Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-09-2013
Ran by user (administrator) on SPISZCZEK on 23-09-2013 19:47:00
Running from F:\
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: Polish
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
(Atheros) C:\Program Files\Atheros\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files\Atheros\Bluetooth Suite\adminservice.exe
(Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe
(FirebirdSQL Project) C:\Program Files\Firebird\Firebird_2_0\bin\fbguard.exe
(HP) C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
(HP) C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe
(HP) C:\Windows\system32\HPSIsvc.exe
() C:\ProgramData\DatacardService\HWDeviceService.exe
(Kaspersky Lab) C:\Program Files\Kaspersky Lab\NetworkAgent 8\klnagent.exe
() C:\ProgramData\MobileBrServ\mbbservice.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
() C:\Program Files\Common Files\Protexis\License Service\PSIService.exe
() C:\Windows\system32\LFKGPPOW.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(FirebirdSQL Project) C:\Program Files\Firebird\Firebird_2_0\bin\fbserver.exe
(ATK) C:\Program Files\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Atheros Communications) C:\Program Files\Atheros\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files\Atheros\Bluetooth Suite\AthBtTray.exe
(HP) C:\Program Files\HP\ToolboxFX\bin\HPTLBXFX.exe
(Hewlett-Packard Company) C:\Program Files\HP\hp laserjet m1522\hppfaxprintersrv.exe
() C:\Program Files\HP\HP UT\bin\hppusg.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe
() C:\Program Files\LAN Messenger\LANMsg.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Sony) C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
() C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Skype Technologies) C:\Program Files\Skype\Updater\Updater.exe
(ASUSTeK) C:\Windows\System32\ACEngSvr.exe
(Microsoft Corporation) \\?\C:\Windows\system32\wbem\WMIADAP.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ATKMEDIA] - C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-05-03] (ASUS)
HKLM\...\Run: [HControlUser] - C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM\...\Run: [ETDWare] - C:\Program Files\Elantech\ETDCtrl.exe [548744 2011-09-13] (ELAN Microelectronic Corp.)
HKLM\...\Run: [AtherosBtStack] - C:\Program Files\Atheros\Bluetooth Suite\BtvStack.exe [486560 2010-11-25] (Atheros Communications)
HKLM\...\Run: [AthBtTray] - C:\Program Files\Atheros\Bluetooth Suite\AthBtTray.exe [302240 2010-11-25] (Atheros Commnucations)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [ToolBoxFX] - C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe [53248 2010-03-03] (HP)
HKLM\...\Run: [HP LaserJet M1522 MFP Series Fax] - C:\Program Files\HP\hp LaserJet M1522\hppfaxprintersrv.exe [2453504 2009-09-22] (Hewlett-Packard Company)
HKLM\...\Run: [HPUsageTracking] - C:\Program Files\HP\HP UT\bin\hppusg.exe [36864 2007-08-31] ()
HKLM\...\Run: [Samsung PanelMgr] - C:\Windows\Samsung\PanelMgr\SSMMgr.exe [606208 2009-12-09] ()
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM\...\Run: [AVP] - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe [311680 2010-03-12] (Kaspersky Lab)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [Zune Launcher] - C:\Program Files\Zune\ZuneLauncher.exe [159456 2011-08-05] (Microsoft Corporation)
HKLM\...\Run: [CorelDRAW Graphics Suite 11b] - C:\Program Files\Corel\Corel Graphics 12\Languages\PL\Programs\Registration.exe [733184 2004-06-23] (Corel Corporation)
HKCU\...\Run: [_LAN Messenger] - C:\Program Files\LAN Messenger\LANMsg.exe [1132032 2004-12-14] ()
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [19603048 2013-06-03] (Skype Technologies S.A.)
HKCU\...\Run: [Sony PC Companion] - C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [449248 2013-05-29] (Sony)
HKCU\...\Run: [Facebook Update] - C:\Users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-07-24] (Facebook Inc.)
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-09-16] (Google Inc.)
HKCU\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [354304 2009-07-14] (Microsoft Corporation)
MountPoints2: {43e05773-246a-11e3-8adb-f46d04852948} - F:\AutoRun.exe
MountPoints2: {5f06570b-c753-11e2-9caa-f46d04852948} - F:\iLinker.exe
MountPoints2: {9a443807-245c-11e3-b1a6-f46d04852948} - G:\AutoRun.exe
MountPoints2: {9a443812-245c-11e3-b1a6-f46d04852948} - G:\AutoRun.exe
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk
ShortcutTarget: Stardock ObjectDock.lnk -> C:\Program Files\Stardock\ObjectDockFree\ObjectDock.exe (No File)
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2010.lnk
ShortcutTarget: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2010.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * Partizan

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.pl/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.pl
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files\Atheros\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://akamaicdn.webex.com/client/WBXclient-T27L10NSP32EP1-13926/event/ieatgpc1.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

========================== Services (Whitelisted) =================

R2 ASLDRService; C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [84536 2009-06-15] (ASUS)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files\Atheros\Ath_CoexAgent.exe [151552 2010-05-24] (Atheros)
R2 AtherosSvc; C:\Program Files\Atheros\Bluetooth Suite\adminservice.exe [56480 2010-11-25] (Atheros Commnucations)
S2 ATKGFNEXSrv; C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [96896 2009-12-15] (ASUS)
R2 AVP; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe [311680 2010-03-12] (Kaspersky Lab)
R2 FirebirdGuardianDefaultInstance; C:\Program Files\Firebird\Firebird_2_0\bin\fbguard.exe [77824 2006-10-31] (FirebirdSQL Project)
R3 FirebirdServerDefaultInstance; C:\Program Files\Firebird\Firebird_2_0\bin\fbserver.exe [1990656 2006-10-31] (FirebirdSQL Project)
R2 HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [136192 2010-03-03] (HP)
R2 HPM1210RcvFaxSrvc; C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [247352 2010-05-11] (HP)
R2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [271712 2011-03-14] ()
R2 klnagent; C:\Program Files\Kaspersky Lab\NetworkAgent 8\klnagent.exe [137272 2010-04-20] (Kaspersky Lab)
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [232288 2012-03-12] ()
S2 Mobile Partner. RunOuc; C:\Program Files\Mobile Partner\UpdateDog\ouc.exe [655744 2012-09-22] ()
R2 ProtexisLicensing; C:\Program Files\Common Files\Protexis\License Service\PSIService.exe [174656 2006-11-02] ()
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)

==================== Drivers (Whitelisted) ====================

R3 BTATH_BUS; C:\Windows\System32\DRIVERS\btath_bus.sys [24736 2010-11-25] (Atheros)
R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation)
R3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [109960 2011-09-13] (ELAN Microelectronic Corp.)
S3 FaxLffv2; C:\Windows\System32\Drivers\FaxLffv2.sys [18944 2008-06-19] (OEM)
S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [96000 2012-08-20] (Huawei Technologies Co., Ltd.)
S3 huawei_cdcecm; C:\Windows\System32\DRIVERS\ew_jucdcecm.sys [69760 2012-08-20] (Huawei Technologies Co., Ltd.)
S3 huawei_ext_ctrl; C:\Windows\System32\DRIVERS\ew_juextctrl.sys [27520 2012-08-20] (Huawei Technologies Co., Ltd.)
R1 kl1; C:\Windows\System32\DRIVERS\kl1.sys [126480 2009-11-12] (Kaspersky Lab)
R3 KLFLTDEV; C:\Windows\System32\DRIVERS\klfltdev.sys [24848 2009-09-03] (Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [233560 2012-08-21] (Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [22104 2012-08-21] (Kaspersky Lab ZAO)
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [31560 2013-09-23] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [14392 2009-05-13] (ASUS)
U3 Partizan; C:\Windows\System32\drivers\Partizan.sys [35816 2013-09-23] (Greatis Software)
S3 RegGuard; C:\Windows\system32\Drivers\regguard.sys [24416 2013-09-23] (Greatis Software)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1760384 2009-08-20] ()
R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2007-08-13] (Samsung Electronics)
S3 XMLDIUSB; C:\Windows\System32\Drivers\XMLDIUSB.sys [33152 2008-01-17] (OEM)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-23 19:06 - 2013-09-23 19:06 - 00002446 _____ C:\Windows\PFRO.log
2013-09-23 18:18 - 2013-09-23 18:18 - 00000000 ____D C:\Malwarebytes' Anti-Malware
2013-09-23 18:14 - 2013-09-23 19:42 - 00004248 _____ C:\Windows\setupact.log
2013-09-23 18:14 - 2013-09-23 18:14 - 00000000 _____ C:\Windows\setuperr.log
2013-09-23 18:13 - 2013-09-23 18:13 - 00001067 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-23 18:13 - 2013-09-23 18:13 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-23 18:13 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-23 18:04 - 2013-09-23 19:42 - 00000372 _____ C:\Windows\system32\PARTIZAN.TXT
2013-09-23 18:00 - 2013-09-23 18:00 - 00024416 _____ (Greatis Software) C:\Windows\system32\Drivers\regguard.sys
2013-09-23 17:57 - 2013-09-23 17:57 - 00040208 _____ (Greatis Software) C:\Windows\system32\Partizan.exe
2013-09-23 17:55 - 2013-09-23 18:05 - 00000000 ____D C:\Users\Public\Documents\regruninfo
2013-09-23 17:55 - 2013-09-23 18:05 - 00000000 ____D C:\ProgramData\RegRun
2013-09-23 17:55 - 2013-09-23 18:03 - 00035816 _____ (Greatis Software) C:\Windows\system32\Drivers\Partizan.sys
2013-09-23 17:55 - 2013-09-23 17:58 - 00000000 ____D C:\Users\user\Documents\RegRun2
2013-09-23 17:55 - 2013-09-23 17:55 - 00000913 _____ C:\Users\user\Desktop\UnHackMe.lnk
2013-09-23 17:55 - 2013-09-23 17:55 - 00000406 _____ C:\Windows\Tasks\UnHackMe Task Scheduler.job
2013-09-23 17:55 - 2013-09-23 17:55 - 00000002 RSHOT C:\Windows\winstart.bat
2013-09-23 17:55 - 2013-09-23 17:55 - 00000000 ____D C:\Program Files\UnHackMe
2013-09-23 17:55 - 2013-06-04 12:23 - 00012800 _____ (Greatis Software, LLC.) C:\Windows\system32\Drivers\UnHackMeDrv.sys
2013-09-23 17:49 - 2013-09-23 17:55 - 00000000 ____D C:\ProgramData\HitmanPro
2013-09-23 17:49 - 2013-09-23 17:49 - 00000000 ____D C:\Program Files\HitmanPro
2013-09-23 17:34 - 2013-09-23 17:34 - 00000000 ____D C:\Users\user\AppData\Roaming\Malwarebytes
2013-09-23 17:34 - 2013-09-23 17:34 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-23 16:37 - 2013-09-23 16:37 - 00031560 _____ C:\Windows\system32\Drivers\mbamchameleon.sys
2013-09-23 16:36 - 2013-09-23 16:36 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ew_juextctrl_01007.Wdf
2013-09-23 16:36 - 2013-09-23 16:36 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ew_jucdcecm_01007.Wdf
2013-09-23 16:36 - 2013-09-23 16:36 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf
2013-09-23 16:35 - 2013-09-23 16:35 - 00001037 _____ C:\Users\Public\Desktop\Mobile Partner.lnk
2013-09-23 16:35 - 2013-09-23 16:35 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ew_jubusenum_01007.Wdf
2013-09-23 16:35 - 2013-09-23 16:35 - 00000000 ____D C:\ProgramData\Mobile Partner
2013-09-23 16:35 - 2012-09-18 10:20 - 00203264 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juwwanecm.sys
2013-09-23 16:35 - 2012-09-14 03:26 - 00378880 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbwwan.sys
2013-09-23 16:35 - 2012-08-20 02:54 - 00096000 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcacm.sys
2013-09-23 16:35 - 2012-08-20 02:54 - 00076544 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jubusenum.sys
2013-09-23 16:35 - 2012-08-20 02:54 - 00069760 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcecm.sys
2013-09-23 16:35 - 2012-08-20 02:54 - 00027520 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juextctrl.sys
2013-09-23 16:35 - 2012-08-20 02:37 - 01112288 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2013-09-23 16:35 - 2012-08-20 02:37 - 01112288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfCoInstaller01007.dll
2013-09-23 16:35 - 2011-12-31 03:20 - 00199168 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbmdm.sys
2013-09-23 16:35 - 2010-10-08 10:55 - 00025856 _____ (Huawei Tech. Co., Ltd.) C:\Windows\system32\Drivers\ewdcsc.sys
2013-09-23 16:35 - 2010-09-26 12:09 - 00019200 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwupgrade.sys
2013-09-23 16:35 - 2010-08-06 01:42 - 00861696 _____ (DiBcom SA) C:\Windows\system32\Drivers\mod7700.sys
2013-09-23 16:35 - 2010-07-27 03:52 - 00102784 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwusbdev.sys
2013-09-23 16:35 - 2010-03-20 06:06 - 00011136 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbenumfilter.sys
2013-09-23 16:34 - 2013-09-23 16:36 - 00000000 ____D C:\ProgramData\DatacardService
2013-09-23 16:34 - 2013-09-23 16:35 - 00000000 ____D C:\Program Files\Mobile Partner
2013-09-23 11:46 - 2013-09-23 19:23 - 00000000 ____D C:\FRST
2013-09-19 08:52 - 2013-09-19 08:52 - 00000000 ____D C:\Users\user\Desktop\19.09.2013
2013-09-19 07:24 - 2013-09-20 10:51 - 00000000 ____D C:\Users\user\Desktop\aneksy do umów
2013-09-17 08:58 - 2013-09-17 08:58 - 00000000 ____D C:\Users\user\Documents\Corel User Files
2013-09-17 07:24 - 2013-09-17 07:24 - 00064714 _____ C:\Windows\FontData.fdb
2013-09-17 07:18 - 2013-09-17 07:18 - 00000000 ____D C:\Program Files\Common Files\Corel
2013-09-11 14:55 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-11 14:55 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-11 14:55 - 2013-08-10 05:59 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-11 14:55 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-11 14:55 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-11 14:55 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-11 14:55 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-11 14:55 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-11 14:55 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-11 14:55 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-11 14:55 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-11 14:55 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-11 14:55 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-11 14:55 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-11 14:55 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-11 14:55 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-11 10:39 - 2013-08-08 03:03 - 02348544 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-11 10:39 - 2013-08-05 03:56 - 00133056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-11 10:39 - 2013-08-02 03:50 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-11 10:39 - 2013-08-02 03:49 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-11 10:39 - 2013-08-02 03:49 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-11 10:39 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-11 10:39 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 10:39 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 10:39 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 10:39 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 10:39 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 10:39 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 10:39 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 10:39 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 10:39 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 10:39 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 10:39 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 10:39 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 10:39 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-11 10:39 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 10:39 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 10:39 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-11 10:39 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 10:39 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 10:39 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 10:39 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 10:39 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 10:39 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 10:39 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-11 10:39 - 2013-08-02 02:52 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-11 10:39 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-11 10:39 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 10:39 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 10:39 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-11 10:39 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-11 10:39 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-10 14:44 - 2013-09-11 11:19 - 00001142 _____ C:\Windows\system32\W ramach monitoringu kontroli zarządczej podczas spotkania Kierowników poszczególnych Referatów Urzędu Gminy w Kowali Sekretarz zwrócił się do Kierowników o uzupełnienie tabeli dotyczącej Celów i zadań.lnk
2013-09-05 08:56 - 2013-09-05 08:56 - 00000000 ____D C:\Users\user\Documents\MISJONARKI FROM ARGENTINA
2013-08-27 07:47 - 2013-08-27 08:37 - 00000000 ____D C:\Users\user\Desktop\DCIM
2013-08-27 07:26 - 2013-09-18 22:35 - 00000000 ____D C:\Users\user\Desktop\teksty na kalendarz

==================== One Month Modified Files and Folders =======

2013-09-23 19:46 - 2012-09-06 09:16 - 00000000 ____D C:\Program Files\P4G
2013-09-23 19:46 - 2011-09-16 10:23 - 00001028 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-23 19:46 - 2011-09-13 21:15 - 00000035 _____ C:\Users\Public\Documents\AtherosServiceConfig.ini
2013-09-23 19:42 - 2013-09-23 18:14 - 00004248 _____ C:\Windows\setupact.log
2013-09-23 19:42 - 2013-09-23 18:04 - 00000372 _____ C:\Windows\system32\PARTIZAN.TXT
2013-09-23 19:42 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-23 19:32 - 2011-09-16 10:23 - 00001032 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-23 19:26 - 2009-07-14 06:34 - 00022560 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-23 19:26 - 2009-07-14 06:34 - 00022560 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-23 19:23 - 2013-09-23 11:46 - 00000000 ____D C:\FRST
2013-09-23 19:22 - 2011-09-14 01:40 - 01363903 _____ C:\Windows\WindowsUpdate.log
2013-09-23 19:21 - 2012-08-04 10:58 - 00000000 ____D C:\Users\user\AppData\Roaming\Skype
2013-09-23 19:06 - 2013-09-23 19:06 - 00002446 _____ C:\Windows\PFRO.log
2013-09-23 19:06 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\LiveKernelReports
2013-09-23 18:19 - 2012-10-29 21:44 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-23 18:18 - 2013-09-23 18:18 - 00000000 ____D C:\Malwarebytes' Anti-Malware
2013-09-23 18:18 - 2011-04-12 07:08 - 00701494 _____ C:\Windows\system32\perfh015.dat
2013-09-23 18:18 - 2011-04-12 07:08 - 00136480 _____ C:\Windows\system32\perfc015.dat
2013-09-23 18:18 - 2010-11-20 23:01 - 01558616 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-23 18:14 - 2013-09-23 18:14 - 00000000 _____ C:\Windows\setuperr.log
2013-09-23 18:13 - 2013-09-23 18:13 - 00001067 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-23 18:13 - 2013-09-23 18:13 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-23 18:12 - 2013-01-23 12:36 - 00000000 ____D C:\Windows\Minidump
2013-09-23 18:12 - 2012-02-22 14:13 - 00000000 ____D C:\Program Files\PDFCreator
2013-09-23 18:12 - 2011-10-26 11:57 - 00000000 ____D C:\Users\user\AppData\Local\CrashDumps
2013-09-23 18:12 - 2011-09-22 08:06 - 00000000 ____D C:\Program Files\WinRAR
2013-09-23 18:12 - 2011-09-14 02:37 - 00000000 ____D C:\Windows\Panther
2013-09-23 18:05 - 2013-09-23 17:55 - 00000000 ____D C:\Users\Public\Documents\regruninfo
2013-09-23 18:05 - 2013-09-23 17:55 - 00000000 ____D C:\ProgramData\RegRun
2013-09-23 18:03 - 2013-09-23 17:55 - 00035816 _____ (Greatis Software) C:\Windows\system32\Drivers\Partizan.sys
2013-09-23 18:02 - 2012-01-04 14:23 - 00000000 ____D C:\Program Files\Winstep
2013-09-23 18:00 - 2013-09-23 18:00 - 00024416 _____ (Greatis Software) C:\Windows\system32\Drivers\regguard.sys
2013-09-23 17:58 - 2013-09-23 17:55 - 00000000 ____D C:\Users\user\Documents\RegRun2
2013-09-23 17:57 - 2013-09-23 17:57 - 00040208 _____ (Greatis Software) C:\Windows\system32\Partizan.exe
2013-09-23 17:55 - 2013-09-23 17:55 - 00000913 _____ C:\Users\user\Desktop\UnHackMe.lnk
2013-09-23 17:55 - 2013-09-23 17:55 - 00000406 _____ C:\Windows\Tasks\UnHackMe Task Scheduler.job
2013-09-23 17:55 - 2013-09-23 17:55 - 00000002 RSHOT C:\Windows\winstart.bat
2013-09-23 17:55 - 2013-09-23 17:55 - 00000000 ____D C:\Program Files\UnHackMe
2013-09-23 17:55 - 2013-09-23 17:49 - 00000000 ____D C:\ProgramData\HitmanPro
2013-09-23 17:55 - 2009-07-14 04:04 - 00002577 _____ C:\Windows\system32\config.nt
2013-09-23 17:55 - 2009-07-14 04:04 - 00001688 _____ C:\Windows\system32\autoexec.nt
2013-09-23 17:49 - 2013-09-23 17:49 - 00000000 ____D C:\Program Files\HitmanPro
2013-09-23 17:34 - 2013-09-23 17:34 - 00000000 ____D C:\Users\user\AppData\Roaming\Malwarebytes
2013-09-23 17:34 - 2013-09-23 17:34 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-23 16:37 - 2013-09-23 16:37 - 00031560 _____ C:\Windows\system32\Drivers\mbamchameleon.sys
2013-09-23 16:36 - 2013-09-23 16:36 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ew_juextctrl_01007.Wdf
2013-09-23 16:36 - 2013-09-23 16:36 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ew_jucdcecm_01007.Wdf
2013-09-23 16:36 - 2013-09-23 16:36 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf
2013-09-23 16:36 - 2013-09-23 16:34 - 00000000 ____D C:\ProgramData\DatacardService
2013-09-23 16:35 - 2013-09-23 16:35 - 00001037 _____ C:\Users\Public\Desktop\Mobile Partner.lnk
2013-09-23 16:35 - 2013-09-23 16:35 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ew_jubusenum_01007.Wdf
2013-09-23 16:35 - 2013-09-23 16:35 - 00000000 ____D C:\ProgramData\Mobile Partner
2013-09-23 16:35 - 2013-09-23 16:34 - 00000000 ____D C:\Program Files\Mobile Partner
2013-09-23 12:48 - 2013-08-13 10:19 - 00000000 ____D C:\__USB__
2013-09-23 12:25 - 2013-07-24 21:20 - 00000924 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3061825322-2714307366-866023572-1000UA.job
2013-09-23 08:37 - 2012-08-21 13:41 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-09-21 21:50 - 2012-05-15 08:41 - 00000000 ____D C:\Users\user\Documents\Pliki programu Outlook
2013-09-21 21:25 - 2013-07-24 21:20 - 00000902 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3061825322-2714307366-866023572-1000Core.job
2013-09-20 21:19 - 2012-06-12 13:04 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-09-20 21:19 - 2011-09-14 03:06 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-09-20 10:51 - 2013-09-19 07:24 - 00000000 ____D C:\Users\user\Desktop\aneksy do umów
2013-09-19 21:50 - 2011-09-13 20:45 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-19 19:11 - 2013-05-01 18:24 - 00001972 _____ C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2013-09-19 19:11 - 2011-09-13 20:24 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-09-19 08:52 - 2013-09-19 08:52 - 00000000 ____D C:\Users\user\Desktop\19.09.2013
2013-09-18 22:35 - 2013-08-27 07:26 - 00000000 ____D C:\Users\user\Desktop\teksty na kalendarz
2013-09-18 14:53 - 2013-07-23 20:11 - 00000000 ____D C:\Users\user\Desktop\UMOWA UŻYCZENIE PIOG
2013-09-18 13:05 - 2012-01-30 12:28 - 00000000 ___RD C:\Users\user\Desktop\URZĄD GMINY
2013-09-18 07:46 - 2013-06-16 00:18 - 00000000 ____D C:\Users\user\Desktop\KALENDARZ 2014
2013-09-17 18:16 - 2009-07-14 06:33 - 00560216 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-17 08:58 - 2013-09-17 08:58 - 00000000 ____D C:\Users\user\Documents\Corel User Files
2013-09-17 07:24 - 2013-09-17 07:24 - 00064714 _____ C:\Windows\FontData.fdb
2013-09-17 07:23 - 2011-09-14 13:28 - 00153984 _____ C:\Users\user\AppData\Local\GDIPFONTCACHEV1.DAT
2013-09-17 07:19 - 2011-10-25 12:12 - 00000000 ____D C:\Users\user\AppData\Roaming\Corel
2013-09-17 07:18 - 2013-09-17 07:18 - 00000000 ____D C:\Program Files\Common Files\Corel
2013-09-17 07:17 - 2013-04-09 08:31 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2013-09-17 07:17 - 2009-07-14 04:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-09-17 07:16 - 2011-10-25 12:04 - 00000000 ____D C:\Program Files\Corel
2013-09-15 21:08 - 2013-06-11 12:44 - 00001006 _____ C:\Windows\system32\Monitoring i ewauacja w projektach Programu Operacyjnego Kapitał Ludzki na przykładzie projektu  POMOC SPOŁECZNA BARDZO CZĘSTO STUTECZNA realizowanego przez Gminny Ośrodek Pomocy Społecznej w Kowali.lnk
2013-09-13 10:25 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2013-09-12 14:54 - 2011-09-16 10:24 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-09-12 09:00 - 2011-10-12 08:49 - 00000000 ___RD C:\Users\user\Desktop\www.pomockowala@łączymy z przyszłością.pl
2013-09-12 08:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-09-12 07:19 - 2012-10-07 21:22 - 00000000 ___RD C:\Users\user\Podcasts
2013-09-12 07:15 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\pl-PL
2013-09-11 14:52 - 2013-08-16 23:26 - 00000000 ____D C:\Windows\system32\MRT
2013-09-11 14:50 - 2011-09-13 21:04 - 76725432 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-11 11:19 - 2013-09-10 14:44 - 00001142 _____ C:\Windows\system32\W ramach monitoringu kontroli zarządczej podczas spotkania Kierowników poszczególnych Referatów Urzędu Gminy w Kowali Sekretarz zwrócił się do Kierowników o uzupełnienie tabeli dotyczącej Celów i zadań.lnk
2013-09-05 13:48 - 2013-02-15 09:32 - 00000000 ____D C:\Users\user\Desktop\zapytania ofertowe - 2013
2013-09-05 08:56 - 2013-09-05 08:56 - 00000000 ____D C:\Users\user\Documents\MISJONARKI FROM ARGENTINA
2013-08-29 09:15 - 2011-12-08 10:37 - 00000000 ___RD C:\Users\user\Desktop\SYLWIA
2013-08-27 08:37 - 2013-08-27 07:47 - 00000000 ____D C:\Users\user\Desktop\DCIM
2013-08-24 22:46 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-11 10:18

==================== End Of Log ============================