Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-02-2015 01 Ran by Andrzej Dratwa (administrator) on DEMEX-1 on 24-02-2015 14:13:24 Running from C:\Documents and Settings\Andrzej Dratwa\Pulpit Loaded Profiles: Andrzej Dratwa (Available profiles: Andrzej Dratwa) Platform: Microsoft Windows XP Home Edition Dodatek Service Pack 3 (X86) OS Language: Polski Internet Explorer Version 8 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Murray Hurps Software Pty Ltd) C:\Program Files\Ad Muncher\AdMunch.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.WHOKNA4\MSSQL\Binn\sqlservr.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe [1618488 2013-10-31] (Bitdefender) HKLM\...\Run: [Ad Muncher] => C:\Program Files\Ad Muncher\AdMunch.exe [560760 2015-02-23] (Murray Hurps Software Pty Ltd) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-1547161642-484763869-1801674531-1004\Software\Microsoft\Internet Explorer\Main,Start Page = http://onet.pl/ SearchScopes: HKU\S-1-5-21-1547161642-484763869-1801674531-1004 -> DefaultScope {F43DC14A-9977-4A37-ABA0-7B67F721FAB1} URL = http://www.google.com/search?hl=pl&q={searchTerms} SearchScopes: HKU\S-1-5-21-1547161642-484763869-1801674531-1004 -> {F43DC14A-9977-4A37-ABA0-7B67F721FAB1} URL = http://www.google.com/search?hl=pl&q={searchTerms} BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: IplexToALLPlayer -> {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} -> C:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKU\S-1-5-21-1547161642-484763869-1801674531-1004 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) DPF: {92ECE6FA-AC2E-4042-BFAE-0C8608E52A41} https://www.pekaobiznes24.pl/components/SignActivXPEKAO.cab Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 FireFox: ======== FF ProfilePath: C:\Documents and Settings\Andrzej Dratwa\Dane aplikacji\Mozilla\Firefox\Profiles\fsis0ukt.default FF Homepage: hxxp://www.gazeta.pl/0,0.html?p=173 FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_239.dll () FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.) FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems) FF Extension: PEKAO S.A. Sign Plugin - C:\Documents and Settings\Andrzej Dratwa\Dane aplikacji\Mozilla\Firefox\Profiles\fsis0ukt.default\Extensions\SignPlugin@pekao.pl [2012-12-17] FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn FF Extension: Adobe Acrobat - Create PDF - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-02-03] FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext [2013-10-21] Chrome: ======= CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms} CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\40.0.2214.115\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\40.0.2214.115\ppGoogleNaClPluginChrome.dll No File CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\40.0.2214.115\pdf.dll () CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation) CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.)) CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation) CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\\npsitesafety.dll No File CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File CHR Plugin: (Java(TM) Platform SE 6 U37) - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll No File CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File CHR Plugin: (PDF-XChange Viewer) - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.) CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll No File CHR Plugin: (Java Deployment Toolkit 6.0.370.6) - C:\WINDOWS\system32\npdeployJava1.dll (Oracle Corporation) CHR Profile: C:\Documents and Settings\Andrzej Dratwa\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default CHR Extension: (Google Drive) - C:\Documents and Settings\Andrzej Dratwa\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-09] CHR Extension: (YouTube) - C:\Documents and Settings\Andrzej Dratwa\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-09] CHR Extension: (Google Search) - C:\Documents and Settings\Andrzej Dratwa\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-09] CHR Extension: (Adobe Acrobat - Create PDF) - C:\Documents and Settings\Andrzej Dratwa\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-02-16] CHR Extension: (Google Wallet) - C:\Documents and Settings\Andrzej Dratwa\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22] CHR Extension: (Gmail) - C:\Documents and Settings\Andrzej Dratwa\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-09] CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-12-03] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe [62688 2013-10-31] (Bitdefender) S4 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182184 2013-06-26] (Oracle Corporation) R2 MSSQL$BIZNESMENPRO; C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29178224 2007-02-10] (Microsoft Corporation) R2 MSSQL$WHOKNA4; C:\Program Files\Microsoft SQL Server\MSSQL10_50.WHOKNA4\MSSQL\Binn\sqlservr.exe [42884448 2010-04-03] (Microsoft Corporation) S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [45272 2005-10-14] (Microsoft Corporation) R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [44032 2008-07-18] (Hewlett-Packard) [File not signed] R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53760 2008-07-18] (Hewlett-Packard) [File not signed] S4 PuranDefrag; C:\WINDOWS\system32\PuranDefragS.exe [260992 2013-08-15] (Puran Software) [File not signed] S4 SQLAgent$WHOKNA4; C:\Program Files\Microsoft SQL Server\MSSQL10_50.WHOKNA4\MSSQL\Binn\SQLAGENT.EXE [367456 2010-04-03] (Microsoft Corporation) R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe [54960 2013-10-31] (Bitdefender) R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe [1343472 2013-10-31] (Bitdefender) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21361 2011-09-05] (Cisco Systems, Inc.) [File not signed] R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [640560 2013-10-31] (BitDefender) R3 avchv; C:\WINDOWS\System32\DRIVERS\avchv.sys [242504 2012-11-02] (BitDefender) R3 avckf; C:\WINDOWS\System32\DRIVERS\avckf.sys [490144 2013-10-31] (BitDefender) R3 Bdfndisf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf.sys [116560 2013-10-31] (BitDefender LLC) R1 bdftdif; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdftdif.sys [130640 2011-11-14] (BitDefender LLC) S3 BDSandBox; C:\WINDOWS\system32\drivers\bdsandbox.sys [66832 2013-10-31] (BitDefender SRL) R1 bdselfpr; C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys [135600 2013-10-31] (BitDefender LLC) S3 gdrv; C:\WINDOWS\gdrv.sys [16608 2011-08-29] (Windows (R) 2000 DDK provider) R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [165744 2013-10-31] (BitDefender LLC) S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2008-10-30] (HP) S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2008-10-30] (HP) S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2008-10-30] (HP) S4 RsFx0150; C:\WINDOWS\System32\DRIVERS\RsFx0150.sys [240608 2010-04-03] (Microsoft Corporation) R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [360376 2013-10-31] (BitDefender S.R.L.) S4 IntelIde; No ImagePath U1 WS2IFSL; No ImagePath ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-24 14:13 - 2015-02-24 14:13 - 00013089 _____ () C:\Documents and Settings\Andrzej Dratwa\Pulpit\FRST.txt 2015-02-24 14:09 - 2015-02-24 14:09 - 00000000 ____D () C:\Documents and Settings\Andrzej Dratwa\Pulpit\FRST-OlderVersion 2015-02-24 13:24 - 2015-02-24 13:24 - 00000000 ____D () C:\Documents and Settings\Andrzej Dratwa\Dane aplikacji\pdfforge 2015-02-23 16:53 - 2015-02-23 16:56 - 00006549 _____ () C:\WINDOWS\setupapi.log 2015-02-23 16:52 - 2015-02-23 16:52 - 00000000 ___SD () C:\Documents and Settings\All Users\Menu Start\Programy\LibreOffice 4.3 2015-02-23 16:47 - 2015-02-23 16:54 - 00000000 ____D () C:\WINDOWS\SxsCaPendDel 2015-02-23 16:47 - 2015-02-23 16:51 - 00000000 ____D () C:\Program Files\LibreOffice 4 2015-02-23 14:24 - 2015-02-23 14:24 - 00000000 ____D () C:\Program Files\Ad Muncher 2015-02-23 14:24 - 2015-02-23 14:24 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Ad Muncher 2015-02-23 14:14 - 2015-02-24 14:10 - 00004792 _____ () C:\WINDOWS\WindowsUpdate.log 2015-02-23 14:03 - 2015-02-23 14:03 - 00000000 ____D () C:\Program Files\CCleaner 2015-02-23 14:03 - 2015-02-23 14:03 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\CCleaner 2015-02-23 13:56 - 2015-02-24 14:13 - 00000000 ____D () C:\FRST 2015-02-23 13:56 - 2015-02-24 14:09 - 01127424 _____ (Farbar) C:\Documents and Settings\Andrzej Dratwa\Pulpit\FRST.exe 2015-02-23 13:42 - 2015-02-23 13:42 - 00000925 _____ () C:\Documents and Settings\All Users\Pulpit\Revo Uninstaller Pro.lnk 2015-02-23 13:42 - 2015-02-23 13:42 - 00000000 ____D () C:\Program Files\VS Revo Group 2015-02-23 13:42 - 2015-02-23 13:42 - 00000000 ____D () C:\Documents and Settings\Andrzej Dratwa\Ustawienia lokalne\Dane aplikacji\VS Revo Group 2015-02-23 13:42 - 2015-02-23 13:42 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Revo Uninstaller Pro 2015-02-23 13:42 - 2015-02-23 13:42 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\VS Revo Group 2015-02-23 13:42 - 2009-12-30 10:20 - 00027064 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys 2015-02-23 13:37 - 2015-02-23 13:37 - 00001165 _____ () C:\DelFix.txt 2015-02-21 13:21 - 2015-02-21 13:21 - 00000000 ____D () C:\Program Files\darmowa-lokalizacja-telefonu 2015-02-21 13:21 - 2015-02-21 13:21 - 00000000 ____D () C:\Documents and Settings\Andrzej Dratwa\Menu Start\Programy\Darmowa lokalizacja telefonów 2015-02-21 13:21 - 2015-02-21 13:21 - 00000000 ____D () C:\Documents and Settings\Andrzej Dratwa\Dane aplikacji\ModelViews 2015-02-21 13:20 - 2015-02-21 13:20 - 06339215 _____ () C:\Documents and Settings\Andrzej Dratwa\Pulpit\lokalizacja-online.exe 2015-02-13 16:52 - 2015-02-13 16:52 - 00000894 _____ () C:\Documents and Settings\Andrzej Dratwa\Moje dokumenty\TYSIA3.prv 2015-02-11 16:57 - 2010-01-27 16:41 - 03485184 _____ () C:\Documents and Settings\Andrzej Dratwa\Pulpit\Bukiet_przyjazni.pps 2015-02-11 16:54 - 2015-02-11 16:54 - 00000730 _____ () C:\Documents and Settings\Andrzej Dratwa\Pulpit\Skrót do Bukiet_przyjazni.lnk 2015-02-06 10:25 - 2015-02-06 10:25 - 00001032 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d041eecc544fa6.job 2015-02-04 13:23 - 2015-02-04 13:23 - 00000000 ____D () C:\WINDOWS\Hewlett-Packard 2015-02-03 12:46 - 2015-02-11 11:51 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Napisy24 2015-02-03 12:46 - 2015-02-03 12:46 - 00001588 _____ () C:\Documents and Settings\Andrzej Dratwa\Pulpit\ALLPlayer.Radio.lnk 2015-02-03 12:46 - 2015-02-03 12:46 - 00001580 _____ () C:\Documents and Settings\Andrzej Dratwa\Pulpit\ALLPlayer.VOD.lnk 2015-02-03 12:46 - 2015-02-03 12:46 - 00000808 _____ () C:\Documents and Settings\All Users\Pulpit\ALLPlayer Pilot.lnk 2015-02-03 12:46 - 2015-02-03 12:46 - 00000682 _____ () C:\Documents and Settings\All Users\Pulpit\Napisy24.pl.lnk 2015-02-03 12:46 - 2015-02-03 12:46 - 00000105 _____ () C:\Documents and Settings\All Users\Pulpit\ZapTV.pl.url 2015-02-03 12:46 - 2015-02-03 12:46 - 00000000 ____D () C:\Program Files\Napisy24 2015-02-03 12:46 - 2015-02-03 12:46 - 00000000 ____D () C:\Program Files\ALLPlayer Remote 2015-02-03 12:46 - 2015-02-03 12:46 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Napisy24 2015-02-03 12:46 - 2015-02-03 12:46 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\ALLPlayer Pilot 2015-02-03 12:46 - 2015-02-03 12:46 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\ALLPlayerRemote 2015-02-03 12:46 - 2015-02-03 12:46 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\ALLPlayer 2015-02-03 12:46 - 2013-11-15 20:02 - 02023808 _____ (ALLPlayer Group Ltd.) C:\Documents and Settings\Andrzej Dratwa\Pulpit\CatzillaDownloader.exe 2015-02-03 12:46 - 2013-04-05 20:26 - 00276992 _____ (IntelleSoft) C:\WINDOWS\system32\BugTrap.dll 2015-02-03 11:31 - 2015-02-04 10:14 - 00000000 ____D () C:\Documents and Settings\Andrzej Dratwa\Ustawienia lokalne\Dane aplikacji\Adobe 2015-02-03 11:31 - 2015-02-03 11:48 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\regid.1986-12.com.adobe 2015-02-03 11:30 - 2015-02-03 11:39 - 00002359 _____ () C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Acrobat XI Pro.lnk 2015-02-03 11:30 - 2015-02-03 11:39 - 00001919 _____ () C:\Documents and Settings\All Users\Menu Start\Programy\Adobe FormsCentral.lnk 2015-02-03 11:30 - 2015-02-03 11:39 - 00001758 _____ () C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Acrobat Distiller XI.lnk 2015-02-03 11:30 - 2015-02-03 11:30 - 00001741 _____ () C:\Documents and Settings\All Users\Pulpit\Adobe Acrobat XI Pro.lnk 2015-02-03 11:28 - 2015-02-03 11:31 - 00000000 ____D () C:\Program Files\Common Files\Adobe 2015-02-03 11:28 - 2015-02-03 11:28 - 00000000 ____D () C:\Program Files\Adobe 2015-02-02 16:08 - 2015-02-02 16:09 - 00000000 ____D () C:\Documents and Settings\Andrzej Dratwa\Pulpit\KWIATY PRESTIGE DECOR 2015-02-02 16:04 - 2015-02-02 16:05 - 00000000 ____D () C:\Documents and Settings\Andrzej Dratwa\Pulpit\ZNICZE CER FAR 2015-01-29 07:20 - 2015-01-29 07:20 - 00875472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr110.dll 2015-01-29 07:20 - 2015-01-29 07:20 - 00535008 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp110.dll 2015-01-27 13:05 - 2015-01-27 13:05 - 00000000 ____D () C:\Program Files\Mozilla Firefox ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-24 14:13 - 2011-08-29 12:45 - 00000000 ____D () C:\Documents and Settings\Andrzej Dratwa\Ustawienia lokalne\Temp 2015-02-24 14:13 - 2011-08-29 12:45 - 00000000 ____D () C:\Documents and Settings\Andrzej Dratwa\Pulpit 2015-02-24 14:12 - 2011-08-29 14:37 - 00000159 _____ () C:\WINDOWS\wiadebug.log 2015-02-24 14:12 - 2011-08-29 14:37 - 00000050 _____ () C:\WINDOWS\wiaservc.log 2015-02-24 14:12 - 2011-08-29 12:45 - 00000000 __SHD () C:\Documents and Settings\LocalService\Ustawienia lokalne\Historia 2015-02-24 14:12 - 2011-08-29 12:45 - 00000000 __SHD () C:\Documents and Settings\Andrzej Dratwa\Ustawienia lokalne\Historia 2015-02-24 14:10 - 2011-08-29 14:34 - 00000000 ___SD () C:\Documents and Settings\Default User\Ustawienia lokalne\Historia 2015-02-24 14:10 - 2011-08-29 13:24 - 00000000 ____D () C:\WINDOWS\pss 2015-02-24 14:10 - 2011-08-29 12:45 - 00000188 ___SH () C:\Documents and Settings\Andrzej Dratwa\ntuser.ini 2015-02-24 14:10 - 2011-08-29 12:44 - 00000000 ___HD () C:\Documents and Settings\NetworkService\Ustawienia lokalne\Historia 2015-02-24 14:07 - 2011-08-29 14:34 - 00000000 ___RD () C:\Documents and Settings\All Users\Dokumenty 2015-02-24 14:03 - 2012-08-30 12:44 - 00000000 ____D () C:\Documents and Settings\Andrzej Dratwa\Dane aplikacji\LibreOffice 2015-02-24 13:24 - 2011-09-09 12:26 - 00077592 _____ () C:\Documents and Settings\Andrzej Dratwa\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT 2015-02-24 13:24 - 2011-08-29 12:45 - 00000000 __RHD () C:\Documents and Settings\Andrzej Dratwa\Dane aplikacji 2015-02-24 13:20 - 2012-08-30 13:29 - 00000436 _____ () C:\WINDOWS\system32\checkdnsid.xml 2015-02-24 12:50 - 2014-02-25 17:46 - 01136512 _____ (Puran Software) C:\WINDOWS\system32\PuranFD.exe 2015-02-23 16:54 - 2011-08-29 14:34 - 00311584 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2015-02-23 16:45 - 2012-08-30 12:42 - 00000000 ____D () C:\Program Files\LibreOffice 3.6 2015-02-23 16:45 - 2011-08-29 14:34 - 00000000 ___HD () C:\Documents and Settings\All Users\Szablony 2015-02-23 14:24 - 2011-08-29 14:34 - 00000000 __RHD () C:\Documents and Settings\All Users\Dane aplikacji 2015-02-23 14:12 - 2011-08-29 14:34 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy 2015-02-23 14:08 - 2012-09-03 15:55 - 00000000 ____D () C:\Documents and Settings\Andrzej Dratwa\Dane aplikacji\uTorrent 2015-02-23 14:08 - 2012-08-01 14:56 - 00000000 ____D () C:\Program Files\PDFCreator 2015-02-23 14:08 - 2012-01-19 13:29 - 00000000 ____D () C:\Documents and Settings\Andrzej Dratwa\Dane aplikacji\Azureus 2015-02-23 14:08 - 2011-09-05 11:35 - 00000000 ____D () C:\Documents and Settings\Andrzej Dratwa\Dane aplikacji\XnView 2015-02-23 14:08 - 2011-09-05 11:34 - 00000000 ____D () C:\Documents and Settings\Andrzej Dratwa\Dane aplikacji\Media Player Classic 2015-02-23 14:05 - 2011-08-29 12:45 - 00000000 ____D () C:\Documents and Settings\Andrzej Dratwa 2015-02-23 13:55 - 2011-08-29 14:35 - 01568596 ____C () C:\WINDOWS\system32\PerfStringBackup.INI 2015-02-23 13:55 - 2008-04-15 13:00 - 00667482 _____ () C:\WINDOWS\system32\perfh015.dat 2015-02-23 13:55 - 2008-04-15 13:00 - 00146418 _____ () C:\WINDOWS\system32\perfc015.dat 2015-02-23 13:51 - 2011-08-29 12:45 - 00000000 ___RD () C:\Documents and Settings\Andrzej Dratwa\Menu Start\Programy 2015-02-23 13:42 - 2011-08-29 14:34 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit 2015-02-23 13:42 - 2011-08-29 12:45 - 00000000 ___HD () C:\Documents and Settings\Andrzej Dratwa\Ustawienia lokalne\Dane aplikacji 2015-02-23 10:07 - 2008-04-15 13:00 - 00002422 _____ () C:\WINDOWS\system32\wpa.dbl 2015-02-21 13:05 - 2012-09-25 14:16 - 00000000 ____D () C:\Program Files\BiznesmenPRO 2015-02-20 15:40 - 2014-10-31 08:59 - 00000000 ____D () C:\Documents and Settings\Andrzej Dratwa\Pulpit\PolskDeaPrf583_Prf96 2015-02-17 14:37 - 2014-06-26 08:26 - 00000000 ____D () C:\Documents and Settings\Andrzej Dratwa\Moje dokumenty\Pobrane 2015-02-17 11:27 - 2011-09-05 12:13 - 00000000 ____D () C:\Documents and Settings\Andrzej Dratwa\Pulpit\PROGRAMY 2015-02-13 16:52 - 2011-08-29 12:45 - 00000000 ___RD () C:\Documents and Settings\Andrzej Dratwa\Moje dokumenty 2015-02-11 16:54 - 2011-09-05 12:11 - 00000000 ___RD () C:\Documents and Settings\Andrzej Dratwa\Moje dokumenty\śmieszne 2015-02-11 14:10 - 2013-10-11 14:04 - 00000000 ____D () C:\Documents and Settings\Andrzej Dratwa\Dane aplikacji\HpUpdate 2015-02-09 14:55 - 2011-09-20 10:39 - 00000000 ____D () C:\Documents and Settings\Andrzej Dratwa\Dane aplikacji\Adobe 2015-02-06 10:25 - 2014-11-17 09:00 - 00001032 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d0023c82fcff7a.job 2015-02-04 13:23 - 2013-10-11 14:03 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\HP 2015-02-03 12:46 - 2011-08-30 08:32 - 00000000 ____D () C:\Program Files\ALLPlayer 2015-02-03 12:46 - 2011-08-30 08:32 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\ALLPlayer 2015-02-03 11:32 - 2012-11-09 14:02 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Adobe 2015-01-28 10:46 - 2012-10-30 11:49 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service ==================== Files in the root of some directories ======= 2011-09-09 11:19 - 2013-03-18 09:21 - 0026112 _____ () C:\Documents and Settings\Andrzej Dratwa\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-02-08 12:24 - 2014-02-28 11:17 - 11464915 _____ () C:\Documents and Settings\Andrzej Dratwa\Ustawienia lokalne\Dane aplikacji\SocialSafe-Helper.log ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================