Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-01-2015 02 Ran by Wujo (administrator) on WUJO-KOMPUTER on 14-01-2015 18:13:29 Running from F:\Zawirusowania konkretne Loaded Profile: Wujo (Available profiles: Wujo) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polski (Polska) Internet Explorer Version 10 (Default browser: Opera) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe (Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe (NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe (Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [503864 2009-07-20] (Conexant Systems, Inc.) HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [828960 2009-08-05] (Acer Incorporated) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-13] (AVAST Software) HKU\S-1-5-21-3326234350-4050991087-374296464-1000\...\Policies\Explorer\Run: [Wistron] => C:\Users\Wujo\AppData\Roaming\CAD8B9\CAD8B9.exe HKU\S-1-5-21-3326234350-4050991087-374296464-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-3326234350-4050991087-374296464-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0415&m=easynote_tj65&r=27360311i3c6l0390z1h5f48l1u56o SearchScopes: HKLM-x32 -> {F2F5CBE5-319A-4C34-926D-CEBA8A09E870} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW SearchScopes: HKU\S-1-5-21-3326234350-4050991087-374296464-1000 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://www.bing.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-3326234350-4050991087-374296464-1000 -> {F2F5CBE5-319A-4C34-926D-CEBA8A09E870} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW_plPL423 BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: YouTube To ALLPlayer -> {61DB16C5-B733-43F4-872E-B20DC9E72740} -> C:\Program Files (x86)\ALLPlayer\YouTubeToALLPlayer.dll (ALLPlayer.org) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Pomocnik logowania za pomocą identyfikatora Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: IplexToALLPlayer -> {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} -> C:\Program Files (x86)\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{375219E0-9466-49E3-BBDC-306C20798806}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{4FF464A0-FFEC-4C85-BF1C-388FF7A1B39A}: [NameServer] 8.8.8.8,8.8.4.4 FireFox: ======== Chrome: ======= ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-05] (AVAST Software) R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [104416 2015-01-05] (AVAST Software) R2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [844320 2009-08-05] (Acer Incorporated) S4 Greg_Service; C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe [1150496 2009-06-04] (Acer Incorporated) S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation) R2 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [62720 2009-08-21] (NewTech Infosystems, Inc.) S4 sesvc; C:\Program Files (x86)\ShadowExplorer\sesvc.exe [9216 2013-01-02] (www.shadowexplorer.com) [File not signed] S4 Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [240160 2009-07-04] (Acer) S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-05] () R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2015-01-05] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2015-01-05] (AVAST Software) R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449936 2015-01-05] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-01-05] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-05] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-01-13] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-05] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-01-05] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-05] () R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2015-01-08] () S3 hwdatacard; C:\Windows\System32\DRIVERS\ewusbmdm.sys [116864 2009-08-04] (Huawei Technologies Co., Ltd.) [File not signed] S3 hwusbfake; C:\Windows\System32\DRIVERS\ewusbfake.sys [116224 2009-08-04] (Huawei Technologies Co., Ltd.) [File not signed] R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2015-01-08] () R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-14 17:58 - 2014-03-25 18:20 - 00877480 _____ (Oracle Corporation) C:\Windows\SysWOW64\npdeployJava1.dll 2015-01-14 17:58 - 2014-03-25 18:20 - 00800168 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll 2015-01-14 13:33 - 2015-01-14 13:33 - 00000000 ____D () C:\TDSSKiller_Quarantine 2015-01-13 17:59 - 2015-01-05 00:15 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2015-01-13 17:31 - 2015-01-13 17:32 - 04978536 _____ (AVAST Software) C:\Users\Wujo\Downloads\avast_premier_antivirus_setup_online.exe 2015-01-13 14:36 - 2015-01-13 14:36 - 00000665 _____ () C:\INSTALL.LOG 2015-01-13 12:51 - 2015-01-13 12:51 - 00001313 _____ () C:\Users\Wujo\Desktop\Advanced Uninstaller PRO 2003.lnk 2015-01-13 12:51 - 2015-01-13 12:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Uninstaller PRO 2003 version 5 2015-01-13 12:51 - 2015-01-13 12:51 - 00000000 ____D () C:\Program Files (x86)\Innovative Technologies 2015-01-08 19:58 - 2015-01-08 19:58 - 00000000 _____ () C:\Users\Wujo\Desktop\ggg.log 2015-01-08 19:35 - 2015-01-08 19:35 - 00000000 _____ () C:\Users\Wujo\Desktop\cccc.log 2015-01-08 09:46 - 2015-01-08 09:46 - 00000000 ____D () C:\Users\Wujo\AppData\Local\IDTool 2015-01-08 09:38 - 2015-01-08 09:46 - 00000000 ____D () C:\bb375dd6bb4cad2432b4c8df 2015-01-06 17:00 - 2015-01-14 18:13 - 00000000 ____D () C:\FRST 2015-01-06 15:16 - 2015-01-08 21:04 - 00000000 ____D () C:\Windows\pss 2015-01-06 00:26 - 2015-01-06 00:26 - 00291632 _____ () C:\Windows\Minidump\010615-72072-01.dmp 2015-01-05 00:31 - 2015-01-05 00:31 - 00000000 _____ () C:\autoexec.bat 2015-01-05 00:15 - 2015-01-05 00:15 - 00449936 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys 2015-01-05 00:15 - 2015-01-05 00:15 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2015-01-05 00:00 - 2015-01-05 00:00 - 00001897 _____ () C:\Users\Wujo\Desktop\ShadowExplorer.lnk 2015-01-05 00:00 - 2015-01-05 00:00 - 00000000 ____D () C:\Users\Wujo\AppData\Roaming\www.shadowexplorer.com 2015-01-05 00:00 - 2015-01-05 00:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShadowExplorer 2015-01-05 00:00 - 2015-01-05 00:00 - 00000000 ____D () C:\Program Files (x86)\ShadowExplorer 2015-01-04 21:49 - 2015-01-04 21:49 - 00000049 _____ () C:\Users\Wujo\Desktop\antymalware.txt 2015-01-04 21:12 - 2015-01-13 21:20 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-01-04 21:10 - 2015-01-04 21:12 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware 2015-01-04 21:08 - 2015-01-04 21:12 - 00001114 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2015-01-04 21:08 - 2015-01-04 21:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2015-01-04 21:07 - 2015-01-04 21:12 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2015-01-04 21:07 - 2015-01-04 21:10 - 00000000 ____D () C:\ProgramData\Malwarebytes 2015-01-04 21:07 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-01-04 21:07 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-01-04 21:07 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-01-04 20:34 - 2015-01-04 20:34 - 00000000 ____D () C:\Program Files (x86)\ESET 2015-01-04 18:04 - 2015-01-04 18:04 - 00291752 _____ () C:\Windows\Minidump\010415-41168-01.dmp 2015-01-04 18:00 - 2015-01-04 18:00 - 00000000 __SHD () C:\found.000 2015-01-04 14:05 - 2015-01-04 14:08 - 00000000 ____D () C:\Users\Wujo\Desktop\do odzyskania 2015-01-04 12:30 - 2015-01-04 12:30 - 00291752 _____ () C:\Windows\Minidump\010415-554162-01.dmp 2015-01-03 17:37 - 2015-01-03 17:37 - 00291752 _____ () C:\Windows\Minidump\010315-67267-01.dmp 2015-01-03 17:27 - 2015-01-03 17:27 - 00291752 _____ () C:\Windows\Minidump\010315-71089-01.dmp 2015-01-03 17:12 - 2015-01-06 12:53 - 538053552 _____ () C:\Windows\MEMORY.DMP 2015-01-03 17:12 - 2015-01-03 17:12 - 00291752 _____ () C:\Windows\Minidump\010315-1122224-01.dmp 2015-01-03 16:33 - 2015-01-03 16:33 - 00000000 ____D () C:\Users\Wujo\AppData\Roaming\AVAST Software 2015-01-03 16:32 - 2015-01-13 18:00 - 00002022 _____ () C:\Users\Public\Desktop\Avast SafeZone.lnk 2015-01-03 16:32 - 2015-01-13 18:00 - 00001962 _____ () C:\Users\Public\Desktop\Avast Premier.lnk 2015-01-03 16:32 - 2015-01-03 16:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software 2015-01-03 16:30 - 2015-01-13 17:59 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys 2015-01-03 16:30 - 2015-01-13 17:59 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2015-01-03 16:30 - 2015-01-05 00:15 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2015-01-03 16:30 - 2015-01-05 00:15 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2015-01-03 16:30 - 2015-01-05 00:15 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2015-01-03 16:30 - 2015-01-05 00:15 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2015-01-03 16:30 - 2015-01-05 00:15 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys 2015-01-03 16:30 - 2015-01-05 00:15 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2015-01-03 16:30 - 2015-01-05 00:15 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2015-01-03 16:30 - 2015-01-05 00:15 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys 2015-01-03 16:23 - 2015-01-03 16:23 - 00096640 _____ () C:\Users\Wujo\AppData\Local\GDIPFONTCACHEV1.DAT 2015-01-03 16:22 - 2015-01-14 18:10 - 00003646 _____ () C:\Windows\setupact.log 2015-01-03 16:22 - 2015-01-03 16:22 - 00000000 _____ () C:\Windows\setuperr.log 2015-01-03 16:21 - 2015-01-14 18:10 - 00236434 _____ () C:\Windows\PFRO.log 2015-01-03 16:08 - 2015-01-03 16:19 - 191729711 _____ (Avast! Premier 2015 - 10.0.2206) C:\Users\Wujo\Downloads\Avast! Premier 2015 10.0.2206 + Crack [BRSHARES].exe 2015-01-03 15:56 - 2015-01-03 15:56 - 00000000 _____ () C:\Windows\SysWOW64\config.nt 2015-01-03 15:55 - 2015-01-03 15:55 - 00000000 ____D () C:\Program Files\AVAST Software 2015-01-03 15:40 - 2015-01-03 16:28 - 00000000 ____D () C:\ProgramData\AVAST Software 2015-01-03 15:23 - 2015-01-03 15:38 - 00000000 ____D () C:\Users\Wujo\AppData\Roaming\Wise Disk Cleaner 2015-01-03 15:23 - 2015-01-03 15:25 - 00000000 ____D () C:\Users\Wujo\AppData\Roaming\Wise Registry Cleaner 2015-01-03 15:23 - 2015-01-03 15:23 - 00001239 _____ () C:\Users\Public\Desktop\Wise Registry Cleaner.lnk 2015-01-03 15:23 - 2015-01-03 15:23 - 00001216 _____ () C:\Users\Public\Desktop\Wise Disk Cleaner.lnk 2015-01-03 15:23 - 2015-01-03 15:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Registry Cleaner 2015-01-03 15:23 - 2015-01-03 15:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Disk Cleaner 2015-01-03 15:23 - 2015-01-03 15:23 - 00000000 ____D () C:\Program Files (x86)\Wise 2015-01-03 15:15 - 2015-01-03 15:15 - 00000844 _____ () C:\Users\Wujo\Desktop\BitTorrent.lnk 2015-01-03 15:14 - 2015-01-03 16:20 - 00000000 ____D () C:\Users\Wujo\AppData\Roaming\BitTorrent 2015-01-03 15:13 - 2015-01-03 15:13 - 01691224 _____ (BitTorrent Inc.) C:\Users\Wujo\Downloads\BitTorrent.exe 2015-01-01 14:56 - 2014-12-09 08:31 - 00049936 _____ () C:\Users\Wujo\Downloads\ZWR_Specyfikacja_faktury_zbiorowej_761-494-4823-7996_14_12_F012_AA.PDF.itqjnld 2015-01-01 14:56 - 2014-11-15 09:27 - 00049408 _____ () C:\Users\Wujo\Downloads\ZWR_Specyfikacja_faktury_zbiorowej_761-494-4823-7996_14_11_F011_AA.PDF.itqjnld 2015-01-01 14:56 - 2014-11-03 16:33 - 00013600 _____ () C:\Users\Wujo\Downloads\J-Wi Jadłospis.DOC.itqjnld 2015-01-01 14:56 - 2014-10-13 10:15 - 00052368 _____ () C:\Users\Wujo\Downloads\ZWR_Specyfikacja_faktury_zbiorowej_761-494-4823-7996_14_10_F010_AA.PDF.itqjnld 2015-01-01 14:56 - 2014-08-31 08:14 - 00054112 _____ () C:\Users\Wujo\Downloads\obsada nr 3 27.08.2014 roda.XLS.itqjnld 2015-01-01 14:56 - 2014-08-31 08:14 - 00054112 _____ () C:\Users\Wujo\Downloads\obsada nr 3 27.08.2014 roda (1).XLS.itqjnld 2015-01-01 14:56 - 2014-08-11 13:56 - 00051824 _____ () C:\Users\Wujo\Downloads\ZWR_Specyfikacja_faktury_zbiorowej_761-494-4823-7996_14_08_F008_AA.PDF.itqjnld 2015-01-01 14:56 - 2014-07-29 07:43 - 00045152 _____ () C:\Users\Wujo\Downloads\ZWR_Specyfikacja_faktury_zbiorowej_761-494-4823-7996_14_07_F007_AA.PDF.itqjnld 2015-01-01 14:56 - 2014-05-23 16:46 - 00018096 _____ () C:\Users\Wujo\Documents\g1 kody.DOC.itqjnld 2015-01-01 14:56 - 2014-05-19 12:14 - 00048704 _____ () C:\Users\Wujo\Downloads\ZWR_Specyfikacja_faktury_zbiorowej_761-494-4823-7996_14_05_F005_Z.PDF.itqjnld 2015-01-01 14:56 - 2014-03-17 14:58 - 00072576 _____ () C:\Users\Wujo\Downloads\tmp1A0.PDF.itqjnld 2015-01-01 14:56 - 2014-02-10 19:04 - 00050960 _____ () C:\Users\Wujo\Downloads\ZWR_Specyfikacja_faktury_zbiorowej_761-494-4823-7996_14_02_F002_Z.PDF.itqjnld 2015-01-01 14:56 - 2013-10-15 10:38 - 00049632 _____ () C:\Users\Wujo\Downloads\ZWR_Specyfikacja_faktury_zbiorowej_761-494-4823-7996_13_10_F010_Y.PDF.itqjnld 2015-01-01 14:56 - 2013-06-01 08:55 - 00044352 _____ () C:\Users\Wujo\Downloads\statement_0245_20130527.PDF.itqjnld 2015-01-01 14:56 - 2013-05-03 16:01 - 00005440 _____ () C:\Users\Wujo\Documents\DATA.DOC.itqjnld 2015-01-01 14:56 - 2013-05-03 15:01 - 00073648 _____ () C:\Users\Wujo\Documents\Dokument1.PDF.itqjnld 2014-12-20 15:38 - 2014-12-20 15:39 - 13087456 _____ (Microsoft Corporation) C:\Users\Wujo\Downloads\Silverlight_x64.exe 2014-12-17 08:46 - 2014-12-17 08:46 - 00244328 _____ () C:\Users\Wujo\Downloads\Firefox Setup Stub 34.0.5.exe ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-14 18:10 - 2014-02-11 18:54 - 00000008 __RSH () C:\ProgramData\ntuser.pol 2015-01-14 18:10 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-01-14 18:06 - 2012-01-27 17:30 - 00000000 ____D () C:\Users\Wujo\Desktop\programy 2015-01-14 18:06 - 2011-03-20 20:54 - 00000000 ____D () C:\Users\Wujo 2015-01-14 18:06 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy 2015-01-14 17:59 - 2009-07-14 05:45 - 00017600 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-01-14 17:59 - 2009-07-14 05:45 - 00017600 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-01-14 17:58 - 2012-11-24 22:20 - 00000000 ____D () C:\Program Files (x86)\Java 2015-01-14 17:55 - 2009-08-16 06:52 - 00000000 ____D () C:\ProgramData\Adobe 2015-01-08 23:08 - 2013-03-15 13:30 - 00088480 _____ () C:\Windows\system32\Drivers\atksgt.sys 2015-01-08 23:08 - 2013-03-15 13:30 - 00046400 _____ () C:\Windows\system32\Drivers\lirsgt.sys 2015-01-08 09:45 - 2011-03-20 20:46 - 01214920 _____ () C:\Windows\WindowsUpdate.log 2015-01-08 09:43 - 2011-03-21 05:37 - 00749542 _____ () C:\Windows\system32\perfh015.dat 2015-01-08 09:43 - 2011-03-21 05:37 - 00160988 _____ () C:\Windows\system32\perfc015.dat 2015-01-08 09:43 - 2009-07-14 06:13 - 01709972 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-01-08 09:42 - 2011-03-21 09:24 - 01635538 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2015-01-06 18:30 - 2013-01-09 01:08 - 00019456 ___SH () C:\Users\Wujo\Documents\Thumbs.db 2015-01-06 00:26 - 2011-06-23 12:39 - 00000000 ____D () C:\Windows\Minidump 2015-01-05 21:59 - 2013-03-04 10:48 - 00000000 ____D () C:\Users\Wujo\Downloads\Pierdoły 2015-01-05 20:05 - 2012-01-03 20:19 - 00000000 ____D () C:\filmy 2015-01-04 17:48 - 2009-08-16 06:54 - 00000000 ____D () C:\ProgramData\Norton 2015-01-04 14:10 - 2012-01-15 10:57 - 00000000 ____D () C:\muza1 2015-01-04 12:36 - 2013-10-08 14:56 - 00000000 ____D () C:\Program Files (x86)\Origin 2015-01-03 16:22 - 2009-07-14 05:45 - 02326752 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-01-03 15:26 - 2011-12-02 20:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp 2015-01-03 15:26 - 2011-11-22 16:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NapiProjekt 2015-01-03 15:26 - 2011-11-21 17:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid 2015-01-03 15:26 - 2011-08-30 08:54 - 00000000 ____D () C:\Users\Wujo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-01-03 15:26 - 2011-08-30 08:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-01-03 15:26 - 2009-08-22 06:58 - 00000000 __RHD () C:\MSOCache 2015-01-03 15:26 - 2009-07-27 21:41 - 00000000 ____D () C:\Windows\Panther 2015-01-03 15:02 - 2014-08-30 07:48 - 00000000 ____D () C:\Users\Wujo\AppData\Local\Deployment 2015-01-03 08:18 - 2014-05-22 20:23 - 00040592 _____ () C:\Program1.RPT 2015-01-02 11:47 - 2013-04-29 14:53 - 00000000 ____D () C:\Users\Wujo\AppData\Local\Symantec 2015-01-02 11:40 - 2013-03-10 19:19 - 00000000 ___SD () C:\Users\Wujo\GG dysk 2015-01-02 11:37 - 2009-08-22 07:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works 2015-01-01 14:46 - 2014-02-12 16:01 - 00000000 ____D () C:\Users\Wujo\Documents\Madej&Nowak 2015-01-01 14:46 - 2012-08-05 08:46 - 00000000 ____D () C:\eWyciągi BZWBK 2015-01-01 14:44 - 2011-03-20 20:54 - 00000000 ____D () C:\Users\Wujo\AppData\Local\VirtualStore 2015-01-01 14:43 - 2013-11-08 14:26 - 00000000 ____D () C:\Program Files (x86)\Steam 2015-01-01 14:43 - 2011-12-01 18:48 - 00000000 ____D () C:\ProgramData\Arcade Lab 2015-01-01 14:43 - 2011-11-21 17:13 - 00000000 ____D () C:\Program Files (x86)\Xvid 2015-01-01 14:43 - 2011-07-12 18:49 - 00000000 ____D () C:\Program Files (x86)\WinRAR 2015-01-01 14:43 - 2011-03-21 11:48 - 00000000 ____D () C:\Program Files (x86)\Winamp 2015-01-01 14:42 - 2011-12-17 16:33 - 00000000 ____D () C:\Program Files (x86)\Metin2 2015-01-01 14:42 - 2011-11-22 21:59 - 00000000 ____D () C:\Program Files (x86)\Dziobas Rar Player 2015-01-01 14:42 - 2011-08-30 08:53 - 00000000 ____D () C:\Program Files\WinRAR 2015-01-01 14:42 - 2011-03-21 11:54 - 00000000 ____D () C:\Program Files (x86)\NAPI-PROJEKT 2015-01-01 14:42 - 2011-03-20 21:00 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies 2015-01-01 14:42 - 2009-08-22 07:04 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office Suite Activation Assistant 2015-01-01 14:42 - 2009-08-16 07:29 - 00000000 ___HD () C:\oem 2014-12-27 15:00 - 2009-07-14 06:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-12-23 14:25 - 2012-05-05 15:15 - 17340080 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2014-12-21 08:42 - 2012-05-03 13:47 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-12-21 08:42 - 2012-05-03 13:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-12-20 19:09 - 2011-05-12 16:24 - 00000049 _____ () C:\Windows\NeroDigital.ini 2014-12-20 19:08 - 2011-03-21 09:33 - 00000000 ____D () C:\Users\Wujo\AppData\Local\Adobe 2014-12-20 15:40 - 2012-05-03 13:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2014-12-16 14:23 - 2011-12-02 20:00 - 00000000 ____D () C:\Users\Wujo\AppData\Roaming\Winamp ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-01-14 02:48 ==================== End Of Log ============================