Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-08-2013 02 Ran by SYSTEM on 09-08-2013 12:18:46 Running from F:\ Windows 7 Home Premium (X64) OS Language: English(US) Internet Explorer Version 10 Boot Mode: Recovery The current controlset is ControlSet002 [b]ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.[/b] ==================== Registry (Whitelisted) ================== HKLM\...\Run: [NvCplDaemon] - C:\Windows\system32\NvCpl.dll [16328736 2009-06-11] (NVIDIA Corporation) HKLM\...\Run: [ETDWare] - C:\Program Files\Elantech\ETDCtrl.exe [619392 2009-06-11] (ELAN Microelectronic Corp.) HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [320000 2009-04-09] (AlcorMicro Co., Ltd.) HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1281512 2013-01-27] (Microsoft Corporation) HKLM-x32\...\Run: [UpdateLBPShortCut] - C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.) HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.) HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS) HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [8493624 2009-07-07] (ASUS) HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [159744 2009-04-20] (ASUS) HKLM-x32\...\Run: [Setwallpaper] - c:\programdata\SetWallpaper.cmd [x] HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM-x32\...\Run: [NeroFilterCheck] - C:\Windows\system32\NeroCheck.exe [x] HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.) HKLM-x32\...\Run: [TkBellExe] - c:\program files (x86)\real\realplayer\Update\realsched.exe [273528 2011-11-03] (RealNetworks, Inc.) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-02] (Adobe Systems Incorporated) HKLM-x32\...\Run: [ROC_ROC_NT] - "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_NT.exe" / /PROMPT /CMPID=ROC_NT [x] HKU\Witek\...\Run: [msnmsgr] - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [3882312 2008-12-02] (Microsoft Corporation) HKU\Witek\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [17418928 2012-07-13] (Skype Technologies S.A.) HKU\Witek\...\Run: [GameXN GO] - C:\ProgramData\GameXN\GameXNGO.exe [347008 2011-08-31] (EasyBits Software AS) HKU\Witek\...\Run: [Sony Ericsson PC Suite] - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe [434176 2009-11-20] (Sony Ericsson Mobile Communications AB) HKU\Witek\...\Run: [BitComet] - C:\Program Files\BitComet\BitComet.exe [20529920 2013-02-18] (www.BitComet.com) HKU\Witek\...\Run: [GG] - C:\Users\Witek\AppData\Local\GG\Application\gghub.exe [3365440 2013-06-07] (GG Network S.A.) HKU\Witek\...\Run: [MONOGRAM] - C:\Users\Witek\AppData\Roaming\vutsdbws\fegfcsfe.exe [x] Startup: C:\Users\Witek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk ShortcutTarget: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) ==================== Services (Whitelisted) ================= S2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-07] () S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2010-12-28] (www.BitComet.com) S2 FastBootAgent; C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe [306232 2009-07-23] (ASUSTeK Computer Inc.) S2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22056 2013-01-27] (Microsoft Corporation) S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [379360 2013-01-27] (Microsoft Corporation) S2 OMSI download service; C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [90112 2009-04-30] () ==================== Drivers (Whitelisted) ==================== S2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] () S2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] () S3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( ) S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [230320 2013-01-20] (Microsoft Corporation) S2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [130008 2013-01-20] (Microsoft Corporation) S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1799680 2009-05-20] () S0 sptd; C:\Windows\System32\Drivers\sptd.sys [503352 2010-11-11] (Duplex Secure Ltd.) S1 vBszKyhV2; C:\Windows\system32\drivers\vBszKyhV2.sys [46528 2013-08-08] () S3 StarOpen; No ImagePath S3 tmlwf; S3 tmwfp; ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-08-09 01:47 - 2013-08-09 01:47 - 00008224 _____ C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT 2013-08-09 01:47 - 2013-08-09 01:47 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe 2013-08-09 01:46 - 2013-08-09 01:46 - 00000020 ___SH C:\Users\Administrator\ntuser.ini 2013-08-09 01:46 - 2013-08-09 01:46 - 00000000 _SHDL C:\Users\Administrator\Ustawienia lokalne 2013-08-09 01:46 - 2013-08-09 01:46 - 00000000 _SHDL C:\Users\Administrator\Szablony 2013-08-09 01:46 - 2013-08-09 01:46 - 00000000 _SHDL C:\Users\Administrator\Moje dokumenty 2013-08-09 01:46 - 2013-08-09 01:46 - 00000000 _SHDL C:\Users\Administrator\Menu Start 2013-08-09 01:46 - 2013-08-09 01:46 - 00000000 _SHDL C:\Users\Administrator\Documents\Moje wideo 2013-08-09 01:46 - 2013-08-09 01:46 - 00000000 _SHDL C:\Users\Administrator\Documents\Moje obrazy 2013-08-09 01:46 - 2013-08-09 01:46 - 00000000 _SHDL C:\Users\Administrator\Documents\Moja muzyka 2013-08-09 01:46 - 2013-08-09 01:46 - 00000000 _SHDL C:\Users\Administrator\Dane aplikacji 2013-08-09 01:46 - 2013-08-09 01:46 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Historia 2013-08-09 01:46 - 2013-08-09 01:46 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Dane aplikacji 2013-08-09 01:46 - 2013-08-09 01:46 - 00000000 ____D C:\users\Administrator 2013-08-09 01:46 - 2010-07-13 02:09 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Macromedia 2013-08-09 01:46 - 2010-03-11 04:41 - 00000000 ____D C:\Users\Administrator\AppData\Local\Power2Go 2013-08-09 01:46 - 2010-01-03 09:51 - 00000000 ____D C:\Users\Administrator\AppData\Local\Microsoft Help 2013-08-08 23:14 - 2013-08-09 00:45 - 00109296 _____ C:\Users\Witek\AppData\Local\GDIPFONTCACHEV1.DAT 2013-08-08 12:47 - 2013-08-08 12:47 - 67914758 _____ C:\Users\Witek\Downloads\L5__eyr6Gq3wttb6AMFLdHdxp42z16DQw68oyzlWi8g.rar.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 03492736 _____ C:\Users\Witek\Downloads\system-ochrony-tarasw-i-balkonw-przed-wilgoci.pdf.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00071808 _____ C:\Users\Witek\Downloads\Dom_w_bergamotkach_(G2).jpg.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00061824 _____ C:\Users\Witek\Downloads\Skyline_ 2010 _[DVDRiP_XViD]_[Lektor_PL][Torrenty.org].torrent.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00040448 _____ C:\Users\Witek\Downloads\Straznicy_marzen_-_Rise_of_the_Guardians_ 2012 _[PAL]_[DVD9]_[Dubbing_PL][Torrenty.org].torrent.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00034816 _____ C:\Users\Witek\Downloads\Gabinet_ _Sinister_ 2012 _[720p BluRay x264 DTS AC3-LLO_]_[Lektor_i_Napisy_PL][Torrenty.org].torrent.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00032640 _____ C:\Users\Witek\Downloads\Wladza_ _Broken_City_ 2013 _[720p BluRay x264 DTS AC3-LLO]_[Lektor_i_Napisy_PL][Torrenty.org].torrent.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00032640 _____ C:\Users\Witek\Downloads\G I Joe _Odwet_ _G I Joe _Retaliation_ 2013 _[720p BluRay x264 AC3-KiT]_[Lektor_PL][Torrenty.org].torrent.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00031488 _____ C:\Users\Witek\Downloads\Czas_zemsty_-_Dead_Man_Down_ 2013 _[720p BluRay x264 DTS AC3-LLO]_[Lektor_i_Napisy_PL][Torrenty.org].torrent.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00029824 _____ C:\Users\Witek\Downloads\Hobbit _Niezwykla_Podroz_-_The_Hobbit _An_Unexpected_Journey_ 2012 _[720p BluRay x264-JUST4]_[Dubbing_PL][Torrenty.org].torrent.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00025216 _____ C:\Users\Witek\Downloads\Parker_ 2013 _[720p BluRay x264 AC3-BiDA]_[Lektor_PL][Torrenty.org].torrent.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00023424 _____ C:\Users\Witek\Downloads\Likwidator_-_The_Last_Stand_ 2013 _[720p BluRay AC3 x264-MARIZz]_[Lektor_PL][Torrenty.org].torrent.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00022144 _____ C:\Users\Witek\Downloads\Czlowiek_z_Cold_Rock_ _The_Tall_Man_ 2012 _[720p BluRay x264 AC3-LLO]_[Lektor_i_Napisy_PL][Torrenty.org].torrent.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00021760 _____ C:\Users\Witek\Downloads\Jack_Reacher _Jednym_strzalem_-_Jack_Reacher_ 2012 _[720p BluRay x264 AC3-BiDA]_[Lektor_PL][Torrenty.org].torrent.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00021504 _____ C:\Users\Witek\Downloads\Szklana_pulapka_5_-_A_Good_Day_to_Die_Hard_ 2013 _[THEATRiCAL]_[720p]_[BluRay x264 AC3-BiDA]_[Lektor_PL][Torrenty.org].torrent.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00018048 _____ C:\Users\Witek\Downloads\Bitwa_Pod_Grunwaldem_Jana_Matejki_w_3D_ SBS _ 2010 _[BluRay 1080p Side by Side][Torrenty.org].torrent.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00017280 _____ C:\Users\Witek\Downloads\Porwanie_Baltazara_Gabki_[DVDRip]_[XviD]_[PL][Torrenty.org].torrent.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00016384 _____ C:\Users\Witek\Downloads\Infiltrator_-_Snitch_ 2013 _[BRRip]_[XviD]_[AC3-sav]_[Lektor_PL][Torrenty.org].torrent.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00016000 _____ C:\Users\Witek\Downloads\Tom_i_Jerry_-_Shiver_Me_Whiskers_-_Piraci_i_kudlaci_ 2006 _[DVDRip XviD]_[Dubbing_PL][Torrenty.org].torrent.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00016000 _____ C:\Users\Witek\Downloads\Podwodne_Zycie_ze_Stevem_Zissou_-_The_Life_Aquatic_with_Steve_Zissou_ 2004 _[AC3 DVDRip XviD]_[Lektor_PL][Torrenty.org].torrent.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00015744 _____ C:\Users\Witek\Downloads\Tom_i_Jerry_-_Szybcy_I_Kudlaci_ 2005 _[DVDRip XviD]_[Dubbing_PL][Torrenty.org].torrent.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00014208 _____ C:\devlist.txt.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00013696 _____ C:\Users\Witek\Downloads\Twardziele_ _Stand_Up_Guys_ 2012 _[720p BluRay x264 AC3-BiDA]_[Lektor_PL][Torrenty.org].torrent.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00004224 _____ C:\Patch.LOG.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00003456 _____ C:\RHDSetup.log.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00000512 _____ C:\Users\Witek\Downloads\DATA (D) — skrót.lnk.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00000256 _____ C:\SumHidd.txt.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00000256 _____ C:\Pass.txt.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00000128 _____ C:\v811.txt.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00000128 _____ C:\SumOS.txt.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00000128 _____ C:\store.log.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00000128 _____ C:\setup.log.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00000128 _____ C:\RECOVERY.DAT.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00000128 _____ C:\OFFICE2007_M.TXT.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00000128 _____ C:\Nero.Log.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00000128 _____ C:\K70IO_WIN7.10.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00000128 _____ C:\Finish.log.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00000128 _____ C:\AdobeReader.log.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00000128 _____ C:\.dir.crypted 2013-08-08 12:46 - 2013-08-08 12:46 - 652875776 _____ C:\Users\Witek\Documents\mydiscimage.bin.crypted 2013-08-08 12:46 - 2013-08-08 12:46 - 10878656 _____ C:\Users\Witek\Desktop\GoogleEarth-Win-Plus-5.0.11733.9347.exe.crypted 2013-08-08 12:46 - 2013-08-08 12:46 - 09176550 _____ C:\Users\Witek\Desktop\miasteczko-planeta-energii-w-katowicach.crypted 2013-08-08 12:46 - 2013-08-08 12:46 - 01254144 _____ C:\Users\Witek\Desktop\Zeszyt_XPS_podlogi_na_gruncie.pdf.crypted 2013-08-08 12:46 - 2013-08-08 12:46 - 00258304 _____ C:\Users\Witek\Desktop\Załącznik do obwieszczenia.doc.crypted 2013-08-08 12:46 - 2013-08-08 12:46 - 00127872 _____ C:\Users\Witek\Desktop\zamówienie_krysiak.jpg.crypted 2013-08-08 12:46 - 2013-08-08 12:46 - 00095232 _____ C:\Users\Witek\Desktop\Z_okazji_80.doc.crypted 2013-08-08 12:46 - 2013-08-08 12:46 - 00067328 _____ C:\Users\Witek\Desktop\ubezp.domu.pdf.crypted 2013-08-08 12:46 - 2013-08-08 12:46 - 00065536 _____ C:\Users\Witek\Desktop\harmonogram luty-czerwiec.xls.crypted 2013-08-08 12:46 - 2013-08-08 12:46 - 00031488 _____ C:\Users\Witek\Documents\KWK Makoszowy.doc.crypted 2013-08-08 12:46 - 2013-08-08 12:46 - 00015360 _____ C:\Users\Witek\Desktop\wiersz BALU.docx.crypted 2013-08-08 12:46 - 2013-08-08 12:46 - 00014592 _____ C:\Users\Witek\Desktop\sprawdzian wyroby gotowe.docx.crypted 2013-08-08 12:46 - 2013-08-08 12:46 - 00014208 _____ C:\Users\Witek\Desktop\zmiany w harmonogramie.docx.crypted 2013-08-08 12:46 - 2013-08-08 12:46 - 00013952 _____ C:\Users\Witek\Documents\Rożek Witold Gierałtowice dn.docx.crypted 2013-08-08 12:46 - 2013-08-08 12:46 - 00002432 _____ C:\Users\Witek\Desktop\Nero Burning ROM.lnk.crypted 2013-08-08 12:46 - 2013-08-08 12:46 - 00001792 _____ C:\Users\Witek\Desktop\Play games (GameXN).lnk.crypted 2013-08-08 12:46 - 2013-08-08 12:46 - 00001152 _____ C:\Users\Witek\Desktop\SopCast.lnk.crypted 2013-08-08 12:46 - 2013-08-08 12:46 - 00001152 _____ C:\Users\Witek\Desktop\NapiProjekt.lnk.crypted 2013-08-08 12:46 - 2013-08-08 12:46 - 00000896 _____ C:\Users\Witek\Desktop\Zdjęcia AUDI 2012 — skrót.lnk.crypted 2013-08-08 12:46 - 2013-08-08 12:46 - 00000384 _____ C:\Users\Witek\Documents\Gry — skrót.lnk.crypted 2013-08-08 12:46 - 2013-08-08 12:46 - 00000256 _____ C:\Users\Witek\Desktop\informacje Witek.txt.crypted 2013-08-08 12:46 - 2013-08-08 12:46 - 00000128 _____ C:\Users\Witek\Documents\mydiscimage.cue.crypted 2013-08-08 12:46 - 2013-08-08 12:46 - 00000128 _____ C:\Users\Witek\Documents\ax_files.xml.crypted 2013-08-08 12:45 - 2013-08-08 12:45 - 01196544 _____ C:\Users\Witek\Desktop\BESTplayer.exe.crypted 2013-08-08 12:45 - 2013-08-08 12:45 - 00324480 _____ C:\Users\Witek\Desktop\broszura.pdf.crypted 2013-08-08 12:45 - 2013-08-08 12:45 - 00050048 _____ C:\Users\Witek\Desktop\dowód osobisty1.pdf.crypted 2013-08-08 12:45 - 2013-08-08 12:45 - 00039552 _____ C:\Users\Witek\Desktop\276,gal.htm.crypted 2013-08-08 12:27 - 2013-08-08 12:27 - 00000384 _____ C:\Users\Witek\AppData\Roaming\.backup.dm.crypted 2013-08-08 12:24 - 2013-08-08 12:24 - 08743424 _____ C:\Users\Witek\AppData\Local\Setup.exe.crypted 2013-08-08 12:24 - 2013-08-08 12:24 - 07903232 _____ C:\Users\Witek\AppData\Local\data1.cab.crypted 2013-08-08 12:24 - 2013-08-08 12:24 - 00340608 _____ C:\Users\Witek\AppData\Local\Readar_sl.exe.crypted 2013-08-08 12:24 - 2013-08-08 12:24 - 00119680 _____ C:\Users\Witek\AppData\Local\GDIPFONTCACHEV1.DAT.crypted 2013-08-08 12:24 - 2013-08-08 12:24 - 00008448 _____ C:\Users\Witek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini.crypted 2013-08-08 12:24 - 2013-08-08 12:24 - 00002688 _____ C:\Users\Witek\AppData\Local\TempUX1260.html.crypted 2013-08-08 12:24 - 2013-08-08 12:24 - 00002688 _____ C:\Users\Witek\AppData\Local\TempGL1872.html.crypted 2013-08-08 12:24 - 2013-08-08 12:24 - 00002688 _____ C:\Users\Witek\AppData\Local\TempBY2344.html.crypted 2013-08-08 12:24 - 2013-08-08 12:24 - 00002304 _____ C:\Users\Witek\AppData\Local\TempzI1872.html.crypted 2013-08-08 12:24 - 2013-08-08 12:24 - 00002304 _____ C:\Users\Witek\AppData\Local\TempAg1260.html.crypted 2013-08-08 12:24 - 2013-08-08 12:24 - 00002304 _____ C:\Users\Witek\AppData\Local\TempAB2344.html.crypted 2013-08-08 12:24 - 2013-08-08 12:24 - 00001152 _____ C:\Users\Witek\AppData\Local\Setup.reg.crypted 2013-08-08 12:24 - 2013-08-08 12:24 - 00000000 _____ C:\Users\Witek\AppData\Local\TempsZ2132.html.crypted 2013-08-08 12:24 - 2013-08-08 12:24 - 00000000 _____ C:\Users\Witek\AppData\Local\TemplQ2132.html.crypted 2013-08-08 12:23 - 2013-08-08 12:23 - 06200192 _____ C:\Users\Witek\AppData\Local\Codecs.exe.crypted 2013-08-08 11:59 - 2013-08-08 11:59 - 00162816 _____ C:\ProgramData\hpe65F5.dll.crypted 2013-08-08 11:59 - 2013-08-08 11:59 - 00002944 _____ C:\Users\Public\Desktop\ASUS FancyStart.lnk.crypted 2013-08-08 11:59 - 2013-08-08 11:59 - 00002944 _____ C:\Users\Public\Desktop\AI Recovery Burner.lnk.crypted 2013-08-08 11:59 - 2013-08-08 11:59 - 00002816 _____ C:\Users\Public\Desktop\Skype.lnk.crypted 2013-08-08 11:59 - 2013-08-08 11:59 - 00002432 _____ C:\Users\Public\Desktop\Sony Ericsson PC Suite 6.0.lnk.crypted 2013-08-08 11:59 - 2013-08-08 11:59 - 00002304 _____ C:\Users\Public\Desktop\Adobe Reader 9.lnk.crypted 2013-08-08 11:59 - 2013-08-08 11:59 - 00002176 _____ C:\Users\Public\Desktop\Free Offers.lnk.crypted 2013-08-08 11:59 - 2013-08-08 11:59 - 00002048 _____ C:\Users\Public\Desktop\Wybór przeglądarki.lnk.crypted 2013-08-08 11:59 - 2013-08-08 11:59 - 00002048 _____ C:\Users\Public\Desktop\ASUS MultiFrame.lnk.crypted 2013-08-08 11:59 - 2013-08-08 11:59 - 00001920 _____ C:\Users\Public\Desktop\ASUS Camera ScreenSaver.lnk.crypted 2013-08-08 11:59 - 2013-08-08 11:59 - 00001408 _____ C:\Users\Public\Desktop\Tajemnicza Książka Kucharska.lnk.crypted 2013-08-08 11:59 - 2013-08-08 11:59 - 00001408 _____ C:\Users\Public\Desktop\ASUS Data Security Manager.Lnk.crypted 2013-08-08 11:59 - 2013-08-08 11:59 - 00001280 _____ C:\Users\Public\Desktop\Splendid Utility.Lnk.crypted 2013-08-08 11:59 - 2013-08-08 11:59 - 00001280 _____ C:\Users\Public\Desktop\SmartLogon Manager.lnk.crypted 2013-08-08 11:59 - 2013-08-08 11:59 - 00001280 _____ C:\Users\Public\Desktop\LifeFrame.lnk.crypted 2013-08-08 11:59 - 2013-08-08 11:59 - 00001152 _____ C:\Users\Public\Desktop\RealPlayer.lnk.crypted 2013-08-08 11:59 - 2013-08-08 11:59 - 00001152 _____ C:\Users\Public\Desktop\OpenFM.lnk.crypted 2013-08-08 11:59 - 2013-08-08 11:59 - 00001152 _____ C:\Users\Public\Desktop\Nowe Gadu-Gadu.lnk.crypted 2013-08-08 11:59 - 2013-08-08 11:59 - 00000896 _____ C:\Users\Public\Desktop\BitComet.lnk.crypted 2013-08-08 11:59 - 2013-08-08 11:59 - 00000256 _____ C:\ProgramData\5060904.reg.crypted 2013-08-08 11:59 - 2013-08-08 11:59 - 00000128 _____ C:\Users\Public\sdelevURL.tmp.crypted 2013-08-08 11:59 - 2013-08-08 11:59 - 00000128 _____ C:\ProgramData\5060904.bat.crypted 2013-08-08 11:59 - 2013-08-08 11:59 - 00000128 _____ C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log.crypted 2013-08-08 11:59 - 2013-08-08 11:59 - 00000128 _____ C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log.crypted 2013-08-08 11:46 - 2013-08-08 11:46 - 04320056 _____ C:\Windows\System32\vBszKyhV.bmp 2013-08-08 11:46 - 2013-08-08 11:46 - 00702464 _____ C:\Windows\System32\vBszKyhV2.exe 2013-08-08 11:46 - 2013-08-08 11:46 - 00680448 _____ C:\Windows\System32\vBszKyhV1.exe 2013-08-08 11:45 - 2013-08-08 11:45 - 00046528 _____ C:\Windows\System32\Drivers\vBszKyhV2.sys 2013-08-08 11:45 - 2013-08-08 11:45 - 00031232 _____ C:\Windows\System32\vBszKyhVp.dll 2013-08-08 11:45 - 2013-08-08 11:45 - 00004096 _____ C:\Windows\System32\vBszKyhV.dll 2013-07-26 05:02 - 2013-07-26 05:02 - 00000000 ____D C:\Windows\System32\MRT 2013-07-16 11:18 - 2013-07-16 11:18 - 00287592 _____ C:\Windows\Minidump\071613-21309-01.dmp 2013-07-10 00:11 - 2013-06-11 15:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-07-10 00:11 - 2013-06-11 15:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-07-10 00:11 - 2013-06-11 15:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-07-10 00:11 - 2013-06-11 15:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-07-10 00:11 - 2013-06-11 15:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-07-10 00:11 - 2013-06-11 15:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-07-10 00:11 - 2013-06-11 15:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-07-10 00:11 - 2013-06-11 15:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-07-10 00:11 - 2013-06-11 15:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-07-10 00:11 - 2013-06-11 15:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-07-10 00:11 - 2013-06-11 15:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-07-10 00:11 - 2013-06-11 15:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-07-10 00:11 - 2013-06-11 15:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-07-10 00:11 - 2013-06-11 15:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll 2013-07-10 00:11 - 2013-06-11 15:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2013-07-10 00:11 - 2013-06-11 15:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe 2013-07-10 00:11 - 2013-06-11 15:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2013-07-10 00:11 - 2013-06-11 15:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2013-07-10 00:11 - 2013-06-11 15:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2013-07-10 00:11 - 2013-06-11 15:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2013-07-10 00:11 - 2013-06-11 15:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll 2013-07-10 00:11 - 2013-06-11 15:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2013-07-10 00:11 - 2013-06-11 15:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll 2013-07-10 00:11 - 2013-06-11 15:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll 2013-07-10 00:11 - 2013-06-11 15:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll 2013-07-10 00:11 - 2013-06-11 15:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2013-07-10 00:11 - 2013-06-11 15:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll 2013-07-10 00:11 - 2013-06-11 14:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-07-10 00:11 - 2013-06-11 14:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe 2013-07-10 00:11 - 2013-06-06 19:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2013-07-10 00:11 - 2013-06-06 18:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb ==================== One Month Modified Files and Folders ======= 2013-08-09 12:17 - 2013-08-09 12:17 - 00000000 ____D C:\FRST 2013-08-09 02:01 - 2011-08-31 22:37 - 00000000 ____D C:\ProgramData\GameXN 2013-08-09 02:01 - 2010-01-03 06:11 - 00000000 ____D C:\Users\Witek\Tracing 2013-08-09 02:00 - 2013-04-28 04:04 - 00001042 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-08-09 02:00 - 2010-01-02 09:38 - 00045056 _____ C:\Windows\System32\acovcnt.exe 2013-08-09 02:00 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-08-09 01:59 - 2009-07-13 20:51 - 00200945 _____ C:\Windows\setupact.log 2013-08-09 01:47 - 2013-08-09 01:47 - 00008224 _____ C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT 2013-08-09 01:47 - 2013-08-09 01:47 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe 2013-08-09 01:46 - 2013-08-09 01:46 - 00000020 ___SH C:\Users\Administrator\ntuser.ini 2013-08-09 01:46 - 2013-08-09 01:46 - 00000000 _SHDL C:\Users\Administrator\Ustawienia lokalne 2013-08-09 01:46 - 2013-08-09 01:46 - 00000000 _SHDL C:\Users\Administrator\Szablony 2013-08-09 01:46 - 2013-08-09 01:46 - 00000000 _SHDL C:\Users\Administrator\Moje dokumenty 2013-08-09 01:46 - 2013-08-09 01:46 - 00000000 _SHDL C:\Users\Administrator\Menu Start 2013-08-09 01:46 - 2013-08-09 01:46 - 00000000 _SHDL C:\Users\Administrator\Documents\Moje wideo 2013-08-09 01:46 - 2013-08-09 01:46 - 00000000 _SHDL C:\Users\Administrator\Documents\Moje obrazy 2013-08-09 01:46 - 2013-08-09 01:46 - 00000000 _SHDL C:\Users\Administrator\Documents\Moja muzyka 2013-08-09 01:46 - 2013-08-09 01:46 - 00000000 _SHDL C:\Users\Administrator\Dane aplikacji 2013-08-09 01:46 - 2013-08-09 01:46 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Historia 2013-08-09 01:46 - 2013-08-09 01:46 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Dane aplikacji 2013-08-09 01:46 - 2013-08-09 01:46 - 00000000 ____D C:\users\Administrator 2013-08-09 01:10 - 2009-10-20 13:49 - 01495094 _____ C:\Windows\WindowsUpdate.log 2013-08-09 01:10 - 2009-07-13 20:45 - 00010240 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-08-09 01:10 - 2009-07-13 20:45 - 00010240 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-08-09 00:51 - 2010-05-16 02:12 - 00000000 ____D C:\Users\Witek\AppData\Roaming\BitComet 2013-08-09 00:45 - 2013-08-08 23:14 - 00109296 _____ C:\Users\Witek\AppData\Local\GDIPFONTCACHEV1.DAT 2013-08-09 00:21 - 2009-10-20 14:36 - 00001896 _____ C:\Windows\System32\AutoRunFilter.ini 2013-08-08 23:33 - 2009-07-13 21:08 - 00032604 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2013-08-08 23:30 - 2010-01-03 07:57 - 00000000 ____D C:\Users\Witek\AppData\Roaming\Skype 2013-08-08 23:14 - 2011-05-28 22:39 - 00000000 ____D C:\Users\Witek\AppData\Roaming\go 2013-08-08 23:14 - 2009-10-20 14:36 - 00000000 ____D C:\ProgramData\NVIDIA 2013-08-08 23:12 - 2009-10-20 14:34 - 05355852 _____ C:\Windows\PFRO.log 2013-08-08 12:58 - 2009-10-20 14:30 - 00000000 ____D C:\ProgramData\P4G 2013-08-08 12:47 - 2013-08-08 12:47 - 67914758 _____ C:\Users\Witek\Downloads\L5__eyr6Gq3wttb6AMFLdHdxp42z16DQw68oyzlWi8g.rar.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 03492736 _____ C:\Users\Witek\Downloads\system-ochrony-tarasw-i-balkonw-przed-wilgoci.pdf.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00071808 _____ C:\Users\Witek\Downloads\Dom_w_bergamotkach_(G2).jpg.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00061824 _____ C:\Users\Witek\Downloads\Skyline_ 2010 _[DVDRiP_XViD]_[Lektor_PL][Torrenty.org].torrent.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00040448 _____ C:\Users\Witek\Downloads\Straznicy_marzen_-_Rise_of_the_Guardians_ 2012 _[PAL]_[DVD9]_[Dubbing_PL][Torrenty.org].torrent.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00034816 _____ C:\Users\Witek\Downloads\Gabinet_ _Sinister_ 2012 _[720p BluRay x264 DTS AC3-LLO_]_[Lektor_i_Napisy_PL][Torrenty.org].torrent.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00032640 _____ C:\Users\Witek\Downloads\Wladza_ _Broken_City_ 2013 _[720p BluRay x264 DTS AC3-LLO]_[Lektor_i_Napisy_PL][Torrenty.org].torrent.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00032640 _____ C:\Users\Witek\Downloads\G I Joe _Odwet_ _G I Joe _Retaliation_ 2013 _[720p BluRay x264 AC3-KiT]_[Lektor_PL][Torrenty.org].torrent.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00031488 _____ C:\Users\Witek\Downloads\Czas_zemsty_-_Dead_Man_Down_ 2013 _[720p BluRay x264 DTS AC3-LLO]_[Lektor_i_Napisy_PL][Torrenty.org].torrent.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00029824 _____ C:\Users\Witek\Downloads\Hobbit _Niezwykla_Podroz_-_The_Hobbit _An_Unexpected_Journey_ 2012 _[720p BluRay x264-JUST4]_[Dubbing_PL][Torrenty.org].torrent.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00025216 _____ C:\Users\Witek\Downloads\Parker_ 2013 _[720p BluRay x264 AC3-BiDA]_[Lektor_PL][Torrenty.org].torrent.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00023424 _____ C:\Users\Witek\Downloads\Likwidator_-_The_Last_Stand_ 2013 _[720p BluRay AC3 x264-MARIZz]_[Lektor_PL][Torrenty.org].torrent.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00022144 _____ C:\Users\Witek\Downloads\Czlowiek_z_Cold_Rock_ _The_Tall_Man_ 2012 _[720p BluRay x264 AC3-LLO]_[Lektor_i_Napisy_PL][Torrenty.org].torrent.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00021760 _____ C:\Users\Witek\Downloads\Jack_Reacher _Jednym_strzalem_-_Jack_Reacher_ 2012 _[720p BluRay x264 AC3-BiDA]_[Lektor_PL][Torrenty.org].torrent.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00021504 _____ C:\Users\Witek\Downloads\Szklana_pulapka_5_-_A_Good_Day_to_Die_Hard_ 2013 _[THEATRiCAL]_[720p]_[BluRay x264 AC3-BiDA]_[Lektor_PL][Torrenty.org].torrent.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00018048 _____ C:\Users\Witek\Downloads\Bitwa_Pod_Grunwaldem_Jana_Matejki_w_3D_ SBS _ 2010 _[BluRay 1080p Side by Side][Torrenty.org].torrent.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00017280 _____ C:\Users\Witek\Downloads\Porwanie_Baltazara_Gabki_[DVDRip]_[XviD]_[PL][Torrenty.org].torrent.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00016384 _____ C:\Users\Witek\Downloads\Infiltrator_-_Snitch_ 2013 _[BRRip]_[XviD]_[AC3-sav]_[Lektor_PL][Torrenty.org].torrent.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00016000 _____ C:\Users\Witek\Downloads\Tom_i_Jerry_-_Shiver_Me_Whiskers_-_Piraci_i_kudlaci_ 2006 _[DVDRip XviD]_[Dubbing_PL][Torrenty.org].torrent.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00016000 _____ C:\Users\Witek\Downloads\Podwodne_Zycie_ze_Stevem_Zissou_-_The_Life_Aquatic_with_Steve_Zissou_ 2004 _[AC3 DVDRip XviD]_[Lektor_PL][Torrenty.org].torrent.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00015744 _____ C:\Users\Witek\Downloads\Tom_i_Jerry_-_Szybcy_I_Kudlaci_ 2005 _[DVDRip XviD]_[Dubbing_PL][Torrenty.org].torrent.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00014208 _____ C:\devlist.txt.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00013696 _____ C:\Users\Witek\Downloads\Twardziele_ _Stand_Up_Guys_ 2012 _[720p BluRay x264 AC3-BiDA]_[Lektor_PL][Torrenty.org].torrent.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00004224 _____ C:\Patch.LOG.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00003456 _____ C:\RHDSetup.log.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00000512 _____ C:\Users\Witek\Downloads\DATA (D) — skrót.lnk.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00000256 _____ C:\SumHidd.txt.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00000256 _____ C:\Pass.txt.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00000128 _____ C:\v811.txt.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00000128 _____ C:\SumOS.txt.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00000128 _____ C:\store.log.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00000128 _____ C:\setup.log.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00000128 _____ C:\RECOVERY.DAT.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00000128 _____ C:\OFFICE2007_M.TXT.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00000128 _____ C:\Nero.Log.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00000128 _____ C:\K70IO_WIN7.10.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00000128 _____ C:\Finish.log.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00000128 _____ C:\AdobeReader.log.crypted 2013-08-08 12:47 - 2013-08-08 12:47 - 00000128 _____ C:\.dir.crypted 2013-08-08 12:47 - 2013-04-07 06:53 - 00000000 ____D C:\Users\Witek\Downloads\81985 2013-08-08 12:47 - 2013-03-17 07:04 - 00000000 ____D C:\Users\Witek\Downloads\dom asi 2013-08-08 12:46 - 2013-08-08 12:46 - 652875776 _____ C:\Users\Witek\Documents\mydiscimage.bin.crypted 2013-08-08 12:46 - 2013-08-08 12:46 - 10878656 _____ C:\Users\Witek\Desktop\GoogleEarth-Win-Plus-5.0.11733.9347.exe.crypted 2013-08-08 12:46 - 2013-08-08 12:46 - 09176550 _____ C:\Users\Witek\Desktop\miasteczko-planeta-energii-w-katowicach.crypted 2013-08-08 12:46 - 2013-08-08 12:46 - 01254144 _____ C:\Users\Witek\Desktop\Zeszyt_XPS_podlogi_na_gruncie.pdf.crypted 2013-08-08 12:46 - 2013-08-08 12:46 - 00258304 _____ C:\Users\Witek\Desktop\Załącznik do obwieszczenia.doc.crypted 2013-08-08 12:46 - 2013-08-08 12:46 - 00127872 _____ C:\Users\Witek\Desktop\zamówienie_krysiak.jpg.crypted 2013-08-08 12:46 - 2013-08-08 12:46 - 00095232 _____ C:\Users\Witek\Desktop\Z_okazji_80.doc.crypted 2013-08-08 12:46 - 2013-08-08 12:46 - 00067328 _____ C:\Users\Witek\Desktop\ubezp.domu.pdf.crypted 2013-08-08 12:46 - 2013-08-08 12:46 - 00065536 _____ C:\Users\Witek\Desktop\harmonogram luty-czerwiec.xls.crypted 2013-08-08 12:46 - 2013-08-08 12:46 - 00031488 _____ C:\Users\Witek\Documents\KWK Makoszowy.doc.crypted 2013-08-08 12:46 - 2013-08-08 12:46 - 00015360 _____ C:\Users\Witek\Desktop\wiersz BALU.docx.crypted 2013-08-08 12:46 - 2013-08-08 12:46 - 00014592 _____ C:\Users\Witek\Desktop\sprawdzian wyroby gotowe.docx.crypted 2013-08-08 12:46 - 2013-08-08 12:46 - 00014208 _____ C:\Users\Witek\Desktop\zmiany w harmonogramie.docx.crypted 2013-08-08 12:46 - 2013-08-08 12:46 - 00013952 _____ C:\Users\Witek\Documents\Rożek Witold Gierałtowice dn.docx.crypted 2013-08-08 12:46 - 2013-08-08 12:46 - 00002432 _____ C:\Users\Witek\Desktop\Nero Burning ROM.lnk.crypted 2013-08-08 12:46 - 2013-08-08 12:46 - 00001792 _____ C:\Users\Witek\Desktop\Play games (GameXN).lnk.crypted 2013-08-08 12:46 - 2013-08-08 12:46 - 00001152 _____ C:\Users\Witek\Desktop\SopCast.lnk.crypted 2013-08-08 12:46 - 2013-08-08 12:46 - 00001152 _____ C:\Users\Witek\Desktop\NapiProjekt.lnk.crypted 2013-08-08 12:46 - 2013-08-08 12:46 - 00000896 _____ C:\Users\Witek\Desktop\Zdjęcia AUDI 2012 — skrót.lnk.crypted 2013-08-08 12:46 - 2013-08-08 12:46 - 00000384 _____ C:\Users\Witek\Documents\Gry — skrót.lnk.crypted 2013-08-08 12:46 - 2013-08-08 12:46 - 00000256 _____ C:\Users\Witek\Desktop\informacje Witek.txt.crypted 2013-08-08 12:46 - 2013-08-08 12:46 - 00000128 _____ C:\Users\Witek\Documents\mydiscimage.cue.crypted 2013-08-08 12:46 - 2013-08-08 12:46 - 00000128 _____ C:\Users\Witek\Documents\ax_files.xml.crypted 2013-08-08 12:46 - 2010-02-09 11:52 - 00000000 ____D C:\Users\Witek\Documents\Notesy programu OneNote 2013-08-08 12:45 - 2013-08-08 12:45 - 01196544 _____ C:\Users\Witek\Desktop\BESTplayer.exe.crypted 2013-08-08 12:45 - 2013-08-08 12:45 - 00324480 _____ C:\Users\Witek\Desktop\broszura.pdf.crypted 2013-08-08 12:45 - 2013-08-08 12:45 - 00050048 _____ C:\Users\Witek\Desktop\dowód osobisty1.pdf.crypted 2013-08-08 12:45 - 2013-08-08 12:45 - 00039552 _____ C:\Users\Witek\Desktop\276,gal.htm.crypted 2013-08-08 12:45 - 2013-04-30 08:24 - 00000000 ____D C:\Users\Witek\Desktop\planeta energii Ala 2013-08-08 12:45 - 2013-02-28 07:42 - 00000000 ____D C:\Users\Witek\Desktop\mini zdjęcia 2013-08-08 12:44 - 2012-01-17 09:01 - 00000000 ____D C:\Users\Witek\Desktop\koncert 2013-08-08 12:38 - 2012-01-26 08:49 - 00000000 ____D C:\Users\Witek\Desktop\eMI BAL 2013-08-08 12:33 - 2013-04-28 04:04 - 00001046 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-08-08 12:33 - 2012-01-26 08:45 - 00000000 ____D C:\Users\Witek\Desktop\aLA TAŃCE 2013-08-08 12:33 - 2011-12-04 10:15 - 00000000 ____D C:\Users\Witek\Desktop\Asia 2013-08-08 12:30 - 2012-09-30 00:31 - 00000000 ____D C:\Users\Witek\Desktop\Ala i Emi 2013-08-08 12:27 - 2013-08-08 12:27 - 00000384 _____ C:\Users\Witek\AppData\Roaming\.backup.dm.crypted 2013-08-08 12:27 - 2010-06-14 05:54 - 00000000 ____D C:\Users\Witek\AppData\Roaming\WinRAR 2013-08-08 12:27 - 2010-02-15 11:13 - 00000000 ____D C:\Users\Witek\AppData\Roaming\Nowe Gadu-Gadu 2013-08-08 12:27 - 2010-02-09 12:15 - 00000000 ____D C:\Users\Witek\AppData\Roaming\Thunderbird 2013-08-08 12:27 - 2010-01-04 09:12 - 00000000 ____D C:\Users\Witek\AppData\Roaming\Win7codecs 2013-08-08 12:27 - 2010-01-03 08:02 - 00000000 ____D C:\Users\Witek\AppData\Roaming\skypePM 2013-08-08 12:26 - 2013-06-11 23:22 - 00000000 ____D C:\Users\Witek\AppData\Roaming\GG 2013-08-08 12:26 - 2012-12-19 05:07 - 00000000 ____D C:\Users\Witek\AppData\Roaming\Emipwe 2013-08-08 12:26 - 2010-10-16 10:46 - 00000000 ____D C:\Users\Witek\AppData\Roaming\Media Player Classic 2013-08-08 12:26 - 2010-06-20 07:17 - 00000000 ____D C:\Users\Witek\AppData\Roaming\Nero 2013-08-08 12:26 - 2010-02-13 09:01 - 00000000 ____D C:\Users\Witek\AppData\Roaming\ipla 2013-08-08 12:26 - 2010-02-13 08:57 - 00000000 ____D C:\Users\Witek\AppData\Roaming\Gadu-Gadu 10 2013-08-08 12:26 - 2010-02-09 12:15 - 00000000 ____D C:\Users\Witek\AppData\Roaming\Mozilla 2013-08-08 12:25 - 2010-01-04 09:05 - 00000000 ____D C:\Users\Witek\AppData\Roaming\BESTplayer 2013-08-08 12:24 - 2013-08-08 12:24 - 08743424 _____ C:\Users\Witek\AppData\Local\Setup.exe.crypted 2013-08-08 12:24 - 2013-08-08 12:24 - 07903232 _____ C:\Users\Witek\AppData\Local\data1.cab.crypted 2013-08-08 12:24 - 2013-08-08 12:24 - 00340608 _____ C:\Users\Witek\AppData\Local\Readar_sl.exe.crypted 2013-08-08 12:24 - 2013-08-08 12:24 - 00119680 _____ C:\Users\Witek\AppData\Local\GDIPFONTCACHEV1.DAT.crypted 2013-08-08 12:24 - 2013-08-08 12:24 - 00008448 _____ C:\Users\Witek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini.crypted 2013-08-08 12:24 - 2013-08-08 12:24 - 00002688 _____ C:\Users\Witek\AppData\Local\TempUX1260.html.crypted 2013-08-08 12:24 - 2013-08-08 12:24 - 00002688 _____ C:\Users\Witek\AppData\Local\TempGL1872.html.crypted 2013-08-08 12:24 - 2013-08-08 12:24 - 00002688 _____ C:\Users\Witek\AppData\Local\TempBY2344.html.crypted 2013-08-08 12:24 - 2013-08-08 12:24 - 00002304 _____ C:\Users\Witek\AppData\Local\TempzI1872.html.crypted 2013-08-08 12:24 - 2013-08-08 12:24 - 00002304 _____ C:\Users\Witek\AppData\Local\TempAg1260.html.crypted 2013-08-08 12:24 - 2013-08-08 12:24 - 00002304 _____ C:\Users\Witek\AppData\Local\TempAB2344.html.crypted 2013-08-08 12:24 - 2013-08-08 12:24 - 00001152 _____ C:\Users\Witek\AppData\Local\Setup.reg.crypted 2013-08-08 12:24 - 2013-08-08 12:24 - 00000000 _____ C:\Users\Witek\AppData\Local\TempsZ2132.html.crypted 2013-08-08 12:24 - 2013-08-08 12:24 - 00000000 _____ C:\Users\Witek\AppData\Local\TemplQ2132.html.crypted 2013-08-08 12:23 - 2013-08-08 12:23 - 06200192 _____ C:\Users\Witek\AppData\Local\Codecs.exe.crypted 2013-08-08 12:23 - 2010-02-03 11:05 - 00000000 ____D C:\Users\Witek\AppData\Local\Windows Live Writer 2013-08-08 12:00 - 2010-01-29 10:21 - 00000000 ____D C:\Users\Witek\AppData\Local\Easy CD-DA Extractor 2013-08-08 11:59 - 2013-08-08 11:59 - 00162816 _____ C:\ProgramData\hpe65F5.dll.crypted 2013-08-08 11:59 - 2013-08-08 11:59 - 00002944 _____ C:\Users\Public\Desktop\ASUS FancyStart.lnk.crypted 2013-08-08 11:59 - 2013-08-08 11:59 - 00002944 _____ C:\Users\Public\Desktop\AI Recovery Burner.lnk.crypted 2013-08-08 11:59 - 2013-08-08 11:59 - 00002816 _____ C:\Users\Public\Desktop\Skype.lnk.crypted 2013-08-08 11:59 - 2013-08-08 11:59 - 00002432 _____ C:\Users\Public\Desktop\Sony Ericsson PC Suite 6.0.lnk.crypted 2013-08-08 11:59 - 2013-08-08 11:59 - 00002304 _____ C:\Users\Public\Desktop\Adobe Reader 9.lnk.crypted 2013-08-08 11:59 - 2013-08-08 11:59 - 00002176 _____ C:\Users\Public\Desktop\Free Offers.lnk.crypted 2013-08-08 11:59 - 2013-08-08 11:59 - 00002048 _____ C:\Users\Public\Desktop\Wybór przeglądarki.lnk.crypted 2013-08-08 11:59 - 2013-08-08 11:59 - 00002048 _____ C:\Users\Public\Desktop\ASUS MultiFrame.lnk.crypted 2013-08-08 11:59 - 2013-08-08 11:59 - 00001920 _____ C:\Users\Public\Desktop\ASUS Camera ScreenSaver.lnk.crypted 2013-08-08 11:59 - 2013-08-08 11:59 - 00001408 _____ C:\Users\Public\Desktop\Tajemnicza Książka Kucharska.lnk.crypted 2013-08-08 11:59 - 2013-08-08 11:59 - 00001408 _____ C:\Users\Public\Desktop\ASUS Data Security Manager.Lnk.crypted 2013-08-08 11:59 - 2013-08-08 11:59 - 00001280 _____ C:\Users\Public\Desktop\Splendid Utility.Lnk.crypted 2013-08-08 11:59 - 2013-08-08 11:59 - 00001280 _____ C:\Users\Public\Desktop\SmartLogon Manager.lnk.crypted 2013-08-08 11:59 - 2013-08-08 11:59 - 00001280 _____ C:\Users\Public\Desktop\LifeFrame.lnk.crypted 2013-08-08 11:59 - 2013-08-08 11:59 - 00001152 _____ C:\Users\Public\Desktop\RealPlayer.lnk.crypted 2013-08-08 11:59 - 2013-08-08 11:59 - 00001152 _____ C:\Users\Public\Desktop\OpenFM.lnk.crypted 2013-08-08 11:59 - 2013-08-08 11:59 - 00001152 _____ C:\Users\Public\Desktop\Nowe Gadu-Gadu.lnk.crypted 2013-08-08 11:59 - 2013-08-08 11:59 - 00000896 _____ C:\Users\Public\Desktop\BitComet.lnk.crypted 2013-08-08 11:59 - 2013-08-08 11:59 - 00000256 _____ C:\ProgramData\5060904.reg.crypted 2013-08-08 11:59 - 2013-08-08 11:59 - 00000128 _____ C:\Users\Public\sdelevURL.tmp.crypted 2013-08-08 11:59 - 2013-08-08 11:59 - 00000128 _____ C:\ProgramData\5060904.bat.crypted 2013-08-08 11:59 - 2013-08-08 11:59 - 00000128 _____ C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log.crypted 2013-08-08 11:59 - 2013-08-08 11:59 - 00000128 _____ C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log.crypted 2013-08-08 11:59 - 2010-02-13 09:09 - 00000000 ____D C:\Users\Witek\.gstreamer-0.10 2013-08-08 11:59 - 2010-01-04 09:11 - 00000000 ____D C:\ProgramData\Win7codecs 2013-08-08 11:59 - 2009-07-13 19:20 - 00000000 __RHD C:\Users\Public\Libraries 2013-08-08 11:55 - 2009-10-20 14:30 - 00000000 ____D C:\ProgramData\AmUStor 2013-08-08 11:55 - 2009-10-20 14:29 - 00000000 ____D C:\ProgramData\Atheros 2013-08-08 11:55 - 2009-10-20 14:17 - 00000000 ____D C:\ProgramData\CyberLink 2013-08-08 11:48 - 2010-11-30 15:08 - 00000000 ____D C:\fe9e6a7eba8fedf7f3d8afcdb4ab21 2013-08-08 11:47 - 2010-12-17 15:21 - 00000000 ____D C:\1ec101b56d462bcd22c406a0dd5432 2013-08-08 11:46 - 2013-08-08 11:46 - 04320056 _____ C:\Windows\System32\vBszKyhV.bmp 2013-08-08 11:46 - 2013-08-08 11:46 - 00702464 _____ C:\Windows\System32\vBszKyhV2.exe 2013-08-08 11:46 - 2013-08-08 11:46 - 00680448 _____ C:\Windows\System32\vBszKyhV1.exe 2013-08-08 11:45 - 2013-08-08 11:45 - 00046528 _____ C:\Windows\System32\Drivers\vBszKyhV2.sys 2013-08-08 11:45 - 2013-08-08 11:45 - 00031232 _____ C:\Windows\System32\vBszKyhVp.dll 2013-08-08 11:45 - 2013-08-08 11:45 - 00004096 _____ C:\Windows\System32\vBszKyhV.dll 2013-08-08 11:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\sysprep 2013-08-07 23:19 - 2013-06-11 23:22 - 00000000 ____D C:\Users\Witek\AppData\Local\GG 2013-08-02 05:17 - 2009-08-03 11:55 - 00706026 _____ C:\Windows\System32\perfh015.dat 2013-08-02 05:17 - 2009-08-03 11:55 - 00139028 _____ C:\Windows\System32\perfc015.dat 2013-08-02 05:17 - 2009-07-13 21:13 - 01572082 _____ C:\Windows\System32\PerfStringBackup.INI 2013-07-26 05:05 - 2013-07-26 05:02 - 00000000 ____D C:\Windows\System32\MRT 2013-07-22 02:14 - 2013-06-21 22:35 - 00004008 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{6C6085AD-F693-4FBE-9E21-F76AE1CF74D6} 2013-07-16 11:18 - 2013-07-16 11:18 - 00287592 _____ C:\Windows\Minidump\071613-21309-01.dmp 2013-07-16 11:18 - 2010-02-13 09:05 - 535699168 _____ C:\Windows\MEMORY.DMP 2013-07-16 11:18 - 2010-02-13 09:05 - 00000000 ____D C:\Windows\Minidump 2013-07-15 14:28 - 2013-04-28 04:04 - 00004042 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2013-07-15 14:28 - 2013-04-28 04:04 - 00003790 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2013-07-10 00:40 - 2009-07-13 20:45 - 00420576 _____ C:\Windows\System32\FNTCACHE.DAT 2013-07-10 00:38 - 2012-05-19 22:16 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2013-07-10 00:38 - 2012-05-19 22:16 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2013-07-10 00:38 - 2009-07-13 23:45 - 00000000 ____D C:\Program Files\Windows Journal 2013-07-10 00:38 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\Windows Defender 2013-07-10 00:38 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2013-07-10 00:13 - 2009-10-20 14:02 - 00000000 ____D C:\ProgramData\Microsoft Help Files to move or delete: ==================== C:\ProgramData\5060904.pad C:\ProgramData\TunesHelper.exe ==================== Known DLLs (Whitelisted) ================ ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit testsigning: ==> Check for possible unsigned rootkit driver <===== ATTENTION! ==================== EXE ASSOCIATION ===================== HKLM\...\.exe: exefile => OK HKLM\...\exefile\DefaultIcon: %1 => OK HKLM\...\exefile\open\command: "%1" %* => OK ==================== Restore Points ========================= Restore point made on: 2013-07-13 13:06:28 Restore point made on: 2013-07-17 06:57:37 Restore point made on: 2013-07-21 02:16:50 Restore point made on: 2013-07-24 10:19:09 Restore point made on: 2013-07-26 05:01:41 Restore point made on: 2013-07-30 04:07:00 Restore point made on: 2013-08-03 08:17:22 Restore point made on: 2013-08-06 23:18:44 ==================== Memory info =========================== Percentage of memory in use: 15% Total physical RAM: 4095.27 MB Available physical RAM: 3453.23 MB Total Pagefile: 4093.42 MB Available Pagefile: 3452.43 MB Total Virtual: 8192 MB Available Virtual: 8191.86 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:149.05 GB) (Free:82.81 GB) NTFS (Disk=0 Partition=2) ==>[Drive with boot components (obtained from BCD)] Drive d: (DATA) (Fixed) (Total:134.39 GB) (Free:84.65 GB) NTFS (Disk=0 Partition=3) Drive f: (XBOOT) (Removable) (Total:0.95 GB) (Free:0.86 GB) FAT (Disk=1 Partition=1) Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: D9B3496E) Partition 1: (Not Active) - (Size=15 GB) - (Type=1C) Partition 2: (Active) - (Size=149 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=134 GB) - (Type=OF Extended) ======================================================== Disk: 1 (Size: 978 MB) (Disk ID: 0008446F) Partition 1: (Active) - (Size=978 MB) - (Type=0E) LastRegBack: 2013-08-03 13:51 ==================== End Of Log ============================