Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 16-10-2014 Ran by piotrek (administrator) on HIGHTOWER on 17-10-2014 11:12:28 Running from C:\Users\piotrek\Desktop Loaded Profile: piotrek (Available profiles: piotrek) Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Polski (Polska) Internet Explorer Version 9 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Microsoft Corporation) C:\Windows\System32\SLsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe () C:\Program Files\ATK Hotkey\AsLdrSrv.exe (Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe (Microsoft Corporation) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Exploit\mbae-svc.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Lenovo Group Limited) C:\Program Files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe (Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe (ATK0100) C:\Program Files\ATK Hotkey\HControl.exe () C:\Program Files\ATK Hotkey\MsgTranAgt.exe (Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe () C:\Program Files\ATK Hotkey\HControlUser.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe () C:\Program Files\ATK Hotkey\LOSD.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe () C:\Program Files\ATK Hotkey\ATKOSD.exe () C:\Program Files\ATK Hotkey\WDC.exe (Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Opera Software) C:\Program Files\Opera 25\25.0.1614.50\opera.exe (Opera Software) C:\Program Files\Opera 25\25.0.1614.50\opera.exe (Opera Software) C:\Program Files\Opera 25\25.0.1614.50\opera.exe (Opera Software) C:\Program Files\Opera 25\25.0.1614.50\opera.exe (Opera Software) C:\Program Files\Opera 25\25.0.1614.50\opera.exe (Opera Software) C:\Program Files\Opera 25\25.0.1614.50\opera.exe (Opera Software) C:\Program Files\Opera 25\25.0.1614.50\opera.exe (Microsoft Corporation) C:\Windows\System32\conime.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1111336 2008-05-29] (Synaptics, Inc.) HKLM\...\Run: [HControlUser] => C:\Program Files\ATK Hotkey\HcontrolUser.exe [98304 2008-07-03] () HKLM\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe [440632 2014-08-29] (Malwarebytes Corporation) HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\S-1-5-21-220759696-4081683934-4046902647-1004\...\Run: [WITaj!] => rem -- Anulowane uruchamianie programu WITaj! 2000 ShellIconOverlayIdentifiers: [VeriFace Enc] -> {771C7324-DA80-49D3-8017-753B0AF60951} => C:\Windows\system32\IcnOvrly.dll () ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wp.pl/ HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.live.com/ HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.lenovo.com HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&FORM=LENIE SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&FORM=LENIE SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&FORM=LENIE BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 194.204.159.1 194.204.152.34 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_189.dll () FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.) FF Plugin: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) Chrome: ======= CHR HKLM\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa [] CHR HKLM\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-08-20] CHR HKLM\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-08-20] CHR HKLM\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-08-20] CHR HKLM\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-08-20] CHR HKLM\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-08-20] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 ASLDRService; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [94208 2007-10-03] () [File not signed] R2 AVP; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-11-16] (Kaspersky Lab ZAO) R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe [522792 2008-08-26] (Broadcom Corporation.) S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed] R2 MbaeSvc; C:\Program Files\Malwarebytes Anti-Exploit\mbae-svc.exe [441144 2014-08-29] (Malwarebytes Corporation) S4 MSSQLServerADHelper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation) S4 msvsmon80; C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2799808 2005-09-23] (Microsoft Corporation) R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2009-05-14] (Hewlett-Packard) [File not signed] R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2009-05-14] (Hewlett-Packard) [File not signed] R2 System_Repair_UpdateMonitor; C:\Program Files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe [430080 2008-09-27] (Lenovo Group Limited) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 37409661; C:\Windows\System32\drivers\44755853.sys [177496 2013-03-18] (Kaspersky Lab, GERT) S4 82023331; C:\Windows\System32\DRIVERS\82023331.sys [128016 2009-09-25] (Kaspersky Lab) S4 82023332; C:\Windows\System32\DRIVERS\82023332.sys [37392 2009-10-22] (Kaspersky Lab) R3 ACPIVPC; C:\Windows\System32\DRIVERS\AcpiVpc.sys [21520 2009-05-19] (Lenovo Corporation) R1 ESProtectionDriver; C:\Program Files\Malwarebytes Anti-Exploit\mbae.sys [47896 2014-08-30] () S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2010-06-14] () [File not signed] R1 funfrm; C:\Windows\system32\Drivers\funfrm.sys [49472 2009-03-27] () [File not signed] S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [135776 2013-11-16] (Kaspersky Lab ZAO) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [576608 2014-03-20] (Kaspersky Lab ZAO) R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [25696 2013-11-16] (Kaspersky Lab ZAO) R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [25184 2014-02-14] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [25696 2013-11-16] (Kaspersky Lab ZAO) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [14432 2013-04-12] (Kaspersky Lab ZAO) R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [45024 2013-05-14] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [144992 2013-12-18] (Kaspersky Lab ZAO) R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2006-12-14] (ATK0100) S3 s1039mdm; C:\Windows\System32\DRIVERS\s1039mdm.sys [124016 2010-03-15] (MCCI Corporation) R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1761048 2008-10-15] () R1 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed] R3 vhidmini; C:\Windows\System32\DRIVERS\ITEhidCIR.sys [10880 2008-01-24] (ITE Tech. Inc. ) S3 WSVD; C:\Windows\system32\drivers\WSVD.sys [81192 2008-01-10] (CyberLink) S4 IpInIp; system32\DRIVERS\ipinip.sys [X] U5 klflt; C:\Windows\System32\Drivers\klflt.sys [94304 2014-03-20] (Kaspersky Lab ZAO) S4 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X] S4 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X] S4 sptd; System32\Drivers\sptd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-17 11:12 - 2014-10-17 11:13 - 00011785 _____ () C:\Users\piotrek\Desktop\FRST.txt 2014-10-17 11:09 - 2014-10-17 11:09 - 00001154 _____ () C:\Users\piotrek\Desktop\checkup.txt 2014-10-17 11:03 - 2014-10-17 11:03 - 00854448 _____ () C:\Users\piotrek\Desktop\SecurityCheck.exe 2014-10-17 10:52 - 2014-10-17 10:52 - 00370943 _____ () C:\Users\piotrek\Desktop\gmer.zip 2014-10-17 10:51 - 2014-10-17 10:51 - 01102848 _____ (Farbar) C:\Users\piotrek\Desktop\FRST.exe 2014-10-17 10:51 - 2014-10-17 10:51 - 00602112 _____ (OldTimer Tools) C:\Users\piotrek\Desktop\OTL.exe 2014-10-16 20:21 - 2014-10-16 20:22 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird 2014-10-16 14:43 - 2014-10-16 14:44 - 00000000 ____D () C:\Program Files\Opera 25 2014-10-15 11:16 - 2014-06-16 00:18 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll 2014-10-15 11:16 - 2014-06-13 20:22 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll 2014-10-15 11:16 - 2014-06-13 20:22 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll 2014-10-15 11:13 - 2014-09-28 01:29 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-10-15 11:08 - 2014-09-16 18:56 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2014-10-15 11:08 - 2014-09-05 01:27 - 00143360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys 2014-10-15 11:07 - 2014-09-20 00:53 - 12364288 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-10-15 11:07 - 2014-09-20 00:44 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-10-15 11:07 - 2014-09-20 00:41 - 09739776 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-10-15 11:07 - 2014-09-20 00:39 - 01138688 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-10-15 11:07 - 2014-09-20 00:38 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-10-15 11:07 - 2014-09-20 00:37 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-10-15 11:07 - 2014-09-20 00:36 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-10-15 11:07 - 2014-09-20 00:36 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-10-15 11:07 - 2014-09-20 00:36 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-10-15 11:07 - 2014-09-20 00:35 - 01802752 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-10-15 11:07 - 2014-09-20 00:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-10-15 11:07 - 2014-09-20 00:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-10-15 11:07 - 2014-09-20 00:35 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-10-15 11:07 - 2014-09-20 00:35 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2014-10-15 11:07 - 2014-09-20 00:34 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-10-15 11:07 - 2014-09-20 00:34 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-10-15 11:07 - 2014-09-20 00:34 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-10-15 11:07 - 2014-09-20 00:34 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-10-15 11:07 - 2014-09-20 00:34 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2014-10-15 11:07 - 2014-09-20 00:34 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2014-10-15 11:07 - 2014-09-20 00:33 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-10-14 20:52 - 2014-10-14 20:52 - 00000000 ____D () C:\Program Files\Common Files\Java 2014-10-14 20:52 - 2014-10-14 20:51 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll 2014-10-14 20:51 - 2014-10-14 20:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-10-14 20:50 - 2014-10-14 20:50 - 00000000 ____D () C:\Program Files\Java 2014-10-14 20:46 - 2014-10-14 20:46 - 00000899 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Exploit.lnk 2014-10-14 20:46 - 2014-10-14 20:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit 2014-10-14 20:45 - 2014-10-16 16:29 - 00000000 ____D () C:\ProgramData\Malwarebytes Anti-Exploit 2014-10-14 20:45 - 2014-10-14 20:45 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Exploit 2014-10-14 20:44 - 2014-10-14 20:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics 2014-10-14 20:44 - 2014-10-14 20:44 - 00000000 ____D () C:\Program Files\Auslogics 2014-10-14 19:31 - 2014-10-14 19:31 - 00000000 ____D () C:\Users\piotrek\AppData\Local\Macromedia 2014-10-12 16:40 - 2014-10-12 16:40 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\6CA41C37.sys 2014-10-06 12:15 - 2014-10-06 12:56 - 00000000 ____D () C:\Users\piotrek\Desktop\Skany 2014-09-20 14:02 - 2014-09-20 14:02 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\417D646B.sys ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-17 11:12 - 2014-08-21 18:21 - 00000000 ____D () C:\FRST 2014-10-17 10:13 - 2013-11-16 03:22 - 00000000 ____D () C:\ProgramData\Kaspersky Lab 2014-10-17 10:07 - 2014-05-07 12:52 - 00626520 _____ () C:\Windows\WindowsUpdate.log 2014-10-17 10:02 - 2009-03-27 07:07 - 09394724 _____ () C:\FaceProv.log 2014-10-17 09:58 - 2012-10-11 12:38 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-10-17 09:58 - 2009-03-27 07:09 - 00000056 ___SH () C:\_PartitionInfo 2014-10-17 09:58 - 2009-03-27 06:28 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-10-17 09:58 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-10-17 09:58 - 2006-11-02 14:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2014-10-17 09:58 - 2006-11-02 14:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2014-10-17 00:08 - 2009-03-27 05:35 - 00000012 _____ () C:\Windows\bthservsdp.dat 2014-10-17 00:08 - 2006-11-02 15:01 - 00032562 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-10-16 17:29 - 2011-06-07 19:52 - 00000000 ____D () C:\Users\piotrek\Documents\Pliki CCleaner 2014-10-16 17:18 - 2006-11-02 14:47 - 00402776 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-10-16 17:15 - 2012-11-23 22:36 - 00000000 ____D () C:\Users\piotrek\AppData\Local\SolidWorks 2014-10-16 17:15 - 2011-01-03 19:28 - 00000000 ____D () C:\Users\piotrek\AppData\Roaming\SolidWorks 2014-10-16 16:50 - 2009-04-29 22:02 - 00109752 _____ () C:\Users\piotrek\AppData\Local\GDIPFONTCACHEV1.DAT 2014-10-16 16:43 - 2012-11-23 21:21 - 00000000 ____D () C:\Program Files\Common Files\SolidWorks Shared 2014-10-16 16:43 - 2011-01-05 22:32 - 00000000 ____D () C:\Program Files\Common Files\Menedżer instalacji SolidWorks 2014-10-16 16:41 - 2011-11-08 20:47 - 00000000 ____D () C:\Program Files\Microsoft Office 2014-10-16 16:41 - 2009-03-27 06:16 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER 2014-10-16 16:40 - 2009-03-27 06:14 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-10-16 16:28 - 2012-11-23 21:24 - 00000000 ____D () C:\Program Files\SolidWorks Corp 2014-10-16 16:21 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET 2014-10-16 14:44 - 2014-09-03 00:09 - 00000000 ____D () C:\Users\piotrek\AppData\Roaming\Opera Software 2014-10-16 14:44 - 2014-09-03 00:09 - 00000000 ____D () C:\Users\piotrek\AppData\Local\Opera Software 2014-10-15 15:09 - 2014-04-13 16:37 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-10-15 13:32 - 2009-05-26 10:09 - 00071760 _____ () C:\Windows\system32\ICAutoUpdate.log.bak 2014-10-15 11:15 - 2009-03-27 04:59 - 00718848 _____ () C:\Windows\system32\perfh015.dat 2014-10-15 11:15 - 2009-03-27 04:59 - 00148038 _____ () C:\Windows\system32\perfc015.dat 2014-10-15 11:15 - 2006-11-02 12:33 - 01647994 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-10-14 22:04 - 2010-12-01 14:53 - 00000000 ____D () C:\Users\piotrek\AppData\Roaming\vlc 2014-10-14 20:52 - 2014-02-27 22:15 - 00000000 ____D () C:\ProgramData\Oracle 2014-10-14 20:52 - 2010-11-06 16:32 - 00000000 ____D () C:\Windows\system32\Adobe 2014-10-14 20:47 - 2013-11-05 20:04 - 00000859 _____ () C:\Users\Public\Desktop\VLC media player.lnk 2014-10-14 20:45 - 2014-04-13 16:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-10-14 20:45 - 2014-04-13 16:34 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware 2014-10-14 20:45 - 2011-12-31 15:57 - 00000899 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-10-14 20:43 - 2011-10-15 12:21 - 00000804 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-10-14 20:43 - 2011-10-15 12:21 - 00000000 ____D () C:\Program Files\CCleaner 2014-10-14 20:42 - 2012-08-19 23:17 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2014-10-14 20:42 - 2012-08-19 23:17 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2014-10-14 19:25 - 2011-10-02 14:07 - 00000000 ____D () C:\Users\piotrek\AppData\Roaming\Mozilla 2014-10-13 22:26 - 2013-12-26 23:42 - 00000000 ____D () C:\Users\piotrek\AppData\Local\Battle.net 2014-10-13 20:09 - 2010-06-01 00:12 - 00484731 _____ () C:\Users\piotrek\Documents\Muzyka.m3u 2014-10-09 20:45 - 2013-12-26 23:41 - 00000000 ____D () C:\Program Files\Battle.net 2014-10-01 11:11 - 2014-04-13 16:34 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-10-01 11:11 - 2014-04-13 16:34 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-10-01 11:11 - 2011-12-31 15:57 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-10-17 10:08 ==================== End Of Log ============================