Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-12-2013 01
Ran by Pateyk (administrator) on KOMPUTER on 14-12-2013 22:22:13
Running from C:\Users\Pateyk\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polish
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
() C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
(Infowatch) C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
(ASUSTeK Computer Inc.) C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
() C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AlcorMicro Co., Ltd.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(ASUS) C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
(ASUS) C:\Windows\AsScrPro.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
() D:\League of Legends\RADS\system\rads_user_kernel.exe
() C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
() D:\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.195\deploy\LoLLauncher.exe
() D:\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.62\deploy\LolClient.exe
(Opera Software) D:\Opera\18.0.1284.63\opera.exe
() D:\Opera\18.0.1284.63\opera_crashreporter.exe
(Opera Software) D:\Opera\18.0.1284.63\opera.exe
(Opera Software) D:\Opera\18.0.1284.63\opera.exe
(Opera Software) D:\Opera\18.0.1284.63\opera.exe
(Opera Software) D:\Opera\18.0.1284.63\opera.exe
(Opera Software) D:\Opera\18.0.1284.63\opera.exe
(Opera Software) D:\Opera\18.0.1284.63\opera.exe
(Opera Software) D:\Opera\18.0.1284.63\opera.exe
(Opera Software) D:\Opera\18.0.1284.63\opera.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028896 2013-08-27] (NVIDIA Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7982112 2009-07-28] (Realtek Semiconductor)
HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [320000 2009-04-09] (AlcorMicro Co., Ltd.)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] - rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript [1127496 2013-04-04] (Malwarebytes Corporation)
HKCU\...\Run: [DAEMON Tools Lite] - D:\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKCU\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [8493624 2009-07-07] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [159744 2009-04-20] (ASUS)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-10-18] (Kaspersky Lab ZAO)

==================== Internet (Whitelisted) ====================

URLSearchHook: HKLM-x32 - uTorrentControl_v6 Toolbar - {96f454ea-9d38-474f-b504-56193e00c1a5} - C:\Program Files (x86)\uTorrentControl_v6\prxtbuTor.dll (Conduit Ltd.)
URLSearchHook: HKCU - uTorrentControl_v6 Toolbar - {96f454ea-9d38-474f-b504-56193e00c1a5} - C:\Program Files (x86)\uTorrentControl_v6\prxtbuTor.dll (Conduit Ltd.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {163A0588-D38A-4E5E-B968-D1741D36A3B4} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3289075&CUI=UN19646711142952210&UM=1
SearchScopes: HKCU - {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = 
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - D:\Office 2013\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Office 2013\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Kaspersky Passsword Manager Toolbar - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll (Kaspersky Lab)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: uTorrentControl_v6 Toolbar - {96f454ea-9d38-474f-b504-56193e00c1a5} - C:\Program Files (x86)\uTorrentControl_v6\prxtbuTor.dll (Conduit Ltd.)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM-x32 - Kaspersky Passsword Manager Toolbar - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll (Kaspersky Lab)
Toolbar: HKLM-x32 - uTorrentControl_v6 Toolbar - {96f454ea-9d38-474f-b504-56193e00c1a5} - C:\Program Files (x86)\uTorrentControl_v6\prxtbuTor.dll (Conduit Ltd.)
Toolbar: HKCU - No Name - {96F454EA-9D38-474F-B504-56193E00C1A5} -  No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - D:\Office 2013\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 62.179.1.60 62.179.1.61

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR DefaultSearchKeyword: google.pl
CHR DefaultSearchProvider: Google
CHR DefaultSearchURL: {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR Extension: (YouTube) - C:\Users\Pateyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\Pateyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (Gmail) - C:\Users\Pateyk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\urladvisor.crx
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\online_banking_chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\content_blocker_chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\virtkbd.crx
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\ab.crx

==================== Services (Whitelisted) =================

R2 ASLDRService; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [100920 2008-08-13] ()
R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-07] ()
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-10-18] (Kaspersky Lab ZAO)
R2 CSObjectsSrv; C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [819040 2012-12-21] (Infowatch)
R2 FastBootAgent; C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe [306232 2009-07-23] (ASUSTeK Computer Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14997280 2013-08-27] (NVIDIA Corporation)
S2 SkypeUpdate; D:\Skype\Updater\Updater.exe [171680 2013-09-05] (Skype Technologies)
R3 spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [125496 2007-08-03] ()
S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [580648 2012-07-17] (WiseCleaner.com)

==================== Drivers (Whitelisted) ====================

R2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] ()
R0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [84536 2011-06-02] (Infowatch)
R1 CSVirtualDiskDrv; C:\Windows\System32\DRIVERS\CSVirtualDiskDrv.sys [66616 2011-06-02] (Infowatch)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-11-13] (Disc Soft Ltd)
R2 ghaio; C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [17464 2007-08-03] ()
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [7717984 2013-10-18] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [626272 2013-10-18] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [28504 2012-08-02] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-18] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-18] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-10-18] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-10-18] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-08-20] (NVIDIA Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2013-03-07] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [9584 2013-03-07] ()
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806400 2009-06-05] ()
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [90208 2013-10-18] (Kaspersky Lab ZAO)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-14 22:22 - 2013-12-14 22:22 - 01360540 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\Pateyk\Desktop\UsbFix.exe
2013-12-14 22:17 - 2013-12-14 22:18 - 00020089 _____ C:\Users\Pateyk\Desktop\Addition.txt
2013-12-14 22:16 - 2013-12-14 22:22 - 00013803 _____ C:\Users\Pateyk\Desktop\FRST.txt
2013-12-14 22:16 - 2013-12-14 22:16 - 01927796 _____ (Farbar) C:\Users\Pateyk\Desktop\FRST64.exe
2013-12-14 22:16 - 2013-12-14 22:16 - 00000000 ____D C:\FRST
2013-12-14 21:20 - 2013-12-14 21:20 - 00053526 _____ C:\Users\Pateyk\Desktop\Extras.Txt
2013-12-14 21:19 - 2013-12-14 21:19 - 00081252 _____ C:\Users\Pateyk\Desktop\OTL.Txt
2013-12-14 21:14 - 2013-12-14 21:14 - 00602112 _____ (OldTimer Tools) C:\Users\Pateyk\Desktop\OTL.exe
2013-12-14 19:58 - 2013-12-14 19:58 - 00000005 _____ C:\Users\Pateyk\AppData\Roaming\mbam.context.scan
2013-12-14 17:51 - 2013-12-14 17:51 - 00000646 _____ C:\Users\Pateyk\Desktop\Total Commander 64 bit.lnk
2013-12-14 17:51 - 2013-12-14 17:51 - 00000000 ____D C:\Users\Pateyk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2013-12-14 17:51 - 2013-12-14 17:51 - 00000000 ____D C:\Users\Pateyk\AppData\Roaming\GHISLER
2013-12-14 17:51 - 2013-12-14 17:51 - 00000000 ____D C:\totalcmd
2013-12-14 16:56 - 2013-12-14 16:56 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-14 16:56 - 2013-12-14 16:56 - 00000000 ____D C:\Users\Pateyk\AppData\Roaming\Malwarebytes
2013-12-14 16:56 - 2013-12-14 16:56 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-14 16:56 - 2013-12-14 16:56 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-14 16:56 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-11 19:40 - 2013-12-11 19:40 - 00000000 ____D C:\Users\Pateyk\Impostazioni locali
2013-12-11 19:40 - 2013-03-07 13:37 - 00019032 ____N C:\Windows\system32\pwdrvio.sys
2013-12-11 19:40 - 2013-03-07 13:37 - 00009584 ____N C:\Windows\system32\pwdspio.sys
2013-12-10 12:49 - 2013-12-10 12:49 - 00029010 _____ C:\Users\Pateyk\Desktop\Zeszyt1 (Automatycznie zapisany).xlsx
2013-12-09 21:46 - 2013-12-09 21:46 - 00018764 _____ C:\Users\Pateyk\Desktop\Zeszyt1.xlsx
2013-12-09 19:15 - 2013-12-09 19:15 - 00000000 ___SD C:\Users\Pateyk\Documents\Moje źródła danych
2013-12-09 19:07 - 2013-12-10 12:49 - 00000000 ____D C:\Users\Pateyk\Desktop\marciin debski
2013-12-08 21:39 - 2013-12-08 21:39 - 00000000 ____D C:\ProgramData\WEBREG
2013-12-08 21:38 - 2013-12-08 21:48 - 00000000 ____D C:\Users\Pateyk\AppData\Roaming\HP
2013-12-08 21:38 - 2013-12-08 21:38 - 00000000 ____D C:\Users\Pateyk\AppData\Roaming\HpUpdate
2013-12-08 21:38 - 2013-12-08 21:38 - 00000000 ____D C:\Users\Pateyk\AppData\Local\HP
2013-12-08 21:33 - 2009-04-16 14:08 - 00136704 _____ (Hewlett-Packard Company) C:\Windows\system32\hpf3l70v.dll
2013-12-08 21:33 - 2009-04-15 21:53 - 00642360 _____ (Hewlett-Packard) C:\Windows\system32\hpzids40.dll
2013-12-08 21:33 - 2009-02-10 20:03 - 00880640 _____ (Hewlett-Packard) C:\Windows\system32\hposwia_d02b.dll
2013-12-08 21:33 - 2009-02-10 20:03 - 00748544 _____ (Hewlett-Packard Co.) C:\Windows\system32\hpost_d02b.dll
2013-12-08 21:33 - 2009-02-10 20:03 - 00515072 _____ (Hewlett-Packard Co.) C:\Windows\system32\hposc_d02a.dll
2013-12-08 21:33 - 2008-10-28 10:27 - 00551424 _____ (Hewlett-Packard) C:\Windows\system32\hppldcoi.dll
2013-12-08 21:32 - 2013-12-14 14:17 - 00000000 ____D C:\Program Files (x86)\HP
2013-12-08 21:30 - 2013-12-14 14:55 - 00006431 _____ C:\ProgramData\hpzinstall.log
2013-12-08 21:29 - 2013-12-14 14:15 - 00000000 ____D C:\ProgramData\HP
2013-12-02 19:27 - 2013-12-02 19:27 - 00019709 _____ C:\Users\Pateyk\AppData\Local\recently-used.xbel
2013-12-02 17:26 - 2013-12-02 19:28 - 00000000 ____D C:\Users\Pateyk\Desktop\Biwak
2013-11-30 19:43 - 2013-11-30 19:43 - 00000654 _____ C:\Users\Public\Desktop\Opera.lnk
2013-11-17 19:42 - 2013-11-17 19:42 - 00000000 ____D C:\Users\Pateyk\Documents\Niestandardowe szablony pakietu Office
2013-11-16 00:38 - 2013-11-16 00:38 - 00000000 ____D C:\Users\Pateyk\AppData\Local\Blizzard
2013-11-16 00:22 - 2013-11-16 00:22 - 00000680 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2013-11-14 22:53 - 2012-02-11 07:36 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2013-11-14 22:53 - 2012-02-11 07:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2013-11-14 22:53 - 2011-02-25 07:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2013-11-14 22:53 - 2011-02-25 06:30 - 02616320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe

==================== One Month Modified Files and Folders =======

2013-12-14 22:22 - 2013-12-14 22:22 - 01360540 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\Pateyk\Desktop\UsbFix.exe
2013-12-14 22:22 - 2013-12-14 22:16 - 00013803 _____ C:\Users\Pateyk\Desktop\FRST.txt
2013-12-14 22:22 - 2013-10-25 10:27 - 00000000 ____D C:\Users\Pateyk\AppData\Local\PMB Files
2013-12-14 22:18 - 2013-12-14 22:17 - 00020089 _____ C:\Users\Pateyk\Desktop\Addition.txt
2013-12-14 22:16 - 2013-12-14 22:16 - 01927796 _____ (Farbar) C:\Users\Pateyk\Desktop\FRST64.exe
2013-12-14 22:16 - 2013-12-14 22:16 - 00000000 ____D C:\FRST
2013-12-14 21:59 - 2013-10-18 20:39 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-12-14 21:35 - 2013-10-16 20:41 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-14 21:21 - 2013-11-13 13:31 - 01405102 _____ C:\Windows\WindowsUpdate.log
2013-12-14 21:20 - 2013-12-14 21:20 - 00053526 _____ C:\Users\Pateyk\Desktop\Extras.Txt
2013-12-14 21:19 - 2013-12-14 21:19 - 00081252 _____ C:\Users\Pateyk\Desktop\OTL.Txt
2013-12-14 21:14 - 2013-12-14 21:14 - 00602112 _____ (OldTimer Tools) C:\Users\Pateyk\Desktop\OTL.exe
2013-12-14 20:49 - 2009-07-14 18:55 - 00738192 _____ C:\Windows\system32\perfh015.dat
2013-12-14 20:49 - 2009-07-14 18:55 - 00154848 _____ C:\Windows\system32\perfc015.dat
2013-12-14 20:49 - 2009-07-14 06:13 - 01663412 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-14 20:45 - 2013-11-13 14:52 - 00000000 ____D C:\Program Files (x86)\uTorrentControl_v6
2013-12-14 19:58 - 2013-12-14 19:58 - 00000005 _____ C:\Users\Pateyk\AppData\Roaming\mbam.context.scan
2013-12-14 19:43 - 2009-07-14 05:45 - 00015152 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-14 19:43 - 2009-07-14 05:45 - 00015152 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-14 19:36 - 2013-10-16 20:34 - 00003006 _____ C:\Windows\System32\Tasks\ASUS Live Update
2013-12-14 19:35 - 2013-11-13 13:28 - 00014302 _____ C:\Windows\setupact.log
2013-12-14 19:35 - 2013-11-13 13:27 - 00014274 _____ C:\Windows\PFRO.log
2013-12-14 19:35 - 2013-10-16 19:55 - 00000000 ____D C:\ProgramData\NVIDIA
2013-12-14 19:35 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-14 17:51 - 2013-12-14 17:51 - 00000646 _____ C:\Users\Pateyk\Desktop\Total Commander 64 bit.lnk
2013-12-14 17:51 - 2013-12-14 17:51 - 00000000 ____D C:\Users\Pateyk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2013-12-14 17:51 - 2013-12-14 17:51 - 00000000 ____D C:\Users\Pateyk\AppData\Roaming\GHISLER
2013-12-14 17:51 - 2013-12-14 17:51 - 00000000 ____D C:\totalcmd
2013-12-14 17:03 - 2013-11-13 14:52 - 00000000 ____D C:\ProgramData\Conduit
2013-12-14 16:56 - 2013-12-14 16:56 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-14 16:56 - 2013-12-14 16:56 - 00000000 ____D C:\Users\Pateyk\AppData\Roaming\Malwarebytes
2013-12-14 16:56 - 2013-12-14 16:56 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-14 16:56 - 2013-12-14 16:56 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-14 14:55 - 2013-12-08 21:30 - 00006431 _____ C:\ProgramData\hpzinstall.log
2013-12-14 14:17 - 2013-12-08 21:32 - 00000000 ____D C:\Program Files (x86)\HP
2013-12-14 14:15 - 2013-12-08 21:29 - 00000000 ____D C:\ProgramData\HP
2013-12-14 13:32 - 2009-07-14 05:45 - 00441992 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-11 20:20 - 2013-10-16 18:13 - 00000000 ____D C:\Users\Pateyk\AppData\Local\VirtualStore
2013-12-11 19:40 - 2013-12-11 19:40 - 00000000 ____D C:\Users\Pateyk\Impostazioni locali
2013-12-11 19:40 - 2013-10-16 18:13 - 00000000 ____D C:\Users\Pateyk
2013-12-11 19:34 - 2013-10-16 20:28 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-12-11 14:30 - 2013-10-25 10:27 - 00000000 ____D C:\ProgramData\PMB Files
2013-12-10 19:35 - 2013-10-16 20:41 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-10 19:35 - 2013-10-16 20:41 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-10 19:35 - 2013-10-16 20:41 - 00003868 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-10 12:49 - 2013-12-10 12:49 - 00029010 _____ C:\Users\Pateyk\Desktop\Zeszyt1 (Automatycznie zapisany).xlsx
2013-12-10 12:49 - 2013-12-09 19:07 - 00000000 ____D C:\Users\Pateyk\Desktop\marciin debski
2013-12-09 23:25 - 2013-11-13 14:49 - 00000000 ____D C:\Users\Pateyk\AppData\Roaming\uTorrent
2013-12-09 21:46 - 2013-12-09 21:46 - 00018764 _____ C:\Users\Pateyk\Desktop\Zeszyt1.xlsx
2013-12-09 19:33 - 2013-11-13 15:17 - 00000000 ____D C:\Users\Pateyk\AppData\Local\Microsoft Help
2013-12-09 19:15 - 2013-12-09 19:15 - 00000000 ___SD C:\Users\Pateyk\Documents\Moje źródła danych
2013-12-08 21:48 - 2013-12-08 21:38 - 00000000 ____D C:\Users\Pateyk\AppData\Roaming\HP
2013-12-08 21:39 - 2013-12-08 21:39 - 00000000 ____D C:\ProgramData\WEBREG
2013-12-08 21:39 - 2013-11-13 14:17 - 00111904 _____ C:\Users\Pateyk\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-08 21:38 - 2013-12-08 21:38 - 00000000 ____D C:\Users\Pateyk\AppData\Roaming\HpUpdate
2013-12-08 21:38 - 2013-12-08 21:38 - 00000000 ____D C:\Users\Pateyk\AppData\Local\HP
2013-12-08 21:38 - 2013-11-13 15:18 - 00000126 _____ C:\Windows\win.ini
2013-12-07 17:35 - 2013-10-25 16:10 - 00000000 ____D C:\Users\Pateyk\AppData\Roaming\Mumble
2013-12-02 19:28 - 2013-12-02 17:26 - 00000000 ____D C:\Users\Pateyk\Desktop\Biwak
2013-12-02 19:27 - 2013-12-02 19:27 - 00019709 _____ C:\Users\Pateyk\AppData\Local\recently-used.xbel
2013-12-02 19:27 - 2013-11-08 18:08 - 00000000 ____D C:\Users\Pateyk\AppData\Local\gtk-2.0
2013-12-02 19:27 - 2013-11-08 17:55 - 00000000 ____D C:\Users\Pateyk\.gimp-2.8
2013-12-01 20:52 - 2013-10-27 16:18 - 00000000 ____D C:\Users\Pateyk\AppData\Roaming\Skype
2013-12-01 19:54 - 2013-10-27 16:18 - 00000000 ____D C:\ProgramData\Skype
2013-12-01 19:53 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-11-30 19:43 - 2013-11-30 19:43 - 00000654 _____ C:\Users\Public\Desktop\Opera.lnk
2013-11-30 19:42 - 2013-10-16 18:14 - 00001455 _____ C:\Users\Pateyk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-30 19:42 - 2013-10-16 18:14 - 00001421 _____ C:\Users\Pateyk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2013-11-17 19:42 - 2013-11-17 19:42 - 00000000 ____D C:\Users\Pateyk\Documents\Niestandardowe szablony pakietu Office
2013-11-16 22:31 - 2013-10-23 21:54 - 00000000 ____D C:\Users\Pateyk\AppData\Roaming\Dropbox
2013-11-16 12:52 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-11-16 11:53 - 2013-10-16 21:35 - 00000000 ____D C:\Users\Pateyk\AppData\Local\Battle.net
2013-11-16 00:38 - 2013-11-16 00:38 - 00000000 ____D C:\Users\Pateyk\AppData\Local\Blizzard
2013-11-16 00:22 - 2013-11-16 00:22 - 00000680 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2013-11-14 22:38 - 2013-10-16 18:14 - 00000000 ___RD C:\Users\Pateyk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-14 22:38 - 2013-10-16 18:14 - 00000000 ___RD C:\Users\Pateyk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-11-14 22:33 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-11-14 22:33 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-11-14 22:32 - 2009-07-14 19:09 - 00000000 ____D C:\Program Files\Windows Journal
2013-11-14 00:20 - 2013-11-13 15:17 - 00000000 ____D C:\ProgramData\Microsoft Help

Some content of TEMP:
====================
C:\Users\Pateyk\AppData\Local\Temp\BTSync.exe
C:\Users\Pateyk\AppData\Local\Temp\FP_AX_MSI_INSTALLER.exe
C:\Users\Pateyk\AppData\Local\Temp\ose00000.exe
C:\Users\Pateyk\AppData\Local\Temp\utt2003.tmp.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-10 17:29

==================== End Of Log ============================