Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-10-2014 Ran by ROMAN SZ (administrator) on AMD on 22-10-2014 20:29:21 Running from C:\FRST Loaded Profiles: UpdatusUser & ROMAN SZ (Available profiles: UpdatusUser & Rafal & ROMAN SZ & Dzieci & Administrator) Platform: Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polski Internet Explorer Version 8 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG2015\avgrsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcsrvx.exe (Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgnsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgemcx.exe (Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe (Acronis) C:\Program Files\Acronis\DriveMonitor\adm_tray.exe (Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Brother Industries, Ltd.) C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe (Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcMon.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\tv_w32.exe (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Desktop.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [NVMixerTray] => C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe [131072 2004-12-20] (NVIDIA Corporation) HKLM\...\Run: [BrMfcWnd] => C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [663552 2007-03-12] (Brother Industries, Ltd.) HKLM\...\Run: [ControlCenter3] => C:\Program Files\Brother\ControlCenter3\brctrcen.exe [65536 2007-01-26] (Brother Industries, Ltd.) HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3593744 2014-09-05] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [adm_tray.exe] => C:\Program Files\Acronis\DriveMonitor\adm_tray.exe [466768 2011-02-24] (Acronis) HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [365632 2011-02-12] (Acronis) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated) HKLM\...\Winlogon: [UIHost] C:\WINDOWS\system32\logonui.exe [515072 2008-04-15] ( (Microsoft Corporation)) HKU\S-1-5-21-823518204-1708537768-1801674531-1558\...\Run: [ChomikBox] => C:\Program Files\ChomikBox\ChomikBox.exe [5979648 2012-11-15] ( ) HKU\S-1-5-21-823518204-1708537768-1801674531-1558\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4811032 2014-09-26] (Piriform Ltd) ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google) ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google) ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google) ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google) ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google) ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google) ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.) BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2015\avgrsx.exe /sync /restart ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.pl/ SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM - {63B44C36-0713-1476-622D-2D3FEE94EBD8} URL = BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO: Skype Plug-In -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1337000629953 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4 FireFox: ======== FF ProfilePath: C:\Documents and Settings\ROMAN SZ\Dane aplikacji\Mozilla\Firefox\Profiles\8xzqz7xd.default-1413022292703 FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\ROMAN SZ\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) Chrome: ======= CHR HomePage: Default -> hxxp://pl.msn.com/?pc=UP97&ocid=UP97DHP CHR StartupUrls: Default -> "hxxp://www.wp.pl/" CHR DefaultSearchKeyword: Default -> bing.com_ CHR DefaultSearchURL: Default -> http://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms} CHR DefaultSuggestURL: Default -> http://api.bing.com/osjson.aspx?query={searchTerms}&language={language}&form=UP97DF&PC=UP97 CHR Profile: C:\Documents and Settings\ROMAN SZ\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default CHR Extension: (Dokumenty Google) - C:\Documents and Settings\ROMAN SZ\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-16] CHR Extension: (Google Wallet) - C:\Documents and Settings\ROMAN SZ\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-08] CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-04-15] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [660576 2011-02-12] (Acronis) R2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3364368 2014-09-05] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [293448 2014-09-05] (AVG Technologies CZ, s.r.o.) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriverl; C:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys [192280 2014-07-24] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [147736 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [193304 2014-08-20] (AVG Technologies CZ, s.r.o.) R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [230680 2014-07-18] (AVG Technologies CZ, s.r.o.) R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [98584 2014-08-06] (AVG Technologies CZ, s.r.o.) R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [199448 2014-07-02] (AVG Technologies CZ, s.r.o.) R3 BrScnUsb; C:\WINDOWS\System32\DRIVERS\BrScnUsb.sys [15295 2004-10-15] (Brother Industries Ltd.) R3 EL90XBC; C:\WINDOWS\System32\DRIVERS\el90xbc5.sys [66591 2001-08-17] (3Com Corporation) R3 irsir; C:\WINDOWS\System32\DRIVERS\irsir.sys [18688 2001-08-17] (Microsoft Corporation) R0 nvatabus; C:\WINDOWS\System32\DRIVERS\nvatabus.sys [88960 2005-01-20] (NVIDIA Corporation) R3 nvax; C:\WINDOWS\System32\drivers\nvax.sys [53376 2005-01-26] (NVIDIA Corporation) R3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [33408 2005-01-13] (NVIDIA Corporation) R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [12928 2005-01-13] (NVIDIA Corporation) R3 nvnforce; C:\WINDOWS\System32\drivers\nvapu.sys [414336 2005-01-26] (NVIDIA Corporation) R3 Rasirda; C:\WINDOWS\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation) R2 StarOpen; C:\WINDOWS\system32\Drivers\StarOpen.sys [5504 2012-06-03] () [File not signed] S4 IntelIde; No ImagePath ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-22 20:07 - 2014-10-22 20:07 - 00000000 ____D () C:\Documents and Settings\ROMAN SZ\Pulpit\FRST-OlderVersion 2014-10-22 20:05 - 2014-10-22 20:05 - 00701104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2014-10-22 20:05 - 2014-10-22 20:05 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2014-10-22 20:05 - 2014-10-22 20:05 - 00000930 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-10-22 20:01 - 2014-10-22 20:01 - 00001804 _____ () C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Reader XI.lnk 2014-10-22 20:01 - 2014-10-22 20:01 - 00001740 _____ () C:\Documents and Settings\All Users\Pulpit\Adobe Reader XI.lnk 2014-10-22 20:01 - 2014-10-22 20:01 - 00000000 ____D () C:\Program Files\Common Files\Adobe 2014-10-22 20:01 - 2014-10-22 20:01 - 00000000 ____D () C:\Program Files\Adobe 2014-10-22 19:53 - 2014-10-22 20:09 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-10-22 19:49 - 2014-10-22 19:50 - 00000000 ____D () C:\Documents and Settings\ROMAN SZ\Dane aplikacji\FileZilla 2014-10-22 19:49 - 2014-10-22 19:49 - 04968079 _____ (Tim Kosse) C:\Documents and Settings\ROMAN SZ\Pulpit\FileZilla_3.8.0_win32-setup.exe 2014-10-20 21:46 - 2014-10-20 21:46 - 00000000 ____D () C:\Documents and Settings\ROMAN SZ\Dane aplikacji\AVG2015 2014-10-20 21:45 - 2014-10-20 21:45 - 00007843 _____ () C:\WINDOWS\setupapi.log 2014-10-20 21:45 - 2014-10-20 21:45 - 00000738 _____ () C:\Documents and Settings\All Users\Pulpit\AVG 2015.lnk 2014-10-20 21:44 - 2014-10-20 21:46 - 00000000 ___HD () C:\$AVG 2014-10-20 21:43 - 2014-10-20 21:45 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\AVG2015 2014-10-18 11:41 - 2014-10-18 11:42 - 00001825 _____ () C:\Documents and Settings\Dzieci\Pulpit\Google Chrome.lnk 2014-10-18 11:41 - 2014-10-18 11:41 - 00000809 _____ () C:\Documents and Settings\Dzieci\Menu Start\Programy\Internet Explorer.lnk 2014-10-18 11:41 - 2014-10-18 11:41 - 00000744 _____ () C:\Documents and Settings\Dzieci\Menu Start\Programy\Outlook Express.lnk 2014-10-18 11:41 - 2014-10-18 11:41 - 00000000 ____D () C:\Documents and Settings\Dzieci\Dane aplikacji\Macromedia 2014-10-18 11:41 - 2014-10-18 11:41 - 00000000 ____D () C:\Documents and Settings\Dzieci\Dane aplikacji\Adobe 2014-10-18 11:40 - 2014-10-20 21:49 - 00000000 __RHD () C:\Documents and Settings\Dzieci\Dane aplikacji 2014-10-18 11:40 - 2014-10-18 11:42 - 00000188 ___SH () C:\Documents and Settings\Dzieci\ntuser.ini 2014-10-18 11:40 - 2014-10-18 11:41 - 00000794 _____ () C:\Documents and Settings\Dzieci\Menu Start\Programy\Windows Media Player.lnk 2014-10-18 11:40 - 2014-10-18 11:41 - 00000000 ___RD () C:\Documents and Settings\Dzieci\Ulubione 2014-10-18 11:40 - 2014-10-18 11:41 - 00000000 ___RD () C:\Documents and Settings\Dzieci\Moje dokumenty 2014-10-18 11:40 - 2014-10-18 11:41 - 00000000 ___RD () C:\Documents and Settings\Dzieci\Menu Start\Programy\Akcesoria 2014-10-18 11:40 - 2014-10-18 11:41 - 00000000 ___RD () C:\Documents and Settings\Dzieci\Menu Start\Programy 2014-10-18 11:40 - 2014-10-18 11:41 - 00000000 ____D () C:\Documents and Settings\Dzieci\Pulpit 2014-10-18 11:40 - 2014-10-18 11:40 - 00000000 ____D () C:\Documents and Settings\Dzieci 2014-10-18 11:40 - 2014-03-25 14:00 - 00000000 ____D () C:\Documents and Settings\Dzieci\Dane aplikacji\TuneUp Software 2014-10-18 11:40 - 2013-07-11 22:25 - 00000000 __SHD () C:\Documents and Settings\Dzieci\IETldCache 2014-10-18 11:40 - 2013-06-19 20:30 - 00000000 ___HD () C:\Documents and Settings\Dzieci\Ustawienia lokalne 2014-10-18 11:40 - 2012-05-14 15:11 - 00000000 ___RD () C:\Documents and Settings\Dzieci\Menu Start\Programy\Autostart 2014-10-18 11:40 - 2012-05-14 15:11 - 00000000 ___RD () C:\Documents and Settings\Dzieci\Menu Start 2014-10-18 11:40 - 2012-05-14 13:38 - 00001599 _____ () C:\Documents and Settings\Dzieci\Menu Start\Programy\Pomoc zdalna.lnk 2014-10-18 11:40 - 2012-05-14 13:35 - 00000000 ___HD () C:\Documents and Settings\Dzieci\Szablony 2014-10-16 21:54 - 2014-10-16 21:54 - 00000000 ____D () C:\0e72485fe755a41c7745972623b1aa 2014-10-15 22:02 - 2014-10-16 21:21 - 00000488 _____ () C:\defogger_disable.log 2014-10-15 22:02 - 2014-10-15 22:02 - 00000000 _____ () C:\Documents and Settings\Administrator\defogger_reenable 2014-10-15 21:59 - 2014-10-15 21:59 - 00050477 _____ () C:\start.exe 2014-10-15 20:57 - 2014-10-15 20:13 - 00380416 _____ () C:\hdi96mt6.exe 2014-10-15 20:34 - 2014-10-15 20:34 - 00380416 _____ () C:\Documents and Settings\ROMAN SZ\Pulpit\gmer.exe 2014-10-15 20:13 - 2014-10-15 20:13 - 00380416 _____ () C:\Documents and Settings\ROMAN SZ\Pulpit\hdi96mt6.exe 2014-10-15 20:12 - 2014-10-15 20:12 - 00000000 ____D () C:\Documents and Settings\ROMAN SZ\Pulpit\Do robienia logów na wirusy 2014-10-15 20:06 - 2014-10-22 20:29 - 00000000 ____D () C:\FRST 2014-10-15 19:51 - 2014-10-15 19:51 - 00000000 ____D () C:\Documents and Settings\ROMAN SZ\Dane aplikacji\TeamViewer 2014-10-13 11:28 - 2014-10-13 10:35 - 00010705 _____ () C:\Documents and Settings\ROMAN SZ\Pulpit\Usterki mechatronika.xlsx 2014-10-12 17:24 - 2014-10-12 17:24 - 00000833 _____ () C:\Documents and Settings\ROMAN SZ\Pulpit\TeamViewer 9 (2).lnk 2014-10-12 17:00 - 2014-10-22 20:27 - 00000430 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.ics 2014-10-12 16:59 - 2014-10-22 20:27 - 00000259 _____ () C:\WINDOWS\wiadebug.log 2014-10-12 16:59 - 2014-10-22 20:26 - 00000050 _____ () C:\WINDOWS\wiaservc.log 2014-10-12 16:59 - 2014-10-22 20:22 - 00032466 _____ () C:\WINDOWS\SchedLgU.Txt 2014-10-12 16:59 - 2014-10-12 16:59 - 00000000 ____N () C:\WINDOWS\Sti_Trace.log 2014-10-12 16:45 - 2014-10-22 20:27 - 00373395 _____ () C:\WINDOWS\WindowsUpdate.log 2014-10-12 16:28 - 2014-10-12 16:28 - 00003096 _____ () C:\wirus jak usunac.txt 2014-10-12 16:24 - 2014-10-12 16:24 - 00000688 _____ () C:\Documents and Settings\All Users\Pulpit\CCleaner.lnk 2014-10-11 11:49 - 2014-10-11 12:48 - 00000000 ____D () C:\AdwCleaner 2014-10-11 11:16 - 2014-10-11 11:49 - 00000000 ____D () C:\Documents and Settings\Administrator\Dane aplikacji\Adobe 2014-10-11 11:16 - 2014-10-11 11:16 - 00000000 _RSHD () C:\cmdcons 2014-10-11 11:16 - 2014-10-11 11:16 - 00000000 __SHD () C:\Documents and Settings\Administrator\PrivacIE 2014-10-11 11:16 - 2014-10-11 11:16 - 00000000 __SHD () C:\Documents and Settings\Administrator\IECompatCache 2014-10-11 11:16 - 2014-02-25 20:04 - 00000211 _____ () C:\Boot.bak 2014-10-11 11:16 - 2004-08-03 23:00 - 00262400 __RSH () C:\cmldr 2014-10-11 11:10 - 2014-10-11 11:10 - 00000000 ___RD () C:\Documents and Settings\Administrator\Menu Start\Programy\Narzędzia administracyjne 2014-10-11 11:09 - 2014-10-16 21:03 - 00000188 ___SH () C:\Documents and Settings\Administrator\ntuser.ini 2014-10-11 11:09 - 2014-10-15 22:02 - 00000000 ____D () C:\Documents and Settings\Administrator 2014-10-11 11:09 - 2014-10-12 16:55 - 00000000 ___HD () C:\Documents and Settings\Administrator\Ustawienia lokalne 2014-10-11 11:09 - 2014-10-11 11:31 - 00000000 __RHD () C:\Documents and Settings\Administrator\Dane aplikacji 2014-10-11 11:09 - 2014-10-11 11:16 - 00000000 ____D () C:\Documents and Settings\Administrator\Ulubione 2014-10-11 11:09 - 2014-10-11 11:10 - 00000000 ___RD () C:\Documents and Settings\Administrator\Menu Start\Programy 2014-10-11 11:09 - 2014-10-11 11:10 - 00000000 ____D () C:\Documents and Settings\Administrator\Moje dokumenty 2014-10-11 11:09 - 2014-10-11 11:09 - 00000000 ____D () C:\WINDOWS\CSC 2014-10-11 11:09 - 2014-03-25 14:00 - 00000000 ____D () C:\Documents and Settings\Administrator\Dane aplikacji\TuneUp Software 2014-10-11 11:09 - 2013-07-11 22:25 - 00000000 __SHD () C:\Documents and Settings\Administrator\IETldCache 2014-10-11 11:09 - 2012-05-14 15:11 - 00000000 ___RD () C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart 2014-10-11 11:09 - 2012-05-14 15:11 - 00000000 ___RD () C:\Documents and Settings\Administrator\Menu Start 2014-10-11 11:09 - 2012-05-14 15:11 - 00000000 ____D () C:\Documents and Settings\Administrator\Pulpit 2014-10-11 11:09 - 2012-05-14 13:38 - 00001599 _____ () C:\Documents and Settings\Administrator\Menu Start\Programy\Pomoc zdalna.lnk 2014-10-11 11:09 - 2012-05-14 13:38 - 00000792 _____ () C:\Documents and Settings\Administrator\Menu Start\Programy\Windows Media Player.lnk 2014-10-11 11:09 - 2012-05-14 13:38 - 00000000 ___RD () C:\Documents and Settings\Administrator\Menu Start\Programy\Akcesoria 2014-10-11 11:09 - 2012-05-14 13:35 - 00000000 ___HD () C:\Documents and Settings\Administrator\Szablony 2014-10-09 18:41 - 2014-10-10 15:27 - 00000000 ____D () C:\Documents and Settings\ROMAN SZ\Pulpit\M12 2014-09-24 20:29 - 2014-09-24 20:33 - 00000055 _____ () C:\Documents and Settings\ROMAN SZ\log.csv 2014-09-22 18:04 - 2014-09-22 18:04 - 01240450 _____ () C:\Documents and Settings\ROMAN SZ\Pulpit\Wniosek wizowy - Ambasada Republiki Białoruś w Rzeczypospolitej Polskiej.htm 2014-09-22 18:04 - 2014-09-22 18:04 - 00000000 ____D () C:\Documents and Settings\ROMAN SZ\Pulpit\Wniosek wizowy - Ambasada Republiki Białoruś w Rzeczypospolitej Polskiej_pliki 2014-09-22 05:29 - 2014-09-22 06:19 - 00000000 ____D () C:\Documents and Settings\ROMAN SZ\Pulpit\Dokumenty 2014-2015 ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-22 20:29 - 2012-05-15 11:06 - 00000000 ____D () C:\TEMP 2014-10-22 20:27 - 2014-05-21 15:36 - 00000000 ____D () C:\Documents and Settings\ROMAN SZ\.gstreamer-0.10 2014-10-22 20:27 - 2008-04-15 14:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl 2014-10-22 20:26 - 2014-03-15 19:44 - 00000228 _____ () C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job 2014-10-22 20:26 - 2013-12-14 19:09 - 00001032 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-10-22 20:26 - 2013-12-05 09:29 - 00001032 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cef18bcaab1662.job 2014-10-22 20:26 - 2012-05-14 13:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-10-22 20:25 - 2013-11-01 10:45 - 00000188 ___SH () C:\Documents and Settings\ROMAN SZ\ntuser.ini 2014-10-22 20:09 - 2012-05-14 15:10 - 00000000 __RHD () C:\Documents and Settings\All Users\Dane aplikacji 2014-10-22 20:09 - 2012-05-14 14:45 - 00000188 ___SH () C:\Documents and Settings\UpdatusUser\ntuser.ini 2014-10-22 20:08 - 2013-11-01 10:45 - 00000000 ____D () C:\Documents and Settings\ROMAN SZ\Pulpit 2014-10-22 20:01 - 2012-05-15 11:09 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Adobe 2014-10-22 20:01 - 2012-05-14 15:11 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy 2014-10-22 20:01 - 2012-05-14 15:11 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit 2014-10-22 19:53 - 2012-05-14 15:37 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-10-22 19:50 - 2013-05-23 08:17 - 00000000 ____D () C:\Program Files\FileZilla FTP Client 2014-10-22 19:50 - 2013-05-23 08:17 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\FileZilla FTP Client 2014-10-22 19:49 - 2013-11-01 10:45 - 00000000 __RHD () C:\Documents and Settings\ROMAN SZ\Dane aplikacji 2014-10-22 19:46 - 2013-12-14 19:09 - 00001036 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-10-22 19:43 - 2012-05-14 15:11 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy\Autostart 2014-10-22 19:34 - 2013-12-05 09:29 - 00001036 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cef18bcae6b12c.job 2014-10-22 18:53 - 2014-03-21 15:21 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\MFAData 2014-10-20 21:49 - 2014-03-21 15:31 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\AVG2014 2014-10-20 21:49 - 2013-11-01 10:11 - 00000000 __RHD () C:\Documents and Settings\Rafal\Dane aplikacji 2014-10-20 21:47 - 2014-03-21 15:29 - 00000000 ____D () C:\Program Files\AVG 2014-10-20 21:46 - 2014-03-31 18:23 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\AVG 2014-10-20 19:46 - 2012-05-14 13:44 - 00000000 __SHD () C:\Documents and Settings\NetworkService 2014-10-19 21:02 - 2012-05-19 11:08 - 00131072 _____ () C:\WINDOWS\system32\config\OAlerts.evt 2014-10-18 11:38 - 2013-11-01 10:45 - 00000000 ____D () C:\Documents and Settings\ROMAN SZ 2014-10-17 18:55 - 2012-05-19 11:02 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help 2014-10-16 21:54 - 2013-08-14 14:29 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-10-16 21:54 - 2012-05-14 15:31 - 100290944 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-10-15 19:51 - 2014-08-10 09:58 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\TeamViewer 9 2014-10-14 12:49 - 2013-11-01 10:11 - 00000188 ___SH () C:\Documents and Settings\Rafal\ntuser.ini 2014-10-14 12:49 - 2013-11-01 10:11 - 00000000 ____D () C:\Documents and Settings\Rafal 2014-10-12 18:43 - 2012-05-14 15:09 - 00276560 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-10-12 16:59 - 2012-05-14 13:45 - 00000000 __SHD () C:\Documents and Settings\LocalService 2014-10-12 16:55 - 2013-11-01 10:45 - 00000000 ___HD () C:\Documents and Settings\ROMAN SZ\Ustawienia lokalne 2014-10-12 16:55 - 2013-11-01 10:11 - 00000000 ___HD () C:\Documents and Settings\Rafal\Ustawienia lokalne 2014-10-12 16:55 - 2012-05-14 13:44 - 00000000 ___HD () C:\Documents and Settings\NetworkService\Ustawienia lokalne 2014-10-12 16:54 - 2008-04-15 14:00 - 00000227 _____ () C:\WINDOWS\system.ini 2014-10-12 16:26 - 2014-06-26 09:30 - 00000000 ____D () C:\Documents and Settings\ROMAN SZ\Dane aplikacji\Skype 2014-10-12 16:26 - 2014-06-26 09:11 - 00000000 ____D () C:\Documents and Settings\ROMAN SZ\Dane aplikacji\TS3Client 2014-10-12 16:24 - 2014-03-08 08:43 - 00000000 ____D () C:\WINDOWS\Minidump 2014-10-12 16:24 - 2014-02-25 20:08 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\CCleaner 2014-10-12 16:23 - 2014-02-25 20:08 - 00000000 ____D () C:\Program Files\CCleaner 2014-10-11 11:51 - 2012-05-14 13:46 - 00000000 __RHD () C:\Documents and Settings\stary profil roman\Dane aplikacji 2014-10-11 11:48 - 2012-05-14 13:45 - 00000000 ___HD () C:\Documents and Settings\LocalService\Ustawienia lokalne 2014-10-11 11:16 - 2012-05-14 15:08 - 00000327 __RSH () C:\boot.ini 2014-10-10 13:34 - 2013-11-01 10:47 - 00000000 ____D () C:\Documents and Settings\ROMAN SZ\Pulpit\Pendrive 12-09-2013 2014-10-08 16:43 - 2014-03-15 19:44 - 00000222 _____ () C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — co miesiąc.job 2014-10-04 19:03 - 2012-10-28 16:25 - 00000000 ____D () C:\Program Files\NosTale(PL) 2014-09-22 14:46 - 2012-05-21 12:07 - 00000404 _____ () C:\WINDOWS\BRWMARK.INI 2014-09-22 05:35 - 2013-02-04 16:21 - 00000000 ____D () C:\Documents and Settings\stary profil roman\Pulpit\Dorota ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================