Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 16-10-2014 Ran by ROMAN SZ (administrator) on AMD on 18-10-2014 11:29:22 Running from C:\Documents and Settings\ROMAN SZ\Pulpit Loaded Profiles: UpdatusUser & ROMAN SZ (Available profiles: UpdatusUser & Rafal & ROMAN SZ & Administrator) Platform: Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polski Internet Explorer Version 8 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG2014\avgrsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe (Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe (Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgemcx.exe (Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe (Acronis) C:\Program Files\Acronis\DriveMonitor\adm_tray.exe (Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Brother Industries, Ltd.) C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe ( ) C:\Program Files\ChomikBox\chomikbox.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcMon.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer.exe (Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\tv_w32.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Desktop.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [NVMixerTray] => C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe [131072 2004-12-20] (NVIDIA Corporation) HKLM\...\Run: [BrMfcWnd] => C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [663552 2007-03-12] (Brother Industries, Ltd.) HKLM\...\Run: [ControlCenter3] => C:\Program Files\Brother\ControlCenter3\brctrcen.exe [65536 2007-01-26] (Brother Industries, Ltd.) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2014\avgui.exe [5188112 2014-08-25] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [adm_tray.exe] => C:\Program Files\Acronis\DriveMonitor\adm_tray.exe [466768 2011-02-24] (Acronis) HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [365632 2011-02-12] (Acronis) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated) HKU\S-1-5-21-823518204-1708537768-1801674531-1558\...\Run: [ChomikBox] => C:\Program Files\ChomikBox\ChomikBox.exe [5979648 2012-11-15] ( ) HKU\S-1-5-21-823518204-1708537768-1801674531-1558\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4811032 2014-09-26] (Piriform Ltd) Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\McAfee Security Scan Plus.lnk ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.) ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google) ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google) ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google) ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google) ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google) ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google) ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.) BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2014\avgrsx.exe /sync /restart ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.pl/ HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myhoome.com/ SearchScopes: HKLM - Backup.Old.DefaultScope {BE7DCA20-F1FE-4C5F-83DE-0B15891DB5BD} SearchScopes: HKLM - {BE7DCA20-F1FE-4C5F-83DE-0B15891DB5BD} URL = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1QzutDtDtDyEyByC0AyEzztDzytCyB0BzyyCtN0D0Tzu0CtByEtAtN1L2XzutBtFtCtFtCtFtAtCtB&cr=292714344 SearchScopes: HKCU - {1C7E91BD-4F6C-4095-B0FB-A49695869EF4} URL = BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Skype Plug-In -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1337000629953 DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4 FireFox: ======== FF ProfilePath: C:\Documents and Settings\ROMAN SZ\Dane aplikacji\Mozilla\Firefox\Profiles\8xzqz7xd.default-1413022292703 FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll () FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\ROMAN SZ\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Extension: Skype extension - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-09-25] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-10-17] FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\Documents and Settings\All Users\Dane aplikacji\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi FF Extension: McAfee Security Scan Plus - C:\Documents and Settings\All Users\Dane aplikacji\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] Chrome: ======= CHR HomePage: Default -> hxxp://pl.msn.com/?pc=UP97&ocid=UP97DHP CHR StartupUrls: Default -> "hxxp://www.wp.pl/" CHR DefaultSearchKeyword: Default -> bing.com_ CHR DefaultSearchURL: Default -> http://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms} CHR DefaultSuggestURL: Default -> http://api.bing.com/osjson.aspx?query={searchTerms}&language={language}&form=UP97DF&PC=UP97 CHR Profile: C:\Documents and Settings\ROMAN SZ\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default CHR Extension: (Dokumenty Google) - C:\Documents and Settings\ROMAN SZ\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-16] CHR Extension: (Google Wallet) - C:\Documents and Settings\ROMAN SZ\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-08] CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-04-15] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [660576 2011-02-12] (Acronis) R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3242000 2014-08-25] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [289328 2014-08-25] (AVG Technologies CZ, s.r.o.) R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-04-14] (Oracle Corporation) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [121624 2014-06-30] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriverl; C:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys [191256 2014-07-21] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [147736 2014-06-17] (AVG Technologies CZ, s.r.o.) R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-17] (AVG Technologies CZ, s.r.o.) R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [188696 2014-06-17] (AVG Technologies CZ, s.r.o.) R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [241944 2014-06-17] (AVG Technologies CZ, s.r.o.) R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [98584 2014-08-06] (AVG Technologies CZ, s.r.o.) R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [27416 2014-06-17] (AVG Technologies CZ, s.r.o.) R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [197400 2014-06-17] (AVG Technologies CZ, s.r.o.) R3 BrScnUsb; C:\WINDOWS\System32\DRIVERS\BrScnUsb.sys [15295 2004-10-15] (Brother Industries Ltd.) R3 EL90XBC; C:\WINDOWS\System32\DRIVERS\el90xbc5.sys [66591 2001-08-17] (3Com Corporation) R3 irsir; C:\WINDOWS\System32\DRIVERS\irsir.sys [18688 2001-08-17] (Microsoft Corporation) R0 nvatabus; C:\WINDOWS\System32\DRIVERS\nvatabus.sys [88960 2005-01-20] (NVIDIA Corporation) R3 nvax; C:\WINDOWS\System32\drivers\nvax.sys [53376 2005-01-26] (NVIDIA Corporation) R3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [33408 2005-01-13] (NVIDIA Corporation) R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [12928 2005-01-13] (NVIDIA Corporation) R3 nvnforce; C:\WINDOWS\System32\drivers\nvapu.sys [414336 2005-01-26] (NVIDIA Corporation) R3 Rasirda; C:\WINDOWS\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation) R2 StarOpen; C:\WINDOWS\system32\Drivers\StarOpen.sys [5504 2012-06-03] () [File not signed] S4 IntelIde; No ImagePath ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-18 11:29 - 2014-10-18 11:29 - 00014994 _____ () C:\Documents and Settings\ROMAN SZ\Pulpit\FRST.txt 2014-10-18 11:27 - 2014-10-18 11:26 - 01102848 _____ (Farbar) C:\Documents and Settings\ROMAN SZ\Pulpit\FRST.exe 2014-10-16 21:54 - 2014-10-16 21:54 - 00000000 ____D () C:\0e72485fe755a41c7745972623b1aa 2014-10-15 22:02 - 2014-10-16 21:21 - 00000488 _____ () C:\defogger_disable.log 2014-10-15 22:02 - 2014-10-15 22:02 - 00000000 _____ () C:\Documents and Settings\Administrator\defogger_reenable 2014-10-15 21:59 - 2014-10-15 21:59 - 00050477 _____ () C:\start.exe 2014-10-15 20:57 - 2014-10-15 20:13 - 00380416 _____ () C:\hdi96mt6.exe 2014-10-15 20:34 - 2014-10-15 20:34 - 00380416 _____ () C:\Documents and Settings\ROMAN SZ\Pulpit\gmer.exe 2014-10-15 20:13 - 2014-10-15 20:13 - 00380416 _____ () C:\Documents and Settings\ROMAN SZ\Pulpit\hdi96mt6.exe 2014-10-15 20:12 - 2014-10-15 20:12 - 00000000 ____D () C:\Documents and Settings\ROMAN SZ\Pulpit\Do robienia logów na wirusy 2014-10-15 20:06 - 2014-10-18 11:29 - 00000000 ____D () C:\FRST 2014-10-15 19:51 - 2014-10-15 19:51 - 00000000 ____D () C:\Documents and Settings\ROMAN SZ\Dane aplikacji\TeamViewer 2014-10-13 11:28 - 2014-10-13 10:35 - 00010705 _____ () C:\Documents and Settings\ROMAN SZ\Pulpit\Usterki mechatronika.xlsx 2014-10-12 17:24 - 2014-10-12 17:24 - 00000833 _____ () C:\Documents and Settings\ROMAN SZ\Pulpit\TeamViewer 9 (2).lnk 2014-10-12 17:00 - 2014-10-18 11:16 - 00000374 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.ics 2014-10-12 16:59 - 2014-10-18 11:19 - 00000259 _____ () C:\WINDOWS\wiadebug.log 2014-10-12 16:59 - 2014-10-18 11:16 - 00000050 _____ () C:\WINDOWS\wiaservc.log 2014-10-12 16:59 - 2014-10-18 11:14 - 00032620 _____ () C:\WINDOWS\SchedLgU.Txt 2014-10-12 16:59 - 2014-10-12 16:59 - 00000000 ____N () C:\WINDOWS\Sti_Trace.log 2014-10-12 16:45 - 2014-10-18 11:17 - 00227557 _____ () C:\WINDOWS\WindowsUpdate.log 2014-10-12 16:28 - 2014-10-12 16:28 - 00003096 _____ () C:\wirus jak usunac.txt 2014-10-12 16:24 - 2014-10-12 16:24 - 00000688 _____ () C:\Documents and Settings\All Users\Pulpit\CCleaner.lnk 2014-10-11 11:49 - 2014-10-11 12:48 - 00000000 ____D () C:\AdwCleaner 2014-10-11 11:16 - 2014-10-11 11:49 - 00000000 ____D () C:\Documents and Settings\Administrator\Dane aplikacji\Adobe 2014-10-11 11:16 - 2014-10-11 11:16 - 00000000 _RSHD () C:\cmdcons 2014-10-11 11:16 - 2014-10-11 11:16 - 00000000 __SHD () C:\Documents and Settings\Administrator\PrivacIE 2014-10-11 11:16 - 2014-10-11 11:16 - 00000000 __SHD () C:\Documents and Settings\Administrator\IECompatCache 2014-10-11 11:16 - 2014-02-25 20:04 - 00000211 _____ () C:\Boot.bak 2014-10-11 11:16 - 2004-08-03 23:00 - 00262400 __RSH () C:\cmldr 2014-10-11 11:10 - 2014-10-11 11:10 - 00000000 ___RD () C:\Documents and Settings\Administrator\Menu Start\Programy\Narzędzia administracyjne 2014-10-11 11:09 - 2014-10-16 21:03 - 00000188 ___SH () C:\Documents and Settings\Administrator\ntuser.ini 2014-10-11 11:09 - 2014-10-15 22:02 - 00000000 ____D () C:\Documents and Settings\Administrator 2014-10-11 11:09 - 2014-10-12 16:55 - 00000000 ___HD () C:\Documents and Settings\Administrator\Ustawienia lokalne 2014-10-11 11:09 - 2014-10-11 11:31 - 00000000 __RHD () C:\Documents and Settings\Administrator\Dane aplikacji 2014-10-11 11:09 - 2014-10-11 11:16 - 00000000 ____D () C:\Documents and Settings\Administrator\Ulubione 2014-10-11 11:09 - 2014-10-11 11:10 - 00000000 ___RD () C:\Documents and Settings\Administrator\Menu Start\Programy 2014-10-11 11:09 - 2014-10-11 11:10 - 00000000 ____D () C:\Documents and Settings\Administrator\Moje dokumenty 2014-10-11 11:09 - 2014-10-11 11:09 - 00000000 ____D () C:\WINDOWS\CSC 2014-10-11 11:09 - 2014-03-25 14:00 - 00000000 ____D () C:\Documents and Settings\Administrator\Dane aplikacji\TuneUp Software 2014-10-11 11:09 - 2013-07-11 22:25 - 00000000 __SHD () C:\Documents and Settings\Administrator\IETldCache 2014-10-11 11:09 - 2012-05-14 15:11 - 00000000 ___RD () C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart 2014-10-11 11:09 - 2012-05-14 15:11 - 00000000 ___RD () C:\Documents and Settings\Administrator\Menu Start 2014-10-11 11:09 - 2012-05-14 15:11 - 00000000 ____D () C:\Documents and Settings\Administrator\Pulpit 2014-10-11 11:09 - 2012-05-14 13:38 - 00001599 _____ () C:\Documents and Settings\Administrator\Menu Start\Programy\Pomoc zdalna.lnk 2014-10-11 11:09 - 2012-05-14 13:38 - 00000792 _____ () C:\Documents and Settings\Administrator\Menu Start\Programy\Windows Media Player.lnk 2014-10-11 11:09 - 2012-05-14 13:38 - 00000000 ___RD () C:\Documents and Settings\Administrator\Menu Start\Programy\Akcesoria 2014-10-11 11:09 - 2012-05-14 13:35 - 00000000 ___HD () C:\Documents and Settings\Administrator\Szablony 2014-10-09 18:41 - 2014-10-10 15:27 - 00000000 ____D () C:\Documents and Settings\ROMAN SZ\Pulpit\M12 2014-09-25 14:39 - 2014-09-25 14:39 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-09-24 20:29 - 2014-09-24 20:33 - 00000055 _____ () C:\Documents and Settings\ROMAN SZ\log.csv 2014-09-22 18:04 - 2014-09-22 18:04 - 01240450 _____ () C:\Documents and Settings\ROMAN SZ\Pulpit\Wniosek wizowy - Ambasada Republiki Białoruś w Rzeczypospolitej Polskiej.htm 2014-09-22 18:04 - 2014-09-22 18:04 - 00000000 ____D () C:\Documents and Settings\ROMAN SZ\Pulpit\Wniosek wizowy - Ambasada Republiki Białoruś w Rzeczypospolitej Polskiej_pliki 2014-09-22 18:02 - 2014-09-22 18:16 - 00002315 _____ () C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Reader XI.lnk 2014-09-22 18:02 - 2014-09-22 18:02 - 00001740 _____ () C:\Documents and Settings\All Users\Pulpit\Adobe Reader XI.lnk 2014-09-22 18:02 - 2014-09-22 18:02 - 00000000 ____D () C:\Program Files\Common Files\Adobe 2014-09-22 18:02 - 2014-09-22 18:02 - 00000000 ____D () C:\Program Files\Adobe 2014-09-22 05:29 - 2014-09-22 06:19 - 00000000 ____D () C:\Documents and Settings\ROMAN SZ\Pulpit\Dokumenty 2014-2015 ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-18 11:29 - 2013-11-01 10:45 - 00000000 ____D () C:\Documents and Settings\ROMAN SZ\Pulpit 2014-10-18 11:29 - 2012-05-15 11:06 - 00000000 ____D () C:\TEMP 2014-10-18 11:19 - 2014-05-21 15:36 - 00000000 ____D () C:\Documents and Settings\ROMAN SZ\.gstreamer-0.10 2014-10-18 11:19 - 2013-12-14 19:09 - 00001032 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-10-18 11:18 - 2014-03-15 19:44 - 00000228 _____ () C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job 2014-10-18 11:18 - 2013-12-05 09:29 - 00001032 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cef18bcaab1662.job 2014-10-18 11:18 - 2008-04-15 14:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl 2014-10-18 11:15 - 2012-05-14 13:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-10-18 11:14 - 2013-11-01 10:45 - 00000188 ___SH () C:\Documents and Settings\ROMAN SZ\ntuser.ini 2014-10-18 10:57 - 2013-11-01 10:45 - 00000000 ____D () C:\Documents and Settings\ROMAN SZ 2014-10-18 10:52 - 2014-03-21 15:21 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\MFAData 2014-10-18 10:48 - 2012-05-25 19:48 - 00000930 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-10-17 21:40 - 2013-12-14 19:09 - 00001036 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-10-17 21:34 - 2013-12-05 09:29 - 00001036 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cef18bcae6b12c.job 2014-10-17 18:55 - 2012-05-19 11:02 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help 2014-10-16 21:54 - 2013-08-14 14:29 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-10-16 21:54 - 2012-05-14 15:31 - 100290944 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-10-16 20:51 - 2012-05-19 11:08 - 00131072 _____ () C:\WINDOWS\system32\config\OAlerts.evt 2014-10-15 19:51 - 2014-08-10 09:58 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\TeamViewer 9 2014-10-15 19:51 - 2013-11-01 10:45 - 00000000 __RHD () C:\Documents and Settings\ROMAN SZ\Dane aplikacji 2014-10-15 19:51 - 2012-05-14 15:11 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy 2014-10-15 19:51 - 2012-05-14 15:11 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit 2014-10-14 12:49 - 2013-11-01 10:11 - 00000188 ___SH () C:\Documents and Settings\Rafal\ntuser.ini 2014-10-14 12:49 - 2013-11-01 10:11 - 00000000 ____D () C:\Documents and Settings\Rafal 2014-10-13 14:49 - 2012-05-14 14:45 - 00000188 ___SH () C:\Documents and Settings\UpdatusUser\ntuser.ini 2014-10-12 18:43 - 2012-05-14 15:09 - 00276560 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-10-12 16:59 - 2012-05-14 13:45 - 00000000 __SHD () C:\Documents and Settings\LocalService 2014-10-12 16:55 - 2013-11-01 10:45 - 00000000 ___HD () C:\Documents and Settings\ROMAN SZ\Ustawienia lokalne 2014-10-12 16:55 - 2013-11-01 10:11 - 00000000 ___HD () C:\Documents and Settings\Rafal\Ustawienia lokalne 2014-10-12 16:55 - 2012-05-14 13:44 - 00000000 ___HD () C:\Documents and Settings\NetworkService\Ustawienia lokalne 2014-10-12 16:54 - 2008-04-15 14:00 - 00000227 _____ () C:\WINDOWS\system.ini 2014-10-12 16:26 - 2014-06-26 09:30 - 00000000 ____D () C:\Documents and Settings\ROMAN SZ\Dane aplikacji\Skype 2014-10-12 16:26 - 2014-06-26 09:11 - 00000000 ____D () C:\Documents and Settings\ROMAN SZ\Dane aplikacji\TS3Client 2014-10-12 16:24 - 2014-03-08 08:43 - 00000000 ____D () C:\WINDOWS\Minidump 2014-10-12 16:24 - 2014-02-25 20:08 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\CCleaner 2014-10-12 16:23 - 2014-02-25 20:08 - 00000000 ____D () C:\Program Files\CCleaner 2014-10-11 11:51 - 2012-05-14 15:10 - 00000000 __RHD () C:\Documents and Settings\All Users\Dane aplikacji 2014-10-11 11:51 - 2012-05-14 13:46 - 00000000 __RHD () C:\Documents and Settings\stary profil roman\Dane aplikacji 2014-10-11 11:48 - 2012-05-14 13:45 - 00000000 ___HD () C:\Documents and Settings\LocalService\Ustawienia lokalne 2014-10-11 11:16 - 2012-05-14 15:08 - 00000327 __RSH () C:\boot.ini 2014-10-10 13:34 - 2013-11-01 10:47 - 00000000 ____D () C:\Documents and Settings\ROMAN SZ\Pulpit\Pendrive 12-09-2013 2014-10-08 16:43 - 2014-03-15 19:44 - 00000222 _____ () C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — co miesiąc.job 2014-10-04 19:03 - 2012-10-28 16:25 - 00000000 ____D () C:\Program Files\NosTale(PL) 2014-09-26 06:17 - 2012-05-14 15:37 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-09-22 18:02 - 2012-05-15 11:09 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Adobe 2014-09-22 14:46 - 2012-05-21 12:07 - 00000404 _____ () C:\WINDOWS\BRWMARK.INI 2014-09-22 05:35 - 2013-02-04 16:21 - 00000000 ____D () C:\Documents and Settings\stary profil roman\Pulpit\Dorota 2014-09-18 09:22 - 2014-09-08 16:29 - 00000000 ____D () C:\Documents and Settings\ROMAN SZ\Pulpit\Plany nauczania 2014-2015 ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================