Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-08-2013 Ran by nasz (administrator) on 28-08-2013 09:31:39 Running from C:\Users\nasz\Downloads Windows 7 Professional Service Pack 1 (X64) OS Language: Polish Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe () C:\Windows\tsnp325.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [6325936 2012-11-26] (ESET) HKLM-x32\...\Run: [tsnp325] - C:\Windows\tsnp325.exe [270336 2007-04-21] () BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch SearchScopes: HKLM - DefaultScope value is missing. BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Tcpip\Parameters: [DhcpNameServer] 217.113.224.35 217.113.224.135 FireFox: ======== FF ProfilePath: C:\Users\nasz\AppData\Roaming\Mozilla\Firefox\Profiles\wn8bsu63.default FF Homepage: www.google.pl FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll () FF Plugin: @java.com/DTPlugin,version=10.13.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.13.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.) FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\allegro-pl.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\fbc-pl.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\merlin-pl.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\pwn-pl.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wikipedia-pl.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wp-pl.xml FF Extension: No Name - C:\Users\nasz\AppData\Roaming\Mozilla\Firefox\Profiles\wn8bsu63.default\Extensions\netvideohunter@netvideohunter.com FF Extension: FoxLingo - C:\Users\nasz\AppData\Roaming\Mozilla\Firefox\Profiles\wn8bsu63.default\Extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66} FF Extension: translator - C:\Users\nasz\AppData\Roaming\Mozilla\Firefox\Profiles\wn8bsu63.default\Extensions\translator@zoli.bod.xpi FF Extension: No Name - C:\Users\nasz\AppData\Roaming\Mozilla\Firefox\Profiles\wn8bsu63.default\Extensions\{54BB9F3F-07E5-486c-9B39-C7398B99391C}.xpi FF Extension: No Name - C:\Users\nasz\AppData\Roaming\Mozilla\Firefox\Profiles\wn8bsu63.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird Chrome: ======= CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter} CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.) CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) CHR Extension: (Google Docs) - C:\Users\nasz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 CHR Extension: (Google Drive) - C:\Users\nasz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 CHR Extension: (YouTube) - C:\Users\nasz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Google Search) - C:\Users\nasz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (Gmail) - C:\Users\nasz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 ==================== Services (Whitelisted) ================= R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1329304 2012-11-26] (ESET) R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.) ==================== Drivers (Whitelisted) ==================== R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-07-05] (Disc Soft Ltd) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [211344 2012-10-08] (ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [149592 2012-10-08] (ESET) R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [138744 2012-10-08] (ESET) R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [104560 2012-04-25] (Qualcomm Atheros Co., Ltd.) S3 catchme; \??\C:\ComboFix\catchme.sys [x] S3 WinRing0_1_2_0; \??\C:\Users\nasz\AppData\Local\Temp\tmpAEF5.tmp [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-08-28 09:27 - 2013-08-28 09:27 - 00602112 _____ (OldTimer Tools) C:\Users\nasz\Downloads\OTL.exe 2013-08-28 09:26 - 2013-08-28 09:27 - 01579080 _____ (Farbar) C:\Users\nasz\Downloads\FRST64.exe 2013-08-28 08:58 - 2013-08-28 08:58 - 00000913 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk 2013-08-28 08:58 - 2013-08-28 08:58 - 00000000 ____D C:\Program Files\CPUID 2013-08-28 08:56 - 2013-08-28 08:56 - 01458872 _____ ( ) C:\Users\nasz\Downloads\cpu-z_1.66-setup-en.exe 2013-08-26 11:15 - 2013-08-26 11:15 - 00000000 _____ C:\Users\nasz\Desktop\stablauncher.txt 2013-08-23 12:44 - 2013-08-23 12:44 - 00000000 ____D C:\Users\nasz\Downloads\Microsoft Windows 8 x86 x64 AIO (16-in-1) RTM MSDN Original Incl. KMS Activator 2013 2013-08-23 11:09 - 2013-08-23 12:58 - 00000000 ____D C:\Users\nasz\Desktop\zgierz 2013-08-23 10:22 - 2013-08-23 10:22 - 00000000 ____D C:\Users\nasz\Downloads\eMule 2013-08-23 10:22 - 2013-08-23 10:22 - 00000000 ____D C:\ProgramData\eMule 2013-08-23 10:21 - 2013-08-23 10:23 - 00000000 ____D C:\Users\nasz\AppData\Local\eMule 2013-08-23 10:21 - 2013-08-23 10:21 - 00000000 ____D C:\Program Files (x86)\eMule 2013-08-23 10:20 - 2013-08-23 10:20 - 03389035 _____ C:\Users\nasz\Downloads\eMule0.50a-Installer.exe 2013-08-20 10:00 - 2013-08-20 10:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-08-12 11:02 - 2013-08-12 11:07 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2013-08-12 11:02 - 2013-08-12 11:02 - 00001427 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk 2013-08-12 11:02 - 2009-01-25 13:14 - 00017272 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe 2013-08-12 10:59 - 2013-08-12 11:01 - 37672592 _____ (Safer-Networking Ltd. ) C:\Users\nasz\Downloads\spybotsd-2.1.21-SR2.exe 2013-08-12 10:55 - 2013-08-12 10:55 - 00000000 _____ C:\Users\nasz\Desktop\hoata ANTI PUPADWARE.txt 2013-08-12 10:53 - 2013-08-12 10:53 - 00001910 _____ C:\AdwCleaner[S1].txt 2013-08-12 10:51 - 2013-08-12 10:52 - 00001986 _____ C:\AdwCleaner[R1].txt 2013-08-12 10:50 - 2013-08-12 10:50 - 00666633 _____ C:\Users\nasz\Downloads\adwcleaner.exe 2013-08-08 09:03 - 2013-08-08 09:03 - 00001838 _____ C:\Users\nasz\Desktop\CrystalDiskMark.lnk 2013-08-08 09:03 - 2013-08-08 09:03 - 00000000 ____D C:\Users\nasz\AppData\Local\CrystalDiskMark 2013-08-08 09:03 - 2013-08-08 09:03 - 00000000 ____D C:\Program Files\CrystalDiskMark 2013-08-08 09:01 - 2013-08-08 09:02 - 01657424 _____ (Crystal Dew World ) C:\Users\nasz\Downloads\CrystalDiskMark3_0_2f-en.exe 2013-08-07 12:52 - 2013-08-07 12:52 - 00000000 _____ C:\Users\nasz\Desktop\brother dm i samsung dm i zamienki.txt 2013-08-07 12:37 - 2013-08-07 12:39 - 00000118 _____ C:\Users\nasz\Desktop\prezent 4.txt 2013-08-07 11:15 - 2013-08-07 11:15 - 00059074 _____ C:\Users\nasz\Desktop\HP LaserJet Enterprise 500 Color M551dn (CF082A) - Tusze i tonery. Wysyłka w 24h! _ TUSZMARKT.htm 2013-08-05 10:44 - 2013-08-05 11:37 - 3753558016 _____ C:\Users\nasz\Downloads\WindowsBlue-ClientwithApps-64bit-English-X1899605.iso 2013-08-01 15:42 - 2013-08-01 15:42 - 00000000 ____D C:\lj1100 2013-08-01 11:40 - 2013-08-01 11:40 - 00010448 _____ C:\Users\nasz\AppData\Local\recently-used.xbel 2013-08-01 11:10 - 2013-08-01 11:11 - 05631407 _____ C:\Users\nasz\Documents\Firefox 22.0 (pl) - 2013-08-01.pcv 2013-08-01 11:09 - 2013-08-01 11:09 - 00001075 _____ C:\Users\Public\Desktop\MozBackup.lnk 2013-08-01 11:09 - 2013-08-01 11:09 - 00000000 ____D C:\Program Files (x86)\MozBackup 2013-08-01 10:56 - 2013-08-01 10:56 - 00000000 ____D C:\Users\nasz\Desktop\23'' iiyama ProLite X2377HDS LED IPS czarny - Sprzęt komputerowy - Komputronik notebooki, komputery i elektronika_pliki 2013-08-01 10:56 - 2013-08-01 10:40 - 00226107 _____ C:\Users\nasz\Desktop\23'' iiyama ProLite X2377HDS LED IPS czarny - Sprzęt komputerowy - Komputronik notebooki, komputery i elektronika.htm 2013-07-31 10:41 - 2013-07-31 10:41 - 00000640 _____ C:\Users\Public\Desktop\Age of Empires II.lnk 2013-07-29 13:52 - 2013-07-29 13:52 - 00000000 ____D C:\Users\nasz\Desktop\iso age 2013-07-29 13:35 - 2013-07-29 13:35 - 00000000 ____D C:\Users\nasz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2013-07-29 13:34 - 2013-07-29 13:35 - 00000000 ____D C:\Users\nasz\Desktop\age of empires ==================== One Month Modified Files and Folders ======= 2013-08-28 09:28 - 2013-08-28 09:28 - 00000000 ____D C:\FRST 2013-08-28 09:27 - 2013-08-28 09:27 - 00602112 _____ (OldTimer Tools) C:\Users\nasz\Downloads\OTL.exe 2013-08-28 09:27 - 2013-08-28 09:26 - 01579080 _____ (Farbar) C:\Users\nasz\Downloads\FRST64.exe 2013-08-28 09:20 - 2013-01-10 11:17 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-08-28 08:58 - 2013-08-28 08:58 - 00000913 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk 2013-08-28 08:58 - 2013-08-28 08:58 - 00000000 ____D C:\Program Files\CPUID 2013-08-28 08:56 - 2013-08-28 08:56 - 01458872 _____ ( ) C:\Users\nasz\Downloads\cpu-z_1.66-setup-en.exe 2013-08-28 08:47 - 2013-07-16 09:42 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1ce81f844911b0.job 2013-08-28 08:45 - 2013-01-10 10:44 - 01494756 _____ C:\Windows\WindowsUpdate.log 2013-08-28 08:41 - 2013-05-10 10:34 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce4d59325be1fd.job 2013-08-28 08:41 - 2013-02-20 11:34 - 00014680 _____ C:\Windows\setupact.log 2013-08-28 08:41 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-08-27 15:16 - 2009-07-14 06:45 - 00010000 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-08-27 15:16 - 2009-07-14 06:45 - 00010000 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-08-27 15:06 - 2013-02-07 17:03 - 00000000 ____D C:\Users\nasz\AppData\Roaming\uTorrent 2013-08-27 14:59 - 2009-07-14 14:52 - 00743858 _____ C:\Windows\system32\perfh015.dat 2013-08-27 14:59 - 2009-07-14 14:52 - 00157632 _____ C:\Windows\system32\perfc015.dat 2013-08-27 14:59 - 2009-07-14 07:13 - 01676138 _____ C:\Windows\system32\PerfStringBackup.INI 2013-08-26 11:15 - 2013-08-26 11:15 - 00000000 _____ C:\Users\nasz\Desktop\stablauncher.txt 2013-08-23 13:03 - 2013-01-10 11:11 - 00000000 ____D C:\Users\nasz\AppData\Roaming\vlc 2013-08-23 12:58 - 2013-08-23 11:09 - 00000000 ____D C:\Users\nasz\Desktop\zgierz 2013-08-23 12:44 - 2013-08-23 12:44 - 00000000 ____D C:\Users\nasz\Downloads\Microsoft Windows 8 x86 x64 AIO (16-in-1) RTM MSDN Original Incl. KMS Activator 2013 2013-08-23 12:20 - 2013-01-10 11:17 - 00003868 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-08-23 11:20 - 2013-01-10 11:17 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-08-23 11:20 - 2013-01-10 11:17 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-08-23 10:23 - 2013-08-23 10:21 - 00000000 ____D C:\Users\nasz\AppData\Local\eMule 2013-08-23 10:22 - 2013-08-23 10:22 - 00000000 ____D C:\Users\nasz\Downloads\eMule 2013-08-23 10:22 - 2013-08-23 10:22 - 00000000 ____D C:\ProgramData\eMule 2013-08-23 10:21 - 2013-08-23 10:21 - 00000000 ____D C:\Program Files (x86)\eMule 2013-08-23 10:20 - 2013-08-23 10:20 - 03389035 _____ C:\Users\nasz\Downloads\eMule0.50a-Installer.exe 2013-08-21 08:56 - 2013-01-10 11:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-08-20 10:00 - 2013-08-20 10:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-08-12 11:07 - 2013-08-12 11:02 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2013-08-12 11:02 - 2013-08-12 11:02 - 00001427 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk 2013-08-12 11:01 - 2013-08-12 10:59 - 37672592 _____ (Safer-Networking Ltd. ) C:\Users\nasz\Downloads\spybotsd-2.1.21-SR2.exe 2013-08-12 10:55 - 2013-08-12 10:55 - 00000000 _____ C:\Users\nasz\Desktop\hoata ANTI PUPADWARE.txt 2013-08-12 10:53 - 2013-08-12 10:53 - 00001910 _____ C:\AdwCleaner[S1].txt 2013-08-12 10:52 - 2013-08-12 10:51 - 00001986 _____ C:\AdwCleaner[R1].txt 2013-08-12 10:50 - 2013-08-12 10:50 - 00666633 _____ C:\Users\nasz\Downloads\adwcleaner.exe 2013-08-08 09:03 - 2013-08-08 09:03 - 00001838 _____ C:\Users\nasz\Desktop\CrystalDiskMark.lnk 2013-08-08 09:03 - 2013-08-08 09:03 - 00000000 ____D C:\Users\nasz\AppData\Local\CrystalDiskMark 2013-08-08 09:03 - 2013-08-08 09:03 - 00000000 ____D C:\Program Files\CrystalDiskMark 2013-08-08 09:02 - 2013-08-08 09:01 - 01657424 _____ (Crystal Dew World ) C:\Users\nasz\Downloads\CrystalDiskMark3_0_2f-en.exe 2013-08-07 12:52 - 2013-08-07 12:52 - 00000000 _____ C:\Users\nasz\Desktop\brother dm i samsung dm i zamienki.txt 2013-08-07 12:39 - 2013-08-07 12:37 - 00000118 _____ C:\Users\nasz\Desktop\prezent 4.txt 2013-08-07 11:15 - 2013-08-07 11:15 - 00059074 _____ C:\Users\nasz\Desktop\HP LaserJet Enterprise 500 Color M551dn (CF082A) - Tusze i tonery. Wysyłka w 24h! _ TUSZMARKT.htm 2013-08-06 14:49 - 2013-01-25 16:19 - 00002090 ____H C:\Users\nasz\Documents\Default.rdp 2013-08-05 13:49 - 2013-02-04 14:30 - 00000000 ____D C:\Users\nasz\.VirtualBox 2013-08-05 11:43 - 2013-02-04 15:49 - 00000000 ____D C:\Users\nasz\VirtualBox VMs 2013-08-05 11:37 - 2013-08-05 10:44 - 3753558016 _____ C:\Users\nasz\Downloads\WindowsBlue-ClientwithApps-64bit-English-X1899605.iso 2013-08-01 15:42 - 2013-08-01 15:42 - 00000000 ____D C:\lj1100 2013-08-01 11:40 - 2013-08-01 11:40 - 00010448 _____ C:\Users\nasz\AppData\Local\recently-used.xbel 2013-08-01 11:40 - 2013-07-17 10:17 - 00000000 ____D C:\Users\nasz\.gimp-2.8 2013-08-01 11:34 - 2013-01-10 11:46 - 00000923 _____ C:\Users\nasz\Desktop\Unіnstall Tool.lnk 2013-08-01 11:11 - 2013-08-01 11:10 - 05631407 _____ C:\Users\nasz\Documents\Firefox 22.0 (pl) - 2013-08-01.pcv 2013-08-01 11:09 - 2013-08-01 11:09 - 00001075 _____ C:\Users\Public\Desktop\MozBackup.lnk 2013-08-01 11:09 - 2013-08-01 11:09 - 00000000 ____D C:\Program Files (x86)\MozBackup 2013-08-01 10:56 - 2013-08-01 10:56 - 00000000 ____D C:\Users\nasz\Desktop\23'' iiyama ProLite X2377HDS LED IPS czarny - Sprzęt komputerowy - Komputronik notebooki, komputery i elektronika_pliki 2013-08-01 10:52 - 2013-07-18 08:52 - 00002227 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2013-08-01 10:40 - 2013-08-01 10:56 - 00226107 _____ C:\Users\nasz\Desktop\23'' iiyama ProLite X2377HDS LED IPS czarny - Sprzęt komputerowy - Komputronik notebooki, komputery i elektronika.htm 2013-07-31 21:31 - 2013-03-11 14:24 - 00000000 ____D C:\Instalki 2013-07-31 21:31 - 2013-01-23 12:45 - 00000000 ___RD C:\scan 2013-07-31 10:41 - 2013-07-31 10:41 - 00000640 _____ C:\Users\Public\Desktop\Age of Empires II.lnk 2013-07-30 09:01 - 2013-01-10 17:21 - 00112400 _____ C:\Users\nasz\AppData\Local\GDIPFONTCACHEV1.DAT 2013-07-30 08:51 - 2009-07-14 06:45 - 00423504 _____ C:\Windows\system32\FNTCACHE.DAT 2013-07-29 13:52 - 2013-07-29 13:52 - 00000000 ____D C:\Users\nasz\Desktop\iso age 2013-07-29 13:35 - 2013-07-29 13:35 - 00000000 ____D C:\Users\nasz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2013-07-29 13:35 - 2013-07-29 13:34 - 00000000 ____D C:\Users\nasz\Desktop\age of empires 2013-07-29 13:34 - 2013-07-05 09:47 - 00000000 ____D C:\Users\nasz\AppData\Roaming\WinRAR 2013-07-29 09:50 - 2013-01-31 13:24 - 00000000 ____D C:\Program Files (x86)\Google ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-08-22 09:42 ==================== End Of Log ============================