Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:25-07-2014 Ran by User (administrator) on USER-E13D0C0A39 on 28-07-2014 09:59:42 Running from C:\Documents and Settings\User\Moje dokumenty\Downloads Platform: Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polski Internet Explorer Version 7 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe () C:\Documents and Settings\All Users\Dane aplikacji\DatacardService\HWDeviceService.exe (Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.) C:\WINDOWS\system32\mfevtps.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe (McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\tv_w32.exe (Microsoft Corporation) C:\WINDOWS\system32\taskmgr.exe () C:\Lombard955\Lombard955.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Winlogon: [Shell] userinit.exe, [x ] () <=== ATTENTION Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.) HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKLM\...\Policies\Explorer: [NoFolderOptions] 0 HKU\.DEFAULT\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32 HKU\.DEFAULT\...\Policies\Explorer: [NoFolderOptions] 0 HKU\.DEFAULT\...\Policies\Explorer: [NoControlPanel] 0 HKU\S-1-5-19\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32 HKU\S-1-5-20\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32 HKU\S-1-5-21-1220945662-1958367476-682003330-1003\...\Run: [wsctf.exe] => wsctf.exe HKU\S-1-5-21-1220945662-1958367476-682003330-1003\...\Run: [GG] => C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\GG\Application\gghub.exe [4023360 2014-07-11] (GG Network S.A.) HKU\S-1-5-21-1220945662-1958367476-682003330-1003\...\Run: [Mobile Partner] => C:\Program Files\Huawei E5776\Huawei E5776 HKU\S-1-5-21-1220945662-1958367476-682003330-1003\...\Policies\Explorer: [NoFolderOptions] 0 HKU\S-1-5-21-1220945662-1958367476-682003330-1003\...\Policies\Explorer: [NoControlPanel] 0 HKU\S-1-5-21-1220945662-1958367476-682003330-1003\...\MountPoints2: {1b867a3e-f7b4-11e3-a15d-d084d408c786} - H:\g6jk.exe HKU\S-1-5-21-1220945662-1958367476-682003330-1003\...\MountPoints2: {1f286fb8-ac40-11e3-a0f3-b8d90dc783b5} - F:\AutoRun.exe HKU\S-1-5-21-1220945662-1958367476-682003330-1003\...\MountPoints2: {1f286fbb-ac40-11e3-a0f3-a7f8096f7a4b} - F:\AutoRun.exe HKU\S-1-5-21-1220945662-1958367476-682003330-1003\...\MountPoints2: {1f93061d-0fb8-11e3-a006-0013d394575a} - F:\AutoRun.exe HKU\S-1-5-21-1220945662-1958367476-682003330-1003\...\MountPoints2: {1f93061f-0fb8-11e3-a006-0013d394575a} - F:\AutoRun.exe HKU\S-1-5-21-1220945662-1958367476-682003330-1003\...\MountPoints2: {1f930624-0fb8-11e3-a006-0013d394575a} - F:\AutoRun.exe HKU\S-1-5-21-1220945662-1958367476-682003330-1003\...\MountPoints2: {32224bd4-c6d6-11e3-a11a-bfd00d88c2d2} - H:\AutoRun.exe HKU\S-1-5-21-1220945662-1958367476-682003330-1003\...\MountPoints2: {58436ba9-1bb3-11e3-a018-0013d394575a} - H:\g6jk.exe HKU\S-1-5-21-1220945662-1958367476-682003330-1003\...\MountPoints2: {58cd2157-49f1-11e3-a065-8f86c81a3695} - H:\g6jk.exe HKU\S-1-5-21-1220945662-1958367476-682003330-1003\...\MountPoints2: {5edb3159-10b9-11e4-a182-952752b1d269} - F:\AutoRun.exe HKU\S-1-5-21-1220945662-1958367476-682003330-1003\...\MountPoints2: {6de6e237-00c2-11e3-9fec-0013d394575a} - F:\LGAutoRun.exe HKU\S-1-5-21-1220945662-1958367476-682003330-1003\...\MountPoints2: {c11223bc-d3a7-11e3-a12a-aac6f97c659e} - H:\LGAutoRun.exe HKU\S-1-5-21-1220945662-1958367476-682003330-1003\...\MountPoints2: {c4e18074-f9ea-11e2-9fdc-0013d394575a} - H:\EXPLORER.EXE HKU\S-1-5-21-1220945662-1958367476-682003330-1003\...\MountPoints2: {c4e18076-f9ea-11e2-9fdc-0013d394575a} - H:\g6jk.exe HKU\S-1-5-21-1220945662-1958367476-682003330-1003\...\MountPoints2: {c4e18077-f9ea-11e2-9fdc-0013d394575a} - I:\EXPLORER.EXE HKU\S-1-5-21-1220945662-1958367476-682003330-1003\...\MountPoints2: {ce2ece1f-1609-11e3-a00f-0013d394575a} - H:\EXPLORER.EXE Startup: C:\Documents and Settings\User\Menu Start\Programy\Autostart\OpenOffice.org 3.4.1.lnk ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe () ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=8C3A005345000000&affID=128491&tsp=5190 SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=8C3A005345000000&affID=128491&tsp=5190 BHO: SaveSense -> {71e129ff-6c2a-4984-818c-7e2c998b8d99} -> C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\SaveSense\SaveSenseIE.dll (SaveSense) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 FireFox: ======== FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.) FF Plugin: @java.com/DTPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.updaterss.com/SaveSenseLive Update;version=3 - C:\Program Files\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll (SaveSense) FF Plugin: @tools.updaterss.com/SaveSenseLive Update;version=9 - C:\Program Files\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll (SaveSense) FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\SiteAdvisor FF Extension: McAfee SiteAdvisor - C:\Program Files\McAfee\SiteAdvisor [2014-07-25] Chrome: ======= CHR StartupUrls: "hxxp://allegro.pl/" CHR Extension: (Dokumenty Google) - C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-21] CHR Extension: (Dysk Google) - C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-21] CHR Extension: (YouTube) - C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-21] CHR Extension: (Szukaj w Google) - C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-21] CHR Extension: (Google Wallet) - C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-21] CHR Extension: (Gmail) - C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-21] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless lis ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 HomeNetSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.) R2 HWDeviceService.exe; C:\Documents and Settings\All Users\Dane aplikacji\DatacardService\HWDeviceService.exe [271712 2011-03-14] () R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-06-08] (Oracle Corporation) R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.) R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [145568 2014-04-25] (McAfee, Inc.) R2 McMPFSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.) R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.) S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [472072 2014-06-12] (McAfee, Inc.) R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.) R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.) R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [655936 2014-06-18] (McAfee, Inc.) R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [169800 2014-06-20] (McAfee, Inc.) R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [179600 2014-06-20] (McAfee, Inc.) S2 savesenselive; C:\Program Files\SaveSenseLive\Update\SaveSenseLive.exe [146920 2014-02-03] (SaveSense) S3 savesenselivem; C:\Program Files\SaveSenseLive\Update\SaveSenseLive.exe [146920 2014-02-03] (SaveSense) S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 ALCXWDM; C:\WINDOWS\System32\drivers\ALCXWDM.SYS [2319680 2005-05-18] (Realtek Semiconductor Corp.) R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [36864 2006-06-18] (Advanced Micro Devices) R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [62832 2014-06-20] (McAfee, Inc.) S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [147912 2013-09-23] (McAfee, Inc.) R3 huawei_cdcacm; C:\WINDOWS\System32\DRIVERS\ew_jucdcacm.sys [97408 2013-01-25] (Huawei Technologies Co., Ltd.) R3 huawei_cdcecm; C:\WINDOWS\System32\DRIVERS\ew_jucdcecm.sys [70272 2013-02-17] (Huawei Technologies Co., Ltd.) R3 huawei_ext_ctrl; C:\WINDOWS\System32\DRIVERS\ew_juextctrl.sys [27776 2013-01-23] (Huawei Technologies Co., Ltd.) R3 mfeapfk; C:\WINDOWS\System32\drivers\mfeapfk.sys [135968 2014-06-20] (McAfee, Inc.) R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [238176 2014-06-20] (McAfee, Inc.) S3 mfebopk; C:\WINDOWS\System32\drivers\mfebopk.sys [67816 2014-06-20] (McAfee, Inc.) R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [369248 2014-06-20] (McAfee, Inc.) R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [576048 2014-06-20] (McAfee, Inc.) R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [349192 2014-06-18] (McAfee, Inc.) S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [81296 2014-06-18] (McAfee, Inc.) S3 mfendisk; C:\WINDOWS\System32\DRIVERS\mfendisk.sys [87520 2014-06-20] (McAfee, Inc.) R3 mfendiskmp; C:\WINDOWS\System32\DRIVERS\mfendisk.sys [87520 2014-06-20] (McAfee, Inc.) R1 mfetdi2k; C:\WINDOWS\System32\drivers\mfetdi2k.sys [93624 2014-06-20] (McAfee, Inc.) S3 s0016bus; C:\WINDOWS\System32\DRIVERS\s0016bus.sys [89256 2008-05-16] (MCCI Corporation) S3 s0016mdfl; C:\WINDOWS\System32\DRIVERS\s0016mdfl.sys [15016 2008-05-16] (MCCI Corporation) S3 s0016mdm; C:\WINDOWS\System32\DRIVERS\s0016mdm.sys [120744 2008-05-16] (MCCI Corporation) S3 s0016obex; C:\WINDOWS\System32\DRIVERS\s0016obex.sys [110632 2008-05-16] (MCCI Corporation) R1 Tcpip; C:\WINDOWS\System32\DRIVERS\tcpip.sys [361344 2008-05-08] (Microsoft Corporation) [File not signed] S3 wceusbsh; C:\WINDOWS\System32\DRIVERS\wceusbsh.sys [104064 2003-12-22] (Microsoft Corporation) S3 filtertdidriver; system32\drivers\ewfiltertdidriver.sys [X] S4 IntelIde; No ImagePath U0 mfewfpk; U1 WS2IFSL; ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-07-28 10:03 - 2014-07-28 10:03 - 00161002 _____ () C:\Documents and Settings\User\Pulpit\Addition.txt 2014-07-28 09:59 - 2014-07-28 10:03 - 00000000 ____D () C:\FRST 2014-07-28 09:04 - 2014-07-28 09:04 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\McAfee 2014-07-26 12:39 - 2014-07-26 12:39 - 00261750 _____ () C:\Documents and Settings\User\Pulpit\CENÓWKI.rar 2014-07-26 11:52 - 2014-07-26 11:52 - 00037130 _____ () C:\Documents and Settings\User\Pulpit\Extras.Txt 2014-07-26 11:07 - 2014-07-26 11:07 - 00068058 _____ () C:\Documents and Settings\User\Pulpit\OTL.Txt 2014-07-26 11:05 - 2014-07-26 11:07 - 95768236 _____ () C:\Documents and Settings\User\Pulpit\ALLEGRO1.rar 2014-07-26 10:41 - 2014-07-26 10:45 - 124114003 _____ () C:\Documents and Settings\User\Pulpit\ALLEGRO.rar 2014-07-26 10:41 - 2014-07-26 10:43 - 08175979 _____ () C:\Documents and Settings\User\Pulpit\RAPORTY KASOWE.rar 2014-07-26 10:39 - 2014-07-26 10:39 - 04392328 _____ () C:\Documents and Settings\User\Pulpit\DOKUMENTY.rar 2014-07-26 09:47 - 2014-07-26 09:47 - 00000020 ___SH () C:\Documents and Settings\Administrator.USER-E13D0C0A39\ntuser.ini 2014-07-26 09:47 - 2014-07-26 09:47 - 00000000 ____D () C:\Documents and Settings\Administrator.USER-E13D0C0A39 2014-07-26 09:47 - 2013-11-06 15:40 - 00000000 __RHD () C:\Documents and Settings\Administrator.USER-E13D0C0A39\Dane aplikacji 2014-07-26 09:47 - 2013-11-06 15:40 - 00000000 ____D () C:\Documents and Settings\Administrator.USER-E13D0C0A39\Dane aplikacji\Macromedia 2014-07-26 09:47 - 2013-07-30 17:10 - 00000000 ___RD () C:\Documents and Settings\Administrator.USER-E13D0C0A39\Menu Start\Programy\Autostart 2014-07-26 09:47 - 2013-07-30 17:10 - 00000000 ___RD () C:\Documents and Settings\Administrator.USER-E13D0C0A39\Menu Start 2014-07-26 09:47 - 2013-07-30 17:10 - 00000000 ___HD () C:\Documents and Settings\Administrator.USER-E13D0C0A39\Ustawienia lokalne\Historia 2014-07-26 09:47 - 2013-07-30 17:10 - 00000000 ___HD () C:\Documents and Settings\Administrator.USER-E13D0C0A39\Ustawienia lokalne 2014-07-26 09:47 - 2013-07-30 17:10 - 00000000 ____D () C:\Documents and Settings\Administrator.USER-E13D0C0A39\Ustawienia lokalne\Temp 2014-07-26 09:47 - 2013-07-30 17:10 - 00000000 ____D () C:\Documents and Settings\Administrator.USER-E13D0C0A39\Ulubione 2014-07-26 09:47 - 2013-07-30 17:10 - 00000000 ____D () C:\Documents and Settings\Administrator.USER-E13D0C0A39\Pulpit 2014-07-26 09:47 - 2013-07-30 17:10 - 00000000 ____D () C:\Documents and Settings\Administrator.USER-E13D0C0A39\Moje dokumenty 2014-07-26 09:47 - 2013-07-30 15:20 - 00001599 _____ () C:\Documents and Settings\Administrator.USER-E13D0C0A39\Menu Start\Programy\Pomoc zdalna.lnk 2014-07-26 09:47 - 2013-07-30 15:20 - 00000788 _____ () C:\Documents and Settings\Administrator.USER-E13D0C0A39\Menu Start\Programy\Windows Media Player.lnk 2014-07-26 09:47 - 2013-07-30 15:20 - 00000000 ___RD () C:\Documents and Settings\Administrator.USER-E13D0C0A39\Menu Start\Programy\Akcesoria 2014-07-26 09:47 - 2013-07-30 15:20 - 00000000 ___RD () C:\Documents and Settings\Administrator.USER-E13D0C0A39\Menu Start\Programy 2014-07-26 09:47 - 2013-07-30 15:19 - 00000000 ___HD () C:\Documents and Settings\Administrator.USER-E13D0C0A39\Ustawienia lokalne\Dane aplikacji 2014-07-26 09:47 - 2013-07-30 15:15 - 00000000 ___HD () C:\Documents and Settings\Administrator.USER-E13D0C0A39\Szablony 2014-07-26 09:33 - 2014-07-26 09:33 - 00000020 ___SH () C:\Documents and Settings\Administrator\ntuser.ini 2014-07-26 09:33 - 2014-07-26 09:33 - 00000000 ____D () C:\Documents and Settings\Administrator 2014-07-26 09:33 - 2013-11-06 15:40 - 00000000 __RHD () C:\Documents and Settings\Administrator\Dane aplikacji 2014-07-26 09:33 - 2013-11-06 15:40 - 00000000 ____D () C:\Documents and Settings\Administrator\Dane aplikacji\Macromedia 2014-07-26 09:33 - 2013-07-30 17:10 - 00000000 ___RD () C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart 2014-07-26 09:33 - 2013-07-30 17:10 - 00000000 ___RD () C:\Documents and Settings\Administrator\Menu Start 2014-07-26 09:33 - 2013-07-30 17:10 - 00000000 ___HD () C:\Documents and Settings\Administrator\Ustawienia lokalne\Historia 2014-07-26 09:33 - 2013-07-30 17:10 - 00000000 ___HD () C:\Documents and Settings\Administrator\Ustawienia lokalne 2014-07-26 09:33 - 2013-07-30 17:10 - 00000000 ____D () C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp 2014-07-26 09:33 - 2013-07-30 17:10 - 00000000 ____D () C:\Documents and Settings\Administrator\Ulubione 2014-07-26 09:33 - 2013-07-30 17:10 - 00000000 ____D () C:\Documents and Settings\Administrator\Pulpit 2014-07-26 09:33 - 2013-07-30 17:10 - 00000000 ____D () C:\Documents and Settings\Administrator\Moje dokumenty 2014-07-26 09:33 - 2013-07-30 15:20 - 00001599 _____ () C:\Documents and Settings\Administrator\Menu Start\Programy\Pomoc zdalna.lnk 2014-07-26 09:33 - 2013-07-30 15:20 - 00000788 _____ () C:\Documents and Settings\Administrator\Menu Start\Programy\Windows Media Player.lnk 2014-07-26 09:33 - 2013-07-30 15:20 - 00000000 ___RD () C:\Documents and Settings\Administrator\Menu Start\Programy\Akcesoria 2014-07-26 09:33 - 2013-07-30 15:20 - 00000000 ___RD () C:\Documents and Settings\Administrator\Menu Start\Programy 2014-07-26 09:33 - 2013-07-30 15:19 - 00000000 ___HD () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji 2014-07-26 09:33 - 2013-07-30 15:15 - 00000000 ___HD () C:\Documents and Settings\Administrator\Szablony 2014-07-25 11:21 - 2014-07-28 09:04 - 00001611 _____ () C:\Documents and Settings\All Users\Pulpit\McAfee AntiVirus Plus.lnk 2014-07-25 11:19 - 2013-09-23 13:48 - 00147912 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\HipShieldK.sys 2014-07-25 11:17 - 2014-07-25 11:17 - 00000000 ____D () C:\Program Files\McAfee.com 2014-07-25 11:17 - 2014-06-20 11:05 - 00087520 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\mfendisk.sys 2014-07-25 11:16 - 2014-07-27 08:54 - 00000000 ____D () C:\Program Files\McAfee 2014-07-25 11:08 - 2014-07-25 11:11 - 00000000 ____D () C:\Program Files\stinger 2014-07-25 11:08 - 2014-07-25 11:08 - 00000000 ____D () C:\Quarantine 2014-07-25 11:06 - 2014-07-25 11:20 - 00000000 ____D () C:\Program Files\Common Files\McAfee 2014-07-25 11:06 - 2014-06-20 11:13 - 00179600 _____ (McAfee, Inc.) C:\WINDOWS\system32\mfevtps.exe 2014-07-23 14:33 - 2014-07-23 20:14 - 00012523 _____ () C:\Documents and Settings\User\Pulpit\List przewozowy.xlsx 2014-07-21 20:03 - 2014-07-21 20:03 - 00001819 _____ () C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk 2014-07-21 20:03 - 2014-07-21 20:03 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Google Chrome 2014-07-21 20:02 - 2014-07-28 09:07 - 00001032 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-07-21 20:02 - 2014-07-28 08:59 - 00001028 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-07-21 19:54 - 2014-07-21 19:54 - 00001342 _____ () C:\Documents and Settings\All Users\Pulpit\Huawei E5776.lnk 2014-07-21 19:53 - 2013-02-17 05:14 - 00070272 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_jucdcecm.sys 2014-07-21 19:53 - 2013-01-25 05:33 - 00097408 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_jucdcacm.sys 2014-07-21 19:53 - 2013-01-25 03:16 - 00095232 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_hwusbdev.sys 2014-07-21 19:53 - 2013-01-23 08:58 - 00249600 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ewusbnet.sys 2014-07-21 19:53 - 2013-01-23 08:56 - 00199296 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ewusbmdm.sys 2014-07-21 19:53 - 2013-01-23 05:31 - 00077696 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_jubusenum.sys 2014-07-21 19:53 - 2013-01-23 05:31 - 00027776 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_juextctrl.sys 2014-07-21 19:53 - 2012-12-22 03:46 - 00011904 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_usbenumfilter.sys 2014-07-21 19:53 - 2010-10-08 10:55 - 00025856 _____ (Huawei Tech. Co., Ltd.) C:\WINDOWS\system32\Drivers\ewdcsc.sys 2014-07-21 19:53 - 2010-09-26 12:09 - 00019200 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_hwupgrade.sys 2014-07-21 19:53 - 2010-08-06 01:42 - 00861696 _____ (DiBcom SA) C:\WINDOWS\system32\Drivers\mod7700.sys 2014-07-21 19:53 - 2005-05-13 10:27 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccid.sys 2014-07-21 11:28 - 2014-07-21 12:03 - 00012999 _____ () C:\Documents and Settings\User\Pulpit\Klaka.odt 2014-07-11 17:05 - 2014-07-11 17:05 - 00106496 _____ () C:\WINDOWS\Minidump\Mini071114-01.dmp ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-07-28 10:04 - 2013-07-30 15:24 - 00000000 ____D () C:\Documents and Settings\User\Ustawienia lokalne\Temp 2014-07-28 10:03 - 2014-07-28 10:03 - 00161002 _____ () C:\Documents and Settings\User\Pulpit\Addition.txt 2014-07-28 10:03 - 2014-07-28 09:59 - 00000000 ____D () C:\FRST 2014-07-28 10:03 - 2013-07-30 15:24 - 00000000 ____D () C:\Documents and Settings\User\Pulpit 2014-07-28 10:01 - 2014-02-03 16:56 - 00000916 _____ () C:\WINDOWS\Tasks\SaveSenseLiveUpdateTaskMachineUA.job 2014-07-28 09:25 - 2013-07-30 19:22 - 00000000 ____D () C:\Lombard955 2014-07-28 09:08 - 2013-07-30 19:54 - 00000041 _____ () C:\WINDOWS\crw.ini 2014-07-28 09:07 - 2014-07-21 20:02 - 00001032 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-07-28 09:06 - 2013-07-30 19:08 - 00000000 ____D () C:\Documents and Settings\User\Pulpit\DOKUMENTY 2014-07-28 09:04 - 2014-07-28 09:04 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\McAfee 2014-07-28 09:04 - 2014-07-25 11:21 - 00001611 _____ () C:\Documents and Settings\All Users\Pulpit\McAfee AntiVirus Plus.lnk 2014-07-28 09:04 - 2013-07-30 17:10 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy 2014-07-28 09:04 - 2013-07-30 17:10 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit 2014-07-28 08:59 - 2014-07-21 20:02 - 00001028 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-07-28 08:59 - 2014-02-03 16:56 - 00000912 _____ () C:\WINDOWS\Tasks\SaveSenseLiveUpdateTaskMachineCore.job 2014-07-28 08:59 - 2013-07-30 16:55 - 00000159 _____ () C:\WINDOWS\wiadebug.log 2014-07-28 08:59 - 2013-07-30 16:55 - 00000050 _____ () C:\WINDOWS\wiaservc.log 2014-07-28 08:59 - 2013-07-30 15:24 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-07-28 08:59 - 2001-07-22 00:17 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl 2014-07-27 20:58 - 2013-07-30 15:24 - 00032536 _____ () C:\WINDOWS\SchedLgU.Txt 2014-07-27 20:58 - 2013-07-30 15:18 - 00086933 _____ () C:\WINDOWS\WindowsUpdate.log 2014-07-27 20:47 - 2014-05-14 20:28 - 00000000 ____D () C:\Kopia bazy lombardu955 2014-07-27 18:18 - 2013-07-30 16:49 - 01248706 _____ () C:\WINDOWS\setupapi.log 2014-07-27 08:54 - 2014-07-25 11:16 - 00000000 ____D () C:\Program Files\McAfee 2014-07-26 15:26 - 2014-04-23 12:18 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\McAfee 2014-07-26 12:39 - 2014-07-26 12:39 - 00261750 _____ () C:\Documents and Settings\User\Pulpit\CENÓWKI.rar 2014-07-26 12:39 - 2013-07-30 19:10 - 00000000 ___RD () C:\Documents and Settings\User\Pulpit\Moje dokumenty 2014-07-26 11:52 - 2014-07-26 11:52 - 00037130 _____ () C:\Documents and Settings\User\Pulpit\Extras.Txt 2014-07-26 11:07 - 2014-07-26 11:07 - 00068058 _____ () C:\Documents and Settings\User\Pulpit\OTL.Txt 2014-07-26 11:07 - 2014-07-26 11:05 - 95768236 _____ () C:\Documents and Settings\User\Pulpit\ALLEGRO1.rar 2014-07-26 10:45 - 2014-07-26 10:41 - 124114003 _____ () C:\Documents and Settings\User\Pulpit\ALLEGRO.rar 2014-07-26 10:43 - 2014-07-26 10:41 - 08175979 _____ () C:\Documents and Settings\User\Pulpit\RAPORTY KASOWE.rar 2014-07-26 10:39 - 2014-07-26 10:39 - 04392328 _____ () C:\Documents and Settings\User\Pulpit\DOKUMENTY.rar 2014-07-26 09:47 - 2014-07-26 09:47 - 00000020 ___SH () C:\Documents and Settings\Administrator.USER-E13D0C0A39\ntuser.ini 2014-07-26 09:47 - 2014-07-26 09:47 - 00000000 ____D () C:\Documents and Settings\Administrator.USER-E13D0C0A39 2014-07-26 09:33 - 2014-07-26 09:33 - 00000020 ___SH () C:\Documents and Settings\Administrator\ntuser.ini 2014-07-26 09:33 - 2014-07-26 09:33 - 00000000 ____D () C:\Documents and Settings\Administrator 2014-07-25 20:07 - 2013-07-30 15:24 - 00000000 ___HD () C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji 2014-07-25 19:40 - 2013-07-30 19:08 - 00000000 ____D () C:\Documents and Settings\User\Pulpit\CENÓWKI 2014-07-25 11:20 - 2014-07-25 11:06 - 00000000 ____D () C:\Program Files\Common Files\McAfee 2014-07-25 11:17 - 2014-07-25 11:17 - 00000000 ____D () C:\Program Files\McAfee.com 2014-07-25 11:11 - 2014-07-25 11:08 - 00000000 ____D () C:\Program Files\stinger 2014-07-25 11:08 - 2014-07-25 11:08 - 00000000 ____D () C:\Quarantine 2014-07-25 08:55 - 2013-08-28 12:27 - 00000000 ____D () C:\Documents and Settings\User\Dane aplikacji\GG 2014-07-24 21:01 - 2013-07-30 15:24 - 00000188 ___SH () C:\Documents and Settings\User\ntuser.ini 2014-07-23 20:14 - 2014-07-23 14:33 - 00012523 _____ () C:\Documents and Settings\User\Pulpit\List przewozowy.xlsx 2014-07-22 14:43 - 2013-07-30 16:44 - 00000000 ____D () C:\WINDOWS\Help 2014-07-21 20:03 - 2014-07-21 20:03 - 00001819 _____ () C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk 2014-07-21 20:03 - 2014-07-21 20:03 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Google Chrome 2014-07-21 20:03 - 2013-07-30 17:37 - 00000000 ____D () C:\Program Files\Google 2014-07-21 20:03 - 2013-07-30 17:37 - 00000000 ____D () C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google 2014-07-21 19:58 - 2014-04-23 12:22 - 00000000 ____D () C:\Program Files\Opera 2014-07-21 19:58 - 2014-02-03 17:26 - 00000000 ____D () C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\RadioSure 2014-07-21 19:58 - 2013-07-30 15:24 - 00000000 ___RD () C:\Documents and Settings\User\Menu Start\Programy 2014-07-21 19:55 - 2013-07-30 16:49 - 00360579 _____ () C:\WINDOWS\setupact.log 2014-07-21 19:54 - 2014-07-21 19:54 - 00001342 _____ () C:\Documents and Settings\All Users\Pulpit\Huawei E5776.lnk 2014-07-21 19:54 - 2013-08-28 11:50 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\DatacardService 2014-07-21 19:53 - 2013-08-28 11:50 - 00000000 ____D () C:\Program Files\Huawei E5776 2014-07-21 19:48 - 2014-03-15 14:48 - 00000000 ____D () C:\Program Files\blueconnect 2014-07-21 12:03 - 2014-07-21 11:28 - 00012999 _____ () C:\Documents and Settings\User\Pulpit\Klaka.odt 2014-07-20 18:40 - 2013-07-30 19:08 - 00000000 ____D () C:\Documents and Settings\User\Pulpit\ALLEGRO 2014-07-14 16:42 - 2013-07-30 15:24 - 00000000 ___RD () C:\Documents and Settings\User\Moje dokumenty 2014-07-11 17:06 - 2013-08-28 12:26 - 00000000 ____D () C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\GG 2014-07-11 17:05 - 2014-07-11 17:05 - 00106496 _____ () C:\WINDOWS\Minidump\Mini071114-01.dmp 2014-07-11 17:05 - 2013-10-18 08:57 - 00000000 ____D () C:\WINDOWS\Minidump 2014-07-02 10:46 - 2013-07-30 15:25 - 00000000 ___RD () C:\Documents and Settings\User\Moje dokumenty\Moje obrazy Some content of TEMP: ==================== C:\Documents and Settings\User\Ustawienia lokalne\Temp\APNSetup.exe C:\Documents and Settings\User\Ustawienia lokalne\Temp\BuenoSearchTB.exe C:\Documents and Settings\User\Ustawienia lokalne\Temp\ggdrive-menu.exe C:\Documents and Settings\User\Ustawienia lokalne\Temp\ggdrive-overlay.exe C:\Documents and Settings\User\Ustawienia lokalne\Temp\installstats.exe C:\Documents and Settings\User\Ustawienia lokalne\Temp\NEventMessages.dll C:\Documents and Settings\User\Ustawienia lokalne\Temp\NOSEventMessages.dll C:\Documents and Settings\User\Ustawienia lokalne\Temp\Softonic_PL_1-5-9_PL-Production_10_CleanRelease.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================