads\Plan zajęć Informatyka sem I.xls 2013-09-26 14:04 - 2013-09-26 14:05 - 00000000 ____D C:\Users\Windows 7\Desktop\Nowy folder (5) 2013-09-24 21:17 - 2013-09-24 21:30 - 310467891 _____ C:\Users\Windows 7\Downloads\GMB vs NJS - Worlds Quarterfinals 2013 D1G3(360p_H.264-AAC).mp4 2013-09-24 07:27 - 2013-09-24 07:27 - 00000000 _____ C:\Users\Windows 7\Desktop\żbik.txt 2013-09-23 14:34 - 2013-09-23 14:34 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2013-09-23 14:34 - 2013-09-23 14:34 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2013-09-23 14:25 - 2013-09-23 14:25 - 00000000 ____D C:\Windows\pss 2013-09-22 17:57 - 2013-09-22 17:58 - 00000542 _____ C:\Users\Windows 7\Desktop\Nowy dokument tekstowy.txt 2013-09-21 16:35 - 2013-09-21 16:35 - 00000542 _____ C:\Users\Windows 7\Downloads\Pieguski.txt 2013-09-19 21:23 - 2013-10-06 10:15 - 00000000 ____D C:\Users\Windows 7\Desktop\ssss 2013-09-19 00:23 - 2013-09-19 00:23 - 00000000 ____D C:\Users\Windows 7\Desktop\Nowy folder (4) 2013-09-18 08:54 - 2013-10-06 08:59 - 00516659 _____ C:\Windows\WindowsUpdate.log 2013-09-17 09:08 - 2013-09-17 09:08 - 00000000 ____D C:\Users\Windows 7\Desktop\TT 2013-09-17 09:06 - 2013-09-17 09:06 - 00962877 _____ C:\Users\Windows 7\Downloads\TTBot v2.5e(shadyprobg_3.03fix).rar 2013-09-15 12:05 - 2013-09-15 12:09 - 00000000 ____D C:\Users\Windows 7\Desktop\Elephant 2013-09-15 11:21 - 2013-09-15 11:21 - 00000000 ____D C:\Users\Windows 7\Documents\League of Legends 2013-09-15 11:03 - 2013-09-15 11:03 - 00985720 _____ C:\Users\Windows 7\Downloads\ElophantClient.zip 2013-09-15 03:20 - 2013-09-15 11:20 - 00000000 ____D C:\LOLPBE 2013-09-12 09:23 - 2013-09-12 09:23 - 00000000 ____D C:\ProgramData\GG 2013-09-11 15:30 - 2013-09-11 15:32 - 16504355 _____ C:\Users\Windows 7\Downloads\Bryan Adams - Brothers Under The Sun (Spirit Soundtrack)(480p_H.264-AAC).flv 2013-09-11 15:29 - 2013-09-11 15:31 - 61310534 _____ C:\Users\Windows 7\Downloads\30 Seconds To Mars_ Shannon Leto drumming Cologne 29_11_11(360p_H.264-AAC).mp4 2013-09-11 15:28 - 2013-09-11 15:29 - 02261722 _____ C:\Users\Windows 7\Downloads\Bryan Adams - Brothers Under The Sun (Spirit Soundtrack)(240p_H.264-AAC).3gp.part 2013-09-11 15:28 - 2013-09-11 15:29 - 01289474 _____ C:\Users\Windows 7\Downloads\Bryan Adams - Brothers Under The Sun (Spirit Soundtrack)(144p_H.264-AAC).3gp.part 2013-09-11 15:26 - 2013-09-11 15:28 - 05981876 _____ C:\Users\Windows 7\Downloads\30 Seconds To Mars_ Shannon Leto drumming Cologne 29_11_11(240p_H.264-AAC).3gp.part 2013-09-11 15:23 - 2013-09-11 15:28 - 19438653 _____ C:\Users\Windows 7\Downloads\30 Seconds To Mars_ Shannon Leto drumming Cologne 29_11_11(240p_H.263-MP3).flv.part 2013-09-10 21:13 - 2013-09-10 21:13 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2013-09-10 21:11 - 2013-09-10 21:12 - 06953096 _____ (Microsoft Corporation) C:\Users\Windows 7\Downloads\Silverlight.exe 2013-09-10 16:00 - 2013-09-10 16:07 - 00000000 ____D C:\Program Files\Unlocker 2013-09-10 16:00 - 2013-09-10 16:00 - 00000000 ____D C:\Users\Windows 7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker 2013-09-10 15:58 - 2013-09-10 15:58 - 01078591 _____ C:\Users\Windows 7\Downloads\Unlocker1.9.2.exe 2013-09-10 15:57 - 2013-09-10 15:57 - 00685248 _____ C:\Users\Windows 7\Downloads\Unlocker(12240).exe 2013-09-10 10:13 - 2013-10-05 14:33 - 00000000 ____D C:\Users\Windows 7\AppData\Roaming\TS3Client 2013-09-10 10:13 - 2013-09-10 10:13 - 00001124 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk 2013-09-10 10:13 - 2013-09-10 10:13 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client 2013-09-10 10:11 - 2013-09-10 10:12 - 30010384 _____ (TeamSpeak Systems GmbH) C:\Users\Windows 7\Downloads\TeamSpeak3-Client-win32-3.0.12.exe 2013-09-10 02:55 - 2013-09-15 02:58 - 00000000 ____D C:\ProgramData\IProt 2013-09-10 02:54 - 2013-09-15 02:58 - 00000000 ____D C:\Users\Windows 7\Desktop\nhc 2013-09-10 02:54 - 2013-09-10 02:54 - 03582460 _____ C:\Users\Windows 7\Downloads\NHC3.rar 2013-09-10 02:40 - 2013-09-10 02:40 - 00000000 ____D C:\Users\Windows 7\Desktop\Nowy folder (3) 2013-09-10 02:39 - 2013-09-10 02:40 - 10339653 _____ C:\Users\Windows 7\Downloads\BoL Studio.rar 2013-09-10 02:25 - 2013-09-10 02:25 - 00564578 _____ C:\Users\Windows 7\Desktop\zikenzieslolbot1.5h PRO (PVP BETA).rar 2013-09-10 02:23 - 2013-08-21 14:04 - 00470303 _____ C:\Users\Windows 7\Downloads\Zikenzie's Bot.exe 2013-09-10 02:22 - 2013-09-10 02:23 - 00662013 _____ C:\Users\Windows 7\Downloads\zikenzieslolbot.rar 2013-09-08 02:25 - 2012-08-23 16:48 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2013-09-08 02:25 - 2012-08-23 16:44 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys 2013-09-08 02:25 - 2012-08-23 16:41 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys 2013-09-08 02:25 - 2012-08-23 16:40 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys 2013-09-08 02:25 - 2012-08-23 16:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll 2013-09-08 02:25 - 2012-08-23 16:10 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe 2013-09-08 02:25 - 2012-08-23 15:52 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll 2013-09-08 02:25 - 2012-08-23 15:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll 2013-09-08 02:25 - 2012-08-23 15:46 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll 2013-09-08 02:25 - 2012-08-23 15:32 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll 2013-09-08 02:25 - 2012-08-23 15:18 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll 2013-09-08 02:25 - 2012-08-23 13:40 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe 2013-09-08 02:25 - 2012-08-23 13:32 - 00317440 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe 2013-09-08 02:25 - 2012-08-23 13:15 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll 2013-09-08 02:25 - 2012-08-23 13:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll 2013-09-08 02:25 - 2012-08-23 12:39 - 01048064 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe 2013-09-08 02:25 - 2012-08-23 12:08 - 02739712 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2013-09-08 02:25 - 2012-08-23 10:19 - 04916224 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2013-09-08 02:24 - 2013-09-08 02:24 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01000.Wdf 2013-09-08 02:24 - 2013-09-08 02:24 - 00000000 ____D C:\Program Files\Synaptics 2013-09-08 02:21 - 2012-07-26 05:39 - 00526952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys 2013-09-08 02:21 - 2012-07-26 05:39 - 00047720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys 2013-09-08 02:21 - 2012-07-26 04:46 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll 2013-09-08 02:21 - 2012-06-02 16:34 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf 2013-09-08 02:20 - 2012-07-26 05:21 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe 2013-09-08 02:20 - 2012-07-26 05:20 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll 2013-09-08 02:20 - 2012-07-26 05:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll 2013-09-08 02:20 - 2012-07-26 05:20 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll 2013-09-08 02:20 - 2012-07-26 05:20 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll 2013-09-08 02:20 - 2012-07-26 04:33 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys 2013-09-08 02:20 - 2012-07-26 04:32 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys 2013-09-08 02:20 - 2012-06-02 16:57 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf 2013-09-08 02:18 - 2012-12-07 14:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll 2013-09-08 02:18 - 2012-12-07 14:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll 2013-09-08 02:18 - 2012-12-07 12:46 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs 2013-09-08 02:18 - 2012-12-07 12:46 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs 2013-09-08 02:18 - 2012-12-07 12:46 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs 2013-09-08 02:18 - 2012-12-07 12:46 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs 2013-09-08 02:18 - 2012-12-07 12:46 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs 2013-09-08 02:18 - 2012-12-07 12:46 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs 2013-09-08 02:18 - 2012-12-07 12:46 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs 2013-09-08 02:18 - 2012-12-07 12:46 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs 2013-09-08 02:18 - 2012-12-07 12:46 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs 2013-09-08 02:18 - 2012-12-07 12:46 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs 2013-09-08 02:18 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs 2013-09-08 02:18 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs 2013-09-08 02:18 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs 2013-09-08 02:18 - 2012-12-07 12:46 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs 2013-09-08 02:18 - 2012-11-30 06:47 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2013-09-08 02:18 - 2012-11-30 06:47 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2013-09-08 02:18 - 2012-11-30 06:45 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2013-09-08 02:18 - 2012-11-30 06:45 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2013-09-08 02:18 - 2012-11-30 06:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2013-09-08 02:18 - 2012-11-30 06:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2013-09-08 02:18 - 2012-11-30 06:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2013-09-08 02:18 - 2012-11-30 06:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2013-09-08 02:18 - 2012-11-30 06:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2013-09-08 02:18 - 2012-11-30 06:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2013-09-08 02:18 - 2012-11-30 06:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2013-09-08 02:18 - 2012-11-30 06:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2013-09-08 02:18 - 2012-11-30 06:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2013-09-08 02:18 - 2012-11-30 06:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2013-09-08 02:18 - 2012-11-30 06:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2013-09-08 02:18 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2013-09-08 02:18 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2013-09-08 02:18 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2013-09-08 02:18 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2013-09-08 02:18 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2013-09-08 02:18 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2013-09-08 02:18 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2013-09-08 02:18 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2013-09-08 02:18 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2013-09-08 02:18 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2013-09-08 02:18 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2013-09-08 02:18 - 2012-11-30 04:55 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2013-09-08 02:18 - 2012-11-30 04:38 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2013-09-08 02:18 - 2012-11-30 04:38 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2013-09-08 02:18 - 2012-11-30 04:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2013-09-08 02:18 - 2012-11-30 04:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2013-09-08 02:18 - 2012-11-30 01:17 - 00420064 _____ C:\Windows\system32\locale.nls 2013-09-08 02:18 - 2012-08-24 19:05 - 00136560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2013-09-08 02:18 - 2012-08-24 19:02 - 00369856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2013-09-08 02:18 - 2012-08-24 18:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2013-09-08 02:18 - 2012-08-24 18:56 - 01039360 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2013-09-08 02:17 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll 2013-09-08 02:17 - 2013-04-26 01:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll 2013-09-08 02:17 - 2013-04-17 09:02 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2013-09-08 02:17 - 2013-03-19 06:53 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2013-09-08 02:17 - 2013-03-19 05:33 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll 2013-09-08 02:17 - 2013-01-24 06:47 - 00196328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys 2013-09-08 02:17 - 2012-11-22 06:45 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2013-09-08 02:17 - 2012-10-03 18:42 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll 2013-09-08 02:17 - 2012-10-03 18:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll 2013-09-08 02:17 - 2012-10-03 18:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll 2013-09-08 02:17 - 2012-10-03 18:42 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll 2013-09-08 02:17 - 2012-10-03 18:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll 2013-09-08 02:17 - 2012-10-03 18:40 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll 2013-09-08 02:17 - 2012-10-03 17:21 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys 2013-09-08 02:17 - 2012-08-22 19:16 - 00712048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2013-09-08 02:17 - 2012-08-21 22:12 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe 2013-09-08 02:17 - 2012-07-04 21:45 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys 2013-09-08 02:17 - 2012-05-05 09:46 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2013-09-08 02:17 - 2012-05-04 11:59 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2013-09-08 02:17 - 2012-05-01 06:44 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll 2013-09-08 02:17 - 2012-04-07 13:26 - 02342400 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2013-09-08 02:17 - 2012-02-11 07:37 - 00317440 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe 2013-09-08 02:17 - 2012-01-04 10:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll 2013-09-08 02:17 - 2011-12-30 07:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl 2013-09-08 02:13 - 2012-10-09 19:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll 2013-09-08 02:13 - 2012-10-09 19:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll 2013-09-08 02:00 - 2013-09-08 02:00 - 00000000 ____D C:\Program Files\Microsoft.NET 2013-09-08 01:57 - 2013-09-08 01:57 - 01005568 _____ (Microsoft Corporation) C:\Users\Windows 7\Downloads\dotNetFx45_Full_setup.exe 2013-09-07 22:14 - 2013-09-07 22:15 - 00392000 _____ (Softonic ) C:\Users\Windows 7\Downloads\SoftonicDownloader_dla_teamspeak-3.exe 2013-09-07 19:33 - 2013-09-19 18:24 - 00000149 _____ C:\Users\Windows 7\Desktop\refferals.txt 2013-09-06 15:44 - 2013-09-06 15:44 - 00000000 ____D C:\Users\Windows 7\Documents\Mount&Blade Warband 2013-09-06 15:43 - 2013-09-06 15:43 - 00467486 _____ C:\Users\Windows 7\Downloads\Warband - Spolszczenie 1.1.0.rar 2013-09-06 12:08 - 2013-09-06 12:44 - 1519417223 _____ C:\Users\Windows 7\Downloads\LOLPBE.zip ==================== One Month Modified Files and Folders ======= 2013-10-06 10:34 - 2013-10-06 10:34 - 01087213 _____ (Farbar) C:\Users\Windows 7\Downloads\FRST.exe 2013-10-06 10:34 - 2013-10-06 10:34 - 00602112 _____ (OldTimer Tools) C:\Users\Windows 7\Downloads\OTL.exe 2013-10-06 10:34 - 2013-10-06 10:34 - 00000000 ____D C:\FRST 2013-10-06 10:21 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-10-06 10:17 - 2013-09-30 11:26 - 00002912 _____ C:\Windows\setupact.log 2013-10-06 10:15 - 2013-09-19 21:23 - 00000000 ____D C:\Users\Windows 7\Desktop\ssss 2013-10-06 10:15 - 2013-08-07 19:08 - 00000000 ____D C:\Users\Windows 7\Desktop\D 2013-10-06 09:32 - 2013-10-06 09:32 - 00145264 _____ C:\Windows\Minidump\100613-17144-01.dmp 2013-10-06 09:32 - 2013-10-05 23:09 - 157113789 _____ C:\Windows\MEMORY.DMP 2013-10-06 09:32 - 2013-10-05 23:09 - 00000000 ____D C:\Windows\Minidump 2013-10-06 08:59 - 2013-09-18 08:54 - 00516659 _____ C:\Windows\WindowsUpdate.log 2013-10-06 05:38 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache 2013-10-06 05:09 - 2009-07-14 06:34 - 00021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-10-06 05:09 - 2009-07-14 06:34 - 00021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-10-06 05:00 - 2013-10-06 04:58 - 00151496 _____ C:\Windows\Minidump\100613-25958-01.dmp 2013-10-06 02:43 - 2013-10-06 02:43 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Windows 7\Downloads\mbam-setup-1.75.0.1300.exe 2013-10-06 02:43 - 2013-10-06 02:43 - 00001071 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-10-06 02:43 - 2013-10-06 02:43 - 00000000 ____D C:\Users\Windows 7\AppData\Roaming\Malwarebytes 2013-10-06 02:43 - 2013-10-06 02:43 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-10-06 02:43 - 2013-10-06 02:43 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware 2013-10-06 02:42 - 2013-10-06 02:42 - 00685248 _____ C:\Users\Windows 7\Downloads\Malwarebytes-AntiMalware(13117).exe 2013-10-06 02:00 - 2013-08-07 20:56 - 00000000 ____D C:\Users\Windows 7\AppData\Roaming\Skype 2013-10-06 00:34 - 2013-08-07 23:12 - 00000000 ____D C:\Users\Windows 7\AppData\Roaming\GG 2013-10-05 23:10 - 2013-10-01 07:08 - 00001418 _____ C:\Windows\PFRO.log 2013-10-05 23:09 - 2013-10-05 23:09 - 00000000 _____ C:\Windows\Minidump\100513-21543-01.dmp 2013-10-05 23:06 - 2013-09-03 21:03 - 00000000 ____D C:\Program Files\WebConnect 2013-10-05 17:12 - 2013-08-08 21:59 - 00000000 ____D C:\Users\Windows 7\AppData\Local\JDownloader v2.0 2013-10-05 14:33 - 2013-09-10 10:13 - 00000000 ____D C:\Users\Windows 7\AppData\Roaming\TS3Client 2013-10-05 09:41 - 2011-02-04 16:24 - 00739932 _____ C:\Windows\system32\perfh015.dat 2013-10-05 09:41 - 2011-02-04 16:24 - 00155474 _____ C:\Windows\system32\perfc015.dat 2013-10-05 09:41 - 2010-11-20 23:01 - 01668226 _____ C:\Windows\system32\PerfStringBackup.INI 2013-10-04 17:35 - 2013-10-04 17:35 - 00000000 ____D C:\Users\Windows 7\Desktop\muzodajnia 2013-10-04 16:45 - 2013-10-04 16:45 - 00000054 _____ C:\Users\Windows 7\Desktop\blablabla.txt 2013-10-04 08:38 - 2013-10-04 08:38 - 00000000 ____D C:\Users\Windows 7\AppData\Roaming\Babylon 2013-10-04 08:38 - 2013-10-04 08:38 - 00000000 ____D C:\ProgramData\Babylon 2013-10-04 08:38 - 2013-10-04 08:38 - 00000000 ____D C:\Program Files\facemoods.com 2013-10-04 08:38 - 2013-10-04 08:38 - 00000000 ____D C:\Intel 2013-10-04 08:38 - 2013-08-07 20:56 - 00000000 ____D C:\ProgramData\Skype 2013-10-04 00:52 - 2013-10-04 00:52 - 00000000 _____ C:\Users\Windows 7\Desktop\Nowy dokument tekstowy (2).txt 2013-10-03 22:13 - 2013-10-03 22:06 - 233265975 _____ C:\Users\Windows 7\Downloads\alldsmp4.rar 2013-10-03 20:33 - 2013-10-03 22:14 - 233265899 _____ C:\Users\Windows 7\Desktop\alldsmp4.mp4 2013-10-02 21:41 - 2013-09-30 21:15 - 00000000 ____D C:\Users\Windows 7\Desktop\muza 2013-10-02 07:00 - 2009-07-14 06:53 - 00032522 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2013-10-02 06:55 - 2013-08-17 11:37 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2013-10-01 11:26 - 2013-08-07 20:53 - 00000000 ____D C:\Users\Windows 7\AppData\Local\Mozilla 2013-10-01 10:32 - 2013-10-01 10:32 - 00000000 ____D C:\Program Files\Mozilla Firefox 2013-09-30 20:01 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\LogFiles 2013-09-30 11:26 - 2013-09-30 11:26 - 00000000 _____ C:\Windows\setuperr.log 2013-09-30 10:13 - 2013-08-08 09:58 - 00000000 ____D C:\Program Files\WinRAR 2013-09-30 10:11 - 2013-09-30 10:11 - 00001021 _____ C:\Users\Windows 7\Desktop\Odkurzacz.lnk 2013-09-30 10:11 - 2013-09-30 10:11 - 00000000 ____D C:\Program Files\Odkurzacz 2013-09-30 10:10 - 2013-09-30 10:10 - 03841551 _____ (FranmoSoftware ) C:\Users\Windows 7\Downloads\odk13.4.0.1685setup.exe 2013-09-30 09:59 - 2013-09-29 21:38 - 00000000 ____D C:\Users\Windows 7\AppData\Local\Google 2013-09-30 09:59 - 2013-09-29 21:37 - 00000000 ____D C:\Program Files\Google 2013-09-30 09:12 - 2013-10-01 20:19 - 204736330 _____ C:\Users\Windows 7\Desktop\MOV00076.MP4 2013-09-30 01:02 - 2013-09-30 01:01 - 00987743 _____ C:\Users\Windows 7\Downloads\yolo.rar 2013-09-29 23:05 - 2013-09-29 23:05 - 00000015 _____ C:\Users\Windows 7\Desktop\ngngn.txt 2013-09-29 23:04 - 2013-09-29 22:33 - 00000000 ____D C:\Users\Windows 7\AppData\Roaming\PhotoScape 2013-09-29 22:36 - 2013-10-06 10:15 - 00027648 _____ C:\Users\Windows 7\Desktop\photothumb.db 2013-09-29 22:32 - 2013-09-29 22:32 - 00000993 _____ C:\Users\Windows 7\Desktop\PhotoScape.lnk 2013-09-29 22:32 - 2013-09-29 22:32 - 00000000 ____D C:\Program Files\PhotoScape 2013-09-29 22:31 - 2013-09-29 22:31 - 21331096 _____ (Mooii) C:\Users\Windows 7\Downloads\PhotoScape_V3.6.5(dobreprogramy.pl).exe 2013-09-29 22:31 - 2013-09-29 22:31 - 00001850 _____ C:\Users\Windows 7\Desktop\Search.lnk 2013-09-29 22:31 - 2013-09-29 22:31 - 00000000 ____D C:\ProgramData\DSearchLink 2013-09-29 22:30 - 2013-09-29 22:29 - 00685248 _____ C:\Users\Windows 7\Downloads\Photoscape(12505).exe 2013-09-29 21:38 - 2013-09-29 21:38 - 00001068 _____ C:\Users\Public\Desktop\Picasa 3.lnk 2013-09-29 21:35 - 2013-09-29 21:34 - 14965064 _____ (Google Inc.) C:\Users\Windows 7\Downloads\picasa39-setup.exe 2013-09-27 22:13 - 2013-09-27 11:55 - 00000000 ____D C:\Program Files\Microsoft Office 2013-09-27 22:13 - 2009-07-14 04:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2013-09-27 22:12 - 2013-09-27 11:54 - 00000000 ____D C:\Program Files\MSECache 2013-09-27 22:10 - 2013-09-27 22:10 - 25772520 _____ (Microsoft Corporation) C:\Users\Windows 7\Downloads\wordview_pl-pl.exe 2013-09-27 22:09 - 2013-09-27 22:09 - 00685248 _____ C:\Users\Windows 7\Downloads\Word-Viewer(12113).exe 2013-09-27 11:53 - 2013-09-27 11:53 - 77738888 _____ (Microsoft Corporation) C:\Users\Windows 7\Downloads\ExcelViewer.exe 2013-09-27 11:50 - 2013-09-27 11:50 - 00685248 _____ C:\Users\Windows 7\Downloads\Excel-Viewer(12201).exe 2013-09-27 09:36 - 2013-09-27 09:36 - 00020480 _____ C:\Users\Windows 7\Downloads\Plan zajęć Informatyka sem I.xls 2013-09-26 14:05 - 2013-09-26 14:04 - 00000000 ____D C:\Users\Windows 7\Desktop\Nowy folder (5) 2013-09-24 21:30 - 2013-09-24 21:17 - 310467891 _____ C:\Users\Windows 7\Downloads\GMB vs NJS - Worlds Quarterfinals 2013 D1G3(360p_H.264-AAC).mp4 2013-09-24 07:27 - 2013-09-24 07:27 - 00000000 _____ C:\Users\Windows 7\Desktop\żbik.txt 2013-09-23 14:34 - 2013-09-23 14:34 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2013-09-23 14:34 - 2013-09-23 14:34 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2013-09-23 14:34 - 2013-08-23 22:54 - 00000000 ____D C:\Users\Windows 7\AppData\Local\Adobe 2013-09-23 14:25 - 2013-09-23 14:25 - 00000000 ____D C:\Windows\pss 2013-09-22 17:58 - 2013-09-22 17:57 - 00000542 _____ C:\Users\Windows 7\Desktop\Nowy dokument tekstowy.txt 2013-09-21 16:35 - 2013-09-21 16:35 - 00000542 _____ C:\Users\Windows 7\Downloads\Pieguski.txt 2013-09-19 18:24 - 2013-09-07 19:33 - 00000149 _____ C:\Users\Windows 7\Desktop\refferals.txt 2013-09-19 00:23 - 2013-09-19 00:23 - 00000000 ____D C:\Users\Windows 7\Desktop\Nowy folder (4) 2013-09-17 09:08 - 2013-09-17 09:08 - 00000000 ____D C:\Users\Windows 7\Desktop\TT 2013-09-17 09:06 - 2013-09-17 09:06 - 00962877 _____ C:\Users\Windows 7\Downloads\TTBot v2.5e(shadyprobg_3.03fix).rar 2013-09-15 12:09 - 2013-09-15 12:05 - 00000000 ____D C:\Users\Windows 7\Desktop\Elephant 2013-09-15 11:21 - 2013-09-15 11:21 - 00000000 ____D C:\Users\Windows 7\Documents\League of Legends 2013-09-15 11:20 - 2013-09-15 03:20 - 00000000 ____D C:\LOLPBE 2013-09-15 11:03 - 2013-09-15 11:03 - 00985720 _____ C:\Users\Windows 7\Downloads\ElophantClient.zip 2013-09-15 02:58 - 2013-09-10 02:55 - 00000000 ____D C:\ProgramData\IProt 2013-09-15 02:58 - 2013-09-10 02:54 - 00000000 ____D C:\Users\Windows 7\Desktop\nhc 2013-09-12 10:16 - 2013-08-07 23:12 - 00000000 ____D C:\Users\Windows 7\AppData\Local\GG 2013-09-12 09:23 - 2013-09-12 09:23 - 00000000 ____D C:\ProgramData\GG 2013-09-11 15:39 - 2013-08-24 17:38 - 00000112 _____ C:\Users\Windows 7\Desktop\konta.txt 2013-09-11 15:32 - 2013-09-11 15:30 - 16504355 _____ C:\Users\Windows 7\Downloads\Bryan Adams - Brothers Under The Sun (Spirit Soundtrack)(480p_H.264-AAC).flv 2013-09-11 15:31 - 2013-09-11 15:29 - 61310534 _____ C:\Users\Windows 7\Downloads\30 Seconds To Mars_ Shannon Leto drumming Cologne 29_11_11(360p_H.264-AAC).mp4 2013-09-11 15:29 - 2013-09-11 15:28 - 02261722 _____ C:\Users\Windows 7\Downloads\Bryan Adams - Brothers Under The Sun (Spirit Soundtrack)(240p_H.264-AAC).3gp.part 2013-09-11 15:29 - 2013-09-11 15:28 - 01289474 _____ C:\Users\Windows 7\Downloads\Bryan Adams - Brothers Under The Sun (Spirit Soundtrack)(144p_H.264-AAC).3gp.part 2013-09-11 15:28 - 2013-09-11 15:26 - 05981876 _____ C:\Users\Windows 7\Downloads\30 Seconds To Mars_ Shannon Leto drumming Cologne 29_11_11(240p_H.264-AAC).3gp.part 2013-09-11 15:28 - 2013-09-11 15:23 - 19438653 _____ C:\Users\Windows 7\Downloads\30 Seconds To Mars_ Shannon Leto drumming Cologne 29_11_11(240p_H.263-MP3).flv.part 2013-09-10 21:13 - 2013-09-10 21:13 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2013-09-10 21:12 - 2013-09-10 21:11 - 06953096 _____ (Microsoft Corporation) C:\Users\Windows 7\Downloads\Silverlight.exe 2013-09-10 16:07 - 2013-09-10 16:00 - 00000000 ____D C:\Program Files\Unlocker 2013-09-10 16:00 - 2013-09-10 16:00 - 00000000 ____D C:\Users\Windows 7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker 2013-09-10 15:58 - 2013-09-10 15:58 - 01078591 _____ C:\Users\Windows 7\Downloads\Unlocker1.9.2.exe 2013-09-10 15:57 - 2013-09-10 15:57 - 00685248 _____ C:\Users\Windows 7\Downloads\Unlocker(12240).exe 2013-09-10 10:13 - 2013-09-10 10:13 - 00001124 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk 2013-09-10 10:13 - 2013-09-10 10:13 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client 2013-09-10 10:12 - 2013-09-10 10:11 - 30010384 _____ (TeamSpeak Systems GmbH) C:\Users\Windows 7\Downloads\TeamSpeak3-Client-win32-3.0.12.exe 2013-09-10 02:54 - 2013-09-10 02:54 - 03582460 _____ C:\Users\Windows 7\Downloads\NHC3.rar 2013-09-10 02:40 - 2013-09-10 02:40 - 00000000 ____D C:\Users\Windows 7\Desktop\Nowy folder (3) 2013-09-10 02:40 - 2013-09-10 02:39 - 10339653 _____ C:\Users\Windows 7\Downloads\BoL Studio.rar 2013-09-10 02:25 - 2013-09-10 02:25 - 00564578 _____ C:\Users\Windows 7\Desktop\zikenzieslolbot1.5h PRO (PVP BETA).rar 2013-09-10 02:23 - 2013-09-10 02:22 - 00662013 _____ C:\Users\Windows 7\Downloads\zikenzieslolbot.rar 2013-09-09 10:05 - 2013-08-07 21:25 - 00058016 _____ C:\Users\Windows 7\AppData\Local\GDIPFONTCACHEV1.DAT 2013-09-08 16:37 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET 2013-09-08 08:36 - 2009-07-14 06:33 - 00267880 _____ C:\Windows\system32\FNTCACHE.DAT 2013-09-08 03:05 - 2011-02-04 16:24 - 00000000 ____D C:\Windows\system32\Drivers\pl-PL 2013-09-08 03:05 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\pl-PL 2013-09-08 03:02 - 2013-08-24 19:33 - 00000000 ____D C:\Users\Windows 7\Desktop\ECbot 2013-09-08 02:24 - 2013-09-08 02:24 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01000.Wdf 2013-09-08 02:24 - 2013-09-08 02:24 - 00000000 ____D C:\Program Files\Synaptics 2013-09-08 02:00 - 2013-09-08 02:00 - 00000000 ____D C:\Program Files\Microsoft.NET 2013-09-08 01:57 - 2013-09-08 01:57 - 01005568 _____ (Microsoft Corporation) C:\Users\Windows 7\Downloads\dotNetFx45_Full_setup.exe 2013-09-07 22:16 - 2009-07-14 04:37 - 00000000 ___RD C:\Users\Public 2013-09-07 22:15 - 2013-09-07 22:14 - 00392000 _____ (Softonic ) C:\Users\Windows 7\Downloads\SoftonicDownloader_dla_teamspeak-3.exe 2013-09-07 09:35 - 2013-09-03 22:01 - 00000000 ____D C:\Users\Windows 7\AppData\Roaming\Mount&Blade Warband 2013-09-06 15:44 - 2013-09-06 15:44 - 00000000 ____D C:\Users\Windows 7\Documents\Mount&Blade Warband 2013-09-06 15:43 - 2013-09-06 15:43 - 00467486 _____ C:\Users\Windows 7\Downloads\Warband - Spolszczenie 1.1.0.rar 2013-09-06 12:44 - 2013-09-06 12:08 - 1519417223 _____ C:\Users\Windows 7\Downloads\LOLPBE.zip 2013-09-06 08:40 - 2013-09-03 21:47 - 00000000 ____D C:\Users\Windows 7\AppData\Roaming\DAEMON Tools Lite 2013-09-06 08:40 - 2013-09-03 21:04 - 00000000 ____D C:\Users\Windows 7\AppData\Roaming\uTorrent 2013-09-06 08:40 - 2013-08-07 20:45 - 00000000 ____D C:\Windows\Panther Files to move or delete: ==================== C:\ProgramData\EBLib.dll Some content of TEMP: ==================== C:\Users\Windows 7\AppData\Local\Temp\KMP_3.7.0.109.exe ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-10-06 05:30 ==================== End Of Log ============================