Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-04-2015 04 Ran by Maciek (administrator) on WINOGROD-9380CD on 16-04-2015 16:11:55 Running from C:\Documents and Settings\Maciek\Pulpit Loaded Profiles: Maciek (Available profiles: Maciek) Platform: Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polski Internet Explorer Version 8 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Creative Technology Ltd.) C:\WINDOWS\system32\devldr32.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe (Creative Technology Ltd.) C:\Program Files\Creative\SBLive\AudioHQ\ahqtb.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (Creative Technology Ltd) C:\WINDOWS\system32\CTSVCCDA.EXE (Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe (Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe (Autodesk, Inc.) C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe (Microsoft Corporation) C:\WINDOWS\system32\MsPMSPSv.exe (WIBU-SYSTEMS AG) C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe (Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup HKLM\...\Run: [nwiz] => nwiz.exe /install HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit HKLM\...\Run: [GEST] => = HKLM\...\Run: [Disc Detector] => C:\Program Files\Creative\ShareDLL\CtNotify.exe HKLM\...\Run: [UpdReg] => C:\WINDOWS\Updreg.exe [90112 2000-05-11] (Creative Technology Ltd.) HKLM\...\Run: [AHQInit] => C:\Program Files\Creative\SBLive\Program\AHQInit.exe [102400 2001-05-10] (Creative Technology Ltd) HKLM\...\Run: [AudioHQ] => C:\Program Files\Creative\SBLive\AudioHQ\AHQTB.EXE [180224 2001-08-17] (Creative Technology Ltd.) HKLM\...\Run: [CTAvTray] => C:\Program Files\Creative\SBLive\Program\CTAvTray.EXE HKLM\...\Run: [avast] => C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [332288 2010-12-17] () HKLM\...\Run: [NeroCheck] => C:\WINDOWS\system32\NeroCheck.exe [155648 2001-08-06] (Ahead Software Gmbh) HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG) HKLM\...\Run: [mobilegeni daemon] => C:\Program Files\Mobogenie\DaemonProcess.exe HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation) HKU\S-1-5-21-1229272821-789336058-1801674531-1003\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [153136 2007-06-01] (Nero AG) HKU\S-1-5-21-1229272821-789336058-1801674531-1003\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [451872 2007-07-18] (Hewlett-Packard Company) HKU\S-1-5-21-1229272821-789336058-1801674531-1003\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd) HKU\S-1-5-21-1229272821-789336058-1801674531-1003\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [894344 2013-02-05] (Autodesk, Inc.) HKU\S-1-5-21-1229272821-789336058-1801674531-1003\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x5F000000 HKU\S-1-5-21-1229272821-789336058-1801674531-1003\...\Policies\Explorer: [] HKU\S-1-5-21-1229272821-789336058-1801674531-1003\...\MountPoints2: {03544e42-fd2c-11e2-bdec-0020edffffff} - M:\install.exe HKU\S-1-5-21-1229272821-789336058-1801674531-1003\...\MountPoints2: {2b16926a-17e1-11e4-9f91-0020edffffff} - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL GuegAe.Exe HKU\S-1-5-21-1229272821-789336058-1801674531-1003\...\MountPoints2: {2b169285-17e1-11e4-9f91-0020edffffff} - M:\LGAutoRun.exe HKU\S-1-5-21-1229272821-789336058-1801674531-1003\...\MountPoints2: {4391fefb-5a8a-11e3-9c9a-0020edffffff} - L:\SETUP.EXE HKU\S-1-5-21-1229272821-789336058-1801674531-1003\...\MountPoints2: {8db71596-47e6-11e4-a029-0020edffffff} - M:\Startme.exe HKU\S-1-5-21-1229272821-789336058-1801674531-1003\...\MountPoints2: {c66b6faa-5d39-11e4-a073-0020edffffff} - M:\Startme.exe HKU\S-1-5-21-1229272821-789336058-1801674531-1003\...\MountPoints2: {faa33d50-2f2e-11e3-9bd4-0020edffffff} - L:\Startme.exe HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [894344 2013-02-05] (Autodesk, Inc.) Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\McAfee Security Scan Plus.lnk ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.) Startup: C:\Documents and Settings\Maciek\Menu Start\Programy\Autostart\16B.tmp () Startup: C:\Documents and Settings\Maciek\Menu Start\Programy\Autostart\sign.bmp () ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software) ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll (Autodesk, Inc.) ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.) CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\S-1-5-21-1229272821-789336058-1801674531-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=dspp&ts=1420993831&from=cor&uid=SAMSUNGXHD252HJ_S17HJDWQA06107&q={searchTerms} SearchScopes: HKU\S-1-5-21-1229272821-789336058-1801674531-1003 -> DefaultScope {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^PL&apn_uid=CFF8E933-8E17-4C7D-8158-65C2CF33152E&apn_sauid=9AC4230A-F7C9-449D-BFE5-7BA08C1F44B2 SearchScopes: HKU\S-1-5-21-1229272821-789336058-1801674531-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1229272821-789336058-1801674531-1003 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^PL&apn_uid=CFF8E933-8E17-4C7D-8158-65C2CF33152E&apn_sauid=9AC4230A-F7C9-449D-BFE5-7BA08C1F44B2 SearchScopes: HKU\S-1-5-21-1229272821-789336058-1801674531-1003 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-12-04] (Oracle Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-08-30] (AVAST Software) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-12-04] (Oracle Corporation) Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-08-30] (AVAST Software) Toolbar: HKU\S-1-5-21-1229272821-789336058-1801674531-1003 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File Tcpip\Parameters: [DhcpNameServer] 192.168.168.254 80.48.136.251 FireFox: ======== FF ProfilePath: C:\Documents and Settings\Maciek\Dane aplikacji\Mozilla\Firefox\Profiles\btkuyj28.default-1429192896750 FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-16] () FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-12-04] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-12-04] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-06-07] (VideoLAN) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-08-05] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll [2012-06-28] (Nullsoft, Inc.) FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-06-15] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-12-09] FF HKU\S-1-5-21-1229272821-789336058-1801674531-1003\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\Documents and Settings\All Users\Dane aplikacji\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi FF Extension: McAfee Security Scan Plus - C:\Documents and Settings\All Users\Dane aplikacji\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] Chrome: ======= CHR StartupUrls: Default -> "hxxp://isearch.omiga-plus.com/?type=hppp&ts=1420993831&from=cor&uid=SAMSUNGXHD252HJ_S17HJDWQA06107" CHR DefaultSearchKeyword: Default -> omiga-plus CHR DefaultSuggestURL: Default -> CHR Profile: C:\Documents and Settings\Maciek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Documents and Settings\Maciek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-08] CHR Extension: (Google Drive) - C:\Documents and Settings\Maciek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-08] CHR Extension: (YouTube) - C:\Documents and Settings\Maciek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-08] CHR Extension: (Google Search) - C:\Documents and Settings\Maciek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-08] CHR Extension: (Google Wallet) - C:\Documents and Settings\Maciek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-08] CHR Extension: (Gmail) - C:\Documents and Settings\Maciek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-08] CHR HKLM\...\Chrome\Extension: [aaaaojmikegpiepcfdkkjaplodkpfmlo] - C:\Documents and Settings\Maciek\Ustawienia lokalne\Dane aplikacji\APN\GoogleCRXs\apnorjtoolbar.crx [Not Found] CHR HKLM\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.google.com/service/update2/crx ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software) R2 CodeMeter.exe; C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe [2571704 2012-12-03] (WIBU-SYSTEMS AG) R2 Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.EXE [44032 1999-12-13] (Creative Technology Ltd) [File not signed] S3 FlexNet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1064312 2014-01-18] (Flexera Software LLC) R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-12-04] (Oracle Corporation) S3 lxcg_device; C:\WINDOWS\system32\lxcgcoms.exe [491520 2005-04-15] () R4 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.) R2 mitsijm2014; C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe [723744 2013-01-25] (Autodesk, Inc.) R2 WMDM PMSP Service; C:\WINDOWS\system32\MsPMSPSv.exe [53520 2000-06-26] (Microsoft Corporation) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 aswFsBlk; C:\WINDOWS\system32\Drivers\aswFsBlk.sys [29816 2013-08-30] (AVAST Software) R1 aswKbd; C:\WINDOWS\system32\Drivers\aswKbd.sys [21576 2013-08-30] (AVAST Software) R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [66336 2013-08-30] (AVAST Software) R1 AswRdr; C:\WINDOWS\system32\Drivers\AswRdr.sys [49760 2013-08-30] (AVAST Software) R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49376 2013-08-30] () R1 aswSnx; C:\WINDOWS\system32\Drivers\aswSnx.sys [770784 2014-12-01] (AVAST Software) R1 aswSP; C:\WINDOWS\system32\Drivers\aswSP.sys [369584 2013-08-30] (AVAST Software) R1 aswTdi; C:\WINDOWS\system32\Drivers\aswTdi.sys [56080 2013-08-30] (AVAST Software) R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [177864 2013-08-30] () R3 ctljystk; C:\WINDOWS\System32\DRIVERS\ctljystk.sys [3712 2001-08-17] (Creative Technology Ltd.) R1 dtsoftbus01; C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [243128 2013-12-01] (Disc Soft Ltd) R3 emu10k; C:\WINDOWS\System32\drivers\emu10k1f.sys [775296 2001-08-14] (Creative Technology Ltd.) R3 emu10k1; C:\WINDOWS\System32\drivers\ctlface.sys [6912 2001-07-11] (Creative Technology Ltd.) R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-14] (Microsoft Corporation) S3 gdrv; C:\WINDOWS\gdrv.sys [16608 2013-06-15] (Windows (R) 2000 DDK provider) R2 PfModNT; C:\WINDOWS\system32\PfModNT.sys [6752 1999-12-17] (Creative Technology Ltd.) [File not signed] R3 sfman; C:\WINDOWS\System32\drivers\sfman.sys [36992 2001-08-31] (Creative Technology Ltd.) R2 SSPORT; C:\WINDOWS\system32\Drivers\SSPORT.sys [5120 2010-12-23] (Samsung Electronics) [File not signed] R1 tStLibG; C:\WINDOWS\System32\drivers\tStLibG.sys [55232 2014-04-16] (StdLib) S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X] S4 IntelIde; No ImagePath R3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X] U1 WS2IFSL; No ImagePath ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-16 16:11 - 2015-04-16 16:12 - 00019460 _____ () C:\Documents and Settings\Maciek\Pulpit\FRST.txt 2015-04-16 16:10 - 2015-04-16 16:11 - 00000000 ____D () C:\FRST 2015-04-16 16:10 - 2015-04-16 16:10 - 01137152 _____ (Farbar) C:\Documents and Settings\Maciek\Pulpit\FRST.exe 2015-04-16 15:54 - 2015-04-16 15:54 - 18178736 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe 2015-04-16 15:51 - 2015-04-16 15:51 - 00000000 ____H () C:\Documents and Settings\All Users\Dane aplikacji\cm-lock 2015-04-15 21:22 - 2015-04-15 21:22 - 00000000 ___HD () C:\WINDOWS\PIF 2015-04-15 21:22 - 2015-04-15 21:22 - 00000000 ____D () C:\WINDOWS\455F074C814E4520B69B5584BD90400C.TMP 2015-04-15 21:22 - 2015-04-15 21:22 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard 2015-04-15 20:44 - 2015-04-16 15:53 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware 2015-04-15 20:44 - 2015-04-15 20:44 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes 2015-04-15 19:42 - 2015-04-15 19:42 - 00000000 ____D () C:\Program Files\Enigma Software Group 2015-04-15 14:56 - 2015-04-15 14:56 - 00401942 _____ () C:\Documents and Settings\Maciek\Dane aplikacji\sign.bmp 2015-04-13 16:51 - 2015-04-15 14:48 - 02931672 _____ () C:\Documents and Settings\Maciek\Pulpit\1_tokarka_konwencjonalna.pdf.id-7656544852_fudx@lycos.com 2015-04-13 13:57 - 2015-04-15 14:50 - 00963744 _____ () C:\Documents and Settings\Maciek\Pulpit\model1.pdf.id-7656544852_fudx@lycos.com 2015-04-12 19:33 - 2015-04-15 14:48 - 00021236 _____ () C:\Documents and Settings\Maciek\Pulpit\excel 3,5.xlsx.id-7656544852_fudx@lycos.com 2015-04-12 18:26 - 2015-04-15 14:48 - 00012212 _____ () C:\Documents and Settings\Maciek\Pulpit\excel-projekt-z-zielckiego.xlsx.id-7656544852_fudx@lycos.com 2015-04-11 13:19 - 2015-04-15 14:51 - 00000000 ____D () C:\Documents and Settings\Maciek\Pulpit\skany do projektu 2015-04-08 09:17 - 2015-04-15 14:51 - 00334598 _____ () C:\Documents and Settings\Maciek\Pulpit\projekt-Maciej Winogrodzki.pdf.id-7656544852_fudx@lycos.com 2015-04-07 13:22 - 2015-04-07 13:22 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Lexmark 2300 Series 2015-04-07 13:22 - 2005-06-16 12:15 - 00001214 ____R () C:\WINDOWS\system32\lxcg.loc 2015-04-07 13:20 - 2015-04-07 13:20 - 00000000 ____D () C:\Program Files\Lexmark 2300 Series 2015-04-07 13:20 - 2005-05-11 11:29 - 00102400 _____ () C:\WINDOWS\system32\lxcginsr.dll 2015-04-07 13:20 - 2005-05-11 11:29 - 00036864 _____ () C:\WINDOWS\system32\lxcgcur.dll 2015-04-07 13:20 - 2005-05-11 11:28 - 00126976 _____ () C:\WINDOWS\system32\lxcgjswr.dll 2015-04-07 13:20 - 2005-05-10 14:04 - 00172032 _____ (Lexmark International, Inc.) C:\WINDOWS\system32\lxcginsb.dll 2015-04-07 13:20 - 2005-05-10 14:04 - 00131072 _____ (Lexmark International, Inc.) C:\WINDOWS\system32\lxcgins.dll 2015-04-07 13:20 - 2005-05-10 14:04 - 00086016 _____ (Lexmark International, Inc.) C:\WINDOWS\system32\lxcgcub.dll 2015-04-07 13:20 - 2005-05-10 14:04 - 00073728 _____ (Lexmark International, Inc.) C:\WINDOWS\system32\lxcgcu.dll 2015-04-07 13:20 - 2005-05-10 14:02 - 00385024 _____ (Lexmark International, Inc.) C:\WINDOWS\system32\lxcgutil.dll 2015-04-07 13:20 - 2005-05-04 00:03 - 01126725 _____ () C:\WINDOWS\system32\lxcghelp.hlp 2015-04-07 13:20 - 2005-05-03 23:56 - 00008536 _____ () C:\WINDOWS\system32\lxcghelp.cnt 2015-04-07 13:20 - 2005-04-15 23:24 - 01191936 _____ () C:\WINDOWS\system32\lxcgserv.dll 2015-04-07 13:20 - 2005-04-15 23:18 - 00483328 _____ () C:\WINDOWS\system32\lxcglmpm.dll 2015-04-07 13:20 - 2005-04-15 23:18 - 00413696 _____ () C:\WINDOWS\system32\lxcgcomm.dll 2015-04-07 13:20 - 2005-04-15 23:16 - 00372736 _____ () C:\WINDOWS\system32\lxcgih.exe 2015-04-07 13:20 - 2005-04-15 23:15 - 00491520 _____ () C:\WINDOWS\system32\lxcgcoms.exe 2015-04-07 13:20 - 2005-04-15 23:15 - 00114688 _____ () C:\WINDOWS\system32\lxcgpplc.dll 2015-04-07 13:20 - 2005-04-15 23:14 - 00708608 _____ () C:\WINDOWS\system32\lxcgcomc.dll 2015-04-07 13:20 - 2005-04-15 23:13 - 00155648 _____ () C:\WINDOWS\system32\lxcgprox.dll 2015-04-07 13:20 - 2005-04-15 23:06 - 01134592 _____ () C:\WINDOWS\system32\lxcgusb1.dll 2015-04-07 13:20 - 2005-03-15 12:55 - 00983121 _____ (Microsoft Corporation) C:\WINDOWS\system32\lxcggf.dll 2015-04-07 13:20 - 2005-03-14 11:45 - 00040960 _____ () C:\WINDOWS\system32\lxcgvs.dll 2015-04-07 13:17 - 2015-04-07 13:17 - 00000000 ____D () C:\Documents and Settings\Maciek\Ustawienia lokalne\Dane aplikacji\Help 2015-04-07 13:17 - 2015-04-07 13:17 - 00000000 ____D () C:\Documents and Settings\Maciek\Dane aplikacji\Help 2015-04-07 13:14 - 2015-04-15 14:56 - 00000900 _____ () C:\LXCGINST.csv.id-7656544852_fudx@lycos.com 2015-04-07 13:14 - 2015-04-15 14:56 - 00000004 _____ () C:\lxcgfire.csv.id-7656544852_fudx@lycos.com 2015-04-07 13:14 - 2015-04-07 13:19 - 00001051 _____ () C:\LXCGINST.001 2015-04-07 13:14 - 2015-04-07 13:17 - 00000000 _____ () C:\lxcgfire.001 2015-04-07 13:14 - 2015-04-07 13:14 - 00001051 _____ () C:\LXCGINST.000 2015-04-07 13:14 - 2015-04-07 13:14 - 00000000 _____ () C:\lxcgfire.000 2015-04-07 13:14 - 2001-10-26 17:29 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiafbdrv.dll 2015-04-07 13:13 - 2015-04-07 13:23 - 00001091 _____ () C:\CDFE.log 2015-04-07 12:58 - 2015-04-15 14:50 - 00000000 ____D () C:\Documents and Settings\Maciek\Pulpit\katalog 2015-04-06 18:09 - 2015-04-15 14:56 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2015-03-31 13:34 - 2015-04-15 14:51 - 01061505 _____ () C:\Documents and Settings\Maciek\Pulpit\PROJEKT-Z-ZARZĄDZANIA-PRODUKCJĄ-I-USŁUGAMI.docx.id-7656544852_fudx@lycos.com 2015-03-31 13:31 - 2015-04-15 14:51 - 00000000 ____D () C:\Documents and Settings\Maciek\Pulpit\systemy 2015-03-29 16:23 - 2015-04-11 13:54 - 00000000 ____D () C:\Documents and Settings\Maciek\Pulpit\UMF 2015 2015-03-23 17:52 - 2015-03-23 17:52 - 00000000 ____D () C:\Documents and Settings\Maciek\Pulpit\Skan 2015-03-23 17:32 - 2015-04-15 14:50 - 00068214 _____ () C:\Documents and Settings\Maciek\Pulpit\moje obliczenia.docx.id-7656544852_fudx@lycos.com 2015-03-22 19:51 - 2015-04-15 14:51 - 00061305 _____ () C:\Documents and Settings\Maciek\Pulpit\OBLICZENIA-WSTĘPNE.docx.id-7656544852_fudx@lycos.com 2015-03-22 18:50 - 2015-03-22 18:50 - 00000000 ____D () C:\Documents and Settings\Maciek\Ustawienia lokalne\Dane aplikacji\Opera Software 2015-03-22 18:49 - 2015-04-16 15:51 - 00000458 _____ () C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1427042984.job 2015-03-22 18:49 - 2015-03-22 18:49 - 00000675 _____ () C:\Documents and Settings\All Users\Menu Start\Programy\Opera.lnk 2015-03-22 18:49 - 2015-03-22 18:49 - 00000000 ____D () C:\Documents and Settings\Maciek\Dane aplikacji\Opera Software 2015-03-22 18:48 - 2015-04-08 18:51 - 00000000 ____D () C:\Program Files\Opera 2015-03-19 14:39 - 2015-04-06 20:05 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2015-03-19 14:39 - 2015-03-19 14:39 - 00000730 _____ () C:\Documents and Settings\All Users\Menu Start\Programy\Mozilla Firefox.lnk 2015-03-19 14:39 - 2015-03-19 14:39 - 00000724 _____ () C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-16 16:12 - 2013-06-15 13:04 - 00000000 ____D () C:\Documents and Settings\Maciek\Ustawienia lokalne\Temp 2015-04-16 16:11 - 2013-06-15 13:04 - 00000000 ____D () C:\Documents and Settings\Maciek\Pulpit 2015-04-16 16:10 - 2014-11-17 19:50 - 00000000 ____D () C:\Documents and Settings\Maciek\Moje dokumenty\Pobrane 2015-04-16 15:57 - 2013-06-15 12:59 - 00378960 _____ () C:\WINDOWS\WindowsUpdate.log 2015-04-16 15:54 - 2013-06-15 13:50 - 00778416 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2015-04-16 15:54 - 2013-06-15 13:50 - 00142512 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2015-04-16 15:54 - 2013-06-15 13:50 - 00000930 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-04-16 15:53 - 2013-06-15 14:52 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy 2015-04-16 15:53 - 2013-06-15 14:52 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit 2015-04-16 15:52 - 2013-06-15 14:15 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job 2015-04-16 15:51 - 2013-09-08 12:49 - 00001032 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-04-16 15:51 - 2013-06-15 14:55 - 00000159 _____ () C:\WINDOWS\wiadebug.log 2015-04-16 15:51 - 2013-06-15 14:55 - 00000050 _____ () C:\WINDOWS\wiaservc.log 2015-04-16 15:51 - 2013-06-15 14:52 - 01288994 _____ () C:\WINDOWS\setupapi.log 2015-04-16 15:51 - 2013-06-15 14:52 - 00000000 __RHD () C:\Documents and Settings\All Users\Dane aplikacji 2015-04-16 15:51 - 2013-06-15 13:13 - 00195011 _____ () C:\WINDOWS\system32\nvapps.xml 2015-04-16 15:51 - 2013-06-15 13:03 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2015-04-15 21:26 - 2013-06-15 13:03 - 00032558 _____ () C:\WINDOWS\SchedLgU.Txt 2015-04-15 21:22 - 2013-06-19 10:04 - 00000000 ____D () C:\Documents and Settings\Maciek\Menu Start\Programy\Virtual DJ 2015-04-15 21:22 - 2013-06-15 13:04 - 00000000 __RHD () C:\Documents and Settings\Maciek\Dane aplikacji 2015-04-15 21:22 - 2013-06-15 13:04 - 00000000 ___RD () C:\Documents and Settings\Maciek\Menu Start\Programy 2015-04-15 20:57 - 2013-06-15 13:04 - 00000000 ___RD () C:\Documents and Settings\Maciek\Moje dokumenty 2015-04-15 20:50 - 2013-09-08 12:49 - 00001036 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-04-15 19:55 - 2013-06-15 13:04 - 00001599 _____ () C:\Documents and Settings\Maciek\Menu Start\Programy\Pomoc zdalna.lnk 2015-04-15 19:55 - 2013-06-15 13:00 - 00001607 _____ () C:\Documents and Settings\All Users\Menu Start\Określ dostęp do programów i ich ustawienia domyślne.lnk 2015-04-15 19:55 - 2013-06-15 13:00 - 00001599 _____ () C:\Documents and Settings\Default User\Menu Start\Programy\Pomoc zdalna.lnk 2015-04-15 19:55 - 2013-06-15 13:00 - 00001507 _____ () C:\Documents and Settings\All Users\Menu Start\Windows Update.lnk 2015-04-15 19:32 - 2013-06-15 14:53 - 00010306 _____ () C:\WINDOWS\netfxocm.log 2015-04-15 19:32 - 2013-06-15 14:53 - 00004625 _____ () C:\WINDOWS\MedCtrOC.log 2015-04-15 19:32 - 2013-06-15 14:53 - 00003367 _____ () C:\WINDOWS\ocmsn.log 2015-04-15 19:32 - 2013-06-15 14:53 - 00003174 _____ () C:\WINDOWS\tabletoc.log 2015-04-15 19:32 - 2013-06-15 14:52 - 00089172 _____ () C:\WINDOWS\iis6.log 2015-04-15 19:32 - 2013-06-15 14:52 - 00049850 _____ () C:\WINDOWS\FaxSetup.log 2015-04-15 19:32 - 2013-06-15 14:52 - 00038228 _____ () C:\WINDOWS\ocgen.log 2015-04-15 19:32 - 2013-06-15 14:52 - 00031325 _____ () C:\WINDOWS\tsoc.log 2015-04-15 19:32 - 2013-06-15 14:52 - 00029272 _____ () C:\WINDOWS\comsetup.log 2015-04-15 19:32 - 2013-06-15 14:52 - 00021758 _____ () C:\WINDOWS\msmqinst.log 2015-04-15 19:32 - 2013-06-15 14:52 - 00016594 _____ () C:\WINDOWS\ntdtcsetup.log 2015-04-15 19:32 - 2013-06-15 14:52 - 00003065 _____ () C:\WINDOWS\msgsocm.log 2015-04-15 19:32 - 2013-06-15 14:52 - 00001917 _____ () C:\WINDOWS\imsins.log 2015-04-15 17:55 - 2013-09-08 12:54 - 00001819 _____ () C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk 2015-04-15 14:56 - 2013-06-15 13:04 - 00000000 ___RD () C:\Documents and Settings\Maciek\Menu Start\Programy\Autostart 2015-04-15 14:51 - 2015-03-10 22:54 - 01450540 _____ () C:\Documents and Settings\Maciek\Pulpit\prezentacja- Maciej Winogrodzki.pptx.id-7656544852_fudx@lycos.com 2015-04-15 14:51 - 2015-03-10 22:50 - 00000000 ____D () C:\Documents and Settings\Maciek\Pulpit\mpp_1ed 2015-04-15 14:51 - 2014-12-07 18:16 - 00014052 _____ () C:\Documents and Settings\Maciek\Pulpit\SPLIT 3 x w tyg.docx.id-7656544852_fudx@lycos.com 2015-04-15 14:51 - 2014-08-05 11:02 - 00014468 _____ () C:\Documents and Settings\Maciek\Pulpit\przetwory.docx.id-7656544852_fudx@lycos.com 2015-04-15 14:51 - 2014-03-23 19:38 - 00000000 ____D () C:\Documents and Settings\Maciek\Pulpit\Wolf_of_Wall_Street_The_2013_(NAPISY-123509).NS 2015-04-15 14:51 - 2014-03-23 19:37 - 00073245 _____ () C:\Documents and Settings\Maciek\Pulpit\Wolf_of_Wall_Street_The_2013_(NAPISY-123506).NS.zip.id-7656544852_fudx@lycos.com 2015-04-15 14:51 - 2014-03-23 19:37 - 00072143 _____ () C:\Documents and Settings\Maciek\Pulpit\Wolf_of_Wall_Street_The_2013_(NAPISY-123509).NS.zip.id-7656544852_fudx@lycos.com 2015-04-15 14:51 - 2014-03-23 19:29 - 1484411690 _____ () C:\Documents and Settings\Maciek\Pulpit\The Wolf of Wall Street [2013] BRRip XViD[AC3]juggs[ETRG].avi.id-7656544852_fudx@lycos.com 2015-04-15 14:51 - 2014-03-14 16:42 - 00000000 ____D () C:\Documents and Settings\Maciek\Pulpit\monika grafiki 2015-04-15 14:51 - 2013-06-15 13:04 - 00000000 ___HD () C:\Documents and Settings\Maciek\Szablony 2015-04-15 14:50 - 2015-01-30 19:57 - 00386632 _____ () C:\Documents and Settings\Maciek\Pulpit\magnetic_2015_990_8410.pdf.id-7656544852_fudx@lycos.com 2015-04-15 14:50 - 2015-01-30 19:57 - 00386631 _____ () C:\Documents and Settings\Maciek\Pulpit\magnetic_2015_990_8409.pdf.id-7656544852_fudx@lycos.com 2015-04-15 14:50 - 2015-01-04 22:17 - 3510819508 _____ () C:\Documents and Settings\Maciek\Pulpit\Ida 2013 720p BluRay DTS x264-CiNEFiLE.mkv.id-7656544852_fudx@lycos.com 2015-04-15 14:50 - 2014-10-29 20:57 - 16071099 _____ () C:\Documents and Settings\Maciek\Pulpit\Instrukcja obsługi - Opel Astra II.pdf.id-7656544852_fudx@lycos.com 2015-04-15 14:50 - 2014-09-20 20:41 - 00058234 _____ () C:\Documents and Settings\Maciek\Pulpit\License.txt.id-7656544852_fudx@lycos.com 2015-04-15 14:49 - 2014-01-14 15:03 - 00024580 _____ () C:\Documents and Settings\Maciek\Moje dokumenty\Animals.doc.id-7656544852_fudx@lycos.com 2015-04-15 14:49 - 2014-01-14 14:45 - 00024580 _____ () C:\Documents and Settings\Maciek\Moje dokumenty\blue night.doc.id-7656544852_fudx@lycos.com 2015-04-15 14:49 - 2014-01-14 14:20 - 00024580 _____ () C:\Documents and Settings\Maciek\Moje dokumenty\Complicated heart.doc.id-7656544852_fudx@lycos.com 2015-04-15 14:49 - 2013-09-23 12:50 - 00000000 ____D () C:\Documents and Settings\Maciek\Moje dokumenty\FIFA 09 2015-04-15 14:49 - 2013-06-15 15:12 - 00000000 ___SD () C:\Documents and Settings\Maciek\GG dysk 2015-04-15 14:48 - 2015-01-04 22:25 - 00876550 _____ () C:\Documents and Settings\Maciek\Pulpit\DSC03758.JPG.id-7656544852_fudx@lycos.com 2015-04-15 14:48 - 2015-01-04 22:25 - 00871589 _____ () C:\Documents and Settings\Maciek\Pulpit\DSC03760.JPG.id-7656544852_fudx@lycos.com 2015-04-15 14:48 - 2015-01-04 22:25 - 00832376 _____ () C:\Documents and Settings\Maciek\Pulpit\DSC03761.JPG.id-7656544852_fudx@lycos.com 2015-04-15 14:48 - 2015-01-04 22:25 - 00746977 _____ () C:\Documents and Settings\Maciek\Pulpit\DSC03759.JPG.id-7656544852_fudx@lycos.com 2015-04-15 14:48 - 2014-12-07 18:14 - 00013908 _____ () C:\Documents and Settings\Maciek\Pulpit\FBW - tydz DRUGI i TRZECI.docx.id-7656544852_fudx@lycos.com 2015-04-15 14:48 - 2014-12-07 18:13 - 00013812 _____ () C:\Documents and Settings\Maciek\Pulpit\FBW - tydz PIERWSZY.docx.id-7656544852_fudx@lycos.com 2015-04-15 14:48 - 2014-07-14 11:04 - 132038046 _____ () C:\Documents and Settings\Maciek\Pulpit\01_wejscie.avi.id-7656544852_fudx@lycos.com 2015-04-15 14:48 - 2014-03-23 19:28 - 1463055022 _____ () C:\Documents and Settings\Maciek\Pulpit\12.Years.A.Slave.2013 HDRip XViD juggs.avi.id-7656544852_fudx@lycos.com 2015-04-15 14:48 - 2014-01-17 17:42 - 00000020 _____ () C:\Documents and Settings\Maciek\Pulpit\dxva_sig.txt.id-7656544852_fudx@lycos.com 2015-04-15 14:48 - 2014-01-14 16:37 - 00025604 _____ () C:\Documents and Settings\Maciek\Moje dokumenty\you tak my heart...pol.doc.id-7656544852_fudx@lycos.com 2015-04-15 14:48 - 2014-01-14 16:35 - 00024580 _____ () C:\Documents and Settings\Maciek\Moje dokumenty\you tak my heart away.doc.id-7656544852_fudx@lycos.com 2015-04-15 14:48 - 2014-01-14 16:28 - 00024580 _____ () C:\Documents and Settings\Maciek\Moje dokumenty\walk with me!!!!.doc.id-7656544852_fudx@lycos.com 2015-04-15 14:48 - 2013-12-01 15:17 - 00000004 _____ () C:\Documents and Settings\Maciek\daemonprocess.txt.id-7656544852_fudx@lycos.com 2015-04-15 14:48 - 2013-09-17 12:58 - 00000000 ____D () C:\Documents and Settings\Maciek\Dane aplikacji\dBpoweramp 2015-04-15 14:48 - 2013-07-12 18:07 - 00000000 ____D () C:\Documents and Settings\Maciek\Dane aplikacji\Babylon 2015-04-15 14:48 - 2013-07-05 09:22 - 01096255 _____ () C:\Documents and Settings\Maciek\Moje dokumenty\Zdjęcie-0003.jpg.id-7656544852_fudx@lycos.com 2015-04-15 14:48 - 2013-06-19 10:04 - 00000000 ____D () C:\Documents and Settings\Maciek\Moje dokumenty\VirtualDJ 2015-04-15 14:48 - 2013-06-15 14:52 - 00000000 ___HD () C:\Documents and Settings\Default User\Szablony 2015-04-15 14:48 - 2013-06-15 13:04 - 00000000 ____D () C:\Documents and Settings\Maciek 2015-04-15 14:47 - 2015-01-27 11:23 - 00013940 _____ () C:\Documents and Settings\Maciek\Moje dokumenty\Opinia.docx.id-7656544852_fudx@lycos.com 2015-04-15 14:47 - 2015-01-25 16:56 - 00025092 _____ () C:\Documents and Settings\Maciek\Moje dokumenty\Sernik Orzechowy.doc.id-7656544852_fudx@lycos.com 2015-04-15 14:47 - 2015-01-20 11:43 - 00026116 _____ () C:\Documents and Settings\Maciek\Moje dokumenty\sprawdzian.doc.id-7656544852_fudx@lycos.com 2015-04-15 14:47 - 2014-12-05 09:46 - 00042500 _____ () C:\Documents and Settings\Maciek\Moje dokumenty\rczyńska.doc.id-7656544852_fudx@lycos.com 2015-04-15 14:47 - 2014-10-07 09:46 - 00025092 _____ () C:\Documents and Settings\Maciek\Moje dokumenty\Pasztet z cukini.doc.id-7656544852_fudx@lycos.com 2015-04-15 14:47 - 2014-03-18 14:25 - 00049156 _____ () C:\Documents and Settings\Maciek\Moje dokumenty\Pobyt u myszy.doc.id-7656544852_fudx@lycos.com 2015-04-15 14:47 - 2014-01-14 14:53 - 00024580 _____ () C:\Documents and Settings\Maciek\Moje dokumenty\someday.doc.id-7656544852_fudx@lycos.com 2015-04-15 14:47 - 2014-01-14 14:30 - 00026116 _____ () C:\Documents and Settings\Maciek\Moje dokumenty\that's why.doc...pol.doc.id-7656544852_fudx@lycos.com 2015-04-15 14:47 - 2014-01-14 14:28 - 00024580 _____ () C:\Documents and Settings\Maciek\Moje dokumenty\that's why.doc.id-7656544852_fudx@lycos.com 2015-04-15 14:47 - 2013-12-01 15:44 - 00000000 ____D () C:\Documents and Settings\Maciek\Moje dokumenty\Optimizer Pro 2015-04-15 14:47 - 2013-09-05 16:23 - 00041235 _____ () C:\Documents and Settings\Maciek\Moje dokumenty\RATUJ1.DOC.id-7656544852_fudx@lycos.com 2015-04-15 14:47 - 2013-09-05 16:23 - 00000148 _____ () C:\Documents and Settings\Maciek\Moje dokumenty\RATUJ.DOC.id-7656544852_fudx@lycos.com 2015-04-15 14:47 - 2013-07-23 14:21 - 00020484 _____ () C:\Documents and Settings\Maciek\Moje dokumenty\Ogóreczki Grillowi.doc.id-7656544852_fudx@lycos.com 2015-04-12 20:05 - 2015-01-26 14:43 - 00065536 _____ () C:\WINDOWS\system32\config\OAlerts.evt 2015-04-11 19:35 - 2014-06-21 17:21 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Origin 2015-04-11 12:12 - 2013-06-15 14:52 - 01261458 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2015-04-11 12:12 - 2001-10-26 19:15 - 00558018 _____ () C:\WINDOWS\system32\perfh015.dat 2015-04-11 12:12 - 2001-10-26 19:15 - 00105528 _____ () C:\WINDOWS\system32\perfc015.dat 2015-04-10 20:34 - 2014-06-21 20:45 - 00000000 ____D () C:\Program Files\Origin 2015-04-07 14:13 - 2015-02-16 14:48 - 00000000 ____D () C:\Documents and Settings\Maciek\Pulpit\VIDEO_TS 2015-04-07 14:13 - 2014-01-30 18:20 - 00000000 ____D () C:\Documents and Settings\Maciek\Moje dokumenty\OldVersions 2015-04-07 14:03 - 2015-01-26 14:57 - 00002499 _____ () C:\Documents and Settings\Maciek\Pulpit\Microsoft Word 2010.lnk 2015-04-07 13:22 - 2013-06-15 13:04 - 00000000 ___RD () C:\Documents and Settings\Maciek\Moje dokumenty\Moje obrazy 2015-04-07 13:18 - 2013-12-01 15:37 - 00000000 ____D () C:\Program Files\Football Manager 2014 2015-04-07 13:17 - 2013-06-15 13:04 - 00000000 ___HD () C:\Documents and Settings\Maciek\Ustawienia lokalne\Dane aplikacji 2015-04-07 13:14 - 2014-02-01 18:15 - 00000000 ____D () C:\Temp 2015-04-07 13:14 - 2013-06-15 14:47 - 00000000 ____D () C:\WINDOWS\twain_32 2015-04-06 10:39 - 2001-07-22 01:17 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl 2015-03-23 22:02 - 2013-06-15 15:12 - 00000000 ____D () C:\Documents and Settings\Maciek\Dane aplikacji\GG 2015-03-23 21:47 - 2013-06-15 15:12 - 00000000 ____D () C:\Documents and Settings\Maciek\Ustawienia lokalne\Dane aplikacji\GG ==================== Files in the root of some directories ======= 2015-04-15 14:56 - 2015-04-15 14:56 - 0401942 _____ () C:\Documents and Settings\Maciek\Dane aplikacji\sign.bmp 2013-06-15 13:44 - 2014-04-06 19:22 - 0046592 _____ () C:\Documents and Settings\Maciek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini Some content of TEMP: ==================== C:\Documents and Settings\Maciek\Ustawienia lokalne\Temp\AcDeltree.exe C:\Documents and Settings\Maciek\Ustawienia lokalne\Temp\APNSetup.exe C:\Documents and Settings\Maciek\Ustawienia lokalne\Temp\APNStub.exe C:\Documents and Settings\Maciek\Ustawienia lokalne\Temp\bi_cleaner.exe C:\Documents and Settings\Maciek\Ustawienia lokalne\Temp\drm_dyndata_7370012.dll C:\Documents and Settings\Maciek\Ustawienia lokalne\Temp\ggdrive-menu.exe C:\Documents and Settings\Maciek\Ustawienia lokalne\Temp\ggdrive-overlay.exe C:\Documents and Settings\Maciek\Ustawienia lokalne\Temp\ICReinstall_microsoft_word.exe C:\Documents and Settings\Maciek\Ustawienia lokalne\Temp\installstats.exe C:\Documents and Settings\Maciek\Ustawienia lokalne\Temp\OptimizerPro.exe C:\Documents and Settings\Maciek\Ustawienia lokalne\Temp\ose00000.exe C:\Documents and Settings\Maciek\Ustawienia lokalne\Temp\SHSetup.exe C:\Documents and Settings\Maciek\Ustawienia lokalne\Temp\uninst1.exe C:\Documents and Settings\Maciek\Ustawienia lokalne\Temp\_is1.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================