Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-01-2014 Ran by user (administrator) on USER-HP on 21-01-2014 21:34:48 Running from C:\Users\user\Desktop\frst - Kopia Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polish Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\System32\atiesrxx.exe (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (AMD) C:\Windows\System32\atieclxx.exe (Microsoft Corporation) C:\Windows\System32\wisptis.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Corporation) C:\Windows\System32\wisptis.exe (Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe (Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Libs\DTuneSrvc.exe (EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe () C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe (Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (CyberLink) C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe (PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe (Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe (BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe (BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe (BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\tv_x64.exe (Hewlett-Packard ) C:\Program Files\IDT\WDM\beats64.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (Microsoft Corporation) C:\Windows\WindowsMobile\wmdcBase.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (PS Soft Lab) C:\Program Files (x86)\PS Tray Factory\PSTrayFactory.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE (Portrait Displays, Inc) C:\Program Files (x86)\Hewlett-Packard\HP My Display TouchSmart Edition\OSDManager.exe () C:\Program Files (x86)\PS Tray Factory\pstf_x64_stub.exe (Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe (Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe () C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\Keystatus.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe (Portrait Displays, Inc) C:\Program Files (x86)\Hewlett-Packard\HP My Display TouchSmart Edition\dthtml.exe (Portrait Displays Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\HookManager.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP My Display\DTune.exe (Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe (Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Libs\DTHelper.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [BeatsOSDApp] - C:\Program Files\IDT\WDM\beats64.exe [37888 2010-10-20] (Hewlett-Packard ) HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-04-24] (IDT, Inc.) HKLM\...\Run: [Windows Mobile-based device management] - C:\Windows\WindowsMobile\wmdcBase.exe [660360 2007-05-31] (Microsoft Corporation) HKLM-x32\...\Run: [StartCCC] - c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-10-06] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [HP KEYBOARDx] - C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE [710656 2010-02-11] (Hewlett-Packard) HKLM-x32\...\Run: [Easybits Recovery] - C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2010-04-25] (EasyBits Software AS) HKLM-x32\...\Run: [DT HPO] - C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe [121456 2010-07-30] () HKLM-x32\...\Run: [PDF Complete] - C:\Program Files (x86)\PDF Complete\pdfsty.exe [895512 2010-10-22] (PDF Complete Inc) HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard) HKLM-x32\...\Run: [LWS] - C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.) HKLM-x32\...\Run: [TrayFactory] - C:\Program Files (x86)\PS Tray Factory\PSTrayFactory.EXE [541185 2010-04-28] (PS Soft Lab) HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-12-12] (AVAST Software) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.) HKLM-x32\...\Run: [BlueStacks Agent] - C:\Program Files (x86)\BlueStacks\HD-Agent.exe [807696 2013-12-20] (BlueStack Systems, Inc.) HKLM-x32\...\Run: [DT_HPO] - C:\Program Files (x86)\Hewlett-Packard\HP My Display\DTuneStartup.exe [142344 2013-08-20] (Hewlett-Packard) HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-01-14] (Hewlett-Packard) HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1 HKCU\...\Run: [TrayFactory] - C:\Program Files (x86)\PS Tray Factory\PSTrayFactory.exe [541185 2010-04-28] (PS Soft Lab) HKCU\...\RunOnce: [PSTF] - C:\Program Files (x86)\PS Tray Factory\PSTrayFactory.exe /start [541185 2010-04-28] (PS Soft Lab) HKCU\...\Policies\system: [DisableLockWorkstation] 0 HKCU\...\Policies\system: [DisableChangePassword] 0 MountPoints2: {9dc75cf8-6982-11e3-8668-60eb69fd9fcb} - G:\setup.exe HKU\Guest\...\Run: [TrayFactory] - C:\Program Files (x86)\PS Tray Factory\PSTrayFactory.exe [541185 2010-04-28] (PS Soft Lab) HKU\Guest\...\RunOnce: [PSTF] - C:\Program Files (x86)\PS Tray Factory\PSTrayFactory.exe [541185 2010-04-28] (PS Soft Lab) HKU\OGÓLNE\...\Run: [TrayFactory] - C:\Program Files (x86)\PS Tray Factory\PSTrayFactory.exe [541185 2010-04-28] (PS Soft Lab) HKU\OGÓLNE\...\RunOnce: [PSTF] - C:\Program Files (x86)\PS Tray Factory\PSTrayFactory.exe [541185 2010-04-28] (PS Soft Lab) ==================== Internet (Whitelisted) ==================== BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll (CANON INC.) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Pomocnik logowania za pomocą konta Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll (CANON INC.) Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-11-11] (EasyBits Software Corp.) Tcpip\Parameters: [DhcpNameServer] 94.251.160.14 94.251.182.11 ==================== Services (Whitelisted) ================= R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-12] (AVAST Software) R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2013-12-20] (BlueStack Systems, Inc.) R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2013-12-20] (BlueStack Systems, Inc.) R2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [139632 2012-11-15] (Portrait Displays, Inc.) R2 DTuneSrvc; C:\Program Files (x86)\Common Files\Portrait Displays\Libs\DTuneSrvc.exe [120328 2013-07-17] (Portrait Displays, Inc.) S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227936 2013-11-09] (WildTangent) R2 HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [107576 2010-11-17] () R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [46904 2013-12-17] (Hewlett-Packard Company) R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1121304 2010-10-22] (PDF Complete Inc) R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-12-12] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-12-12] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-12] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-12] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-12-12] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-12-12] (AVAST Software) R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2013-12-12] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-12-12] () R3 AVerAVF2; C:\Windows\System32\DRIVERS\AVerAVF2.sys [1212416 2010-11-11] (AVerMedia TECHNOLOGIES, Inc.) R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [114448 2013-12-20] (BlueStack Systems) S3 CpqDfw; C:\Windows\System32\drivers\CpqDfw.sys [27456 2012-05-29] (Windows (R) Codename Longhorn DDK provider) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-12-20] (Disc Soft Ltd) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-01-21 21:34 - 2014-01-21 21:34 - 00000000 ____D C:\Users\user\Desktop\frst - Kopia 2014-01-21 17:05 - 2014-01-21 17:05 - 00000499 _____ C:\Users\user\Desktop\fix.reg 2014-01-21 17:04 - 2014-01-21 17:04 - 00000000 _____ C:\Users\user\Desktop\Nowy dokument tekstowy.txt 2014-01-20 21:03 - 2014-01-20 21:03 - 00000000 ____D C:\MATS 2014-01-20 21:01 - 2014-01-20 21:01 - 00347816 _____ (Microsoft Corporation) C:\Users\user\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.139313675175150990.1.1.Run.exe 2014-01-20 20:59 - 2014-01-19 13:41 - 00002766 _____ C:\Users\user\Desktop\preferences 2014-01-20 20:56 - 2014-01-21 17:07 - 00000000 ____D C:\Users\user\Desktop\frst 2014-01-20 17:08 - 2014-01-21 17:07 - 00000000 ____D C:\FRST 2014-01-19 13:45 - 2014-01-19 13:45 - 01236282 _____ C:\Users\user\Downloads\AdwCleaner (1).exe 2014-01-19 13:39 - 2014-01-20 21:20 - 00000000 ____D C:\AdwCleaner 2014-01-19 13:38 - 2014-01-19 13:39 - 01236282 _____ C:\Users\user\Downloads\AdwCleaner.exe 2014-01-19 13:30 - 2014-01-19 13:30 - 00000000 ____D C:\_OTL 2014-01-19 13:29 - 2014-01-19 13:29 - 00602112 _____ (OldTimer Tools) C:\Users\user\Downloads\OTL.exe 2014-01-18 23:19 - 2014-01-18 23:19 - 04427776 _____ C:\Users\user\Downloads\HPSupportSolutionsFramework.msi 2014-01-18 18:20 - 2014-01-18 18:20 - 00094381 _____ (Irfan Skiljan) C:\Users\user\Downloads\irfanview_lang_polski.exe 2014-01-18 18:17 - 2014-01-18 18:17 - 00001852 _____ C:\Users\Public\Desktop\IrfanView Thumbnails.lnk 2014-01-18 18:17 - 2014-01-18 18:17 - 00000960 _____ C:\Users\Public\Desktop\IrfanView.lnk 2014-01-18 18:16 - 2014-01-18 18:16 - 01883792 _____ (Irfan Skiljan) C:\Users\user\Downloads\iview437_setup(dobreprogramy.pl).exe 2014-01-18 16:52 - 2014-01-18 16:52 - 00007174 _____ C:\Users\user\AppData\Local\recently-used.xbel 2014-01-18 16:33 - 2014-01-18 16:33 - 00072704 _____ C:\Users\user\Downloads\MyDisplayTSEHelp.exe 2014-01-18 16:31 - 2014-01-18 16:32 - 12710776 _____ (Portrait Displays, Inc.) C:\Users\user\Downloads\HP_Picture_in_Picture.exe 2014-01-18 16:30 - 2014-01-18 16:30 - 00000000 ____D C:\ProgramData\IsolatedStorage 2014-01-18 16:29 - 2014-01-18 16:29 - 00000000 ____D C:\Users\user\AppData\Local\Portrait_Displays 2014-01-18 16:28 - 2014-01-18 16:28 - 00000000 ____D C:\ProgramData\Downloaded Installations 2014-01-18 16:26 - 2014-01-18 16:27 - 11554896 _____ (Portrait Displays, Inc.) C:\Users\user\Downloads\MyDisplay_TouchSmartEdition.exe 2014-01-18 09:26 - 2014-01-18 09:26 - 00012442 _____ C:\Users\user\Documents\cc_20140118_092633.reg 2014-01-18 09:25 - 2014-01-18 09:25 - 00000000 ____D C:\Windows\pss 2014-01-18 09:22 - 2014-01-21 21:26 - 00000784 _____ C:\Windows\setupact.log 2014-01-18 09:22 - 2014-01-19 13:42 - 00030774 _____ C:\Windows\PFRO.log 2014-01-18 09:22 - 2014-01-18 09:22 - 00000000 _____ C:\Windows\setuperr.log 2014-01-18 09:17 - 2014-01-18 09:17 - 00015610 _____ C:\Users\user\Documents\cc_20140118_091732.reg 2014-01-18 09:16 - 2014-01-18 09:16 - 00001071 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-01-18 09:16 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-01-18 09:15 - 2014-01-18 09:15 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\user\Downloads\mbam-setup-1.75.0.1300.exe 2014-01-18 08:48 - 2014-01-18 08:52 - 00000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp 2014-01-18 08:48 - 2014-01-18 08:52 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp 2014-01-18 08:46 - 2014-01-18 08:46 - 00000000 ____D C:\Users\user\AppData\Roaming\Stardock 2014-01-18 08:45 - 2014-01-18 09:07 - 00000000 ___DC C:\ProgramData\{345977C2-5084-446C-9181-6AB4FF7DBA08} 2014-01-18 08:45 - 2014-01-18 08:45 - 00000000 ____D C:\ProgramData\Stardock 2014-01-18 08:45 - 2014-01-18 08:45 - 00000000 ____D C:\Program Files\Stardock 2014-01-18 08:44 - 2014-01-18 09:07 - 00000000 ___DC C:\ProgramData\{9A791F26-7B69-4170-878D-72038B71C39D} 2014-01-18 08:44 - 2014-01-18 08:45 - 00000000 ____D C:\Program Files (x86)\Stardock 2014-01-18 08:44 - 2014-01-18 08:44 - 00000000 ____D C:\Users\Public\Documents\Stardock 2014-01-17 20:40 - 2014-01-18 09:07 - 00000000 ____D C:\Users\user\Downloads\tdsskiller 2014-01-17 20:39 - 2014-01-17 20:39 - 02047211 _____ C:\Users\user\Downloads\tdsskiller.zip 2014-01-17 19:42 - 2014-01-18 09:07 - 00000000 ____D C:\Users\user\Documents\Notes 2014-01-17 19:18 - 2014-01-18 09:16 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2014-01-17 19:18 - 2014-01-17 19:18 - 00000000 ____D C:\Users\user\AppData\Roaming\Malwarebytes 2014-01-17 19:18 - 2014-01-17 19:18 - 00000000 ____D C:\ProgramData\Malwarebytes 2014-01-17 19:13 - 2014-01-17 19:13 - 04535012 _____ C:\Users\user\Downloads\Polskie Plaze.themepack 2014-01-17 18:53 - 2014-01-17 18:53 - 00072152 _____ C:\Users\user\Downloads\sp53195 exe [Burnbit].torrent 2014-01-16 21:15 - 2014-01-16 21:16 - 11691920 _____ C:\Users\user\Downloads\IsleofManMarkWallace.themepack 2014-01-16 20:51 - 2014-01-16 20:51 - 00000000 ____D C:\Users\OGÓLNE\AppData\Roaming\Hewlett-Packard 2014-01-16 20:49 - 2014-01-16 20:49 - 00069504 _____ C:\Users\OGÓLNE\AppData\Local\GDIPFONTCACHEV1.DAT 2014-01-16 20:49 - 2014-01-16 20:49 - 00000000 ____D C:\Users\OGÓLNE\AppData\Local\Logitech® Webcam Software 2014-01-16 20:48 - 2014-01-16 21:45 - 00000000 ____D C:\Users\OGÓLNE\AppData\Roaming\PictureMover 2014-01-16 20:48 - 2014-01-16 20:48 - 00000000 ____D C:\Users\OGÓLNE\AppData\Roaming\ATI 2014-01-16 20:48 - 2014-01-16 20:48 - 00000000 ____D C:\Users\OGÓLNE\AppData\Local\ATI 2014-01-16 20:47 - 2014-01-16 21:46 - 00000000 ____D C:\Users\OGÓLNE 2014-01-16 20:47 - 2014-01-16 20:47 - 00000000 _SHDL C:\Users\OGÓLNE\Ustawienia lokalne 2014-01-16 20:47 - 2014-01-16 20:47 - 00000000 _SHDL C:\Users\OGÓLNE\Szablony 2014-01-16 20:47 - 2014-01-16 20:47 - 00000000 _SHDL C:\Users\OGÓLNE\Moje dokumenty 2014-01-16 20:47 - 2014-01-16 20:47 - 00000000 _SHDL C:\Users\OGÓLNE\Menu Start 2014-01-16 20:47 - 2014-01-16 20:47 - 00000000 _SHDL C:\Users\OGÓLNE\Documents\Moje wideo 2014-01-16 20:47 - 2014-01-16 20:47 - 00000000 _SHDL C:\Users\OGÓLNE\Documents\Moje obrazy 2014-01-16 20:47 - 2014-01-16 20:47 - 00000000 _SHDL C:\Users\OGÓLNE\Documents\Moja muzyka 2014-01-16 20:47 - 2014-01-16 20:47 - 00000000 _SHDL C:\Users\OGÓLNE\Dane aplikacji 2014-01-16 20:47 - 2014-01-16 20:47 - 00000000 _SHDL C:\Users\OGÓLNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2014-01-16 20:47 - 2014-01-16 20:47 - 00000000 _SHDL C:\Users\OGÓLNE\AppData\Local\Historia 2014-01-16 20:47 - 2014-01-16 20:47 - 00000000 _SHDL C:\Users\OGÓLNE\AppData\Local\Dane aplikacji 2014-01-16 20:47 - 2014-01-16 20:47 - 00000000 ____D C:\Users\OGÓLNE\AppData\Roaming\DisplayTune 2014-01-16 20:47 - 2014-01-16 20:47 - 00000000 ____D C:\Users\OGÓLNE\AppData\Roaming\AVAST Software 2014-01-16 20:47 - 2014-01-16 20:47 - 00000000 ____D C:\Users\OGÓLNE\AppData\Roaming\Adobe 2014-01-16 20:47 - 2014-01-16 20:47 - 00000000 ____D C:\Users\OGÓLNE\AppData\Local\VirtualStore 2014-01-16 20:47 - 2014-01-16 20:47 - 00000000 ____D C:\Users\OGÓLNE\AppData\Local\TouchSmartData 2014-01-16 20:47 - 2014-01-16 20:47 - 00000000 ____D C:\Users\OGÓLNE\AppData\Local\PDFC 2014-01-16 20:47 - 2011-11-11 21:41 - 00000000 ____D C:\Users\OGÓLNE\AppData\Roaming\Macromedia 2014-01-16 20:47 - 2011-11-11 21:41 - 00000000 ____D C:\Users\OGÓLNE\AppData\Local\Hewlett-Packard 2014-01-16 16:54 - 2014-01-18 18:17 - 00000000 ____D C:\Users\user\AppData\Roaming\IrfanView 2014-01-16 16:54 - 2014-01-18 18:17 - 00000000 ____D C:\Program Files (x86)\IrfanView 2014-01-16 16:27 - 2014-01-16 16:27 - 00000000 ____D C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F} 2014-01-15 20:05 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2014-01-15 20:05 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2014-01-15 20:05 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2014-01-15 20:05 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2014-01-15 20:05 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2014-01-15 20:05 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys 2014-01-15 20:05 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2014-01-15 20:05 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2014-01-15 20:05 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-01-13 22:10 - 2014-01-13 22:10 - 00000536 _____ C:\Users\user\Documents\cc_20140113_221019.reg 2014-01-11 13:54 - 2014-01-11 13:54 - 00001821 _____ C:\Users\Public\Desktop\Apps.lnk 2014-01-11 13:54 - 2014-01-11 13:54 - 00001769 _____ C:\Users\Public\Desktop\Start BlueStacks.lnk 2014-01-11 13:53 - 2014-01-11 13:53 - 00000000 ____D C:\Program Files (x86)\BlueStacks 2014-01-06 10:50 - 2014-01-06 10:50 - 00000000 __SHD C:\Windows\ftpcache 2014-01-06 10:49 - 2014-01-06 10:49 - 00001261 _____ C:\Users\Public\Desktop\Leniuchowo - Słodycze sportowców.lnk 2014-01-06 10:49 - 2014-01-06 10:49 - 00000148 _____ C:\Windows\compedia.ini 2014-01-06 10:49 - 2014-01-06 10:49 - 00000000 ____D C:\ProgramData\Compedia 2014-01-02 21:58 - 2014-01-02 21:58 - 00008278 _____ C:\Users\user\Documents\cc_20140102_215801.reg 2014-01-02 21:53 - 2014-01-02 21:53 - 00000116 _____ C:\Users\user\Desktop\RMF LOVE.url 2014-01-01 18:46 - 2014-01-01 18:46 - 00000998 _____ C:\Users\Public\Desktop\JDownloader.lnk 2014-01-01 18:46 - 2014-01-01 18:46 - 00000000 ____D C:\ProgramData\Sun 2014-01-01 18:45 - 2014-01-01 19:01 - 00000000 ____D C:\Program Files (x86)\JDownloader 2014-01-01 18:45 - 2014-01-01 18:45 - 00472808 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\deployJava1.dll 2014-01-01 18:45 - 2014-01-01 18:45 - 00153376 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaws.exe 2014-01-01 18:45 - 2014-01-01 18:45 - 00145184 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaw.exe 2014-01-01 18:45 - 2014-01-01 18:45 - 00145184 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\java.exe 2014-01-01 18:45 - 2014-01-01 18:45 - 00000000 ____D C:\Program Files (x86)\Java 2014-01-01 18:44 - 2014-01-01 18:44 - 30157280 _____ (AppWork UG (haftungsbeschränkt)) C:\Users\user\Downloads\JDownloaderSetup_0.9581(dobreprogramy.pl).exe.exe 2014-01-01 15:55 - 2014-01-01 15:55 - 01076454 _____ C:\Users\user\Documents\ms.bmp 2014-01-01 15:45 - 2014-01-01 15:45 - 02879488 _____ (© 2013 NaukaDlaDzieci.net) C:\Users\user\Desktop\malymalarz_14(dobreprogramy.pl).exe 2014-01-01 13:34 - 2014-01-01 14:59 - 00000000 ____D C:\Users\user\AppData\Local\Canon Easy-PhotoPrint EX 2014-01-01 13:34 - 2014-01-01 13:34 - 00001888 _____ C:\Users\Public\Desktop\Canon Easy-PhotoPrint EX.lnk 2014-01-01 13:34 - 2014-01-01 13:34 - 00000000 ___HD C:\ProgramData\CanonIJEPPEX2 2014-01-01 13:34 - 2014-01-01 13:34 - 00000000 ___HD C:\ProgramData\CanonEPP 2014-01-01 13:33 - 2014-01-01 13:33 - 60337752 _____ C:\Users\user\Downloads\eppx-win-4_1_6-en.exe 2014-01-01 12:56 - 2014-01-01 13:27 - 00000000 ___HD C:\ProgramData\CanonIJMIG 2014-01-01 12:56 - 2014-01-01 12:56 - 00000000 ____D C:\Users\user\AppData\Roaming\Canon 2014-01-01 12:55 - 2014-01-01 12:55 - 00000000 ____D C:\Users\user\Desktop\wydruk 2013-12-27 17:17 - 2013-12-27 18:02 - 275586040 _____ C:\Users\user\Downloads\Automapa_6.14a_1310a_PL_final.rar 2013-12-27 17:16 - 2013-12-27 17:16 - 00540989 _____ C:\Users\user\Downloads\Patcher 3.4.2.rar 2013-12-27 17:07 - 2013-12-27 17:07 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdRapi2_01_00_00.Wdf 2013-12-27 17:06 - 2013-12-28 10:13 - 00000000 ____D C:\Windows\WindowsMobile 2013-12-27 12:56 - 2013-12-27 12:58 - 386763152 _____ C:\Users\user\Downloads\TheWitcherPatch.1.5.zip 2013-12-26 19:52 - 2013-12-26 19:52 - 01551008 _____ (Skype Technologies S.A.) C:\Users\user\Downloads\SkypeSetup.exe 2013-12-26 19:52 - 2013-12-26 19:52 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk 2013-12-26 19:49 - 2013-12-26 19:51 - 00009005 _____ C:\Users\user\Desktop\hasła.odt 2013-12-24 12:34 - 2013-12-24 12:34 - 00000000 ____D C:\Program Files (x86)\AC3Filter 2013-12-24 12:34 - 2012-06-17 22:18 - 01202688 _____ C:\Windows\system32\ac3filter64.acm 2013-12-24 12:34 - 2012-06-17 22:10 - 00965120 _____ C:\Windows\SysWOW64\ac3filter.acm 2013-12-24 12:33 - 2013-12-24 12:33 - 04563950 _____ (Alexander Vigovsky ) C:\Users\user\Downloads\ac3filter_2_5b.exe 2013-12-24 11:22 - 2013-12-24 12:30 - 00000000 ____D C:\Users\user\Downloads\Renifer. niko.2.2012.Dub.PL 2013-12-24 11:20 - 2013-12-24 11:36 - 1147292776 _____ C:\Users\user\Downloads\Renifer Niko ratuje święta - 0.00.00-1.15.43.8079888.mkv 2013-12-24 11:12 - 2013-12-24 11:12 - 00000000 ____D C:\Users\user\Downloads\świąteczne piosenki 2013-12-24 11:11 - 2013-12-24 11:15 - 00000000 ____D C:\Users\user\Downloads\Polskie kolędy i piosenki świąteczne (2009) [mp3@VBR][Załoga KickAssTorrent] 2013-12-23 20:46 - 2013-12-23 20:48 - 00010535 _____ C:\Users\user\Documents\dane komputera.odt 2013-12-23 20:38 - 2014-01-18 16:54 - 00000000 ____D C:\Users\user\AppData\Local\gtk-2.0 2013-12-23 20:24 - 2013-12-23 20:24 - 00000000 ____D C:\Users\user\.thumbnails 2013-12-23 20:19 - 2014-01-18 16:56 - 00000000 ____D C:\Users\user\.gimp-2.8 2013-12-23 20:19 - 2013-12-23 20:19 - 00000000 ____D C:\Users\user\AppData\Local\gegl-0.2 2013-12-23 20:17 - 2013-12-24 10:58 - 00000000 ____D C:\Users\user\Downloads\kolorowanki 2013-12-23 20:09 - 2013-12-23 20:09 - 00000000 ____D C:\Program Files\GIMP 2 2013-12-22 22:13 - 2013-12-23 16:06 - 00000402 _____ C:\Windows\Tasks\One-Click Optimizer.job 2013-12-22 22:13 - 2013-12-22 22:13 - 00003222 _____ C:\Windows\System32\Tasks\One-Click Optimizer 2013-12-22 22:13 - 2013-12-22 22:13 - 00002184 _____ C:\Users\Public\Desktop\1-Click-Optimizer (WO9).lnk 2013-12-22 22:13 - 2013-12-22 22:13 - 00001174 _____ C:\Users\Public\Desktop\Ashampoo WinOptimizer 9.lnk 2013-12-22 22:13 - 2013-12-22 22:13 - 00000000 ____D C:\ProgramData\Ashampoo 2013-12-22 22:13 - 2013-12-22 22:13 - 00000000 ____D C:\Program Files (x86)\Ashampoo 2013-12-22 22:13 - 2009-08-24 21:13 - 00034304 _____ (mst software GmbH, Germany) C:\Windows\system32\DfSdkBt.exe 2013-12-22 09:40 - 2013-12-29 12:05 - 00011264 _____ C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ==================== One Month Modified Files and Folders ======= 2014-01-21 21:34 - 2014-01-21 21:34 - 00000000 ____D C:\Users\user\Desktop\frst - Kopia 2014-01-21 21:34 - 2009-07-14 05:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-01-21 21:34 - 2009-07-14 05:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-01-21 21:30 - 2012-07-28 00:02 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1561679157-2717032906-122649870-1000UA.job 2014-01-21 21:26 - 2014-01-18 09:22 - 00000784 _____ C:\Windows\setupact.log 2014-01-21 21:26 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2014-01-21 17:08 - 2011-11-11 21:01 - 01726872 _____ C:\Windows\WindowsUpdate.log 2014-01-21 17:07 - 2014-01-20 20:56 - 00000000 ____D C:\Users\user\Desktop\frst 2014-01-21 17:07 - 2014-01-20 17:08 - 00000000 ____D C:\FRST 2014-01-21 17:05 - 2014-01-21 17:05 - 00000499 _____ C:\Users\user\Desktop\fix.reg 2014-01-21 17:04 - 2014-01-21 17:04 - 00000000 _____ C:\Users\user\Desktop\Nowy dokument tekstowy.txt 2014-01-20 21:20 - 2014-01-19 13:39 - 00000000 ____D C:\AdwCleaner 2014-01-20 21:10 - 2013-12-15 10:10 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-01-20 21:10 - 2013-12-14 11:14 - 00000000 ____D C:\Users\user\Documents\DOKUMENTY DOM 2014-01-20 21:03 - 2014-01-20 21:03 - 00000000 ____D C:\MATS 2014-01-20 21:01 - 2014-01-20 21:01 - 00347816 _____ (Microsoft Corporation) C:\Users\user\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.139313675175150990.1.1.Run.exe 2014-01-20 18:27 - 2013-04-14 12:15 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt 2014-01-20 18:27 - 2012-08-01 23:02 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log 2014-01-19 13:45 - 2014-01-19 13:45 - 01236282 _____ C:\Users\user\Downloads\AdwCleaner (1).exe 2014-01-19 13:42 - 2014-01-18 09:22 - 00030774 _____ C:\Windows\PFRO.log 2014-01-19 13:41 - 2014-01-20 20:59 - 00002766 _____ C:\Users\user\Desktop\preferences 2014-01-19 13:41 - 2012-07-28 00:01 - 00000000 ____D C:\Users\user\AppData\Local\CrashDumps 2014-01-19 13:41 - 2012-07-26 15:55 - 00001140 _____ C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-01-19 13:39 - 2014-01-19 13:38 - 01236282 _____ C:\Users\user\Downloads\AdwCleaner.exe 2014-01-19 13:30 - 2014-01-19 13:30 - 00000000 ____D C:\_OTL 2014-01-19 13:29 - 2014-01-19 13:29 - 00602112 _____ (OldTimer Tools) C:\Users\user\Downloads\OTL.exe 2014-01-19 10:00 - 2013-12-11 19:57 - 00000000 ____D C:\Windows\System32\Tasks\Games 2014-01-18 23:30 - 2012-07-28 00:02 - 00001002 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1561679157-2717032906-122649870-1000Core.job 2014-01-18 23:19 - 2014-01-18 23:19 - 04427776 _____ C:\Users\user\Downloads\HPSupportSolutionsFramework.msi 2014-01-18 18:20 - 2014-01-18 18:20 - 00094381 _____ (Irfan Skiljan) C:\Users\user\Downloads\irfanview_lang_polski.exe 2014-01-18 18:17 - 2014-01-18 18:17 - 00001852 _____ C:\Users\Public\Desktop\IrfanView Thumbnails.lnk 2014-01-18 18:17 - 2014-01-18 18:17 - 00000960 _____ C:\Users\Public\Desktop\IrfanView.lnk 2014-01-18 18:17 - 2014-01-16 16:54 - 00000000 ____D C:\Users\user\AppData\Roaming\IrfanView 2014-01-18 18:17 - 2014-01-16 16:54 - 00000000 ____D C:\Program Files (x86)\IrfanView 2014-01-18 18:16 - 2014-01-18 18:16 - 01883792 _____ (Irfan Skiljan) C:\Users\user\Downloads\iview437_setup(dobreprogramy.pl).exe 2014-01-18 16:56 - 2013-12-23 20:19 - 00000000 ____D C:\Users\user\.gimp-2.8 2014-01-18 16:54 - 2013-12-23 20:38 - 00000000 ____D C:\Users\user\AppData\Local\gtk-2.0 2014-01-18 16:52 - 2014-01-18 16:52 - 00007174 _____ C:\Users\user\AppData\Local\recently-used.xbel 2014-01-18 16:41 - 2011-11-11 21:28 - 00002083 _____ C:\Users\Public\Desktop\HP Picture in Picture.lnk 2014-01-18 16:33 - 2014-01-18 16:33 - 00072704 _____ C:\Users\user\Downloads\MyDisplayTSEHelp.exe 2014-01-18 16:32 - 2014-01-18 16:31 - 12710776 _____ (Portrait Displays, Inc.) C:\Users\user\Downloads\HP_Picture_in_Picture.exe 2014-01-18 16:30 - 2014-01-18 16:30 - 00000000 ____D C:\ProgramData\IsolatedStorage 2014-01-18 16:29 - 2014-01-18 16:29 - 00000000 ____D C:\Users\user\AppData\Local\Portrait_Displays 2014-01-18 16:29 - 2011-11-11 21:15 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard 2014-01-18 16:28 - 2014-01-18 16:28 - 00000000 ____D C:\ProgramData\Downloaded Installations 2014-01-18 16:27 - 2014-01-18 16:26 - 11554896 _____ (Portrait Displays, Inc.) C:\Users\user\Downloads\MyDisplay_TouchSmartEdition.exe 2014-01-18 16:03 - 2013-12-14 21:03 - 00000328 _____ C:\Windows\Tasks\HPCeeScheduleForuser.job 2014-01-18 10:23 - 2011-11-11 21:43 - 00000000 ____D C:\ProgramData\PDFC 2014-01-18 09:26 - 2014-01-18 09:26 - 00012442 _____ C:\Users\user\Documents\cc_20140118_092633.reg 2014-01-18 09:25 - 2014-01-18 09:25 - 00000000 ____D C:\Windows\pss 2014-01-18 09:22 - 2014-01-18 09:22 - 00000000 _____ C:\Windows\setuperr.log 2014-01-18 09:17 - 2014-01-18 09:17 - 00015610 _____ C:\Users\user\Documents\cc_20140118_091732.reg 2014-01-18 09:16 - 2014-01-18 09:16 - 00001071 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-01-18 09:16 - 2014-01-17 19:18 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2014-01-18 09:15 - 2014-01-18 09:15 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\user\Downloads\mbam-setup-1.75.0.1300.exe 2014-01-18 09:11 - 2013-12-12 22:20 - 00001968 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk 2014-01-18 09:11 - 2013-12-12 22:19 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2014-01-18 09:07 - 2014-01-18 08:45 - 00000000 ___DC C:\ProgramData\{345977C2-5084-446C-9181-6AB4FF7DBA08} 2014-01-18 09:07 - 2014-01-18 08:44 - 00000000 ___DC C:\ProgramData\{9A791F26-7B69-4170-878D-72038B71C39D} 2014-01-18 09:07 - 2014-01-17 20:40 - 00000000 ____D C:\Users\user\Downloads\tdsskiller 2014-01-18 09:07 - 2014-01-17 19:42 - 00000000 ____D C:\Users\user\Documents\Notes 2014-01-18 09:07 - 2013-05-24 10:50 - 00000000 ____D C:\Users\Guest 2014-01-18 09:07 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration 2014-01-18 09:07 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\AppCompat 2014-01-18 09:06 - 2013-12-19 18:29 - 00000000 ____D C:\Users\user\AppData\Local\Adobe 2014-01-18 09:06 - 2012-07-28 00:02 - 00000000 ____D C:\Users\user\AppData\Local\Google 2014-01-18 08:52 - 2014-01-18 08:48 - 00000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp 2014-01-18 08:52 - 2014-01-18 08:48 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp 2014-01-18 08:46 - 2014-01-18 08:46 - 00000000 ____D C:\Users\user\AppData\Roaming\Stardock 2014-01-18 08:45 - 2014-01-18 08:45 - 00000000 ____D C:\ProgramData\Stardock 2014-01-18 08:45 - 2014-01-18 08:45 - 00000000 ____D C:\Program Files\Stardock 2014-01-18 08:45 - 2014-01-18 08:44 - 00000000 ____D C:\Program Files (x86)\Stardock 2014-01-18 08:44 - 2014-01-18 08:44 - 00000000 ____D C:\Users\Public\Documents\Stardock 2014-01-17 20:39 - 2014-01-17 20:39 - 02047211 _____ C:\Users\user\Downloads\tdsskiller.zip 2014-01-17 19:18 - 2014-01-17 19:18 - 00000000 ____D C:\Users\user\AppData\Roaming\Malwarebytes 2014-01-17 19:18 - 2014-01-17 19:18 - 00000000 ____D C:\ProgramData\Malwarebytes 2014-01-17 19:13 - 2014-01-17 19:13 - 04535012 _____ C:\Users\user\Downloads\Polskie Plaze.themepack 2014-01-17 18:53 - 2014-01-17 18:53 - 00072152 _____ C:\Users\user\Downloads\sp53195 exe [Burnbit].torrent 2014-01-16 21:49 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Help 2014-01-16 21:46 - 2014-01-16 20:47 - 00000000 ____D C:\Users\OGÓLNE 2014-01-16 21:45 - 2014-01-16 20:48 - 00000000 ____D C:\Users\OGÓLNE\AppData\Roaming\PictureMover 2014-01-16 21:45 - 2012-07-28 00:02 - 00000000 ___HD C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-01-16 21:45 - 2011-11-11 21:15 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2014-01-16 21:16 - 2014-01-16 21:15 - 11691920 _____ C:\Users\user\Downloads\IsleofManMarkWallace.themepack 2014-01-16 20:51 - 2014-01-16 20:51 - 00000000 ____D C:\Users\OGÓLNE\AppData\Roaming\Hewlett-Packard 2014-01-16 20:49 - 2014-01-16 20:49 - 00069504 _____ C:\Users\OGÓLNE\AppData\Local\GDIPFONTCACHEV1.DAT 2014-01-16 20:49 - 2014-01-16 20:49 - 00000000 ____D C:\Users\OGÓLNE\AppData\Local\Logitech® Webcam Software 2014-01-16 20:48 - 2014-01-16 20:48 - 00000000 ____D C:\Users\OGÓLNE\AppData\Roaming\ATI 2014-01-16 20:48 - 2014-01-16 20:48 - 00000000 ____D C:\Users\OGÓLNE\AppData\Local\ATI 2014-01-16 20:47 - 2014-01-16 20:47 - 00000000 _SHDL C:\Users\OGÓLNE\Ustawienia lokalne 2014-01-16 20:47 - 2014-01-16 20:47 - 00000000 _SHDL C:\Users\OGÓLNE\Szablony 2014-01-16 20:47 - 2014-01-16 20:47 - 00000000 _SHDL C:\Users\OGÓLNE\Moje dokumenty 2014-01-16 20:47 - 2014-01-16 20:47 - 00000000 _SHDL C:\Users\OGÓLNE\Menu Start 2014-01-16 20:47 - 2014-01-16 20:47 - 00000000 _SHDL C:\Users\OGÓLNE\Documents\Moje wideo 2014-01-16 20:47 - 2014-01-16 20:47 - 00000000 _SHDL C:\Users\OGÓLNE\Documents\Moje obrazy 2014-01-16 20:47 - 2014-01-16 20:47 - 00000000 _SHDL C:\Users\OGÓLNE\Documents\Moja muzyka 2014-01-16 20:47 - 2014-01-16 20:47 - 00000000 _SHDL C:\Users\OGÓLNE\Dane aplikacji 2014-01-16 20:47 - 2014-01-16 20:47 - 00000000 _SHDL C:\Users\OGÓLNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2014-01-16 20:47 - 2014-01-16 20:47 - 00000000 _SHDL C:\Users\OGÓLNE\AppData\Local\Historia 2014-01-16 20:47 - 2014-01-16 20:47 - 00000000 _SHDL C:\Users\OGÓLNE\AppData\Local\Dane aplikacji 2014-01-16 20:47 - 2014-01-16 20:47 - 00000000 ____D C:\Users\OGÓLNE\AppData\Roaming\DisplayTune 2014-01-16 20:47 - 2014-01-16 20:47 - 00000000 ____D C:\Users\OGÓLNE\AppData\Roaming\AVAST Software 2014-01-16 20:47 - 2014-01-16 20:47 - 00000000 ____D C:\Users\OGÓLNE\AppData\Roaming\Adobe 2014-01-16 20:47 - 2014-01-16 20:47 - 00000000 ____D C:\Users\OGÓLNE\AppData\Local\VirtualStore 2014-01-16 20:47 - 2014-01-16 20:47 - 00000000 ____D C:\Users\OGÓLNE\AppData\Local\TouchSmartData 2014-01-16 20:47 - 2014-01-16 20:47 - 00000000 ____D C:\Users\OGÓLNE\AppData\Local\PDFC 2014-01-16 16:27 - 2014-01-16 16:27 - 00000000 ____D C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F} 2014-01-16 16:26 - 2011-11-11 21:15 - 00000000 ____D C:\ProgramData\Hewlett-Packard 2014-01-16 16:26 - 2010-01-07 01:49 - 00000000 ____D C:\swsetup 2014-01-16 15:46 - 2009-07-14 05:45 - 00306832 _____ C:\Windows\system32\FNTCACHE.DAT 2014-01-15 21:52 - 2013-12-14 22:54 - 00000000 ____D C:\Windows\system32\MRT 2014-01-15 21:50 - 2012-08-03 00:21 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-01-15 20:31 - 2012-08-01 23:00 - 00000000 ___HD C:\Users\user\AppData\Roaming\HP Support Assistant 2014-01-15 20:31 - 2012-07-27 20:55 - 00000000 ___HD C:\Users\user\AppData\Roaming\HpUpdate 2014-01-13 22:10 - 2014-01-13 22:10 - 00000536 _____ C:\Users\user\Documents\cc_20140113_221019.reg 2014-01-11 13:57 - 2013-12-13 22:07 - 00000000 ____D C:\ProgramData\BlueStacksSetup 2014-01-11 13:54 - 2014-01-11 13:54 - 00001821 _____ C:\Users\Public\Desktop\Apps.lnk 2014-01-11 13:54 - 2014-01-11 13:54 - 00001769 _____ C:\Users\Public\Desktop\Start BlueStacks.lnk 2014-01-11 13:54 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Libraries 2014-01-11 13:53 - 2014-01-11 13:53 - 00000000 ____D C:\Program Files (x86)\BlueStacks 2014-01-11 13:53 - 2013-12-13 22:07 - 00000000 ____D C:\ProgramData\BlueStacks 2014-01-10 20:02 - 2012-07-26 16:00 - 00803362 _____ C:\Windows\system32\perfh015.dat 2014-01-10 20:02 - 2012-07-26 16:00 - 00181916 _____ C:\Windows\system32\perfc015.dat 2014-01-10 20:02 - 2009-07-14 06:13 - 01837384 _____ C:\Windows\system32\PerfStringBackup.INI 2014-01-06 10:50 - 2014-01-06 10:50 - 00000000 __SHD C:\Windows\ftpcache 2014-01-06 10:49 - 2014-01-06 10:49 - 00001261 _____ C:\Users\Public\Desktop\Leniuchowo - Słodycze sportowców.lnk 2014-01-06 10:49 - 2014-01-06 10:49 - 00000148 _____ C:\Windows\compedia.ini 2014-01-06 10:49 - 2014-01-06 10:49 - 00000000 ____D C:\ProgramData\Compedia 2014-01-04 17:14 - 2013-12-12 21:30 - 00000000 ____D C:\Users\user\AppData\Local\Windows Live 2014-01-03 21:37 - 2013-12-13 21:15 - 00000000 ____D C:\Users\user\AppData\Local\Microsoft Games 2014-01-02 21:58 - 2014-01-02 21:58 - 00008278 _____ C:\Users\user\Documents\cc_20140102_215801.reg 2014-01-02 21:57 - 2013-12-19 19:40 - 00000000 ____D C:\Users\user\AppData\Roaming\uTorrent 2014-01-02 21:53 - 2014-01-02 21:53 - 00000116 _____ C:\Users\user\Desktop\RMF LOVE.url 2014-01-02 17:09 - 2013-12-12 21:29 - 00000000 ____D C:\Users\user\AppData\Roaming\Windows Live Writer 2014-01-01 19:01 - 2014-01-01 18:45 - 00000000 ____D C:\Program Files (x86)\JDownloader 2014-01-01 18:46 - 2014-01-01 18:46 - 00000998 _____ C:\Users\Public\Desktop\JDownloader.lnk 2014-01-01 18:46 - 2014-01-01 18:46 - 00000000 ____D C:\ProgramData\Sun 2014-01-01 18:45 - 2014-01-01 18:45 - 00472808 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\deployJava1.dll 2014-01-01 18:45 - 2014-01-01 18:45 - 00153376 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaws.exe 2014-01-01 18:45 - 2014-01-01 18:45 - 00145184 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaw.exe 2014-01-01 18:45 - 2014-01-01 18:45 - 00145184 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\java.exe 2014-01-01 18:45 - 2014-01-01 18:45 - 00000000 ____D C:\Program Files (x86)\Java 2014-01-01 18:44 - 2014-01-01 18:44 - 30157280 _____ (AppWork UG (haftungsbeschränkt)) C:\Users\user\Downloads\JDownloaderSetup_0.9581(dobreprogramy.pl).exe.exe 2014-01-01 15:55 - 2014-01-01 15:55 - 01076454 _____ C:\Users\user\Documents\ms.bmp 2014-01-01 15:45 - 2014-01-01 15:45 - 02879488 _____ (© 2013 NaukaDlaDzieci.net) C:\Users\user\Desktop\malymalarz_14(dobreprogramy.pl).exe 2014-01-01 14:59 - 2014-01-01 13:34 - 00000000 ____D C:\Users\user\AppData\Local\Canon Easy-PhotoPrint EX 2014-01-01 14:54 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp 2014-01-01 13:34 - 2014-01-01 13:34 - 00001888 _____ C:\Users\Public\Desktop\Canon Easy-PhotoPrint EX.lnk 2014-01-01 13:34 - 2014-01-01 13:34 - 00000000 ___HD C:\ProgramData\CanonIJEPPEX2 2014-01-01 13:34 - 2014-01-01 13:34 - 00000000 ___HD C:\ProgramData\CanonEPP 2014-01-01 13:34 - 2013-12-13 20:08 - 00000000 ____D C:\Program Files\Canon 2014-01-01 13:33 - 2014-01-01 13:33 - 60337752 _____ C:\Users\user\Downloads\eppx-win-4_1_6-en.exe 2014-01-01 13:27 - 2014-01-01 12:56 - 00000000 ___HD C:\ProgramData\CanonIJMIG 2014-01-01 12:56 - 2014-01-01 12:56 - 00000000 ____D C:\Users\user\AppData\Roaming\Canon 2014-01-01 12:55 - 2014-01-01 12:55 - 00000000 ____D C:\Users\user\Desktop\wydruk 2013-12-29 12:05 - 2013-12-22 09:40 - 00011264 _____ C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-12-28 10:13 - 2013-12-27 17:06 - 00000000 ____D C:\Windows\WindowsMobile 2013-12-28 10:13 - 2009-07-14 08:44 - 00000000 ___RD C:\Users\Public\Recorded TV 2013-12-28 10:12 - 2013-12-20 20:39 - 00000000 ____D C:\Users\user\AppData\Roaming\DAEMON Tools Lite 2013-12-27 18:02 - 2013-12-27 17:17 - 275586040 _____ C:\Users\user\Downloads\Automapa_6.14a_1310a_PL_final.rar 2013-12-27 17:16 - 2013-12-27 17:16 - 00540989 _____ C:\Users\user\Downloads\Patcher 3.4.2.rar 2013-12-27 17:07 - 2013-12-27 17:07 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdRapi2_01_00_00.Wdf 2013-12-27 12:58 - 2013-12-27 12:56 - 386763152 _____ C:\Users\user\Downloads\TheWitcherPatch.1.5.zip 2013-12-27 12:37 - 2012-07-28 00:31 - 00000000 ___HD C:\Users\user\AppData\Roaming\Skype 2013-12-27 12:29 - 2013-12-21 10:15 - 00000031 _____ C:\Windows\progress 2013-12-27 12:29 - 2013-12-21 10:15 - 00000000 ____D C:\Users\user\AppData\Local\The Witcher 2013-12-26 19:53 - 2012-07-28 00:31 - 00000000 ____D C:\ProgramData\Skype 2013-12-26 19:52 - 2013-12-26 19:52 - 01551008 _____ (Skype Technologies S.A.) C:\Users\user\Downloads\SkypeSetup.exe 2013-12-26 19:52 - 2013-12-26 19:52 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk 2013-12-26 19:52 - 2012-07-28 00:31 - 00000000 ___RD C:\Program Files (x86)\Skype 2013-12-26 19:51 - 2013-12-26 19:49 - 00009005 _____ C:\Users\user\Desktop\hasła.odt 2013-12-24 12:34 - 2013-12-24 12:34 - 00000000 ____D C:\Program Files (x86)\AC3Filter 2013-12-24 12:33 - 2013-12-24 12:33 - 04563950 _____ (Alexander Vigovsky ) C:\Users\user\Downloads\ac3filter_2_5b.exe 2013-12-24 12:32 - 2012-09-01 15:54 - 00001171 ____H C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk 2013-12-24 12:32 - 2012-09-01 15:54 - 00001147 _____ C:\Users\Public\Desktop\GOM Player.lnk 2013-12-24 12:30 - 2013-12-24 11:22 - 00000000 ____D C:\Users\user\Downloads\Renifer. niko.2.2012.Dub.PL 2013-12-24 11:36 - 2013-12-24 11:20 - 1147292776 _____ C:\Users\user\Downloads\Renifer Niko ratuje święta - 0.00.00-1.15.43.8079888.mkv 2013-12-24 11:15 - 2013-12-24 11:11 - 00000000 ____D C:\Users\user\Downloads\Polskie kolędy i piosenki świąteczne (2009) [mp3@VBR][Załoga KickAssTorrent] 2013-12-24 11:12 - 2013-12-24 11:12 - 00000000 ____D C:\Users\user\Downloads\świąteczne piosenki 2013-12-24 10:58 - 2013-12-23 20:17 - 00000000 ____D C:\Users\user\Downloads\kolorowanki 2013-12-23 20:48 - 2013-12-23 20:46 - 00010535 _____ C:\Users\user\Documents\dane komputera.odt 2013-12-23 20:24 - 2013-12-23 20:24 - 00000000 ____D C:\Users\user\.thumbnails 2013-12-23 20:19 - 2013-12-23 20:19 - 00000000 ____D C:\Users\user\AppData\Local\gegl-0.2 2013-12-23 20:09 - 2013-12-23 20:09 - 00000000 ____D C:\Program Files\GIMP 2 2013-12-23 16:06 - 2013-12-22 22:13 - 00000402 _____ C:\Windows\Tasks\One-Click Optimizer.job 2013-12-22 22:18 - 2009-07-24 20:22 - 00000000 ____D C:\Windows\Panther 2013-12-22 22:13 - 2013-12-22 22:13 - 00003222 _____ C:\Windows\System32\Tasks\One-Click Optimizer 2013-12-22 22:13 - 2013-12-22 22:13 - 00002184 _____ C:\Users\Public\Desktop\1-Click-Optimizer (WO9).lnk 2013-12-22 22:13 - 2013-12-22 22:13 - 00001174 _____ C:\Users\Public\Desktop\Ashampoo WinOptimizer 9.lnk 2013-12-22 22:13 - 2013-12-22 22:13 - 00000000 ____D C:\ProgramData\Ashampoo 2013-12-22 22:13 - 2013-12-22 22:13 - 00000000 ____D C:\Program Files (x86)\Ashampoo Some content of TEMP: ==================== C:\Users\user\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-01-19 09:53 ==================== End Of Log ============================