Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 18-01-2015 Ran by Testing (administrator) on DOM-3AF42E29FAF on 18-01-2015 13:04:48 Running from C:\Documents and Settings\Testing\Moje dokumenty\Pobrane Loaded Profiles: Testing (Available profiles: Rodzice & UpdatusUser & Testing & Insane & Administrator & Gość) Platform: Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polski Internet Explorer Version 8 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Windows (R) Codename Longhorn DDK provider) C:\Program Files\UPHClean\uphclean.exe () C:\Program Files\Rainmeter\Rainmeter.exe (Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [20143688 2013-03-12] (Realtek Semiconductor Corp.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-09] (AVAST Software) HKU\S-1-5-21-1801674531-1677128483-2147161785-1011\...\Run: [GUDelayStartup] => C:\Program Files\Glary Utilities 5\StartupManager.exe [37152 2014-11-24] (Glarysoft Ltd) HKU\S-1-5-21-1801674531-1677128483-2147161785-1011\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x91000000 HKU\S-1-5-21-1801674531-1677128483-2147161785-1011\...\Policies\Explorer: [EditLevel] 0 HKU\S-1-5-21-1801674531-1677128483-2147161785-1011\...\Policies\Explorer: [NoSaveSettings] 0 HKU\S-1-5-21-1801674531-1677128483-2147161785-1011\...\Policies\Explorer: [NoFileMenu] 0 HKU\S-1-5-21-1801674531-1677128483-2147161785-1011\...\Policies\Explorer: [NoCommonGroups] 0 HKU\S-1-5-21-1801674531-1677128483-2147161785-1011\...\Policies\Explorer: [NoDriveAutoRun] 0x00000000 HKU\S-1-5-21-1801674531-1677128483-2147161785-1011\...\MountPoints2: {154d6919-fe02-11e3-8d93-0019db4c7965} - J:\Autorun.exe HKU\S-1-5-21-1801674531-1677128483-2147161785-1011\...\MountPoints2: {154d6922-fe02-11e3-8d93-0019db4c7965} - J:\Autorun.exe HKU\S-1-5-21-1801674531-1677128483-2147161785-1011\...\MountPoints2: {154d6924-fe02-11e3-8d93-0019db4c7965} - J:\Autorun.exe HKU\S-1-5-21-1801674531-1677128483-2147161785-1011\...\MountPoints2: {154d692c-fe02-11e3-8d93-0019db4c7965} - J:\Autorun.exe HKU\S-1-5-21-1801674531-1677128483-2147161785-1011\...\MountPoints2: {154d6945-fe02-11e3-8d93-0019db4c7965} - J:\Autorun.exe HKU\S-1-5-21-1801674531-1677128483-2147161785-1011\...\MountPoints2: {2afcf026-d797-11e3-8cfc-0019db4c7965} - J:\autorun.exe HKU\S-1-5-21-1801674531-1677128483-2147161785-1011\...\MountPoints2: {d07ed3d0-ffa5-11e3-8d9a-0019db4c7965} - J:\Autorun.exe Startup: C:\Documents and Settings\Testing\Menu Start\Programy\Autostart\Rainmeter.lnk ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe () ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software) BootExecute: autocheck autochk * BootDefrag.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-1801674531-1677128483-2147161785-1011\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKU\S-1-5-21-1801674531-1677128483-2147161785-1011\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch BHO: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) Toolbar: HKU\S-1-5-21-1801674531-1677128483-2147161785-1011 -> No Name - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - No File Toolbar: HKU\S-1-5-21-1801674531-1677128483-2147161785-1011 -> No Name - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - No File Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4 FireFox: ======== FF ProfilePath: C:\Documents and Settings\Testing\Dane aplikacji\Mozilla\Firefox\Profiles\d6detick.default FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll () FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1214154.dll (Adobe Systems, Inc.) FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1801674531-1677128483-2147161785-1011: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\Testing\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Extension: Ghostery - C:\Documents and Settings\Testing\Dane aplikacji\Mozilla\Firefox\Profiles\d6detick.default\Extensions\firefox@ghostery.com.xpi [2014-12-02] FF Extension: Adblock Plus - C:\Documents and Settings\Testing\Dane aplikacji\Mozilla\Firefox\Profiles\d6detick.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-12-02] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-01-16] Chrome: ======= CHR Profile: C:\Documents and Settings\Testing\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default CHR Extension: (The Great Suspender) - C:\Documents and Settings\Testing\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2014-09-07] CHR Extension: (Morpheon Dark) - C:\Documents and Settings\Testing\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\mafbdhjdkjnoafhfelkjpchpaepjknad [2014-09-09] CHR Extension: (Google Wallet) - C:\Documents and Settings\Testing\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-07] CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-17] CHR HKLM\...\Chrome\Extension: [jfhffdajidfgpobcfdgilfcgbngginod] - C:\Program Files\EagleGet\addon\eagleget_cext@eagleget.com.crx [2013-11-21] CHR HKU\S-1-5-21-1801674531-1677128483-2147161785-1011\...\Chrome\Extension: [jfhffdajidfgpobcfdgilfcgbngginod] - C:\Program Files\EagleGet\addon\eagleget_cext@eagleget.com.crx [2013-11-21] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-17] (AVAST Software) S2 BootlogService; C:\Program Files\Greatis\BootLog XP\BootLogService.exe [65248 2009-12-04] (Greatis Software (c)) S3 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-12-26] (Oracle Corporation) S4 npggsvc; C:\WINDOWS\system32\GameMon.des [4795672 2013-11-25] (INCA Internet Co., Ltd.) R2 UPHClean; C:\Program Files\UPHClean\uphclean.exe [399872 2010-09-13] (Windows (R) Codename Longhorn DDK provider) [File not signed] S3 SwPrv; C:\WINDOWS\system32\dllhost.exe /Processid:{0AE6604E-CB16-4E89-BCF2-C65DB6E38FEA} ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative) S3 AR5416; C:\WINDOWS\System32\DRIVERS\athw.sys [1983392 2011-10-07] (Atheros Communications, Inc.) R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-12-17] () R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [70384 2014-12-17] (AVAST Software) R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55240 2014-12-17] (AVAST Software) R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-12-17] () R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [787800 2014-12-17] (AVAST Software) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [423784 2014-12-17] (AVAST Software) R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57928 2014-12-17] (AVAST Software) R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [206248 2014-12-17] () R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [271360 2013-12-23] () [File not signed] R0 BootDefragDriver; C:\WINDOWS\System32\drivers\BootDefragDriver.sys [14784 2014-11-24] (Glarysoft Ltd) R3 FETNDIS; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [27165 2001-08-17] (VIA Technologies, Inc. ) R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [17344 2014-11-29] (Glarysoft Ltd) R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [18048 2013-12-23] () [File not signed] S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.) R2 npf; C:\WINDOWS\System32\drivers\npf.sys [50704 2010-01-27] (CACE Technologies, Inc.) S3 VClone; C:\WINDOWS\System32\DRIVERS\VClone.sys [30720 2013-07-24] (Elaborate Bytes AG) [File not signed] S2 AegisP; system32\DRIVERS\AegisP.sys [X] S3 aqmyggid; No ImagePath S3 AR5211; system32\DRIVERS\ar5211.sys [X] S4 dbfdyzsz; \??\C:\WINDOWS\system32\drivers\dbfdyzsz.sys [X] S3 EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys [X] S4 GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS [X] S4 IntelIde; No ImagePath S1 MpKsl4742dca0; \??\c:\Documents and Settings\All Users\Dane aplikacji\Microsoft\Microsoft Antimalware\Definition Updates\{216892F7-B52B-4459-853D-138A2BEEAFEA}\MpKsl4742dca0.sys [X] S2 PfModNT; \??\C:\WINDOWS\system32\PfModNT.sys [X] S4 sptd; \SystemRoot\System32\Drivers\sptd.sys [X] U1 WS2IFSL; No ImagePath S3 WSIMD; system32\DRIVERS\wsimd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-18 13:03 - 2015-01-18 13:04 - 00000000 ____D () C:\FRST 2015-01-18 12:55 - 2015-01-18 12:55 - 00000000 ____D () C:\Program Files\Greatis 2015-01-18 12:55 - 2015-01-18 12:55 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\BootLog XP 2015-01-18 12:40 - 2015-01-18 12:40 - 00000482 _____ () C:\WINDOWS\setupapi.log 2015-01-18 06:25 - 2015-01-18 06:25 - 00000000 ____D () C:\Documents and Settings\Rodzice\Pulpit 2015-01-18 06:24 - 2015-01-18 06:24 - 00000000 ____D () C:\Documents and Settings\Testing\Dane aplikacji\DiskDefrag 2015-01-17 16:07 - 2015-01-17 16:07 - 00000000 ____D () C:\Documents and Settings\Insane\Ustawienia lokalne\Dane aplikacji\Google 2015-01-17 16:02 - 2015-01-17 16:02 - 00000000 ____D () C:\Documents and Settings\Insane\Dane aplikacji\Adobe 2015-01-17 16:01 - 2015-01-17 16:01 - 00000000 ____D () C:\Documents and Settings\Insane\Pulpit 2015-01-17 15:38 - 2014-11-24 07:01 - 00101664 _____ (Glarysoft Ltd) C:\WINDOWS\system32\BootDefrag.exe 2015-01-17 15:38 - 2014-11-24 04:47 - 00014784 _____ (Glarysoft Ltd) C:\WINDOWS\system32\Drivers\BootDefragDriver.sys 2015-01-17 15:12 - 2015-01-17 15:12 - 29339648 _____ () C:\WINDOWS\system32\config\software.gu 2015-01-17 15:12 - 2015-01-17 15:12 - 07024640 _____ () C:\WINDOWS\system32\config\system.gu 2015-01-17 15:12 - 2015-01-17 15:12 - 00335872 _____ () C:\WINDOWS\system32\config\default.gu 2015-01-17 15:12 - 2015-01-17 15:12 - 00057344 _____ () C:\WINDOWS\system32\config\SECURITY.gu 2015-01-17 15:12 - 2015-01-17 15:12 - 00028672 _____ () C:\WINDOWS\system32\config\SAM.gu 2015-01-17 15:10 - 2014-11-24 07:01 - 00022816 _____ (Glarysoft Ltd) C:\WINDOWS\system32\RegBootDefrag.exe 2015-01-15 15:42 - 2015-01-16 09:33 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2015-01-11 13:46 - 2015-01-11 13:46 - 00000000 __SHD () C:\Documents and Settings\Insane\PrivacIE 2015-01-11 13:44 - 2015-01-11 13:44 - 00000000 __SHD () C:\Documents and Settings\Insane\IETldCache 2015-01-08 17:26 - 2015-01-08 17:26 - 00000000 ____D () C:\Documents and Settings\Testing\Ustawienia lokalne\Dane aplikacji\Skype 2015-01-08 17:25 - 2015-01-17 15:23 - 00000000 ____D () C:\Documents and Settings\Testing\Dane aplikacji\Skype 2015-01-08 17:25 - 2015-01-08 17:25 - 00000000 ___RD () C:\Program Files\Skype 2015-01-08 17:25 - 2015-01-08 17:25 - 00000000 ____D () C:\Program Files\Common Files\Skype 2015-01-08 17:25 - 2015-01-08 17:25 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Skype 2015-01-08 17:23 - 2015-01-08 17:25 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Skype 2015-01-07 21:15 - 2015-01-07 21:15 - 00000000 ____D () C:\Documents and Settings\Testing\Dane aplikacji\LolClient 2015-01-07 17:50 - 2015-01-07 17:50 - 00000803 _____ () C:\Documents and Settings\Testing\Menu Start\Programy\Internet Explorer.lnk 2015-01-07 17:46 - 2015-01-07 17:57 - 00000000 ____D () C:\WINDOWS\ie8updates 2015-01-07 17:44 - 2015-01-07 17:45 - 00000000 __HDC () C:\WINDOWS\ie8 2015-01-07 15:03 - 2015-01-07 17:49 - 00000000 ___RD () C:\Documents and Settings\Testing\Moje dokumenty\Moje obrazy 2015-01-07 14:58 - 2015-01-07 14:58 - 00000000 __SHD () C:\Documents and Settings\Testing\IETldCache 2015-01-07 14:57 - 2015-01-07 14:57 - 00283720 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2015-01-06 17:17 - 2015-01-06 17:17 - 00068336 _____ () C:\Documents and Settings\Testing\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT 2015-01-06 16:57 - 2015-01-06 17:01 - 00000000 ____D () C:\a13db4b51255eeec2f04 2015-01-05 18:20 - 2015-01-05 18:20 - 00000000 ____D () C:\Riot Games 2015-01-05 18:20 - 2015-01-05 18:20 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\League of Legends 2015-01-05 18:19 - 2015-01-05 18:19 - 00000000 ____D () C:\Documents and Settings\Testing\Dane aplikacji\Riot Games 2015-01-03 18:12 - 2015-01-03 18:12 - 00000000 ___HD () C:\Documents and Settings\Testing\Menu Start\Programy\Autostart-Disabled 2015-01-03 13:56 - 2015-01-03 13:56 - 04691389 _____ () C:\Documents and Settings\Testing\Pulpit\tgf_full07.zip 2015-01-02 17:48 - 2015-01-02 17:48 - 00000000 ____D () C:\Documents and Settings\Insane\Dane aplikacji\Macromedia 2015-01-02 17:45 - 2015-01-02 17:45 - 00000000 ___SD () C:\Documents and Settings\Insane\UserData 2015-01-02 17:41 - 2015-01-02 17:41 - 00000000 ____D () C:\Documents and Settings\Insane\Ustawienia lokalne\Dane aplikacji\Temp 2015-01-02 17:38 - 2015-01-17 15:23 - 00000000 ____D () C:\Documents and Settings\Insane\Dane aplikacji\Mozilla 2015-01-02 17:38 - 2015-01-11 13:44 - 00000803 _____ () C:\Documents and Settings\Insane\Menu Start\Programy\Internet Explorer.lnk 2015-01-02 17:38 - 2015-01-11 13:44 - 00000000 ___RD () C:\Documents and Settings\Insane\Ulubione 2015-01-02 17:38 - 2015-01-11 13:44 - 00000000 ___RD () C:\Documents and Settings\Insane\Moje dokumenty\Moje obrazy 2015-01-02 17:38 - 2015-01-11 13:44 - 00000000 ___RD () C:\Documents and Settings\Insane\Moje dokumenty\Moja muzyka 2015-01-02 17:38 - 2015-01-11 13:44 - 00000000 ___RD () C:\Documents and Settings\Insane\Moje dokumenty 2015-01-02 17:38 - 2015-01-02 17:38 - 00000738 _____ () C:\Documents and Settings\Insane\Menu Start\Programy\Outlook Express.lnk 2015-01-02 17:38 - 2015-01-02 17:38 - 00000000 ____D () C:\Documents and Settings\Insane\Ustawienia lokalne\Dane aplikacji\Mozilla 2015-01-02 17:38 - 2015-01-02 17:38 - 00000000 ____D () C:\Documents and Settings\Insane\Dane aplikacji\AVAST Software 2015-01-02 17:37 - 2015-01-17 21:18 - 00000188 ___SH () C:\Documents and Settings\Insane\ntuser.ini 2015-01-02 17:37 - 2015-01-17 21:17 - 00000000 ____D () C:\Documents and Settings\Insane\Ustawienia lokalne\Temp 2015-01-02 17:37 - 2015-01-17 16:07 - 00000000 ___HD () C:\Documents and Settings\Insane\Ustawienia lokalne\Dane aplikacji 2015-01-02 17:37 - 2015-01-17 16:02 - 00000000 __RHD () C:\Documents and Settings\Insane\Dane aplikacji 2015-01-02 17:37 - 2015-01-17 16:01 - 00000000 ____D () C:\Documents and Settings\Insane 2015-01-02 17:37 - 2015-01-11 13:44 - 00000000 ___RD () C:\Documents and Settings\Insane\Menu Start\Programy\Akcesoria 2015-01-02 17:37 - 2015-01-11 13:44 - 00000000 ___RD () C:\Documents and Settings\Insane\Menu Start\Programy 2015-01-02 17:37 - 2015-01-02 17:38 - 00000788 _____ () C:\Documents and Settings\Insane\Menu Start\Programy\Windows Media Player.lnk 2015-01-02 17:37 - 2015-01-02 17:38 - 00000000 __SHD () C:\Documents and Settings\Insane\Ustawienia lokalne\Historia 2015-01-02 17:37 - 2015-01-02 17:37 - 00000000 ___HD () C:\Documents and Settings\Insane\Ustawienia lokalne 2015-01-02 17:37 - 2013-08-07 14:29 - 00000000 ___RD () C:\Documents and Settings\Insane\Menu Start\Programy\Autostart 2015-01-02 17:37 - 2013-08-07 14:29 - 00000000 ___RD () C:\Documents and Settings\Insane\Menu Start 2015-01-02 17:37 - 2013-08-07 12:38 - 00001599 _____ () C:\Documents and Settings\Insane\Menu Start\Programy\Pomoc zdalna.lnk 2015-01-02 17:37 - 2013-08-07 12:35 - 00000000 ___HD () C:\Documents and Settings\Insane\Szablony 2015-01-02 16:18 - 2015-01-02 16:18 - 00045414 _____ () C:\Documents and Settings\Testing\Ustawienia lokalne\Dane aplikacji\recently-used.xbel 2014-12-26 20:09 - 2014-12-26 20:09 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Recuva 2014-12-26 20:08 - 2014-12-26 20:09 - 00000000 ____D () C:\Program Files\Recuva 2014-12-26 19:48 - 2014-12-26 19:49 - 00000000 ____D () C:\Documents and Settings\Testing\minecraft 2014-12-26 11:22 - 2015-01-03 18:08 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Java Development Kit 2014-12-26 10:49 - 2014-12-26 10:47 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe 2014-12-26 10:48 - 2014-12-26 10:48 - 00000000 _____ () C:\WINDOWS\system32\REN1E.tmp 2014-12-26 10:48 - 2014-12-26 10:48 - 00000000 _____ () C:\WINDOWS\system32\REN1D.tmp 2014-12-26 10:31 - 2014-12-26 10:31 - 00000000 ____D () C:\Documents and Settings\Testing\.jmc 2014-12-25 15:07 - 2014-12-25 15:07 - 00000000 ____D () C:\Documents and Settings\Testing\Dane aplikacji\Oracle 2014-12-20 19:52 - 2014-12-20 19:52 - 00000072 _____ () C:\Documents and Settings\Testing\.gtk-bookmarks 2014-12-20 11:34 - 2014-12-20 11:34 - 00000000 ____D () C:\Documents and Settings\Testing\Dane aplikacji\3909 2014-12-20 11:30 - 2014-12-20 11:30 - 00000000 ____D () C:\Games 2014-12-19 20:42 - 2014-12-19 20:42 - 00000000 ____D () C:\Program Files\Metropolis Software 2014-12-19 20:28 - 2014-12-19 20:30 - 00000543 _____ () C:\console_output.html ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-18 13:05 - 2014-04-08 14:12 - 00000000 ____D () C:\Documents and Settings\Testing\Ustawienia lokalne\Temp 2015-01-18 13:04 - 2014-06-20 16:11 - 00000000 ____D () C:\Documents and Settings\Testing\Moje dokumenty\Pobrane 2015-01-18 13:02 - 2014-01-16 20:57 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job 2015-01-18 13:00 - 2013-08-07 12:41 - 00000000 __SHD () C:\Documents and Settings\LocalService 2015-01-18 12:58 - 2014-11-29 14:27 - 00000320 _____ () C:\WINDOWS\Tasks\GlaryInitialize 5.job 2015-01-18 12:58 - 2014-01-03 22:07 - 01553839 _____ () C:\WINDOWS\WindowsUpdate.log 2015-01-18 12:57 - 2014-04-08 14:12 - 00000000 ___HD () C:\Documents and Settings\Testing\Szablony 2015-01-18 12:56 - 2014-09-23 19:05 - 00000159 _____ () C:\WINDOWS\wiadebug.log 2015-01-18 12:56 - 2014-09-23 19:05 - 00000050 _____ () C:\WINDOWS\wiaservc.log 2015-01-18 12:56 - 2014-04-08 14:12 - 00000000 ____D () C:\Documents and Settings\Testing\Menu Start\Programy\Autostart 2015-01-18 12:56 - 2013-08-07 12:41 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2015-01-18 12:55 - 2014-04-08 14:12 - 00000188 ___SH () C:\Documents and Settings\Testing\ntuser.ini 2015-01-18 12:55 - 2013-08-07 14:29 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy 2015-01-18 12:55 - 2013-08-07 12:41 - 00032398 _____ () C:\WINDOWS\SchedLgU.Txt 2015-01-18 12:53 - 2014-04-08 14:14 - 00000000 ____D () C:\Documents and Settings\Testing\Dane aplikacji\foobar2000 2015-01-18 12:41 - 2014-06-29 20:11 - 00000000 ____D () C:\Program Files\Elaborate Bytes 2015-01-18 11:55 - 2014-04-08 14:18 - 00000000 ____D () C:\Documents and Settings\Testing\Dane aplikacji\Mozilla 2015-01-18 11:46 - 2013-11-11 16:24 - 00000188 ___SH () C:\Documents and Settings\Rodzice\ntuser.ini 2015-01-18 11:46 - 2013-11-11 16:24 - 00000000 ____D () C:\Documents and Settings\Rodzice\Ustawienia lokalne\Temp 2015-01-18 06:26 - 2013-11-11 16:26 - 00000000 ____D () C:\Documents and Settings\Rodzice\Dane aplikacji\Mozilla 2015-01-18 06:25 - 2013-11-11 16:24 - 00000000 ____D () C:\Documents and Settings\Rodzice 2015-01-18 06:24 - 2014-04-08 14:12 - 00000000 ___HD () C:\Documents and Settings\Testing\Dane aplikacji 2015-01-17 15:37 - 2014-11-29 14:27 - 00000000 ____D () C:\Program Files\Glary Utilities 5 2015-01-17 15:23 - 2014-08-14 17:57 - 00000000 ____D () C:\Documents and Settings\Testing\Dane aplikacji\GG 2015-01-17 15:23 - 2014-05-13 15:55 - 00000000 ____D () C:\Documents and Settings\Testing\Dane aplikacji\.minecraft 2015-01-17 15:23 - 2014-04-09 16:12 - 00000000 ____D () C:\Documents and Settings\Testing\.gimp-2.8 2015-01-17 15:23 - 2014-04-08 14:14 - 00000000 ____D () C:\Documents and Settings\Testing\Dane aplikacji\Adobe 2015-01-17 15:23 - 2014-04-08 14:12 - 00000000 ____D () C:\Documents and Settings\Testing 2015-01-17 15:23 - 2013-08-07 14:29 - 00000000 ___HD () C:\Documents and Settings\Default User\Ustawienia lokalne\Dane aplikacji 2015-01-17 15:21 - 2014-12-12 15:13 - 00000000 ____D () C:\Documents and Settings\Testing\Moje dokumenty\Gameforge Live 2015-01-17 15:21 - 2014-04-08 14:12 - 00000000 ___RD () C:\Documents and Settings\Testing\Moje dokumenty 2015-01-17 15:21 - 2014-04-08 14:12 - 00000000 ___HD () C:\Documents and Settings\Testing\Ustawienia lokalne\Dane aplikacji 2015-01-17 15:21 - 2013-11-17 14:10 - 00000000 ___HD () C:\Documents and Settings\UpdatusUser\Ustawienia lokalne 2015-01-17 15:20 - 2014-12-09 18:06 - 00000000 ____D () C:\Program Files\PGR Online 2015-01-15 22:13 - 2014-09-15 20:34 - 01427020 _____ () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-S-1-5-21-1801674531-1677128483-2147161785-1011-0.dat 2015-01-15 22:13 - 2013-09-05 20:51 - 00310006 _____ () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat 2015-01-15 13:58 - 2013-08-12 15:04 - 00000000 ____D () C:\WINDOWS\system32\MRT 2015-01-15 13:45 - 2013-08-07 16:06 - 110348472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-01-14 18:24 - 2008-04-15 13:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl 2015-01-11 08:04 - 2013-11-11 16:25 - 00000803 _____ () C:\Documents and Settings\Rodzice\Menu Start\Programy\Internet Explorer.lnk 2015-01-11 08:04 - 2013-11-11 16:24 - 00000000 ___RD () C:\Documents and Settings\Rodzice\Menu Start\Programy 2015-01-11 08:03 - 2013-11-11 16:25 - 00000000 ___RD () C:\Documents and Settings\Rodzice\Moje dokumenty\Moje obrazy 2015-01-11 08:03 - 2013-11-11 16:25 - 00000000 ___RD () C:\Documents and Settings\Rodzice\Moje dokumenty\Moja muzyka 2015-01-11 08:03 - 2013-11-11 16:24 - 00000000 ___RD () C:\Documents and Settings\Rodzice\Moje dokumenty 2015-01-08 17:23 - 2013-08-07 14:28 - 00000000 __RHD () C:\Documents and Settings\All Users\Dane aplikacji 2015-01-07 17:50 - 2014-04-08 14:12 - 00000000 ____D () C:\Documents and Settings\Testing\Menu Start\Programy 2015-01-07 17:49 - 2014-10-31 16:23 - 00000000 ___RD () C:\Documents and Settings\Testing\Moje dokumenty\Moja muzyka 2015-01-07 17:48 - 2013-08-07 14:18 - 00000000 ____D () C:\WINDOWS\system32\pl-pl 2015-01-07 17:48 - 2013-08-07 14:18 - 00000000 ____D () C:\WINDOWS\Help 2015-01-07 17:45 - 2013-08-07 14:18 - 00000000 ____D () C:\WINDOWS\Media 2015-01-07 15:03 - 2014-04-08 14:12 - 00000000 ___RD () C:\Documents and Settings\Testing\Menu Start\Programy\Akcesoria 2015-01-07 15:03 - 2014-04-08 14:12 - 00000000 ____D () C:\Documents and Settings\Testing\Ulubione 2015-01-06 21:45 - 2014-12-06 15:31 - 00065536 _____ () C:\WINDOWS\system32\config\ODiag.evt 2015-01-06 21:45 - 2013-11-15 19:28 - 00065536 _____ () C:\WINDOWS\system32\config\Internet.evt 2015-01-06 17:14 - 2014-11-12 15:37 - 00000000 ____D () C:\Documents and Settings\Testing\Dane aplikacji\inkscape 2015-01-06 17:14 - 2014-04-18 17:48 - 00000000 ____D () C:\Documents and Settings\Testing\Dane aplikacji\Notepad++ 2015-01-03 18:08 - 2014-04-08 14:12 - 00000000 ____D () C:\Documents and Settings\Testing\Pulpit 2015-01-02 17:47 - 2014-12-02 16:44 - 00701616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2015-01-02 17:47 - 2014-12-02 16:44 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2015-01-01 21:12 - 2014-04-09 16:16 - 00000000 ____D () C:\Documents and Settings\Testing\Ustawienia lokalne\Dane aplikacji\gtk-2.0 2014-12-27 21:03 - 2013-08-08 11:05 - 00000000 ____D () C:\Program Files\Windows Media Connect 2 2014-12-26 11:23 - 2014-11-17 20:22 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Oracle 2014-12-26 11:22 - 2014-11-17 20:23 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Java 2014-12-26 11:22 - 2014-08-13 08:52 - 00096680 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll 2014-12-26 11:21 - 2014-08-13 08:52 - 00146432 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl 2014-12-26 11:20 - 2013-08-18 19:11 - 00000000 ____D () C:\Program Files\Java ==================== Files in the root of some directories ======= 2014-08-28 16:14 - 2014-08-28 16:14 - 0008704 _____ () C:\Documents and Settings\Testing\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-01-02 16:18 - 2015-01-02 16:18 - 0045414 _____ () C:\Documents and Settings\Testing\Ustawienia lokalne\Dane aplikacji\recently-used.xbel ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================