Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015 Ran by Mężczyzna (administrator) on MEZCZYZNA-PC on 16-03-2015 00:55:30 Running from C:\Users\Mężczyzna\Downloads Loaded Profiles: Mężczyzna (Available profiles: Mężczyzna) Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Polski (Polska) Internet Explorer Version 9 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Windows\System32\SLsvc.exe (Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe (TODO: <公司名稱>) C:\Program Files\OEM\OSD_1.16\OsdService.exe (Prolific Technology Inc.) C:\Windows\System32\IoctlSvc.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Fujitsu Siemens Computers) C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe (Realtek Semiconductor) C:\Windows\RtHDVCpl.exe (cyberlink) C:\Program Files\CyberLink\Shared Files\brs.exe (Cyberlink Corp.) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (ODM) C:\Program Files\OEM\OSD_1.16\osd.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe (Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) C:\Windows\System32\wuauclt.exe (Microsoft Corporation) C:\Windows\System32\conime.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe () C:\Users\Mężczyzna\Downloads\qytrfx1t.exe (Microsoft Corporation) C:\Windows\System32\conime.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation) HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [6139904 2008-05-13] (Realtek Semiconductor) HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [39792 2008-01-11] (Adobe Systems Incorporated) HKLM\...\Run: [FSCRecovery] => c:\Program Files\Fujitsu Siemens Computers\Fujitsu Siemens Computers Recovery\FSCRecoveryReminder.exe [268096 2008-05-08] (Fujitsu Siemens Computers GmbH) HKLM\...\Run: [BDRegion] => C:\Program Files\Cyberlink\Shared Files\brs.exe [91432 2007-11-16] (cyberlink) HKLM\...\Run: [RemoteControl] => C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [72736 2007-10-28] (Cyberlink Corp.) HKLM\...\Run: [LanguageShortcut] => C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [62760 2007-10-11] () HKLM\...\Run: [OSD] => C:\Program Files\OEM\OSD_1.16\osd.exe [376832 2008-06-18] (ODM) HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1826816 2007-11-20] (Realtek Semiconductor Corp.) HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1813152 2014-11-14] (Bitdefender) HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation) HKU\S-1-5-21-2321440703-4263156153-367547396-1000\...\Run: [Agent Portfela Bitdefender] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [670888 2014-11-14] (Bitdefender) HKU\S-1-5-21-2321440703-4263156153-367547396-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation) HKU\S-1-5-21-2321440703-4263156153-367547396-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [294912 2008-01-21] (Microsoft Corporation) HKU\S-1-5-18\...\Run: [fsc-reg] => C:\ProgramData\fsc-reg\fscreg.exe [381200 2008-05-29] (Fujitsu Siemens) ShellIconOverlayIdentifiers: [__SafeBox1] -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender) ShellIconOverlayIdentifiers: [__SafeBox2] -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender) ShellIconOverlayIdentifiers: [__SafeBox3] -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender) ShellIconOverlayIdentifiers: [__SafeBox4] -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hppp&ts=1426434272&from=smt&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808S5019350193 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=dspp&ts=1426434272&from=smt&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808S5019350193&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hppp&ts=1426434272&from=smt&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808S5019350193 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=dspp&ts=1426434272&from=smt&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808S5019350193&q={searchTerms} HKU\S-1-5-21-2321440703-4263156153-367547396-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=dspp&ts=1426434272&from=smt&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808S5019350193&q={searchTerms} HKU\S-1-5-21-2321440703-4263156153-367547396-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hppp&ts=1426434272&from=smt&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808S5019350193 HKU\S-1-5-21-2321440703-4263156153-367547396-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/pl-pl/?ocid=iehp HKU\S-1-5-21-2321440703-4263156153-367547396-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hppp&ts=1426434272&from=smt&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808S5019350193 HKU\S-1-5-21-2321440703-4263156153-367547396-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=dspp&ts=1426434272&from=smt&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808S5019350193&q={searchTerms} SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?type=dspp&ts=1426434272&from=smt&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808S5019350193&q={searchTerms} SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?type=dspp&ts=1426434272&from=smt&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808S5019350193&q={searchTerms} SearchScopes: HKU\S-1-5-21-2321440703-4263156153-367547396-1000 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.istartsurf.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&from=smt&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808S5019350193&ts=1426434299&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-2321440703-4263156153-367547396-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.istartsurf.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&from=smt&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808S5019350193&ts=1426434299&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-2321440703-4263156153-367547396-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.istartsurf.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&from=smt&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808S5019350193&ts=1426434299&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-2321440703-4263156153-367547396-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&from=smt&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808S5019350193&ts=1426434299&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-2321440703-4263156153-367547396-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://www.istartsurf.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&from=smt&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808S5019350193&ts=1426434299&type=default&q={searchTerms} BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22] (Adobe Systems Incorporated) BHO: Portfel Bitdefender -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2014-11-12] (Bitdefender) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-31] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-31] (Oracle Corporation) Toolbar: HKLM - Portfel Bitdefender - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2014-11-12] (Bitdefender) Toolbar: HKU\S-1-5-21-2321440703-4263156153-367547396-1000 -> Portfel Bitdefender - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2014-11-12] (Bitdefender) Tcpip\Parameters: [DhcpNameServer] 217.172.224.160 89.231.1.206 StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1426434200&from=smt&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808S5019350193 FireFox: ======== FF ProfilePath: C:\Users\Mężczyzna\AppData\Roaming\Mozilla\Firefox\Profiles\jbfn35hu.default FF SelectedSearchEngine: istartsurf FF Homepage: hxxp://www.istartsurf.com/?type=hppp&ts=1426434272&from=smt&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE808S5019350193 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_296.dll [2015-01-30] () FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-31] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-31] (Oracle Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation) FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\istartsurf.xml [2015-03-16] FF Extension: Perapera Chinese - C:\Users\Mężczyzna\AppData\Roaming\Mozilla\Firefox\Profiles\jbfn35hu.default\Extensions\chineseperakun@gmail.com [2015-01-13] FF Extension: YouTube mp3 - C:\Users\Mężczyzna\AppData\Roaming\Mozilla\Firefox\Profiles\jbfn35hu.default\Extensions\info@youtube-mp3.org.xpi [2015-03-01] FF HKLM\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdwteff FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\bdwteff [2015-01-13] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-01-17] FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2015-01-13] Chrome: ======= CHR HKLM\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - https://clients2.google.com/service/update2/crx ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [69880 2014-10-07] (Bitdefender) R2 OsdService; C:\Program Files\OEM\OSD_1.16\OsdService.exe [94208 2008-02-22] (TODO: <公司名稱>) [File not signed] R2 PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed] S4 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [81704 2013-07-08] (Bitdefender) R2 TestHandler; C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe [303104 2008-04-25] (Fujitsu Siemens Computers) [File not signed] R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [54424 2014-10-27] (Bitdefender) R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1291984 2014-11-14] (Bitdefender) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S4 ahcix86s; C:\Windows\system32\drivers\ahcix86s.sys [170000 2007-12-19] (AMD Technologies Inc.) R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1073160 2014-09-25] (BitDefender) R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [244480 2014-10-03] (BitDefender) R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [528248 2014-05-16] (BitDefender) R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [77632 2013-11-13] (BitDefender LLC) R1 bdftdif; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdftdif.sys [131432 2012-02-07] (BitDefender LLC) S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [66832 2013-11-04] (BitDefender SRL) R1 bdselfpr; C:\Program Files\Bitdefender\Bitdefender 2015\bdselfpr.sys [135600 2013-07-26] (BitDefender LLC) R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [72704 2012-04-17] (BitDefender) R3 GpdDevDPort; C:\Windows\system32\directport.sys [7168 2008-06-17] () [File not signed] R3 GpdKbFilter; C:\Windows\system32\kbfiltr.sys [8192 2008-03-31] (Windows (R) Codename Longhorn DDK provider) [File not signed] R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [165744 2013-08-23] (BitDefender LLC) S4 JRAID; C:\Windows\system32\drivers\jraid.sys [76688 2008-04-03] (JMicron Technology Corp.) R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [408280 2014-10-15] (BitDefender S.R.L.) R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B}; C:\Program Files\CyberLink\PowerDVD\000.fcl [41456 2007-11-03] (Cyberlink Corp.) S3 IpInIp; system32\DRIVERS\ipinip.sys [X] S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X] S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X] U3 pwdcauog; \??\C:\Users\MCZYZN~1\AppData\Local\Temp\pwdcauog.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-16 00:55 - 2015-03-16 00:55 - 00015999 _____ () C:\Users\Mężczyzna\Downloads\FRST.txt 2015-03-16 00:53 - 2015-03-16 00:55 - 00000000 ____D () C:\FRST 2015-03-16 00:37 - 2015-03-16 00:37 - 00380416 _____ () C:\Users\Mężczyzna\Downloads\qytrfx1t.exe 2015-03-16 00:36 - 2015-03-16 00:36 - 01135104 _____ (Farbar) C:\Users\Mężczyzna\Downloads\FRST.exe 2015-03-16 00:12 - 2015-03-16 00:13 - 00000000 ____D () C:\Users\Mężczyzna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 2015-03-15 16:45 - 2015-03-15 16:45 - 00000000 ____D () C:\ProgramData\IHProtectUpDate 2015-03-15 16:44 - 2015-03-16 00:22 - 00000000 ____D () C:\Program Files\XTab 2015-03-15 16:42 - 2015-03-16 00:06 - 00000000 ____D () C:\ProgramData\VistaCodecs 2015-03-15 16:41 - 2015-03-15 16:41 - 51669770 _____ () C:\Users\Mężczyzna\Downloads\VistaCodecs_v681.exe 2015-03-15 16:37 - 2015-03-15 16:38 - 00719064 _____ (Software ) C:\Users\Mężczyzna\Downloads\Vista-Codec-Package(13350)-dp.exe 2015-03-14 20:06 - 2015-03-14 20:12 - 00000000 ____D () C:\FreeOCR 2015-03-14 20:06 - 2015-03-14 20:06 - 00000000 ____D () C:\Users\Mężczyzna\AppData\Local\FreeOCR 2015-03-14 20:06 - 2015-03-14 20:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeOCR 2015-03-14 20:06 - 2007-03-10 09:11 - 02680320 _____ (HiComponents) C:\Windows\system32\ImageEnXLibrary.ocx 2015-03-14 20:05 - 2015-03-14 20:05 - 11322792 _____ ( ) C:\Users\Mężczyzna\Downloads\FreeOCR.net 5.4.1 [1].exe 2015-03-11 21:24 - 2015-03-11 21:38 - 00000000 ____D () C:\Users\Mężczyzna\HSK 2015-03-11 21:23 - 2015-03-11 21:23 - 00000000 ____D () C:\Users\Mężczyzna\AppData\Local\Ahead 2015-03-11 21:19 - 2015-03-11 21:19 - 00000000 ____D () C:\Users\Mężczyzna\AppData\Roaming\Nero 2015-03-06 22:52 - 2015-03-13 22:04 - 00000000 ____D () C:\Users\Mężczyzna\Documents\Polecane 2015-03-06 19:30 - 2015-03-06 19:30 - 00000000 ____D () C:\Users\Mężczyzna\Documents\Konsorcjum 2015-03-06 18:23 - 2015-03-06 18:24 - 03186873 _____ () C:\Users\Mężczyzna\Desktop\Tylu Cię kocha.pptx 2015-03-06 18:20 - 2015-03-06 18:21 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2015-03-03 22:31 - 2015-03-03 22:31 - 01110476 _____ () C:\Users\Mężczyzna\Downloads\7z920(dobreprogramy.pl).exe 2015-03-03 22:31 - 2015-03-03 22:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2015-03-03 22:31 - 2015-03-03 22:31 - 00000000 ____D () C:\Program Files\7-Zip 2015-03-03 21:48 - 2015-03-06 20:44 - 00000000 ____D () C:\Users\Mężczyzna\Documents\Mail po 1. posiedzeniu Rady Konsorcjum 2015-03-01 17:19 - 2015-03-15 01:09 - 00000892 _____ () C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job 2015-03-01 16:32 - 2015-03-01 16:32 - 00000365 _____ () C:\Users\Mężczyzna\Pobieranie — skrót.lnk 2015-03-01 16:28 - 2015-03-14 21:58 - 00000000 ____D () C:\Users\Mężczyzna\Documents\Arbitraż 2015-03-01 16:23 - 2015-03-15 23:29 - 00000852 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-16 00:26 - 2014-12-21 02:15 - 01653878 _____ () C:\Windows\WindowsUpdate.log 2015-03-16 00:18 - 2008-04-14 15:18 - 01613794 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-03-16 00:18 - 2008-04-14 14:31 - 00714160 _____ () C:\Windows\system32\perfh015.dat 2015-03-16 00:18 - 2008-04-14 14:31 - 00151000 _____ () C:\Windows\system32\perfc015.dat 2015-03-16 00:13 - 2006-11-02 13:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2015-03-16 00:13 - 2006-11-02 13:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2015-03-16 00:12 - 2008-07-03 17:49 - 00146456 _____ () C:\ProgramData\nvModes.dat 2015-03-16 00:12 - 2008-07-03 17:49 - 00146456 _____ () C:\ProgramData\nvModes.001 2015-03-16 00:11 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-03-16 00:09 - 2006-11-02 14:01 - 00029766 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2015-03-15 23:45 - 2015-01-29 23:51 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2015-03-15 23:45 - 2015-01-20 19:02 - 00000000 ____D () C:\Program Files\Opera 2015-03-15 23:45 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\spool 2015-03-15 23:45 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\registration 2015-03-15 23:35 - 2015-01-18 01:39 - 00003112 _____ () C:\Windows\system32\spsys.log 2015-03-15 23:29 - 2015-01-20 19:02 - 00000797 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2015-03-15 23:29 - 2015-01-13 23:06 - 00000864 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-03-15 23:29 - 2014-12-21 02:27 - 00000955 _____ () C:\Users\Mężczyzna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-03-15 16:35 - 2014-12-25 19:04 - 00005632 _____ () C:\Users\Mężczyzna\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-03-11 21:24 - 2014-12-21 02:26 - 00000000 ____D () C:\Users\Mężczyzna 2015-03-02 13:30 - 2006-11-02 13:52 - 00132153 _____ () C:\Windows\setupact.log 2015-03-01 22:41 - 2008-01-21 03:47 - 00012708 _____ () C:\Windows\PFRO.log 2015-03-01 17:19 - 2015-01-14 00:09 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2015-03-01 17:19 - 2015-01-14 00:09 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2015-03-01 17:18 - 2014-12-21 02:26 - 00000000 ____D () C:\Users\Mężczyzna\AppData\Local\Adobe ==================== Files in the root of some directories ======= 2014-12-25 19:04 - 2015-03-15 16:35 - 0005632 _____ () C:\Users\Mężczyzna\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-01-13 23:49 - 2015-01-13 23:49 - 0612802 _____ () C:\ProgramData\1421188963.bdinstall.bin 2008-07-03 17:49 - 2015-03-16 00:12 - 0146456 _____ () C:\ProgramData\nvModes.001 2008-07-03 17:49 - 2015-03-16 00:12 - 0146456 _____ () C:\ProgramData\nvModes.dat Some content of TEMP: ==================== C:\Users\Mężczyzna\AppData\Local\Temp\bitool.dll C:\Users\Mężczyzna\AppData\Local\Temp\smt_istartsurf.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-03-16 00:17 ==================== End Of Log ============================