Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-04-2014 01 Ran by Ela (administrator) on MONIKA-PC on 12-04-2014 22:46:43 Running from C:\Users\Ela\Desktop\logi Microsoft® Windows Vista™ Home Basic Service Pack 1 (X86) OS Language: Polish Internet Explorer Version 7 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (Microsoft Corporation) C:\Windows\system32\SLsvc.exe (Teruten) C:\Windows\system32\FsUsbExService.Exe (Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe (Prolific Technology Inc.) C:\Windows\system32\IoctlSvc.exe (Fujitsu Technology Solutions) C:\Program Files\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe (WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe () C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe () C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Fujitsu Technology Solutions) C:\Program Files\Fujitsu OSD Utility\OSDUtility.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Microsoft Corporation) C:\Windows\system32\wuauclt.exe (Intel Corporation) C:\Windows\system32\igfxsrvc.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\system32\conime.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation) HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [6609440 2008-10-31] (Realtek Semiconductor) HKLM\...\Run: [Fujitsu OSD Utility] - C:\Program Files\Fujitsu OSD Utility\OSDUtility.exe [733184 2009-04-03] (Fujitsu Technology Solutions) HKU\.DEFAULT\...\Run: [Picasa Media Detector] - C:\Program Files\Picasa2\PicasaMediaDetector.exe [443968 2008-02-26] (Google Inc.) HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.pl/ HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=FUJD&bmod=FUJD SearchScopes: HKLM - DefaultScope value is missing. BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab DPF: {CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\Ela\AppData\Roaming\Mozilla\Firefox\Profiles\ud3u6sja.default-1397334027563 FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll () FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.) FF Plugin: @java.com/DTPlugin,version=10.11.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll No File FF Plugin: @java.com/JavaPlugin,version=10.11.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Ela\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) Chrome: ======= CHR HomePage: hxxp://www.google.com CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Ela\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.2.464\_platform_specific\win_x86\widevinecdmadapter.dll () CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\34.0.1847.116\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\34.0.1847.116\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) CHR Plugin: (Java(TM) Platform SE 7 U11) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) CHR Plugin: (Picasa) - C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.) CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Ela\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll () CHR Plugin: (Java Deployment Toolkit 7.0.110.21) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) CHR Extension: (Dysk Google) - C:\Users\Ela\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-08] CHR Extension: (YouTube) - C:\Users\Ela\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-08] CHR Extension: (Szukaj w Google) - C:\Users\Ela\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-08] CHR Extension: (Google Wallet) - C:\Users\Ela\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21] CHR Extension: (Gmail) - C:\Users\Ela\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-08] ========================== Services (Whitelisted) ================= R2 TestHandler; C:\Program Files\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe [341264 2009-02-19] (Fujitsu Technology Solutions) R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [237056 2010-09-08] (WDC) R2 WDFME; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [1034752 2010-09-08] () R2 WDSC; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [484352 2010-09-08] () ==================== Drivers (Whitelisted) ==================== S4 ahcix86s; C:\Windows\system32\drivers\ahcix86s.sys [173576 2008-05-27] (AMD Technologies Inc.) R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36640 2009-12-22] () S4 JRAID; C:\Windows\system32\drivers\jraid.sys [76688 2008-04-03] (JMicron Technology Corp.) S3 nokiacpo; C:\Windows\System32\DRIVERS\nokiacpo.sys [19968 2009-08-05] (Icera Inc.) S3 nokiappo; C:\Windows\System32\DRIVERS\nokiappo.sys [27648 2009-08-05] (Icera Inc.) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [466008 2013-01-23] (Duplex Secure Ltd.) S3 IpInIp; system32\DRIVERS\ipinip.sys [X] S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X] S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-04-12 22:22 - 2014-04-12 22:24 - 00000000 ____D () C:\AdwCleaner 2014-04-12 22:11 - 2014-04-12 22:21 - 00000000 ____D () C:\Program Files\VS Revo Group 2014-04-12 20:55 - 2014-04-12 22:46 - 00000000 ____D () C:\FRST 2014-04-12 19:57 - 2014-04-12 22:46 - 00000000 ____D () C:\Users\Ela\Desktop\logi 2014-04-12 19:52 - 2014-04-12 19:52 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-04-12 19:51 - 2014-04-12 19:51 - 00000865 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-04-12 19:51 - 2014-04-12 19:51 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-04-12 19:51 - 2014-04-12 19:51 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware 2014-04-12 19:51 - 2014-04-03 09:51 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-04-12 19:51 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-04-12 19:51 - 2014-04-03 09:50 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-04-11 15:43 - 2014-04-13 05:43 - 00000000 ____D () C:\2f5f2c55b3a59f517a823cff9a010f29 2014-04-11 15:43 - 2014-04-11 15:43 - 00000000 ____D () C:\Windows\system32\EventProviders 2014-04-11 15:28 - 2014-04-11 15:31 - 00000000 ____D () C:\Windows\system32\MRT 2014-04-11 15:14 - 2014-04-11 15:42 - 00002122 _____ () C:\Windows\epplauncher.mif 2014-04-11 15:08 - 2014-04-11 15:09 - 11270488 _____ (Microsoft Corporation) C:\Users\Ela\Downloads\mseinstall.exe 2014-04-11 14:48 - 2011-04-12 16:53 - 00890368 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2014-04-01 16:59 - 2014-04-01 16:59 - 00773120 _____ () C:\Users\Ela\Downloads\Wykaz ulic w obwodach szkół podstawowych.xls 2014-04-01 16:59 - 2014-04-01 16:59 - 00773120 _____ () C:\Users\Ela\Downloads\Wykaz ulic w obwodach szkół podstawowych (1).xls 2014-04-01 15:45 - 2014-04-01 16:18 - 00000000 ____D () C:\Users\Ela\Desktop\Nowy folder 2014-03-23 10:08 - 2010-04-27 16:19 - 01214976 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\athr.sys ==================== One Month Modified Files and Folders ======= 2014-04-13 05:43 - 2014-04-11 15:43 - 00000000 ____D () C:\2f5f2c55b3a59f517a823cff9a010f29 2014-04-13 05:43 - 2010-03-13 22:32 - 00000000 ____D () C:\Users\Ela 2014-04-13 05:43 - 2010-03-13 22:17 - 00000000 ____D () C:\Users\Marta 2014-04-13 05:43 - 2009-05-07 16:35 - 00000000 ____D () C:\Windows\system32\RTCOM 2014-04-13 05:43 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\spool 2014-04-13 05:43 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\Msdtc 2014-04-13 05:43 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\registration 2014-04-13 05:43 - 2006-11-02 12:22 - 41156608 _____ () C:\Windows\system32\config\software_previous 2014-04-13 05:43 - 2006-11-02 12:22 - 25427968 _____ () C:\Windows\system32\config\system_previous 2014-04-13 05:39 - 2006-11-02 12:22 - 00262144 _____ () C:\Windows\system32\config\security_previous 2014-04-13 05:39 - 2006-11-02 12:22 - 00262144 _____ () C:\Windows\system32\config\sam_previous 2014-04-12 22:46 - 2014-04-12 20:55 - 00000000 ____D () C:\FRST 2014-04-12 22:46 - 2014-04-12 19:57 - 00000000 ____D () C:\Users\Ela\Desktop\logi 2014-04-12 22:45 - 2010-06-12 21:18 - 00000418 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{7D8B24FF-76E7-4850-A0EF-B1007AA121E3}.job 2014-04-12 22:44 - 2012-09-23 18:55 - 00001026 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-04-12 22:44 - 2010-03-14 03:29 - 01725618 _____ () C:\Windows\WindowsUpdate.log 2014-04-12 22:41 - 2006-11-02 14:58 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-04-12 22:41 - 2006-11-02 14:45 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2014-04-12 22:41 - 2006-11-02 14:45 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2014-04-12 22:40 - 2006-11-02 14:58 - 00032548 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-04-12 22:39 - 2010-05-06 16:10 - 00001062 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1707032505-553885810-4120097439-1000UA.job 2014-04-12 22:31 - 2012-12-12 18:16 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-04-12 22:25 - 2012-06-28 22:23 - 00051800 _____ () C:\Windows\PFRO.log 2014-04-12 22:24 - 2014-04-12 22:22 - 00000000 ____D () C:\AdwCleaner 2014-04-12 22:21 - 2014-04-12 22:11 - 00000000 ____D () C:\Program Files\VS Revo Group 2014-04-12 22:20 - 2012-06-28 21:21 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-04-12 22:10 - 2013-02-03 22:06 - 00000000 ____D () C:\Program Files\SweetPacks 2014-04-12 21:54 - 2012-09-23 18:55 - 00001030 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-04-12 20:25 - 2013-09-16 17:20 - 00000920 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1707032505-553885810-4120097439-1002UA.job 2014-04-12 19:52 - 2014-04-12 19:52 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-04-12 19:51 - 2014-04-12 19:51 - 00000865 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-04-12 19:51 - 2014-04-12 19:51 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-04-12 19:51 - 2014-04-12 19:51 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware 2014-04-12 19:32 - 2006-11-02 12:22 - 40108032 _____ () C:\Windows\system32\config\components_previous 2014-04-12 19:32 - 2006-11-02 12:22 - 00524288 _____ () C:\Windows\system32\config\default_previous 2014-04-11 16:34 - 2012-07-26 21:51 - 00102857 _____ () C:\Windows\setupact.log 2014-04-11 15:43 - 2014-04-11 15:43 - 00000000 ____D () C:\Windows\system32\EventProviders 2014-04-11 15:42 - 2014-04-11 15:14 - 00002122 _____ () C:\Windows\epplauncher.mif 2014-04-11 15:33 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\rescache 2014-04-11 15:32 - 2006-11-02 13:18 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared 2014-04-11 15:32 - 2006-11-02 12:23 - 00000275 _____ () C:\Windows\win.ini 2014-04-11 15:31 - 2014-04-11 15:28 - 00000000 ____D () C:\Windows\system32\MRT 2014-04-11 15:28 - 2013-01-18 21:34 - 00000928 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1707032505-553885810-4120097439-1001UA.job 2014-04-11 15:09 - 2014-04-11 15:08 - 11270488 _____ (Microsoft Corporation) C:\Users\Ela\Downloads\mseinstall.exe 2014-04-10 19:02 - 2013-06-12 17:33 - 00002475 _____ () C:\Users\Ela\Desktop\Microsoft Word.lnk 2014-04-10 18:28 - 2013-01-18 21:34 - 00000906 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1707032505-553885810-4120097439-1001Core.job 2014-04-10 17:49 - 2010-04-17 15:04 - 00090112 _____ () C:\Users\Ela\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-04-10 17:48 - 2008-04-14 15:04 - 01495264 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-04-10 17:48 - 2008-04-14 14:21 - 00672140 _____ () C:\Windows\system32\perfh015.dat 2014-04-10 17:48 - 2008-04-14 14:21 - 00130516 _____ () C:\Windows\system32\perfc015.dat 2014-04-10 17:25 - 2013-09-16 17:20 - 00000898 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1707032505-553885810-4120097439-1002Core.job 2014-04-06 18:36 - 2013-05-02 19:01 - 00000000 ____D () C:\Program Files\Pando Networks 2014-04-06 16:17 - 2010-12-23 20:37 - 00000000 ____D () C:\Program Files\Java 2014-04-06 16:11 - 2009-05-07 16:39 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information 2014-04-03 09:51 - 2014-04-12 19:51 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-04-03 09:51 - 2014-04-12 19:51 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-04-03 09:50 - 2014-04-12 19:51 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-04-01 16:59 - 2014-04-01 16:59 - 00773120 _____ () C:\Users\Ela\Downloads\Wykaz ulic w obwodach szkół podstawowych.xls 2014-04-01 16:59 - 2014-04-01 16:59 - 00773120 _____ () C:\Users\Ela\Downloads\Wykaz ulic w obwodach szkół podstawowych (1).xls 2014-04-01 16:18 - 2014-04-01 15:45 - 00000000 ____D () C:\Users\Ela\Desktop\Nowy folder 2014-04-01 16:17 - 2013-06-09 17:07 - 00000000 ____D () C:\Users\Ela\Desktop\ZDJĘCIA - wszystkie pendrive 2014-03-31 03:51 - 2006-11-02 12:24 - 88028728 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe 2014-03-29 22:06 - 2013-12-19 22:06 - 00000125 _____ () C:\Users\Ela\AppData\Roaming\WB.CFG 2014-03-15 07:39 - 2010-05-06 16:10 - 00001010 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1707032505-553885810-4120097439-1000Core.job 2014-03-15 05:44 - 2011-04-20 18:50 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-03-13 08:31 - 2012-12-12 18:16 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2014-03-13 08:31 - 2012-12-12 18:16 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\system32\winlogon.exe => MD5 is legit C:\Windows\system32\wininit.exe => MD5 is legit C:\Windows\system32\svchost.exe => MD5 is legit C:\Windows\system32\services.exe => MD5 is legit C:\Windows\system32\User32.dll => MD5 is legit C:\Windows\system32\userinit.exe => MD5 is legit C:\Windows\system32\rpcss.dll => MD5 is legit C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-04-12 22:32 ==================== End Of Log ============================