Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-09-2013 ([color=red]ATTENTION: ====> FRST version is 137 days old and could be outdated[/color]) Ran by Myszka (administrator) on MYSZKA-KOMPUTER on 23-01-2014 17:58:06 Running from C:\Users\Myszka\Downloads Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: Polish Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) =================== (Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe (ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe () C:\Program Files\Web Assistant\ExtensionUpdaterService.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Intel Corporation) C:\Windows\system32\igfxsrvc.exe (ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (eRmail Company, s. r. o.) C:\Users\Myszka\AppData\Roaming\eRclient\eRclient.exe (DT Soft Ltd) C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe (Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe (GG Network S.A.) C:\Users\Myszka\AppData\Local\GG\Application\gghub.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPNetworkCommunicatorCom.exe () C:\Users\Myszka\AppData\Roaming\pwo6\svchost.exe () C:\Users\Myszka\AppData\Local\Temp\_MEI24882\bin\winlogon.exe (GG Network S.A.) C:\Users\Myszka\AppData\Local\GG\Application\ggapp.exe (GG Network S.A.) C:\Users\Myszka\AppData\Local\GG\Application\ggdrive\ggdrive.exe () C:\Program Files\RightSurf\updateRightSurf.exe (Farbar) C:\Users\Myszka\Downloads\Farbar Recovery Scan Tool.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe (Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe (Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] () HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Smart Security\egui.exe [5074384 2012-12-21] (ESET) HKLM\...\Run: [mobilegeni daemon] - C:\Program Files\Mobogenie\DaemonProcess.exe HKCU\...\Run: [] - HKCU\...\Run: [eRclient] - C:\Users\Myszka\AppData\Roaming\eRclient\eRclient.exe [1269248 2013-07-15] (eRmail Company, s. r. o.) HKCU\...\Run: [HP Deskjet 3510 series (NET)] - C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe [1837672 2012-10-17] (Hewlett-Packard Co.) HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.) HKCU\...\Run: [pwo6] - C:\Users\Myszka\AppData\Roaming\pwo6\svchost.exe [7321417 2013-10-09] () HKCU\...\Run: [GG] - C:\Users\Myszka\AppData\Local\GG\Application\gghub.exe [4047424 2013-12-12] (GG Network S.A.) HKCU\...\Run: [NextLive] - C:\Windows\system32\rundll32.exe "C:\Users\Myszka\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l HKCU\...\Run: [DAEMON Tools Pro Agent] - C:\Program Files\DAEMON Tools Pro\DTAgent.exe [3111744 2012-04-26] (DT Soft Ltd) MountPoints2: {bf090162-545e-11e3-a82d-0016d3ea2c06} - F:\LGAutoRun.exe MountPoints2: {e9215be3-39a4-11e3-9515-0016d3ea2c06} - F:\AutoRun.exe HKU\Mcx1-MYSZKA-KOMPUTER\...\Winlogon: [Shell] C:\Windows\eHome\McrMgr.exe [ 2009-07-14] (Microsoft Corporation) <==== ATTENTION Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe (McAfee, Inc.) Startup: C:\Users\Myszka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Powiadomienia monitorowania tuszu - HP Deskjet 3510 series (sieć).lnk ShortcutTarget: Powiadomienia monitorowania tuszu - HP Deskjet 3510 series (sieć).lnk -> C:\Program Files\HP\HP Deskjet 3510 series\bin\HPStatusBL.dll (Hewlett-Packard Co.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si=41460&tid=3192&st=bs&q= HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dosearches.com/?utm_source=b&utm_medium=cor&utm_campaign=rg&utm_content=hp&from=cor&uid=HitachiXHTS541612J9SA00_SB2504H6JGDMDUJGDMDUX&ts=1384108367 HKCU\Software\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certified-toolbar.com?si=41460&st=home&tid=3192 HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si=41460&tid=3192&st=bs&q= HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si=41460&tid=3192&st=bs&q= HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dosearches.com/?utm_source=b&utm_medium=cor&utm_campaign=rg&utm_content=hp&from=cor&uid=HitachiXHTS541612J9SA00_SB2504H6JGDMDUJGDMDUX&ts=1384108367 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?type=ds&ts=1388687266&from=wpm0102&uid=HitachiXHTS541612J9SA00_SB2504H6JGDMDUJGDMDUX&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dosearches.com/?utm_source=b&utm_medium=cor&utm_campaign=rg&utm_content=hp&from=cor&uid=HitachiXHTS541612J9SA00_SB2504H6JGDMDUJGDMDUX&ts=1384108367 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dosearches.com/?utm_source=b&utm_medium=cor&utm_campaign=rg&utm_content=hp&from=cor&uid=HitachiXHTS541612J9SA00_SB2504H6JGDMDUJGDMDUX&ts=1384108367 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?type=ds&ts=1388687266&from=wpm0102&uid=HitachiXHTS541612J9SA00_SB2504H6JGDMDUJGDMDUX&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certified-toolbar.com?si=41460&st=home&tid=3192 HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si=41460&tid=3192&st=bs&q= URLSearchHook: (No Name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - No File StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.dosearches.com/?utm_source=b&utm_medium=cor&utm_campaign=rg&utm_content=sc&from=cor&uid=HitachiXHTS541612J9SA00_SB2504H6JGDMDUJGDMDUX&ts=1384108367 SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.delta-homes.com/web/?type=ds&ts=1388687266&from=wpm0102&uid=HitachiXHTS541612J9SA00_SB2504H6JGDMDUJGDMDUX&q={searchTerms} SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.certified-toolbar.com?si=41460&st=bs&tid=3192&q={searchTerms} SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.delta-homes.com/web/?type=ds&ts=1388687266&from=wpm0102&uid=HitachiXHTS541612J9SA00_SB2504H6JGDMDUJGDMDUX&q={searchTerms} SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.searchgol.com/?q={searchTerms}&babsrc=SP_ss&mntrId=0A09001B77DD8F5B&affID=119357&tsp=5021 SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://startsear.ch/?aff=1&src=sp&cf=9fbf9679-256b-11e1-b99c-0016d3ea2c06&q={searchTerms} SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.searchgol.com/?q={searchTerms}&babsrc=SP_ss&mntrId=0A09001B77DD8F5B&affID=119357&tsp=5021 SearchScopes: HKCU - {29C52667-3732-4BDB-BC79-6B76F74B94BD} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=YYYYYYYYPL&apn_uid=E3183166-1365-4633-BEB6-66B2DF75D33B&apn_sauid=E10C82B8-E20E-48DC-952A-56D44A06857F SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.delta-homes.com/web/?type=ds&ts=1388687266&from=wpm0102&uid=HitachiXHTS541612J9SA00_SB2504H6JGDMDUJGDMDUX&q={searchTerms} SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://www.claro-search.com/?q={searchTerms}&affID=117423&tt=5112_7&babsrc=SP_ss&mntrId=0a0919f1000000000000001b77dd8f5b SearchScopes: HKCU - {C95A2419-2A6F-4392-A528-204644D57587} URL = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = http://mystart.incredibar.com/mb203?a=6R8vmOCu38&search={searchTerms}&i=26 BHO: No Name - {000F18F2-09EB-4A59-82B2-5AE4184C39C3} - No File BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.) BHO: Web Assistant - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll () BHO: Incredibar.com Helper Object - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll (Montera Technologeis LTD) BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: IE5BarLauncherBHO Class - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files\vShare.tv plugin\BarLcher.dll (VShare Inc.) BHO: RightSurf - {88be1aa9-6740-461c-9e3e-f35eb8fa741c} - C:\Program Files\RightSurf\RightSurfbho.dll (RightSurf) BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: IplexToALLPlayer - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~1\ALLPLA~1\Iplex\IPLEXT~1.DLL (ALLCinema Ltd.) Toolbar: HKLM - VShareToolBar - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files\vShare.tv plugin\BarLcher.dll (VShare Inc.) Toolbar: HKLM - Incredibar Toolbar - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll (Montera Technologeis LTD) Toolbar: HKLM - No Name - {9E131A93-EED7-4BEB-B015-A0ADB30B5646} - No File Toolbar: HKCU -No Name - {687578B9-7132-4A7A-80E4-30EE31099E03} - No File DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab DPF: {D9D72A92-132E-46EC-A6F1-896B19227142} http://www.starvedia.com/ActiveX/ax4web.cab Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 78.28.0.17 8.8.8.8 FireFox: ======== FF ProfilePath: C:\Users\Myszka\AppData\Roaming\Mozilla\Firefox\Profiles\s6wo4btr.default FF user.js: detected! => C:\Users\Myszka\AppData\Roaming\Mozilla\Firefox\Profiles\s6wo4btr.default\user.js FF DefaultSearchEngine: delta-homes FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll () FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @nokia.com/EnablerPlugin - C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( ) FF Plugin: @real.com/nppl3260;version=6.0.12.69 - C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprpjplug;version=6.0.12.69 - C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Myszka\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF SearchPlugin: C:\Users\Myszka\AppData\Roaming\Mozilla\Firefox\Profiles\s6wo4btr.default\searchplugins\askcom.xml FF SearchPlugin: C:\Users\Myszka\AppData\Roaming\Mozilla\Firefox\Profiles\s6wo4btr.default\searchplugins\babylon.xml FF SearchPlugin: C:\Users\Myszka\AppData\Roaming\Mozilla\Firefox\Profiles\s6wo4btr.default\searchplugins\BrowserProtect.xml FF SearchPlugin: C:\Users\Myszka\AppData\Roaming\Mozilla\Firefox\Profiles\s6wo4btr.default\searchplugins\conduit.xml FF SearchPlugin: C:\Users\Myszka\AppData\Roaming\Mozilla\Firefox\Profiles\s6wo4btr.default\searchplugins\daemon-search.xml FF SearchPlugin: C:\Users\Myszka\AppData\Roaming\Mozilla\Firefox\Profiles\s6wo4btr.default\searchplugins\delta.xml FF SearchPlugin: C:\Users\Myszka\AppData\Roaming\Mozilla\Firefox\Profiles\s6wo4btr.default\searchplugins\mixidj.xml FF SearchPlugin: C:\Users\Myszka\AppData\Roaming\Mozilla\Firefox\Profiles\s6wo4btr.default\searchplugins\MyStart Search.xml FF SearchPlugin: C:\Users\Myszka\AppData\Roaming\Mozilla\Firefox\Profiles\s6wo4btr.default\searchplugins\startsear.xml FF SearchPlugin: C:\Users\Myszka\AppData\Roaming\Mozilla\Firefox\Profiles\s6wo4btr.default\searchplugins\Web Search.xml FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\babylon.xml FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\delta-homes.xml FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\dosearches.xml FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\Web Search.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\wolnelektury-pl.xml FF Extension: Conduit Engine - C:\Users\Myszka\AppData\Roaming\Mozilla\Firefox\Profiles\s6wo4btr.default\Extensions\engine@conduit.com FF Extension: Claro Toolbar - C:\Users\Myszka\AppData\Roaming\Mozilla\Firefox\Profiles\s6wo4btr.default\Extensions\ffxtlbr@claro.com FF Extension: incredibar.com - C:\Users\Myszka\AppData\Roaming\Mozilla\Firefox\Profiles\s6wo4btr.default\Extensions\ffxtlbr@incredibar.com FF Extension: Iplex to ALLPlayer - C:\Users\Myszka\AppData\Roaming\Mozilla\Firefox\Profiles\s6wo4btr.default\Extensions\IplextoALL@ALLPlayer.org FF Extension: No Name - C:\Users\Myszka\AppData\Roaming\Mozilla\Firefox\Profiles\s6wo4btr.default\Extensions\staged FF Extension: VshareComplete - Speed up your search with your personal search suggestions tool - C:\Users\Myszka\AppData\Roaming\Mozilla\Firefox\Profiles\s6wo4btr.default\Extensions\{3697b17c-b572-4862-a5e6-7f922c0f3403} FF Extension: uTorrentBar Community Toolbar - C:\Users\Myszka\AppData\Roaming\Mozilla\Firefox\Profiles\s6wo4btr.default\Extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} FF Extension: IplextoALL - C:\Users\Myszka\AppData\Roaming\Mozilla\Firefox\Profiles\s6wo4btr.default\Extensions\IplextoALL@ALLPlayer.org.xpi FF Extension: vdpure - C:\Users\Myszka\AppData\Roaming\Mozilla\Firefox\Profiles\s6wo4btr.default\Extensions\vdpure@link64.xpi FF Extension: No Name - C:\Users\Myszka\AppData\Roaming\Mozilla\Firefox\Profiles\s6wo4btr.default\Extensions\WTB_GLOBAL.sqlite FF Extension: No Name - C:\Users\Myszka\AppData\Roaming\Mozilla\Firefox\Profiles\s6wo4btr.default\Extensions\{b9a19c25-a741-47e5-91a2-0b62bef307ff}.xpi FF Extension: No Name - C:\Users\Myszka\AppData\Roaming\Mozilla\Firefox\Profiles\s6wo4btr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] C:\Program Files\Web Assistant\Firefox FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox FF HKLM\...\Firefox\Extensions: [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}] C:\Program Files\Web Assistant\Firefox FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exe http://www.delta-homes.com/?type=sc&ts=1388687266&from=wpm0102&uid=HitachiXHTS541612J9SA00_SB2504H6JGDMDUJGDMDUX Chrome: ======= CHR Extension: (MixiDJ Toolbar) - C:\Users\Myszka\AppData\Local\Google\Chrome\User Data\Default\Extensions\boipimhfjpakfgckhbljjengakjhkcbp\1.1 CHR Extension: (Web Assistant) - C:\Users\Myszka\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.573_0 CHR Extension: (MixiDj Chrome Toolbar) - C:\Users\Myszka\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpepfkjapeclaafmhoelccknpfedainn\1.0 CHR HKLM\...\Chrome\Extension: [bmbgdmijgopggjaelphhajpjldacbnba] - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\incredibar.crx CHR HKLM\...\Chrome\Extension: [dlfienamagdnkekbbbocojppncdambda] - C:\Program Files\VshareComplete\chrome\VshareCompleteChrome.crx CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx CHR HKLM\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\Myszka\AppData\Roaming\BabSolution\CR\Delta.crx CHR HKLM\...\Chrome\Extension: [kpionmjnkbpcdpcflammlgllecmejgjj] - C:\Program Files\vShare.tv plugin\vshareplg.crx CHR HKLM\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\Myszka\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx ========================== Services (Whitelisted) ================= R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1333424 2012-12-21] (ESET) S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [108032 2013-11-26] (Microsoft Corporation) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [235216 2013-09-06] (McAfee, Inc.) R2 Update RightSurf; C:\Program Files\RightSurf\updateRightSurf.exe [97056 2014-01-10] () R2 Web Assistant; C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [188760 2013-01-29] () R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [499856 2014-01-02] (Cherished Technololgy LIMITED) ==================== Drivers (Whitelisted) ==================== S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [25856 2013-04-18] (Google Inc) S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag.sys [23168 2013-04-18] (LG Electronics Inc.) S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem.sys [27776 2013-06-28] (LG Electronics Inc.) S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [22528 2009-08-13] (CSR, plc) R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2012-09-23] (DT Soft Ltd) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [171680 2013-01-10] (ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [122240 2013-01-10] (ESET) R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [150080 2013-01-10] (ESET) R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [46056 2013-01-10] (ESET) R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [47568 2013-01-10] (ESET) S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [14920 2013-03-07] () S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9160 2013-03-07] () S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [65896 2013-07-25] (FTDI Ltd.) S3 MBAMSwissArmy; C:\Windows\system32\drivers\mbamswissarmy.sys [40776 2014-01-23] (Malwarebytes Corporation) R3 NETwLv32; C:\Windows\System32\DRIVERS\NETwLv32.sys [6639616 2010-10-07] (Intel Corporation) S3 PortTalk; C:\Windows\System32\Drivers\PortTalk.sys [3567 2002-01-12] (Beyond Logic http://www.beyondlogic.org) S3 V0260VID; C:\Windows\System32\DRIVERS\V0260Vid.sys [154784 2007-07-18] (Creative Technology Ltd.) S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [x] S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [x] S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [x] S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [x] S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [x] S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x] S3 tsusbhub; system32\drivers\tsusbhub.sys [x] S3 VGPU; System32\drivers\rdvgkmd.sys [x] U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-01-23 17:57 - 2014-01-23 17:57 - 00000000 ____D C:\FRST 2014-01-23 17:53 - 2014-01-23 17:54 - 00000000 ____D C:\Program Files\RightSurf 2014-01-23 17:53 - 2014-01-23 17:53 - 01082239 _____ (Farbar) C:\Users\Myszka\Downloads\Farbar Recovery Scan Tool.exe 2014-01-23 17:53 - 2014-01-23 17:53 - 00592032 _____ C:\Users\Myszka\Desktop\Farbar Recovery Scan Tool_isdmgr.exe 2014-01-23 17:49 - 2014-01-23 17:53 - 00406151 _____ C:\Users\Myszka\Downloads\FRST.exe.part 2014-01-23 17:29 - 2014-01-23 17:33 - 00088836 _____ C:\Users\Myszka\Downloads\FRST.exe.583b0qv.partial 2014-01-23 11:20 - 2014-01-23 11:36 - 00079114 _____ C:\Users\Myszka\Downloads\Extras.Txt 2014-01-23 11:19 - 2014-01-23 11:34 - 00112282 _____ C:\Users\Myszka\Downloads\OTL.Txt 2014-01-23 11:01 - 2014-01-23 11:01 - 00602112 _____ (OldTimer Tools) C:\Users\Myszka\Downloads\OTL.exe 2014-01-23 10:56 - 2014-01-23 10:57 - 00000000 ____D C:\AdwCleaner 2014-01-23 10:55 - 2014-01-23 10:56 - 01236282 _____ C:\Users\Myszka\Downloads\adwcleaner.exe 2014-01-23 00:52 - 2014-01-23 17:52 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware 2014-01-23 00:52 - 2014-01-23 00:53 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys 2014-01-23 00:52 - 2014-01-23 00:52 - 00000000 ____D C:\Users\Myszka\AppData\Roaming\Malwarebytes 2014-01-23 00:52 - 2014-01-23 00:52 - 00000000 ____D C:\ProgramData\Malwarebytes 2014-01-23 00:51 - 2014-01-23 00:51 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Myszka\Downloads\mbam-setup-1.75.0.1300.exe 2014-01-21 22:52 - 2014-01-21 23:35 - 00000000 ____D C:\Users\Myszka\Downloads\angielski sebcia 2014-01-21 22:51 - 2014-01-21 22:51 - 00000000 ____D C:\Users\Myszka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup 2014-01-21 22:30 - 2014-01-23 00:54 - 00000000 ____D C:\Users\Myszka\Downloads\dla gosi 2014-01-21 20:21 - 2014-01-21 20:21 - 00000000 ____D C:\Users\Myszka\Downloads\Kształcenie zintegrowane, klasa 3, Razem w szkole 3. Edukacja polonistyczna i społeczna, p 2014-01-21 20:17 - 2014-01-21 20:17 - 10408485 _____ C:\Users\Myszka\Downloads\Kształcenie zintegrowane, klasa 3, Razem w szkole 3. Edukacja polonistyczna i społeczna, p.zip 2014-01-21 20:17 - 2014-01-21 20:17 - 08422925 _____ C:\Users\Myszka\Downloads\Kształcenie zintegrowane, klasa 3, Razem w szkole 3, WSiP +CD (komplet).zip 2014-01-21 19:25 - 2014-01-21 19:25 - 00000000 ____D C:\Users\Myszka\Desktop\ddd 2014-01-21 19:24 - 2014-01-21 19:25 - 09152851 _____ C:\Users\Myszka\Desktop\ddd.rar 2014-01-16 01:02 - 2014-01-16 01:02 - 11193134 _____ C:\Users\Myszka\Downloads\Matura Masters Pre-intermediate Tests.rar 2014-01-16 01:02 - 2014-01-16 01:02 - 00000000 ____D C:\Users\Myszka\Downloads\Matura Masters Pre-intermediate Tests 2014-01-15 13:16 - 2014-01-15 13:16 - 00002079 _____ C:\Users\Mcx1-MYSZKA-KOMPUTER\Desktop\DEMO SAM ZAPROJEKTUJ Dom, Wnętrze i Ogród.lnk 2014-01-15 08:41 - 2013-11-27 02:14 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2014-01-15 08:41 - 2013-11-27 02:13 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2014-01-15 08:41 - 2013-11-27 02:13 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2014-01-15 08:41 - 2013-11-27 02:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2014-01-15 08:41 - 2013-11-27 02:13 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2014-01-15 08:41 - 2013-11-27 02:13 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys 2014-01-15 08:41 - 2013-11-27 02:13 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2014-01-15 08:41 - 2013-11-26 12:11 - 00240576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2014-01-15 08:41 - 2013-11-26 11:10 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-01-13 18:37 - 2014-01-13 18:47 - 549563816 _____ (Acresso Software Inc. ) C:\Users\Myszka\Downloads\CorelDRAWGraphicsSuiteX6Installer_PL32Bit.exe 2014-01-13 18:35 - 2014-01-13 18:35 - 00000000 ____D C:\Program Files\CorelDRAW 11 Trial Version 2014-01-10 01:58 - 2014-01-10 01:58 - 00000000 ____D C:\Program Files\LSoft Technologies 2014-01-10 01:56 - 2014-01-10 01:57 - 17261096 _____ (LSoft Technologies Inc ) C:\Users\Myszka\Downloads\PartRecoveryToolkit-Setup.exe 2014-01-10 01:11 - 2014-01-10 01:11 - 00000000 ____D C:\DriveKey 2014-01-10 01:09 - 2014-01-10 01:10 - 02074384 _____ (Hewlett-Packard ) C:\Users\Myszka\Downloads\SP27608.exe 2014-01-10 01:02 - 2005-08-16 11:08 - 01533952 _____ C:\Users\Myszka\Desktop\mhdd32ver4.6.iso 2014-01-10 00:58 - 2010-04-23 19:03 - 00000000 ____D C:\Users\Myszka\Desktop\VCR446Free 2014-01-10 00:58 - 2002-01-12 16:30 - 00003567 _____ (Beyond Logic http://www.beyondlogic.org) C:\Windows\system32\Drivers\PortTalk.sys 2014-01-10 00:55 - 2008-08-13 00:35 - 00001235 _____ C:\Users\Myszka\Downloads\vcr40.ini 2014-01-10 00:55 - 2008-08-13 00:33 - 00014487 _____ C:\Users\Myszka\Downloads\Victoria 40 What news.txt 2014-01-10 00:55 - 2008-08-13 00:31 - 00018275 _____ C:\Users\Myszka\Downloads\vichlp.htm 2014-01-10 00:55 - 2007-05-01 21:02 - 00000269 _____ C:\Users\Myszka\Downloads\dummi.htm 2014-01-10 00:55 - 2002-01-12 16:30 - 00003567 _____ (Beyond Logic http://www.beyondlogic.org) C:\Users\Myszka\Downloads\porttalk.sys 2014-01-10 00:49 - 2014-01-23 17:33 - 00000000 ____D C:\Program Files\HD Tune Pro 2014-01-10 00:49 - 2014-01-10 00:49 - 00000000 ____D C:\Users\Myszka\AppData\Roaming\HD Tune Pro 2014-01-10 00:25 - 2014-01-10 00:25 - 00000000 ____D C:\Users\Myszka\Desktop\Nowy folder (3) 2014-01-10 00:21 - 2014-01-10 00:21 - 00000000 ____D C:\Users\Public\Documents\DAEMON Tools Images 2014-01-09 23:31 - 2014-01-23 17:31 - 00000000 ____D C:\Users\Myszka\AppData\Local\Mobogenie 2014-01-09 23:31 - 2014-01-23 16:56 - 00000000 ____D C:\Users\Myszka\AppData\Local\genienext 2014-01-09 23:31 - 2014-01-23 14:00 - 00000000 ____D C:\Users\Myszka\AppData\Roaming\newnext.me 2014-01-09 23:31 - 2014-01-15 10:46 - 00000000 ____D C:\Users\Myszka\AppData\Local\cache 2014-01-09 23:31 - 2014-01-10 01:26 - 00000566 _____ C:\Users\Myszka\daemonprocess.txt 2014-01-09 23:31 - 2014-01-09 23:31 - 00000000 ____D C:\Users\Myszka\Documents\Mobogenie 2014-01-09 23:31 - 2014-01-09 23:31 - 00000000 ____D C:\Users\Myszka\.android 2014-01-09 23:30 - 2014-01-23 17:31 - 00000000 ____D C:\Users\Myszka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie 2014-01-09 17:27 - 2014-01-09 17:27 - 01586610 _____ (EFD Software ) C:\Users\Myszka\Downloads\hdtunepro_500_trial.exe 2014-01-06 20:23 - 2014-01-06 20:23 - 04558848 _____ (Google Inc.) C:\Windows\system32\GPhotos.scr 2014-01-05 14:25 - 2014-01-05 15:12 - 00000000 ____D C:\Users\Myszka\Downloads\Babys.Day.Out.1994.DUB.PL.DVDRip.XviD-CineBay 2014-01-02 18:27 - 2014-01-07 09:48 - 00000000 ____D C:\ProgramData\WPM 2014-01-02 18:27 - 2014-01-02 18:27 - 00000000 ____D C:\Windows\system32\log 2014-01-01 14:06 - 2014-01-01 14:06 - 00145480 _____ C:\Windows\Minidump\010114-25755-01.dmp ==================== One Month Modified Files and Folders ======= 2014-01-23 17:58 - 2014-01-23 17:58 - 00000000 _____ C:\Users\Myszka\Downloads\FRST.exe 2014-01-23 17:57 - 2014-01-23 17:57 - 00000000 ____D C:\FRST 2014-01-23 17:54 - 2014-01-23 17:53 - 00000000 ____D C:\Program Files\RightSurf 2014-01-23 17:53 - 2014-01-23 17:53 - 01082239 _____ (Farbar) C:\Users\Myszka\Downloads\Farbar Recovery Scan Tool.exe 2014-01-23 17:53 - 2014-01-23 17:53 - 00592032 _____ C:\Users\Myszka\Desktop\Farbar Recovery Scan Tool_isdmgr.exe 2014-01-23 17:53 - 2014-01-23 17:49 - 00406151 _____ C:\Users\Myszka\Downloads\FRST.exe.part 2014-01-23 17:53 - 2009-07-14 05:34 - 00010240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-01-23 17:53 - 2009-07-14 05:34 - 00010240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-01-23 17:52 - 2014-01-23 00:52 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware 2014-01-23 17:33 - 2014-01-23 17:29 - 00088836 _____ C:\Users\Myszka\Downloads\FRST.exe.583b0qv.partial 2014-01-23 17:33 - 2014-01-10 00:49 - 00000000 ____D C:\Program Files\HD Tune Pro 2014-01-23 17:32 - 2011-12-13 06:59 - 00000000 ____D C:\Users\Myszka\AppData\Roaming\Skype 2014-01-23 17:31 - 2014-01-09 23:31 - 00000000 ____D C:\Users\Myszka\AppData\Local\Mobogenie 2014-01-23 17:31 - 2014-01-09 23:30 - 00000000 ____D C:\Users\Myszka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie 2014-01-23 17:03 - 2013-12-16 17:44 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-01-23 16:56 - 2014-01-09 23:31 - 00000000 ____D C:\Users\Myszka\AppData\Local\genienext 2014-01-23 16:45 - 2013-10-09 09:03 - 00000000 ____D C:\Users\Myszka\AppData\Roaming\pwo6 2014-01-23 14:33 - 2011-12-13 06:29 - 01959375 _____ C:\Windows\WindowsUpdate.log 2014-01-23 14:00 - 2014-01-09 23:31 - 00000000 ____D C:\Users\Myszka\AppData\Roaming\newnext.me 2014-01-23 13:58 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2014-01-23 13:58 - 2009-07-14 05:39 - 00136429 _____ C:\Windows\setupact.log 2014-01-23 11:36 - 2014-01-23 11:20 - 00079114 _____ C:\Users\Myszka\Downloads\Extras.Txt 2014-01-23 11:34 - 2014-01-23 11:19 - 00112282 _____ C:\Users\Myszka\Downloads\OTL.Txt 2014-01-23 11:01 - 2014-01-23 11:01 - 00602112 _____ (OldTimer Tools) C:\Users\Myszka\Downloads\OTL.exe 2014-01-23 10:57 - 2014-01-23 10:56 - 00000000 ____D C:\AdwCleaner 2014-01-23 10:56 - 2014-01-23 10:55 - 01236282 _____ C:\Users\Myszka\Downloads\adwcleaner.exe 2014-01-23 10:00 - 2011-12-13 06:55 - 01671240 _____ C:\Windows\system32\PerfStringBackup.INI 2014-01-23 10:00 - 2009-07-14 09:07 - 00741328 _____ C:\Windows\system32\perfh015.dat 2014-01-23 10:00 - 2009-07-14 09:07 - 00155892 _____ C:\Windows\system32\perfc015.dat 2014-01-23 00:54 - 2014-01-21 22:30 - 00000000 ____D C:\Users\Myszka\Downloads\dla gosi 2014-01-23 00:53 - 2014-01-23 00:52 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys 2014-01-23 00:52 - 2014-01-23 00:52 - 00000000 ____D C:\Users\Myszka\AppData\Roaming\Malwarebytes 2014-01-23 00:52 - 2014-01-23 00:52 - 00000000 ____D C:\ProgramData\Malwarebytes 2014-01-23 00:51 - 2014-01-23 00:51 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Myszka\Downloads\mbam-setup-1.75.0.1300.exe 2014-01-22 18:21 - 2011-12-14 14:45 - 00000000 ____D C:\Users\Myszka\AppData\Local\CrashDumps 2014-01-22 18:20 - 2013-06-13 08:07 - 00000000 ____D C:\Users\Myszka\AppData\Roaming\GG 2014-01-21 23:35 - 2014-01-21 22:52 - 00000000 ____D C:\Users\Myszka\Downloads\angielski sebcia 2014-01-21 22:51 - 2014-01-21 22:51 - 00000000 ____D C:\Users\Myszka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup 2014-01-21 22:49 - 2012-08-17 09:20 - 00000000 ____D C:\Users\Myszka\Downloads\Compressed 2014-01-21 22:26 - 2012-12-19 21:09 - 00000000 ____D C:\Users\Myszka\Downloads\Video 2014-01-21 20:21 - 2014-01-21 20:21 - 00000000 ____D C:\Users\Myszka\Downloads\Kształcenie zintegrowane, klasa 3, Razem w szkole 3. Edukacja polonistyczna i społeczna, p 2014-01-21 20:17 - 2014-01-21 20:17 - 10408485 _____ C:\Users\Myszka\Downloads\Kształcenie zintegrowane, klasa 3, Razem w szkole 3. Edukacja polonistyczna i społeczna, p.zip 2014-01-21 20:17 - 2014-01-21 20:17 - 08422925 _____ C:\Users\Myszka\Downloads\Kształcenie zintegrowane, klasa 3, Razem w szkole 3, WSiP +CD (komplet).zip 2014-01-21 19:25 - 2014-01-21 19:25 - 00000000 ____D C:\Users\Myszka\Desktop\ddd 2014-01-21 19:25 - 2014-01-21 19:24 - 09152851 _____ C:\Users\Myszka\Desktop\ddd.rar 2014-01-20 11:30 - 2011-06-29 09:56 - 00000000 ___RD C:\Users\Myszka\Desktop\skr.prog 2014-01-18 23:53 - 2012-09-26 12:33 - 00000000 ____D C:\ProgramData\ipla 2014-01-18 21:59 - 2012-09-26 12:33 - 00000000 ____D C:\Users\Myszka\AppData\Roaming\ipla 2014-01-17 09:02 - 2012-01-18 21:15 - 00000000 ___RD C:\Program Files\Skype 2014-01-17 09:02 - 2012-01-18 21:15 - 00000000 ____D C:\ProgramData\Skype 2014-01-16 10:37 - 2009-07-14 05:33 - 00432272 _____ C:\Windows\system32\FNTCACHE.DAT 2014-01-16 08:28 - 2011-12-13 08:45 - 00000000 ____D C:\ProgramData\Microsoft Help 2014-01-16 08:24 - 2013-07-24 08:21 - 00000000 ____D C:\Windows\system32\MRT 2014-01-16 08:09 - 2011-12-13 07:34 - 83425928 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-01-16 01:02 - 2014-01-16 01:02 - 11193134 _____ C:\Users\Myszka\Downloads\Matura Masters Pre-intermediate Tests.rar 2014-01-16 01:02 - 2014-01-16 01:02 - 00000000 ____D C:\Users\Myszka\Downloads\Matura Masters Pre-intermediate Tests 2014-01-15 13:16 - 2014-01-15 13:16 - 00002079 _____ C:\Users\Mcx1-MYSZKA-KOMPUTER\Desktop\DEMO SAM ZAPROJEKTUJ Dom, Wnętrze i Ogród.lnk 2014-01-15 10:46 - 2014-01-09 23:31 - 00000000 ____D C:\Users\Myszka\AppData\Local\cache 2014-01-13 18:47 - 2014-01-13 18:37 - 549563816 _____ (Acresso Software Inc. ) C:\Users\Myszka\Downloads\CorelDRAWGraphicsSuiteX6Installer_PL32Bit.exe 2014-01-13 18:35 - 2014-01-13 18:35 - 00000000 ____D C:\Program Files\CorelDRAW 11 Trial Version 2014-01-10 02:34 - 2012-06-26 08:05 - 00000000 ____D C:\Users\Myszka\Desktop\fotki do ogłoszeń 2014-01-10 01:58 - 2014-01-10 01:58 - 00000000 ____D C:\Program Files\LSoft Technologies 2014-01-10 01:57 - 2014-01-10 01:56 - 17261096 _____ (LSoft Technologies Inc ) C:\Users\Myszka\Downloads\PartRecoveryToolkit-Setup.exe 2014-01-10 01:26 - 2014-01-09 23:31 - 00000566 _____ C:\Users\Myszka\daemonprocess.txt 2014-01-10 01:11 - 2014-01-10 01:11 - 00000000 ____D C:\DriveKey 2014-01-10 01:11 - 2011-12-13 10:31 - 00000000 ___HD C:\Program Files\InstallShield Installation Information 2014-01-10 01:10 - 2014-01-10 01:09 - 02074384 _____ (Hewlett-Packard ) C:\Users\Myszka\Downloads\SP27608.exe 2014-01-10 00:49 - 2014-01-10 00:49 - 00000000 ____D C:\Users\Myszka\AppData\Roaming\HD Tune Pro 2014-01-10 00:35 - 2013-06-13 03:53 - 00000000 ____D C:\Users\Myszka\Desktop\Nowy folder (4) 2014-01-10 00:25 - 2014-01-10 00:25 - 00000000 ____D C:\Users\Myszka\Desktop\Nowy folder (3) 2014-01-10 00:21 - 2014-01-10 00:21 - 00000000 ____D C:\Users\Public\Documents\DAEMON Tools Images 2014-01-09 23:45 - 2012-09-23 07:07 - 00000000 ____D C:\Users\Myszka\AppData\Roaming\DAEMON Tools Pro 2014-01-09 23:45 - 2012-09-23 07:05 - 00000000 ____D C:\ProgramData\DAEMON Tools Pro 2014-01-09 23:31 - 2014-01-09 23:31 - 00000000 ____D C:\Users\Myszka\Documents\Mobogenie 2014-01-09 23:31 - 2014-01-09 23:31 - 00000000 ____D C:\Users\Myszka\.android 2014-01-09 23:31 - 2011-12-13 06:46 - 00000000 ____D C:\Users\Myszka 2014-01-09 17:27 - 2014-01-09 17:27 - 01586610 _____ (EFD Software ) C:\Users\Myszka\Downloads\hdtunepro_500_trial.exe 2014-01-07 09:48 - 2014-01-02 18:27 - 00000000 ____D C:\ProgramData\WPM 2014-01-07 09:48 - 2013-11-10 19:33 - 00000000 ____D C:\ProgramData\eSafe 2014-01-06 20:23 - 2014-01-06 20:23 - 04558848 _____ (Google Inc.) C:\Windows\system32\GPhotos.scr 2014-01-05 17:54 - 2012-01-23 19:57 - 00000000 ____D C:\Users\Myszka\AppData\Roaming\uTorrent 2014-01-05 15:12 - 2014-01-05 14:25 - 00000000 ____D C:\Users\Myszka\Downloads\Babys.Day.Out.1994.DUB.PL.DVDRip.XviD-CineBay 2014-01-02 18:27 - 2014-01-02 18:27 - 00000000 ____D C:\Windows\system32\log 2014-01-02 18:27 - 2013-12-16 10:01 - 00001615 _____ C:\Users\Myszka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-01-01 14:06 - 2014-01-01 14:06 - 00145480 _____ C:\Windows\Minidump\010114-25755-01.dmp 2014-01-01 14:06 - 2012-02-16 16:52 - 00000000 ____D C:\Windows\Minidump 2013-12-29 01:15 - 2013-11-30 00:35 - 00000000 ____D C:\ProgramData\Corel 2013-12-29 01:09 - 2012-06-01 15:00 - 00000088 _____ C:\Windows\Disney.ini 2013-12-29 01:09 - 2012-06-01 14:54 - 00000000 ____D C:\Program Files\Disney Interactive 2013-12-28 21:21 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF 2013-12-28 03:29 - 2013-12-16 17:42 - 00000000 ____D C:\Users\Myszka\AppData\Local\Adobe Files to move or delete: ==================== C:\Users\Myszka\AppData\Local\Temp\a2zLyrics_1060-8102_v122.exe C:\Users\Myszka\AppData\Local\Temp\appshat-distribution.exe C:\Users\Myszka\AppData\Local\Temp\bi_cleaner.exe C:\Users\Myszka\AppData\Local\Temp\FBReaderSetup-0.12.10.exe C:\Users\Myszka\AppData\Local\Temp\ggdrive-menu.exe C:\Users\Myszka\AppData\Local\Temp\ggdrive-overlay.exe C:\Users\Myszka\AppData\Local\Temp\gykarwqf.exe C:\Users\Myszka\AppData\Local\Temp\installstats.exe C:\Users\Myszka\AppData\Local\Temp\ipl5EA7.tmp.exe C:\Users\Myszka\AppData\Local\Temp\ipl7A3.tmp.exe C:\Users\Myszka\AppData\Local\Temp\NEventMessages.dll C:\Users\Myszka\AppData\Local\Temp\NOSEventMessages.dll C:\Users\Myszka\AppData\Local\Temp\SkypeSetup.exe C:\Users\Myszka\AppData\Local\Temp\uninst1.exe C:\Users\Myszka\AppData\Local\Temp\UpdateCheckerSetup.exe C:\Users\Myszka\AppData\Local\Temp\vcredist9_x86.exe ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-01-20 14:47 ==================== End Of Log ============================