Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-09-2013 Ran by Mariusz (administrator) on MARIUSZ-DOM on 11-09-2013 13:00:32 Running from F:\ Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: Polish Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) =================== (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe () C:\ProgramData\DatacardService\HWDeviceService.exe () C:\Windows\system32\srvany.exe () C:\Windows\KMService.exe () C:\ProgramData\PLAY ONLINE\OnlineUpdate\ouc.exe (Samsung Electronics Co., Ltd.) C:\Windows\system32\spool\drivers\w32x86\3\NetFaxServer.exe (Conexant Systems, Inc.) C:\Windows\system32\SAsrv.exe () C:\Program Files\PLAY ONLINE\AssistantServices.exe (Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe (Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Lenovo(beijing) Limited) C:\Program Files\Lenovo\Energy Management\utility.exe (Lenovo (Beijing) Limited) C:\Program Files\Lenovo\Energy Management\Energy Management.exe () C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe () C:\Program Files\PLAY ONLINE\UIExec.exe (Conexant Systems, Inc) C:\Program Files\Conexant\SAII\SmartAudio.exe (Sony) C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe (Facebook Inc.) C:\Users\Mariusz\AppData\Local\Facebook\Update\FacebookUpdate.exe (Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apntex.exe (Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe () C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe (Microsoft Corporation) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [SmartAudio] - C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2010-04-28] () HKLM\...\Run: [Apoint] - C:\Program Files\Apoint2K\Apoint.exe [251248 2010-08-18] (Alps Electric Co., Ltd.) HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation) HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [3117344 2012-03-07] (ESET) HKLM\...\Run: [snp2uvc] - C:\Windows\vsnp2uvc.exe HKLM\...\Run: [PLFSetL] - C:\Windows\PLFSetL.exe HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.) HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM\...\Run: [EnergyUtility] - C:\Program Files\Lenovo\Energy Management\utility.exe [4114336 2009-07-31] (Lenovo(beijing) Limited) HKLM\...\Run: [Energy Management] - C:\Program Files\Lenovo\Energy Management\Energy Management.exe [5064520 2009-06-25] (Lenovo (Beijing) Limited) HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation) HKLM\...\Run: [CLX3180_Scan2Pc] - C:\Windows\Twain_32\Samsung\CLX3180\Scan2pc.exe [2043392 2012-01-18] () HKLM\...\Run: [UIExec] - C:\Program Files\PLAY ONLINE\UIExec.exe [138584 2010-04-30] () HKCU\...\Run: [SmartAudio] - C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2010-04-28] () HKCU\...\Run: [Sony PC Companion] - C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [449248 2013-05-29] (Sony) HKCU\...\Run: [Facebook Update] - C:\Users\Mariusz\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-07-24] (Facebook Inc.) HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.) HKCU\...\Run: [ALLUpdate] - C:\Program Files\ALLPlayer\ALLUpdate.exe [2995712 2013-07-19] (ALLPlayer Group Ltd.) MountPoints2: {1fcd8e75-9df7-11e2-b06d-0c6076b89d61} - F:\Startme.exe MountPoints2: {6e7c1f10-fc55-11e2-a03e-0c6076b89d61} - F:\AutoRun.exe MountPoints2: {96601649-171e-11e3-9d45-0c6076b89d61} - F:\AutoRun.exe MountPoints2: {b24fdc96-f881-11e2-a0f3-0c6076b89d61} - F:\AutoRun.exe MountPoints2: {b24fdca7-f881-11e2-a0f3-0c6076b89d61} - F:\AutoRun.exe MountPoints2: {c443f6ce-339b-11e2-a739-0c6076b89d61} - F:\AutoRun.exe MountPoints2: {c443f6e4-339b-11e2-a739-001e101f859f} - G:\AutoRun.exe MountPoints2: {d9f03164-8a09-11e2-9926-001e101f8ed0} - F:\AutoRun.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl/0,0.html?p=149 SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=BEDB001E65DAE747&affID=119357&tsp=4987 SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=BEDB001E65DAE747&affID=119357&tsp=4987 BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: IplexToALLPlayer - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~1\ALLPLA~1\Iplex\IPLEXT~1.DLL (ALLCinema Ltd.) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab DPF: {92ECE6FA-AC2E-4042-BFAE-0C8608E52A43} https://www.bph.pl/pi/components/bph/SignActivX.cab DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{1217B671-E847-47E6-B908-A8F674772E72}: [NameServer]89.108.202.21 89.108.195.21 Tcpip\..\Interfaces\{2A5D3634-601A-463D-8F42-529DEDC2E6D5}: [NameServer]89.108.202.21 89.108.195.21 Tcpip\..\Interfaces\{2B90ACE7-6F85-4268-9CB8-69FBA43F2B50}: [NameServer]89.108.195.20 89.108.202.20 FireFox: ======== FF ProfilePath: C:\Users\Mariusz\AppData\Roaming\Mozilla\Firefox\Profiles\zq7phn41.default FF user.js: detected! => C:\Users\Mariusz\AppData\Roaming\Mozilla\Firefox\Profiles\zq7phn41.default\user.js FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll () FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.) FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Mariusz\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF Extension: Iplex to ALLPlayer - C:\Users\Mariusz\AppData\Roaming\Mozilla\Firefox\Profiles\zq7phn41.default\Extensions\IplextoALL@ALLPlayer.org FF Extension: IplextoALL - C:\Users\Mariusz\AppData\Roaming\Mozilla\Firefox\Profiles\zq7phn41.default\Extensions\IplextoALL@ALLPlayer.org.xpi FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird Chrome: ======= CHR DefaultSearchURL: (Delta Search) - http://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=BEDB001E65DAE747&affID=119357&tsp=4987 CHR DefaultSuggestURL: (Delta Search) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter} CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\29.0.1547.66\pdf.dll () CHR Plugin: (Winamp Application Detector) - C:\Program Files\Mozilla Firefox\plugins\npwachk.dll (Nullsoft, Inc.) CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) CHR Plugin: (Java(TM) Platform SE 7 U9) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (McAfee Security Scanner +) - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll No File CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) CHR Plugin: (VLC Web Plugin) - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Mariusz\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.) CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll () CHR Plugin: (Java Deployment Toolkit 7.0.90.5) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) CHR Extension: (WebConnect) - C:\Users\Mariusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieakfmpjhljbpbfpldjkddkjmmgjmgon\1.0.0_1 CHR Extension: (Chrome In-App Payments service) - C:\Users\Mariusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_1 ========================== Services (Whitelisted) ================= R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [582944 2009-07-01] (Broadcom Corporation.) R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [913144 2012-03-07] (ESET) R2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [271712 2011-03-14] () R2 KMService; C:\Windows\system32\srvany.exe [8192 2012-11-20] () S2 PLAY ONLINE. RunOuc; C:\Users\Mariusz\Desktop\PLAY ONLINE\UpdateDog\ouc.exe [246112 2013-07-29] () R2 Samsung Network Fax Server; C:\Windows\system32\spool\drivers\w32x86\3\NetFaxServer.exe [165888 2010-03-08] (Samsung Electronics Co., Ltd.) S3 Samsung UPD Service2; C:\Windows\System32\SUPDSvc2.exe [129536 2012-04-06] (Samsung Electronics) R2 SAService; C:\Windows\system32\SAsrv.exe [445496 2010-03-25] (Conexant Systems, Inc.) S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) R2 UI Assistant Service; C:\Program Files\PLAY ONLINE\AssistantServices.exe [252784 2010-04-30] () ==================== Drivers (Whitelisted) ==================== R3 ACPIVPC; C:\Windows\System32\DRIVERS\AcpiVpc.sys [23136 2010-01-20] (Lenovo Corporation) R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation) S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [38400 2009-07-13] (Samsung Electronics Co., Ltd.) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [169080 2012-03-14] (ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [120152 2012-03-14] (ESET) R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [103112 2012-03-14] (ESET) R1 funfrm; C:\Windows\System32\Drivers\funfrm.sys [54800 2012-11-20] () S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [95616 2013-07-29] (Huawei Technologies Co., Ltd.) S3 huawei_ext_ctrl; C:\Windows\System32\DRIVERS\ew_juextctrl.sys [27520 2013-07-29] (Huawei Technologies Co., Ltd.) S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [195072 2013-07-29] (Huawei Technologies Co., Ltd.) R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1759616 2009-03-13] () R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2009-07-12] (Samsung Electronics) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-09-11 11:28 - 2013-09-11 12:50 - 00001356 _____ C:\Users\Mariusz\Desktop\Wyczyść rejestr za darmo!.lnk 2013-09-11 10:55 - 2013-09-11 10:55 - 00000000 ____D C:\FRST 2013-09-04 07:00 - 2013-09-04 07:01 - 00014898 _____ C:\Users\Mariusz\Desktop\Remont.sxw 2013-08-31 18:58 - 2013-09-01 13:44 - 00020017 _____ C:\Users\Mariusz\Desktop\Plan zajęć RKJJS nowy.sxw 2013-08-30 07:53 - 2013-08-30 08:03 - 00015989 _____ C:\Users\Mariusz\Desktop\pismo użyczenie sali 2013 sp34.sxw 2013-08-29 15:19 - 2013-08-31 08:37 - 00019716 _____ C:\Users\Mariusz\Desktop\Plan zajęć RKJJS.sxw 2013-08-28 23:35 - 2013-08-28 23:35 - 00001066 _____ C:\Users\Public\Desktop\ALLConverter PRO.lnk 2013-08-28 23:35 - 2013-08-28 23:35 - 00001047 _____ C:\Users\Public\Desktop\ALL Media Server.lnk 2013-08-28 23:35 - 2013-08-28 23:35 - 00000987 _____ C:\Users\Mariusz\Desktop\ALLPlayer.lnk 2013-08-28 23:35 - 2013-08-28 23:35 - 00000950 _____ C:\Users\Mariusz\Desktop\NapiProjekt.lnk 2013-08-28 23:35 - 2013-08-28 23:35 - 00000000 ____D C:\Users\Mariusz\AppData\Local\ALLMediaServer 2013-08-28 23:35 - 2013-08-28 23:35 - 00000000 ____D C:\Users\Mariusz\AppData\Local\ALLConverter 2013-08-28 23:35 - 2013-08-28 23:35 - 00000000 ____D C:\Program Files\ALLMediaServer 2013-08-28 23:35 - 2013-08-28 23:35 - 00000000 ____D C:\Program Files\ALLConverter PRO 2013-08-28 23:34 - 2013-04-05 21:26 - 02106368 _____ C:\Windows\system32\ac3filter.ax 2013-08-28 23:34 - 2013-04-05 21:26 - 00276992 _____ (IntelleSoft) C:\Windows\system32\BugTrap.dll 2013-08-28 23:34 - 2011-06-02 02:10 - 00644608 _____ C:\Windows\system32\xvidcore.dll 2013-08-28 23:34 - 2007-10-07 15:36 - 00258048 _____ C:\Windows\system32\libFLAC.dll 2013-08-28 23:16 - 2013-08-28 23:16 - 00001171 _____ C:\Users\Mariusz\Desktop\Kontynuuj instalację ALLPlayer.lnk 2013-08-28 00:03 - 2013-08-28 23:35 - 00000000 ____D C:\Program Files\NapiProjekt 2013-08-28 00:02 - 2013-08-28 23:35 - 00000000 ____D C:\Users\Mariusz\AppData\Local\ALLPlayer 2013-08-28 00:02 - 2013-08-28 23:35 - 00000000 ____D C:\Program Files\ALLPlayer 2013-08-28 00:01 - 2013-08-28 00:01 - 43868674 _____ (ALLPlayer ) C:\Users\Mariusz\Downloads\ALLPlayerPL.exe 2013-08-27 23:52 - 2013-08-27 23:53 - 00000000 ____D C:\Users\Mariusz\AppData\Roaming\FreeSmith 2013-08-27 23:45 - 2013-08-27 23:47 - 13279984 _____ (Nullsoft, Inc.) C:\Users\Mariusz\Downloads\winamp565_full_emusic-7plus_es-us.exe 2013-08-27 23:27 - 2013-08-27 23:27 - 09417032 _____ (Pazera Jacek ) C:\Users\Mariusz\Downloads\Pazera_Free_MP4_to_AVI_Converter.exe 2013-08-20 22:23 - 2013-08-28 00:14 - 00000000 ____D C:\Program Files\Mozilla Firefox 2013-08-20 00:21 - 2013-08-20 00:21 - 00001034 _____ C:\Users\Public\Desktop\VLC media player.lnk 2013-08-19 08:52 - 2013-08-19 08:52 - 00019642 _____ C:\Users\Mariusz\Desktop\WAKACJE NA SPORTOWO 2013 finanase.xlsx 2013-08-14 14:51 - 2013-08-14 17:51 - 00014081 _____ C:\Users\Mariusz\Desktop\Zaświadczenie Martyna Liszka.sxw 2013-08-14 12:42 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-08-14 12:42 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-08-14 12:42 - 2013-07-26 05:13 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-08-14 12:42 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-08-14 12:42 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-08-14 12:42 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-08-14 12:42 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-08-14 12:42 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-08-14 12:42 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-08-14 12:42 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-08-14 12:42 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-08-14 12:42 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-08-14 12:42 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-08-14 12:42 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-08-14 12:42 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-08-14 12:42 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-08-14 10:12 - 2013-08-14 10:12 - 00000000 ____D C:\Users\Default\AppData\Local\Google 2013-08-14 10:12 - 2013-08-14 10:12 - 00000000 ____D C:\Users\Default User\AppData\Local\Google 2013-08-14 09:29 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2013-08-14 09:29 - 2013-07-09 06:50 - 00652800 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2013-08-14 09:29 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2013-08-14 09:29 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2013-08-14 09:29 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2013-08-14 09:28 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2013-08-14 09:28 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2013-08-14 09:28 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2013-08-14 09:28 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2013-08-14 09:28 - 2013-07-09 06:53 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2013-08-14 09:28 - 2013-07-06 07:05 - 01293760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2013-08-14 09:26 - 2013-06-15 05:38 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys ==================== One Month Modified Files and Folders ======= 2013-09-11 12:56 - 2009-07-14 06:34 - 00020512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-09-11 12:56 - 2009-07-14 06:34 - 00020512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-09-11 12:55 - 2012-11-20 12:52 - 01549696 _____ C:\Windows\system32\PerfStringBackup.INI 2013-09-11 12:55 - 2009-07-14 10:07 - 00697912 _____ C:\Windows\system32\perfh015.dat 2013-09-11 12:55 - 2009-07-14 10:07 - 00134990 _____ C:\Windows\system32\perfc015.dat 2013-09-11 12:50 - 2013-09-11 11:28 - 00001356 _____ C:\Users\Mariusz\Desktop\Wyczyść rejestr za darmo!.lnk 2013-09-11 12:50 - 2012-11-20 15:42 - 00001034 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-09-11 12:49 - 2013-01-18 16:46 - 00000439 _____ C:\Windows\system32\Drivers\etc\hosts.ics 2013-09-11 12:49 - 2012-11-20 17:13 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-09-11 12:49 - 2012-11-20 16:11 - 00041674 _____ C:\Windows\PFRO.log 2013-09-11 12:49 - 2012-11-20 13:57 - 00000000 ____D C:\ProgramData\NVIDIA 2013-09-11 12:49 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-09-11 12:49 - 2009-07-14 06:39 - 00113976 _____ C:\Windows\setupact.log 2013-09-11 12:49 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\tracing 2013-09-11 12:48 - 2012-11-20 12:44 - 01852781 _____ C:\Windows\WindowsUpdate.log 2013-09-11 12:23 - 2013-07-25 10:27 - 00000000 ____D C:\Users\Mariusz\AppData\Roaming\Skype 2013-09-11 12:23 - 2012-11-20 15:42 - 00001038 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-09-11 12:04 - 2012-11-20 17:13 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2013-09-11 12:04 - 2012-11-20 17:13 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2013-09-11 10:55 - 2013-09-11 10:55 - 00000000 ____D C:\FRST 2013-09-10 23:12 - 2013-07-24 10:16 - 00000936 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1488463087-1391460751-3616630612-1000UA.job 2013-09-10 18:25 - 2013-04-05 23:56 - 00001978 _____ C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk 2013-09-10 18:25 - 2012-11-20 13:39 - 00000000 ___HD C:\Program Files\InstallShield Installation Information 2013-09-10 18:25 - 2012-11-20 13:37 - 00221918 _____ C:\Windows\DPINST.LOG 2013-09-10 13:00 - 2013-04-22 09:29 - 00000000 ____D C:\Users\Mariusz\Desktop\Muzyka 2013-09-09 16:01 - 2012-12-27 19:25 - 00000000 ____D C:\Users\Mariusz\Desktop\Nowy folder (2) 2013-09-08 20:05 - 2013-07-24 10:16 - 00000914 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1488463087-1391460751-3616630612-1000Core.job 2013-09-08 20:01 - 2013-06-24 18:57 - 00000268 _____ C:\Windows\Tasks\RegClean Pro_DEFAULT.job 2013-09-04 23:03 - 2013-06-24 18:57 - 00000276 _____ C:\Windows\Tasks\RegClean Pro_UPDATES.job 2013-09-04 07:01 - 2013-09-04 07:00 - 00014898 _____ C:\Users\Mariusz\Desktop\Remont.sxw 2013-09-01 13:44 - 2013-08-31 18:58 - 00020017 _____ C:\Users\Mariusz\Desktop\Plan zajęć RKJJS nowy.sxw 2013-08-31 08:37 - 2013-08-29 15:19 - 00019716 _____ C:\Users\Mariusz\Desktop\Plan zajęć RKJJS.sxw 2013-08-30 08:03 - 2013-08-30 07:53 - 00015989 _____ C:\Users\Mariusz\Desktop\pismo użyczenie sali 2013 sp34.sxw 2013-08-30 07:53 - 2012-11-21 09:44 - 00000000 ____D C:\Users\Mariusz\Desktop\KLUB JU JITSU 1 2013-08-28 23:42 - 2012-11-20 15:52 - 00000000 ____D C:\Users\Mariusz\AppData\Roaming\vlc 2013-08-28 23:35 - 2013-08-28 23:35 - 00001066 _____ C:\Users\Public\Desktop\ALLConverter PRO.lnk 2013-08-28 23:35 - 2013-08-28 23:35 - 00001047 _____ C:\Users\Public\Desktop\ALL Media Server.lnk 2013-08-28 23:35 - 2013-08-28 23:35 - 00000987 _____ C:\Users\Mariusz\Desktop\ALLPlayer.lnk 2013-08-28 23:35 - 2013-08-28 23:35 - 00000950 _____ C:\Users\Mariusz\Desktop\NapiProjekt.lnk 2013-08-28 23:35 - 2013-08-28 23:35 - 00000000 ____D C:\Users\Mariusz\AppData\Local\ALLMediaServer 2013-08-28 23:35 - 2013-08-28 23:35 - 00000000 ____D C:\Users\Mariusz\AppData\Local\ALLConverter 2013-08-28 23:35 - 2013-08-28 23:35 - 00000000 ____D C:\Program Files\ALLMediaServer 2013-08-28 23:35 - 2013-08-28 23:35 - 00000000 ____D C:\Program Files\ALLConverter PRO 2013-08-28 23:35 - 2013-08-28 00:03 - 00000000 ____D C:\Program Files\NapiProjekt 2013-08-28 23:35 - 2013-08-28 00:02 - 00000000 ____D C:\Users\Mariusz\AppData\Local\ALLPlayer 2013-08-28 23:35 - 2013-08-28 00:02 - 00000000 ____D C:\Program Files\ALLPlayer 2013-08-28 23:16 - 2013-08-28 23:16 - 00001171 _____ C:\Users\Mariusz\Desktop\Kontynuuj instalację ALLPlayer.lnk 2013-08-28 13:57 - 2012-11-20 16:29 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-08-28 00:14 - 2013-08-20 22:23 - 00000000 ____D C:\Program Files\Mozilla Firefox 2013-08-28 00:01 - 2013-08-28 00:01 - 43868674 _____ (ALLPlayer ) C:\Users\Mariusz\Downloads\ALLPlayerPL.exe 2013-08-27 23:53 - 2013-08-27 23:52 - 00000000 ____D C:\Users\Mariusz\AppData\Roaming\FreeSmith 2013-08-27 23:47 - 2013-08-27 23:45 - 13279984 _____ (Nullsoft, Inc.) C:\Users\Mariusz\Downloads\winamp565_full_emusic-7plus_es-us.exe 2013-08-27 23:27 - 2013-08-27 23:27 - 09417032 _____ (Pazera Jacek ) C:\Users\Mariusz\Downloads\Pazera_Free_MP4_to_AVI_Converter.exe 2013-08-24 09:03 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF 2013-08-20 23:07 - 2012-11-20 15:07 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2013-08-20 00:21 - 2013-08-20 00:21 - 00001034 _____ C:\Users\Public\Desktop\VLC media player.lnk 2013-08-19 08:52 - 2013-08-19 08:52 - 00019642 _____ C:\Users\Mariusz\Desktop\WAKACJE NA SPORTOWO 2013 finanase.xlsx 2013-08-16 18:28 - 2009-07-14 06:53 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2013-08-14 17:51 - 2013-08-14 14:51 - 00014081 _____ C:\Users\Mariusz\Desktop\Zaświadczenie Martyna Liszka.sxw 2013-08-14 15:35 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache 2013-08-14 15:05 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET 2013-08-14 13:40 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\pl-PL 2013-08-14 12:50 - 2013-07-16 15:59 - 00000000 ____D C:\Windows\system32\MRT 2013-08-14 12:47 - 2012-11-20 15:51 - 75778376 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-08-14 10:12 - 2013-08-14 10:12 - 00000000 ____D C:\Users\Default\AppData\Local\Google 2013-08-14 10:12 - 2013-08-14 10:12 - 00000000 ____D C:\Users\Default User\AppData\Local\Google Files to move or delete: ==================== C:\Users\Mariusz\AppData\Local\Temp\hb-es9oa.dll ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-08-27 11:34 ==================== End Of Log ============================