Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-12-2014 01 Ran by Mariusz (administrator) on MARIUSZ-ASUS on 07-12-2014 16:27:34 Running from C:\Users\Mariusz\Downloads Loaded Profile: Mariusz (Available profiles: Mariusz) Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Polski (Polska) Internet Explorer Version 8 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe (Seifert) C:\Program Files (x86)\WinDirStat\windirstat.exe (Zemana Ltd.) C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe () C:\Program Files (x86)\blueconnect\blueconnect.exe (Huawei Technologies Co., Ltd.) C:\Users\Mariusz\AppData\Roaming\blueconnect\ouc.exe (Mozilla Corporation) C:\Program Files\Nightly\firefox.exe (Mozilla Corporation) C:\Program Files\Nightly\plugin-container.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation) C:\Program Files )\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation) C:\Program Files )\Malwarebytes Anti-Malware\mbamscheduler.exe (SecureMix LLC) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe (SecureMix LLC) C:\Program Files (x86)\GlassWire\GWIdlMon.exe (SecureMix LLC) C:\Program Files (x86)\GlassWire\GlassWire.exe (Mozilla Corporation) C:\Program Files\Nightly\plugin-container.exe (OldTimer Tools) C:\Users\Mariusz\Downloads\OTL.scr ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe [1154112 2014-07-21] (Ruiware LLC) HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2558776 2014-12-04] (Malwarebytes Corporation) HKU\S-1-5-21-2376877967-2081922626-2068000606-1000\...\Run: [HijackThis startup scan] => C:\Users\Mariusz\Desktop\HijackThis\HijackThis.exe [1306624 2011-04-11] (Trend Micro Inc.) HKU\S-1-5-21-2376877967-2081922626-2068000606-1000\...\Run: [SUPERAntiSpyware] => C:\Users\Mariusz\Desktop\SuperAntiSpyware\PROGRAM64.COM [5500800 2011-10-17] (SUPERAntiSpyware.com) HKU\S-1-5-21-2376877967-2081922626-2068000606-1000\...\Run: [HW_OPENEYE_OUC_blueconnect] => C:\Program Files (x86)\blueconnect\UpdateDog\ouc.exe [116064 2011-03-26] (Huawei Technologies Co., Ltd.) HKU\S-1-5-21-2376877967-2081922626-2068000606-1000\...\Run: [GlassWire] => C:\Program Files (x86)\GlassWire\glasswire.exe [9474344 2014-11-06] (SecureMix LLC) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-2376877967-2081922626-2068000606-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-2376877967-2081922626-2068000606-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-2376877967-2081922626-2068000606-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com HKU\S-1-5-21-2376877967-2081922626-2068000606-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x84F5C445B208D001 HKU\S-1-5-21-2376877967-2081922626-2068000606-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pl HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation) Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\syswow64\urlmon.dll (Microsoft Corporation) Tcpip\..\Interfaces\{8B89C5E6-5A1C-4B5B-AF23-768569CBDACB}: [NameServer] 89.108.202.20 89.108.195.20 FireFox: ======== FF ProfilePath: C:\Users\Mariusz\AppData\Roaming\Mozilla\Firefox\Profiles\qq6gtik4.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll () FF Extension: Adblock Plus Pop-up Addon - C:\Users\Mariusz\AppData\Roaming\Mozilla\Firefox\Profiles\qq6gtik4.default\Extensions\adblockpopups@jessehakanen.net.xpi [2014-12-06] FF Extension: Bluhell Firewall - C:\Users\Mariusz\AppData\Roaming\Mozilla\Firefox\Profiles\qq6gtik4.default\Extensions\{6BB5760D-F97E-421B-AF5B-8457A90C3CED}.xpi [2014-12-06] FF Extension: Cert Alert - C:\Users\Mariusz\AppData\Roaming\Mozilla\Firefox\Profiles\qq6gtik4.default\Extensions\{c45ac2c6-14d5-11df-844d-001f16155cce}.xpi [2014-12-06] FF Extension: SoundCloud Downloader - Technowise - C:\Users\Mariusz\AppData\Roaming\Mozilla\Firefox\Profiles\qq6gtik4.default\Extensions\{c8d3bc80-0810-4d21-a2c2-be5f2b2832ac}.xpi [2014-12-06] FF Extension: Adblock Plus - C:\Users\Mariusz\AppData\Roaming\Mozilla\Firefox\Profiles\qq6gtik4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-12-06] FF Extension: Adblock Edge - C:\Users\Mariusz\AppData\Roaming\Mozilla\Firefox\Profiles\qq6gtik4.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2014-12-06] FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\Nightly\firefox.exe Chrome: ======= ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 GlassWire; C:\Program Files (x86)\GlassWire\GWCtlSrv.exe [6279976 2014-11-06] (SecureMix LLC) S4 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] () R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [544056 2014-12-04] (Malwarebytes Corporation) R2 MBAMScheduler; C:\Program Files )\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files )\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation) S4 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia) S4 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] () R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2014-12-04] () R1 gwdrv; C:\Windows\System32\DRIVERS\gwdrv.sys [33296 2014-11-05] (SecureMix LLC) R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( ) R3 keycrypt; C:\Windows\System32\DRIVERS\KeyCrypt64.sys [71400 2014-11-28] (Zemana Ltd.) R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [96472 2014-12-06] (Malwarebytes Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-07] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation) S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia) R1 SASDIFSV; C:\Users\Mariusz\Desktop\SuperAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Users\Mariusz\Desktop\SuperAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com) S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.) U3 catchme; \??\C:\ComboFix\catchme.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-07 16:25 - 2014-12-07 16:25 - 00368705 _____ () C:\Users\Mariusz\Downloads\gm.zip 2014-12-07 16:24 - 2014-12-07 16:27 - 00009068 _____ () C:\Users\Mariusz\Downloads\FRST.txt 2014-12-07 16:24 - 2014-12-07 16:27 - 00000000 ____D () C:\FRST 2014-12-07 16:24 - 2014-12-07 16:25 - 00023099 _____ () C:\Users\Mariusz\Downloads\Addition.txt 2014-12-07 16:24 - 2014-12-07 16:24 - 00602112 _____ (OldTimer Tools) C:\Users\Mariusz\Downloads\OTL.scr 2014-12-07 16:22 - 2014-12-07 16:23 - 02119680 _____ (Farbar) C:\Users\Mariusz\Downloads\FRST64.exe 2014-12-07 14:45 - 2014-12-07 14:45 - 00001873 _____ () C:\Users\Mariusz\Desktop\GlassWire.lnk 2014-12-07 14:45 - 2014-12-07 14:45 - 00000000 ____D () C:\Users\Mariusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GlassWire 1.0 2014-12-07 14:45 - 2014-12-07 14:45 - 00000000 ____D () C:\Program Files (x86)\GlassWire 2014-12-07 11:55 - 2014-12-07 11:55 - 00013838 _____ () C:\ComboFix.txt 2014-12-07 11:46 - 2014-12-07 11:55 - 00000000 ____D () C:\Qoobox 2014-12-07 11:46 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe 2014-12-07 11:46 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe 2014-12-07 11:46 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2014-12-07 11:46 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2014-12-07 11:46 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2014-12-07 11:46 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe 2014-12-07 11:46 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe 2014-12-07 11:46 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe 2014-12-07 11:45 - 2014-12-07 11:45 - 05600430 ____R (Swearware) C:\Users\Mariusz\Downloads\ComboFix.exe 2014-12-07 11:41 - 2014-12-07 11:41 - 00000000 ____D () C:\Program Files ) 2014-12-07 11:41 - 2014-10-01 11:20 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\is-GJ4SP.tmp 2014-12-07 11:41 - 2014-10-01 11:20 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\is-HRU1D.tmp 2014-12-07 11:35 - 2014-12-07 11:36 - 19828904 _____ (Malwarebytes Corporation ) C:\Users\Mariusz\Downloads\mbam-setup.exe 2014-12-07 11:34 - 2014-12-07 11:35 - 16448208 _____ (Malwarebytes Corp.) C:\Users\Mariusz\Downloads\mbar-1.08.2.1001(1).exe 2014-12-07 10:43 - 2014-12-07 10:43 - 00000000 ____D () C:\Users\Mariusz\Desktop\Undelete 2014-12-07 10:35 - 2014-12-07 10:35 - 02774272 _____ () C:\Users\Mariusz\Downloads\avg_remover_parite.exe 2014-12-07 10:32 - 2014-12-07 10:32 - 02774272 _____ () C:\Users\Mariusz\Downloads\rmmabez.exe 2014-12-07 09:52 - 2014-12-07 09:52 - 00000016 __RSH () C:\Recycled 2014-12-07 09:46 - 2014-12-07 09:46 - 00001084 _____ () C:\CSDefault.cst 2014-12-07 09:22 - 2014-12-07 09:27 - 00000000 ____D () C:\Users\Mariusz\Desktop\AviraAntiVir 2014-12-07 09:19 - 2014-12-07 09:20 - 00000000 ____D () C:\Users\Mariusz\Documents\AIDA64 Reports 2014-12-07 09:12 - 2014-12-07 10:17 - 00000000 ____D () C:\Users\Mariusz\Desktop\AIDA64 2014-12-07 09:08 - 2014-12-06 18:09 - 00000855 _____ () C:\Windows\system32\Drivers\etc\hosts.20141207-090824.backup 2014-12-07 09:01 - 2014-12-07 09:01 - 00000000 ____D () C:\Users\Mariusz\AppData\Roaming\SUPERAntiSpyware.com 2014-12-07 09:01 - 2014-12-07 09:01 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com 2014-12-07 08:50 - 2014-12-07 08:50 - 00000000 ____D () C:\Users\Mariusz\Desktop\WindowsSurfaceScanner 2014-12-07 08:49 - 2014-12-07 09:00 - 00000000 ____D () C:\Users\Mariusz\Desktop\TrueCrypt 2014-12-07 08:49 - 2014-12-07 08:49 - 00000000 ____D () C:\Users\Mariusz\Desktop\SuperAntiSpyware 2014-12-07 08:48 - 2014-12-07 09:27 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2014-12-07 08:48 - 2014-12-07 08:48 - 00000000 ____D () C:\Users\Mariusz\Desktop\SpybotSD 2014-12-07 08:47 - 2014-12-07 08:47 - 00000000 ____D () C:\Users\Mariusz\Desktop\SoftPerfectNetworkScanner 2014-12-07 08:44 - 2014-12-07 08:44 - 00000000 ____D () C:\ProgramData\HitmanPro 2014-12-07 08:42 - 2014-12-07 11:06 - 00000000 ____D () C:\Users\Mariusz\Desktop\HijackThis 2014-12-07 08:24 - 2014-12-07 08:24 - 00000000 ____D () C:\Users\Mariusz\Desktop\DefaultKeyboardPatch 2014-12-07 07:08 - 2014-12-07 07:08 - 00164134 _____ () C:\Users\Mariusz\Downloads\sk.zip 2014-12-07 07:08 - 2014-12-07 07:08 - 00000000 ____D () C:\Users\Mariusz\Desktop\sk 2014-12-07 04:27 - 2014-12-07 04:27 - 00003384 _____ () C:\Users\Mariusz\Downloads\index(2).html 2014-12-07 04:27 - 2014-12-07 04:27 - 00002928 _____ () C:\Users\Mariusz\Downloads\index(1).html 2014-12-07 04:26 - 2014-12-07 04:26 - 00001016 _____ () C:\Users\Mariusz\Downloads\index.html 2014-12-07 04:24 - 2014-12-07 04:24 - 00000000 ____D () C:\Users\Mariusz\Desktop\listingi 2014-12-07 04:23 - 2014-12-07 04:23 - 01941064 _____ () C:\Users\Mariusz\Downloads\winrar-x64-520.exe 2014-12-07 04:23 - 2014-12-07 04:23 - 00000000 ____D () C:\Users\Mariusz\AppData\Roaming\WinRAR 2014-12-07 04:23 - 2014-12-07 04:23 - 00000000 ____D () C:\Users\Mariusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2014-12-07 04:23 - 2014-12-07 04:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2014-12-07 04:23 - 2014-12-07 04:23 - 00000000 ____D () C:\Program Files\WinRAR 2014-12-07 04:22 - 2014-12-07 04:22 - 25514493 _____ () C:\Users\Mariusz\Downloads\listingi.rar 2014-12-06 21:14 - 2014-12-06 21:14 - 00000000 ____D () C:\Users\Mariusz\AppData\Roaming\Macromedia 2014-12-06 21:14 - 2014-12-06 21:14 - 00000000 ____D () C:\Users\Mariusz\AppData\Roaming\Adobe 2014-12-06 20:43 - 2014-12-06 20:44 - 00000000 ____D () C:\Users\Mariusz\AppData\Roaming\Mozilla 2014-12-06 20:43 - 2014-12-06 20:44 - 00000000 ____D () C:\Users\Mariusz\AppData\Local\Mozilla 2014-12-06 20:43 - 2014-12-06 20:43 - 00000874 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nightly.lnk 2014-12-06 20:43 - 2014-12-06 20:43 - 00000862 _____ () C:\Users\Public\Desktop\Nightly.lnk 2014-12-06 20:43 - 2014-12-06 20:43 - 00000000 ____D () C:\ProgramData\Mozilla 2014-12-06 20:43 - 2014-12-06 20:43 - 00000000 ____D () C:\Program Files\Nightly 2014-12-06 20:43 - 2014-12-06 20:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-12-06 20:42 - 2014-12-06 20:43 - 43329168 _____ () C:\Users\Mariusz\Downloads\firefox-37.0a1.en-US.win64-x86_64.installer.exe 2014-12-06 18:44 - 2014-12-06 18:44 - 00000000 ____D () C:\Users\Mariusz\AppData\Local\GlassWire 2014-12-06 18:44 - 2014-12-06 18:44 - 00000000 ____D () C:\ProgramData\GlassWire 2014-12-06 18:44 - 2014-11-05 06:54 - 00008704 _____ () C:\Windows\system32\Drivers\gwdrv.cat 2014-12-06 18:44 - 2014-11-05 06:41 - 00033296 _____ (SecureMix LLC) C:\Windows\system32\Drivers\gwdrv.sys 2014-12-06 18:42 - 2014-12-06 18:48 - 00000000 ____D () C:\Users\Mariusz\Desktop\Nowy folder 2014-12-06 18:42 - 2014-12-06 18:42 - 00084917 _____ () C:\Users\Mariusz\Downloads\bluescreenview-x64.zip 2014-12-06 18:40 - 2014-12-06 18:42 - 16338360 _____ (SecureMix LLC) C:\Users\Mariusz\Downloads\GlassWireSetup.exe 2014-12-06 18:10 - 2014-12-06 18:10 - 00003160 _____ () C:\Windows\System32\Tasks\SidebarExecute 2014-12-06 17:43 - 2014-12-06 17:48 - 00000000 ____D () C:\Windows\erdnt 2014-12-06 17:41 - 2014-12-06 17:41 - 00000000 ____D () C:\Users\Mariusz\Downloads\vba32arkit 2014-12-06 17:39 - 2014-12-07 11:08 - 00000000 ____D () C:\Users\Mariusz\Downloads\TMRBLog 2014-12-06 17:39 - 2014-12-06 17:40 - 00002122 _____ () C:\Users\Mariusz\Desktop\Rkill.txt 2014-12-06 17:28 - 2014-12-06 17:28 - 08656400 _____ (Trend Micro Inc.) C:\Users\Mariusz\Downloads\RootkitBuster_v5_1061.exe 2014-12-06 17:28 - 2014-12-06 17:28 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Mariusz\Downloads\rkill.com 2014-12-06 17:27 - 2014-12-06 17:27 - 00464491 _____ () C:\Users\Mariusz\Downloads\RootRepeal.zip 2014-12-06 17:25 - 2014-12-06 17:25 - 01472131 _____ () C:\Users\Mariusz\Downloads\vba32arkit.zip 2014-12-06 17:19 - 2014-12-06 17:19 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-MARIUSZ-ASUS-Microsoft-Windows-7-Professional-(64-bit).dat 2014-12-06 17:18 - 2014-12-06 17:18 - 00000000 ____D () C:\RegBackup 2014-12-06 17:12 - 2014-12-06 17:12 - 00003304 _____ () C:\bootsqm.dat 2014-12-06 17:04 - 2014-12-06 17:04 - 00003170 _____ () C:\Windows\System32\Tasks\{560E3CD8-BAF3-4E80-A885-17F4DA9CF338} 2014-12-06 16:58 - 2014-12-06 16:58 - 00001035 _____ () C:\Users\Mariusz\Desktop\WinDirStat.lnk 2014-12-06 16:58 - 2014-12-06 16:58 - 00000000 ____D () C:\Users\Mariusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat 2014-12-06 16:58 - 2014-12-06 16:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat 2014-12-06 16:58 - 2014-12-06 16:58 - 00000000 ____D () C:\Program Files (x86)\WinDirStat 2014-12-06 16:57 - 2014-12-06 16:57 - 00645729 _____ (WDS Team) C:\Users\Mariusz\Downloads\windirstat1_1_2_setup.exe 2014-12-06 16:57 - 2014-12-06 16:57 - 00401920 _____ (Farbar) C:\Users\Mariusz\Downloads\MiniToolBox (1).exe 2014-12-06 16:55 - 2014-12-06 16:55 - 00037888 _____ (Soeperman Enterprises Ltd.) C:\Users\Mariusz\Downloads\ADSSpy.exe 2014-12-06 16:55 - 2014-12-06 16:55 - 00000194 _____ () C:\Users\Mariusz\Downloads\hosts-perm.bat 2014-12-06 16:54 - 2014-12-06 16:54 - 00145237 _____ () C:\Users\Mariusz\Downloads\ntregopt.zip 2014-12-06 16:54 - 2014-12-06 16:54 - 00000000 ____D () C:\Users\Mariusz\Downloads\ntregopt 2014-12-06 16:53 - 2014-12-06 17:06 - 04025858 _____ () C:\Users\Mariusz\Downloads\EmsisoftEmergencyKit.exe.opdownload 2014-12-06 16:49 - 2014-12-06 16:49 - 00001073 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk 2014-12-06 16:49 - 2014-12-06 16:49 - 00000000 ____D () C:\Users\Mariusz\AppData\Local\Secunia PSI 2014-12-06 16:49 - 2014-12-06 16:49 - 00000000 ____D () C:\Program Files (x86)\Secunia 2014-12-06 16:48 - 2014-12-06 16:48 - 00002163 _____ () C:\Users\Mariusz\Desktop\Tweaking.com - Windows Repair (All in One).lnk 2014-12-06 16:48 - 2014-12-06 16:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com 2014-12-06 16:48 - 2014-12-06 16:48 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com 2014-12-06 16:47 - 2014-12-06 16:47 - 09817304 _____ () C:\Users\Mariusz\Downloads\tweaking.com_windows_repair_aio_setup.exe 2014-12-06 16:47 - 2014-12-06 16:47 - 05490752 _____ (Secunia) C:\Users\Mariusz\Downloads\PSISetup.exe 2014-12-06 16:44 - 2014-12-07 11:57 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2014-12-06 16:43 - 2014-12-07 11:57 - 00000000 ____D () C:\Users\Mariusz\Desktop\mbar 2014-12-06 16:42 - 2014-12-06 16:43 - 16448208 _____ (Malwarebytes Corp.) C:\Users\Mariusz\Downloads\mbar-1.08.2.1001.exe 2014-12-06 16:36 - 2014-12-06 16:36 - 00001144 _____ () C:\Users\Public\Desktop\AntiLogger Free.lnk 2014-12-06 16:36 - 2014-12-06 16:36 - 00000000 ____D () C:\Users\Mariusz\AppData\Local\AntiLogger Free 2014-12-06 16:36 - 2014-12-06 16:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiLogger Free 2014-12-06 16:36 - 2014-12-06 16:36 - 00000000 ____D () C:\Program Files (x86)\Zemana AntiLogger Free 2014-12-06 16:36 - 2014-12-06 16:36 - 00000000 ____D () C:\Program Files (x86)\KeyCryptSDK 2014-12-06 16:36 - 2014-11-28 12:15 - 00071400 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\KeyCrypt64.sys 2014-12-06 16:35 - 2014-12-06 16:35 - 03453640 _____ (Zemana Ltd. ) C:\Users\Mariusz\Downloads\AntiLoggerFree_Setup.exe 2014-12-06 16:35 - 2014-12-06 16:35 - 00000000 ____D () C:\Users\Mariusz\Downloads\data 2014-12-06 16:34 - 2014-12-06 16:34 - 00332171 _____ () C:\Users\Mariusz\Downloads\GiveMePower-v2.0.exe 2014-12-06 16:34 - 2014-06-19 11:17 - 00414720 _____ () C:\Users\Mariusz\Downloads\GiveMePower.exe 2014-12-06 16:34 - 2014-06-19 11:17 - 00038400 _____ () C:\Users\Mariusz\Downloads\GiveMePower.pdb 2014-12-06 16:33 - 2014-12-06 16:33 - 00009506 _____ () C:\HijackPatrol.log 2014-12-06 16:32 - 2014-12-06 19:41 - 00000000 ____D () C:\Users\Mariusz\AppData\Roaming\WinPatrol 2014-12-06 16:32 - 2014-12-06 16:32 - 01156136 _____ (Ruiware) C:\Users\Mariusz\Downloads\wpsetup.exe 2014-12-06 16:32 - 2014-12-06 16:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol 2014-12-06 16:32 - 2014-12-06 16:32 - 00000000 ____D () C:\ProgramData\InstallMate 2014-12-06 16:32 - 2014-12-06 16:32 - 00000000 ____D () C:\Program Files (x86)\Ruiware 2014-12-06 16:23 - 2014-12-06 16:23 - 00006706 _____ () C:\Users\Mariusz\Downloads\Malwarebytes.Anti-Malware.Premium.v2.0.4.1028.Final-FFF (1).torrent 2014-12-06 16:21 - 2014-12-07 11:29 - 00000000 ____D () C:\ProgramData\Malwarebytes Anti-Exploit 2014-12-06 16:21 - 2014-12-06 16:21 - 00000000 ____D () C:\Users\Mariusz\Downloads\Malwarebytes.Anti-Malware.Premium.v2.0.4.1028.Final-FFF 2014-12-06 16:21 - 2014-12-06 16:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit 2014-12-06 16:21 - 2014-12-06 16:21 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Exploit 2014-12-06 16:20 - 2014-12-06 16:20 - 00006706 _____ () C:\Users\Mariusz\Downloads\Malwarebytes.Anti-Malware.Premium.v2.0.4.1028.Final-FFF.torrent 2014-12-06 16:19 - 2014-12-06 16:19 - 00001444 _____ () C:\Users\Mariusz\Downloads\Malwarebytes.Anti-Exploit.Premium.v1.05.1.1015.Final-FFF.torrent 2014-12-06 16:19 - 2014-12-06 16:19 - 00000857 _____ () C:\Users\Mariusz\Desktop\µTorrent.lnk 2014-12-06 16:19 - 2014-12-06 16:19 - 00000837 _____ () C:\Users\Mariusz\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk 2014-12-06 16:19 - 2014-12-06 16:19 - 00000000 ____D () C:\Users\Mariusz\Downloads\Malwarebytes.Anti-Exploit.Premium.v1.05.1.1015.Final-FFF 2014-12-06 16:18 - 2014-12-06 17:06 - 00000000 ____D () C:\Users\Mariusz\AppData\Roaming\uTorrent 2014-12-06 16:18 - 2014-12-06 16:18 - 01682512 _____ (BitTorrent Inc.) C:\Users\Mariusz\Downloads\uTorrent.exe 2014-12-06 13:50 - 2014-12-06 13:50 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\06E03FF8.sys 2014-12-05 20:08 - 2014-12-06 18:21 - 00000000 ____D () C:\ProgramData\Skype 2014-12-05 20:08 - 2014-12-05 20:08 - 00003130 _____ () C:\Windows\System32\Tasks\{2D260A41-672B-4825-A0E0-73DE8597A013} 2014-12-05 20:06 - 2014-12-05 20:06 - 01548384 _____ (Skype Technologies S.A.) C:\Users\Mariusz\Downloads\SkypeSetup.exe 2014-11-28 13:02 - 2014-11-28 13:02 - 00018456 _____ (Secunia) C:\Windows\system32\Drivers\psi_mf_amd64.sys 2014-11-28 08:33 - 2014-11-28 08:33 - 00000000 _____ () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2014-11-25 19:39 - 2014-05-14 17:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2014-11-25 19:39 - 2014-05-14 17:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2014-11-25 19:39 - 2014-05-14 17:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2014-11-25 19:39 - 2014-05-14 17:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2014-11-25 19:39 - 2014-05-14 17:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2014-11-25 19:39 - 2014-05-14 17:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2014-11-25 19:39 - 2014-05-14 17:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2014-11-25 19:39 - 2014-05-14 17:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2014-11-25 19:39 - 2014-05-14 17:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2014-11-25 19:39 - 2014-05-14 17:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2014-11-25 19:38 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2014-11-25 19:38 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2014-11-25 19:38 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2014-11-25 19:38 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2014-11-25 15:22 - 2014-11-25 15:22 - 00001401 _____ () C:\Users\Public\Desktop\SeaTools for Windows.lnk 2014-11-25 15:22 - 2014-11-25 15:22 - 00000000 ____D () C:\ProgramData\Package Cache 2014-11-25 15:21 - 2014-11-25 15:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate 2014-11-25 15:21 - 2014-11-25 15:21 - 00000000 ____D () C:\Program Files (x86)\Seagate 2014-11-25 15:13 - 2014-11-25 15:13 - 00887896 _____ (Microsoft Corporation) C:\Users\Mariusz\Downloads\dotNetFx40_Client_setup (1).exe 2014-11-25 15:08 - 2014-10-31 23:26 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-11-25 15:07 - 2014-11-25 15:08 - 32507072 _____ (Microsoft Corporation) C:\Users\Mariusz\Downloads\Windows-KB890830-x64-V5.18.exe 2014-11-25 15:07 - 2014-11-25 15:07 - 00887896 _____ (Microsoft Corporation) C:\Users\Mariusz\Downloads\dotNetFx40_Client_setup.exe 2014-11-25 15:07 - 2014-11-25 15:07 - 00292184 _____ (Microsoft Corporation) C:\Users\Mariusz\Downloads\dxwebsetup.exe 2014-11-25 15:05 - 2014-11-25 15:06 - 26771088 _____ () C:\Users\Mariusz\Downloads\SeaToolsforWindowsSetup.exe 2014-11-25 15:02 - 2014-12-06 16:59 - 00025130 _____ () C:\Users\Mariusz\Downloads\Result.txt 2014-11-25 14:51 - 2014-11-25 14:51 - 00000000 ____D () C:\TDSSKiller_Quarantine 2014-11-25 14:45 - 2014-12-06 21:11 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-11-25 14:45 - 2014-12-06 21:11 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-11-25 14:45 - 2014-11-25 14:45 - 00000000 ____D () C:\Windows\SysWOW64\Macromed 2014-11-25 14:45 - 2014-11-25 14:45 - 00000000 ____D () C:\Windows\system32\Macromed 2014-11-25 14:44 - 2014-12-06 21:12 - 00000000 ____D () C:\Users\Mariusz\AppData\Local\Adobe 2014-11-25 14:26 - 2014-12-07 15:24 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-11-25 14:26 - 2014-12-07 08:27 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-11-25 14:26 - 2014-12-06 18:29 - 00096472 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-11-25 14:26 - 2014-12-06 16:28 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-11-25 14:26 - 2014-12-06 16:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-11-25 14:26 - 2014-12-06 16:28 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-11-25 14:26 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-11-25 14:26 - 2014-10-01 11:20 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-11-25 14:25 - 2014-11-25 14:25 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Mariusz\Downloads\mbam-setup-2.0.3.1025.exe 2014-11-25 14:21 - 2014-12-06 14:21 - 00003880 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1416921688 2014-11-25 14:21 - 2014-11-25 14:21 - 00001139 _____ () C:\Users\Public\Desktop\Opera.lnk 2014-11-25 14:21 - 2014-11-25 14:21 - 00001139 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2014-11-25 14:21 - 2014-11-25 14:21 - 00000000 ____D () C:\Users\Mariusz\AppData\Roaming\Opera Software 2014-11-25 14:21 - 2014-11-25 14:21 - 00000000 ____D () C:\Users\Mariusz\AppData\Local\Opera Software 2014-11-25 14:19 - 2014-12-06 14:21 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-11-25 14:19 - 2014-11-25 14:19 - 00683464 _____ (Opera Software) C:\Users\Mariusz\Downloads\Opera_NI_stable.exe 2014-11-25 14:16 - 2009-06-26 01:04 - 00067584 _____ (REDC) C:\Windows\system32\Drivers\rimmpx64.sys 2014-11-25 14:16 - 2009-06-26 00:38 - 00057856 _____ (REDC) C:\Windows\system32\Drivers\rixdpx64.sys 2014-11-25 14:16 - 2009-06-26 00:13 - 00055296 _____ (REDC) C:\Windows\system32\Drivers\rimspx64.sys 2014-11-25 14:16 - 2007-07-25 20:48 - 00172032 _____ (Ricoh Company,Ltd) C:\Windows\system32\rixdicon.dll 2014-11-25 14:16 - 2004-09-04 11:00 - 00090112 _____ (Sony Corporation) C:\Windows\system32\snymsico.dll 2014-11-25 14:13 - 2014-11-25 14:14 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-11-25 14:12 - 2009-05-11 11:49 - 00081952 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2014-11-25 14:12 - 2009-05-11 11:49 - 00062976 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\nvapo64v.dll 2014-11-25 14:12 - 2009-05-11 11:48 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\nvhdap64.dll 2014-11-25 14:12 - 2009-05-08 15:50 - 00506400 _____ (NVIDIA Corporation) C:\Windows\system32\nvuhda6.exe 2014-11-25 14:12 - 2009-05-08 15:50 - 00159232 _____ (NVIDIA Corporation) C:\Windows\system32\nvcohda6.dll 2014-11-25 14:12 - 2009-04-26 09:29 - 00001407 _____ () C:\Windows\system32\nvhda.nvu 2014-11-25 14:11 - 2009-06-22 12:28 - 00539168 _____ (NVIDIA Corporation) C:\Windows\system32\NVUNINST.EXE 2014-11-25 14:11 - 2009-06-11 10:09 - 00508448 _____ (NVIDIA Corporation) C:\Windows\system32\nvudisp.exe 2014-11-25 14:11 - 2009-06-11 10:09 - 00010060 _____ () C:\Windows\system32\nvdisp.nvu 2014-11-25 14:06 - 2009-07-20 17:29 - 00015416 _____ ( ) C:\Windows\system32\Drivers\kbfiltr.sys 2014-11-25 14:05 - 2014-11-25 14:05 - 00004198 _____ () C:\Windows\DPINST.LOG 2014-11-25 14:05 - 2009-08-23 05:24 - 05435904 _____ (Intel Corporation) C:\Windows\system32\Drivers\NETw5v64.sys 2014-11-25 14:04 - 2014-11-25 14:53 - 00000000 ____D () C:\Program Files\ATKGFNEX 2014-11-25 14:04 - 2014-11-25 14:04 - 00000000 ____D () C:\Users\Mariusz\AppData\Roaming\InstallShield 2014-11-25 14:04 - 2014-11-25 14:04 - 00000000 ____D () C:\Program Files (x86)\InstallShield Installation Information 2014-11-25 14:03 - 2014-11-25 14:04 - 00000000 ____D () C:\Program Files (x86)\ASUS 2014-11-25 13:59 - 2014-12-07 08:22 - 00057960 _____ () C:\Users\Mariusz\AppData\Local\GDIPFONTCACHEV1.DAT 2014-11-25 13:59 - 2014-11-25 14:30 - 00000000 ____D () C:\Users\Mariusz\AppData\Roaming\blueconnect 2014-11-25 13:59 - 2014-11-25 13:59 - 00001047 _____ () C:\Users\Public\Desktop\blueconnect.lnk 2014-11-25 13:59 - 2014-11-25 13:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\blueconnect 2014-11-25 13:59 - 2014-11-25 13:59 - 00000000 _____ () C:\Windows\system32\Drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf 2014-11-25 13:58 - 2014-11-25 13:59 - 00000000 ____D () C:\ProgramData\DatacardService 2014-11-25 13:58 - 2014-11-25 13:59 - 00000000 ____D () C:\Program Files (x86)\blueconnect 2014-11-25 13:58 - 2014-11-25 13:58 - 00000000 _____ () C:\Windows\system32\Drivers\Msft_Kernel_ew_jubusenum_01007.Wdf 2014-11-25 13:58 - 2011-02-25 18:02 - 00098816 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcacm.sys 2014-11-25 13:58 - 2011-01-30 18:20 - 00212992 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juwwanecm.sys 2014-11-25 13:58 - 2011-01-30 18:19 - 00086016 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jubusenum.sys 2014-11-25 13:58 - 2011-01-30 18:19 - 00069632 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcecm.sys 2014-11-25 13:58 - 2011-01-30 18:19 - 00028672 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juextctrl.sys 2014-11-25 13:58 - 2010-12-24 11:48 - 00221312 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbmdm.sys 2014-11-25 13:58 - 2010-12-23 09:48 - 00421376 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbwwan.sys 2014-11-25 13:58 - 2010-10-08 16:59 - 00032768 _____ (Huawei Tech. Co., Ltd.) C:\Windows\system32\Drivers\ewdcsc.sys 2014-11-25 13:58 - 2010-09-26 18:09 - 00022016 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwupgrade.sys 2014-11-25 13:58 - 2010-08-06 07:43 - 01001472 _____ (DiBcom SA) C:\Windows\system32\Drivers\mod7700.sys 2014-11-25 13:58 - 2010-07-27 09:52 - 00117248 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwusbdev.sys 2014-11-25 13:58 - 2010-03-20 12:06 - 00013952 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbenumfilter.sys 2014-11-25 13:58 - 2008-03-27 16:51 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll 2014-11-25 13:58 - 2008-03-27 16:51 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfCoInstaller01007.dll 2014-11-25 13:57 - 2014-11-25 13:57 - 00001455 _____ () C:\Users\Mariusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-11-25 13:57 - 2014-11-25 13:57 - 00001421 _____ () C:\Users\Mariusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk 2014-11-25 13:57 - 2014-11-25 13:57 - 00000000 _____ () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf 2014-11-25 13:56 - 2014-11-25 14:49 - 00000000 ____D () C:\Users\Mariusz\AppData\Local\VirtualStore 2014-11-25 13:56 - 2014-11-25 13:57 - 00000000 ____D () C:\Users\Mariusz 2014-11-25 13:56 - 2014-11-25 13:56 - 00000020 ___SH () C:\Users\Mariusz\ntuser.ini 2014-11-25 13:56 - 2014-11-25 13:56 - 00000000 _SHDL () C:\Users\Public\Documents\Moje wideo 2014-11-25 13:56 - 2014-11-25 13:56 - 00000000 _SHDL () C:\Users\Public\Documents\Moje obrazy 2014-11-25 13:56 - 2014-11-25 13:56 - 00000000 _SHDL () C:\Users\Public\Documents\Moja muzyka 2014-11-25 13:56 - 2014-11-25 13:56 - 00000000 _SHDL () C:\Users\Mariusz\Ustawienia lokalne 2014-11-25 13:56 - 2014-11-25 13:56 - 00000000 _SHDL () C:\Users\Mariusz\Szablony 2014-11-25 13:56 - 2014-11-25 13:56 - 00000000 _SHDL () C:\Users\Mariusz\Moje dokumenty 2014-11-25 13:56 - 2014-11-25 13:56 - 00000000 _SHDL () C:\Users\Mariusz\Menu Start 2014-11-25 13:56 - 2014-11-25 13:56 - 00000000 _SHDL () C:\Users\Mariusz\Documents\Moje wideo 2014-11-25 13:56 - 2014-11-25 13:56 - 00000000 _SHDL () C:\Users\Mariusz\Documents\Moje obrazy 2014-11-25 13:56 - 2014-11-25 13:56 - 00000000 _SHDL () C:\Users\Mariusz\Documents\Moja muzyka 2014-11-25 13:56 - 2014-11-25 13:56 - 00000000 _SHDL () C:\Users\Mariusz\Dane aplikacji 2014-11-25 13:56 - 2014-11-25 13:56 - 00000000 _SHDL () C:\Users\Mariusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2014-11-25 13:56 - 2014-11-25 13:56 - 00000000 _SHDL () C:\Users\Mariusz\AppData\Local\Historia 2014-11-25 13:56 - 2014-11-25 13:56 - 00000000 _SHDL () C:\Users\Mariusz\AppData\Local\Dane aplikacji 2014-11-25 13:56 - 2014-11-25 13:56 - 00000000 _SHDL () C:\Users\Default\Ustawienia lokalne 2014-11-25 13:56 - 2014-11-25 13:56 - 00000000 _SHDL () C:\Users\Default\Szablony 2014-11-25 13:56 - 2014-11-25 13:56 - 00000000 _SHDL () C:\Users\Default\Moje dokumenty 2014-11-25 13:56 - 2014-11-25 13:56 - 00000000 _SHDL () C:\Users\Default\Menu Start 2014-11-25 13:56 - 2014-11-25 13:56 - 00000000 _SHDL () C:\Users\Default\Documents\Moje wideo 2014-11-25 13:56 - 2014-11-25 13:56 - 00000000 _SHDL () C:\Users\Default\Documents\Moje obrazy 2014-11-25 13:56 - 2014-11-25 13:56 - 00000000 _SHDL () C:\Users\Default\Documents\Moja muzyka 2014-11-25 13:56 - 2014-11-25 13:56 - 00000000 _SHDL () C:\Users\Default\Dane aplikacji 2014-11-25 13:56 - 2014-11-25 13:56 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2014-11-25 13:56 - 2014-11-25 13:56 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Historia 2014-11-25 13:56 - 2014-11-25 13:56 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Dane aplikacji 2014-11-25 13:56 - 2014-11-25 13:56 - 00000000 _SHDL () C:\Users\Default User\Documents\Moje wideo 2014-11-25 13:56 - 2014-11-25 13:56 - 00000000 _SHDL () C:\Users\Default User\Documents\Moje obrazy 2014-11-25 13:56 - 2014-11-25 13:56 - 00000000 _SHDL () C:\Users\Default User\Documents\Moja muzyka 2014-11-25 13:56 - 2014-11-25 13:56 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2014-11-25 13:56 - 2014-11-25 13:56 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Historia 2014-11-25 13:56 - 2014-11-25 13:56 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Dane aplikacji 2014-11-25 13:56 - 2014-11-25 13:56 - 00000000 _SHDL () C:\ProgramData\Ulubione 2014-11-25 13:56 - 2014-11-25 13:56 - 00000000 _SHDL () C:\ProgramData\Szablony 2014-11-25 13:56 - 2014-11-25 13:56 - 00000000 _SHDL () C:\ProgramData\Pulpit 2014-11-25 13:56 - 2014-11-25 13:56 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programy 2014-11-25 13:56 - 2014-11-25 13:56 - 00000000 _SHDL () C:\ProgramData\Menu Start 2014-11-25 13:56 - 2014-11-25 13:56 - 00000000 _SHDL () C:\ProgramData\Dokumenty 2014-11-25 13:56 - 2014-11-25 13:56 - 00000000 ____D () C:\Recovery 2014-11-25 13:56 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\Mariusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-11-25 13:56 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\Mariusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-11-25 13:54 - 2014-11-25 13:54 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk 2014-11-25 13:53 - 2014-12-07 14:42 - 01817337 _____ () C:\Windows\WindowsUpdate.log 2014-11-25 13:53 - 2014-11-25 13:53 - 00001355 _____ () C:\Windows\TSSysprep.log 2014-11-25 13:53 - 2014-11-25 13:53 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk 2014-11-25 13:49 - 2014-11-25 13:56 - 00000000 ____D () C:\Windows\Panther ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-07 16:09 - 2009-07-14 05:45 - 00016848 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-12-07 16:09 - 2009-07-14 05:45 - 00016848 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-12-07 14:10 - 2009-07-14 05:51 - 00034200 _____ () C:\Windows\setupact.log 2014-12-07 11:53 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini 2014-12-07 11:10 - 2011-04-12 14:21 - 00686324 _____ () C:\Windows\system32\perfh015.dat 2014-12-07 11:10 - 2011-04-12 14:21 - 00131302 _____ () C:\Windows\system32\perfc015.dat 2014-12-07 11:10 - 2009-07-14 06:13 - 01549696 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-12-07 11:06 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-12-07 11:05 - 2010-11-21 04:47 - 00009842 _____ () C:\Windows\PFRO.log 2014-12-07 08:21 - 2009-07-14 05:45 - 00275536 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-12-06 20:38 - 2009-07-14 05:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2014-12-06 18:13 - 2011-04-12 14:32 - 00000000 ____D () C:\Windows\CSC 2014-12-06 18:08 - 2009-07-14 03:34 - 00000439 _____ () C:\Windows\win.ini 2014-12-06 17:36 - 2011-04-12 14:32 - 00000000 ___RD () C:\Users\Public\Recorded TV 2014-12-06 17:31 - 2009-07-14 03:34 - 00000855 _____ () C:\Windows\system32\Drivers\etc\hosts_bak_459 2014-11-29 08:12 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache 2014-11-27 08:52 - 2009-07-14 04:20 - 00000000 ___RD () C:\Users\Public\Libraries 2014-11-25 14:12 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Help 2014-11-25 14:02 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\restore 2014-11-25 13:56 - 2009-07-14 04:20 - 00000000 ___RD () C:\Users\Default 2014-11-25 13:56 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Windows NT 2014-11-25 13:53 - 2009-07-14 05:46 - 00002790 _____ () C:\Windows\DtcInstall.log 2014-11-25 13:53 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2014-11-25 13:53 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sysprep 2014-11-25 13:49 - 2009-07-14 06:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG 2014-11-25 13:49 - 2009-07-14 06:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template 2014-11-24 14:04 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-12-06 10:02 ==================== End Of Log ============================