Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-07-2013 Ran by Windows 8 (administrator) on 14-07-2013 19:08:26 Running from C:\Users\Windows 8\Downloads Windows 8 (X64) OS Language: Polish Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\windows\system32\atiesrxx.exe (AMD) C:\windows\system32\atieclxx.exe (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe (Microsoft Corporation) C:\windows\system32\dashost.exe (Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe (Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (Intel Corporation) C:\windows\system32\igfxext.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE (Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Support Center\GuaranaAgent.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.1.0.24\ccSvcHst.exe (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.1.0.24\ccSvcHst.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\windows\syswow64\wwahost.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16384_none_622908ad510eb05b\TiWorker.exe (Microsoft Corporation) C:\Windows\System32\CredentialUIBroker.exe (Microsoft Corporation) C:\windows\system32\msiexec.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [13191824 2012-08-10] (Realtek Semiconductor) HKLM\...\Run: [BtTray] - "C:\Program Files (x86)\Bluetooth Suite\BtTray.exe" [766080 2012-12-05] (Qualcomm Atheros) HKLM\...\Run: [BtvStack] - "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" [128640 2012-12-05] (Atheros Communications) HKLM\...\Run: [AdobeAAMUpdater-1.0] - "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [499608 2011-06-16] (Adobe Systems Incorporated) HKLM\...\Run: [Bitcasa] - C:\Program Files\Bitcasa\Bitcasa.exe /startup [3952128 2012-11-27] (Bitcasa, Inc) HKCU\...\Run: [AQQ] - C:\Program Files (x86)\WapSter\WapSter AQQ\AQQ.exe [8035840 2013-04-29] (AQQ Sp. z o.o.) HKCU\...\Run: [ChomikBox] - C:\Program Files (x86)\ChomikBox\ChomikBox.exe [x] HKCU\...\Run: [ViStart] - C:\Users\Windows 8\AppData\Roaming\ViStart\ViStart.exe [x] HKCU\...\Run: [NukeMetro] - "C:\Users\Windows 8\AppData\Roaming\ViStart\ViStart.exe" /nuke_metro [x] HKCU\...\Run: [AlcoholAutomount] - "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount [75624 2012-01-05] (Alcohol Soft Development Team) HKLM-x32\...\Run: [StartCCC] - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [642216 2012-08-06] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 [285240 2012-09-01] (Intel Corporation) HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-15] (Symantec Corporation) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [35736 2012-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [843712 2012-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [RemoteControl10] - "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [97392 2012-08-15] (CyberLink Corp.) HKLM-x32\...\Run: [CLMLServer_For_P2G8] - "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" [111120 2012-06-08] (CyberLink) HKLM-x32\...\Run: [CLVirtualDrive] - "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R [491120 2012-07-12] (CyberLink Corp.) HKLM-x32\...\Run: [Intel AppUp(SM) center] - "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4 [155488 2012-07-13] (Intel Corporation) SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation) SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST1000LM024XHN-M101MBB_S2RQJ9CD231165&ts=1373812248 HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST1000LM024XHN-M101MBB_S2RQJ9CD231165&ts=1373812248 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST1000LM024XHN-M101MBB_S2RQJ9CD231165&ts=1373812248 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST1000LM024XHN-M101MBB_S2RQJ9CD231165&ts=1373812248 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST1000LM024XHN-M101MBB_S2RQJ9CD231165&ts=1373812248 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST1000LM024XHN-M101MBB_S2RQJ9CD231165&ts=1373812248 HKLM SearchScopes: DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source=b&utm_medium=cor&from=cor&uid=ST1000LM024XHN-M101MBB_S2RQJ9CD231165&ts=1373812248 SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source=b&utm_medium=cor&from=cor&uid=ST1000LM024XHN-M101MBB_S2RQJ9CD231165&ts=1373812248 HKLM-x32 SearchScopes: DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source=b&utm_medium=cor&from=cor&uid=ST1000LM024XHN-M101MBB_S2RQJ9CD231165&ts=1373812248 SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source=b&utm_medium=cor&from=cor&uid=ST1000LM024XHN-M101MBB_S2RQJ9CD231165&ts=1373812248 HKCU SearchScopes: DefaultScope {3CD242FD-3221-4896-B3F0-1AB473ED083A} URL = SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source=b&utm_medium=cor&from=cor&uid=ST1000LM024XHN-M101MBB_S2RQJ9CD231165&ts=1373812248 SearchScopes: HKCU - {3CD242FD-3221-4896-B3F0-1AB473ED083A} URL = BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations) BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.1.0.24\coIEPlg.dll (Symantec Corporation) BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.1.0.24\IPS\IPSBHO.DLL (Symantec Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 FireFox: ======== FF ProfilePath: C:\Users\Windows 8\AppData\Roaming\Mozilla\Firefox\Profiles\6llggtuh.default FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll () FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\IPSFFPlgn\ FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\IPSFFPlgn\ FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\coFFPlgn\ FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\coFFPlgn\ ==================== Services (Whitelisted) ================= R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171664 2012-11-06] (Adobe Systems Incorporated) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [231552 2012-12-05] (Qualcomm Atheros Commnucations) S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team) R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1591176 2012-11-30] (Samsung Electronics CO., LTD.) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation) R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.1.0.24\ccSvcHst.exe [143928 2012-08-18] (Symantec Corporation) R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation) R2 SWUpdateService; C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe [2878152 2012-12-21] (Samsung Electronics CO., LTD.) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [15440 2012-07-26] (Microsoft Corporation) R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-12-05] (Atheros) ==================== Drivers (Whitelisted) ==================== R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [35496 2012-07-09] (Advanced Micro Devices, Inc.) R3 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\BASHDefs\20130702.001\BHDrvx64.sys [1393240 2013-07-02] (Symantec Corporation) R3 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\BASHDefs\20130702.001\BHDrvx64.sys [1393240 2013-07-02] (Symantec Corporation) S3 BTATH_HID; C:\Windows\system32\DRIVERS\btath_hid.sys [222360 2012-12-05] (Qualcomm Atheros) S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2012-12-05] (Qualcomm Atheros) S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation) R1 cbfs3; C:\windows\system32\drivers\cbfs3.sys [352456 2012-08-06] (EldoS Corporation) R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation) R3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1401000.018\ccSetx64.sys [168096 2012-08-06] (Symantec Corporation) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink) R3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-07-14] (Symantec Corporation) R3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-07-14] (Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2013-07-14] (Symantec Corporation) R3 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\IPSDefs\20130712.001\IDSvia64.sys [513184 2013-07-12] (Symantec Corporation) R3 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\IPSDefs\20130712.001\IDSvia64.sys [513184 2013-07-12] (Symantec Corporation) R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20130713.006\ENG64.SYS [126040 2013-07-14] (Symantec Corporation) R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20130713.006\ENG64.SYS [126040 2013-07-14] (Symantec Corporation) R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20130713.006\EX64.SYS [2098776 2013-07-14] (Symantec Corporation) R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20130713.006\EX64.SYS [2098776 2013-07-14] (Symantec Corporation) R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-09] (Corel Corporation) R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-07-14] (Duplex Secure Ltd.) R3 SRTSP; C:\Windows\system32\drivers\NISx64\1401000.018\SRTSP64.SYS [776352 2012-08-10] (Symantec Corporation) R3 SRTSPX; C:\Windows\system32\drivers\NISx64\1401000.018\SRTSPX64.SYS [37496 2012-05-24] (Symantec Corporation) R3 SymDS; C:\Windows\system32\drivers\NISx64\1401000.018\SYMDS64.SYS [493216 2012-07-27] (Symantec Corporation) R3 SymEFA; C:\Windows\system32\drivers\NISx64\1401000.018\SYMEFA64.SYS [1132192 2012-08-07] (Symantec Corporation) S0 SymELAM; C:\Windows\System32\drivers\NISx64\1401000.018\SymELAM.sys [23448 2012-06-20] (Symantec Corporation) R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-01-25] (Symantec Corporation) R3 SymIRON; C:\Windows\system32\drivers\NISx64\1401000.018\Ironx64.SYS [224416 2012-07-27] (Symantec Corporation) R3 SymNetS; C:\Windows\system32\drivers\NISx64\1401000.018\SYMNETS.SYS [432800 2012-07-22] (Symantec Corporation) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-07-14 19:08 - 2013-07-14 19:08 - 00000000 ____D C:\FRST 2013-07-14 19:06 - 2013-07-14 19:06 - 01777839 _____ (Farbar) C:\Users\Windows 8\Downloads\FRST64.exe 2013-07-14 18:46 - 2013-07-14 19:31 - 01492584 _____ (Skype Technologies S.A.) C:\Users\Windows 8\Downloads\SkypeSetup.exe 2013-07-14 18:46 - 2013-07-14 18:46 - 00001167 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2013-07-14 18:46 - 2013-07-14 18:46 - 00000000 ____D C:\Users\Windows 8\AppData\Roaming\Mozilla 2013-07-14 18:46 - 2013-07-14 18:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-07-14 18:44 - 2013-07-14 18:44 - 00280304 _____ (Mozilla) C:\Users\Windows 8\Downloads\Firefox Setup Stub 22.0.exe 2013-07-14 18:37 - 2013-07-14 18:58 - 00000000 ____D C:\Users\Windows 8\AppData\Roaming\Skype 2013-07-14 18:37 - 2013-07-14 18:37 - 00002547 _____ C:\Users\Public\Desktop\Skype.lnk 2013-07-14 18:37 - 2013-07-14 18:37 - 00000000 ___RD C:\Program Files (x86)\Skype 2013-07-14 18:37 - 2013-07-14 18:37 - 00000000 ____D C:\ProgramData\Skype 2013-07-14 16:41 - 2013-07-14 16:41 - 00000779 _____ C:\Users\Windows 8\Documents\ax_files.xml 2013-07-14 16:36 - 2013-07-14 16:36 - 00000000 ____D C:\Users\Windows 8\Documents\Alcohol 120% 2013-07-14 16:34 - 2013-07-14 16:34 - 00001200 _____ C:\Users\Public\Desktop\Alcohol 120%.lnk 2013-07-14 16:34 - 2013-07-14 16:34 - 00000000 ____D C:\Program Files (x86)\Alcohol Soft 2013-07-14 16:31 - 2013-07-14 16:31 - 00564824 _____ (Duplex Secure Ltd.) C:\windows\system32\Drivers\sptd.sys 2013-07-14 16:30 - 2013-07-14 16:48 - 00000000 ____D C:\Users\Windows 8\AppData\Roaming\WebCake 2013-07-14 16:30 - 2013-07-14 16:48 - 00000000 ____D C:\Program Files (x86)\WebCake 2013-07-14 16:30 - 2013-07-14 16:30 - 00000000 ____D C:\Users\Windows 8\AppData\Roaming\eIntaller 2013-07-14 16:29 - 2013-07-14 16:29 - 00801608 _____ C:\Users\Windows 8\Downloads\Alcohol120_trial_2.0.2.4713.exe 2013-07-14 16:26 - 2013-07-14 16:28 - 00000000 ____D C:\Users\Windows 8\AppData\Roaming\AIMP3 2013-07-14 16:26 - 2013-07-14 16:26 - 00000919 _____ C:\Users\Public\Desktop\AIMP3.lnk 2013-07-14 16:26 - 2013-07-14 16:26 - 00000000 ____D C:\Program Files (x86)\AIMP3 2013-07-14 16:25 - 2013-07-14 16:25 - 07547200 _____ (AIMP DevTeam) C:\Users\Windows 8\Downloads\aimp_3.50.1277.exe 2013-07-14 16:21 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys 2013-07-14 16:19 - 2013-07-14 16:21 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-07-14 16:19 - 2013-07-14 16:19 - 00000000 ____D C:\Users\Windows 8\AppData\Roaming\Malwarebytes 2013-07-14 16:19 - 2013-07-14 16:19 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-07-14 16:19 - 2011-07-06 19:52 - 00041272 _____ (Malwarebytes Corporation) C:\windows\SysWOW64\Drivers\mbamswissarmy.sys 2013-07-14 16:14 - 2013-07-14 16:14 - 00000000 ____H C:\windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2013-07-14 15:56 - 2013-07-14 16:02 - 00000000 ____D C:\Users\Windows 8\AppData\Roaming\DAEMON Tools Lite 2013-07-14 15:56 - 2013-07-14 15:59 - 00000000 ____D C:\Users\Windows 8\AppData\Roaming\PerformerSoft 2013-07-14 15:56 - 2012-12-19 15:53 - 00019632 _____ (PerformerSoft LLC) C:\windows\system32\roboot64.exe 2013-07-14 15:55 - 2013-07-14 16:02 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite 2013-07-14 15:55 - 2013-07-14 15:55 - 13867192 _____ (Disc Soft Ltd) C:\Users\Windows 8\Downloads\DTLite4471-0335(dobreprogramy.pl).exe 2013-07-14 15:53 - 2013-07-14 15:53 - 00715888 _____ C:\Users\Windows 8\Downloads\DAEMON-Tools-Lite(12708).exe 2013-07-14 15:52 - 2013-07-14 16:48 - 00001948 _____ C:\Users\Windows 8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lollipop.lnk 2013-07-14 15:52 - 2013-07-14 15:52 - 00000000 ____D C:\Users\Windows 8\AppData\Roaming\DAEMON Tools Ultra 2013-07-14 15:52 - 2013-07-14 15:52 - 00000000 ____D C:\Users\Windows 8\AppData\Local\DTClient 2013-07-14 15:51 - 2013-07-14 15:51 - 00000000 ____D C:\ProgramData\DAEMON Tools Ultra 2013-07-14 15:49 - 2013-07-14 15:51 - 24484792 _____ (Disc Soft Ltd) C:\Users\Windows 8\Downloads\DAEMONToolsUltra110-0103.exe 2013-07-14 15:42 - 2013-07-14 15:42 - 00000000 ____D C:\Users\Windows 8\AppData\Local\StartIsBack 2013-07-14 15:41 - 2013-07-14 15:41 - 00940176 _____ (www.startisback.com) C:\Users\Windows 8\Downloads\StartIsBack_setup.exe 2013-07-14 15:39 - 2013-07-14 15:45 - 00000000 ____D C:\Users\Windows 8\AppData\Roaming\ViStart 2013-07-14 14:57 - 2013-07-14 14:57 - 00000000 ____H C:\windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf 2013-07-14 14:51 - 2013-07-14 15:34 - 113369426 _____ C:\Users\Windows 8\Downloads\office2010.iso.006 2013-07-14 14:50 - 2013-07-14 15:34 - 113369430 _____ C:\Users\Windows 8\Downloads\office2010.iso.005 2013-07-14 14:49 - 2013-07-14 15:33 - 113369430 _____ C:\Users\Windows 8\Downloads\office2010.iso.004 2013-07-14 14:49 - 2013-07-14 15:33 - 113369430 _____ C:\Users\Windows 8\Downloads\office2010.iso.003 2013-07-14 14:47 - 2013-07-14 15:28 - 113369430 _____ C:\Users\Windows 8\Downloads\office2010.iso.002 2013-07-14 14:47 - 2013-07-14 15:28 - 113369430 _____ C:\Users\Windows 8\Downloads\office2010.iso.001 2013-07-14 14:34 - 2013-07-14 15:20 - 00000000 ____D C:\Users\Windows 8\AppData\Local\ChomikBox 2013-07-14 14:34 - 2013-07-14 14:34 - 00000000 ____D C:\Users\Windows 8\.gstreamer-0.10 2013-07-14 14:31 - 2013-07-14 14:33 - 28002816 _____ C:\Users\Windows 8\Downloads\ChomikBox.msi 2013-07-14 14:18 - 2013-07-14 14:18 - 00000000 ____D C:\Users\Windows 8\WapSter 2013-07-14 14:17 - 2013-07-14 14:17 - 00000926 _____ C:\Users\Windows 8\AppData\Roaming\Microsoft\Windows\Start Menu\AQQ.lnk 2013-07-14 14:17 - 2013-07-14 14:17 - 00000902 _____ C:\Users\Windows 8\Desktop\AQQ.lnk 2013-07-14 14:17 - 2013-07-14 14:17 - 00000000 ____D C:\Users\Windows 8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WapSter 2013-07-14 14:17 - 2013-07-14 14:17 - 00000000 ____D C:\Program Files (x86)\WapSter 2013-07-14 14:15 - 2013-07-14 14:15 - 00000363 _____ C:\Users\Windows 8\Desktop\Komputer — skrót.lnk 2013-07-14 13:45 - 2013-07-14 13:45 - 00393008 _____ (Softonic ) C:\Users\Windows 8\Downloads\SoftonicDownloader_dla_aqq.exe 2013-07-14 13:43 - 2013-07-14 13:43 - 00000000 ____D C:\Users\Windows 8\AppData\Local\Macromedia 2013-07-14 13:42 - 2013-07-14 18:14 - 00000930 _____ C:\windows\Tasks\Adobe Flash Player Updater.job 2013-07-14 13:42 - 2013-07-14 13:42 - 00003818 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater 2013-07-14 13:30 - 2013-07-14 13:30 - 00000000 ____D C:\Users\Windows 8\AppData\Local\Mozilla 2013-07-14 13:29 - 2013-07-14 18:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-07-14 13:29 - 2013-07-14 13:29 - 00000000 ____D C:\ProgramData\Mozilla 2013-07-14 13:26 - 2013-07-14 13:26 - 00000000 ____D C:\Users\Windows 8\AppData\Roaming\Macromedia 2013-07-14 12:47 - 2013-07-14 12:47 - 00000000 ____D C:\Users\Windows 8\AppData\Local\bitcasa 2013-07-14 12:46 - 2013-07-14 12:46 - 00000000 _____ C:\Users\Windows 8\agent.log 2013-07-14 12:43 - 2013-07-14 17:52 - 00003600 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4118013680-3836196915-2330699128-1001 2013-07-14 12:41 - 2013-07-14 16:33 - 00000000 ____D C:\Users\Windows 8\AppData\Local\CrashDumps 2013-07-14 12:40 - 2013-07-14 12:40 - 00000000 ____D C:\windows\System32\Tasks\Norton Internet Security 2013-07-14 12:39 - 2013-07-14 12:39 - 00000000 ____D C:\Users\Windows 8\AppData\Roaming\Intel Corporation 2013-07-14 12:39 - 2013-07-14 12:39 - 00000000 ____D C:\Users\Windows 8\AppData\Local\Samsung 2013-07-14 12:38 - 2013-07-14 14:55 - 00000000 ____D C:\Users\Windows 8\AppData\Local\Adobe 2013-07-14 12:38 - 2013-07-14 12:46 - 00000000 ____D C:\Users\Windows 8\Documents\Bluetooth Folder 2013-07-14 12:38 - 2013-07-14 12:38 - 00000000 ____D C:\Users\Windows 8\AppData\Roaming\ATI 2013-07-14 12:38 - 2013-07-14 12:38 - 00000000 ____D C:\Users\Windows 8\AppData\Roaming\Atheros 2013-07-14 12:38 - 2013-07-14 12:38 - 00000000 ____D C:\Users\Windows 8\AppData\Local\Power2Go8 2013-07-14 12:38 - 2013-07-14 12:38 - 00000000 ____D C:\Users\Windows 8\AppData\Local\BMExplorer 2013-07-14 12:38 - 2013-07-14 12:38 - 00000000 ____D C:\Users\Windows 8\AppData\Local\ATI 2013-07-14 12:37 - 2013-07-14 14:55 - 00000000 ____D C:\Users\Windows 8\AppData\Roaming\Adobe 2013-07-14 12:37 - 2013-07-14 12:37 - 00001454 _____ C:\Users\Windows 8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2013-07-14 12:37 - 2013-07-14 12:37 - 00000000 ___RD C:\Users\Windows 8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-07-14 12:37 - 2013-07-14 12:37 - 00000000 ___RD C:\Users\Windows 8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2013-07-14 12:37 - 2013-07-14 12:37 - 00000000 ____D C:\Users\Windows 8\AppData\Roaming\Synaptics 2013-07-14 12:37 - 2013-07-14 12:37 - 00000000 _____ C:\windows\system32\Drivers\144D_SAMSUNG_na_350V5_P08A.mrk 2013-07-14 12:36 - 2013-07-14 14:34 - 00000000 ____D C:\Users\Windows 8 2013-07-14 12:36 - 2013-07-14 12:37 - 00000000 ____D C:\Users\Windows 8\AppData\Local\Packages 2013-07-14 12:36 - 2013-07-14 12:36 - 00000020 ___SH C:\Users\Windows 8\ntuser.ini 2013-07-14 12:36 - 2013-07-14 12:36 - 00000000 __SHD C:\Users\Windows 8\Ustawienia lokalne 2013-07-14 12:36 - 2013-07-14 12:36 - 00000000 __SHD C:\Users\Windows 8\Szablony 2013-07-14 12:36 - 2013-07-14 12:36 - 00000000 __SHD C:\Users\Windows 8\Moje dokumenty 2013-07-14 12:36 - 2013-07-14 12:36 - 00000000 __SHD C:\Users\Windows 8\Menu Start 2013-07-14 12:36 - 2013-07-14 12:36 - 00000000 __SHD C:\Users\Windows 8\Documents\Moje wideo 2013-07-14 12:36 - 2013-07-14 12:36 - 00000000 __SHD C:\Users\Windows 8\Documents\Moje obrazy 2013-07-14 12:36 - 2013-07-14 12:36 - 00000000 __SHD C:\Users\Windows 8\Documents\Moja muzyka 2013-07-14 12:36 - 2013-07-14 12:36 - 00000000 __SHD C:\Users\Windows 8\Dane aplikacji 2013-07-14 12:36 - 2013-07-14 12:36 - 00000000 __SHD C:\Users\Windows 8\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2013-07-14 12:36 - 2013-07-14 12:36 - 00000000 __SHD C:\Users\Windows 8\AppData\Local\Historia 2013-07-14 12:36 - 2013-07-14 12:36 - 00000000 __SHD C:\Users\Windows 8\AppData\Local\Dane aplikacji 2013-07-14 12:36 - 2013-07-14 12:36 - 00000000 ____D C:\Users\Windows 8\AppData\Local\VirtualStore 2013-07-14 12:36 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\Windows 8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2013-07-14 12:36 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\Windows 8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2013-07-14 12:36 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\Windows 8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2013-07-14 12:36 - 2012-07-26 10:13 - 00000000 ____D C:\Users\Windows 8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance ==================== One Month Modified Files and Folders ======= 2013-07-14 19:31 - 2013-07-14 18:46 - 01492584 _____ (Skype Technologies S.A.) C:\Users\Windows 8\Downloads\SkypeSetup.exe 2013-07-14 19:08 - 2013-07-14 19:08 - 00000000 ____D C:\FRST 2013-07-14 19:06 - 2013-07-14 19:06 - 01777839 _____ (Farbar) C:\Users\Windows 8\Downloads\FRST64.exe 2013-07-14 19:00 - 2012-07-26 10:12 - 00000000 ____D C:\windows\system32\sru 2013-07-14 18:58 - 2013-07-14 18:37 - 00000000 ____D C:\Users\Windows 8\AppData\Roaming\Skype 2013-07-14 18:46 - 2013-07-14 18:46 - 00001167 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2013-07-14 18:46 - 2013-07-14 18:46 - 00000000 ____D C:\Users\Windows 8\AppData\Roaming\Mozilla 2013-07-14 18:46 - 2013-07-14 18:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-07-14 18:46 - 2013-07-14 13:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-07-14 18:44 - 2013-07-14 18:44 - 00280304 _____ (Mozilla) C:\Users\Windows 8\Downloads\Firefox Setup Stub 22.0.exe 2013-07-14 18:38 - 2013-01-25 19:38 - 00786588 _____ C:\windows\system32\perfh013.dat 2013-07-14 18:38 - 2013-01-25 19:38 - 00159122 _____ C:\windows\system32\perfc013.dat 2013-07-14 18:38 - 2013-01-25 19:33 - 00795984 _____ C:\windows\system32\perfh015.dat 2013-07-14 18:38 - 2013-01-25 19:33 - 00160066 _____ C:\windows\system32\perfc015.dat 2013-07-14 18:38 - 2013-01-25 19:28 - 00742838 _____ C:\windows\system32\perfh007.dat 2013-07-14 18:38 - 2013-01-25 19:28 - 00155896 _____ C:\windows\system32\perfc007.dat 2013-07-14 18:38 - 2013-01-25 19:22 - 00791060 _____ C:\windows\system32\perfh00C.dat 2013-07-14 18:38 - 2013-01-25 19:22 - 00155620 _____ C:\windows\system32\perfc00C.dat 2013-07-14 18:38 - 2012-07-26 09:28 - 04588118 _____ C:\windows\system32\PerfStringBackup.INI 2013-07-14 18:37 - 2013-07-14 18:37 - 00002547 _____ C:\Users\Public\Desktop\Skype.lnk 2013-07-14 18:37 - 2013-07-14 18:37 - 00000000 ___RD C:\Program Files (x86)\Skype 2013-07-14 18:37 - 2013-07-14 18:37 - 00000000 ____D C:\ProgramData\Skype 2013-07-14 18:14 - 2013-07-14 13:42 - 00000930 _____ C:\windows\Tasks\Adobe Flash Player Updater.job 2013-07-14 18:10 - 2013-01-25 02:00 - 01599677 _____ C:\windows\WindowsUpdate.log 2013-07-14 18:07 - 2012-07-26 10:12 - 00000000 ____D C:\windows\rescache 2013-07-14 17:58 - 2012-07-26 07:26 - 00262144 ___SH C:\windows\system32\config\ELAM 2013-07-14 17:56 - 2012-07-26 10:12 - 00000000 ____D C:\windows\AUInstallAgent 2013-07-14 17:52 - 2013-07-14 12:43 - 00003600 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4118013680-3836196915-2330699128-1001 2013-07-14 16:52 - 2013-01-25 02:56 - 00000000 ____D C:\ProgramData\WinClon 2013-07-14 16:49 - 2013-01-25 02:47 - 00000868 _____ C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job 2013-07-14 16:49 - 2012-07-26 09:22 - 00000006 ____H C:\windows\Tasks\SA.DAT 2013-07-14 16:48 - 2013-07-14 16:30 - 00000000 ____D C:\Users\Windows 8\AppData\Roaming\WebCake 2013-07-14 16:48 - 2013-07-14 16:30 - 00000000 ____D C:\Program Files (x86)\WebCake 2013-07-14 16:48 - 2013-07-14 15:52 - 00001948 _____ C:\Users\Windows 8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lollipop.lnk 2013-07-14 16:48 - 2012-08-05 23:07 - 00011190 _____ C:\windows\PFRO.log 2013-07-14 16:48 - 2012-07-26 07:26 - 00262144 ___SH C:\windows\system32\config\BBI 2013-07-14 16:41 - 2013-07-14 16:41 - 00000779 _____ C:\Users\Windows 8\Documents\ax_files.xml 2013-07-14 16:36 - 2013-07-14 16:36 - 00000000 ____D C:\Users\Windows 8\Documents\Alcohol 120% 2013-07-14 16:34 - 2013-07-14 16:34 - 00001200 _____ C:\Users\Public\Desktop\Alcohol 120%.lnk 2013-07-14 16:34 - 2013-07-14 16:34 - 00000000 ____D C:\Program Files (x86)\Alcohol Soft 2013-07-14 16:33 - 2013-07-14 12:41 - 00000000 ____D C:\Users\Windows 8\AppData\Local\CrashDumps 2013-07-14 16:31 - 2013-07-14 16:31 - 00564824 _____ (Duplex Secure Ltd.) C:\windows\system32\Drivers\sptd.sys 2013-07-14 16:30 - 2013-07-14 16:30 - 00000000 ____D C:\Users\Windows 8\AppData\Roaming\eIntaller 2013-07-14 16:29 - 2013-07-14 16:29 - 00801608 _____ C:\Users\Windows 8\Downloads\Alcohol120_trial_2.0.2.4713.exe 2013-07-14 16:28 - 2013-07-14 16:26 - 00000000 ____D C:\Users\Windows 8\AppData\Roaming\AIMP3 2013-07-14 16:26 - 2013-07-14 16:26 - 00000919 _____ C:\Users\Public\Desktop\AIMP3.lnk 2013-07-14 16:26 - 2013-07-14 16:26 - 00000000 ____D C:\Program Files (x86)\AIMP3 2013-07-14 16:25 - 2013-07-14 16:25 - 07547200 _____ (AIMP DevTeam) C:\Users\Windows 8\Downloads\aimp_3.50.1277.exe 2013-07-14 16:21 - 2013-07-14 16:19 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-07-14 16:19 - 2013-07-14 16:19 - 00000000 ____D C:\Users\Windows 8\AppData\Roaming\Malwarebytes 2013-07-14 16:19 - 2013-07-14 16:19 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-07-14 16:14 - 2013-07-14 16:14 - 00000000 ____H C:\windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2013-07-14 16:14 - 2012-07-26 09:21 - 00025981 _____ C:\windows\setupact.log 2013-07-14 16:02 - 2013-07-14 15:56 - 00000000 ____D C:\Users\Windows 8\AppData\Roaming\DAEMON Tools Lite 2013-07-14 16:02 - 2013-07-14 15:55 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite 2013-07-14 15:59 - 2013-07-14 15:56 - 00000000 ____D C:\Users\Windows 8\AppData\Roaming\PerformerSoft 2013-07-14 15:55 - 2013-07-14 15:55 - 13867192 _____ (Disc Soft Ltd) C:\Users\Windows 8\Downloads\DTLite4471-0335(dobreprogramy.pl).exe 2013-07-14 15:53 - 2013-07-14 15:53 - 00715888 _____ C:\Users\Windows 8\Downloads\DAEMON-Tools-Lite(12708).exe 2013-07-14 15:52 - 2013-07-14 15:52 - 00000000 ____D C:\Users\Windows 8\AppData\Roaming\DAEMON Tools Ultra 2013-07-14 15:52 - 2013-07-14 15:52 - 00000000 ____D C:\Users\Windows 8\AppData\Local\DTClient 2013-07-14 15:51 - 2013-07-14 15:51 - 00000000 ____D C:\ProgramData\DAEMON Tools Ultra 2013-07-14 15:51 - 2013-07-14 15:49 - 24484792 _____ (Disc Soft Ltd) C:\Users\Windows 8\Downloads\DAEMONToolsUltra110-0103.exe 2013-07-14 15:45 - 2013-07-14 15:39 - 00000000 ____D C:\Users\Windows 8\AppData\Roaming\ViStart 2013-07-14 15:42 - 2013-07-14 15:42 - 00000000 ____D C:\Users\Windows 8\AppData\Local\StartIsBack 2013-07-14 15:41 - 2013-07-14 15:41 - 00940176 _____ (www.startisback.com) C:\Users\Windows 8\Downloads\StartIsBack_setup.exe 2013-07-14 15:34 - 2013-07-14 14:51 - 113369426 _____ C:\Users\Windows 8\Downloads\office2010.iso.006 2013-07-14 15:34 - 2013-07-14 14:50 - 113369430 _____ C:\Users\Windows 8\Downloads\office2010.iso.005 2013-07-14 15:33 - 2013-07-14 14:49 - 113369430 _____ C:\Users\Windows 8\Downloads\office2010.iso.004 2013-07-14 15:33 - 2013-07-14 14:49 - 113369430 _____ C:\Users\Windows 8\Downloads\office2010.iso.003 2013-07-14 15:28 - 2013-07-14 14:47 - 113369430 _____ C:\Users\Windows 8\Downloads\office2010.iso.002 2013-07-14 15:28 - 2013-07-14 14:47 - 113369430 _____ C:\Users\Windows 8\Downloads\office2010.iso.001 2013-07-14 15:20 - 2013-07-14 14:34 - 00000000 ____D C:\Users\Windows 8\AppData\Local\ChomikBox 2013-07-14 14:57 - 2013-07-14 14:57 - 00000000 ____H C:\windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf 2013-07-14 14:55 - 2013-07-14 12:38 - 00000000 ____D C:\Users\Windows 8\AppData\Local\Adobe 2013-07-14 14:55 - 2013-07-14 12:37 - 00000000 ____D C:\Users\Windows 8\AppData\Roaming\Adobe 2013-07-14 14:34 - 2013-07-14 14:34 - 00000000 ____D C:\Users\Windows 8\.gstreamer-0.10 2013-07-14 14:34 - 2013-07-14 12:36 - 00000000 ____D C:\Users\Windows 8 2013-07-14 14:33 - 2013-07-14 14:31 - 28002816 _____ C:\Users\Windows 8\Downloads\ChomikBox.msi 2013-07-14 14:18 - 2013-07-14 14:18 - 00000000 ____D C:\Users\Windows 8\WapSter 2013-07-14 14:17 - 2013-07-14 14:17 - 00000926 _____ C:\Users\Windows 8\AppData\Roaming\Microsoft\Windows\Start Menu\AQQ.lnk 2013-07-14 14:17 - 2013-07-14 14:17 - 00000902 _____ C:\Users\Windows 8\Desktop\AQQ.lnk 2013-07-14 14:17 - 2013-07-14 14:17 - 00000000 ____D C:\Users\Windows 8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WapSter 2013-07-14 14:17 - 2013-07-14 14:17 - 00000000 ____D C:\Program Files (x86)\WapSter 2013-07-14 14:15 - 2013-07-14 14:15 - 00000363 _____ C:\Users\Windows 8\Desktop\Komputer — skrót.lnk 2013-07-14 13:45 - 2013-07-14 13:45 - 00393008 _____ (Softonic ) C:\Users\Windows 8\Downloads\SoftonicDownloader_dla_aqq.exe 2013-07-14 13:43 - 2013-07-14 13:43 - 00000000 ____D C:\Users\Windows 8\AppData\Local\Macromedia 2013-07-14 13:42 - 2013-07-14 13:42 - 00003818 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater 2013-07-14 13:30 - 2013-07-14 13:30 - 00000000 ____D C:\Users\Windows 8\AppData\Local\Mozilla 2013-07-14 13:29 - 2013-07-14 13:29 - 00000000 ____D C:\ProgramData\Mozilla 2013-07-14 13:26 - 2013-07-14 13:26 - 00000000 ____D C:\Users\Windows 8\AppData\Roaming\Macromedia 2013-07-14 12:47 - 2013-07-14 12:47 - 00000000 ____D C:\Users\Windows 8\AppData\Local\bitcasa 2013-07-14 12:46 - 2013-07-14 12:46 - 00000000 _____ C:\Users\Windows 8\agent.log 2013-07-14 12:46 - 2013-07-14 12:38 - 00000000 ____D C:\Users\Windows 8\Documents\Bluetooth Folder 2013-07-14 12:40 - 2013-07-14 12:40 - 00000000 ____D C:\windows\System32\Tasks\Norton Internet Security 2013-07-14 12:39 - 2013-07-14 12:39 - 00000000 ____D C:\Users\Windows 8\AppData\Roaming\Intel Corporation 2013-07-14 12:39 - 2013-07-14 12:39 - 00000000 ____D C:\Users\Windows 8\AppData\Local\Samsung 2013-07-14 12:39 - 2013-01-25 02:52 - 00000000 ____D C:\ProgramData\Norton 2013-07-14 12:38 - 2013-07-14 12:38 - 00000000 ____D C:\Users\Windows 8\AppData\Roaming\ATI 2013-07-14 12:38 - 2013-07-14 12:38 - 00000000 ____D C:\Users\Windows 8\AppData\Roaming\Atheros 2013-07-14 12:38 - 2013-07-14 12:38 - 00000000 ____D C:\Users\Windows 8\AppData\Local\Power2Go8 2013-07-14 12:38 - 2013-07-14 12:38 - 00000000 ____D C:\Users\Windows 8\AppData\Local\BMExplorer 2013-07-14 12:38 - 2013-07-14 12:38 - 00000000 ____D C:\Users\Windows 8\AppData\Local\ATI 2013-07-14 12:38 - 2013-01-25 03:16 - 00000000 ____D C:\ProgramData\Atheros 2013-07-14 12:37 - 2013-07-14 12:37 - 00001454 _____ C:\Users\Windows 8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2013-07-14 12:37 - 2013-07-14 12:37 - 00000000 ___RD C:\Users\Windows 8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-07-14 12:37 - 2013-07-14 12:37 - 00000000 ___RD C:\Users\Windows 8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2013-07-14 12:37 - 2013-07-14 12:37 - 00000000 ____D C:\Users\Windows 8\AppData\Roaming\Synaptics 2013-07-14 12:37 - 2013-07-14 12:37 - 00000000 _____ C:\windows\system32\Drivers\144D_SAMSUNG_na_350V5_P08A.mrk 2013-07-14 12:37 - 2013-07-14 12:36 - 00000000 ____D C:\Users\Windows 8\AppData\Local\Packages 2013-07-14 12:36 - 2013-07-14 12:36 - 00000020 ___SH C:\Users\Windows 8\ntuser.ini 2013-07-14 12:36 - 2013-07-14 12:36 - 00000000 __SHD C:\Users\Windows 8\Ustawienia lokalne 2013-07-14 12:36 - 2013-07-14 12:36 - 00000000 __SHD C:\Users\Windows 8\Szablony 2013-07-14 12:36 - 2013-07-14 12:36 - 00000000 __SHD C:\Users\Windows 8\Moje dokumenty 2013-07-14 12:36 - 2013-07-14 12:36 - 00000000 __SHD C:\Users\Windows 8\Menu Start 2013-07-14 12:36 - 2013-07-14 12:36 - 00000000 __SHD C:\Users\Windows 8\Documents\Moje wideo 2013-07-14 12:36 - 2013-07-14 12:36 - 00000000 __SHD C:\Users\Windows 8\Documents\Moje obrazy 2013-07-14 12:36 - 2013-07-14 12:36 - 00000000 __SHD C:\Users\Windows 8\Documents\Moja muzyka 2013-07-14 12:36 - 2013-07-14 12:36 - 00000000 __SHD C:\Users\Windows 8\Dane aplikacji 2013-07-14 12:36 - 2013-07-14 12:36 - 00000000 __SHD C:\Users\Windows 8\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2013-07-14 12:36 - 2013-07-14 12:36 - 00000000 __SHD C:\Users\Windows 8\AppData\Local\Historia 2013-07-14 12:36 - 2013-07-14 12:36 - 00000000 __SHD C:\Users\Windows 8\AppData\Local\Dane aplikacji 2013-07-14 12:36 - 2013-07-14 12:36 - 00000000 ____D C:\Users\Windows 8\AppData\Local\VirtualStore 2013-07-14 12:36 - 2012-07-26 10:12 - 00000000 ___RD C:\windows\ImmersiveControlPanel 2013-07-14 12:36 - 2012-07-26 10:12 - 00000000 ____D C:\windows\WinStore 2013-07-14 12:35 - 2013-01-25 02:41 - 03295312 _____ C:\windows\system32\FNTCACHE.DAT Files to move or delete: ==================== C:\ProgramData\MakeMarkerFile.exe C:\Users\EasySurvey\EasySurvey.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe [2013-01-25 02:08] - [2012-10-02 11:01] - 2380944 ____A (Microsoft Corporation) 99CDC7377F2E030AE1ABA26BAC00B60C C:\Windows\SysWOW64\explorer.exe [2013-01-25 02:08] - [2012-10-02 09:51] - 2115440 ____A (Microsoft Corporation) 1EC97BB78ED52AE22B2AB3C5E0A4D160 C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2012-08-05 23:07 ==================== End Of Log ============================