Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-10-2014 Ran by admin (administrator) on V-DYREKCJA on 20-10-2014 17:25:29 Running from C:\Users\admin\Desktop Loaded Profile: admin (Available profiles: admin & nauczyciel & vice & Administrator) Platform: Microsoft® Windows Vista™ Business Service Pack 2 (X86) OS Language: Polski (Polska) Internet Explorer Version 9 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Windows\System32\SLsvc.exe (Arcabit) C:\Program Files\ArcaBit\Common\ArcaConfSV.exe (Arcabit) C:\Program Files\ArcaBit\ArcaAgent\ArcaRemoteSvc.exe (Arcabit) C:\Program Files\ArcaBit\ArcaUpdate\update.exe (Arcabit) C:\Program Files\ArcaBit\ArcaVir\ArcaMainSV.exe (ArcaBit) C:\Program Files\ArcaBit\Common\ArcaTasksService.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Arcabit) C:\Program Files\ArcaBit\ArcaVir\AVMenu.exe (Intel Corporation) C:\Program Files\Intel\AMT\LMS.exe (Intel Corporation) C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\conime.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation) HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [350072 2012-03-09] () HKLM\...\Run: [AvMenu] => C:\Program Files\ArcaBit\ArcaVir\AVMenu.exe [426664 2014-10-20] (Arcabit) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated) HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\S-1-5-21-3702316430-553723284-2002759146-1000\...\Policies\system: [NoDispScrSavPage] 0 HKU\S-1-5-21-3702316430-553723284-2002759146-1000\...\Policies\Explorer: [ForceStartMenuLogoff] 2 HKU\S-1-5-21-3702316430-553723284-2002759146-1000\...\Policies\Explorer: [NoFind] 0 HKU\S-1-5-21-3702316430-553723284-2002759146-1000\...\Policies\Explorer: [NoExpandedNewMenu] 0 HKU\S-1-5-21-3702316430-553723284-2002759146-1000\...\Policies\Explorer: [Btn_Search] 0 HKU\S-1-5-21-3702316430-553723284-2002759146-1000\...\Policies\Explorer: [Btn_Folders] 0 HKU\S-1-5-21-3702316430-553723284-2002759146-1000\...\Policies\Explorer: [Btn_Edit] 0 HKU\S-1-5-21-3702316430-553723284-2002759146-1000\...\Policies\Explorer: [Btn_Discussions] 0 HKU\S-1-5-21-3702316430-553723284-2002759146-1000\...\Policies\Explorer: [Btn_Encoding] 0 HKU\S-1-5-21-3702316430-553723284-2002759146-1000\...\Policies\Explorer: [Btn_Size] 0 HKU\S-1-5-21-3702316430-553723284-2002759146-1000\...\Policies\Explorer: [Btn_Fullscreen] 0 HKU\S-1-5-21-3702316430-553723284-2002759146-1000\...\Policies\Explorer: [Btn_Media] 0 HKU\S-1-5-21-3702316430-553723284-2002759146-1000\...\Policies\Explorer: [Btn_Print] 0 HKU\S-1-5-21-3702316430-553723284-2002759146-1000\...\Policies\Explorer: [Btn_History] 0 HKU\S-1-5-21-3702316430-553723284-2002759146-1000\...\Policies\Explorer: [Btn_Tools] 0 ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation) Tcpip\..\Interfaces\{AE977466-12F7-4233-BE4A-5D543AE227A9}: [NameServer] 192.168.2.1,8.8.8.8 FireFox: ======== FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\b59vzjmp.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_189.dll () FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Extension: Adblock Plus - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\b59vzjmp.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-16] FF Extension: ArcaBit Ext. - C:\Program Files\Mozilla Firefox\extensions\arcabit@www.arcabit.pl [2014-10-16] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-01-27] Chrome: ======= ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 ABConfSV; C:\Program Files\ArcaBit\Common\ArcaConfSV.exe [142384 2014-02-14] (Arcabit) R2 ABMainSV; C:\Program Files\ArcaBit\ArcaVir\ArcaMainSV.exe [162984 2014-02-14] (Arcabit) R2 ArcaRemoteService; C:\Program Files\ArcaBit\ArcaAgent\ArcaRemoteSvc.exe [570864 2014-10-16] (Arcabit) S2 AVBackup; C:\Program Files\ArcaBit\ArcaTools\ArcaBackup\ArcaBackupService.exe [187704 2014-02-14] (Arcabit) R2 AVTasks2; C:\Program Files\ArcaBit\Common\ArcaTasksService.exe [130024 2014-10-16] (ArcaBit) R2 AVUpdate; C:\Program Files\ArcaBit\ArcaUpdate\update.exe [208304 2014-10-16] (Arcabit) R2 UNS; C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2071064 2010-05-21] (Intel Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 ABFLT; C:\Program Files\ArcaBit\ArcaVir\ABFLT.sys [66800 2014-01-29] (ArcaBit) S3 ABndis; C:\Windows\System32\DRIVERS\abndis.sys [41712 2014-01-29] (ArcaBit) R3 ABndisMP; C:\Windows\System32\DRIVERS\abndis.sys [41712 2014-01-29] (ArcaBit) R1 arcawfp; C:\Windows\System32\drivers\arcawfp.sys [54200 2014-02-14] (NetFilterSDK.com) R3 e1kexpress; C:\Windows\System32\DRIVERS\e1k6032.sys [202408 2010-04-06] (Intel Corporation) R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2013-11-26] (Samsung Electronics) [File not signed] S1 ABTDI; \??\C:\Program Files\ArcaBit\ArcaVir\ABTDI.sys [X] S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X] S3 IpInIp; system32\DRIVERS\ipinip.sys [X] S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X] S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-20 17:25 - 2014-10-20 17:25 - 00007970 _____ () C:\Users\admin\Desktop\FRST.txt 2014-10-20 17:23 - 2014-10-20 17:25 - 00000000 ____D () C:\FRST 2014-10-20 17:22 - 2014-10-20 17:22 - 01102848 _____ (Farbar) C:\Users\admin\Desktop\FRST.exe 2014-10-20 17:17 - 2014-10-20 17:18 - 39063458 _____ () C:\Users\admin\Desktop\bootlog.zip 2014-10-20 17:10 - 2014-10-20 17:10 - 00000000 ____D () C:\Users\admin\Downloads\ProcessMonitor 2014-10-20 16:44 - 2014-10-20 16:44 - 00000000 ____D () C:\Users\admin\Downloads\Autoruns 2014-10-20 16:40 - 2014-10-20 16:40 - 00001010 _____ () C:\Users\admin\Desktop\SID.txt 2014-10-20 16:39 - 2014-10-20 16:40 - 00001385 _____ () C:\Users\admin\Downloads\sid.vbs 2014-10-20 08:50 - 2014-10-20 09:22 - 00002361 _____ () C:\Windows\setupact.log 2014-10-20 08:50 - 2014-10-20 08:50 - 00000000 _____ () C:\Windows\setuperr.log 2014-10-20 08:47 - 2014-10-20 08:47 - 00000000 ____D () C:\Users\nauczyciel\AppData\Roaming\Macromedia 2014-10-20 08:47 - 2014-10-20 08:47 - 00000000 ____D () C:\Users\nauczyciel\AppData\Local\Macromedia 2014-10-17 18:34 - 2014-10-17 18:34 - 00000000 ____D () C:\Users\vice\AppData\Roaming\vlc 2014-10-17 18:31 - 2014-10-17 18:31 - 00000000 ____D () C:\Users\vice\AppData\Roaming\Mozilla 2014-10-17 18:31 - 2014-10-17 18:31 - 00000000 ____D () C:\Users\vice\AppData\Local\Mozilla 2014-10-17 18:30 - 2014-10-17 18:30 - 00000000 ____D () C:\Users\vice\AppData\Roaming\PhotoFiltre 7 2014-10-17 18:30 - 2014-10-17 18:30 - 00000000 ____D () C:\Users\vice\AppData\Roaming\LibreOffice 2014-10-17 18:27 - 2014-10-17 18:27 - 00000949 _____ () C:\Users\vice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-10-17 18:27 - 2014-10-17 18:27 - 00000944 _____ () C:\Users\vice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2014-10-17 18:27 - 2014-10-17 18:27 - 00000000 ____D () C:\Users\vice\AppData\Roaming\Samsung 2014-10-17 18:26 - 2014-10-17 18:27 - 00000000 ____D () C:\Users\vice 2014-10-17 18:26 - 2014-10-17 18:26 - 00000915 _____ () C:\Users\vice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk 2014-10-17 18:26 - 2014-10-17 18:26 - 00000020 ___SH () C:\Users\vice\ntuser.ini 2014-10-17 18:26 - 2014-10-17 18:26 - 00000000 _SHDL () C:\Users\vice\Ustawienia lokalne 2014-10-17 18:26 - 2014-10-17 18:26 - 00000000 _SHDL () C:\Users\vice\Szablony 2014-10-17 18:26 - 2014-10-17 18:26 - 00000000 _SHDL () C:\Users\vice\Moje dokumenty 2014-10-17 18:26 - 2014-10-17 18:26 - 00000000 _SHDL () C:\Users\vice\Menu Start 2014-10-17 18:26 - 2014-10-17 18:26 - 00000000 _SHDL () C:\Users\vice\Documents\Moje wideo 2014-10-17 18:26 - 2014-10-17 18:26 - 00000000 _SHDL () C:\Users\vice\Documents\Moje obrazy 2014-10-17 18:26 - 2014-10-17 18:26 - 00000000 _SHDL () C:\Users\vice\Documents\Moja muzyka 2014-10-17 18:26 - 2014-10-17 18:26 - 00000000 _SHDL () C:\Users\vice\Dane aplikacji 2014-10-17 18:26 - 2014-10-17 18:26 - 00000000 _SHDL () C:\Users\vice\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2014-10-17 18:26 - 2014-10-17 18:26 - 00000000 _SHDL () C:\Users\vice\AppData\Local\Historia 2014-10-17 18:26 - 2014-10-17 18:26 - 00000000 _SHDL () C:\Users\vice\AppData\Local\Dane aplikacji 2014-10-17 18:26 - 2014-10-17 18:26 - 00000000 ____D () C:\Users\vice\AppData\Local\VirtualStore 2014-10-17 18:26 - 2014-01-28 19:05 - 00000000 ___RD () C:\Users\vice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-10-17 18:26 - 2014-01-28 19:05 - 00000000 ___RD () C:\Users\vice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-10-17 18:25 - 2014-10-20 17:02 - 00012396 _____ () C:\Windows\PFRO.log 2014-10-17 17:54 - 2014-10-17 18:37 - 00000000 ____D () C:\Users\nauczyciel\AppData\Roaming\Samsung 2014-10-17 17:36 - 2014-10-17 17:36 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Samsung 2014-10-17 17:36 - 2014-10-17 17:36 - 00000000 ____D () C:\Program Files\Common Files\Common Desktop Agent 2014-10-17 17:35 - 2014-10-17 17:35 - 00000000 ____D () C:\Program Files\Common Files\Scan Process Machine 2014-10-17 17:34 - 2014-10-17 17:36 - 00000000 ____D () C:\ProgramData\Samsung 2014-10-17 17:33 - 2014-08-13 08:02 - 02277376 _____ () C:\Windows\system32\eed_ec.dll 2014-10-17 17:33 - 2014-08-13 08:02 - 00686896 _____ (Samsung Electronics) C:\Windows\system32\eed_sl.exe 2014-10-17 17:33 - 2013-07-20 13:14 - 00000273 _____ () C:\Windows\system32\eed_sl.exe.config 2014-10-17 17:33 - 2012-12-07 11:15 - 00212600 _____ () C:\Windows\system32\SBuySupplies.exe 2014-10-17 17:33 - 2012-01-13 10:29 - 00151552 _____ (SS) C:\Windows\system32\ssl1cci.exe 2014-10-17 17:33 - 2012-01-13 10:29 - 00065536 _____ (SS) C:\Windows\system32\ssl1cci.dll 2014-10-17 17:33 - 2012-01-13 10:29 - 00024064 _____ () C:\Windows\system32\ssl1clm.dll 2014-10-17 17:33 - 2012-01-13 10:29 - 00000361 _____ () C:\Windows\system32\ssl1clm.smt 2014-10-17 17:32 - 2014-07-19 01:08 - 00087552 ____N () C:\Windows\system32\ssdevm64.dll 2014-10-17 17:30 - 2014-10-17 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers 2014-10-17 17:30 - 2014-10-17 17:35 - 00000000 ____D () C:\Program Files\Samsung 2014-10-17 17:30 - 2014-07-19 01:10 - 00094208 ____N () C:\Windows\system32\ssdevm.dll 2014-10-17 17:30 - 2014-03-27 07:17 - 02730304 ____N () C:\Windows\TotalUninstaller.exe 2014-10-17 17:30 - 2014-03-27 07:17 - 00497984 _____ () C:\Windows\ssndii.exe 2014-10-17 17:30 - 2011-09-16 06:35 - 00049152 _____ (Samsung Electronics) C:\Windows\system32\Ssusbpn.dll 2014-10-17 17:04 - 2014-06-27 00:17 - 00619664 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe 2014-10-17 17:04 - 2014-06-27 00:17 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll 2014-10-17 17:04 - 2014-06-27 00:17 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll 2014-10-17 17:04 - 2014-06-06 06:28 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe 2014-10-17 17:03 - 2014-06-16 00:18 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll 2014-10-17 17:03 - 2014-06-13 20:22 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll 2014-10-17 17:03 - 2014-06-13 20:22 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll 2014-10-17 16:58 - 2014-08-23 03:03 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-10-17 16:57 - 2014-09-28 01:29 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-10-17 16:54 - 2014-09-05 01:27 - 00143360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys 2014-10-17 16:53 - 2014-09-16 18:56 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2014-10-17 16:49 - 2014-09-20 00:53 - 12364288 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-10-17 16:49 - 2014-09-20 00:44 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-10-17 16:49 - 2014-09-20 00:41 - 09739776 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-10-17 16:49 - 2014-09-20 00:39 - 01138688 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-10-17 16:49 - 2014-09-20 00:38 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-10-17 16:49 - 2014-09-20 00:37 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-10-17 16:49 - 2014-09-20 00:36 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-10-17 16:49 - 2014-09-20 00:36 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-10-17 16:49 - 2014-09-20 00:36 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-10-17 16:49 - 2014-09-20 00:35 - 01802752 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-10-17 16:49 - 2014-09-20 00:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-10-17 16:49 - 2014-09-20 00:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-10-17 16:49 - 2014-09-20 00:35 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-10-17 16:49 - 2014-09-20 00:35 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2014-10-17 16:49 - 2014-09-20 00:34 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-10-17 16:49 - 2014-09-20 00:34 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-10-17 16:49 - 2014-09-20 00:34 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-10-17 16:49 - 2014-09-20 00:34 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-10-17 16:49 - 2014-09-20 00:34 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2014-10-17 16:49 - 2014-09-20 00:34 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2014-10-17 16:49 - 2014-09-20 00:33 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-10-17 16:49 - 2014-06-14 02:44 - 00638400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2014-10-17 16:49 - 2014-06-14 02:33 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll 2014-10-17 16:49 - 2014-06-02 12:31 - 02263552 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-10-17 16:49 - 2014-06-02 12:31 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll 2014-10-17 16:49 - 2014-06-02 12:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2014-10-17 16:49 - 2014-06-02 12:30 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll 2014-10-17 16:49 - 2014-06-02 10:56 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2014-10-17 16:48 - 2014-06-06 10:59 - 00506880 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-10-17 16:48 - 2014-05-30 08:53 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2014-10-17 16:48 - 2014-04-26 18:01 - 00502784 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2014-10-17 16:48 - 2014-04-05 04:42 - 00905664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2014-10-17 16:48 - 2014-03-25 15:26 - 11587584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-10-17 16:48 - 2014-03-10 03:22 - 01401344 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2014-10-17 16:48 - 2014-03-10 03:22 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-10-17 16:48 - 2014-02-06 03:56 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2014-10-17 16:45 - 2014-01-30 09:46 - 00876032 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2014-10-16 19:23 - 2014-10-16 19:23 - 00000000 ____D () C:\Users\admin\AppData\Roaming\vlc 2014-10-16 19:10 - 2014-10-16 19:11 - 00000000 ____D () C:\Users\admin\AppData\Roaming\PhotoFiltre 7 2014-10-16 18:48 - 2014-10-16 18:48 - 00000000 ____D () C:\Users\nauczyciel\AppData\Roaming\Adobe 2014-10-16 18:48 - 2014-10-16 18:48 - 00000000 ____D () C:\Users\nauczyciel\AppData\Local\Adobe 2014-10-16 18:47 - 2014-10-16 18:47 - 00000000 ____D () C:\Users\nauczyciel\AppData\Roaming\vlc 2014-10-16 18:46 - 2014-10-16 18:46 - 00000000 ____D () C:\Users\nauczyciel\AppData\Roaming\Mozilla 2014-10-16 18:46 - 2014-10-16 18:46 - 00000000 ____D () C:\Users\nauczyciel\AppData\Roaming\LibreOffice 2014-10-16 18:46 - 2014-10-16 18:46 - 00000000 ____D () C:\Users\nauczyciel\AppData\Local\Mozilla 2014-10-16 18:45 - 2014-10-16 18:45 - 00000000 ____D () C:\Users\nauczyciel\AppData\Roaming\PhotoFiltre 7 2014-10-16 18:44 - 2014-10-16 18:44 - 00000949 _____ () C:\Users\nauczyciel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-10-16 18:44 - 2014-10-16 18:44 - 00000944 _____ () C:\Users\nauczyciel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2014-10-16 18:44 - 2014-10-16 18:44 - 00000915 _____ () C:\Users\nauczyciel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk 2014-10-16 18:43 - 2014-10-16 18:44 - 00000000 ____D () C:\Users\nauczyciel 2014-10-16 18:43 - 2014-10-16 18:43 - 00000020 ___SH () C:\Users\nauczyciel\ntuser.ini 2014-10-16 18:43 - 2014-10-16 18:43 - 00000000 _SHDL () C:\Users\nauczyciel\Ustawienia lokalne 2014-10-16 18:43 - 2014-10-16 18:43 - 00000000 _SHDL () C:\Users\nauczyciel\Szablony 2014-10-16 18:43 - 2014-10-16 18:43 - 00000000 _SHDL () C:\Users\nauczyciel\Moje dokumenty 2014-10-16 18:43 - 2014-10-16 18:43 - 00000000 _SHDL () C:\Users\nauczyciel\Menu Start 2014-10-16 18:43 - 2014-10-16 18:43 - 00000000 _SHDL () C:\Users\nauczyciel\Documents\Moje wideo 2014-10-16 18:43 - 2014-10-16 18:43 - 00000000 _SHDL () C:\Users\nauczyciel\Documents\Moje obrazy 2014-10-16 18:43 - 2014-10-16 18:43 - 00000000 _SHDL () C:\Users\nauczyciel\Documents\Moja muzyka 2014-10-16 18:43 - 2014-10-16 18:43 - 00000000 _SHDL () C:\Users\nauczyciel\Dane aplikacji 2014-10-16 18:43 - 2014-10-16 18:43 - 00000000 _SHDL () C:\Users\nauczyciel\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2014-10-16 18:43 - 2014-10-16 18:43 - 00000000 _SHDL () C:\Users\nauczyciel\AppData\Local\Historia 2014-10-16 18:43 - 2014-10-16 18:43 - 00000000 _SHDL () C:\Users\nauczyciel\AppData\Local\Dane aplikacji 2014-10-16 18:43 - 2014-10-16 18:43 - 00000000 ____D () C:\Users\nauczyciel\AppData\Local\VirtualStore 2014-10-16 18:43 - 2014-01-28 19:05 - 00000000 ___RD () C:\Users\nauczyciel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-10-16 18:43 - 2014-01-28 19:05 - 00000000 ___RD () C:\Users\nauczyciel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-10-16 18:33 - 2014-10-16 19:25 - 00001729 _____ () C:\Users\Public\Desktop\VLC media player.lnk 2014-10-16 18:33 - 2014-10-16 18:33 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\vlc 2014-10-16 18:33 - 2014-10-16 18:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2014-10-16 18:32 - 2014-10-16 18:32 - 00000000 ____D () C:\Program Files\VideoLAN 2014-10-16 18:27 - 2014-10-16 18:27 - 00000859 _____ () C:\Users\Public\Desktop\PhotoFiltre.lnk 2014-10-16 18:25 - 2014-10-16 18:25 - 00000000 ____D () C:\Program Files\ProcessExplorer 2014-10-16 18:24 - 2014-10-16 18:24 - 00000000 ____D () C:\Program Files\PhotoFiltre 7 2014-10-16 18:24 - 2014-10-16 18:24 - 00000000 ____D () C:\Program Files\hw32_444 2014-10-16 18:16 - 2014-10-20 17:20 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-10-16 18:11 - 2014-10-16 18:11 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Macromedia 2014-10-16 18:11 - 2014-10-16 18:11 - 00000000 ____D () C:\Program Files\Common Files\Java 2014-10-16 18:10 - 2014-10-16 18:10 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll 2014-10-16 18:10 - 2014-10-16 18:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-10-16 18:09 - 2014-10-16 18:09 - 00000000 ____D () C:\Program Files\Java 2014-10-16 17:16 - 2014-10-16 17:16 - 00000000 ____D () C:\Program Files\Mozilla Firefox ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-20 17:17 - 2006-11-02 14:52 - 00448017 _____ () C:\Windows\WindowsUpdate.log 2014-10-20 17:13 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-10-20 17:13 - 2006-11-02 14:47 - 00004496 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2014-10-20 17:13 - 2006-11-02 14:47 - 00004496 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2014-10-20 17:12 - 2006-11-02 15:01 - 00030700 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-10-20 09:39 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET 2014-10-20 09:23 - 2006-12-05 07:23 - 00714342 _____ () C:\Windows\system32\perfh015.dat 2014-10-20 09:23 - 2006-12-05 07:23 - 00151214 _____ () C:\Windows\system32\perfc015.dat 2014-10-20 09:23 - 2006-11-02 12:33 - 01614758 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-10-17 17:35 - 2006-11-02 13:18 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared 2014-10-17 17:34 - 2014-01-22 18:28 - 00000000 ____D () C:\Users\admin 2014-10-17 17:30 - 2006-11-02 14:37 - 00000000 ____D () C:\Windows\twain_32 2014-10-17 17:24 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\rescache 2014-10-17 17:08 - 2006-11-02 14:47 - 00284608 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-10-17 17:07 - 2006-11-02 14:37 - 00000000 ____D () C:\Program Files\Windows Journal 2014-10-17 17:07 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\pl-PL 2014-10-17 16:57 - 2014-01-27 20:01 - 00000000 ____D () C:\Windows\system32\MRT 2014-10-16 19:14 - 2014-01-22 18:28 - 00061504 _____ () C:\Users\admin\AppData\Local\GDIPFONTCACHEV1.DAT 2014-10-16 18:21 - 2014-01-28 19:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2014-10-16 18:21 - 2014-01-28 19:47 - 00000000 ____D () C:\Program Files\CCleaner 2014-10-16 18:18 - 2014-01-29 18:52 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Adobe 2014-10-16 18:18 - 2014-01-27 19:30 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2014-10-16 18:18 - 2014-01-27 19:30 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2014-10-16 18:11 - 2014-03-05 18:14 - 00000000 ____D () C:\ProgramData\Oracle 2014-10-16 17:41 - 2014-01-22 18:33 - 00061504 _____ () C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT 2014-10-16 17:33 - 2014-01-29 18:54 - 00002425 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk 2014-10-16 17:28 - 2014-01-28 18:07 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-10-03 10:03 - 2006-11-02 12:24 - 100290944 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-10-20 17:20 ==================== End Of Log ============================