Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-10-2013 Ran by HP (administrator) on HP-KOMPUTER on 03-11-2013 18:14:42 Running from D:\Users\HP\Desktop\FRST Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polish Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe (Hewlett-Packard Company) C:\Windows\system32\Hpservice.exe (Validity Sensors, Inc.) C:\Windows\system32\vcsFPService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (Microsoft Corporation) C:\Windows\system32\WLANExt.exe (DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe (Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe (Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\AllShareFrameworkManagerDMS.exe (Broadcom Corporation.) c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\AllShareFrameworkDMS.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe () C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 5\UI5Guard.exe (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe (TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Dropbox, Inc.) D:\Users\HP\AppData\Roaming\Dropbox\bin\Dropbox.exe (DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DPAgent.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe (Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe (Broadcom Corporation.) c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe () C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe (Broadcom Corporation.) c:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated) HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe [186904 2009-10-13] (Intel Corporation) HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-08-12] (Microsoft Corporation) HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028896 2013-08-27] (NVIDIA Corporation) HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-23] (IDT, Inc.) HKLM\...\Run: [SmartMenu] - C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [915000 2009-01-08] (Hewlett-Packard) HKLM\...\Run: [Samsung Link] - "C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe" HKLM\...\Run: [Ashampoo Uninstaller 5 Guard] - C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 5\UI5Guard.exe [2346336 2013-05-08] () HKCU\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden HKCU\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20133824 2013-09-25] (Google) HKCU\...\Run: [TomTomHOME.exe] - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248208 2013-08-27] (TomTom) HKCU\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564528 2013-09-04] (Samsung) HKCU\...\Run: [KiesAirMessage] - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup HKCU\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-09-04] (Samsung) HKLM-x32\...\Run: [DpAgent] - C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe [842816 2009-07-17] (DigitalPersona, Inc.) HKLM-x32\...\Run: [WirelessAssistant] - C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [499768 2009-09-01] (Hewlett-Packard) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [RUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe [115048 2011-09-20] (Renesas Electronics Corporation) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [QlbCtrl.exe] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe [323640 2009-11-24] ( Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-09-04] (Samsung Electronics Co., Ltd.) Lsa: [Notification Packages] scecli DPPWDFLT Startup: D:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> D:\Users\HP\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://metromsn.gazeta.pl/metromsn/0,0.html?ocid=UP76DHP&pc=UP76&dt=091013 HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear BHO: DigitalPersona Personal Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: DigitalPersona Personal Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard) DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Hosts: Hosts file not detected in the default directory Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4 FireFox: ======== FF ProfilePath: D:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jzux16t3.default FF Homepage: hxxp://www.onet.pl/ FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll () FF Plugin: @java.com/DTPlugin,version=10.40.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.) FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Extension: No Name - D:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jzux16t3.default\Extensions\IplextoALL@ALLPlayer.org FF Extension: DownlOad keePer - D:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jzux16t3.default\Extensions\st4jj@vv-.edu FF Extension: SearchNewTab - D:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jzux16t3.default\Extensions\szie@eiiuuau.org FF Extension: DownloadHelper - D:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jzux16t3.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} FF Extension: anticontainer - D:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jzux16t3.default\Extensions\anticontainer@downthemall.net.xpi FF Extension: copyplaintext - D:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jzux16t3.default\Extensions\copyplaintext@teo.pl.xpi FF Extension: elemhidehelper - D:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jzux16t3.default\Extensions\elemhidehelper@adblockplus.org.xpi FF Extension: firebug - D:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jzux16t3.default\Extensions\firebug@software.joehewitt.com.xpi FF Extension: IplextoALL - D:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jzux16t3.default\Extensions\IplextoALL@ALLPlayer.org.xpi FF Extension: jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI - D:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jzux16t3.default\Extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.xpi FF Extension: jid1-MVBjD3PCN9WVIR - D:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jzux16t3.default\Extensions\jid1-MVBjD3PCN9WVIR@jetpack.xpi FF Extension: jid1-qj0w91o64N7Eeg - D:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jzux16t3.default\Extensions\jid1-qj0w91o64N7Eeg@jetpack.xpi FF Extension: tabscope - D:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jzux16t3.default\Extensions\tabscope@xuldev.org.xpi FF Extension: tabScopeTweaker - D:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jzux16t3.default\Extensions\tabScopeTweaker@infocatcher.xpi FF Extension: thumbnailZoom - D:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jzux16t3.default\Extensions\thumbnailZoom@dadler.github.com.xpi FF Extension: translator - D:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jzux16t3.default\Extensions\translator@zoli.bod.xpi FF Extension: verticaltoolbar - D:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jzux16t3.default\Extensions\verticaltoolbar@xuldev.org.xpi FF Extension: YoutubeDownloader - D:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jzux16t3.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi FF Extension: Adblock Plus - D:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jzux16t3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi FF Extension: tabmix - D:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jzux16t3.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi FF Extension: dta - D:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jzux16t3.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ FF HKCU\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\firefoxext FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\firefoxext ==================== Services (Whitelisted) ================= R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation) R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\AllShareFrameworkManagerDMS.exe [404360 2013-09-10] (Samsung) S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [111616 2013-09-21] (Microsoft Corporation) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-08-12] (Microsoft Corporation) R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-08-12] (Microsoft Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14997280 2013-08-27] (NVIDIA Corporation) R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe [247808 2010-03-23] (IDT, Inc.) S2 MBAMScheduler; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe" [x] S2 MBAMService; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" [x] S2 Samsung Link Service; "C:\Program Files\Samsung\Samsung Link\Samsung Link.exe" [x] ==================== Drivers (Whitelisted) ==================== R3 johci; C:\Windows\System32\DRIVERS\johci.sys [26208 2012-07-16] (JMicron Technology Corp.) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation) R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-08-20] (NVIDIA Corporation) S3 RSUSBSTOR; C:\Windows\SysWow64\Drivers\RtsUStor.sys [225280 2009-09-02] (Realtek Semiconductor Corp.) R3 rusb3hub; C:\Windows\System32\DRIVERS\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation) R3 rusb3xhc; C:\Windows\System32\DRIVERS\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation) R2 UI5IFS; C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 5\IFS64.sys [37216 2013-05-08] () S3 usbscan; C:\Windows\SysWow64\DRIVERS\usbscan.sys [8944 1999-05-05] (Microsoft Corporation) U3 DfSdkS; U4 eabfiltr; S3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-11-03 18:14 - 2013-11-03 18:14 - 00000000 ____D C:\FRST 2013-11-03 17:41 - 2013-11-03 17:41 - 01060070 _____ D:\Users\HP\Downloads\adwcleaner.exe 2013-11-03 17:23 - 2013-11-03 17:23 - 00003584 _____ D:\Users\HP\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-11-03 16:26 - 2013-11-03 16:27 - 00000567 _____ D:\Users\HP\Desktop\Nowy dokument tekstowy (2).txt 2013-11-03 16:19 - 2013-11-03 16:19 - 00000000 ____D D:\Users\HP\Desktop\GMER 2013-11-03 16:14 - 2013-11-03 16:17 - 00000000 ____D D:\Users\HP\Desktop\OTL 2013-11-03 16:14 - 2013-11-03 16:14 - 00000000 ____D D:\Users\HP\Desktop\FRST 2013-11-03 15:56 - 2013-04-09 22:02 - 10285040 _____ (Malwarebytes Corporation ) D:\Users\HP\Downloads\mbam-setup-1.75.0.1300.exe 2013-11-03 15:17 - 2013-11-03 15:17 - 00000124 _____ C:\Windows\SCNDRVU.INI 2013-11-03 15:17 - 2007-01-25 20:33 - 00016896 _____ () C:\Windows\system32\GetInst64.dll 2013-11-03 15:16 - 2013-11-03 15:16 - 00001032 _____ D:\Users\HP\Desktop\Action Manager 32.lnk 2013-11-03 15:16 - 2013-11-03 15:16 - 00000000 ____D D:\Users\HP\Downloads\95A OpticPro ST48 V4.2.0.0 WebDriver 2013-11-03 15:16 - 2013-11-03 15:16 - 00000000 ____D C:\Program Files (x86)\Plustek 2013-11-03 15:16 - 1999-05-05 06:22 - 00008944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\Usbscan.sys 2013-11-03 15:16 - 1999-05-05 06:22 - 00008944 _____ (Microsoft Corporation) C:\Windows\system\Usbscan.sys 2013-11-03 15:16 - 1997-01-22 20:26 - 00565760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVCP50.DLL 2013-11-03 15:02 - 2013-11-03 15:02 - 00001783 _____ D:\Users\HP\Desktop\AGNIESZKA — skrót.lnk 2013-11-03 13:20 - 2013-09-25 08:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-11-03 13:20 - 2013-09-25 07:35 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-11-03 13:20 - 2013-09-25 07:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-11-03 13:20 - 2013-09-24 08:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-11-03 13:20 - 2013-09-24 07:31 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-11-03 13:20 - 2013-09-24 07:25 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-11-03 13:19 - 2013-09-25 09:22 - 17142272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-11-03 13:19 - 2013-09-25 07:36 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-11-03 13:19 - 2013-09-25 07:29 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-11-03 13:19 - 2013-09-25 07:26 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2013-11-03 13:19 - 2013-09-25 06:45 - 11223552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-11-03 13:19 - 2013-09-25 05:51 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-11-03 13:19 - 2013-09-25 05:45 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-11-03 13:19 - 2013-09-24 09:48 - 23213568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-11-03 13:19 - 2013-09-24 07:45 - 02763776 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-11-03 13:19 - 2013-09-24 07:21 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2013-11-03 13:19 - 2013-09-24 06:56 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-11-03 13:19 - 2013-09-24 06:07 - 12997632 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-11-03 13:19 - 2013-09-24 05:33 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-11-03 13:19 - 2013-09-24 05:04 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-11-03 13:19 - 2013-09-14 02:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2013-11-03 13:19 - 2013-09-08 03:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2013-11-03 13:19 - 2013-09-08 03:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll 2013-11-03 13:19 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll 2013-11-03 13:19 - 2013-08-29 03:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2013-11-03 13:19 - 2013-08-29 03:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2013-11-03 13:19 - 2013-08-29 03:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2013-11-03 13:19 - 2013-08-29 03:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2013-11-03 13:19 - 2013-08-29 03:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2013-11-03 13:19 - 2013-08-29 02:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2013-11-03 13:19 - 2013-08-29 02:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2013-11-03 13:19 - 2013-08-29 02:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2013-11-03 13:19 - 2013-08-29 02:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll 2013-11-03 13:19 - 2013-08-29 02:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2013-11-03 13:19 - 2013-08-29 02:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2013-11-03 13:19 - 2013-08-29 01:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2013-11-03 13:19 - 2013-08-29 01:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2013-11-03 13:19 - 2013-08-29 01:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2013-11-03 13:19 - 2013-08-29 01:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2013-11-03 13:19 - 2013-08-28 02:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2013-11-03 13:19 - 2013-07-12 11:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys 2013-11-03 13:19 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys 2013-11-03 13:19 - 2013-07-04 13:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll 2013-11-03 13:19 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll 2013-11-03 13:19 - 2013-07-04 13:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll 2013-11-03 13:19 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll 2013-11-03 13:19 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll 2013-11-03 13:19 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll 2013-11-03 13:19 - 2013-07-04 11:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2013-11-03 13:19 - 2013-07-03 05:40 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys 2013-11-03 13:19 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys 2013-11-03 13:19 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys 2013-11-03 13:19 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys 2013-11-03 13:19 - 2013-06-06 06:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2013-11-03 13:19 - 2013-06-06 06:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2013-11-03 13:19 - 2013-06-06 06:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2013-11-03 13:19 - 2013-06-06 06:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2013-11-03 13:19 - 2013-06-06 05:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2013-11-03 13:19 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2013-11-03 13:19 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2013-11-03 13:19 - 2013-06-06 04:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2013-11-03 13:19 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2013-11-03 13:19 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2013-11-03 13:18 - 2013-08-28 02:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll 2013-11-03 13:18 - 2013-08-01 13:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2013-11-03 13:18 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2013-11-03 13:18 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2013-11-03 13:07 - 2013-11-03 13:07 - 00004125 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log 2013-11-03 13:07 - 2013-10-08 07:50 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2013-11-03 13:07 - 2013-10-08 07:46 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2013-11-03 13:07 - 2013-10-08 07:46 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2013-11-03 13:07 - 2013-10-08 07:46 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2013-11-03 09:38 - 2013-11-03 13:15 - 414516207 _____ D:\Users\HP\Desktop\Traktor Tom 11 odcinków, 2h bajki w dobrej jakości.mp4 2013-11-03 09:38 - 2013-11-03 13:10 - 00000000 ____D D:\Users\HP\dwhelper 2013-11-01 23:07 - 2013-11-01 23:07 - 00000000 ____D D:\Users\HP\AppData\Roaming\Malwarebytes 2013-11-01 11:27 - 2013-11-01 11:27 - 00002217 _____ D:\Users\HP\Desktop\JRT.txt 2013-11-01 11:13 - 2013-11-03 11:27 - 00000000 ____D D:\Users\HP\Desktop\RK_Quarantine 2013-11-01 07:15 - 2013-10-31 17:51 - 1503819456 _____ D:\Users\HP\Downloads\Planes_(2013)_PL.DUB.MD.480p.BRRip.XViD.Ac3-MORS.avi 2013-10-31 20:00 - 2013-10-31 20:00 - 00000000 ____D D:\Users\HP\AppData\Roaming\LavasoftStatistics 2013-10-31 19:45 - 2013-10-31 19:45 - 00000000 ____D D:\Users\HP\AppData\Roaming\Lavasoft 2013-10-31 18:51 - 2013-11-03 15:05 - 00000000 ____D D:\Users\HP\AppData\Roaming\HOSTS Anti-Adwares 2013-10-31 18:51 - 2013-11-03 11:29 - 00000000 ____D C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs 2013-10-28 19:50 - 2013-10-28 20:19 - 00000000 ____D D:\Users\HP\Documents\My PageManager 2013-10-28 19:50 - 2013-10-28 19:50 - 00000000 ____D D:\Users\HP\AppData\Roaming\NewSoft 2013-10-28 19:50 - 2013-10-28 19:50 - 00000000 ____D D:\Users\HP\AppData\Roaming\.oit 2013-10-28 19:50 - 2013-10-28 19:50 - 00000000 ____D D:\Users\HP\AppData\Local\NewSoft 2013-10-28 05:49 - 2013-10-27 20:27 - 738666496 _____ D:\Users\HP\Downloads\The.Bible.Part3-Part4.PL.HDTV.XviD-CAMBiO.avi 2013-10-26 11:57 - 2013-11-02 09:59 - 00000000 ____D C:\Program Files (x86)\Ss.Helper 2013-10-25 21:42 - 2013-10-25 21:42 - 00124688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswinsck.ocx 2013-10-24 18:24 - 2013-10-24 18:32 - 00000000 ____D D:\Users\HP\Documents\SelfMV 2013-10-19 16:20 - 2013-10-19 16:20 - 00000000 ____D D:\Users\HP\Documents\Ashampoo Burning Studio 12 2013-10-19 10:30 - 2013-10-19 16:41 - 00000000 ____D D:\Users\HP\Downloads\Bajki Grajki 2013-10-18 18:51 - 2013-10-18 18:52 - 00000000 ____D D:\Users\HP\Downloads\z_Forbrydelsen 2013-10-16 21:30 - 2013-11-03 10:30 - 00000000 ____D C:\Windows\WindowsMobile 2013-10-12 22:32 - 2013-10-12 22:30 - 00078156 _____ D:\Users\HP\Downloads\Ronda.csv 2013-10-12 22:10 - 2013-10-12 22:10 - 00000000 ____D C:\Program Files (x86)\Dnote Software 2013-10-11 17:05 - 2013-11-03 11:27 - 00000000 ____D D:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ashampoo 2013-10-07 20:15 - 2008-11-25 22:33 - 00802706 _____ (Koma-Code ) D:\Users\HP\Downloads\Scan2PDF.exe 2013-10-07 19:57 - 2013-10-07 20:33 - 00002477 _____ D:\Users\HP\Desktop\Pobrane_na Touro.ffs_batch 2013-10-07 19:56 - 2013-10-07 20:33 - 00002486 _____ D:\Users\HP\Documents\Pobrane_na Touro.ffs_gui 2013-10-07 18:51 - 2013-11-03 17:29 - 00001596 _____ C:\Windows\PFRO.log 2013-10-06 10:59 - 2013-11-03 14:43 - 00000000 ____D D:\Users\HP\AppData\Roaming\vlc 2013-10-06 10:58 - 2013-10-06 10:58 - 00000000 ____D C:\Program Files (x86)\VideoLAN 2013-10-06 10:56 - 2013-09-25 16:42 - 24278649 _____ D:\Users\HP\Downloads\vlc-2.1.0-win32.exe 2013-10-04 15:29 - 2013-11-03 17:54 - 00002634 _____ C:\Windows\setupact.log 2013-10-04 15:29 - 2013-10-04 15:29 - 00000000 _____ C:\Windows\setuperr.log 2013-10-04 15:11 - 2013-09-24 11:29 - 91155016 _____ (Copyright 2013 SAMSUNG) D:\Users\HP\Downloads\SamsungLink_Installer64.exe ==================== One Month Modified Files and Folders ======= 2013-11-03 18:14 - 2013-11-03 18:14 - 00000000 ____D C:\FRST 2013-11-03 18:02 - 2009-07-14 05:45 - 00022336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-11-03 18:02 - 2009-07-14 05:45 - 00022336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-11-03 18:01 - 2011-04-12 14:21 - 00738192 _____ C:\Windows\system32\perfh015.dat 2013-11-03 18:01 - 2011-04-12 14:21 - 00154848 _____ C:\Windows\system32\perfc015.dat 2013-11-03 18:01 - 2009-07-14 06:13 - 01663412 _____ C:\Windows\system32\PerfStringBackup.INI 2013-11-03 17:59 - 2013-09-10 18:29 - 01758569 _____ C:\Windows\WindowsUpdate.log 2013-11-03 17:54 - 2013-10-04 15:29 - 00002634 _____ C:\Windows\setupact.log 2013-11-03 17:54 - 2013-09-11 21:09 - 00000000 ____D D:\Users\HP\AppData\Roaming\Dropbox 2013-11-03 17:54 - 2013-09-11 10:48 - 00000000 ___RD D:\Users\HP\Dysk Google 2013-11-03 17:54 - 2013-09-11 10:48 - 00000000 ___RD D:\Users\HP\Dropbox 2013-11-03 17:53 - 2013-09-11 22:01 - 00001036 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-11-03 17:53 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-11-03 17:51 - 2009-07-14 06:08 - 00019054 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2013-11-03 17:46 - 2013-09-10 20:53 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-11-03 17:41 - 2013-11-03 17:41 - 01060070 _____ D:\Users\HP\Downloads\adwcleaner.exe 2013-11-03 17:40 - 2013-09-11 22:01 - 00001040 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-11-03 17:33 - 2013-09-12 20:06 - 00000000 ____D C:\Program Files (x86)\Samsung 2013-11-03 17:33 - 2013-09-10 19:41 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-11-03 17:29 - 2013-10-07 18:51 - 00001596 _____ C:\Windows\PFRO.log 2013-11-03 17:23 - 2013-11-03 17:23 - 00003584 _____ D:\Users\HP\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-11-03 16:27 - 2013-11-03 16:26 - 00000567 _____ D:\Users\HP\Desktop\Nowy dokument tekstowy (2).txt 2013-11-03 16:19 - 2013-11-03 16:19 - 00000000 ____D D:\Users\HP\Desktop\GMER 2013-11-03 16:17 - 2013-11-03 16:14 - 00000000 ____D D:\Users\HP\Desktop\OTL 2013-11-03 16:14 - 2013-11-03 16:14 - 00000000 ____D D:\Users\HP\Desktop\FRST 2013-11-03 15:32 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp 2013-11-03 15:30 - 2013-09-11 10:08 - 00000000 ____D D:\Users\HP\Documents\_ROBERT 2013-11-03 15:17 - 2013-11-03 15:17 - 00000124 _____ C:\Windows\SCNDRVU.INI 2013-11-03 15:16 - 2013-11-03 15:16 - 00001032 _____ D:\Users\HP\Desktop\Action Manager 32.lnk 2013-11-03 15:16 - 2013-11-03 15:16 - 00000000 ____D D:\Users\HP\Downloads\95A OpticPro ST48 V4.2.0.0 WebDriver 2013-11-03 15:16 - 2013-11-03 15:16 - 00000000 ____D C:\Program Files (x86)\Plustek 2013-11-03 15:16 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system 2013-11-03 15:05 - 2013-10-31 18:51 - 00000000 ____D D:\Users\HP\AppData\Roaming\HOSTS Anti-Adwares 2013-11-03 15:05 - 2013-09-27 10:30 - 00000000 ____D C:\Program Files (x86)\Ashampoo 2013-11-03 15:02 - 2013-11-03 15:02 - 00001783 _____ D:\Users\HP\Desktop\AGNIESZKA — skrót.lnk 2013-11-03 14:58 - 2013-09-10 20:53 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-11-03 14:58 - 2013-09-10 20:53 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-11-03 14:58 - 2013-09-10 20:53 - 00003868 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-11-03 14:43 - 2013-10-06 10:59 - 00000000 ____D D:\Users\HP\AppData\Roaming\vlc 2013-11-03 13:47 - 2013-09-11 06:48 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2013-11-03 13:47 - 2013-09-11 06:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2013-11-03 13:47 - 2009-07-14 05:45 - 00313808 _____ C:\Windows\system32\FNTCACHE.DAT 2013-11-03 13:36 - 2013-09-10 21:31 - 01639550 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2013-11-03 13:30 - 2013-09-11 06:04 - 00000000 ____D C:\Windows\system32\MRT 2013-11-03 13:27 - 2013-09-11 06:04 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-11-03 13:22 - 2013-09-10 20:45 - 00001912 _____ C:\Windows\epplauncher.mif 2013-11-03 13:21 - 2013-09-10 20:45 - 00000000 ____D C:\Program Files\Microsoft Security Client 2013-11-03 13:21 - 2013-09-10 20:45 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client 2013-11-03 13:15 - 2013-11-03 09:38 - 414516207 _____ D:\Users\HP\Desktop\Traktor Tom 11 odcinków, 2h bajki w dobrej jakości.mp4 2013-11-03 13:10 - 2013-11-03 09:38 - 00000000 ____D D:\Users\HP\dwhelper 2013-11-03 13:07 - 2013-11-03 13:07 - 00004125 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log 2013-11-03 13:07 - 2013-09-11 22:31 - 00000000 ____D C:\Program Files (x86)\Java 2013-11-03 11:29 - 2013-10-31 18:51 - 00000000 ____D C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs 2013-11-03 11:29 - 2013-10-01 15:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-11-03 11:29 - 2013-09-27 17:09 - 00000000 ____D C:\Program Files\FreeFileSync 2013-11-03 11:29 - 2013-09-26 21:52 - 00000000 ____D C:\Program Files (x86)\NapiProjekt 2013-11-03 11:29 - 2013-09-12 19:30 - 00000000 ____D C:\Program Files\Tyre 2013-11-03 11:29 - 2013-09-12 19:29 - 00000000 ____D C:\Program Files (x86)\Tyre 2013-11-03 11:29 - 2013-09-12 19:20 - 00000000 ____D C:\Program Files (x86)\TomTom HOME 2 2013-11-03 11:29 - 2013-09-12 16:38 - 00000000 ___RD C:\Program Files (x86)\Skype 2013-11-03 11:29 - 2013-09-12 15:10 - 00000000 ____D C:\Program Files (x86)\PDFCreator 2013-11-03 11:29 - 2013-09-11 22:36 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack 2013-11-03 11:29 - 2013-09-11 22:14 - 00000000 ____D C:\Program Files (x86)\IrfanView 2013-11-03 11:29 - 2013-09-11 21:59 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client 2013-11-03 11:29 - 2013-09-11 21:39 - 00000000 ____D C:\Program Files (x86)\e-Deklaracje 2013-11-03 11:29 - 2013-09-11 20:42 - 00000000 ____D C:\Program Files\7-Zip 2013-11-03 11:29 - 2013-09-11 08:12 - 00000000 ____D C:\Program Files (x86)\Microsoft Works 2013-11-03 11:29 - 2013-09-10 22:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2013-11-03 11:29 - 2013-09-10 22:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-11-03 11:29 - 2013-09-10 22:09 - 00000000 ____D C:\Windows\System32\Tasks\Hewlett-Packard 2013-11-03 11:29 - 2013-09-10 20:53 - 00000000 ____D C:\Windows\system32\Macromed 2013-11-03 11:29 - 2013-09-10 19:27 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2013-11-03 11:29 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Defender 2013-11-03 11:29 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\DVD Maker 2013-11-03 11:29 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD 2013-11-03 11:29 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\servicing 2013-11-03 11:29 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache 2013-11-03 11:28 - 2013-09-11 09:05 - 00000000 ____D D:\Users\HP\Downloads\Nawigacja 2013-11-03 11:28 - 2013-09-11 08:42 - 00000000 ____D D:\Users\HP\Downloads\z_Downton.Abbey 2013-11-03 11:27 - 2013-11-01 11:13 - 00000000 ____D D:\Users\HP\Desktop\RK_Quarantine 2013-11-03 11:27 - 2013-10-11 17:05 - 00000000 ____D D:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ashampoo 2013-11-03 11:27 - 2013-09-26 21:52 - 00000000 ____D D:\Users\HP\AppData\Roaming\NapiProjekt 2013-11-03 11:27 - 2013-09-11 22:14 - 00000000 ____D D:\Users\HP\AppData\Roaming\IrfanView 2013-11-03 11:27 - 2013-09-10 18:40 - 00000000 ___RD D:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-11-03 11:27 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration 2013-11-03 11:23 - 2013-09-24 19:49 - 00000000 ____D C:\Program Files\Samsung 2013-11-03 11:22 - 2013-09-10 21:33 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2013-11-03 11:18 - 2013-09-12 16:39 - 00000000 ____D D:\Users\HP\AppData\Roaming\Skype 2013-11-03 11:17 - 2013-09-10 22:41 - 00000000 ____D D:\Users\HP\AppData\Local\Adobe 2013-11-03 10:35 - 2013-09-11 22:01 - 00004036 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2013-11-03 10:35 - 2013-09-11 22:01 - 00003784 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2013-11-03 10:31 - 2013-09-10 18:40 - 00000000 ____D D:\Users\HP 2013-11-03 10:30 - 2013-10-16 21:30 - 00000000 ____D C:\Windows\WindowsMobile 2013-11-02 09:59 - 2013-10-26 11:57 - 00000000 ____D C:\Program Files (x86)\Ss.Helper 2013-11-01 23:07 - 2013-11-01 23:07 - 00000000 ____D D:\Users\HP\AppData\Roaming\Malwarebytes 2013-11-01 22:23 - 2013-09-10 18:40 - 00000000 __SHD C:\Recovery 2013-11-01 22:07 - 2013-09-11 10:42 - 00000000 ____D D:\Users\HP\Documents\AGNIESZKA 2013-11-01 11:27 - 2013-11-01 11:27 - 00002217 _____ D:\Users\HP\Desktop\JRT.txt 2013-10-31 20:00 - 2013-10-31 20:00 - 00000000 ____D D:\Users\HP\AppData\Roaming\LavasoftStatistics 2013-10-31 19:45 - 2013-10-31 19:45 - 00000000 ____D D:\Users\HP\AppData\Roaming\Lavasoft 2013-10-31 17:51 - 2013-11-01 07:15 - 1503819456 _____ D:\Users\HP\Downloads\Planes_(2013)_PL.DUB.MD.480p.BRRip.XViD.Ac3-MORS.avi 2013-10-28 20:19 - 2013-10-28 19:50 - 00000000 ____D D:\Users\HP\Documents\My PageManager 2013-10-28 19:50 - 2013-10-28 19:50 - 00000000 ____D D:\Users\HP\AppData\Roaming\NewSoft 2013-10-28 19:50 - 2013-10-28 19:50 - 00000000 ____D D:\Users\HP\AppData\Roaming\.oit 2013-10-28 19:50 - 2013-10-28 19:50 - 00000000 ____D D:\Users\HP\AppData\Local\NewSoft 2013-10-28 16:57 - 2013-09-11 08:44 - 00000000 ____D D:\Users\HP\Downloads\z_Hunted 2013-10-27 20:27 - 2013-10-28 05:49 - 738666496 _____ D:\Users\HP\Downloads\The.Bible.Part3-Part4.PL.HDTV.XviD-CAMBiO.avi 2013-10-26 07:34 - 2013-09-11 09:21 - 00000000 ____D D:\Users\HP\Downloads\z_Arrow 2013-10-25 21:42 - 2013-10-25 21:42 - 00124688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswinsck.ocx 2013-10-24 18:32 - 2013-10-24 18:24 - 00000000 ____D D:\Users\HP\Documents\SelfMV 2013-10-21 05:56 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF 2013-10-19 16:41 - 2013-10-19 10:30 - 00000000 ____D D:\Users\HP\Downloads\Bajki Grajki 2013-10-19 16:20 - 2013-10-19 16:20 - 00000000 ____D D:\Users\HP\Documents\Ashampoo Burning Studio 12 2013-10-18 18:52 - 2013-10-18 18:51 - 00000000 ____D D:\Users\HP\Downloads\z_Forbrydelsen 2013-10-17 21:33 - 2013-09-11 08:49 - 00000000 ____D D:\Users\HP\Downloads\z_Shameless 2013-10-12 22:30 - 2013-10-12 22:32 - 00078156 _____ D:\Users\HP\Downloads\Ronda.csv 2013-10-12 22:10 - 2013-10-12 22:10 - 00000000 ____D C:\Program Files (x86)\Dnote Software 2013-10-12 21:59 - 2013-09-10 22:31 - 00000000 ____D D:\Users\HP\AppData\Local\Thunderbird 2013-10-08 07:50 - 2013-11-03 13:07 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2013-10-08 07:46 - 2013-11-03 13:07 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2013-10-08 07:46 - 2013-11-03 13:07 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2013-10-08 07:46 - 2013-11-03 13:07 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2013-10-07 20:33 - 2013-10-07 19:57 - 00002477 _____ D:\Users\HP\Desktop\Pobrane_na Touro.ffs_batch 2013-10-07 20:33 - 2013-10-07 19:56 - 00002486 _____ D:\Users\HP\Documents\Pobrane_na Touro.ffs_gui 2013-10-07 19:57 - 2013-09-27 17:10 - 00000000 ____D D:\Users\HP\AppData\Roaming\FreeFileSync 2013-10-06 10:58 - 2013-10-06 10:58 - 00000000 ____D C:\Program Files (x86)\VideoLAN 2013-10-04 15:29 - 2013-10-04 15:29 - 00000000 _____ C:\Windows\setuperr.log 2013-10-04 15:03 - 2013-10-03 19:18 - 00000404 _____ C:\Windows\Tasks\One-Click Optimizer.job Some content of TEMP: ==================== D:\Users\HP\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe D:\Users\HP\AppData\Local\Temp\ose00000.exe D:\Users\HP\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-10-24 17:19 ==================== End Of Log ============================