Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:25-06-2014 Ran by Patrycja (administrator) on MACIEK-KOMPUTER on 25-06-2014 16:18:06 Running from C:\Users\Patrycja\Desktop\OTL\FRST Platform: Microsoft Windows 7 Professional (X86) OS Language: Polski (Polska) Internet Explorer Version 8 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (ALWIL Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe () C:\Windows\System32\srvany.exe () C:\Windows\KMService.exe () C:\Program Files\webget\updatewebget.exe () C:\Program Files\webget\bin\utilwebget.exe (ALWIL Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe () C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe () C:\Program Files\webget\bin\webget.PurBrowse.exe () C:\Program Files\webget\bin\webget.BrowserAdapter.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [avast5] => C:\Program Files\Alwil Software\Avast5\avastUI.exe [2769336 2010-03-09] (ALWIL Software) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation) HKU\S-1-5-21-229973720-4146371379-1289688960-1003\...\Run: [Google Update] => C:\Users\Patrycja\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-05-20] (Google Inc.) HKU\S-1-5-21-229973720-4146371379-1289688960-1003\...\Run: [Google+ Auto Backup] => C:\Users\Patrycja\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3701064 2014-06-06] (Google Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe () ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl/0,0.html?p=180&d=20140614 BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\Patrycja\AppData\Roaming\Mozilla\Firefox\Profiles\hx3j7ncj.default FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll () FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.) FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Patrycja\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Patrycja\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Extension: Adblock Plus - C:\Users\Patrycja\AppData\Roaming\Mozilla\Firefox\Profiles\hx3j7ncj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-10] Chrome: ======= CHR StartupUrls: "hxxp://facebook.pl/", "hxxp://avon.pl/", "hxxp://espol.com.pl/" CHR Extension: (Dokumenty Google) - C:\Users\Patrycja\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-16] CHR Extension: (Dysk Google) - C:\Users\Patrycja\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-16] CHR Extension: (YouTube) - C:\Users\Patrycja\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-16] CHR Extension: (Szukaj w Google) - C:\Users\Patrycja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-16] CHR Extension: (Google Wallet) - C:\Users\Patrycja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-16] CHR Extension: (Gmail) - C:\Users\Patrycja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-16] ========================== Services (Whitelisted) ================= R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [40384 2010-03-09] (ALWIL Software) R3 avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [40384 2010-03-09] (ALWIL Software) R3 avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [40384 2010-03-09] (ALWIL Software) R2 KMService; C:\Windows\system32\srvany.exe [8192 2014-05-17] () [File not signed] R2 Update webget; C:\Program Files\webget\updatewebget.exe [317720 2014-06-25] () R2 Util webget; C:\Program Files\webget\bin\utilwebget.exe [317720 2014-06-25] () ==================== Drivers (Whitelisted) ==================== R2 aswFsBlk; C:\Windows\system32\Drivers\aswFsBlk.sys [19024 2010-03-09] (ALWIL Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [51792 2010-03-09] (ALWIL Software) R1 aswRdr; C:\Windows\system32\Drivers\aswRdr.sys [23376 2010-03-09] (ALWIL Software) R1 aswSP; C:\Windows\system32\Drivers\aswSP.sys [162640 2010-03-09] (ALWIL Software) R1 aswTdi; C:\Windows\system32\Drivers\aswTdi.sys [46672 2010-03-09] (ALWIL Software) R3 athur; C:\Windows\System32\DRIVERS\athur.sys [1570304 2012-10-18] (Atheros Communications, Inc.) R1 ISODrive; C:\Program Files\UltraISO\drivers\ISODrive.sys [82320 2010-01-29] (EZB Systems, Inc.) R1 wStLibG; C:\Windows\System32\drivers\wStLibG.sys [52928 2014-04-24] (StdLib) R1 {55685567-4840-4a91-962b-49a412e9485a}w; C:\Windows\System32\drivers\{55685567-4840-4a91-962b-49a412e9485a}w.sys [52920 2014-05-26] (StdLib) R1 {9edd0ea8-2819-47c2-8320-b007d5996f8a}w; C:\Windows\System32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}w.sys [52920 2014-04-28] (StdLib) R1 {b99c8534-7800-48fa-bd71-519a46cdc7e1}w; C:\Windows\System32\drivers\{b99c8534-7800-48fa-bd71-519a46cdc7e1}w.sys [52928 2014-04-24] (StdLib) S3 onbbkwzq; No ImagePath U3 kwrdrpog; \??\C:\Users\Patrycja\AppData\Local\Temp\kwrdrpog.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-06-25 15:46 - 2014-06-25 16:17 - 00000000 ____D () C:\Users\Patrycja\Desktop\OTL 2014-06-25 15:45 - 2014-06-25 15:45 - 00143776 _____ () C:\Windows\Minidump\062514-12433-01.dmp 2014-06-25 15:43 - 2014-06-25 15:43 - 00006703 _____ () C:\Users\Patrycja\Downloads\FRST.txt 2014-06-25 15:42 - 2014-06-25 16:18 - 00000000 ____D () C:\FRST 2014-06-25 15:42 - 2014-06-25 15:42 - 01073152 _____ (Farbar) C:\Users\Patrycja\Downloads\FRST.exe 2014-06-25 15:40 - 2014-06-25 15:40 - 00380416 _____ () C:\Users\Patrycja\Downloads\ktnrjlvh.exe 2014-06-25 15:30 - 2014-06-25 15:30 - 00602112 _____ (OldTimer Tools) C:\Users\Patrycja\Downloads\OTL.exe 2014-06-24 16:14 - 2014-06-24 16:14 - 00002210 _____ () C:\Users\Public\Desktop\The Sims™ 3 Cztery pory roku.lnk 2014-06-23 09:57 - 2014-06-23 09:59 - 00000000 ____D () C:\the sims 3 seson 2014-06-23 09:57 - 2014-06-23 09:57 - 00000000 ____D () C:\Users\Patrycja\Desktop\Nowy folder (3) 2014-06-22 23:51 - 2014-06-23 02:19 - 2073307993 ____R () C:\Users\Patrycja\Downloads\The Sims 3 - Seasons.rar 2014-06-20 21:27 - 2014-06-23 11:46 - 00000000 ____D () C:\Users\Patrycja\Documents\Electronic Arts 2014-06-20 21:27 - 2014-06-20 23:56 - 00000000 ____D () C:\Users\Patrycja\Desktop\The Sims 3 2014-06-20 16:39 - 2014-06-20 16:39 - 00000000 ____D () C:\Users\Maciek\Documents\Electronic Arts 2014-06-20 16:31 - 2014-06-20 16:31 - 00002032 _____ () C:\Users\Public\Desktop\The Sims™ 3.lnk 2014-06-20 16:31 - 2014-06-20 16:31 - 00000000 ____D () C:\Program Files\Microsoft WSE 2014-06-20 16:31 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll 2014-06-20 16:25 - 2014-06-24 16:13 - 00000000 ____D () C:\Program Files\Electronic Arts 2014-06-20 16:17 - 2014-06-20 21:18 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-06-20 16:17 - 2014-06-20 16:17 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-06-20 16:17 - 2014-06-20 16:17 - 00001105 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-06-20 16:17 - 2014-06-20 16:17 - 00000000 ____D () C:\Users\Maciek\AppData\Roaming\Mozilla 2014-06-20 16:17 - 2014-06-20 16:17 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-06-20 16:11 - 2014-06-25 15:45 - 00001568 _____ () C:\Windows\setupact.log 2014-06-20 16:11 - 2014-06-20 16:11 - 00000834 _____ () C:\Windows\PFRO.log 2014-06-20 16:11 - 2014-06-20 16:11 - 00000000 _____ () C:\Windows\setuperr.log 2014-06-18 22:18 - 2014-06-18 22:41 - 00000000 ____D () C:\Users\Patrycja\Downloads\The Sims 3 - Razor1911 Final MAXSPEED 2014-06-18 22:17 - 2014-06-18 22:17 - 00000881 _____ () C:\Users\Patrycja\Desktop\BitTorrent.lnk 2014-06-18 22:17 - 2014-06-18 22:17 - 00000861 _____ () C:\Users\Patrycja\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk 2014-06-18 22:16 - 2014-06-23 02:19 - 00000000 ____D () C:\Users\Patrycja\AppData\Roaming\BitTorrent 2014-06-18 22:16 - 2014-06-18 22:16 - 01646928 _____ (BitTorrent Inc.) C:\Users\Patrycja\Downloads\BitTorrent.exe 2014-06-15 13:47 - 2014-06-15 13:47 - 01524939 _____ () C:\Users\Patrycja\Desktop\Win Loader by DAZ v.2.2.1.rar 2014-06-14 22:09 - 2014-06-14 22:09 - 00002019 _____ () C:\Users\Public\Desktop\Canon My Image Garden.lnk 2014-06-14 20:01 - 2014-06-14 20:23 - 305213008 _____ () C:\Users\Maciek\Downloads\mig_-win-2_1_0-ea31_2.exe 2014-06-14 20:00 - 2014-06-14 21:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities 2014-06-14 20:00 - 2014-06-14 21:03 - 00000000 ____D () C:\Program Files\Canon 2014-06-14 20:00 - 2014-06-14 20:00 - 05529160 _____ () C:\Users\Maciek\Downloads\mypr-win-3_2_0-ea11_2.exe 2014-06-14 20:00 - 2014-06-14 20:00 - 00001957 _____ () C:\Users\Public\Desktop\Canon My Printer.lnk 2014-06-14 15:57 - 2014-06-14 15:57 - 00000000 ____D () C:\Users\Patrycja\Desktop\Nowy folder (2) 2014-06-14 13:01 - 2014-06-14 13:03 - 00000000 ____D () C:\Users\Maciek\AppData\Roaming\Wise Registry Cleaner 2014-06-14 13:01 - 2014-06-14 13:01 - 00001185 _____ () C:\Users\Public\Desktop\Wise Registry Cleaner.lnk 2014-06-14 13:01 - 2014-06-14 13:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Registry Cleaner 2014-06-14 13:01 - 2014-06-14 13:01 - 00000000 ____D () C:\Program Files\Wise 2014-06-14 13:00 - 2014-06-14 13:00 - 02120312 _____ (WiseCleaner.com ) C:\Users\Maciek\Downloads\WRCFree.exe 2014-06-14 12:59 - 2014-06-14 12:59 - 00702504 _____ () C:\Users\Maciek\Downloads\Wise-Registry-Cleaner(13347).exe 2014-06-14 12:57 - 2014-06-14 12:57 - 00929416 _____ (CNET Download.com) C:\Users\Maciek\Downloads\cbsidlm-cbsi188-Wise_Registry_Cleaner-BP-10605508.exe 2014-06-03 17:33 - 2014-06-03 17:33 - 00000000 ____D () C:\Users\Patrycja\AppData\Local\Adobe 2014-05-29 18:47 - 2014-05-29 18:47 - 00868231 _____ () C:\Users\Patrycja\Downloads\Nicholas Sparks - Od pierwszego wejrzenia.epub 2014-05-29 18:40 - 2014-05-29 18:40 - 02503206 _____ () C:\Users\Patrycja\Downloads\Nicholas Sparks - Dla Ciebie wszystko.epub 2014-05-28 18:37 - 2014-05-28 18:37 - 00000000 ____D () C:\Users\Patrycja\AppData\Local\Skype 2014-05-28 18:36 - 2014-05-28 18:37 - 00000000 ____D () C:\Users\Patrycja\AppData\Roaming\Skype 2014-05-27 15:28 - 2014-05-26 20:57 - 00052920 _____ (StdLib) C:\Windows\system32\Drivers\{55685567-4840-4a91-962b-49a412e9485a}w.sys 2014-05-26 21:45 - 2014-05-26 21:45 - 00000000 ____D () C:\Users\Justyna\AppData\Roaming\WinRAR 2014-05-26 21:45 - 2014-05-26 21:45 - 00000000 ____D () C:\Users\Justyna\AppData\Local\Adobe 2014-05-26 21:44 - 2014-05-31 16:42 - 00000000 ____D () C:\Users\Justyna\AppData\Roaming\vlc 2014-05-26 17:10 - 2014-05-26 21:45 - 00000000 ____D () C:\Users\Justyna\AppData\Roaming\Adobe 2014-05-26 17:10 - 2014-05-26 17:10 - 00000000 ____D () C:\Users\Justyna\AppData\Roaming\Macromedia 2014-05-26 17:10 - 2014-05-26 17:10 - 00000000 ____D () C:\Users\Justyna\AppData\Local\Macromedia 2014-05-26 17:06 - 2014-05-26 17:06 - 00000000 ____D () C:\Users\Justyna\AppData\Roaming\Mozilla 2014-05-26 17:06 - 2014-05-26 17:06 - 00000000 ____D () C:\Users\Justyna\AppData\Local\Mozilla ==================== One Month Modified Files and Folders ======= 2014-06-25 16:18 - 2014-06-25 15:42 - 00000000 ____D () C:\FRST 2014-06-25 16:17 - 2014-06-25 15:46 - 00000000 ____D () C:\Users\Patrycja\Desktop\OTL 2014-06-25 15:52 - 2009-07-14 06:34 - 00020512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-06-25 15:52 - 2009-07-14 06:34 - 00020512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-06-25 15:48 - 2014-04-23 18:00 - 01188501 _____ () C:\Windows\WindowsUpdate.log 2014-06-25 15:46 - 2009-07-14 04:04 - 00000505 _____ () C:\Windows\win.ini 2014-06-25 15:45 - 2014-06-25 15:45 - 00143776 _____ () C:\Windows\Minidump\062514-12433-01.dmp 2014-06-25 15:45 - 2014-06-20 16:11 - 00001568 _____ () C:\Windows\setupact.log 2014-06-25 15:45 - 2014-04-23 19:41 - 00000000 ____D () C:\Windows\Minidump 2014-06-25 15:45 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-06-25 15:43 - 2014-06-25 15:43 - 00006703 _____ () C:\Users\Patrycja\Downloads\FRST.txt 2014-06-25 15:42 - 2014-06-25 15:42 - 01073152 _____ (Farbar) C:\Users\Patrycja\Downloads\FRST.exe 2014-06-25 15:40 - 2014-06-25 15:40 - 00380416 _____ () C:\Users\Patrycja\Downloads\ktnrjlvh.exe 2014-06-25 15:30 - 2014-06-25 15:30 - 00602112 _____ (OldTimer Tools) C:\Users\Patrycja\Downloads\OTL.exe 2014-06-25 15:28 - 2014-05-20 20:18 - 00001070 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-229973720-4146371379-1289688960-1003UA.job 2014-06-25 15:22 - 2014-04-23 18:07 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-06-24 20:28 - 2014-05-20 20:17 - 00001018 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-229973720-4146371379-1289688960-1003Core.job 2014-06-24 16:14 - 2014-06-24 16:14 - 00002210 _____ () C:\Users\Public\Desktop\The Sims™ 3 Cztery pory roku.lnk 2014-06-24 16:14 - 2009-07-14 06:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-06-24 16:13 - 2014-06-20 16:25 - 00000000 ____D () C:\Program Files\Electronic Arts 2014-06-24 16:13 - 2014-05-16 17:51 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information 2014-06-23 11:46 - 2014-06-20 21:27 - 00000000 ____D () C:\Users\Patrycja\Documents\Electronic Arts 2014-06-23 09:59 - 2014-06-23 09:57 - 00000000 ____D () C:\the sims 3 seson 2014-06-23 09:57 - 2014-06-23 09:57 - 00000000 ____D () C:\Users\Patrycja\Desktop\Nowy folder (3) 2014-06-23 02:19 - 2014-06-22 23:51 - 2073307993 ____R () C:\Users\Patrycja\Downloads\The Sims 3 - Seasons.rar 2014-06-23 02:19 - 2014-06-18 22:16 - 00000000 ____D () C:\Users\Patrycja\AppData\Roaming\BitTorrent 2014-06-22 14:53 - 2014-05-09 11:12 - 00000000 ____D () C:\Program Files\webget 2014-06-21 20:41 - 2009-07-14 06:53 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-06-20 23:56 - 2014-06-20 21:27 - 00000000 ____D () C:\Users\Patrycja\Desktop\The Sims 3 2014-06-20 21:18 - 2014-06-20 16:17 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-06-20 16:39 - 2014-06-20 16:39 - 00000000 ____D () C:\Users\Maciek\Documents\Electronic Arts 2014-06-20 16:31 - 2014-06-20 16:31 - 00002032 _____ () C:\Users\Public\Desktop\The Sims™ 3.lnk 2014-06-20 16:31 - 2014-06-20 16:31 - 00000000 ____D () C:\Program Files\Microsoft WSE 2014-06-20 16:17 - 2014-06-20 16:17 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-06-20 16:17 - 2014-06-20 16:17 - 00001105 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-06-20 16:17 - 2014-06-20 16:17 - 00000000 ____D () C:\Users\Maciek\AppData\Roaming\Mozilla 2014-06-20 16:17 - 2014-06-20 16:17 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-06-20 16:11 - 2014-06-20 16:11 - 00000834 _____ () C:\Windows\PFRO.log 2014-06-20 16:11 - 2014-06-20 16:11 - 00000000 _____ () C:\Windows\setuperr.log 2014-06-20 16:06 - 2014-04-23 18:24 - 00000000 ____D () C:\Program Files\Google 2014-06-18 22:41 - 2014-06-18 22:18 - 00000000 ____D () C:\Users\Patrycja\Downloads\The Sims 3 - Razor1911 Final MAXSPEED 2014-06-18 22:17 - 2014-06-18 22:17 - 00000881 _____ () C:\Users\Patrycja\Desktop\BitTorrent.lnk 2014-06-18 22:17 - 2014-06-18 22:17 - 00000861 _____ () C:\Users\Patrycja\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk 2014-06-18 22:16 - 2014-06-18 22:16 - 01646928 _____ (BitTorrent Inc.) C:\Users\Patrycja\Downloads\BitTorrent.exe 2014-06-15 13:47 - 2014-06-15 13:47 - 01524939 _____ () C:\Users\Patrycja\Desktop\Win Loader by DAZ v.2.2.1.rar 2014-06-14 22:09 - 2014-06-14 22:09 - 00002019 _____ () C:\Users\Public\Desktop\Canon My Image Garden.lnk 2014-06-14 21:04 - 2014-06-14 20:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities 2014-06-14 21:03 - 2014-06-14 20:00 - 00000000 ____D () C:\Program Files\Canon 2014-06-14 20:23 - 2014-06-14 20:01 - 305213008 _____ () C:\Users\Maciek\Downloads\mig_-win-2_1_0-ea31_2.exe 2014-06-14 20:00 - 2014-06-14 20:00 - 05529160 _____ () C:\Users\Maciek\Downloads\mypr-win-3_2_0-ea11_2.exe 2014-06-14 20:00 - 2014-06-14 20:00 - 00001957 _____ () C:\Users\Public\Desktop\Canon My Printer.lnk 2014-06-14 20:00 - 2009-07-14 06:52 - 00000000 ____D () C:\Windows\system32\FxsTmp 2014-06-14 15:57 - 2014-06-14 15:57 - 00000000 ____D () C:\Users\Patrycja\Desktop\Nowy folder (2) 2014-06-14 13:04 - 2009-07-14 04:03 - 35389440 _____ () C:\Windows\system32\config\software.bak 2014-06-14 13:04 - 2009-07-14 04:03 - 00262144 _____ () C:\Windows\system32\config\security.bak 2014-06-14 13:04 - 2009-07-14 04:03 - 00262144 _____ () C:\Windows\system32\config\sam.bak 2014-06-14 13:04 - 2009-07-14 04:03 - 00262144 _____ () C:\Windows\system32\config\default.bak 2014-06-14 13:03 - 2014-06-14 13:01 - 00000000 ____D () C:\Users\Maciek\AppData\Roaming\Wise Registry Cleaner 2014-06-14 13:01 - 2014-06-14 13:01 - 00001185 _____ () C:\Users\Public\Desktop\Wise Registry Cleaner.lnk 2014-06-14 13:01 - 2014-06-14 13:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Registry Cleaner 2014-06-14 13:01 - 2014-06-14 13:01 - 00000000 ____D () C:\Program Files\Wise 2014-06-14 13:00 - 2014-06-14 13:00 - 02120312 _____ (WiseCleaner.com ) C:\Users\Maciek\Downloads\WRCFree.exe 2014-06-14 12:59 - 2014-06-14 12:59 - 00702504 _____ () C:\Users\Maciek\Downloads\Wise-Registry-Cleaner(13347).exe 2014-06-14 12:57 - 2014-06-14 12:57 - 00929416 _____ (CNET Download.com) C:\Users\Maciek\Downloads\cbsidlm-cbsi188-Wise_Registry_Cleaner-BP-10605508.exe 2014-06-10 17:01 - 2014-05-16 18:28 - 00000000 ____D () C:\Users\Maciek\AppData\Roaming\vlc 2014-06-03 17:33 - 2014-06-03 17:33 - 00000000 ____D () C:\Users\Patrycja\AppData\Local\Adobe 2014-06-03 17:33 - 2014-05-16 21:19 - 00000000 ____D () C:\Users\Patrycja\AppData\Roaming\Adobe 2014-06-03 14:59 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF 2014-06-01 13:29 - 2014-04-23 18:08 - 01661232 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-06-01 13:29 - 2009-07-14 10:07 - 00737242 _____ () C:\Windows\system32\perfh015.dat 2014-06-01 13:29 - 2009-07-14 10:07 - 00153930 _____ () C:\Windows\system32\perfc015.dat 2014-05-31 16:42 - 2014-05-26 21:44 - 00000000 ____D () C:\Users\Justyna\AppData\Roaming\vlc 2014-05-29 19:12 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET 2014-05-29 18:47 - 2014-05-29 18:47 - 00868231 _____ () C:\Users\Patrycja\Downloads\Nicholas Sparks - Od pierwszego wejrzenia.epub 2014-05-29 18:40 - 2014-05-29 18:40 - 02503206 _____ () C:\Users\Patrycja\Downloads\Nicholas Sparks - Dla Ciebie wszystko.epub 2014-05-28 18:37 - 2014-05-28 18:37 - 00000000 ____D () C:\Users\Patrycja\AppData\Local\Skype 2014-05-28 18:37 - 2014-05-28 18:36 - 00000000 ____D () C:\Users\Patrycja\AppData\Roaming\Skype 2014-05-28 18:36 - 2014-05-16 18:36 - 00002505 _____ () C:\Users\Public\Desktop\Skype.lnk 2014-05-28 18:36 - 2014-05-16 18:36 - 00000000 ____D () C:\ProgramData\Skype 2014-05-28 18:36 - 2014-05-16 18:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-05-26 21:45 - 2014-05-26 21:45 - 00000000 ____D () C:\Users\Justyna\AppData\Roaming\WinRAR 2014-05-26 21:45 - 2014-05-26 21:45 - 00000000 ____D () C:\Users\Justyna\AppData\Local\Adobe 2014-05-26 21:45 - 2014-05-26 17:10 - 00000000 ____D () C:\Users\Justyna\AppData\Roaming\Adobe 2014-05-26 20:57 - 2014-05-27 15:28 - 00052920 _____ (StdLib) C:\Windows\system32\Drivers\{55685567-4840-4a91-962b-49a412e9485a}w.sys 2014-05-26 17:10 - 2014-05-26 17:10 - 00000000 ____D () C:\Users\Justyna\AppData\Roaming\Macromedia 2014-05-26 17:10 - 2014-05-26 17:10 - 00000000 ____D () C:\Users\Justyna\AppData\Local\Macromedia 2014-05-26 17:06 - 2014-05-26 17:06 - 00000000 ____D () C:\Users\Justyna\AppData\Roaming\Mozilla 2014-05-26 17:06 - 2014-05-26 17:06 - 00000000 ____D () C:\Users\Justyna\AppData\Local\Mozilla ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-06-19 05:26 ==================== End Of Log ============================