Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-02-2014 01 Ran by PAWEL (administrator) on PAWEL-KOMPUTER on 12-02-2014 15:25:18 Running from C:\Users\PAWEL\Downloads Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Polish Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (PostgreSQL Global Development Group) C:\PostgreSQL\9.1\bin\pg_ctl.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (PostgreSQL Global Development Group) C:\PostgreSQL\9.1\bin\postgres.exe (PostgreSQL Global Development Group) C:\PostgreSQL\9.1\bin\postgres.exe (techwin) C:\Program Files\Samsung\SSM\ServiceManager\WatchServices.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Safer Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (PostgreSQL Global Development Group) C:\PostgreSQL\9.1\bin\postgres.exe (PostgreSQL Global Development Group) C:\PostgreSQL\9.1\bin\postgres.exe (PostgreSQL Global Development Group) C:\PostgreSQL\9.1\bin\postgres.exe (PostgreSQL Global Development Group) C:\PostgreSQL\9.1\bin\postgres.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe () C:\Program Files\Samsung\SSM\MediaGateway\MediaGatewayService.exe (Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe (Unizeto Technologies SA) C:\Program Files\Unizeto\proCertum CardManager\cryptoCertumScanner.exe (Akamai Technologies, Inc.) C:\Users\PAWEL\AppData\Local\Akamai\netsession_win.exe (Sony) C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files\Evernote\Evernote\EvernoteClipper.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe () C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe (Akamai Technologies, Inc.) C:\Users\PAWEL\AppData\Local\Akamai\netsession_win.exe (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe (Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe (Microsoft Corporation) C:\Windows\system32\wuauclt.exe (Microsoft Corporation) C:\Windows\System32\sdclt.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard) HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM\...\Run: [AutoRegisterCerts] - C:\Program Files\Unizeto\proCertum CardManager\cryptoCertumScanner.exe [121344 2012-10-26] (Unizeto Technologies SA) HKU\S-1-5-21-601188784-2125393631-3366121521-1001\...\Run: [Akamai NetSession Interface] - C:\Users\PAWEL\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.) HKU\S-1-5-21-601188784-2125393631-3366121521-1001\...\Run: [Sony PC Companion] - C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [449760 2013-10-31] (Sony) HKU\S-1-5-21-601188784-2125393631-3366121521-1001\...\Run: [SpybotSD TeaTimer] - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.) HKU\S-1-5-21-601188784-2125393631-3366121521-1001\...\RunOnce: [SpybotDeletingD9562] - cmd.exe /c del "C:\Program Files\Conduit\Community Alerts\Alert.dll" HKU\S-1-5-21-601188784-2125393631-3366121521-1001\...\RunOnce: [SpybotDeletingB8373] - command.com /c del "C:\END" HKU\S-1-5-21-601188784-2125393631-3366121521-1004\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] - "C:\Program Files\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe" /PROMPT /CMPID=JUNE2013_TB HKU\S-1-5-21-601188784-2125393631-3366121521-1004\...\Run: [AVG-Secure-Search-Update_JUNE2013_HP] - "C:\Program Files\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_HP.exe" /PROMPT /CMPID=JUNE2013_HP AppInit_DLLs: C:\Windows\System32\guard32.dll => File Not Found Startup: C:\Users\PAWEL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ URLSearchHook: HKLM - Default Value = {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D} URLSearchHook: HKLM - Ashampoo PO Toolbar - {d43723ae-1ae1-4a25-a6a4-bf0929273cab} - C:\Program Files\Ashampoo_PO\prxtbAsha.dll (Conduit Ltd.) URLSearchHook: HKLM - uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.) URLSearchHook: HKLM - SiteFinder - {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D} - C:\Program Files\SiteFinder\SiteFinder.dll (Site Finder) URLSearchHook: HKCU - Ashampoo PO Toolbar - {d43723ae-1ae1-4a25-a6a4-bf0929273cab} - C:\Program Files\Ashampoo_PO\prxtbAsha.dll (Conduit Ltd.) URLSearchHook: HKCU - uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.) SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2481033 SearchScopes: HKCU - {69EBE55B-9D7F-4CDF-BA9D-4DDF524A2C54} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYPL&apn_uid=7CDF101D-9FB3-4AF4-8297-CB4322A235B7&apn_sauid=77D05FE8-29E5-468A-9BCA-B7AF22D52015 SearchScopes: HKCU - {A57A5B3D-D23E-4589-A8BA-38D209ADD858} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3220468 BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) BHO: Winamp Toolbar Loader - {4accc990-3dc7-4456-a734-5cb4b610a7f5} - C:\Program Files\Winamp Toolbar\winamppltb.dll (AOL Inc.) BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) BHO: uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Ashampoo PO Toolbar - {d43723ae-1ae1-4a25-a6a4-bf0929273cab} - C:\Program Files\Ashampoo_PO\prxtbAsha.dll (Conduit Ltd.) BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) Toolbar: HKLM - Ashampoo PO Toolbar - {d43723ae-1ae1-4a25-a6a4-bf0929273cab} - C:\Program Files\Ashampoo_PO\prxtbAsha.dll (Conduit Ltd.) Toolbar: HKLM - Winamp Toolbar - {a0b1221c-a3ff-4f7c-a393-dc63af5301e9} - C:\Program Files\Winamp Toolbar\winamppltb.dll (AOL Inc.) Toolbar: HKLM - uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.) Toolbar: HKLM - SiteFinder - {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D} - C:\Program Files\SiteFinder\SiteFinder.dll (Site Finder) Toolbar: HKCU - Winamp Toolbar - {A0B1221C-A3FF-4F7C-A393-DC63AF5301E9} - C:\Program Files\Winamp Toolbar\winamppltb.dll (AOL Inc.) Toolbar: HKCU - uTorrentControl_v2 Toolbar - {7473B6BD-4691-4744-A82B-7854EB3D70B6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.) Toolbar: HKCU - Ashampoo PO Toolbar - {D43723AE-1AE1-4A25-A6A4-BF0929273CAB} - C:\Program Files\Ashampoo_PO\prxtbAsha.dll (Conduit Ltd.) DPF: {26E1BEAF-C1A1-482B-8714-08844F1BCF7F} http://109.207.157.190:8557/webviewer.cab DPF: {3AA1C0E3-DA98-4BB4-91AE-D3BC61178240} http://192.168.1.150/GVersionMan.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_40-windows-i586.cab DPF: {CAFEEFAC-0017-0000-0040-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_40-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_40-windows-i586.cab DPF: {D64CF6D4-45DF-4D8F-9F14-E65FADF2777C} http://www.dvrstation.com/pdvratl.php?vendor=0 DPF: {D7F0F5E7-0CCC-4F00-B733-FAD4757D7AC4} http://enormy.pl/bipvw321.cab Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 8.26.56.26 156.154.70.22 208.67.222.222 Tcpip\..\Interfaces\{EBB394D4-B403-4771-9FC0-532BE4FD8BE0}: [NameServer]8.26.56.26,156.154.70.22 FireFox: ======== FF ProfilePath: C:\Users\PAWEL\AppData\Roaming\Mozilla\Firefox\Profiles\lopuagw8.default-1392192595831 FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll () FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF Plugin: @java.com/DTPlugin,version=10.40.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin: @playstation.com/PsndlCheck,version=1.00 - C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.) FF Plugin: @SonyCreativeSoftware.com/Media Go,version=1.0 - C:\Program Files\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC) FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-10-18] FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-10-18] Chrome: ======= CHR HomePage: hxxp://www.searchnu.com/406 CHR DefaultSearchKeyword: search-results.com CHR DefaultSearchProvider: Search Results CHR DefaultSearchURL: http://dts.search-results.com/sr?src=crb&gct=ds&appid=484&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=7035120600144386&q={searchTerms} CHR DefaultNewTabURL: CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\32.0.1700.107\pdf.dll () CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File CHR Plugin: (Bing Bar) - C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll No File CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\3.0.40818.0\npctrl.dll No File CHR Extension: (YouTube) - C:\Users\PAWEL\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-10-15] CHR Extension: (Szukaj w Google) - C:\Users\PAWEL\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-10-15] CHR Extension: (Google Wallet) - C:\Users\PAWEL\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-27] CHR Extension: (Gmail) - C:\Users\PAWEL\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-10-15] CHR HKLM\...\Chrome\Extension: [ejpbbhjlbipncjklfjjaedaieimbmdda] - C:\Users\PAWEL\AppData\Local\CRE\ejpbbhjlbipncjklfjjaedaieimbmdda.crx [2012-08-26] CHR HKCU\...\Chrome\Extension: [ejpbbhjlbipncjklfjjaedaieimbmdda] - C:\Users\PAWEL\AppData\Local\CRE\ejpbbhjlbipncjklfjjaedaieimbmdda.crx [2012-08-26] ========================== Services (Whitelisted) ================= S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.) R3 MediaGatewayService; C:\Program Files\Samsung\SSM\MediaGateway\MediaGatewayService.exe [10240 2012-12-12] () R2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.) S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) R2 SSM Watch Services Manager; C:\Program Files\Samsung\SSM\ServiceManager\WatchServices.exe [15360 2012-12-12] (techwin) S3 tsm_mgmt_srv; C:\Program Files\Java\jre6\bin\mgmt.exe [145184 2012-02-14] (Sun Microsystems, Inc.) S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [71344 2013-10-05] (Microsoft Corporation) S2 MQ4.5_Broker; C:\Program Files\Samsung\SSM\MessageQueue\mq\bin\imqbrokersvc [X] R2 postgresql-9.1; C:/PostgreSQL/9.1/bin/pg_ctl.exe runservice -N "postgresql-9.1" -D "C:/PostgreSQL/9.1/data" -w [X] ==================== Drivers (Whitelisted) ==================== S3 ACSSCR; C:\Windows\System32\DRIVERS\a38usb.sys [35712 2007-01-12] (Advanced Card Systems Ltd) S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [22528 2009-08-13] (CSR, plc) S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [14216 2011-07-29] () S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [8456 2011-07-29] () S3 HPFXBULK; C:\Windows\System32\drivers\hpfxbulk.sys [17432 2007-07-16] (Hewlett Packard) S2 Kmm4xNT; C:\Windows\system32\Drivers\Kmm4xNT.sys [95484 2002-04-26] (DATOM Dariusz Cielebąk) S3 KMWDFILTERx86; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [25088 2009-04-29] (Windows (R) Codename Longhorn DDK provider) U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation) S3 catchme; \??\C:\Users\PAWEL\AppData\Local\Temp\catchme.sys [X] S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-02-12 15:25 - 2014-02-12 15:25 - 00017460 _____ () C:\Users\PAWEL\Downloads\FRST.txt 2014-02-12 09:31 - 2014-02-12 15:25 - 00000000 ____D () C:\FRST 2014-02-12 09:14 - 2014-02-12 09:14 - 00221776 _____ () C:\Users\PAWEL\Downloads\avira_registry_cleaner_en.exe 2014-02-12 09:11 - 2014-02-12 09:11 - 01139712 _____ (Farbar) C:\Users\PAWEL\Downloads\FRST.exe 2014-02-12 09:10 - 2014-02-12 09:10 - 00000000 ____D () C:\Users\PAWEL\Desktop\Stare dane programu Firefox 2014-02-12 07:33 - 2014-02-12 07:34 - 00202124 _____ () C:\Windows\msxml4-KB954430-enu.LOG 2014-02-12 07:23 - 2014-02-12 07:23 - 00150048 _____ () C:\Windows\Minidump\021214-14742-01.dmp 2014-02-11 00:09 - 2014-02-11 00:09 - 00087412 _____ () C:\Users\PAWEL\Desktop\Extras.Txt 2014-02-11 00:08 - 2014-02-11 00:09 - 00095924 _____ () C:\Users\PAWEL\Desktop\OTL.Txt 2014-02-10 23:51 - 2014-02-10 23:51 - 00602112 _____ (OldTimer Tools) C:\Users\PAWEL\Desktop\OTL 3.2.69.0.exe 2014-02-10 23:50 - 2014-02-10 23:50 - 00597632 _____ ( ) C:\Users\PAWEL\Downloads\OTL 3.2.69.0_isdmgr.exe 2014-02-10 23:36 - 2014-02-10 23:40 - 00021904 _____ () C:\Users\PAWEL\Desktop\ComboFix.txt 2014-02-10 17:59 - 2014-02-10 15:20 - 00000027 _____ () C:\Windows\system32\Drivers\etc\hosts.20140210-175940.backup 2014-02-10 16:07 - 2014-02-10 16:07 - 00000000 _____ () C:\Users\PAWEL\Desktop\Nowy dokument tekstowy.txt 2014-02-10 13:12 - 2014-02-10 13:12 - 01246890 _____ (Igor Pavlov) C:\Users\PAWEL\Downloads\mb_driver_chipset_intel.exe 2014-02-10 13:12 - 2010-04-29 02:43 - 00000000 ____D () C:\Users\PAWEL\Downloads\INFUpdate 2014-02-10 12:51 - 2014-02-10 12:51 - 00187792 _____ (Kaspersky Lab) C:\Users\PAWEL\Downloads\kss12.0.1.340_pl.exe 2014-02-10 12:11 - 2014-02-10 12:12 - 98923800 _____ (Microsoft Corporation) C:\Users\PAWEL\Downloads\msert.exe 2014-02-10 12:07 - 2014-02-10 12:07 - 00000225 _____ () C:\Windows\wininit.ini 2014-02-10 10:40 - 2014-02-11 23:51 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2014-02-10 10:40 - 2014-02-11 23:51 - 00000000 ____D () C:\Program Files\SiteFinder 2014-02-10 10:40 - 2014-02-10 23:10 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2014-02-10 10:40 - 2014-02-10 10:40 - 00001216 _____ () C:\Users\PAWEL\Desktop\Spybot - Search & Destroy.lnk 2014-02-10 10:40 - 2014-02-10 10:40 - 00000000 ____D () C:\Program Files\SimilarSites 2014-02-10 10:39 - 2014-02-10 10:39 - 16409960 _____ (Safer Networking Limited ) C:\Users\PAWEL\Downloads\Spybot - Search & Destroy 1.6.2.exe 2014-02-10 10:39 - 2014-02-10 10:39 - 00000000 ____D () C:\Users\PAWEL\AppData\Roaming\SimilarSites 2014-02-10 10:37 - 2014-02-10 10:37 - 00597632 _____ ( ) C:\Users\PAWEL\Downloads\Spybot - Search & Destroy 1.6.2_isdmgr.exe 2014-02-10 08:41 - 2014-02-10 08:41 - 00150288 _____ () C:\Windows\Minidump\021014-15475-01.dmp 2014-02-07 09:12 - 2014-02-10 23:10 - 00000000 ____D () C:\ProgramData\AVAST Software 2014-02-07 09:12 - 2014-02-07 09:12 - 90578216 _____ (AVAST Software) C:\Users\PAWEL\Downloads\avast_free_antivirus_setup.exe 2014-02-07 09:10 - 2014-02-07 09:10 - 00666648 _____ () C:\Users\PAWEL\Downloads\avast-Free-Antivirus(13266).exe 2014-02-06 15:44 - 2014-02-06 15:44 - 00000000 ____D () C:\Users\PAWEL\AppData\Roaming\NuGet 2014-02-06 15:24 - 2014-02-06 15:46 - 00000000 ____D () C:\Users\PAWEL\Documents\Visual Studio 2013 2014-02-06 15:22 - 2014-02-06 15:22 - 00000000 ____D () C:\ProgramData\NuGet 2014-02-06 15:22 - 2014-02-06 15:22 - 00000000 ____D () C:\Program Files\NuGet 2014-02-06 15:14 - 2014-02-06 15:14 - 00000000 ____D () C:\Program Files\Common Files\Merge Modules 2014-02-06 15:04 - 2014-02-06 15:05 - 00000000 ____D () C:\Program Files\Windows Kits 2014-02-06 15:00 - 2014-02-06 15:14 - 00000000 ____D () C:\Program Files\Microsoft SDKs 2014-02-06 15:00 - 2014-02-06 15:00 - 00000000 ____D () C:\Program Files\Microsoft Help Viewer 2014-02-06 14:58 - 2014-02-06 14:58 - 00000000 ____D () C:\Windows\system32\1033 2014-02-06 14:57 - 2014-02-06 15:20 - 00000000 ____D () C:\Program Files\Microsoft SQL Server 2014-02-06 14:52 - 2014-02-06 14:53 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition 2014-02-06 14:49 - 2014-02-06 15:17 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 12.0 2014-02-06 14:11 - 2014-02-06 14:33 - 00000000 ____D () C:\ProgramData\Package Cache 2014-02-06 14:10 - 2014-02-06 14:10 - 36349360 _____ (Microsoft Corporation) C:\Users\PAWEL\Downloads\wdexpress_langpack.exe 2014-02-06 14:09 - 2014-02-06 14:09 - 01036872 _____ (Microsoft Corporation) C:\Users\PAWEL\Downloads\wdexpress_full.exe 2014-02-05 19:04 - 2014-02-05 20:18 - 00000000 ____D () C:\Program Files\CDex 2014-02-05 19:01 - 2014-02-05 19:01 - 08697544 _____ (Georgy Berdyshev) C:\Users\PAWEL\Downloads\CDex-win32-1.70-b4-2009.exe 2014-02-05 15:41 - 2014-02-05 20:07 - 00152082 _____ () C:\Users\PAWEL\Desktop\Obliczenia spadków napięć.xlsx 2014-02-03 14:38 - 2014-02-03 14:38 - 00000000 ____D () C:\Users\PAWEL\AppData\Roaming\Avery 2014-02-03 14:06 - 2014-02-03 14:49 - 31945216 _____ () C:\Users\PAWEL\Documents\Znak CE na rozdzielnice.zdl 2014-02-03 13:41 - 2014-02-03 13:42 - 12325928 _____ (Avery Products Corp. ) C:\Users\PAWEL\Downloads\EU_pl_DP5_DL_20131125.exe 2014-01-31 15:27 - 2014-01-31 15:27 - 00000000 _____ () C:\Users\PAWEL\Downloads\52ebb2f42f038.zip 2014-01-22 14:10 - 2014-01-22 14:17 - 00024576 _____ () C:\Users\Public\Documents\Pomiary DAMEN Hala 7.val5 2014-01-22 13:58 - 2014-01-22 14:15 - 00001616 _____ () C:\Users\PAWEL\Documents\SonelDiskServices.log 2014-01-22 13:57 - 2014-01-22 13:57 - 00000000 ____D () C:\ProgramData\DASLSystems 2014-01-22 13:55 - 2014-01-22 13:57 - 00000000 ____D () C:\Program Files\SonelReader 2014-01-22 13:55 - 2014-01-22 13:55 - 00001001 _____ () C:\Users\Public\Desktop\SonelReader.lnk 2014-01-22 13:51 - 2014-01-22 13:51 - 28642593 _____ () C:\Users\PAWEL\Downloads\SetupSonelReader_4.0.0.12F316S01.exe 2014-01-22 10:55 - 2014-01-22 11:07 - 00085536 _____ () C:\Users\PAWEL\Desktop\Sterowanie bramą OSP.bak 2014-01-22 10:05 - 2014-01-22 11:07 - 00090636 _____ () C:\Users\PAWEL\Desktop\Sterowanie bramą OSP.dwg 2014-01-16 10:54 - 2014-01-16 10:54 - 11158352 _____ (Microsoft Corporation) C:\Users\PAWEL\Downloads\mseinstall.exe 2014-01-15 12:55 - 2014-01-15 12:56 - 29331426 _____ () C:\Users\PAWEL\Downloads\AUDAC_APM_V1.ZIP 2014-01-15 10:31 - 2014-01-15 10:31 - 00001972 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk 2014-01-15 07:38 - 2013-11-27 02:14 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2014-01-15 07:38 - 2013-11-27 02:13 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2014-01-15 07:38 - 2013-11-27 02:13 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2014-01-15 07:38 - 2013-11-27 02:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2014-01-15 07:38 - 2013-11-27 02:13 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2014-01-15 07:38 - 2013-11-27 02:13 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys 2014-01-15 07:38 - 2013-11-27 02:13 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2014-01-15 07:38 - 2013-11-26 12:11 - 00240576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2014-01-15 07:38 - 2013-11-26 11:10 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-01-14 16:36 - 2014-01-31 12:31 - 00009710 _____ () C:\Users\PAWEL\Desktop\Sprzęt i materiały Multiverso.xlsx 2014-01-13 17:37 - 2014-01-13 17:37 - 00010814 _____ () C:\Users\Public\Documents\Wycena Adwil.xlsx ==================== One Month Modified Files and Folders ======= 2014-02-12 15:25 - 2014-02-12 15:25 - 00017460 _____ () C:\Users\PAWEL\Downloads\FRST.txt 2014-02-12 15:25 - 2014-02-12 09:31 - 00000000 ____D () C:\FRST 2014-02-12 14:56 - 2013-05-28 12:14 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-02-12 14:54 - 2012-10-15 18:05 - 00001034 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-02-12 12:30 - 2012-10-15 15:13 - 01896617 _____ () C:\Windows\WindowsUpdate.log 2014-02-12 10:11 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET 2014-02-12 09:34 - 2009-07-14 05:34 - 00023568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-02-12 09:34 - 2009-07-14 05:34 - 00023568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-02-12 09:32 - 2012-10-15 15:16 - 01679362 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-02-12 09:32 - 2009-07-14 09:07 - 00743808 _____ () C:\Windows\system32\perfh015.dat 2014-02-12 09:32 - 2009-07-14 09:07 - 00157290 _____ () C:\Windows\system32\perfc015.dat 2014-02-12 09:27 - 2012-10-15 15:29 - 00000000 ____D () C:\ProgramData\Comodo 2014-02-12 09:27 - 2012-10-15 15:29 - 00000000 ____D () C:\Program Files\Comodo 2014-02-12 09:26 - 2013-03-11 22:23 - 00000000 ____D () C:\Users\postgres 2014-02-12 09:26 - 2012-11-16 07:58 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-02-12 09:26 - 2012-10-15 18:05 - 00001030 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-02-12 09:26 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-02-12 09:26 - 2009-07-14 05:39 - 00105719 _____ () C:\Windows\setupact.log 2014-02-12 09:17 - 2013-08-17 12:29 - 00000000 ____D () C:\Users\PAWEL\Documents\Pliki programu Outlook 2014-02-12 09:14 - 2014-02-12 09:14 - 00221776 _____ () C:\Users\PAWEL\Downloads\avira_registry_cleaner_en.exe 2014-02-12 09:11 - 2014-02-12 09:11 - 01139712 _____ (Farbar) C:\Users\PAWEL\Downloads\FRST.exe 2014-02-12 09:10 - 2014-02-12 09:10 - 00000000 ____D () C:\Users\PAWEL\Desktop\Stare dane programu Firefox 2014-02-12 08:50 - 2012-10-16 15:57 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-02-12 08:10 - 2013-08-14 10:58 - 00000000 ____D () C:\Windows\system32\MRT 2014-02-12 08:07 - 2012-11-12 11:44 - 85946576 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-02-12 07:58 - 2009-07-14 03:04 - 00000652 _____ () C:\Windows\win.ini 2014-02-12 07:34 - 2014-02-12 07:33 - 00202124 _____ () C:\Windows\msxml4-KB954430-enu.LOG 2014-02-12 07:23 - 2014-02-12 07:23 - 00150048 _____ () C:\Windows\Minidump\021214-14742-01.dmp 2014-02-12 07:23 - 2012-12-17 17:26 - 253589876 _____ () C:\Windows\MEMORY.DMP 2014-02-12 07:23 - 2012-12-17 17:26 - 00000000 ____D () C:\Windows\Minidump 2014-02-11 23:51 - 2014-02-10 10:40 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2014-02-11 23:51 - 2014-02-10 10:40 - 00000000 ____D () C:\Program Files\SiteFinder 2014-02-11 23:51 - 2013-08-08 14:36 - 00000000 ____D () C:\MultiPairs-2011-7500 2014-02-11 23:51 - 2013-07-15 08:50 - 00000000 ____D () C:\Users\PAWEL\AppData\Local\Akamai 2014-02-11 23:51 - 2012-11-18 20:49 - 00000000 ____D () C:\Program Files\uTorrentControl_v2 2014-02-11 23:51 - 2012-11-14 11:03 - 00000000 ____D () C:\ProgramData\FLEXnet 2014-02-11 23:51 - 2012-10-16 12:26 - 00000000 ____D () C:\ProgramData\Winamp Toolbar 2014-02-11 23:51 - 2012-10-16 12:26 - 00000000 ____D () C:\Program Files\Winamp Toolbar 2014-02-11 23:51 - 2012-10-16 12:25 - 00000000 ____D () C:\Program Files\Common Files\Software Update Utility 2014-02-11 23:51 - 2012-10-15 18:29 - 00000000 ____D () C:\Program Files\Ashampoo_PO 2014-02-11 23:51 - 2012-10-15 15:46 - 00000000 ____D () C:\Windows\system32\Macromed 2014-02-11 23:51 - 2012-10-15 15:43 - 00000000 ____D () C:\Program Files\HP 2014-02-11 23:51 - 2012-10-15 15:13 - 00000000 ____D () C:\Users\PAWEL 2014-02-11 23:51 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\wfp 2014-02-11 23:50 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\registration 2014-02-11 14:47 - 2012-11-19 18:43 - 00007668 _____ () C:\Users\PAWEL\AppData\Local\Resmon.ResmonCfg 2014-02-11 14:42 - 2012-10-15 15:43 - 00019645 _____ () C:\ProgramData\hpzinstall.log 2014-02-11 07:57 - 2012-10-15 18:43 - 00484274 _____ () C:\Windows\PFRO.log 2014-02-11 00:15 - 2012-10-15 15:30 - 01474832 _____ () C:\Windows\system32\Drivers\sfi.dat 2014-02-11 00:09 - 2014-02-11 00:09 - 00087412 _____ () C:\Users\PAWEL\Desktop\Extras.Txt 2014-02-11 00:09 - 2014-02-11 00:08 - 00095924 _____ () C:\Users\PAWEL\Desktop\OTL.Txt 2014-02-10 23:51 - 2014-02-10 23:51 - 00602112 _____ (OldTimer Tools) C:\Users\PAWEL\Desktop\OTL 3.2.69.0.exe 2014-02-10 23:50 - 2014-02-10 23:50 - 00597632 _____ ( ) C:\Users\PAWEL\Downloads\OTL 3.2.69.0_isdmgr.exe 2014-02-10 23:49 - 2013-12-10 14:53 - 00000000 ____D () C:\Windows\erdnt 2014-02-10 23:40 - 2014-02-10 23:36 - 00021904 _____ () C:\Users\PAWEL\Desktop\ComboFix.txt 2014-02-10 23:34 - 2009-07-14 03:04 - 00000215 _____ () C:\Windows\system.ini 2014-02-10 23:10 - 2014-02-10 10:40 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2014-02-10 23:10 - 2014-02-07 09:12 - 00000000 ____D () C:\ProgramData\AVAST Software 2014-02-10 23:07 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF 2014-02-10 22:42 - 2012-10-16 17:37 - 00000000 ____D () C:\Program Files\AVG Secure Search 2014-02-10 22:41 - 2013-07-16 14:35 - 00000000 ____D () C:\Program Files\AriCalc 2014-02-10 16:07 - 2014-02-10 16:07 - 00000000 _____ () C:\Users\PAWEL\Desktop\Nowy dokument tekstowy.txt 2014-02-10 15:20 - 2014-02-10 17:59 - 00000027 _____ () C:\Windows\system32\Drivers\etc\hosts.20140210-175940.backup 2014-02-10 13:12 - 2014-02-10 13:12 - 01246890 _____ (Igor Pavlov) C:\Users\PAWEL\Downloads\mb_driver_chipset_intel.exe 2014-02-10 12:51 - 2014-02-10 12:51 - 00187792 _____ (Kaspersky Lab) C:\Users\PAWEL\Downloads\kss12.0.1.340_pl.exe 2014-02-10 12:12 - 2014-02-10 12:11 - 98923800 _____ (Microsoft Corporation) C:\Users\PAWEL\Downloads\msert.exe 2014-02-10 12:07 - 2014-02-10 12:07 - 00000225 _____ () C:\Windows\wininit.ini 2014-02-10 10:40 - 2014-02-10 10:40 - 00001216 _____ () C:\Users\PAWEL\Desktop\Spybot - Search & Destroy.lnk 2014-02-10 10:40 - 2014-02-10 10:40 - 00000000 ____D () C:\Program Files\SimilarSites 2014-02-10 10:39 - 2014-02-10 10:39 - 16409960 _____ (Safer Networking Limited ) C:\Users\PAWEL\Downloads\Spybot - Search & Destroy 1.6.2.exe 2014-02-10 10:39 - 2014-02-10 10:39 - 00000000 ____D () C:\Users\PAWEL\AppData\Roaming\SimilarSites 2014-02-10 10:37 - 2014-02-10 10:37 - 00597632 _____ ( ) C:\Users\PAWEL\Downloads\Spybot - Search & Destroy 1.6.2_isdmgr.exe 2014-02-10 08:41 - 2014-02-10 08:41 - 00150288 _____ () C:\Windows\Minidump\021014-15475-01.dmp 2014-02-08 10:21 - 2014-01-02 10:51 - 00011491 _____ () C:\Users\PAWEL\Downloads\hijackthis.log 2014-02-08 10:19 - 2009-07-14 03:37 - 00000000 __RHD () C:\Users\Default 2014-02-08 10:19 - 2009-07-14 03:37 - 00000000 ___RD () C:\Users\Public 2014-02-07 19:39 - 2012-12-06 00:53 - 00000000 ____D () C:\Program Files\Java 2014-02-07 18:31 - 2013-12-22 23:31 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-02-07 16:42 - 2012-10-16 17:47 - 00000000 ____D () C:\Users\PAWEL\Downloads\Do nagrania 2014-02-07 09:12 - 2014-02-07 09:12 - 90578216 _____ (AVAST Software) C:\Users\PAWEL\Downloads\avast_free_antivirus_setup.exe 2014-02-07 09:10 - 2014-02-07 09:10 - 00666648 _____ () C:\Users\PAWEL\Downloads\avast-Free-Antivirus(13266).exe 2014-02-06 15:46 - 2014-02-06 15:24 - 00000000 ____D () C:\Users\PAWEL\Documents\Visual Studio 2013 2014-02-06 15:44 - 2014-02-06 15:44 - 00000000 ____D () C:\Users\PAWEL\AppData\Roaming\NuGet 2014-02-06 15:22 - 2014-02-06 15:22 - 00000000 ____D () C:\ProgramData\NuGet 2014-02-06 15:22 - 2014-02-06 15:22 - 00000000 ____D () C:\Program Files\NuGet 2014-02-06 15:20 - 2014-02-06 14:57 - 00000000 ____D () C:\Program Files\Microsoft SQL Server 2014-02-06 15:17 - 2014-02-06 14:49 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 12.0 2014-02-06 15:17 - 2009-07-14 03:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared 2014-02-06 15:15 - 2012-10-16 14:48 - 00000000 ____D () C:\Program Files\Microsoft.NET 2014-02-06 15:14 - 2014-02-06 15:14 - 00000000 ____D () C:\Program Files\Common Files\Merge Modules 2014-02-06 15:14 - 2014-02-06 15:00 - 00000000 ____D () C:\Program Files\Microsoft SDKs 2014-02-06 15:05 - 2014-02-06 15:04 - 00000000 ____D () C:\Program Files\Windows Kits 2014-02-06 15:00 - 2014-02-06 15:00 - 00000000 ____D () C:\Program Files\Microsoft Help Viewer 2014-02-06 15:00 - 2009-07-14 05:52 - 00000000 ____D () C:\Program Files\MSBuild 2014-02-06 14:58 - 2014-02-06 14:58 - 00000000 ____D () C:\Windows\system32\1033 2014-02-06 14:53 - 2014-02-06 14:52 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition 2014-02-06 14:33 - 2014-02-06 14:11 - 00000000 ____D () C:\ProgramData\Package Cache 2014-02-06 14:10 - 2014-02-06 14:10 - 36349360 _____ (Microsoft Corporation) C:\Users\PAWEL\Downloads\wdexpress_langpack.exe 2014-02-06 14:09 - 2014-02-06 14:09 - 01036872 _____ (Microsoft Corporation) C:\Users\PAWEL\Downloads\wdexpress_full.exe 2014-02-05 20:18 - 2014-02-05 19:04 - 00000000 ____D () C:\Program Files\CDex 2014-02-05 20:07 - 2014-02-05 15:41 - 00152082 _____ () C:\Users\PAWEL\Desktop\Obliczenia spadków napięć.xlsx 2014-02-05 19:01 - 2014-02-05 19:01 - 08697544 _____ (Georgy Berdyshev) C:\Users\PAWEL\Downloads\CDex-win32-1.70-b4-2009.exe 2014-02-05 13:07 - 2012-10-17 06:38 - 00000000 ____D () C:\Users\PAWEL\Documents\Moje skanowanie 2014-02-05 10:56 - 2012-11-29 11:47 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2014-02-05 10:56 - 2012-11-29 11:47 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2014-02-04 08:08 - 2013-05-23 13:41 - 00000000 ___RD () C:\Users\PAWEL\Dropbox 2014-02-04 08:08 - 2013-05-23 13:32 - 00000000 ____D () C:\Users\PAWEL\AppData\Roaming\Dropbox 2014-02-03 14:49 - 2014-02-03 14:06 - 31945216 _____ () C:\Users\PAWEL\Documents\Znak CE na rozdzielnice.zdl 2014-02-03 14:38 - 2014-02-03 14:38 - 00000000 ____D () C:\Users\PAWEL\AppData\Roaming\Avery 2014-02-03 13:42 - 2014-02-03 13:41 - 12325928 _____ (Avery Products Corp. ) C:\Users\PAWEL\Downloads\EU_pl_DP5_DL_20131125.exe 2014-02-02 15:30 - 2012-12-02 11:33 - 00063138 _____ () C:\Users\PAWEL\Documents\Zużycie prądu, gazu, wody.xlsx 2014-01-31 15:27 - 2014-01-31 15:27 - 00000000 _____ () C:\Users\PAWEL\Downloads\52ebb2f42f038.zip 2014-01-31 12:31 - 2014-01-14 16:36 - 00009710 _____ () C:\Users\PAWEL\Desktop\Sprzęt i materiały Multiverso.xlsx 2014-01-31 11:01 - 2013-09-21 17:27 - 00000000 ____D () C:\Users\PAWEL\Desktop\Grunwaldzka_Koszalin KD 2014-01-31 09:24 - 2013-05-23 13:38 - 00000000 ____D () C:\Users\PAWEL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-01-22 19:01 - 2009-07-14 05:33 - 00421336 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-01-22 14:17 - 2014-01-22 14:10 - 00024576 _____ () C:\Users\Public\Documents\Pomiary DAMEN Hala 7.val5 2014-01-22 14:15 - 2014-01-22 13:58 - 00001616 _____ () C:\Users\PAWEL\Documents\SonelDiskServices.log 2014-01-22 13:57 - 2014-01-22 13:57 - 00000000 ____D () C:\ProgramData\DASLSystems 2014-01-22 13:57 - 2014-01-22 13:55 - 00000000 ____D () C:\Program Files\SonelReader 2014-01-22 13:57 - 2012-10-15 16:58 - 00119840 _____ () C:\Users\PAWEL\AppData\Local\GDIPFONTCACHEV1.DAT 2014-01-22 13:55 - 2014-01-22 13:55 - 00001001 _____ () C:\Users\Public\Desktop\SonelReader.lnk 2014-01-22 13:51 - 2014-01-22 13:51 - 28642593 _____ () C:\Users\PAWEL\Downloads\SetupSonelReader_4.0.0.12F316S01.exe 2014-01-22 11:07 - 2014-01-22 10:55 - 00085536 _____ () C:\Users\PAWEL\Desktop\Sterowanie bramą OSP.bak 2014-01-22 11:07 - 2014-01-22 10:05 - 00090636 _____ () C:\Users\PAWEL\Desktop\Sterowanie bramą OSP.dwg 2014-01-20 17:31 - 2009-07-14 05:53 - 00032604 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-01-19 18:12 - 2013-11-07 19:50 - 00014460 _____ () C:\Users\PAWEL\Desktop\Wycena KBednarz.xlsx 2014-01-16 10:54 - 2014-01-16 10:54 - 11158352 _____ (Microsoft Corporation) C:\Users\PAWEL\Downloads\mseinstall.exe 2014-01-16 09:58 - 2012-10-22 01:32 - 00000000 ____D () C:\Users\PAWEL\AppData\Roaming\Usdi 2014-01-15 22:19 - 2014-01-02 10:59 - 00000000 ____D () C:\Users\PAWEL\Downloads\backups 2014-01-15 22:08 - 2012-10-17 06:14 - 00000000 ____D () C:\Users\PAWEL\Documents\AAA FIRMA 2014-01-15 12:56 - 2014-01-15 12:55 - 29331426 _____ () C:\Users\PAWEL\Downloads\AUDAC_APM_V1.ZIP 2014-01-15 10:31 - 2014-01-15 10:31 - 00001972 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk 2014-01-15 10:29 - 2012-11-12 09:50 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information 2014-01-13 17:37 - 2014-01-13 17:37 - 00010814 _____ () C:\Users\Public\Documents\Wycena Adwil.xlsx Some content of TEMP: ==================== C:\Users\PAWEL\AppData\Local\temp\cis6652.exe ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\system32\winlogon.exe => MD5 is legit C:\Windows\system32\wininit.exe => MD5 is legit C:\Windows\system32\svchost.exe => MD5 is legit C:\Windows\system32\services.exe => MD5 is legit C:\Windows\system32\User32.dll => MD5 is legit C:\Windows\system32\userinit.exe => MD5 is legit C:\Windows\system32\rpcss.dll => MD5 is legit C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-02-10 19:40 ==================== End Of Log ============================