Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-10-2013 Ran by Misiek (administrator) on MISIEK-KOMP on 01-11-2013 00:08:45 Running from C:\Users\Misiek\Downloads\Nowy folder Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Polish Internet Explorer Version 8 Boot Mode: Normal ==================== Processes (Whitelisted) =================== (NVIDIA Corporation) C:\windows\system32\nvvsvc.exe (NVIDIA Corporation) C:\windows\system32\nvvsvc.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Creative Technology Ltd) C:\Program Files\Creative\Shared Files\CTDevSrv.exe (ESET) C:\Programy\ESET NOD32 Antivirus\ekrn.exe () C:\windows\system32\PnkBstrA.exe () C:\windows\system32\PnkBstrB.exe () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe () C:\windows\SYSTEM32\Rezip.exe () C:\Program Files\CyberLink\Shared files\RichVideo.exe (SAMSUNG Electronics) C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe (SEC) C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe (Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe (Samsung Electronics Co., Ltd.) C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe (Google Inc.) C:\Program Files\Google\Update\1.3.21.165\GoogleCrashHandler.exe (RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe (Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe (CANON INC.) C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe (ESET) C:\Programy\ESET NOD32 Antivirus\egui.exe (CyberLink) C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (Research In Motion Limited) C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Creative Technology Ltd) C:\Program Files\Creative\Software Update 3\SoftAuto.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Research In Motion Limited) C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Dropbox, Inc.) C:\Users\Misiek\AppData\Roaming\Dropbox\bin\Dropbox.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Mozilla Corporation) C:\Programy\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Windows Mobile-based device management] - C:\Windows\WindowsMobile\wmdcBase.exe [648072 2007-05-31] (Microsoft Corporation) HKLM\...\Run: [UpdatePSTShortCut] - C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2009-07-21] (CyberLink Corp.) HKLM\...\Run: [UpdatePPShortCut] - C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.) HKLM\...\Run: [UpdatePDRShortCut] - C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [222504 2008-01-04] (CyberLink Corp.) HKLM\...\Run: [UpdateP2GoShortCut] - C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.) HKLM\...\Run: [UpdateLBPShortCut] - C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.) HKLM\...\Run: [UCam_Menu] - C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.) HKLM\...\Run: [TkBellExe] - C:\Program Files\Real\RealPlayer\Update\realsched.exe [295512 2013-09-15] (RealNetworks, Inc.) HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1713448 2010-02-26] (Synaptics Incorporated) HKLM\...\Run: [SwitchBoard] - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM\...\Run: [Start WingMan Profiler] - C:\Program Files\Logitech\Gaming Software\LWEMon.exe [153672 2010-06-14] (Logitech Inc.) HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8120864 2009-12-14] (Realtek Semiconductor) HKLM\...\Run: [RemoteControl8] - C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe [91432 2009-04-15] (CyberLink Corp.) HKLM\...\Run: [PDVD8LanguageShortcut] - C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe [50472 2009-04-15] (CyberLink Corp.) HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup HKLM\...\Run: [IJNetworkScanUtility] - C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [206240 2010-08-24] (CANON INC.) HKLM\...\Run: [egui] - C:\Programy\ESET NOD32 Antivirus\egui.exe [2215064 2010-08-12] (ESET) HKLM\...\Run: [CLMLServer] - C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-06-03] (CyberLink) HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation) HKLM\...\Run: [AdobeCS6ServiceManager] - C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated) HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [446392 2012-04-04] (Adobe Systems Incorporated) HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM\...\Run: [RIMBBLaunchAgent.exe] - C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [442896 2013-06-27] (Research In Motion Limited) HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKCU\...\Run: [Twoje TVN24] - [x] HKCU\...\Run: [AdobeBridge] - [x] HKCU\...\Run: [SoftAuto.exe] - C:\Program Files\Creative\Software Update 3\SoftAuto.exe [405504 2008-08-13] (Creative Technology Ltd) HKCU\...\Run: [gStart] - C:\Program Files\Garmin\gStart.exe HKCU\...\Run: [AQQ] - C:\Programy\AQQ\AQQ.exe [8062464 2013-07-25] (AQQ Sp. z o.o.) HKCU\...\Run: [ALLUpdate] - C:\Programy\ALLPlayer\ALLUpdate.exe [2995712 2013-07-19] (ALLPlayer Group Ltd.) MountPoints2: {1529ced3-1b5c-11e1-ac2b-00245442c42c} - F:\LaunchU3.exe -a MountPoints2: {bff64c99-2ba5-11df-a85f-0026b6b1d969} - I:\Launch.exe Startup: C:\Users\Misiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\Misiek\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\Misiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2010.lnk ShortcutTarget: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2010.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader) BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Pomocnik rejestracji usługi Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: IplexToALLPlayer - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Programy\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.) DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Hosts: 127.0.0.1 localhost Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\Misiek\AppData\Roaming\Mozilla\Firefox\Profiles\260j24x1.default-1383259781862 FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll () FF Plugin: @canon.com/EPPEX - C:\Programy\Canon\NPEZFFPI.DLL (CANON INC.) FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Programy\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin: @real.com/nppl3260;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprpplugin;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer) FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader) FF Plugin: @RIM.com/WebSLLauncher,version=1.0 - C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll () FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Programy\ESET NOD32 Antivirus\Mozilla Thunderbird FF Extension: ESET Smart Security Extension - C:\Programy\ESET NOD32 Antivirus\Mozilla Thunderbird FF StartMenuInternet: FIREFOX.EXE - C:\Programy\Mozilla Firefox\firefox.exe ========================== Services (Whitelisted) ================= R3 BlackBerry Device Manager; C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [585728 2013-06-27] (Research In Motion Limited) R2 CTDevice_Srv; C:\Program Files\Creative\Shared Files\CTDevSrv.exe [61440 2007-04-02] (Creative Technology Ltd) S3 CTUPnPSv; C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe [64000 2008-05-21] (Creative Technology Ltd) S3 EhttpSrv; C:\Programy\ESET NOD32 Antivirus\EHttpSrv.exe [33584 2010-08-12] (ESET) R2 ekrn; C:\Programy\ESET NOD32 Antivirus\ekrn.exe [810144 2010-08-12] (ESET) R2 PnkBstrA; C:\windows\system32\PnkBstrA.exe [76888 2012-12-16] () R2 PnkBstrB; C:\windows\system32\PnkBstrB.exe [215160 2013-03-22] () R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] () R2 Rezip; C:\windows\SYSTEM32\Rezip.exe [311296 2009-03-05] () R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2009-07-07] () S2 SwOffScheduler; C:\Programy\Switch Off\swoff.exe [135168 2011-05-28] (Airytec) S2 SwOffWeb; C:\Programy\Switch Off\swoff.exe [135168 2011-05-28] (Airytec) S2 FAH@C:+Users+Misiek+Downloads+FAH504-Console.exe; C:\Users\Misiek\Downloads\FAH504-Console.exe -svcstart [x] ==================== Drivers (Whitelisted) ==================== R3 athr; C:\Windows\System32\DRIVERS\athr.sys [2987520 2012-11-19] (Qualcomm Atheros Communications, Inc.) R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2010-08-10] () S3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [225280 2011-07-19] (Intel Corporation) R2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [136632 2010-07-29] (ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [115008 2010-07-29] (ESET) R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [96920 2010-07-29] (ESET) R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] () S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.) S3 iBtFltCoex; C:\Windows\System32\DRIVERS\iBtFltCoex.sys [47104 2011-07-20] (Intel Corporation) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2010-08-10] () R1 SABI; C:\windows\system32\Drivers\SABI.sys [10752 2009-05-28] (SAMSUNG ELECTRONICS) R0 speedfan; C:\Windows\System32\speedfan.sys [24184 2012-12-29] (Almico Software) R3 WmBEnum; C:\Windows\System32\drivers\WmBEnum.sys [22856 2010-04-27] (Logitech Inc.) S3 WmFilter; C:\Windows\System32\drivers\WmFilter.sys [37704 2010-04-27] (Logitech Inc.) R3 WmVirHid; C:\Windows\System32\drivers\WmVirHid.sys [15048 2010-04-27] (Logitech Inc.) R3 WmXlCore; C:\Windows\System32\drivers\WmXlCore.sys [66632 2010-04-27] (Logitech Inc.) R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] () S3 dgderdrv; System32\drivers\dgderdrv.sys [x] S4 sptd; \SystemRoot\System32\Drivers\sptd.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-10-31 23:49 - 2013-10-31 23:49 - 00148594 _____ C:\Users\Misiek\Downloads\bookmarks-2013-10-31.json 2013-10-31 23:49 - 2013-10-31 23:49 - 00000000 ____D C:\Users\Misiek\Desktop\Stare dane programu Firefox 2013-10-31 23:46 - 2013-10-31 23:46 - 00002627 _____ C:\Users\Misiek\Desktop\RKreport[0]_D_10312013_234641.txt 2013-10-31 23:46 - 2013-10-31 23:46 - 00001181 _____ C:\Users\Misiek\Desktop\RKreport[0]_H_10312013_234645.txt 2013-10-31 23:45 - 2013-10-31 23:45 - 00002555 _____ C:\Users\Misiek\Desktop\RKreport[0]_S_10312013_234520.txt 2013-10-31 23:42 - 2013-10-31 23:47 - 00000000 ____D C:\Users\Misiek\Desktop\RK_Quarantine 2013-10-31 23:37 - 2013-10-31 23:38 - 00000000 ____D C:\AdwCleaner 2013-10-29 10:39 - 2013-10-29 10:39 - 00000000 ____D C:\Users\Misiek\Desktop\Logi 28.10.13 2013-10-28 21:33 - 2013-11-01 00:08 - 00000000 ____D C:\Users\Misiek\Downloads\Nowy folder 2013-10-28 21:32 - 2013-10-28 21:32 - 00000000 ____D C:\FRST 2013-10-28 20:56 - 2013-10-28 20:56 - 00522752 _____ (Duplex Secure Ltd.) C:\Users\Misiek\Downloads\SPTDinst-v184-x86.exe 2013-10-20 19:38 - 2013-10-20 19:38 - 00000000 ____D C:\Users\Misiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Screamer Radio 2013-10-18 23:13 - 2013-10-18 23:13 - 00000000 ____D C:\ProgramData\Oracle 2013-10-18 23:07 - 2013-10-18 23:07 - 00004734 _____ C:\windows\system32\jupdate-1.7.0_45-b18.log 2013-10-18 23:07 - 2013-10-18 23:07 - 00000000 ____D C:\Program Files\Common Files\Java 2013-10-18 23:07 - 2013-10-08 06:50 - 00094632 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge.dll 2013-10-18 23:07 - 2013-10-08 06:46 - 00264616 _____ (Oracle Corporation) C:\windows\system32\javaws.exe 2013-10-18 23:07 - 2013-10-08 06:46 - 00175016 _____ (Oracle Corporation) C:\windows\system32\javaw.exe 2013-10-18 23:07 - 2013-10-08 06:46 - 00174504 _____ (Oracle Corporation) C:\windows\system32\java.exe 2013-10-17 22:20 - 2013-10-17 22:25 - 113255342 _____ C:\Users\Misiek\Downloads\Znak_Wód_Wielkich.rar 2013-10-09 18:49 - 2013-10-09 18:51 - 00000000 ____D C:\Users\Misiek\Downloads\topory z jeziora lednickiego 2013-10-03 19:53 - 2013-10-03 19:53 - 00001853 _____ C:\Users\Public\Desktop\BlackBerry Desktop Software.lnk 2013-10-03 19:53 - 2013-10-03 19:53 - 00000000 ____D C:\Users\Misiek\AppData\Roaming\Research In Motion 2013-10-03 19:52 - 2013-10-03 19:52 - 00000000 ____D C:\ProgramData\Research In Motion 2013-10-03 19:37 - 2013-10-03 19:37 - 00000000 ____D C:\Program Files\RapidHorse ==================== One Month Modified Files and Folders ======= 2013-11-01 00:08 - 2013-10-28 21:33 - 00000000 ____D C:\Users\Misiek\Downloads\Nowy folder 2013-10-31 23:56 - 2009-07-14 03:37 - 00000000 ____D C:\windows\tracing 2013-10-31 23:49 - 2013-10-31 23:49 - 00148594 _____ C:\Users\Misiek\Downloads\bookmarks-2013-10-31.json 2013-10-31 23:49 - 2013-10-31 23:49 - 00000000 ____D C:\Users\Misiek\Desktop\Stare dane programu Firefox 2013-10-31 23:47 - 2013-10-31 23:42 - 00000000 ____D C:\Users\Misiek\Desktop\RK_Quarantine 2013-10-31 23:47 - 2009-07-14 05:34 - 00014736 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-10-31 23:47 - 2009-07-14 05:34 - 00014736 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-10-31 23:46 - 2013-10-31 23:46 - 00002627 _____ C:\Users\Misiek\Desktop\RKreport[0]_D_10312013_234641.txt 2013-10-31 23:46 - 2013-10-31 23:46 - 00001181 _____ C:\Users\Misiek\Desktop\RKreport[0]_H_10312013_234645.txt 2013-10-31 23:45 - 2013-10-31 23:45 - 00002555 _____ C:\Users\Misiek\Desktop\RKreport[0]_S_10312013_234520.txt 2013-10-31 23:41 - 2013-05-16 21:19 - 00000000 ____D C:\Users\Misiek\AppData\Roaming\Dropbox 2013-10-31 23:39 - 2010-09-29 13:37 - 00065536 _____ C:\windows\system32\Ikeext.etl 2013-10-31 23:39 - 2010-03-08 16:18 - 00000000 ____D C:\Users\Misiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite 2013-10-31 23:39 - 2009-07-14 05:53 - 00000006 ____H C:\windows\Tasks\SA.DAT 2013-10-31 23:39 - 2009-07-14 05:39 - 00276005 _____ C:\windows\setupact.log 2013-10-31 23:38 - 2013-10-31 23:37 - 00000000 ____D C:\AdwCleaner 2013-10-31 23:38 - 2009-12-12 04:31 - 01964222 _____ C:\windows\WindowsUpdate.log 2013-10-31 21:32 - 2012-05-05 01:12 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2013-10-31 21:32 - 2010-03-08 20:48 - 00000000 ____D C:\Programy 2013-10-29 10:39 - 2013-10-29 10:39 - 00000000 ____D C:\Users\Misiek\Desktop\Logi 28.10.13 2013-10-28 21:32 - 2013-10-28 21:32 - 00000000 ____D C:\FRST 2013-10-28 21:15 - 2009-12-11 01:35 - 00762906 _____ C:\windows\system32\perfh015.dat 2013-10-28 21:15 - 2009-12-11 01:35 - 00165146 _____ C:\windows\system32\perfc015.dat 2013-10-28 21:15 - 2009-07-26 21:06 - 01724416 _____ C:\windows\system32\PerfStringBackup.INI 2013-10-28 21:05 - 2010-03-08 16:21 - 00000000 ____D C:\ProgramData\Adobe 2013-10-28 20:58 - 2009-12-11 12:17 - 00804606 _____ C:\windows\PFRO.log 2013-10-28 20:56 - 2013-10-28 20:56 - 00522752 _____ (Duplex Secure Ltd.) C:\Users\Misiek\Downloads\SPTDinst-v184-x86.exe 2013-10-28 20:53 - 2009-12-11 11:39 - 00000000 ____D C:\Program Files\Samsung 2013-10-28 20:53 - 2009-12-11 11:35 - 00000000 ___HD C:\Program Files\InstallShield Installation Information 2013-10-28 18:37 - 2010-03-09 15:57 - 00000000 ____D C:\Users\Misiek\AppData\Roaming\uTorrent 2013-10-23 17:49 - 2013-09-17 08:34 - 00000000 ____D C:\Users\Misiek\Documents\Reklamacja z ustawy o niezgodności towaru 2013-10-20 19:41 - 2010-09-14 16:54 - 00000000 ____D C:\Users\Misiek\AppData\Roaming\vlc 2013-10-20 19:38 - 2013-10-20 19:38 - 00000000 ____D C:\Users\Misiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Screamer Radio 2013-10-18 23:13 - 2013-10-18 23:13 - 00000000 ____D C:\ProgramData\Oracle 2013-10-18 23:07 - 2013-10-18 23:07 - 00004734 _____ C:\windows\system32\jupdate-1.7.0_45-b18.log 2013-10-18 23:07 - 2013-10-18 23:07 - 00000000 ____D C:\Program Files\Common Files\Java 2013-10-18 23:07 - 2013-06-25 11:16 - 00000000 ____D C:\Program Files\Java 2013-10-17 22:25 - 2013-10-17 22:20 - 113255342 _____ C:\Users\Misiek\Downloads\Znak_Wód_Wielkich.rar 2013-10-14 20:33 - 2009-07-14 05:53 - 00032604 _____ C:\windows\Tasks\SCHEDLGU.TXT 2013-10-13 17:15 - 2013-09-30 13:35 - 00001001 _____ C:\Users\Misiek\AppData\Roaming\Rim.DesktopHelper.Exception.log 2013-10-13 17:15 - 2013-09-30 13:35 - 00000924 _____ C:\Users\Misiek\AppData\Roaming\Rim.Desktop.Exception.log 2013-10-11 21:23 - 2010-03-08 16:18 - 00000000 ____D C:\Users\Misiek 2013-10-09 18:51 - 2013-10-09 18:49 - 00000000 ____D C:\Users\Misiek\Downloads\topory z jeziora lednickiego 2013-10-08 22:15 - 2012-07-02 11:15 - 00000000 ____D C:\Users\Misiek\AppData\Roaming\Skype 2013-10-08 06:50 - 2013-10-18 23:07 - 00094632 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge.dll 2013-10-08 06:46 - 2013-10-18 23:07 - 00264616 _____ (Oracle Corporation) C:\windows\system32\javaws.exe 2013-10-08 06:46 - 2013-10-18 23:07 - 00175016 _____ (Oracle Corporation) C:\windows\system32\javaw.exe 2013-10-08 06:46 - 2013-10-18 23:07 - 00174504 _____ (Oracle Corporation) C:\windows\system32\java.exe 2013-10-03 20:42 - 2010-06-08 18:45 - 00000000 ____D C:\Program Files\Avago-HP 2013-10-03 19:57 - 2013-09-30 19:45 - 00023970 _____ C:\ads_err.adt 2013-10-03 19:57 - 2013-09-30 19:45 - 00005039 _____ C:\ads_err.adm 2013-10-03 19:57 - 2013-09-30 19:45 - 00003072 _____ C:\ads_err.adi 2013-10-03 19:53 - 2013-10-03 19:53 - 00001853 _____ C:\Users\Public\Desktop\BlackBerry Desktop Software.lnk 2013-10-03 19:53 - 2013-10-03 19:53 - 00000000 ____D C:\Users\Misiek\AppData\Roaming\Research In Motion 2013-10-03 19:53 - 2013-09-30 13:35 - 00000000 ____D C:\Users\Misiek\AppData\Local\Research In Motion 2013-10-03 19:53 - 2013-09-30 13:34 - 00003084 _____ C:\Users\Misiek\AppData\Roaming\Rim.Desktop.HttpServerSetup.log 2013-10-03 19:52 - 2013-10-03 19:52 - 00000000 ____D C:\ProgramData\Research In Motion 2013-10-03 19:52 - 2013-09-30 13:34 - 00000000 ____D C:\Program Files\Common Files\XCPCSync.OEM 2013-10-03 19:52 - 2013-09-30 13:34 - 00000000 ____D C:\Program Files\Common Files\Research In Motion 2013-10-03 19:37 - 2013-10-03 19:37 - 00000000 ____D C:\Program Files\RapidHorse 2013-10-03 17:43 - 2010-03-09 21:11 - 00000000 ____D C:\Users\Misiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2013-10-03 15:22 - 2010-09-27 19:40 - 00000000 ____D C:\Users\Misiek\Documents\Pliki programu Outlook Some content of TEMP: ==================== C:\Users\Misiek\AppData\Local\Temp\ntdll_dump.dll C:\Users\Misiek\AppData\Local\Temp\Quarantine.exe C:\Users\Misiek\AppData\Local\Temp\t.dll ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-10-31 12:49 ==================== End Of Log ============================