Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-12-2013 Ran by asiaarek (administrator) on MASZYNA on 02-12-2013 00:51:51 Running from C:\Users\asiaarek\Desktop\leczenie Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Polish Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) =================== (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgwdsvc.exe (Wacom Technology, Corp.) C:\Windows\System32\Pen_Tablet.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe (Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (VIA) C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgtray.exe (Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe () C:\Program Files\Mobogenie\DaemonProcess.exe () C:\Users\asiaarek\AppData\Roaming\minerd\bfgminer.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\audiodg.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe (Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe (Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] () HKLM\...\Run: [HDAudDeck] - C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [1701888 2009-10-28] (VIA) HKLM\...\Run: [AVG_TRAY] - C:\Program Files\AVG\AVG2012\avgtray.exe [2598520 2012-11-19] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM\...\Run: [SunJavaUpdateSched] - "C:\Program Files\Common Files\Java\Java Update\jusched.exe" HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation) HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.) HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [500208 2010-03-06] (Adobe Systems Incorporated) HKLM\...\Run: [Bonus.SSR.FR11] - C:\Program Files\ABBYY FineReader 11\Bonus.ScreenshotReader.exe [925960 2011-08-30] (ABBYY.) HKLM\...\Run: [BambooCore] - C:\Program Files\Bamboo Dock\BambooCore.exe HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\hpwuSchd2.exe [54840 2007-05-08] (Hewlett-Packard) HKLM\...\Run: [hpqSRMon] - C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe [150528 2008-07-22] (Hewlett-Packard) HKLM\...\Run: [TrojanScanner] - C:\Program Files\Trojan Remover\Trjscan.exe [1655568 2013-07-19] (Simply Super Software) HKLM\...\Run: [mobilegeni daemon] - C:\Program Files\Mobogenie\DaemonProcess.exe [746176 2013-10-30] () HKLM\...\Policies\Explorer\Run: [5087] - c:\progra~2\dxnursf.exe No File HKCU\...\Run: [Real Desktop] - "C:\Program Files\Real Desktop\Real Desktop.exe" HKCU\...\Run: [minerd] - "C:\Users\asiaarek\AppData\Roaming\minerd\nircmd.exe" exec hide "C:\Users\asiaarek\AppData\Roaming\minerd\start.bat" HKCU\...\Run: [Screen Saver Pro 3.1] - C:\Users\asiaarek\AppData\Roaming\ScreenSaverPro.scr HKCU\...\Run: [Gvlalg] - C:\Users\asiaarek\AppData\Roaming\Microsoft\Gvlalg.exe HKCU\...\Winlogon: [Shell] explorer.exe [2616320 2013-03-14] (Microsoft Corporation) <==== ATTENTION HKCU\...\Policies\Explorer\Run: [Windows Update] - "C:\Users\asiaarek\AppData\Roaming\Identities\obymc\obymc.exe" -shell No File MountPoints2: G - G:\Botanicula.exe MountPoints2: {008cd1a4-1a5d-11e3-9660-806e6f6e6963} - G:\Bin\Assetup.exe MountPoints2: {cbe9dd0d-2776-11e3-83f6-20cf30b28f59} - H:\autorun.exe BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www2.delta-search.com/?babsrc=HP_ss&mntrId=D0DB20CF30B28F59&affID=119357&tsp=5003 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x4A2B7EE86FAECE01 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.haokan123.com/ SearchScopes: HKCU - DefaultScope {6E71E502-B218-4259-86C5-CED6E6306E6C} URL = http://www.baidu.com/baidu?cl=3&tn=firefoxcn_dg&word={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding} SearchScopes: HKCU - {05046B93-CC41-4CF5-84CF-3AC3004B22A7} URL = http://www.google.cn/cse?cx=partner-pub-0166105436203332:pzdukf-nfb1&cr=&ie=UTF-8&hl=zh-CN&sa=%E6%90%9C%E5%B0%8B&q={searchTerms} SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=D0DB20CF30B28F59&affID=119357&tsp=5003 SearchScopes: HKCU - {5FE67395-2944-4724-8C8F-9F17F3F1B57E} URL = SearchScopes: HKCU - {6E71E502-B218-4259-86C5-CED6E6306E6C} URL = http://www.baidu.com/baidu?cl=3&tn=firefoxcn_dg&word={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding} BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.) BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: IEPluginBHO Class - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\asiaarek\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.) BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.) Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Users\asiaarek\AppData\Roaming\Mozilla\Firefox\Profiles\8ev0f9ou.default FF user.js: detected! => C:\Users\asiaarek\AppData\Roaming\Mozilla\Firefox\Profiles\8ev0f9ou.default\user.js FF Homepage: hxxp://www.google.pl/ FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_152.dll () FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF Extension: s3google - C:\Users\asiaarek\AppData\Roaming\Mozilla\Firefox\Profiles\8ev0f9ou.default\Extensions\s3google@translator.xpi FF Extension: Adblock Plus - C:\Users\asiaarek\AppData\Roaming\Mozilla\Firefox\Profiles\8ev0f9ou.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi FF HKLM\...\Firefox\Extensions: [{F53C93F1-07D5-430c-86D4-C9531B27DFAF}] - C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ FF Extension: AVG Do Not Track - C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 Chrome: ======= CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\31.0.1650.57\pdf.dll () CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll No File CHR Extension: (Docs) - C:\Users\asiaarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0 CHR Extension: (Google Drive) - C:\Users\asiaarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0 CHR Extension: (YouTube) - C:\Users\asiaarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0 CHR Extension: (Google Search) - C:\Users\asiaarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0 CHR Extension: (Delta Toolbar) - C:\Users\asiaarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.4_0 CHR Extension: (Minibar ) - C:\Users\asiaarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpcknfcdcgpffjddjeceioobdelceffo\2.0.1_0 CHR Extension: (Chrome In-App Payments service) - C:\Users\asiaarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0 CHR Extension: (Gmail) - C:\Users\asiaarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\Program Files\AVG\AVG2012\Chrome\donottrack.crx ========================== Services (Whitelisted) ================= S2 avgfws; C:\Program Files\AVG\AVG2012\avgfws.exe [2321560 2012-12-05] (AVG Technologies CZ, s.r.o.) S2 AVGIDSAgent; C:\Program Files\AVG\AVG2012\avgidsagent.exe [5175856 2013-10-16] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [193288 2012-02-14] (AVG Technologies CZ, s.r.o.) R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [528256 2012-12-11] (Wacom Technology, Corp.) ==================== Drivers (Whitelisted) ==================== R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6x.sys [47968 2011-05-23] (AVG Technologies CZ, s.r.o.) R3 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [142176 2012-12-10] (AVG Technologies CZ, s.r.o. ) R3 AVGIDSFilter; C:\Windows\System32\DRIVERS\avgidsfilterx.sys [24144 2011-12-23] (AVG Technologies CZ, s.r.o. ) R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [24896 2012-04-19] (AVG Technologies CZ, s.r.o. ) R3 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [17232 2011-12-23] (AVG Technologies CZ, s.r.o. ) R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [250080 2012-11-08] (AVG Technologies CZ, s.r.o.) R1 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [41040 2011-12-23] (AVG Technologies CZ, s.r.o.) R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [31952 2012-01-31] (AVG Technologies CZ, s.r.o.) R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [302368 2013-04-11] (AVG Technologies CZ, s.r.o.) S3 hidkmdf; C:\Windows\System32\DRIVERS\hidkmdf.sys [11680 2012-12-03] (Windows (R) Win 7 DDK provider) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [13216 2009-07-16] () R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1102848 2009-10-21] (VIA Technologies, Inc.) S3 WacHidRouter; C:\Windows\System32\DRIVERS\wachidrouter.sys [70048 2012-12-03] (Wacom Technology) S3 wacomrouterfilter; C:\Windows\System32\DRIVERS\wacomrouterfilter.sys [13728 2012-11-15] (Wacom Technology) S3 wacommousefilter; system32\DRIVERS\wacommousefilter.sys [x] S3 wacomvhid; system32\DRIVERS\wacomvhid.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-12-02 00:51 - 2013-12-02 00:51 - 00000000 ____D C:\FRST 2013-12-02 00:17 - 2013-12-02 00:20 - 00000764 _____ C:\Users\asiaarek\Desktop\Nowy dokument tekstowy.txt 2013-12-02 00:11 - 2013-12-02 00:51 - 00000000 ____D C:\Users\asiaarek\Desktop\leczenie 2013-12-01 22:36 - 2013-12-01 22:38 - 00000447 _____ C:\Windows\WINCMD.INI 2013-11-29 01:45 - 2013-11-29 01:45 - 00001876 _____ C:\Users\asiaarek\AppData\Local\recently-used.xbel 2013-11-29 00:25 - 2013-11-29 00:25 - 00000968 _____ C:\Users\Public\Desktop\Photo to Sketch.lnk 2013-11-29 00:25 - 2013-11-29 00:25 - 00000000 ____D C:\Program Files\Photo to Sketch 2013-11-29 00:19 - 2013-11-29 00:20 - 00000000 ____D C:\Users\asiaarek\AppData\Roaming\GlarySoft 2013-11-29 00:19 - 2013-11-29 00:19 - 00001064 _____ C:\Users\asiaarek\Desktop\Absolute Uninstaller.lnk 2013-11-28 23:47 - 2013-11-28 23:47 - 00000000 ____D C:\Users\asiaarek\AppData\Roaming\Simply Super Software 2013-11-28 23:46 - 2013-11-29 00:07 - 00000000 ____D C:\Users\asiaarek\AppData\Local\Mobogenie 2013-11-28 23:46 - 2013-11-28 23:46 - 00000000 ____D C:\Users\asiaarek\Documents\Simply Super Software 2013-11-28 23:46 - 2013-11-28 23:46 - 00000000 ____D C:\Users\asiaarek\Documents\Mobogenie 2013-11-28 23:46 - 2013-11-28 23:46 - 00000000 ____D C:\Users\asiaarek\.android 2013-11-28 23:46 - 2013-11-28 23:46 - 00000000 _____ C:\Users\asiaarek\daemonprocess.txt 2013-11-28 23:45 - 2013-11-28 23:46 - 00000000 ____D C:\Program Files\Mobogenie 2013-11-28 23:45 - 2013-11-28 23:45 - 25393424 _____ (Simply Super Software ) C:\Users\asiaarek\Downloads\Trojan Remover 6.8.8.2623.exe 2013-11-28 23:45 - 2013-11-28 23:45 - 00001037 _____ C:\Users\Public\Desktop\Trojan Remover.lnk 2013-11-28 23:45 - 2013-11-28 23:45 - 00000000 ____D C:\ProgramData\Simply Super Software 2013-11-28 23:45 - 2013-11-28 23:45 - 00000000 ____D C:\Program Files\Trojan Remover 2013-11-28 22:04 - 2013-11-28 22:04 - 00002317 _____ C:\Users\asiaarek\Desktop\KLUCZE DO AVG INTERNET SECURITY.txt 2013-11-28 21:11 - 2013-11-28 23:53 - 00096768 _____ (Logetyv Corp ©) C:\Users\asiaarek\AppData\Roaming\c731200 2013-11-28 20:56 - 2013-11-28 20:58 - 00000000 ____D C:\Users\asiaarek\Desktop\Sabaton - Swedish Empire Live (2013) 2013-11-28 19:31 - 2013-11-28 21:23 - 00000000 ____D C:\Users\asiaarek\Desktop\Znachor (1981) 2013-11-28 19:30 - 2013-11-28 21:07 - 734720000 _____ C:\Users\asiaarek\Desktop\Profesor Wilczur.avi 2013-11-28 19:11 - 2013-11-28 19:11 - 00000314 _____ C:\Windows\Tasks\WebReg HP Deskjet F4200 series.job 2013-11-27 21:28 - 2013-11-28 00:20 - 00000000 ___RD C:\Users\asiaarek\Desktop\Asi 2013-11-27 19:31 - 2013-11-27 19:30 - 00389947 _____ C:\Users\asiaarek\Downloads\NokiaFREEUnlockCalculator_downloader_by_NokiaFREEUnlockCalculator.exe 2013-11-25 18:14 - 2013-12-01 05:24 - 00000000 ____D C:\Users\asiaarek\AppData\Roaming\AIMP 2013-11-25 18:14 - 2013-11-25 18:14 - 00000921 _____ C:\Users\Public\Desktop\AIMP2.lnk 2013-11-25 18:14 - 2013-11-25 18:14 - 00000000 ____D C:\Program Files\AIMP2 2013-11-22 14:59 - 2013-11-22 15:00 - 00280704 _____ C:\Windows\msxml4-KB973688-enu.LOG 2013-11-22 01:52 - 2013-11-22 01:52 - 00282654 _____ C:\Windows\msxml4-KB954430-enu.LOG 2013-11-22 01:52 - 2013-11-22 01:52 - 00000000 ____D C:\Program Files\MSXML 4.0 2013-11-20 18:59 - 2013-11-25 18:09 - 00000000 ____D C:\Program Files\AIMP3 2013-11-20 18:54 - 2013-11-20 18:54 - 00000000 ____D C:\Users\asiaarek\AppData\Local\HP 2013-11-20 18:53 - 2013-11-20 18:53 - 00000000 ____D C:\ProgramData\WEBREG 2013-11-20 18:40 - 2013-11-20 18:54 - 00000000 ____D C:\Users\asiaarek\AppData\Roaming\HP 2013-11-20 18:38 - 2013-11-20 18:38 - 00002125 _____ C:\Users\Public\Desktop\HP Photosmart Essential 3.5.lnk 2013-11-20 18:37 - 2013-11-20 18:37 - 00001347 _____ C:\Users\Public\Desktop\Centrum obsługi HP.lnk 2013-11-20 18:37 - 2013-11-20 18:37 - 00001183 _____ C:\Users\Public\Desktop\Zakup materiałów eksploatacyjnych HP.lnk 2013-11-20 18:37 - 2013-11-20 18:37 - 00000000 ____D C:\ProgramData\HP Product Assistant 2013-11-20 18:36 - 2013-11-20 18:37 - 00000000 ____D C:\Program Files\HP 2013-11-20 18:36 - 2013-11-20 18:36 - 00000000 ____D C:\Program Files\Common Files\HP 2013-11-20 18:36 - 2013-11-20 18:36 - 00000000 ____D C:\Program Files\Common Files\Hewlett-Packard 2013-11-20 18:35 - 2013-11-20 18:53 - 00172929 _____ C:\Windows\hpoins28.dat 2013-11-20 18:35 - 2009-10-08 02:51 - 00000442 ____N C:\Windows\hpomdl28.dat 2013-11-20 18:35 - 2009-07-08 11:51 - 00729088 _____ (Hewlett-Packard) C:\Windows\system32\hpowiax7.dll 2013-11-20 18:35 - 2009-07-08 11:51 - 00581632 _____ (Hewlett-Packard Co.) C:\Windows\system32\hpotscl6.dll 2013-11-20 18:35 - 2009-07-08 11:51 - 00452408 _____ (Hewlett-Packard) C:\Windows\system32\hpzids01.dll 2013-11-20 18:35 - 2009-07-08 11:51 - 00372736 _____ (Hewlett-Packard) C:\Windows\system32\hppldcoi.dll 2013-11-20 18:35 - 2009-07-08 11:51 - 00303104 _____ (Hewlett-Packard Co.) C:\Windows\system32\hpovst15.dll 2013-11-20 17:31 - 2013-11-20 18:53 - 00001830 _____ C:\ProgramData\hpzinstall.log 2013-11-20 17:31 - 2013-11-20 18:48 - 00000000 ____D C:\ProgramData\HP 2013-11-18 00:54 - 2013-11-27 20:58 - 00009728 _____ C:\Users\asiaarek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-11-18 00:46 - 2013-11-18 00:46 - 00000000 ____D C:\Users\asiaarek\AppData\Roaming\Boomzap 2013-11-18 00:30 - 2013-11-21 21:28 - 00000000 ____D C:\Users\asiaarek\AppData\Local\ACD Systems 2013-11-18 00:30 - 2013-11-18 00:30 - 00000000 ____D C:\Users\asiaarek\AppData\Roaming\ACD Systems 2013-11-18 00:06 - 2013-11-18 00:06 - 00000023 _____ C:\Users\asiaarek\AppData\Local\Apps\T3.txt 2013-11-18 00:06 - 2013-11-18 00:06 - 00000000 ____D C:\Users\asiaarek\AppData\Local\Hippo Studios 2013-11-17 23:30 - 2013-11-17 23:45 - 00000000 ____D C:\Program Files\Common Files\ACD Systems 2013-11-17 23:30 - 2013-11-17 23:30 - 00002859 _____ C:\Users\Public\Desktop\ACDSee Pro 3.lnk 2013-11-17 23:30 - 2013-11-17 23:30 - 00000000 ____D C:\ProgramData\ACD Systems 2013-11-17 23:30 - 2013-11-17 23:30 - 00000000 ____D C:\Program Files\ACD Systems 2013-11-17 23:28 - 2013-11-17 23:28 - 00000000 ____D C:\Users\asiaarek\AppData\Local\Downloaded Installations 2013-11-17 22:43 - 2013-11-17 22:43 - 00000000 ____D C:\ProgramData\McAfee 2013-11-17 21:50 - 2013-11-17 22:17 - 00000000 ____D C:\Users\asiaarek\Desktop\ACDSee.Pro.3.0.355.(ENG)+PL 2013-11-17 21:45 - 2013-11-17 22:39 - 00000000 ____D C:\Users\asiaarek\Desktop\Windows.XP.X64.SP2.PL.2013.TnT.by.CCC 2013-11-17 21:19 - 2013-11-17 21:19 - 00000000 ____D C:\Users\asiaarek\Desktop\HippoAnimator3 2013-11-15 16:02 - 2013-11-15 16:02 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software 2013-11-15 16:02 - 2013-11-15 16:02 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software 2013-11-15 03:02 - 2013-10-12 08:04 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-11-15 03:02 - 2013-10-12 08:03 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-11-15 03:02 - 2013-10-12 08:03 - 01138176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-11-15 03:02 - 2013-10-12 08:02 - 14355968 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-11-15 03:02 - 2013-10-12 08:02 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-11-15 03:02 - 2013-10-12 08:02 - 02877952 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-11-15 03:02 - 2013-10-12 08:02 - 02049024 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-11-15 03:02 - 2013-10-12 08:02 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-11-15 03:02 - 2013-10-12 08:02 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-11-15 03:02 - 2013-10-12 08:02 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-11-15 03:02 - 2013-10-12 08:02 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-11-15 03:02 - 2013-10-12 08:02 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-11-15 03:02 - 2013-10-12 08:02 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-11-15 03:02 - 2013-10-12 08:02 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-11-15 03:02 - 2013-10-12 07:08 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-11-15 03:02 - 2013-10-12 06:15 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-11-14 06:38 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2013-11-14 06:38 - 2013-10-12 03:01 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2013-11-14 06:38 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2013-11-14 06:38 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2013-11-14 06:38 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll 2013-11-14 06:38 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2013-11-14 06:38 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll 2013-11-14 06:38 - 2013-10-03 02:58 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2013-11-14 06:38 - 2013-09-25 03:01 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2013-11-14 06:38 - 2013-09-25 03:01 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2013-11-14 06:38 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2013-11-14 06:38 - 2013-09-25 02:57 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2013-11-14 06:38 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2013-11-14 06:38 - 2013-09-25 02:56 - 01038848 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2013-11-14 06:38 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2013-11-14 06:38 - 2013-09-25 01:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2013-11-14 06:38 - 2013-09-25 01:49 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2013-11-14 06:38 - 2013-07-04 13:16 - 00369848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2013-11-11 16:41 - 2013-11-11 17:02 - 00000000 ____D C:\Users\asiaarek\AppData\Roaming\BloodTies 2013-11-11 14:36 - 2013-11-11 17:07 - 00000000 ____D C:\Program Files\Alawar.pl 2013-11-11 11:31 - 2013-11-11 11:31 - 00000000 ____D C:\Users\asiaarek\AppData\Roaming\GO Games 2013-11-11 10:46 - 2013-11-11 10:46 - 00000000 ____D C:\Users\asiaarek\Documents\My Games 2013-11-10 16:02 - 2013-11-10 16:02 - 00000000 ____D C:\Users\asiaarek\AppData\Roaming\Friday's games 2013-11-08 18:42 - 2013-11-08 18:42 - 00113543 _____ C:\Windows\system32\slmgr.vbs 2013-11-04 17:23 - 2013-11-04 17:23 - 00000000 ____D C:\Users\asiaarek\AppData\Roaming\HotLava 2013-11-02 02:15 - 2013-11-02 02:15 - 00286720 ____N (Microsoft Corporation) C:\Windows\Setup1.exe 2013-11-02 02:15 - 2013-11-02 02:15 - 00073216 _____ (Microsoft Corporation) C:\Windows\ST6UNST.EXE 2013-11-02 02:13 - 2013-11-03 03:09 - 00000000 ____D C:\Program Files\INTERIAPL ==================== One Month Modified Files and Folders ======= 2013-12-02 00:51 - 2013-12-02 00:51 - 00000000 ____D C:\FRST 2013-12-02 00:51 - 2013-12-02 00:11 - 00000000 ____D C:\Users\asiaarek\Desktop\leczenie 2013-12-02 00:51 - 2009-07-14 05:39 - 33614241 _____ C:\Windows\setupact.log 2013-12-02 00:35 - 2013-09-10 22:10 - 01260592 _____ C:\Windows\WindowsUpdate.log 2013-12-02 00:27 - 2013-09-10 23:01 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-12-02 00:20 - 2013-12-02 00:17 - 00000764 _____ C:\Users\asiaarek\Desktop\Nowy dokument tekstowy.txt 2013-12-02 00:12 - 2013-09-14 16:23 - 00000000 ___RD C:\Users\asiaarek\Desktop\arka podreczne 2013-12-02 00:11 - 2013-09-12 16:55 - 00001040 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-12-02 00:08 - 2013-09-10 22:58 - 00000000 ____D C:\Windows\system32\Drivers\AVG 2013-12-02 00:04 - 2013-09-17 23:04 - 00000206 _____ C:\Windows\Tasks\AutoKMSDaily.job 2013-12-01 22:38 - 2013-12-01 22:36 - 00000447 _____ C:\Windows\WINCMD.INI 2013-12-01 20:11 - 2013-09-12 16:55 - 00001036 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-12-01 18:42 - 2013-09-13 19:35 - 00000000 ____D C:\Users\asiaarek\AppData\Roaming\uTorrent 2013-12-01 15:52 - 2013-09-11 18:33 - 00000000 ____D C:\Program Files\Kmplayer Plus 2013-12-01 14:45 - 2013-09-17 23:04 - 00000206 _____ C:\Windows\Tasks\AutoKMS.job 2013-12-01 14:45 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-12-01 11:50 - 2013-09-19 16:35 - 00000000 ____D C:\Program Files\NAPI-PROJEKT 2013-12-01 05:24 - 2013-11-25 18:14 - 00000000 ____D C:\Users\asiaarek\AppData\Roaming\AIMP 2013-12-01 00:38 - 2011-04-12 06:08 - 00697674 _____ C:\Windows\system32\perfh015.dat 2013-12-01 00:38 - 2011-04-12 06:08 - 00134784 _____ C:\Windows\system32\perfc015.dat 2013-12-01 00:38 - 2010-11-20 22:01 - 01549696 _____ C:\Windows\system32\PerfStringBackup.INI 2013-11-29 07:28 - 2013-09-10 22:58 - 00000000 ____D C:\ProgramData\AVG2012 2013-11-29 01:45 - 2013-11-29 01:45 - 00001876 _____ C:\Users\asiaarek\AppData\Local\recently-used.xbel 2013-11-29 01:41 - 2013-09-27 23:39 - 00000720 _____ C:\Windows\Ulead32.ini 2013-11-29 01:05 - 2013-09-27 23:39 - 00000000 ____D C:\Windows\ULEAD.DAT 2013-11-29 00:25 - 2013-11-29 00:25 - 00000968 _____ C:\Users\Public\Desktop\Photo to Sketch.lnk 2013-11-29 00:25 - 2013-11-29 00:25 - 00000000 ____D C:\Program Files\Photo to Sketch 2013-11-29 00:20 - 2013-11-29 00:19 - 00000000 ____D C:\Users\asiaarek\AppData\Roaming\GlarySoft 2013-11-29 00:19 - 2013-11-29 00:19 - 00001064 _____ C:\Users\asiaarek\Desktop\Absolute Uninstaller.lnk 2013-11-29 00:07 - 2013-11-28 23:46 - 00000000 ____D C:\Users\asiaarek\AppData\Local\Mobogenie 2013-11-28 23:53 - 2013-11-28 21:11 - 00096768 _____ (Logetyv Corp ©) C:\Users\asiaarek\AppData\Roaming\c731200 2013-11-28 23:52 - 2013-10-25 20:48 - 00000000 ___HD C:\Users\asiaarek\AppData\Roaming\pwo6 2013-11-28 23:51 - 2010-11-20 22:48 - 00015634 _____ C:\Windows\PFRO.log 2013-11-28 23:47 - 2013-11-28 23:47 - 00000000 ____D C:\Users\asiaarek\AppData\Roaming\Simply Super Software 2013-11-28 23:46 - 2013-11-28 23:46 - 00000000 ____D C:\Users\asiaarek\Documents\Simply Super Software 2013-11-28 23:46 - 2013-11-28 23:46 - 00000000 ____D C:\Users\asiaarek\Documents\Mobogenie 2013-11-28 23:46 - 2013-11-28 23:46 - 00000000 ____D C:\Users\asiaarek\.android 2013-11-28 23:46 - 2013-11-28 23:46 - 00000000 _____ C:\Users\asiaarek\daemonprocess.txt 2013-11-28 23:46 - 2013-11-28 23:45 - 00000000 ____D C:\Program Files\Mobogenie 2013-11-28 23:46 - 2013-09-18 00:25 - 00000000 ____D C:\Users\asiaarek\AppData\Local\cache 2013-11-28 23:46 - 2013-09-10 22:15 - 00000000 ____D C:\Users\asiaarek 2013-11-28 23:45 - 2013-11-28 23:45 - 25393424 _____ (Simply Super Software ) C:\Users\asiaarek\Downloads\Trojan Remover 6.8.8.2623.exe 2013-11-28 23:45 - 2013-11-28 23:45 - 00001037 _____ C:\Users\Public\Desktop\Trojan Remover.lnk 2013-11-28 23:45 - 2013-11-28 23:45 - 00000000 ____D C:\ProgramData\Simply Super Software 2013-11-28 23:45 - 2013-11-28 23:45 - 00000000 ____D C:\Program Files\Trojan Remover 2013-11-28 23:15 - 2013-10-13 08:26 - 00000000 ____D C:\Program Files\Bamboo Dock 2013-11-28 22:04 - 2013-11-28 22:04 - 00002317 _____ C:\Users\asiaarek\Desktop\KLUCZE DO AVG INTERNET SECURITY.txt 2013-11-28 21:23 - 2013-11-28 19:31 - 00000000 ____D C:\Users\asiaarek\Desktop\Znachor (1981) 2013-11-28 21:16 - 2013-09-29 00:25 - 00000000 ____D C:\Users\asiaarek\AppData\Roaming\Dropbox 2013-11-28 21:11 - 2009-07-14 05:34 - 00027696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-11-28 21:11 - 2009-07-14 05:34 - 00027696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-11-28 21:07 - 2013-11-28 19:30 - 734720000 _____ C:\Users\asiaarek\Desktop\Profesor Wilczur.avi 2013-11-28 20:58 - 2013-11-28 20:56 - 00000000 ____D C:\Users\asiaarek\Desktop\Sabaton - Swedish Empire Live (2013) 2013-11-28 19:11 - 2013-11-28 19:11 - 00000314 _____ C:\Windows\Tasks\WebReg HP Deskjet F4200 series.job 2013-11-28 00:20 - 2013-11-27 21:28 - 00000000 ___RD C:\Users\asiaarek\Desktop\Asi 2013-11-27 20:58 - 2013-11-18 00:54 - 00009728 _____ C:\Users\asiaarek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-11-27 19:30 - 2013-11-27 19:31 - 00389947 _____ C:\Users\asiaarek\Downloads\NokiaFREEUnlockCalculator_downloader_by_NokiaFREEUnlockCalculator.exe 2013-11-25 18:14 - 2013-11-25 18:14 - 00000921 _____ C:\Users\Public\Desktop\AIMP2.lnk 2013-11-25 18:14 - 2013-11-25 18:14 - 00000000 ____D C:\Program Files\AIMP2 2013-11-25 18:09 - 2013-11-20 18:59 - 00000000 ____D C:\Program Files\AIMP3 2013-11-22 15:00 - 2013-11-22 14:59 - 00280704 _____ C:\Windows\msxml4-KB973688-enu.LOG 2013-11-22 01:52 - 2013-11-22 01:52 - 00282654 _____ C:\Windows\msxml4-KB954430-enu.LOG 2013-11-22 01:52 - 2013-11-22 01:52 - 00000000 ____D C:\Program Files\MSXML 4.0 2013-11-21 21:28 - 2013-11-18 00:30 - 00000000 ____D C:\Users\asiaarek\AppData\Local\ACD Systems 2013-11-21 16:43 - 2009-07-14 05:33 - 04403528 _____ C:\Windows\system32\FNTCACHE.DAT 2013-11-20 18:54 - 2013-11-20 18:54 - 00000000 ____D C:\Users\asiaarek\AppData\Local\HP 2013-11-20 18:54 - 2013-11-20 18:40 - 00000000 ____D C:\Users\asiaarek\AppData\Roaming\HP 2013-11-20 18:53 - 2013-11-20 18:53 - 00000000 ____D C:\ProgramData\WEBREG 2013-11-20 18:53 - 2013-11-20 18:35 - 00172929 _____ C:\Windows\hpoins28.dat 2013-11-20 18:53 - 2013-11-20 17:31 - 00001830 _____ C:\ProgramData\hpzinstall.log 2013-11-20 18:48 - 2013-11-20 17:31 - 00000000 ____D C:\ProgramData\HP 2013-11-20 18:48 - 2009-07-14 03:04 - 00000513 _____ C:\Windows\win.ini 2013-11-20 18:40 - 2013-09-10 22:20 - 00401232 _____ C:\Users\asiaarek\AppData\Local\GDIPFONTCACHEV1.DAT 2013-11-20 18:38 - 2013-11-20 18:38 - 00002125 _____ C:\Users\Public\Desktop\HP Photosmart Essential 3.5.lnk 2013-11-20 18:37 - 2013-11-20 18:37 - 00001347 _____ C:\Users\Public\Desktop\Centrum obsługi HP.lnk 2013-11-20 18:37 - 2013-11-20 18:37 - 00001183 _____ C:\Users\Public\Desktop\Zakup materiałów eksploatacyjnych HP.lnk 2013-11-20 18:37 - 2013-11-20 18:37 - 00000000 ____D C:\ProgramData\HP Product Assistant 2013-11-20 18:37 - 2013-11-20 18:36 - 00000000 ____D C:\Program Files\HP 2013-11-20 18:36 - 2013-11-20 18:36 - 00000000 ____D C:\Program Files\Common Files\HP 2013-11-20 18:36 - 2013-11-20 18:36 - 00000000 ____D C:\Program Files\Common Files\Hewlett-Packard 2013-11-20 18:36 - 2009-07-14 05:52 - 00000000 ____D C:\Windows\twain_32 2013-11-18 00:46 - 2013-11-18 00:46 - 00000000 ____D C:\Users\asiaarek\AppData\Roaming\Boomzap 2013-11-18 00:40 - 2013-10-11 20:52 - 00000000 ____D C:\Users\asiaarek\AppData\Local\ChomikBox 2013-11-18 00:39 - 2013-10-11 20:52 - 00000000 ____D C:\Users\asiaarek\.gstreamer-0.10 2013-11-18 00:30 - 2013-11-18 00:30 - 00000000 ____D C:\Users\asiaarek\AppData\Roaming\ACD Systems 2013-11-18 00:06 - 2013-11-18 00:06 - 00000023 _____ C:\Users\asiaarek\AppData\Local\Apps\T3.txt 2013-11-18 00:06 - 2013-11-18 00:06 - 00000000 ____D C:\Users\asiaarek\AppData\Local\Hippo Studios 2013-11-17 23:45 - 2013-11-17 23:30 - 00000000 ____D C:\Program Files\Common Files\ACD Systems 2013-11-17 23:30 - 2013-11-17 23:30 - 00002859 _____ C:\Users\Public\Desktop\ACDSee Pro 3.lnk 2013-11-17 23:30 - 2013-11-17 23:30 - 00000000 ____D C:\ProgramData\ACD Systems 2013-11-17 23:30 - 2013-11-17 23:30 - 00000000 ____D C:\Program Files\ACD Systems 2013-11-17 23:28 - 2013-11-17 23:28 - 00000000 ____D C:\Users\asiaarek\AppData\Local\Downloaded Installations 2013-11-17 22:44 - 2013-09-10 23:00 - 00000000 ____D C:\Users\asiaarek\AppData\Local\Adobe 2013-11-17 22:43 - 2013-11-17 22:43 - 00000000 ____D C:\ProgramData\McAfee 2013-11-17 22:43 - 2013-09-10 23:01 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2013-11-17 22:43 - 2013-09-10 23:01 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2013-11-17 22:39 - 2013-11-17 21:45 - 00000000 ____D C:\Users\asiaarek\Desktop\Windows.XP.X64.SP2.PL.2013.TnT.by.CCC 2013-11-17 22:17 - 2013-11-17 21:50 - 00000000 ____D C:\Users\asiaarek\Desktop\ACDSee.Pro.3.0.355.(ENG)+PL 2013-11-17 21:19 - 2013-11-17 21:19 - 00000000 ____D C:\Users\asiaarek\Desktop\HippoAnimator3 2013-11-17 18:52 - 2013-10-11 21:17 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR 2013-11-17 18:24 - 2013-09-12 16:56 - 00002135 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2013-11-16 07:25 - 2013-09-10 22:56 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2013-11-15 22:55 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache 2013-11-15 19:26 - 2013-10-02 16:40 - 00000000 ____D C:\Program Files\Mozilla Firefox 2013-11-15 16:02 - 2013-11-15 16:02 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software 2013-11-15 16:02 - 2013-11-15 16:02 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software 2013-11-15 16:02 - 2013-09-10 22:58 - 00000965 _____ C:\Users\Public\Desktop\AVG 2012.lnk 2013-11-15 16:02 - 2013-09-10 22:55 - 00000000 ____D C:\ProgramData\MFAData 2013-11-15 07:03 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\pl-PL 2013-11-15 03:04 - 2013-09-17 22:52 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-11-15 03:02 - 2013-09-10 22:32 - 00000000 ____D C:\Windows\system32\MRT 2013-11-15 03:00 - 2013-09-10 22:32 - 80340640 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-11-11 17:07 - 2013-11-11 14:36 - 00000000 ____D C:\Program Files\Alawar.pl 2013-11-11 17:02 - 2013-11-11 16:41 - 00000000 ____D C:\Users\asiaarek\AppData\Roaming\BloodTies 2013-11-11 11:31 - 2013-11-11 11:31 - 00000000 ____D C:\Users\asiaarek\AppData\Roaming\GO Games 2013-11-11 10:46 - 2013-11-11 10:46 - 00000000 ____D C:\Users\asiaarek\Documents\My Games 2013-11-10 16:02 - 2013-11-10 16:02 - 00000000 ____D C:\Users\asiaarek\AppData\Roaming\Friday's games 2013-11-08 18:42 - 2013-11-08 18:42 - 00113543 _____ C:\Windows\system32\slmgr.vbs 2013-11-08 17:47 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF 2013-11-05 18:58 - 2013-10-07 18:43 - 00000000 ____D C:\Users\asiaarek\AppData\Local\Microsoft Games 2013-11-04 17:23 - 2013-11-04 17:23 - 00000000 ____D C:\Users\asiaarek\AppData\Roaming\HotLava 2013-11-03 03:09 - 2013-11-02 02:13 - 00000000 ____D C:\Program Files\INTERIAPL 2013-11-02 09:28 - 2013-10-11 22:32 - 00000000 ____D C:\ProgramData\AlawarWrapper 2013-11-02 02:15 - 2013-11-02 02:15 - 00286720 ____N (Microsoft Corporation) C:\Windows\Setup1.exe 2013-11-02 02:15 - 2013-11-02 02:15 - 00073216 _____ (Microsoft Corporation) C:\Windows\ST6UNST.EXE Some content of TEMP: ==================== C:\Users\asiaarek\AppData\Local\Temp\AAINLIB.DLL C:\Users\asiaarek\AppData\Local\Temp\AskSLib.dll C:\Users\asiaarek\AppData\Local\Temp\bitool.dll C:\Users\asiaarek\AppData\Local\Temp\drm_dialogs.dll C:\Users\asiaarek\AppData\Local\Temp\drm_dyndata_7350007.dll ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll [2010-11-20 22:29] - [2013-09-10 22:20] - 0811520 ____A (Microsoft Corporation) 8626F0C30D4E3564FFDD25C90F4426F1 C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-11-30 18:29 ==================== End Of Log ============================