Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-07-2014 Ran by sklep (administrator) on M14 on 23-07-2014 11:11:43 Running from C:\Users\sklep\Downloads Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polski (Polska) Internet Explorer Version 9 Boot Mode: Safe Mode (with Networking) The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (Google Inc.) C:\Users\sklep\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\sklep\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\sklep\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\sklep\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\sklep\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\sklep\AppData\Local\Google\Chrome\Application\chrome.exe (Farbar) C:\Users\sklep\Downloads\FRST64 (1).exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1822504 2009-08-24] (Synaptics Incorporated) HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe [4968960 2009-07-17] (Dell Inc.) HKLM\...\Run: [FreeFallProtection] => C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe [2384896 2009-07-22] () HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-01-21] (IDT, Inc.) HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => KHALMNPR.EXE HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-11-18] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5179408 2014-06-17] (AVG Technologies CZ, s.r.o.) HKU\S-1-5-21-1081826087-927070240-1253586494-1000\...\Run: [WirelessManager] => C:\Program Files (x86)\Dell\Dell Mobile Broadband Manager\WirelessManager.exe [175616 2009-11-26] (Ericsson AB) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files (x86)\Digital Line Detect\DLG.exe (Avanquest Software ) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\quickset — skrót.lnk ShortcutTarget: quickset — skrót.lnk -> C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SetPoint.lnk ShortcutTarget: SetPoint.lnk -> C:\Program Files\SetPoint\SetPoint.exe (Logitech, Inc.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Program Files (x86)\Mplayer\Assets\Blank.htm HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Program Files (x86)\Mplayer\Assets\Blank.htm HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = C:\Program Files (x86)\Mplayer\Assets\Blank.htm HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: IplexToALLPlayer -> {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} -> C:\Program Files (x86)\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.) DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll () FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll () FF Plugin-x32: @ganymede/GanymedeNetPlugin,version=1.0 - C:\Program Files (x86)\Ganymede\Plugins\npganymedenet.dll ( ) FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin-x32: @real.com/nppl3260;version=15.0.1.13 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprjplug;version=15.0.1.13 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.1.13 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.1.13 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpjplug;version=15.0.1.13 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\sklep\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\sklep\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\sklep\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-01-15] Chrome: ======= CHR HomePage: hxxp://www.google.com/ CHR StartupUrls: "hxxp://google.pl/" CHR Plugin: (Shockwave Flash) - C:\Users\sklep\AppData\Local\Google\Chrome\User Data\PepperFlash\11.7.700.225\pepflashplayer.dll No File CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Users\sklep\AppData\Local\Google\Chrome\Application\34.0.1847.137\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Users\sklep\AppData\Local\Google\Chrome\Application\34.0.1847.137\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File CHR Plugin: (Java Deployment Toolkit 6.0.240.7) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.) CHR Plugin: (Java(TM) Platform SE 6 U24) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) CHR Plugin: (GanymedeNet.Detector) - C:\Users\sklep\AppData\Local\Google\Chrome\Application\plugins\npganymedenet.dll ( ) CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) CHR Plugin: (RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) CHR Plugin: (Unity Player) - C:\Users\sklep\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) CHR Plugin: (Google Update) - C:\Users\sklep\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll () CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File CHR Extension: (YouTube) - C:\Users\sklep\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-30] CHR Extension: (Szukaj w Google) - C:\Users\sklep\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-30] CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\sklep\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2012-01-24] CHR Extension: (Google Wallet) - C:\Users\sklep\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22] CHR Extension: (Gmail) - C:\Users\sklep\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-30] CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-01-15] CHR StartMenuInternet: Google Chrome - C:\Users\sklep\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Services (Whitelisted) ================= S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3241488 2014-06-27] (AVG Technologies CZ, s.r.o.) S2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-06-17] (AVG Technologies CZ, s.r.o.) S4 BITCOMET_HELPER_SERVICE; C:\Program Files (x86)\BitComet\tools\BitCometService.exe [1296728 2010-12-28] (www.BitComet.com) S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [477960 2014-05-28] (BitRaider, LLC) S2 InstallFilterService; C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe [60928 2009-06-23] () [File not signed] S2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation) S4 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [877864 2008-02-18] (Nero AG) S4 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [529704 2008-02-28] (Nero AG) S4 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed] S2 QDLService2kDell; C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kDell.exe [330488 2010-01-14] (QUALCOMM, Inc.) S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation) S2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe [244736 2010-01-21] (IDT, Inc.) S4 UserAccess7; C:\Windows\SysWOW64\UAService7.exe [143360 2013-11-13] (Sony DADC Austria AG.) [File not signed] S2 wltrysvc; C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe [3417088 2009-07-17] (Dell Inc.) [File not signed] S2 WMCoreService; C:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe [447488 2009-11-26] () [File not signed] ==================== Drivers (Whitelisted) ==================== S4 acedrv05; C:\Windows\system32\drivers\acedrv05.sys [136192 2011-03-31] () [File not signed] U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) S4 ArgusMonitor; C:\Windows\SysWow64\drivers\ArgusMonitor.sys [67272 2012-06-01] (Argotronic UG (haftungsbeschraenkt)) S4 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [303616 2012-07-26] () [File not signed] S1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-17] (AVG Technologies CZ, s.r.o.) S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [242968 2014-06-17] (AVG Technologies CZ, s.r.o.) S0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.) S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.) S0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.) S0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-06-17] (AVG Technologies CZ, s.r.o.) S0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.) R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-06-17] (AVG Technologies CZ, s.r.o.) S3 bdfsfltr; C:\Windows\System32\DRIVERS\bdfsfltr.sys [388168 2010-07-27] (BitDefender) S4 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [35328 2012-07-26] () [File not signed] S4 sfdrv01; C:\Windows\System32\drivers\sfdrv01.sys [75384 2009-02-03] (Protection Technology (StarForce)) S4 sfdrv01a; C:\Windows\System32\drivers\sfdrv01a.sys [77432 2009-02-03] (Protection Technology (StarForce)) S4 sfsync02; C:\Windows\System32\drivers\sfsync02.sys [22936 2006-07-10] (Protection Technology) S4 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [107384 2007-02-08] (Protection Technology (StarForce)) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2014-05-31] (Duplex Secure Ltd.) S2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] () S3 zlportio; C:\Program Files (x86)\UltraStar\zlportio.sys [4016 2012-08-08] (SpecoSoft) [File not signed] S3 BRDriver64; \??\C:\ProgramData\BitRaider\BRDriver64.sys [X] S3 PCDSRVC{D3412D80-CF3B4A27-06020200}_0; \??\c:\program files\my dell\pcdsrvc_x64.pkms [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-07-23 11:08 - 2014-07-23 11:08 - 02090496 ____C (Farbar) C:\Users\sklep\Downloads\FRST64 (1).exe 2014-07-23 10:58 - 2014-07-23 10:58 - 00511782 ____C () C:\Users\sklep\Downloads\Autoruns (1).zip 2014-07-23 10:43 - 2014-07-23 10:43 - 00000000 ___DC () C:\Users\sklep\AppData\Roaming\AVG2014 2014-07-23 10:42 - 2014-07-23 10:42 - 00000997 ____C () C:\Users\Public\Desktop\AVG 2014.lnk 2014-07-23 10:42 - 2014-07-23 10:42 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2014-07-23 10:41 - 2014-07-23 10:43 - 00000000 ___DC () C:\ProgramData\AVG2014 2014-07-23 10:41 - 2014-07-23 10:41 - 00000000 __HDC () C:\$AVG 2014-07-23 10:41 - 2014-07-23 10:41 - 00000000 ___DC () C:\Program Files (x86)\AVG 2014-07-23 10:40 - 2014-07-23 10:43 - 00000000 ___DC () C:\Users\sklep\AppData\Local\Avg2014 2014-07-23 10:40 - 2014-07-23 10:43 - 00000000 ___DC () C:\ProgramData\MFAData 2014-07-23 10:27 - 2014-07-23 10:29 - 168249584 ____C (AVG Technologies) C:\Users\sklep\Downloads\avg_free_x64_all_2014_4716a7754.exe 2014-07-23 10:12 - 2014-07-23 10:12 - 00000000 ___DC () C:\ProgramData\BitDefender 2014-07-23 10:12 - 2010-07-27 12:34 - 00388168 ____C (BitDefender) C:\Windows\system32\Drivers\bdfsfltr.sys 2014-07-23 09:44 - 2014-07-23 10:20 - 00136932 ____C () C:\ProgramData\bdinstall.bin 2014-07-22 09:57 - 2014-07-22 09:57 - 00000165 ___HC () C:\Users\sklep\Desktop\~$płyty.xlsx 2014-07-16 10:44 - 2014-07-16 10:56 - 00000146 ____C () C:\Users\sklep\Desktop\koncerty.txt 2014-07-15 17:28 - 2014-07-15 17:28 - 00031978 ____C () C:\Users\sklep\Desktop\message.wav 2014-07-14 18:39 - 2014-07-14 18:39 - 00000000 ___DC () C:\Users\sklep\Downloads\2000 - Niebieska Maryla 2014-07-09 16:43 - 2014-07-09 16:43 - 00022513 ____C () C:\Users\sklep\Downloads\[kickass.to]gdzie.pachn.stokrotki.pushing.daisies.sezon.1.tvrip.xvid.lektor.pl.soundtrack.torrent 2014-07-07 17:18 - 2013-07-31 14:34 - 00000000 ___DC () C:\Users\sklep\Downloads\FLUME - Flume [2012] 2014-07-06 12:19 - 2014-07-16 15:41 - 00054156 ___HC () C:\Windows\QTFont.qfn 2014-07-06 12:19 - 2014-07-06 12:20 - 00001409 ____C () C:\Windows\QTFont.for 2014-07-06 11:55 - 2014-07-06 11:55 - 00003110 ____C () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask-Retry 2014-07-02 15:43 - 2014-07-02 15:48 - 00000000 ___DC () C:\Users\sklep\Desktop\Nowy folder (2) 2014-06-24 19:53 - 2014-06-24 19:53 - 04723222 ____C () C:\Users\sklep\Downloads\fwdopracowaniewykrelanka.zip 2014-06-23 22:19 - 2014-06-23 22:20 - 11088578 ____C () C:\Users\sklep\Downloads\wpn_s2_pl (1).exe 2014-06-23 15:33 - 2014-06-23 15:36 - 00000000 ___DC () C:\Users\sklep\Desktop\Cool Kids Of Death - Afterparty 2014-06-23 14:54 - 2014-06-23 14:58 - 00000000 ___DC () C:\Users\sklep\Desktop\Bajzel - Bajzel ==================== One Month Modified Files and Folders ======= 2014-07-23 11:12 - 2014-05-15 09:20 - 00016671 ____C () C:\Users\sklep\Downloads\FRST.txt 2014-07-23 11:11 - 2014-05-15 09:18 - 00000000 ___DC () C:\FRST 2014-07-23 11:08 - 2014-07-23 11:08 - 02090496 ____C (Farbar) C:\Users\sklep\Downloads\FRST64 (1).exe 2014-07-23 10:58 - 2014-07-23 10:58 - 00511782 ____C () C:\Users\sklep\Downloads\Autoruns (1).zip 2014-07-23 10:43 - 2014-07-23 10:43 - 00000000 ___DC () C:\Users\sklep\AppData\Roaming\AVG2014 2014-07-23 10:43 - 2014-07-23 10:41 - 00000000 ___DC () C:\ProgramData\AVG2014 2014-07-23 10:43 - 2014-07-23 10:40 - 00000000 ___DC () C:\Users\sklep\AppData\Local\Avg2014 2014-07-23 10:43 - 2014-07-23 10:40 - 00000000 ___DC () C:\ProgramData\MFAData 2014-07-23 10:42 - 2014-07-23 10:42 - 00000997 ____C () C:\Users\Public\Desktop\AVG 2014.lnk 2014-07-23 10:42 - 2014-07-23 10:42 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2014-07-23 10:41 - 2014-07-23 10:41 - 00000000 __HDC () C:\$AVG 2014-07-23 10:41 - 2014-07-23 10:41 - 00000000 ___DC () C:\Program Files (x86)\AVG 2014-07-23 10:29 - 2014-07-23 10:27 - 168249584 ____C (AVG Technologies) C:\Users\sklep\Downloads\avg_free_x64_all_2014_4716a7754.exe 2014-07-23 10:28 - 2009-07-14 07:10 - 01375792 ____C () C:\Windows\WindowsUpdate.log 2014-07-23 10:24 - 2009-07-14 07:08 - 00000006 ___HC () C:\Windows\Tasks\SA.DAT 2014-07-23 10:24 - 2009-07-14 06:51 - 00185499 ____C () C:\Windows\setupact.log 2014-07-23 10:20 - 2014-07-23 09:44 - 00136932 ____C () C:\ProgramData\bdinstall.bin 2014-07-23 10:18 - 2009-07-14 06:45 - 00014240 ___HC () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-07-23 10:18 - 2009-07-14 06:45 - 00014240 ___HC () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-07-23 10:12 - 2014-07-23 10:12 - 00000000 ___DC () C:\ProgramData\BitDefender 2014-07-23 10:07 - 2012-03-07 23:00 - 00000000 ___DC () C:\ProgramData\RFA_Backups 2014-07-22 13:16 - 2013-05-22 15:46 - 00003440 ____C () C:\Windows\System32\Tasks\PCDEventLauncherTask 2014-07-22 11:16 - 2014-06-03 18:46 - 00003860 ____C () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1373116814 2014-07-22 11:16 - 2010-09-25 18:57 - 00000000 ___DC () C:\Program Files (x86)\Opera 2014-07-22 09:57 - 2014-07-22 09:57 - 00000165 ___HC () C:\Users\sklep\Desktop\~$płyty.xlsx 2014-07-21 16:10 - 2013-05-22 15:46 - 00000000 ___DC () C:\Program Files\My Dell 2014-07-21 16:10 - 2011-12-12 14:15 - 00000000 ___DC () C:\ProgramData\PCDr 2014-07-20 16:31 - 2010-09-25 18:54 - 00000000 ___DC () C:\Users\sklep\AppData\Local\Last.fm 2014-07-20 16:29 - 2010-09-24 20:29 - 00000000 ___DC () C:\mp3 2014-07-17 13:09 - 2011-12-12 14:12 - 00000000 ___DC () C:\Users\sklep\AppData\Roaming\PCDr 2014-07-17 00:50 - 2009-07-14 19:55 - 00810692 ____C () C:\Windows\system32\perfh015.dat 2014-07-17 00:50 - 2009-07-14 19:55 - 00182808 ____C () C:\Windows\system32\perfc015.dat 2014-07-17 00:50 - 2009-07-14 07:13 - 01862404 ____C () C:\Windows\system32\PerfStringBackup.INI 2014-07-16 15:41 - 2014-07-06 12:19 - 00054156 ___HC () C:\Windows\QTFont.qfn 2014-07-16 14:35 - 2013-02-13 19:07 - 00014023 ____C () C:\Users\sklep\Desktop\płyty.xlsx 2014-07-16 10:56 - 2014-07-16 10:44 - 00000146 ____C () C:\Users\sklep\Desktop\koncerty.txt 2014-07-16 01:51 - 2014-05-30 20:53 - 00001020 ____C () C:\Users\sklep\Desktop\piwo.txt 2014-07-15 17:28 - 2014-07-15 17:28 - 00031978 ____C () C:\Users\sklep\Desktop\message.wav 2014-07-15 09:38 - 2013-09-29 12:23 - 00000000 ___DC () C:\Users\sklep\Desktop\Szpak - Kontrast 2014-07-14 18:39 - 2014-07-14 18:39 - 00000000 ___DC () C:\Users\sklep\Downloads\2000 - Niebieska Maryla 2014-07-10 02:03 - 2010-11-06 16:04 - 00000000 ___DC () C:\Users\sklep\AppData\Roaming\BitComet 2014-07-09 16:43 - 2014-07-09 16:43 - 00022513 ____C () C:\Users\sklep\Downloads\[kickass.to]gdzie.pachn.stokrotki.pushing.daisies.sezon.1.tvrip.xvid.lektor.pl.soundtrack.torrent 2014-07-06 12:20 - 2014-07-06 12:19 - 00001409 ____C () C:\Windows\QTFont.for 2014-07-06 11:55 - 2014-07-06 11:55 - 00003110 ____C () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask-Retry 2014-07-02 15:48 - 2014-07-02 15:43 - 00000000 ___DC () C:\Users\sklep\Desktop\Nowy folder (2) 2014-06-24 19:53 - 2014-06-24 19:53 - 04723222 ____C () C:\Users\sklep\Downloads\fwdopracowaniewykrelanka.zip 2014-06-24 07:14 - 2010-09-26 02:36 - 00000000 ___DC () C:\Users\sklep\Desktop\Gamez 2014-06-23 23:38 - 2013-06-28 13:56 - 00000000 ___DC () C:\Users\sklep\AppData\Roaming\Rovio Entertainment Ltd 2014-06-23 23:38 - 2013-05-27 20:35 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rovio Entertainment Ltd 2014-06-23 23:38 - 2009-07-14 07:32 - 00000000 __RDC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-06-23 22:20 - 2014-06-23 22:19 - 11088578 ____C () C:\Users\sklep\Downloads\wpn_s2_pl (1).exe 2014-06-23 22:14 - 2014-01-31 16:17 - 00000000 ___DC () C:\Program Files (x86)\The Wolf Among Us 2014-06-23 15:36 - 2014-06-23 15:33 - 00000000 ___DC () C:\Users\sklep\Desktop\Cool Kids Of Death - Afterparty 2014-06-23 14:58 - 2014-06-23 14:54 - 00000000 ___DC () C:\Users\sklep\Desktop\Bajzel - Bajzel Some content of TEMP: ==================== C:\Users\sklep\AppData\Local\Temp\drm_dialogs.dll C:\Users\sklep\AppData\Local\Temp\drm_dyndata_7330004.dll C:\Users\sklep\AppData\Local\Temp\drm_dyndata_7340014.dll C:\Users\sklep\AppData\Local\Temp\eauninstall.exe C:\Users\sklep\AppData\Local\Temp\NBA Live 2003_uninst.exe C:\Users\sklep\AppData\Local\Temp\_is2896.exe C:\Users\sklep\AppData\Local\Temp\_is6F3.exe C:\Users\sklep\AppData\Local\Temp\_is8287.exe C:\Users\sklep\AppData\Local\Temp\_isA91A.exe C:\Users\sklep\AppData\Local\Temp\_isB3CB.exe C:\Users\sklep\AppData\Local\Temp\_isBC2F.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-07-18 03:09 ==================== End Of Log ============================