Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-09-2013 Ran by SYSTEM on MININT-JKM9QF4 on 11-09-2013 09:55:50 Running from G:\ Windows 7 Professional (X86) OS Language: Polish Internet Explorer Version 10 Boot Mode: Recovery The current controlset is ControlSet001 [b]ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.[/b] ==================== Registry (Whitelisted) ================== HKLM\...\Run: [SmartAudio] - C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2010-04-28] () HKLM\...\Run: [Apoint] - C:\Program Files\Apoint2K\Apoint.exe [251248 2010-08-18] (Alps Electric Co., Ltd.) HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation) HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [3117344 2012-03-07] (ESET) HKLM\...\Run: [snp2uvc] - C:\Windows\vsnp2uvc.exe HKLM\...\Run: [PLFSetL] - C:\Windows\PLFSetL.exe HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.) HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM\...\Run: [EnergyUtility] - C:\Program Files\Lenovo\Energy Management\utility.exe [4114336 2009-07-31] (Lenovo(beijing) Limited) HKLM\...\Run: [Energy Management] - C:\Program Files\Lenovo\Energy Management\Energy Management.exe [5064520 2009-06-25] (Lenovo (Beijing) Limited) HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation) HKLM\...\Run: [CLX3180_Scan2Pc] - C:\Windows\Twain_32\Samsung\CLX3180\Scan2pc.exe [2043392 2012-01-17] () HKLM\...\Run: [UIExec] - C:\Program Files\PLAY ONLINE\UIExec.exe [138584 2010-04-30] () HKLM\...\Run: [ConvertAd] - C:\Users\Mariusz\AppData\Local\ConvertAd\ConvertAd.exe HKU\Mariusz\...\Run: [SmartAudio] - C:\Program Files\CONEXANT\SAII\SAIICpl.exe [ 2010-04-28] () HKU\Mariusz\...\Run: [Sony PC Companion] - C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [ 2013-05-29] (Sony) HKU\Mariusz\...\Run: [Softonic for Windows] - C:\Users\Mariusz\AppData\Local\Softonic\Softonic.exe [ 2013-06-26] (Softonic) HKU\Mariusz\...\Run: [Facebook Update] - C:\Users\Mariusz\AppData\Local\Facebook\Update\FacebookUpdate.exe [ 2013-07-24] (Facebook Inc.) HKU\Mariusz\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [ 2013-06-21] (Skype Technologies S.A.) HKU\Mariusz\...\Run: [ALLUpdate] - C:\Program Files\ALLPlayer\ALLUpdate.exe [ 2013-07-19] (ALLPlayer Group Ltd.) HKU\Mariusz\...\Winlogon: [Shell] explorer.exe <==== ATTENTION Startup: C:\Users\Mariusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\rfobeirosdrysapihpx.lnk ShortcutTarget: rfobeirosdrysapihpx.lnk -> C:\Users\Mariusz\AppData\Local\Temp\xphipasyrdsoriebofr.bfg (No File) ========================== Services (Whitelisted) ================= S2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [582944 2009-07-01] (Broadcom Corporation.) S2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [913144 2012-03-07] (ESET) S2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [271712 2011-03-14] () S2 KMService; C:\Windows\system32\srvany.exe [8192 2012-11-20] () S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.) S2 PLAY ONLINE. RunOuc; C:\Users\Mariusz\Desktop\PLAY ONLINE\UpdateDog\ouc.exe [246112 2013-07-29] () S2 RemoteEngineService; C:\Program Files\VuuPC\remoteengine.exe [2967568 2013-08-15] (ClickMeIn Limited) S2 Samsung Network Fax Server; C:\Windows\system32\spool\drivers\w32x86\3\NetFaxServer.exe [165888 2010-03-08] (Samsung Electronics Co., Ltd.) S3 Samsung UPD Service2; C:\Windows\System32\SUPDSvc2.exe [129536 2012-04-06] (Samsung Electronics) S2 SAService; C:\Windows\system32\SAsrv.exe [445496 2010-03-25] (Conexant Systems, Inc.) S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) S2 UI Assistant Service; C:\Program Files\PLAY ONLINE\AssistantServices.exe [252784 2010-04-30] () S2 Update WebConnect; C:\Program Files\WebConnect\updateWebConnect.exe [206632 2013-08-27] (WebConnect) S2 VuuPCConnectivity; C:\Program Files\VuuPC\Connectivity.exe [4747280 2013-08-15] (ClickMeIn Limited) ==================== Drivers (Whitelisted) ==================== S3 ACPIVPC; C:\Windows\System32\DRIVERS\AcpiVpc.sys [23136 2010-01-20] (Lenovo Corporation) S0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation) S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [38400 2009-07-13] (Samsung Electronics Co., Ltd.) S1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [169080 2012-03-14] (ESET) S1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [120152 2012-03-14] (ESET) S2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [103112 2012-03-14] (ESET) S1 funfrm; C:\Windows\System32\Drivers\funfrm.sys [54800 2012-11-20] () S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [95616 2013-07-29] (Huawei Technologies Co., Ltd.) S3 huawei_ext_ctrl; C:\Windows\System32\DRIVERS\ew_juextctrl.sys [27520 2013-07-29] (Huawei Technologies Co., Ltd.) S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [195072 2013-07-29] (Huawei Technologies Co., Ltd.) S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1759616 2009-03-13] () S2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2009-07-12] (Samsung Electronics) S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [x] S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [x] S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x] S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-09-10 17:35 - 2013-09-11 08:45 - 00000004 _____ C:\Users\Mariusz\AppData\Roaming\settings.ini 2013-09-04 06:00 - 2013-09-04 06:01 - 00014898 _____ C:\Users\Mariusz\Desktop\Remont.sxw 2013-08-31 17:58 - 2013-09-01 12:44 - 00020017 _____ C:\Users\Mariusz\Desktop\Plan zajęć RKJJS nowy.sxw 2013-08-30 06:53 - 2013-08-30 07:03 - 00015989 _____ C:\Users\Mariusz\Desktop\pismo użyczenie sali 2013 sp34.sxw 2013-08-29 14:19 - 2013-08-31 07:37 - 00019716 _____ C:\Users\Mariusz\Desktop\Plan zajęć RKJJS.sxw 2013-08-28 22:35 - 2013-08-28 22:35 - 00001066 _____ C:\Users\Public\Desktop\ALLConverter PRO.lnk 2013-08-28 22:35 - 2013-08-28 22:35 - 00001047 _____ C:\Users\Public\Desktop\ALL Media Server.lnk 2013-08-28 22:35 - 2013-08-28 22:35 - 00000987 _____ C:\Users\Mariusz\Desktop\ALLPlayer.lnk 2013-08-28 22:35 - 2013-08-28 22:35 - 00000950 _____ C:\Users\Mariusz\Desktop\NapiProjekt.lnk 2013-08-28 22:35 - 2013-08-28 22:35 - 00000000 ____D C:\Users\Mariusz\AppData\Local\ALLMediaServer 2013-08-28 22:35 - 2013-08-28 22:35 - 00000000 ____D C:\Users\Mariusz\AppData\Local\ALLConverter 2013-08-28 22:35 - 2013-08-28 22:35 - 00000000 ____D C:\Program Files\ALLMediaServer 2013-08-28 22:35 - 2013-08-28 22:35 - 00000000 ____D C:\Program Files\ALLConverter PRO 2013-08-28 22:34 - 2013-04-05 20:26 - 02106368 _____ C:\Windows\System32\ac3filter.ax 2013-08-28 22:34 - 2013-04-05 20:26 - 00276992 _____ (IntelleSoft) C:\Windows\System32\BugTrap.dll 2013-08-28 22:34 - 2011-06-02 01:10 - 00644608 _____ C:\Windows\System32\xvidcore.dll 2013-08-28 22:34 - 2007-10-07 14:36 - 00258048 _____ C:\Windows\System32\libFLAC.dll 2013-08-28 22:16 - 2013-08-28 22:16 - 00001171 _____ C:\Users\Mariusz\Desktop\Kontynuuj instalację ALLPlayer.lnk 2013-08-27 23:15 - 2013-08-27 23:15 - 00000000 ____D C:\Windows\System32\searchplugins 2013-08-27 23:15 - 2013-08-27 23:15 - 00000000 ____D C:\Windows\System32\Extensions 2013-08-27 23:15 - 2013-08-27 23:15 - 00000000 ____D C:\Users\Mariusz\AppData\Roaming\0C1I1L1R1J0M1P0I1G 2013-08-27 23:13 - 2013-09-11 08:36 - 00000000 ____D C:\Program Files\VuuPC 2013-08-27 23:13 - 2013-08-27 23:13 - 00001128 _____ C:\Users\Mariusz\Desktop\My VuuPC.lnk 2013-08-27 23:13 - 2013-08-27 23:13 - 00000000 ____D C:\Users\Mariusz\AppData\Roaming\Babylon 2013-08-27 23:13 - 2013-08-27 23:13 - 00000000 ____D C:\ProgramData\Babylon 2013-08-27 23:13 - 2013-08-27 23:13 - 00000000 ____D C:\Program Files\WebConnect 2013-08-27 23:03 - 2013-08-28 22:35 - 00000000 ____D C:\Program Files\NapiProjekt 2013-08-27 23:02 - 2013-08-28 22:35 - 00000000 ____D C:\Users\Mariusz\AppData\Local\ALLPlayer 2013-08-27 23:02 - 2013-08-28 22:35 - 00000000 ____D C:\Program Files\ALLPlayer 2013-08-27 23:01 - 2013-08-27 23:01 - 43868674 _____ (ALLPlayer ) C:\Users\Mariusz\Downloads\ALLPlayerPL.exe 2013-08-27 22:52 - 2013-08-27 22:53 - 00000000 ____D C:\Users\Mariusz\AppData\Roaming\FreeSmith 2013-08-27 22:45 - 2013-08-27 22:47 - 13279984 _____ (Nullsoft, Inc.) C:\Users\Mariusz\Downloads\winamp565_full_emusic-7plus_es-us.exe 2013-08-27 22:27 - 2013-08-27 22:27 - 09417032 _____ (Pazera Jacek ) C:\Users\Mariusz\Downloads\Pazera_Free_MP4_to_AVI_Converter.exe 2013-08-20 21:23 - 2013-08-27 23:14 - 00000000 ____D C:\Program Files\Mozilla Firefox 2013-08-19 23:21 - 2013-08-19 23:21 - 00001034 _____ C:\Users\Public\Desktop\VLC media player.lnk 2013-08-19 07:52 - 2013-08-19 07:52 - 00019642 _____ C:\Users\Mariusz\Desktop\WAKACJE NA SPORTOWO 2013 finanase.xlsx 2013-08-14 13:51 - 2013-08-14 16:51 - 00014081 _____ C:\Users\Mariusz\Desktop\Zaświadczenie Martyna Liszka.sxw 2013-08-14 11:42 - 2013-07-26 04:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll 2013-08-14 11:42 - 2013-07-26 04:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2013-08-14 11:42 - 2013-07-26 04:13 - 00042496 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe 2013-08-14 11:42 - 2013-07-26 04:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2013-08-14 11:42 - 2013-07-26 04:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2013-08-14 11:42 - 2013-07-26 04:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2013-08-14 11:42 - 2013-07-26 04:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll 2013-08-14 11:42 - 2013-07-26 04:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2013-08-14 11:42 - 2013-07-26 04:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll 2013-08-14 11:42 - 2013-07-26 04:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll 2013-08-14 11:42 - 2013-07-26 04:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll 2013-08-14 11:42 - 2013-07-26 04:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2013-08-14 11:42 - 2013-07-26 04:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2013-08-14 11:42 - 2013-07-26 04:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll 2013-08-14 11:42 - 2013-07-26 03:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2013-08-14 11:42 - 2013-07-26 02:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe 2013-08-14 09:12 - 2013-08-14 09:12 - 00000000 ____D C:\Users\Default\AppData\Local\Google 2013-08-14 09:12 - 2013-08-14 09:12 - 00000000 ____D C:\Users\Default User\AppData\Local\Google 2013-08-14 08:29 - 2013-07-09 05:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\System32\wintrust.dll 2013-08-14 08:29 - 2013-07-09 05:50 - 00652800 _____ (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll 2013-08-14 08:29 - 2013-07-09 05:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\System32\crypt32.dll 2013-08-14 08:29 - 2013-07-09 05:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll 2013-08-14 08:29 - 2013-07-09 05:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\System32\cryptnet.dll 2013-08-14 08:28 - 2013-07-25 09:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\System32\WMVDECOD.DLL 2013-08-14 08:28 - 2013-07-19 02:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\tzres.dll 2013-08-14 08:28 - 2013-07-09 06:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe 2013-08-14 08:28 - 2013-07-09 06:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe 2013-08-14 08:28 - 2013-07-09 05:53 - 01289096 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll 2013-08-14 08:28 - 2013-07-06 06:05 - 01293760 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys 2013-08-14 08:26 - 2013-06-15 04:38 - 00031232 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tssecsrv.sys ==================== One Month Modified Files and Folders ======= 2013-09-11 08:45 - 2013-09-10 17:35 - 00000004 _____ C:\Users\Mariusz\AppData\Roaming\settings.ini 2013-09-11 08:45 - 2012-11-20 11:44 - 01788919 _____ C:\Windows\WindowsUpdate.log 2013-09-11 08:38 - 2013-07-10 14:24 - 00001356 _____ C:\Users\Mariusz\Desktop\Wyczyść rejestr za darmo!.lnk 2013-09-11 08:36 - 2013-08-27 23:13 - 00000000 ____D C:\Program Files\VuuPC 2013-09-11 08:32 - 2009-07-14 05:34 - 00020512 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-09-11 08:32 - 2009-07-14 05:34 - 00020512 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-09-11 08:29 - 2012-11-20 11:52 - 01549696 _____ C:\Windows\System32\PerfStringBackup.INI 2013-09-11 08:29 - 2009-07-14 09:07 - 00697912 _____ C:\Windows\System32\perfh015.dat 2013-09-11 08:29 - 2009-07-14 09:07 - 00134990 _____ C:\Windows\System32\perfc015.dat 2013-09-11 08:25 - 2013-01-18 15:46 - 00000439 _____ C:\Windows\System32\Drivers\etc\hosts.ics 2013-09-11 08:25 - 2012-11-20 12:57 - 00000000 ____D C:\ProgramData\NVIDIA 2013-09-11 08:25 - 2009-07-14 05:39 - 00113864 _____ C:\Windows\setupact.log 2013-09-10 22:12 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\tracing 2013-09-10 17:25 - 2013-04-05 22:56 - 00001978 _____ C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk 2013-09-10 17:25 - 2012-11-20 12:39 - 00000000 ___HD C:\Program Files\InstallShield Installation Information 2013-09-10 17:25 - 2012-11-20 12:37 - 00221918 _____ C:\Windows\DPINST.LOG 2013-09-10 17:22 - 2013-07-25 09:27 - 00000000 ____D C:\Users\Mariusz\AppData\Roaming\Skype 2013-09-10 12:00 - 2013-04-22 08:29 - 00000000 ____D C:\Users\Mariusz\Desktop\Muzyka 2013-09-09 15:01 - 2012-12-27 18:25 - 00000000 ____D C:\Users\Mariusz\Desktop\Nowy folder (2) 2013-09-04 06:01 - 2013-09-04 06:00 - 00014898 _____ C:\Users\Mariusz\Desktop\Remont.sxw 2013-09-01 12:44 - 2013-08-31 17:58 - 00020017 _____ C:\Users\Mariusz\Desktop\Plan zajęć RKJJS nowy.sxw 2013-08-31 07:37 - 2013-08-29 14:19 - 00019716 _____ C:\Users\Mariusz\Desktop\Plan zajęć RKJJS.sxw 2013-08-30 07:03 - 2013-08-30 06:53 - 00015989 _____ C:\Users\Mariusz\Desktop\pismo użyczenie sali 2013 sp34.sxw 2013-08-30 06:53 - 2012-11-21 08:44 - 00000000 ____D C:\Users\Mariusz\Desktop\KLUB JU JITSU 1 2013-08-28 22:42 - 2012-11-20 14:52 - 00000000 ____D C:\Users\Mariusz\AppData\Roaming\vlc 2013-08-28 22:35 - 2013-08-28 22:35 - 00001066 _____ C:\Users\Public\Desktop\ALLConverter PRO.lnk 2013-08-28 22:35 - 2013-08-28 22:35 - 00001047 _____ C:\Users\Public\Desktop\ALL Media Server.lnk 2013-08-28 22:35 - 2013-08-28 22:35 - 00000987 _____ C:\Users\Mariusz\Desktop\ALLPlayer.lnk 2013-08-28 22:35 - 2013-08-28 22:35 - 00000950 _____ C:\Users\Mariusz\Desktop\NapiProjekt.lnk 2013-08-28 22:35 - 2013-08-28 22:35 - 00000000 ____D C:\Users\Mariusz\AppData\Local\ALLMediaServer 2013-08-28 22:35 - 2013-08-28 22:35 - 00000000 ____D C:\Users\Mariusz\AppData\Local\ALLConverter 2013-08-28 22:35 - 2013-08-28 22:35 - 00000000 ____D C:\Program Files\ALLMediaServer 2013-08-28 22:35 - 2013-08-28 22:35 - 00000000 ____D C:\Program Files\ALLConverter PRO 2013-08-28 22:35 - 2013-08-27 23:03 - 00000000 ____D C:\Program Files\NapiProjekt 2013-08-28 22:35 - 2013-08-27 23:02 - 00000000 ____D C:\Users\Mariusz\AppData\Local\ALLPlayer 2013-08-28 22:35 - 2013-08-27 23:02 - 00000000 ____D C:\Program Files\ALLPlayer 2013-08-28 22:16 - 2013-08-28 22:16 - 00001171 _____ C:\Users\Mariusz\Desktop\Kontynuuj instalację ALLPlayer.lnk 2013-08-28 15:26 - 2012-11-20 15:11 - 00039664 _____ C:\Windows\PFRO.log 2013-08-28 12:57 - 2012-11-20 15:29 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-08-27 23:15 - 2013-08-27 23:15 - 00000000 ____D C:\Windows\System32\searchplugins 2013-08-27 23:15 - 2013-08-27 23:15 - 00000000 ____D C:\Windows\System32\Extensions 2013-08-27 23:15 - 2013-08-27 23:15 - 00000000 ____D C:\Users\Mariusz\AppData\Roaming\0C1I1L1R1J0M1P0I1G 2013-08-27 23:14 - 2013-08-20 21:23 - 00000000 ____D C:\Program Files\Mozilla Firefox 2013-08-27 23:13 - 2013-08-27 23:13 - 00001128 _____ C:\Users\Mariusz\Desktop\My VuuPC.lnk 2013-08-27 23:13 - 2013-08-27 23:13 - 00000000 ____D C:\Users\Mariusz\AppData\Roaming\Babylon 2013-08-27 23:13 - 2013-08-27 23:13 - 00000000 ____D C:\ProgramData\Babylon 2013-08-27 23:13 - 2013-08-27 23:13 - 00000000 ____D C:\Program Files\WebConnect 2013-08-27 23:01 - 2013-08-27 23:01 - 43868674 _____ (ALLPlayer ) C:\Users\Mariusz\Downloads\ALLPlayerPL.exe 2013-08-27 22:53 - 2013-08-27 22:52 - 00000000 ____D C:\Users\Mariusz\AppData\Roaming\FreeSmith 2013-08-27 22:47 - 2013-08-27 22:45 - 13279984 _____ (Nullsoft, Inc.) C:\Users\Mariusz\Downloads\winamp565_full_emusic-7plus_es-us.exe 2013-08-27 22:27 - 2013-08-27 22:27 - 09417032 _____ (Pazera Jacek ) C:\Users\Mariusz\Downloads\Pazera_Free_MP4_to_AVI_Converter.exe 2013-08-24 08:03 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\NDF 2013-08-21 21:06 - 2012-11-20 16:13 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe 2013-08-21 21:06 - 2012-11-20 16:13 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl 2013-08-20 22:07 - 2012-11-20 14:07 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2013-08-19 23:21 - 2013-08-19 23:21 - 00001034 _____ C:\Users\Public\Desktop\VLC media player.lnk 2013-08-19 07:52 - 2013-08-19 07:52 - 00019642 _____ C:\Users\Mariusz\Desktop\WAKACJE NA SPORTOWO 2013 finanase.xlsx 2013-08-14 16:51 - 2013-08-14 13:51 - 00014081 _____ C:\Users\Mariusz\Desktop\Zaświadczenie Martyna Liszka.sxw 2013-08-14 14:35 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache 2013-08-14 14:05 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Microsoft.NET 2013-08-14 12:40 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\pl-PL 2013-08-14 11:50 - 2013-07-16 14:59 - 00000000 ____D C:\Windows\System32\MRT 2013-08-14 11:47 - 2012-11-20 14:51 - 75778376 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe 2013-08-14 09:12 - 2013-08-14 09:12 - 00000000 ____D C:\Users\Default\AppData\Local\Google 2013-08-14 09:12 - 2013-08-14 09:12 - 00000000 ____D C:\Users\Default User\AppData\Local\Google Files to move or delete: ==================== C:\Users\Mariusz\AppData\Local\Temp\banner.exe C:\Users\Mariusz\AppData\Local\Temp\DataCard_Setup.exe C:\Users\Mariusz\AppData\Local\Temp\GoogleSetup.exe C:\Users\Mariusz\AppData\Local\Temp\hb-es9oa.dll C:\Users\Mariusz\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe C:\Users\Mariusz\AppData\Local\Temp\ResetDevice.exe C:\Users\Mariusz\AppData\Local\Temp\setup.exe C:\Users\Mariusz\AppData\Local\Temp\Softonic_PL_1-4-9.exe C:\Users\Mariusz\AppData\Local\Temp\uninst1.exe C:\Users\Mariusz\AppData\Local\Temp\vlc-2.0.8-win32.exe C:\Users\Mariusz\AppData\Local\Temp\vsqadinlkikehxnhyj.exe C:\Users\Mariusz\AppData\Local\Temp\_is27CB.exe C:\Users\Mariusz\AppData\Local\Temp\_is8B5E.exe C:\Users\Mariusz\AppData\Local\Temp\_is9FE7.exe ==================== Known DLLs (Whitelisted) ============ ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== EXE ASSOCIATION ===================== HKLM\...\.exe: exefile => OK HKLM\...\exefile\DefaultIcon: %1 => OK HKLM\...\exefile\open\command: "%1" %* => OK ==================== Restore Points ========================= Restore point made on: 2013-08-24 13:01:30 Restore point made on: 2013-08-27 13:44:13 Restore point made on: 2013-08-28 12:56:40 Restore point made on: 2013-09-02 21:20:26 Restore point made on: 2013-09-03 20:59:09 Restore point made on: 2013-09-10 09:54:23 ==================== Memory info =========================== Percentage of memory in use: 12% Total physical RAM: 4060.6 MB Available physical RAM: 3536.88 MB Total Pagefile: 4058.88 MB Available Pagefile: 3548.62 MB Total Virtual: 2047.88 MB Available Virtual: 1938.53 MB ==================== Drives ================================ Drive c: (SYSTEM) (Fixed) (Total:97.56 GB) (Free:14.15 GB) NTFS Drive e: (DANE) (Fixed) (Total:200.43 GB) (Free:190.57 GB) NTFS Drive f: (Windows7PL_ALL_x86_x64_DVD) (CDROM) (Total:3.68 GB) (Free:0 GB) UDF Drive g: () (Removable) (Total:14.91 GB) (Free:2.49 GB) FAT32 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS Drive y: (Zastrzeżone przez system) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 8F8A2C8C) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=98 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=200 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 15 GB) (Disk ID: 34341603) Partition 1: (Not Active) - (Size=15 GB) - (Type=0C) LastRegBack: 2013-08-27 10:34 ==================== End Of Log ============================