Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-08-2013 Ran by Marta (administrator) on 30-08-2013 11:42:02 Running from C:\Users Windows 7 Professional Service Pack 1 (X64) OS Language: Polish Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\PowerControlHelp.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.05\AsusFanControlService.exe (Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (CodeTwo) C:\Program Files (x86)\CodeTwo\Outlook Sync\C2OutlookSync.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe (Western Digital Technologies, Inc.) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\klwtblfs.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE (Microsoft Corporation) C:\Windows\splwow64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Autodesk Sync] - C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [418280 2012-07-25] (Autodesk, Inc.) Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) Winlogon\Notify\psfus: C:\Program Files\Protector Suite\psqlpwd.dll (Authentec Inc.) HKCU\...\Run: [Outlook Sync] - C:\Program Files (x86)\CodeTwo\Outlook Sync\C2OutlookSync.exe [9737728 2012-08-03] (CodeTwo) MountPoints2: {34bdd056-e970-11e2-a741-806e6f6e6963} - H:\Setup.exe autoplay=true MountPoints2: {581f0d4f-e648-11e2-b1de-806e6f6e6963} - G:\Bin\ASSETUP.exe MountPoints2: {9b7b7e22-e64c-11e2-8034-60a44c379038} - H:\StartCD.exe MountPoints2: {f9ab5cf2-e652-11e2-9622-60a44c379038} - I:\SETUP.EXE HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356376 2013-02-28] (Kaspersky Lab ZAO) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation) Lsa: [Notification Packages] scecli C:\Program Files\Protector Suite\psqlpwd.dll Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WD Quick View.lnk ShortcutTarget: WD Quick View.lnk -> C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (Western Digital Technologies, Inc.) ==================== Internet (Whitelisted) ==================== BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.) BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) BHO-x32: PDFXChange 2012 - {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} - C:\Program Files\Tracker Software\PDF-XChange 5\PXCIEaddin5.dll (Tracker Software Products (Canada) Ltd.) BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) Toolbar: HKLM-x32 - PDFXChange 2012 - {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} - C:\Program Files\Tracker Software\PDF-XChange 5\PXCIEaddin5.dll (Tracker Software Products (Canada) Ltd.) DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com/select/asusTek_sys_ctrl3.cab DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab Tcpip\Parameters: [DhcpNameServer] 194.204.152.34 194.204.159.1 FireFox: ======== FF ProfilePath: C:\Users\Marta\AppData\Roaming\Mozilla\Firefox\Profiles\51jvwr77.default FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll () FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll () FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\allegro-pl.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\fbc-pl.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\merlin-pl.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\pwn-pl.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wikipedia-pl.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wp-pl.xml FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF HKLM-x32\...\Firefox\Extensions: [url_advisor@kaspersky.com] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com FF Extension: Content Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com ==================== Services (Whitelisted) ================= R2 ABBYY.Licensing.FineReader.Corporate.11.0; C:\Program Files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe [818952 2011-12-22] (ABBYY) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] () R2 ASDiskUnlocker; C:\Program Files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe [262816 2012-06-18] (ASUSTeK Computer Inc.) R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.) R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.) R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.05\AsusFanControlService.exe [2005504 2012-10-12] (ASUSTeK Computer Inc.) R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.) R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356376 2013-02-28] (Kaspersky Lab ZAO) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation) ==================== Drivers (Whitelisted) ==================== R3 ASFLTDrv.sys; C:\Program Files (x86)\ASUS\Disk Unlocker\ASFLTDrv64.sys [16512 2010-09-16] (ASUSTeK Computer Inc.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] () R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] () R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2012-09-14] () R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2012-09-14] () R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation) R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation) S3 ASUSstpt; C:\Windows\System32\DRIVERS\ASUSstpt.sys [25928 2012-08-20] (MCCI Corporation) S3 ASUSumsc; C:\Windows\System32\DRIVERS\ASUSumsc.sys [150344 2012-08-20] (MCCI Corporation) S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [29184 2009-08-13] (CSR, plc) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458584 2012-06-19] (Kaspersky Lab ZAO) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [620128 2013-08-20] (Kaspersky Lab ZAO) R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [28504 2012-08-02] (Kaspersky Lab ZAO) R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29016 2013-02-28] (Kaspersky Lab) R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29528 2013-02-28] (Kaspersky Lab) R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-08-20] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-08-20] (Kaspersky Lab ZAO) R3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [748648 2010-08-12] (Realtek Semiconductor Corporation ) S3 RTTEAMPT; C:\Windows\System32\DRIVERS\RtTeam620.sys [58512 2012-07-03] (Realtek Corporation) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-08-29] (Duplex Secure Ltd.) S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [204568 2013-08-20] (DEVGURU Co., LTD.(www.devguru.co.kr)) R1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [90960 2012-12-20] (Windows (R) 2000 DDK provider) R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [633680 2012-12-20] (Paragon) R1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [390352 2012-12-20] (Paragon) R1 VDiskBus; C:\Windows\System32\DRIVERS\VDiskBus64.sys [42656 2012-06-01] (ASUSTeK Computer Inc.) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-08-30 11:42 - 2013-08-30 11:42 - 00024553 _____ E:\TEMPMA~1\log1 2013-08-30 11:42 - 2013-08-30 11:42 - 00019230 _____ E:\TEMPMA~1\frstlog 2013-08-30 11:42 - 2013-08-30 11:42 - 00000154 _____ E:\TEMPMA~1\users00 2013-08-30 11:42 - 2013-08-30 11:42 - 00000003 _____ E:\TEMPMA~1\others 2013-08-30 11:33 - 2013-08-30 11:33 - 00000000 ____D C:\Users\Marta\Desktop\Stare dane programu Firefox 2013-08-30 11:31 - 2013-08-30 11:31 - 00000000 ____D E:\TEMPMA~1\acro_rd_dir 2013-08-30 11:26 - 2013-08-30 11:26 - 00002052 ___HT E:\TEMPMA~1\etilqs_tF9pkPMQrSGDATN 2013-08-30 10:47 - 2013-08-30 10:47 - 00000512 ____T E:\TEMPMA~1\~DF05FB6C72047EA220.TMP 2013-08-30 10:16 - 2013-08-30 10:16 - 00000134 _____ E:\TEMPMA~1\1661863.od 2013-08-30 10:16 - 2013-08-30 10:16 - 00000000 _____ E:\TEMPMA~1\CVR5BA7.tmp.cvr 2013-08-30 10:10 - 2013-08-29 18:15 - 01579080 _____ (Farbar) C:\Users\FRST64.exe 2013-08-30 10:07 - 2013-08-30 10:07 - 00000712 _____ C:\Users\SystemLook.txt 2013-08-30 10:06 - 2013-08-30 10:06 - 00000710 _____ C:\Users\Marta\Downloads\SystemLook.txt 2013-08-30 10:03 - 2013-08-30 10:03 - 00165376 _____ C:\Users\Marta\Downloads\SystemLook_x64.exe 2013-08-30 10:00 - 2013-08-30 10:00 - 00012300 ___HT E:\TEMPMA~1\etilqs_EEPg3Uk4rUGXJky 2013-08-30 09:57 - 2013-08-30 09:57 - 00016400 ___HT E:\TEMPMA~1\etilqs_VzHd1kvNBQXgBWw 2013-08-30 09:49 - 2013-08-30 09:49 - 00000134 _____ E:\TEMPMA~1\45240.od 2013-08-30 09:49 - 2013-08-30 09:49 - 00000000 ____D E:\TEMPMA~1\WPDNSE 2013-08-30 09:49 - 2013-08-30 09:49 - 00000000 _____ E:\TEMPMA~1\CVRB0B8.tmp.cvr 2013-08-30 03:08 - 2013-08-30 03:08 - 00000000 ____D E:\TEMPMA~1\CRX_75DAF8CB7768 2013-08-30 03:01 - 2013-08-30 03:01 - 00000134 _____ E:\TEMPMA~1\57267.od 2013-08-30 03:01 - 2013-08-30 03:01 - 00000000 _____ E:\TEMPMA~1\CVRDFA4.tmp.cvr 2013-08-29 21:47 - 2013-08-29 21:47 - 00000000 _____ E:\TEMPMA~1\RIAF5.BIN 2013-08-29 21:03 - 2013-08-29 21:03 - 00015363 _____ C:\Users\GMER.txt 2013-08-29 20:52 - 2013-08-29 20:52 - 00377856 _____ C:\Users\Marta\Downloads\3m9pxj78.exe 2013-08-29 20:16 - 2013-08-29 20:16 - 00000134 _____ E:\TEMPMA~1\8200894.od 2013-08-29 20:16 - 2013-08-29 20:16 - 00000000 _____ E:\TEMPMA~1\CVR22BE.tmp.cvr 2013-08-29 20:07 - 2013-08-30 10:19 - 00000000 ____D E:\TEMPMA~1\msohtmlclip1 2013-08-29 20:07 - 2013-08-29 20:07 - 00000000 ____D E:\TEMPMA~1\msohtmlclip 2013-08-29 20:00 - 2013-08-29 20:00 - 00000000 ____D E:\TEMPMA~1\VBE 2013-08-29 18:43 - 2013-08-29 20:17 - 00000000 ____D C:\Users\KASPER LOG 2013-08-29 18:32 - 2013-08-29 18:43 - 00000000 ____D C:\Users\OTL LOG 2013-08-29 18:24 - 2013-08-29 18:24 - 00000000 ____D C:\Users\FRST 64 LOG 2013-08-29 18:16 - 2013-08-29 18:16 - 00000000 ____D C:\FRST 2013-08-29 18:15 - 2013-08-29 18:15 - 01579080 _____ (Farbar) C:\Users\Marta\Downloads\FRST64.exe 2013-08-29 18:09 - 2013-08-29 18:09 - 00000134 _____ E:\TEMPMA~1\574832.od 2013-08-29 18:09 - 2013-08-29 18:09 - 00000000 _____ E:\TEMPMA~1\CVRC570.tmp.cvr 2013-08-29 17:58 - 2013-08-29 17:58 - 00564824 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys 2013-08-29 17:57 - 2013-08-29 17:57 - 00797784 _____ (Duplex Secure Ltd.) C:\Users\Marta\Downloads\SPTDinst-v183-x64.exe 2013-08-29 17:56 - 2013-08-30 09:54 - 00002825 _____ E:\TEMPMA~1\jusched.log 2013-08-29 14:55 - 2013-08-29 14:55 - 00000000 ____D C:\Program Files (x86)\ESET 2013-08-29 13:33 - 2013-08-29 13:43 - 00000000 ____D E:\TEMPMA~1\46B3AFEC-50C16E6C-3180674C-CC5F7364 2013-08-29 13:22 - 2013-08-29 13:22 - 01191834 _____ C:\Users\Marta\Downloads\ProcessExplorer.zip 2013-08-29 12:58 - 2013-08-29 17:53 - 00000000 ____D E:\TEMPMA~1\D0CC116-2CC51798-C37BE5DE-8CDC2396 2013-08-29 12:45 - 2013-08-29 12:45 - 00000000 ____D E:\TEMPMA~1\PhotoshopCrashes 2013-08-29 12:45 - 2013-08-29 12:45 - 00000000 ____D E:\TEMPMA~1\lilo.4420 2013-08-29 08:49 - 2013-08-29 08:49 - 00000000 ____D E:\TEMPMA~1\FineReader11 2013-08-28 22:40 - 2013-08-29 10:11 - 00000000 ____D E:\TEMPMA~1\nsgFFA4.tmp 2013-08-28 20:45 - 2013-08-28 20:45 - 00000000 ____D C:\Users\Marta\AppData\Roaming\QuickScan 2013-08-28 17:07 - 2013-08-28 17:07 - 00262144 _____ C:\Windows\system32\config\elam 2013-08-28 09:23 - 2013-08-28 15:40 - 00000000 ____D C:\Users\Marta\AppData\Roaming\Local Sync 2013-08-28 09:23 - 2013-08-28 09:23 - 00001033 _____ C:\Users\Public\Desktop\Local Sync.lnk 2013-08-28 09:23 - 2013-08-28 09:23 - 00000000 ____D C:\Program Files (x86)\Local Sync 2013-08-27 17:05 - 2013-08-27 17:05 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf 2013-08-27 16:14 - 2013-08-27 16:14 - 00000000 ____D C:\Users\Marta\.android 2013-08-27 15:08 - 2013-08-27 15:08 - 00000000 ____D C:\Program Files\Compiled Driver Disk (Samsung) 2013-08-27 14:44 - 2013-08-27 18:26 - 00000000 ____D C:\Users\Marta\AppData\Roaming\MOBILedit 2013-08-27 14:44 - 2013-08-27 18:07 - 00000000 ____D C:\Users\Marta\Documents\MOBILedit! 2013-08-27 14:42 - 2013-08-27 14:42 - 00000000 ____D C:\Program Files (x86)\COMPELSON Labs 2013-08-27 14:41 - 2013-08-27 17:54 - 00000000 ____D C:\Users\Public\Documents\MobilEdit! 2013-08-27 14:41 - 2013-08-27 14:54 - 00001038 _____ C:\Users\Public\Desktop\MOBILedit!.lnk 2013-08-27 14:41 - 2013-08-27 14:54 - 00000000 ____D C:\Program Files (x86)\MOBILedit! 2013-08-27 14:37 - 2013-08-27 14:37 - 00000000 ____D C:\Program Files (x86)\COMPELSON Laboratories 2013-08-27 13:57 - 2013-08-27 13:57 - 00000000 ____D C:\Users\Public\Documents\CrashDump 2013-08-27 11:01 - 2013-08-27 11:01 - 01699373 _____ (WareSoft Software ) C:\Users\Marta\Downloads\refreshpcinstall.exe 2013-08-27 11:01 - 2013-08-27 11:01 - 00000000 ____D C:\Program Files\RefreshPC 2013-08-27 11:01 - 2002-06-13 14:02 - 00032768 _____ (Sanx Consulting) C:\Windows\SysWOW64\svcmgr.ocx 2013-08-25 16:57 - 2013-08-25 16:57 - 00000000 ____D C:\Users\Marta\AppData\Roaming\U3 2013-08-25 09:44 - 2013-08-25 09:44 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log 2013-08-25 09:41 - 2013-08-28 08:24 - 00000000 ____D C:\Program Files (x86)\MarkAny 2013-08-25 09:41 - 2013-08-25 09:41 - 00000000 ____D C:\Users\Marta\Documents\samsung 2013-08-25 09:39 - 2013-08-25 09:39 - 00000000 ____D C:\Program Files (x86)\MyFree Codec 2013-08-25 09:38 - 2013-08-27 18:37 - 00000000 ____D C:\Program Files (x86)\Samsung 2013-08-24 20:49 - 2013-08-24 20:49 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2013-08-24 20:49 - 2013-08-24 20:49 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2013-08-24 20:49 - 2013-08-24 20:49 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2013-08-24 20:49 - 2013-08-24 20:49 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2013-08-24 13:37 - 2013-08-24 13:43 - 00000000 ____D C:\Users\Marta\Doctor Web 2013-08-24 13:36 - 2013-08-24 13:36 - 128842680 _____ C:\Users\Marta\Downloads\launch.exe 2013-08-24 12:20 - 2013-08-24 12:20 - 00008764 _____ C:\Windows\SysWOW64\switchboard.xml 2013-08-24 12:20 - 2013-08-24 12:20 - 00000369 _____ C:\Windows\SysWOW64\switchboard.ini 2013-08-24 12:20 - 2013-08-24 12:20 - 00000000 _____ C:\Windows\SysWOW64\launch.switchboard 2013-08-24 10:00 - 2013-08-28 21:25 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0 2013-08-22 08:41 - 2013-08-22 08:41 - 00657408 _____ C:\Users\Marta\Downloads\MicrosoftFixit50475.msi 2013-08-22 07:37 - 2013-08-24 13:13 - 00000000 ____D C:\Users\Marta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2013-08-22 07:37 - 2013-08-22 07:37 - 00000000 ____D C:\Users\Marta\AppData\Roaming\WinRAR 2013-08-22 07:36 - 2013-08-22 07:37 - 00000000 ____D C:\Program Files\WinRAR 2013-08-22 07:20 - 2013-08-22 07:49 - 00000000 ____D C:\ProgramData\firebird 2013-08-22 07:03 - 2013-08-22 07:03 - 00001110 _____ C:\Users\Public\Desktop\Samsung Magician.lnk 2013-08-22 07:03 - 2013-08-22 07:03 - 00000000 ____D C:\Program Files (x86)\Samsung Magician 2013-08-20 09:54 - 2013-08-20 09:54 - 00002347 _____ C:\Users\Marta\Desktop\Bezpieczne pieniądze.lnk 2013-08-20 09:54 - 2013-08-20 09:54 - 00001149 _____ C:\Users\Public\Desktop\Kaspersky Internet Security 2013.lnk 2013-08-20 09:54 - 2013-08-20 09:54 - 00000000 ____D C:\Windows\ELAMBKUP 2013-08-20 09:54 - 2013-02-28 21:13 - 00064856 _____ (Kaspersky Lab) C:\Windows\system32\klfphc.dll 2013-08-20 09:53 - 2013-08-30 11:10 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2013-08-20 09:53 - 2013-08-20 09:59 - 00620128 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys 2013-08-20 09:53 - 2013-08-20 09:59 - 00090208 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys 2013-08-20 09:53 - 2013-08-20 09:53 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab 2013-08-20 07:02 - 2013-08-20 07:02 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll 2013-08-20 07:02 - 2013-08-20 07:02 - 00708168 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll 2013-08-20 07:02 - 2013-08-20 07:02 - 00204568 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudserd.sys 2013-08-20 07:02 - 2013-08-20 07:02 - 00204568 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys 2013-08-20 07:02 - 2013-08-20 07:02 - 00103576 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys 2013-08-19 13:20 - 2013-08-19 13:20 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-08-19 13:12 - 2013-08-19 13:12 - 00000000 ____D C:\Program Files (x86)\Trend Micro 2013-08-19 13:11 - 2013-08-19 13:11 - 01402880 _____ C:\Users\Marta\Downloads\HiJackThis.msi 2013-08-19 12:22 - 2013-08-19 12:22 - 00602112 _____ (OldTimer Tools) C:\Users\Marta\Downloads\OTL.exe 2013-08-19 09:26 - 2013-08-19 09:26 - 00527575 _____ C:\Users\Marta\Downloads\Windows6.1-KB976972-x64.msu 2013-08-19 09:24 - 2013-08-19 09:24 - 01528184 _____ (Microsoft Corporation) C:\Users\Marta\Downloads\GenuineCheck.exe 2013-08-19 09:24 - 2013-08-19 09:24 - 00459686 _____ C:\Users\Marta\Downloads\Windows6.1-KB976972-x86.msu 2013-08-19 09:12 - 2013-08-19 09:12 - 00347424 _____ (Microsoft Corporation) C:\Users\Marta\Downloads\MicrosoftFixit.Codec.RNP.34300325216306624.26.1.Run.exe 2013-08-19 09:05 - 2013-08-27 09:01 - 00000000 ____D C:\Windows\System32\Tasks\Zadania podglądu zdarzeń 2013-08-18 10:25 - 2013-08-19 15:57 - 00000974 _____ C:\Windows\Tasks\Paragon Archive name arc_180813082418424.job 2013-08-18 10:25 - 2013-08-19 15:00 - 00004582 _____ C:\Windows\System32\Tasks\Paragon Archive name arc_180813082418424 2013-08-17 12:31 - 2013-08-17 12:31 - 00000213 _____ C:\Users\Marta\Desktop\The Elder Scrolls V Skyrim.url 2013-08-17 12:30 - 2013-08-17 12:30 - 00001007 _____ C:\Users\Marta\Desktop\Steam.exe — skrót.lnk 2013-08-17 09:09 - 2013-08-17 09:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-08-16 17:14 - 2013-08-16 17:14 - 00000000 __HDC C:\ProgramData\{4D0E62A6-D0DC-4164-8F38-A06CB52F3850} 2013-08-16 15:54 - 2013-08-16 16:51 - 00000000 ____D C:\Program Files\Softland 2013-08-16 15:54 - 2010-02-05 15:00 - 01700352 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll 2013-08-16 13:26 - 2013-08-16 21:45 - 00000000 ____D C:\Program Files\Microsoft SQL Server 2013-08-16 13:25 - 2013-08-16 13:25 - 00000000 ____D C:\Instalki 2013-08-16 08:36 - 2013-08-16 08:36 - 04329488 _____ (Ghisler Software GmbH) C:\Users\Marta\Downloads\tcmd801x64.exe 2013-08-16 07:29 - 2013-08-16 07:29 - 00001820 _____ C:\Users\Marta\Desktop\INSTRUKCJA OPRACOWANIE WŁASNE.pdf — skrót.lnk 2013-08-15 09:52 - 2013-08-15 09:52 - 00000000 ____D C:\ProgramData\SystemRequirementsLab 2013-08-15 09:52 - 2013-08-15 09:52 - 00000000 ____D C:\Program Files (x86)\SystemRequirementsLab 2013-08-14 16:36 - 2012-03-10 03:58 - 00015168 _____ C:\Windows\system32\Drivers\nvflash.sys 2013-08-14 11:34 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-08-14 11:34 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-08-14 11:34 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-08-14 11:34 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-08-14 11:34 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-08-14 11:34 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-08-14 11:34 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-08-14 11:34 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-08-14 11:34 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-08-14 11:34 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-08-14 11:34 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-08-14 11:34 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-08-14 11:34 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-08-14 11:34 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-08-14 11:34 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-08-14 11:34 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-08-14 11:34 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-08-14 11:34 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-08-14 11:34 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-08-14 11:34 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-08-14 11:34 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-08-14 11:34 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-08-14 11:34 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-08-14 11:34 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-08-14 11:34 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-08-14 11:34 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-08-14 11:34 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-08-14 11:34 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-08-14 11:34 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-08-14 11:34 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-08-14 11:34 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-08-14 11:28 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2013-08-14 11:28 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL 2013-08-14 11:28 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2013-08-14 11:28 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2013-08-14 11:28 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2013-08-14 11:28 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2013-08-14 11:28 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2013-08-14 11:28 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2013-08-14 11:28 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2013-08-14 11:28 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2013-08-14 11:28 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2013-08-14 11:28 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2013-08-14 11:28 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2013-08-14 11:28 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2013-08-14 11:28 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2013-08-14 11:28 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2013-08-14 11:28 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2013-08-14 11:28 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2013-08-14 11:28 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2013-08-14 11:28 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2013-08-14 11:28 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2013-08-14 11:28 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2013-08-14 11:28 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2013-08-14 11:28 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2013-08-14 11:28 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2013-08-14 11:28 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2013-08-14 11:28 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2013-08-12 16:48 - 2013-08-13 19:57 - 00001355 _____ C:\Windows\system32\Dz.U. 2013 nr 0 poz. 366 - Rozporządzenie Ministra Transportu, Budownictwa i Gospodarki Morskiej z dnia 14 marca 2013 r. w sprawie warunków lokalizacji, sposobu oznakowania i dokonywania pomiarów .pdf.lnk 2013-08-11 19:30 - 2013-08-19 16:21 - 00000000 ____D C:\Users\Marta\AppData\Roaming\vlc 2013-08-11 13:46 - 2013-08-11 13:46 - 00000000 _____ C:\3860_2750484_MVM_0.tmp 2013-08-11 10:21 - 2013-08-24 20:49 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll 2013-08-11 10:21 - 2013-08-24 20:49 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll 2013-08-11 10:21 - 2013-08-24 20:49 - 00000000 ____D C:\Program Files (x86)\Java 2013-08-11 10:21 - 2013-08-11 10:21 - 00000000 ____D C:\Windows\Sun 2013-08-11 10:21 - 2013-08-11 10:21 - 00000000 ____D C:\ProgramData\Sun 2013-08-10 12:17 - 2013-08-10 12:17 - 00000000 ____D C:\Users\Marta\AppData\Roaming\cYo 2013-08-10 12:16 - 2013-08-10 12:17 - 00000000 ____D C:\Program Files\ComicRack 2013-08-10 12:01 - 2013-08-10 12:09 - 00000000 ____D C:\Users\Marta\AppData\Roaming\PDF Software 2013-08-09 21:32 - 2013-08-09 21:32 - 00000000 ____D C:\Users\Public\Documents\Logishrd 2013-08-09 21:32 - 2013-08-09 21:32 - 00000000 ____D C:\ProgramData\Logitech 2013-08-09 21:31 - 2013-08-15 19:26 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys 2013-08-09 21:31 - 2013-08-15 19:26 - 00000888 _____ C:\Windows\LkmdfCoInst.log 2013-08-09 21:31 - 2013-08-09 21:32 - 00000000 ____D C:\ProgramData\Logishrd 2013-08-09 21:31 - 2013-08-09 21:31 - 00006690 _____ C:\Windows\LDPINST.LOG 2013-08-09 21:31 - 2013-08-09 21:31 - 00000000 ____D C:\Program Files\Logitech 2013-08-09 21:30 - 2013-08-09 21:32 - 00000000 ____D C:\Users\Marta\AppData\Roaming\Logitech 2013-08-09 21:30 - 2013-08-09 21:31 - 00000000 ____D C:\Program Files\Common Files\LogiShrd 2013-08-09 21:30 - 2013-08-09 21:30 - 00000000 ____D C:\Users\Marta\AppData\Roaming\Logishrd 2013-08-09 14:10 - 2013-08-09 14:10 - 00000000 ____D C:\ProgramData\GG 2013-08-07 19:52 - 2013-08-07 19:55 - 00000000 ____D C:\Program Files (x86)\ABBYY FineReader 11 2013-08-07 19:52 - 2013-08-07 19:52 - 00000000 ____D C:\ProgramData\ABBYY 2013-08-04 15:44 - 2013-08-04 15:44 - 00000000 ____D C:\Users\Marta\Documents\My Games 2013-08-02 16:40 - 2013-08-02 16:40 - 00002215 _____ C:\Users\Public\Desktop\Google Earth.lnk 2013-07-31 09:41 - 2013-07-31 09:41 - 00000000 ____D C:\NvidiaLogging ==================== One Month Modified Files and Folders ======= 2013-08-30 11:42 - 2013-08-30 11:42 - 00024624 _____ E:\TEMPMA~1\log1 2013-08-30 11:42 - 2013-08-30 11:42 - 00019230 _____ E:\TEMPMA~1\frstlog 2013-08-30 11:42 - 2013-08-30 11:42 - 00000154 _____ E:\TEMPMA~1\users00 2013-08-30 11:42 - 2013-08-30 11:42 - 00000003 _____ E:\TEMPMA~1\others 2013-08-30 11:39 - 2013-07-06 20:29 - 00001046 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-08-30 11:33 - 2013-08-30 11:33 - 00000000 ____D C:\Users\Marta\Desktop\Stare dane programu Firefox 2013-08-30 11:31 - 2013-08-30 11:31 - 00000000 ____D E:\TEMPMA~1\acro_rd_dir 2013-08-30 11:26 - 2013-08-30 11:26 - 00002052 ___HT E:\TEMPMA~1\etilqs_tF9pkPMQrSGDATN 2013-08-30 11:10 - 2013-08-20 09:53 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2013-08-30 11:04 - 2013-07-29 13:03 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-08-30 10:47 - 2013-08-30 10:47 - 00000512 ____T E:\TEMPMA~1\~DF05FB6C72047EA220.TMP 2013-08-30 10:39 - 2013-07-06 20:29 - 00001042 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-08-30 10:19 - 2013-08-29 20:07 - 00000000 ____D E:\TEMPMA~1\msohtmlclip1 2013-08-30 10:16 - 2013-08-30 10:16 - 00000134 _____ E:\TEMPMA~1\1661863.od 2013-08-30 10:16 - 2013-08-30 10:16 - 00000000 _____ E:\TEMPMA~1\CVR5BA7.tmp.cvr 2013-08-30 10:07 - 2013-08-30 10:07 - 00000712 _____ C:\Users\SystemLook.txt 2013-08-30 10:06 - 2013-08-30 10:06 - 00000710 _____ C:\Users\Marta\Downloads\SystemLook.txt 2013-08-30 10:03 - 2013-08-30 10:03 - 00165376 _____ C:\Users\Marta\Downloads\SystemLook_x64.exe 2013-08-30 10:00 - 2013-08-30 10:00 - 00012300 ___HT E:\TEMPMA~1\etilqs_EEPg3Uk4rUGXJky 2013-08-30 09:57 - 2013-08-30 09:57 - 00016400 ___HT E:\TEMPMA~1\etilqs_VzHd1kvNBQXgBWw 2013-08-30 09:56 - 2009-07-14 06:45 - 00022080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-08-30 09:56 - 2009-07-14 06:45 - 00022080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-08-30 09:54 - 2013-08-29 17:56 - 00002825 _____ E:\TEMPMA~1\jusched.log 2013-08-30 09:53 - 2011-04-12 14:17 - 00741116 _____ C:\Windows\system32\perfh015.dat 2013-08-30 09:53 - 2011-04-12 14:17 - 00155712 _____ C:\Windows\system32\perfc015.dat 2013-08-30 09:53 - 2009-07-14 07:13 - 01671464 _____ C:\Windows\system32\PerfStringBackup.INI 2013-08-30 09:49 - 2013-08-30 09:49 - 00000134 _____ E:\TEMPMA~1\45240.od 2013-08-30 09:49 - 2013-08-30 09:49 - 00000000 ____D E:\TEMPMA~1\WPDNSE 2013-08-30 09:49 - 2013-08-30 09:49 - 00000000 _____ E:\TEMPMA~1\CVRB0B8.tmp.cvr 2013-08-30 09:49 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-08-30 09:49 - 2009-07-14 06:51 - 00103823 _____ C:\Windows\setupact.log 2013-08-30 03:09 - 2013-07-06 16:27 - 01773627 _____ C:\Windows\WindowsUpdate.log 2013-08-30 03:08 - 2013-08-30 03:08 - 00000000 ____D E:\TEMPMA~1\CRX_75DAF8CB7768 2013-08-30 03:01 - 2013-08-30 03:01 - 00000134 _____ E:\TEMPMA~1\57267.od 2013-08-30 03:01 - 2013-08-30 03:01 - 00000000 _____ E:\TEMPMA~1\CVRDFA4.tmp.cvr 2013-08-29 21:47 - 2013-08-29 21:47 - 00000000 _____ E:\TEMPMA~1\RIAF5.BIN 2013-08-29 21:03 - 2013-08-29 21:03 - 00015363 _____ C:\Users\GMER.txt 2013-08-29 20:52 - 2013-08-29 20:52 - 00377856 _____ C:\Users\Marta\Downloads\3m9pxj78.exe 2013-08-29 20:17 - 2013-08-29 18:43 - 00000000 ____D C:\Users\KASPER LOG 2013-08-29 20:16 - 2013-08-29 20:16 - 00000134 _____ E:\TEMPMA~1\8200894.od 2013-08-29 20:16 - 2013-08-29 20:16 - 00000000 _____ E:\TEMPMA~1\CVR22BE.tmp.cvr 2013-08-29 20:07 - 2013-08-29 20:07 - 00000000 ____D E:\TEMPMA~1\msohtmlclip 2013-08-29 20:00 - 2013-08-29 20:00 - 00000000 ____D E:\TEMPMA~1\VBE 2013-08-29 19:17 - 2013-07-12 10:58 - 00001062 _____ C:\Windows\Tasks\Paragon File Archive name arc_120713085740349.job 2013-08-29 18:43 - 2013-08-29 18:32 - 00000000 ____D C:\Users\OTL LOG 2013-08-29 18:24 - 2013-08-29 18:24 - 00000000 ____D C:\Users\FRST 64 LOG 2013-08-29 18:16 - 2013-08-29 18:16 - 00000000 ____D C:\FRST 2013-08-29 18:15 - 2013-08-30 10:10 - 01579080 _____ (Farbar) C:\Users\FRST64.exe 2013-08-29 18:15 - 2013-08-29 18:15 - 01579080 _____ (Farbar) C:\Users\Marta\Downloads\FRST64.exe 2013-08-29 18:09 - 2013-08-29 18:09 - 00000134 _____ E:\TEMPMA~1\574832.od 2013-08-29 18:09 - 2013-08-29 18:09 - 00000000 _____ E:\TEMPMA~1\CVRC570.tmp.cvr 2013-08-29 17:58 - 2013-08-29 17:58 - 00564824 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys 2013-08-29 17:57 - 2013-08-29 17:57 - 00797784 _____ (Duplex Secure Ltd.) C:\Users\Marta\Downloads\SPTDinst-v183-x64.exe 2013-08-29 17:53 - 2013-08-29 12:58 - 00000000 ____D E:\TEMPMA~1\D0CC116-2CC51798-C37BE5DE-8CDC2396 2013-08-29 17:51 - 2013-07-07 13:26 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite 2013-08-29 17:51 - 2010-11-21 05:47 - 00112016 _____ C:\Windows\PFRO.log 2013-08-29 17:44 - 2013-07-13 12:52 - 00023708 _____ C:\Windows\DPINST.LOG 2013-08-29 17:41 - 2013-07-20 09:09 - 00000000 ____D C:\ProgramData\Binarysense 2013-08-29 17:41 - 2013-07-20 09:08 - 00000000 ____D C:\Program Files (x86)\BinarySense 2013-08-29 17:41 - 2013-07-06 22:04 - 00000000 ____D C:\Program Files (x86)\HD Tune Pro 2013-08-29 17:40 - 2013-07-13 12:52 - 00000000 ____D C:\Program Files (x86)\Nokia 2013-08-29 17:39 - 2013-07-13 12:58 - 00000000 ____D C:\Users\Marta\AppData\Roaming\Nokia Suite 2013-08-29 17:39 - 2013-07-13 12:58 - 00000000 ____D C:\Users\Marta\AppData\Roaming\Nokia 2013-08-29 17:39 - 2013-07-13 12:53 - 00000000 ____D C:\ProgramData\Nokia 2013-08-29 14:55 - 2013-08-29 14:55 - 00000000 ____D C:\Program Files (x86)\ESET 2013-08-29 13:43 - 2013-08-29 13:33 - 00000000 ____D E:\TEMPMA~1\46B3AFEC-50C16E6C-3180674C-CC5F7364 2013-08-29 13:22 - 2013-08-29 13:22 - 01191834 _____ C:\Users\Marta\Downloads\ProcessExplorer.zip 2013-08-29 12:45 - 2013-08-29 12:45 - 00000000 ____D E:\TEMPMA~1\PhotoshopCrashes 2013-08-29 12:45 - 2013-08-29 12:45 - 00000000 ____D E:\TEMPMA~1\lilo.4420 2013-08-29 10:11 - 2013-08-28 22:40 - 00000000 ____D E:\TEMPMA~1\nsgFFA4.tmp 2013-08-29 08:49 - 2013-08-29 08:49 - 00000000 ____D E:\TEMPMA~1\FineReader11 2013-08-28 22:36 - 2013-07-07 15:11 - 00000000 ____D C:\Users\Marta\AppData\Roaming\Auslogics 2013-08-28 22:20 - 2013-07-07 10:35 - 00000000 ____D C:\Program Files\Lucidlogix Technologies 2013-08-28 22:20 - 2013-07-06 16:19 - 00000000 ____D C:\Users\Marta 2013-08-28 21:25 - 2013-08-24 10:00 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0 2013-08-28 20:45 - 2013-08-28 20:45 - 00000000 ____D C:\Users\Marta\AppData\Roaming\QuickScan 2013-08-28 17:07 - 2013-08-28 17:07 - 00262144 _____ C:\Windows\system32\config\elam 2013-08-28 16:18 - 2013-07-10 14:02 - 00000000 ____D C:\Users\Marta\AppData\Roaming\GG 2013-08-28 15:40 - 2013-08-28 09:23 - 00000000 ____D C:\Users\Marta\AppData\Roaming\Local Sync 2013-08-28 13:40 - 2013-07-06 20:30 - 00002186 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2013-08-28 09:23 - 2013-08-28 09:23 - 00001033 _____ C:\Users\Public\Desktop\Local Sync.lnk 2013-08-28 09:23 - 2013-08-28 09:23 - 00000000 ____D C:\Program Files (x86)\Local Sync 2013-08-28 08:26 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration 2013-08-28 08:24 - 2013-08-25 09:41 - 00000000 ____D C:\Program Files (x86)\MarkAny 2013-08-27 18:37 - 2013-08-25 09:38 - 00000000 ____D C:\Program Files (x86)\Samsung 2013-08-27 18:37 - 2013-07-06 20:42 - 00000000 ____D C:\ProgramData\Samsung 2013-08-27 18:37 - 2013-07-06 16:42 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-08-27 18:26 - 2013-08-27 14:44 - 00000000 ____D C:\Users\Marta\AppData\Roaming\MOBILedit 2013-08-27 18:07 - 2013-08-27 14:44 - 00000000 ____D C:\Users\Marta\Documents\MOBILedit! 2013-08-27 17:54 - 2013-08-27 14:41 - 00000000 ____D C:\Users\Public\Documents\MobilEdit! 2013-08-27 17:05 - 2013-08-27 17:05 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf 2013-08-27 16:14 - 2013-08-27 16:14 - 00000000 ____D C:\Users\Marta\.android 2013-08-27 15:08 - 2013-08-27 15:08 - 00000000 ____D C:\Program Files\Compiled Driver Disk (Samsung) 2013-08-27 14:54 - 2013-08-27 14:41 - 00001038 _____ C:\Users\Public\Desktop\MOBILedit!.lnk 2013-08-27 14:54 - 2013-08-27 14:41 - 00000000 ____D C:\Program Files (x86)\MOBILedit! 2013-08-27 14:47 - 2013-07-08 15:00 - 00000000 ____D C:\Users\Marta\AppData\Roaming\uTorrent 2013-08-27 14:42 - 2013-08-27 14:42 - 00000000 ____D C:\Program Files (x86)\COMPELSON Labs 2013-08-27 14:37 - 2013-08-27 14:37 - 00000000 ____D C:\Program Files (x86)\COMPELSON Laboratories 2013-08-27 13:57 - 2013-08-27 13:57 - 00000000 ____D C:\Users\Public\Documents\CrashDump 2013-08-27 11:01 - 2013-08-27 11:01 - 01699373 _____ (WareSoft Software ) C:\Users\Marta\Downloads\refreshpcinstall.exe 2013-08-27 11:01 - 2013-08-27 11:01 - 00000000 ____D C:\Program Files\RefreshPC 2013-08-27 10:22 - 2013-07-06 16:36 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2013-08-27 10:22 - 2013-07-06 16:36 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2013-08-27 10:22 - 2013-07-06 16:36 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2013-08-27 10:15 - 2013-07-06 16:36 - 00000000 ____D C:\ProgramData\NVIDIA 2013-08-27 10:10 - 2009-07-14 07:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2013-08-27 09:01 - 2013-08-19 09:05 - 00000000 ____D C:\Windows\System32\Tasks\Zadania podglądu zdarzeń 2013-08-26 19:30 - 2013-07-12 10:56 - 00001066 _____ C:\Windows\Tasks\Paragon File Archive name arc_120713085528874.job 2013-08-26 08:29 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF 2013-08-25 16:57 - 2013-08-25 16:57 - 00000000 ____D C:\Users\Marta\AppData\Roaming\U3 2013-08-25 14:18 - 2013-07-22 16:58 - 00000084 _____ C:\Windows\winamp.ini 2013-08-25 09:44 - 2013-08-25 09:44 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log 2013-08-25 09:41 - 2013-08-25 09:41 - 00000000 ____D C:\Users\Marta\Documents\samsung 2013-08-25 09:39 - 2013-08-25 09:39 - 00000000 ____D C:\Program Files (x86)\MyFree Codec 2013-08-24 20:49 - 2013-08-24 20:49 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2013-08-24 20:49 - 2013-08-24 20:49 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2013-08-24 20:49 - 2013-08-24 20:49 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2013-08-24 20:49 - 2013-08-24 20:49 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2013-08-24 20:49 - 2013-08-11 10:21 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll 2013-08-24 20:49 - 2013-08-11 10:21 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll 2013-08-24 20:49 - 2013-08-11 10:21 - 00000000 ____D C:\Program Files (x86)\Java 2013-08-24 13:43 - 2013-08-24 13:37 - 00000000 ____D C:\Users\Marta\Doctor Web 2013-08-24 13:36 - 2013-08-24 13:36 - 128842680 _____ C:\Users\Marta\Downloads\launch.exe 2013-08-24 13:13 - 2013-08-22 07:37 - 00000000 ____D C:\Users\Marta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2013-08-24 13:13 - 2013-07-07 12:42 - 00000000 ____D C:\Users\Marta\AppData\Roaming\IrfanView 2013-08-24 13:13 - 2013-07-06 16:35 - 00000000 ____D C:\Users\Marta\AppData\Roaming\GHISLER 2013-08-24 13:13 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\AppCompat 2013-08-24 12:57 - 2013-07-06 16:19 - 00000000 ___RD C:\Users\Marta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-08-24 12:20 - 2013-08-24 12:20 - 00008764 _____ C:\Windows\SysWOW64\switchboard.xml 2013-08-24 12:20 - 2013-08-24 12:20 - 00000369 _____ C:\Windows\SysWOW64\switchboard.ini 2013-08-24 12:20 - 2013-08-24 12:20 - 00000000 _____ C:\Windows\SysWOW64\launch.switchboard 2013-08-22 08:41 - 2013-08-22 08:41 - 00657408 _____ C:\Users\Marta\Downloads\MicrosoftFixit50475.msi 2013-08-22 07:49 - 2013-08-22 07:20 - 00000000 ____D C:\ProgramData\firebird 2013-08-22 07:49 - 2013-07-29 13:44 - 00000000 ____D C:\Users\Marta\Documents\MailStore Home 2013-08-22 07:37 - 2013-08-22 07:37 - 00000000 ____D C:\Users\Marta\AppData\Roaming\WinRAR 2013-08-22 07:37 - 2013-08-22 07:36 - 00000000 ____D C:\Program Files\WinRAR 2013-08-22 07:03 - 2013-08-22 07:03 - 00001110 _____ C:\Users\Public\Desktop\Samsung Magician.lnk 2013-08-22 07:03 - 2013-08-22 07:03 - 00000000 ____D C:\Program Files (x86)\Samsung Magician 2013-08-20 09:59 - 2013-08-20 09:53 - 00620128 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys 2013-08-20 09:59 - 2013-08-20 09:53 - 00090208 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys 2013-08-20 09:59 - 2013-02-28 21:13 - 00054368 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kltdi.sys 2013-08-20 09:59 - 2012-08-13 16:49 - 00178448 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kneps.sys 2013-08-20 09:54 - 2013-08-20 09:54 - 00002347 _____ C:\Users\Marta\Desktop\Bezpieczne pieniądze.lnk 2013-08-20 09:54 - 2013-08-20 09:54 - 00001149 _____ C:\Users\Public\Desktop\Kaspersky Internet Security 2013.lnk 2013-08-20 09:54 - 2013-08-20 09:54 - 00000000 ____D C:\Windows\ELAMBKUP 2013-08-20 09:53 - 2013-08-20 09:53 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab 2013-08-20 07:02 - 2013-08-20 07:02 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll 2013-08-20 07:02 - 2013-08-20 07:02 - 00708168 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll 2013-08-20 07:02 - 2013-08-20 07:02 - 00204568 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudserd.sys 2013-08-20 07:02 - 2013-08-20 07:02 - 00204568 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys 2013-08-20 07:02 - 2013-08-20 07:02 - 00103576 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys 2013-08-19 22:16 - 2013-07-09 20:53 - 00000000 ____D C:\ProgramData\Adobe 2013-08-19 16:21 - 2013-08-11 19:30 - 00000000 ____D C:\Users\Marta\AppData\Roaming\vlc 2013-08-19 15:57 - 2013-08-18 10:25 - 00000974 _____ C:\Windows\Tasks\Paragon Archive name arc_180813082418424.job 2013-08-19 15:00 - 2013-08-18 10:25 - 00004582 _____ C:\Windows\System32\Tasks\Paragon Archive name arc_180813082418424 2013-08-19 13:20 - 2013-08-19 13:20 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-08-19 13:12 - 2013-08-19 13:12 - 00000000 ____D C:\Program Files (x86)\Trend Micro 2013-08-19 13:11 - 2013-08-19 13:11 - 01402880 _____ C:\Users\Marta\Downloads\HiJackThis.msi 2013-08-19 12:22 - 2013-08-19 12:22 - 00602112 _____ (OldTimer Tools) C:\Users\Marta\Downloads\OTL.exe 2013-08-19 09:26 - 2013-08-19 09:26 - 00527575 _____ C:\Users\Marta\Downloads\Windows6.1-KB976972-x64.msu 2013-08-19 09:24 - 2013-08-19 09:24 - 01528184 _____ (Microsoft Corporation) C:\Users\Marta\Downloads\GenuineCheck.exe 2013-08-19 09:24 - 2013-08-19 09:24 - 00459686 _____ C:\Users\Marta\Downloads\Windows6.1-KB976972-x86.msu 2013-08-19 09:12 - 2013-08-19 09:12 - 00347424 _____ (Microsoft Corporation) C:\Users\Marta\Downloads\MicrosoftFixit.Codec.RNP.34300325216306624.26.1.Run.exe 2013-08-17 12:48 - 2013-07-06 17:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-08-17 12:31 - 2013-08-17 12:31 - 00000213 _____ C:\Users\Marta\Desktop\The Elder Scrolls V Skyrim.url 2013-08-17 12:30 - 2013-08-17 12:30 - 00001007 _____ C:\Users\Marta\Desktop\Steam.exe — skrót.lnk 2013-08-17 12:21 - 2013-07-07 14:39 - 00000000 ____D C:\Users\Public\Desktop\PRV 2013-08-17 09:09 - 2013-08-17 09:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-08-16 21:45 - 2013-08-16 13:26 - 00000000 ____D C:\Program Files\Microsoft SQL Server 2013-08-16 21:23 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared 2013-08-16 18:39 - 2013-07-06 18:10 - 00000000 ____D C:\Windows\Downloaded Installations 2013-08-16 17:47 - 2009-07-14 06:45 - 05136776 _____ C:\Windows\system32\FNTCACHE.DAT 2013-08-16 17:14 - 2013-08-16 17:14 - 00000000 __HDC C:\ProgramData\{4D0E62A6-D0DC-4164-8F38-A06CB52F3850} 2013-08-16 16:51 - 2013-08-16 15:54 - 00000000 ____D C:\Program Files\Softland 2013-08-16 15:56 - 2013-07-06 21:10 - 02064024 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2013-08-16 13:25 - 2013-08-16 13:25 - 00000000 ____D C:\Instalki 2013-08-16 08:36 - 2013-08-16 08:36 - 04329488 _____ (Ghisler Software GmbH) C:\Users\Marta\Downloads\tcmd801x64.exe 2013-08-16 07:29 - 2013-08-16 07:29 - 00001820 _____ C:\Users\Marta\Desktop\INSTRUKCJA OPRACOWANIE WŁASNE.pdf — skrót.lnk 2013-08-15 19:26 - 2013-08-09 21:31 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys 2013-08-15 19:26 - 2013-08-09 21:31 - 00000888 _____ C:\Windows\LkmdfCoInst.log 2013-08-15 09:52 - 2013-08-15 09:52 - 00000000 ____D C:\ProgramData\SystemRequirementsLab 2013-08-15 09:52 - 2013-08-15 09:52 - 00000000 ____D C:\Program Files (x86)\SystemRequirementsLab 2013-08-14 21:23 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache 2013-08-14 11:34 - 2013-07-06 18:34 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-08-14 11:32 - 2013-07-11 00:25 - 00000000 ____D C:\Windows\system32\MRT 2013-08-14 11:30 - 2013-07-06 17:27 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-08-13 19:57 - 2013-08-12 16:48 - 00001355 _____ C:\Windows\system32\Dz.U. 2013 nr 0 poz. 366 - Rozporządzenie Ministra Transportu, Budownictwa i Gospodarki Morskiej z dnia 14 marca 2013 r. w sprawie warunków lokalizacji, sposobu oznakowania i dokonywania pomiarów .pdf.lnk 2013-08-12 20:54 - 2013-07-06 18:57 - 04692400 _____ C:\Windows\PE_Rom.dll 2013-08-12 19:48 - 2013-07-06 18:58 - 00000000 _____ C:\Windows\Path.idx 2013-08-12 17:03 - 2013-07-07 13:00 - 00000000 ____D C:\Program Files (x86)\VideoLAN 2013-08-11 13:46 - 2013-08-11 13:46 - 00000000 _____ C:\3860_2750484_MVM_0.tmp 2013-08-11 10:21 - 2013-08-11 10:21 - 00000000 ____D C:\Windows\Sun 2013-08-11 10:21 - 2013-08-11 10:21 - 00000000 ____D C:\ProgramData\Sun 2013-08-10 12:17 - 2013-08-10 12:17 - 00000000 ____D C:\Users\Marta\AppData\Roaming\cYo 2013-08-10 12:17 - 2013-08-10 12:16 - 00000000 ____D C:\Program Files\ComicRack 2013-08-10 12:09 - 2013-08-10 12:01 - 00000000 ____D C:\Users\Marta\AppData\Roaming\PDF Software 2013-08-09 21:32 - 2013-08-09 21:32 - 00000000 ____D C:\Users\Public\Documents\Logishrd 2013-08-09 21:32 - 2013-08-09 21:32 - 00000000 ____D C:\ProgramData\Logitech 2013-08-09 21:32 - 2013-08-09 21:31 - 00000000 ____D C:\ProgramData\Logishrd 2013-08-09 21:32 - 2013-08-09 21:30 - 00000000 ____D C:\Users\Marta\AppData\Roaming\Logitech 2013-08-09 21:31 - 2013-08-09 21:31 - 00006690 _____ C:\Windows\LDPINST.LOG 2013-08-09 21:31 - 2013-08-09 21:31 - 00000000 ____D C:\Program Files\Logitech 2013-08-09 21:31 - 2013-08-09 21:30 - 00000000 ____D C:\Program Files\Common Files\LogiShrd 2013-08-09 21:30 - 2013-08-09 21:30 - 00000000 ____D C:\Users\Marta\AppData\Roaming\Logishrd 2013-08-09 14:10 - 2013-08-09 14:10 - 00000000 ____D C:\ProgramData\GG 2013-08-08 19:42 - 2013-07-18 20:10 - 00000132 _____ C:\Users\Marta\AppData\Roaming\Preferencje formatu PNG CS6 firmy Adobe 2013-08-08 11:12 - 2013-07-07 00:42 - 00000000 ____D C:\Users\Marta\Documents\PrintScreen Files 2013-08-07 19:55 - 2013-08-07 19:52 - 00000000 ____D C:\Program Files (x86)\ABBYY FineReader 11 2013-08-07 19:52 - 2013-08-07 19:52 - 00000000 ____D C:\ProgramData\ABBYY 2013-08-07 11:54 - 2013-07-07 14:39 - 00000000 ____D C:\Users\Public\Desktop\Do koncepcji NEV - Chrzanów 2013-08-04 15:44 - 2013-08-04 15:44 - 00000000 ____D C:\Users\Marta\Documents\My Games 2013-08-04 15:44 - 2013-07-06 16:34 - 00027368 _____ C:\Windows\DirectX.log 2013-08-02 16:40 - 2013-08-02 16:40 - 00002215 _____ C:\Users\Public\Desktop\Google Earth.lnk 2013-08-02 16:40 - 2013-07-06 20:29 - 00000000 ____D C:\Program Files (x86)\Google 2013-07-31 09:41 - 2013-07-31 09:41 - 00000000 ____D C:\NvidiaLogging 2013-07-31 09:41 - 2013-07-06 18:10 - 00000000 ____D C:\Program Files\Protector Suite ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-08-22 16:16 ==================== End Of Log ============================