Anonim / 3 lata, 1 miesiąc temu | Download | Plaintext | Odpowiedz |

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 22-02-2015
Ran by Drothe (administrator) on BRUBRUM on 23-02-2015 03:29:05
Running from C:\Documents and Settings\Drothe\Pulpit
Loaded Profiles: Drothe (Available profiles: Drothe & Administrator)
Platform: Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polski
Internet Explorer Version 6 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG2015\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcsrvx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware da\mbamscheduler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgemcx.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
(Opera Software) C:\Program Files\Opera\27.0.1689.69\opera.exe
() C:\Program Files\Opera\27.0.1689.69\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\27.0.1689.69\opera.exe
(Opera Software) C:\Program Files\Opera\27.0.1689.69\opera.exe
(Opera Software) C:\Program Files\Opera\27.0.1689.69\opera.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware da\mbam.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware da\mbamservice.exe
(Opera Software) C:\Program Files\Opera\27.0.1689.69\opera.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IntelZeroConfig] => C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [667718 2005-11-28] (Intel Corporation)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [602182 2005-11-28] (Intel Corporation)
HKLM\...\Run: [EOUApp] => C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe [569413 2005-11-28] (Intel Corporation)
HKLM\...\Run: [AzMixerSel] => C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [53248 2005-06-11] (Realtek Semiconductor Corp.)
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [15961088 2006-01-11] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [nwiz] => nwiz.exe /install
HKLM\...\Run: [NvMediaCenter] => RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [SkyTel] => C:\WINDOWS\SkyTel.EXE [2879488 2006-05-16] (Realtek Semiconductor Corp.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3710416 2015-02-10] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [ISUSPM Startup] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [196608 2004-04-17] (InstallShield Software Corporation)
HKLM\...\Run: [ISUSScheduler] => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [69632 2004-04-13] (InstallShield Software Corporation)
HKU\S-1-5-21-839522115-1214440339-842925246-1003\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-839522115-1214440339-842925246-1003\...\MountPoints2: {261c3363-6d0c-11e4-a8eb-0016d34f3d5b} - F:\AutoRun.exe
HKU\S-1-5-21-839522115-1214440339-842925246-1003\...\MountPoints2: {261c3366-6d0c-11e4-a8eb-0016d34f3d5b} - F:\AutoRun.exe
HKU\S-1-5-21-839522115-1214440339-842925246-1003\...\MountPoints2: {30876278-6d82-11e4-a8f2-0018ded7acf4} - G:\setup.exe
HKU\S-1-5-21-839522115-1214440339-842925246-1003\...\MountPoints2: {a743a55f-6d23-11e4-a8ef-0018ded7acf4} - F:\Setup.exe
HKU\S-1-5-21-839522115-1214440339-842925246-1003\...\MountPoints2: {be36df85-8062-11e4-a929-0018ded7acf4} - J:\AutoRun.exe
HKU\S-1-5-18\...\Run: [DWQueuedReporting] => c:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [437160 2007-02-26] (Microsoft Corporation)
IFEO\isuspm.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe"
IFEO\javacpl.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe"
IFEO\javaw.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe"
IFEO\javaws.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe"
IFEO\t3.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe"
Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\REALTEK USB Wireless LAN Utility.lnk
ShortcutTarget: REALTEK USB Wireless LAN Utility.lnk -> C:\Program Files\REALTEK USB Wireless LAN Driver and Utility\RtWLan.exe (Realtek Semiconductor Corp.)
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2015\avgrsx.exe /sync /restart

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.interia.pl/#utm_source=instalki&utm_medium=installer&utm_campaign=instalki
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\S-1-5-21-839522115-1214440339-842925246-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl/0,0.html?p=170
HKU\S-1-5-21-839522115-1214440339-842925246-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: HKU\S-1-5-21-839522115-1214440339-842925246-1003 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-01-18]

Opera: 
=======
OPR Extension: (Adblock Plus) - C:\Documents and Settings\Drothe\Dane aplikacji\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2015-01-29]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3411408 2015-02-10] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [308720 2015-02-10] (AVG Technologies CZ, s.r.o.)
S4 EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [114753 2005-11-28] (Intel Corporation) [File not signed]
S4 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-09-26] (Oracle Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware da\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware da\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
S4 RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [217164 2005-11-28] (Intel Corporation) [File not signed]
S4 S24EventMonitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [540745 2005-11-28] (Intel Corporation ) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21035 2014-12-30] (Meetinghouse Data Communications) [File not signed]
R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriverl; C:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys [202208 2015-02-10] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [154904 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [192792 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [265184 2015-02-03] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [107488 2015-01-23] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [210400 2015-01-16] (AVG Technologies CZ, s.r.o.)
R1 dtsoftbus01; C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [243128 2014-11-16] (Disc Soft Ltd)
R2 EAPPkt; C:\WINDOWS\System32\DRIVERS\EAPPkt.sys [38144 2006-11-15] (Windows (R) 2000 DDK provider) [File not signed]
R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [File not signed]
R2 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [54360 2014-11-21] (Malwarebytes Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [114904 2015-02-23] (Malwarebytes Corporation)
S3 RTLWUSB; C:\WINDOWS\System32\DRIVERS\RTL8187.sys [235648 2007-05-21] (Realtek Semiconductor Corporation                           ) [File not signed]
R2 s24trans; C:\WINDOWS\System32\DRIVERS\s24trans.sys [13568 2005-11-28] (Intel Corporation) [File not signed]
R0 speedfan; C:\WINDOWS\System32\speedfan.sys [24184 2012-12-29] (Almico Software)
R3 w39n51; C:\WINDOWS\System32\DRIVERS\w39n51.sys [1427968 2005-11-27] (Intel® Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-23 03:29 - 2015-02-23 03:29 - 00013169 _____ () C:\Documents and Settings\Drothe\Pulpit\FRST.txt
2015-02-23 03:28 - 2015-02-23 03:29 - 00000000 ____D () C:\FRST
2015-02-23 03:03 - 2015-02-23 03:03 - 01126912 _____ (Farbar) C:\Documents and Settings\Drothe\Pulpit\FRST.exe
2015-02-22 17:41 - 2015-02-22 17:41 - 00000529 _____ () C:\WINDOWS\setupapi.log
2015-02-22 02:09 - 2015-02-22 02:09 - 00000000 ____D () C:\Documents and Settings\Drothe\Pulpit\Narozia
2015-02-22 02:07 - 2015-02-22 02:08 - 21252514 _____ () C:\Documents and Settings\Drothe\Pulpit\Narozia.rar
2015-02-22 02:07 - 2015-02-22 02:07 - 00000024 _____ () C:\Documents and Settings\Drothe\Pulpit\narozia recovery tibia.txt
2015-02-20 16:32 - 2015-02-20 16:32 - 00000595 _____ () C:\Documents and Settings\Drothe\Pulpit\Red Alert 2 - Yuri's Revenge.lnk
2015-02-20 16:32 - 2015-02-20 16:32 - 00000587 _____ () C:\Documents and Settings\Drothe\Pulpit\Red Alert 2.lnk
2015-02-20 16:32 - 2015-02-20 16:32 - 00000000 ____D () C:\Documents and Settings\Drothe\Dane aplikacji\Red Alert 2
2015-02-20 16:32 - 2015-02-20 16:32 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\R.G. Mechanics
2015-02-20 15:59 - 2015-02-20 15:59 - 00000000 ____D () C:\Documents and Settings\Default User\Dane aplikacji\TuneUp Software
2015-02-15 19:33 - 2015-02-16 17:22 - 00000000 ____D () C:\Documents and Settings\Drothe\Moje dokumenty\Thief - Deadly Shadows
2015-02-15 17:30 - 2015-02-15 17:30 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\InstallShield
2015-02-14 22:05 - 2015-02-14 22:05 - 00000000 ____D () C:\Documents and Settings\Drothe\Dane aplikacji\AVG2015
2015-02-14 22:04 - 2015-02-20 15:59 - 00000732 _____ () C:\Documents and Settings\All Users\Pulpit\AVG 2015.lnk
2015-02-14 22:04 - 2015-02-20 15:59 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\AVG
2015-02-14 22:03 - 2015-02-14 22:04 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\AVG2015
2015-02-14 22:03 - 2015-02-14 22:03 - 00000000 ___HD () C:\$AVG
2015-02-14 22:03 - 2015-02-14 22:03 - 00000000 ____D () C:\Program Files\AVG
2015-02-14 21:56 - 2015-02-14 21:58 - 00000029 _____ () C:\Documents and Settings\Drothe\Pulpit\key avg.txt
2015-02-14 21:53 - 2015-02-14 21:53 - 00000000 ____D () C:\Documents and Settings\Drothe\Ustawienia lokalne\Dane aplikacji\Avg2014
2015-02-14 21:52 - 2015-02-22 16:57 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\MFAData
2015-02-14 21:52 - 2015-02-14 22:12 - 00000000 ____D () C:\Documents and Settings\Drothe\Ustawienia lokalne\Dane aplikacji\Avg2015
2015-02-14 21:52 - 2015-02-14 21:52 - 00000000 ____D () C:\Documents and Settings\Drothe\Ustawienia lokalne\Dane aplikacji\MFAData
2015-02-14 20:31 - 2015-02-23 01:47 - 00114904 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-02-14 20:30 - 2015-02-14 20:30 - 00000798 _____ () C:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk
2015-02-14 20:30 - 2015-02-14 20:30 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware da
2015-02-14 20:30 - 2015-02-14 20:30 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes Anti-Malware
2015-02-14 20:30 - 2015-02-14 20:30 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
2015-02-14 20:30 - 2014-11-21 06:14 - 00054360 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-02-14 20:30 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-02-14 18:34 - 2015-02-14 18:34 - 00000000 ____D () C:\WINDOWS\system32\appmgmt
2015-02-13 14:09 - 2015-02-13 14:09 - 00000000 ____D () C:\Documents and Settings\Drothe\Dane aplikacji\NapiProjekt
2015-02-13 14:07 - 2015-02-13 14:07 - 00000657 _____ () C:\Documents and Settings\Drothe\Pulpit\NapiProjekt.lnk
2015-02-13 14:07 - 2015-02-13 14:07 - 00000000 ____D () C:\Program Files\NapiProjekt
2015-02-13 14:07 - 2015-02-13 14:07 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\NapiProjekt
2015-02-09 12:58 - 2015-02-09 12:58 - 00000698 _____ () C:\Documents and Settings\All Users\Pulpit\The Sims 4.lnk
2015-02-09 12:58 - 2015-02-09 12:58 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\The Sims 4
2015-02-02 03:25 - 2015-02-02 03:25 - 00000542 _____ () C:\Documents and Settings\Drothe\Pulpit\sm.txt
2015-01-30 13:23 - 2015-02-22 01:40 - 00000000 ____D () C:\Documents and Settings\Drothe\Dane aplikacji\AIMP3
2015-01-30 13:23 - 2015-01-30 13:23 - 00000592 _____ () C:\Documents and Settings\All Users\Pulpit\AIMP3.lnk
2015-01-30 13:23 - 2015-01-30 13:23 - 00000000 ____D () C:\Program Files\AIMP3
2015-01-30 13:23 - 2015-01-30 13:23 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\AIMP3
2015-01-25 20:26 - 2015-01-25 20:26 - 00000021 _____ () C:\Documents and Settings\Drothe\Pulpit\haslo sm.txt
2015-01-24 21:37 - 2015-01-24 21:37 - 00000000 __SHD () C:\Documents and Settings\All Users\Dane aplikacji\DSS
2015-01-24 21:32 - 2015-01-24 21:32 - 00000000 ____D () C:\Documents and Settings\Drothe\Lionhead Studios
2015-01-24 21:32 - 2015-01-24 21:32 - 00000000 ____D () C:\Documents and Settings\Drothe\Dane aplikacji\Lionhead Studios

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-23 03:29 - 2014-11-15 22:12 - 00000000 ____D () C:\Documents and Settings\Drothe\Ustawienia lokalne\Temp
2015-02-23 03:29 - 2014-11-15 22:12 - 00000000 ____D () C:\Documents and Settings\Drothe\Pulpit
2015-02-23 03:12 - 2014-11-19 15:29 - 00000930 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-02-23 03:03 - 2015-01-16 00:48 - 00000000 ____D () C:\Documents and Settings\Drothe\Moje dokumenty\pobieranie
2015-02-23 02:29 - 2014-11-15 23:21 - 00000000 ____D () C:\AdwCleaner
2015-02-23 02:27 - 2015-01-03 13:16 - 00000000 ____D () C:\Documents and Settings\Drothe\Dane aplikacji\BitComet
2015-02-23 01:32 - 2014-11-16 10:54 - 00000000 ____D () C:\Documents and Settings\Drothe\Dane aplikacji\DAEMON Tools Lite
2015-02-22 23:46 - 2014-11-15 23:31 - 00000430 _____ () C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1416088749.job
2015-02-22 17:44 - 2014-12-30 19:02 - 00000387 _____ () C:\WINDOWS\RTacDbg.txt
2015-02-22 15:46 - 2014-11-15 22:06 - 00412469 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-22 01:49 - 2014-11-16 00:16 - 00000000 ____D () C:\Documents and Settings\Drothe\Dane aplikacji\mIRC
2015-02-21 23:56 - 2014-11-16 00:16 - 00000000 ____D () C:\Program Files\mIRC
2015-02-21 23:46 - 2014-11-15 22:59 - 00000000 ____D () C:\Program Files\Opera
2015-02-21 15:41 - 2014-11-15 23:37 - 00000000 ____D () C:\WINDOWS\system32\Lang
2015-02-21 15:40 - 2014-12-17 20:15 - 00202514 _____ () C:\WINDOWS\system32\nvapps.xml
2015-02-21 15:40 - 2014-11-15 22:11 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-21 14:14 - 2014-11-15 22:46 - 00065536 _____ () C:\WINDOWS\system32\config\TuneUp.evt
2015-02-21 14:14 - 2014-11-15 22:11 - 00032454 _____ () C:\WINDOWS\SchedLgU.Txt
2015-02-21 12:56 - 2014-11-15 11:43 - 00053248 _____ () C:\WINDOWS\system32\config\SECURITY_tureg_old
2015-02-21 12:56 - 2014-11-15 11:42 - 18874368 _____ () C:\WINDOWS\system32\config\SOFTWARE_tureg_old
2015-02-21 12:56 - 2014-11-15 11:42 - 08126464 _____ () C:\WINDOWS\system32\config\SYSTEM_tureg_old
2015-02-21 12:55 - 2014-11-15 22:12 - 00000000 ____D () C:\Documents and Settings\Drothe
2015-02-21 12:55 - 2014-11-15 22:11 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2015-02-21 12:55 - 2014-11-15 22:11 - 00000000 __SHD () C:\Documents and Settings\LocalService
2015-02-21 12:54 - 2014-11-15 22:12 - 00000188 ___SH () C:\Documents and Settings\Drothe\ntuser.ini
2015-02-21 12:54 - 2014-11-15 11:43 - 00028672 _____ () C:\WINDOWS\system32\config\SAM_tureg_old
2015-02-21 12:54 - 2014-11-15 11:42 - 00274432 _____ () C:\WINDOWS\system32\config\DEFAULT_tureg_old
2015-02-21 12:52 - 2014-11-15 22:45 - 00000000 ____D () C:\Program Files\TuneUp Utilities 2011
2015-02-21 12:51 - 2014-12-11 20:59 - 00000000 ____D () C:\Documents and Settings\Drothe\Dane aplikacji\Notepad++
2015-02-21 12:49 - 2014-11-15 22:17 - 00018720 _____ () C:\Documents and Settings\Drothe\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
2015-02-20 23:29 - 2014-11-15 11:43 - 00124520 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-02-20 22:54 - 2014-12-17 21:13 - 00000000 ____D () C:\Documents and Settings\Drothe\Ustawienia lokalne\Dane aplikacji\Firestorm
2015-02-20 16:33 - 2014-11-15 22:12 - 00000000 __RHD () C:\Documents and Settings\Drothe\Dane aplikacji
2015-02-20 16:32 - 2014-11-15 11:44 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy
2015-02-20 15:59 - 2014-11-15 11:44 - 00000000 __RHD () C:\Documents and Settings\Default User\Dane aplikacji
2015-02-20 15:59 - 2014-11-15 11:44 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit
2015-02-19 12:32 - 2001-07-21 20:17 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2015-02-18 22:14 - 2014-11-19 15:29 - 00778416 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-02-18 22:14 - 2014-11-19 15:29 - 00142512 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-02-18 12:20 - 2014-11-15 23:32 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-02-17 17:23 - 2014-11-15 11:44 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start
2015-02-15 19:33 - 2014-11-15 22:12 - 00000000 ___RD () C:\Documents and Settings\Drothe\Moje dokumenty
2015-02-15 17:30 - 2014-11-15 11:44 - 00000000 __RHD () C:\Documents and Settings\All Users\Dane aplikacji
2015-02-15 17:26 - 2014-11-15 23:30 - 00000000 ____D () C:\Program Files\Common Files\InstallShield
2015-02-14 21:53 - 2014-11-15 22:12 - 00000000 ___HD () C:\Documents and Settings\Drothe\Ustawienia lokalne\Dane aplikacji
2015-02-14 21:46 - 2014-11-16 01:17 - 00000000 ____D () C:\Documents and Settings\Drothe\Dane aplikacji\Media Player Classic
2015-02-13 18:20 - 2014-12-21 16:35 - 00000000 ____D () C:\Program Files\SystemRequirementsLab
2015-02-10 16:46 - 2014-12-08 21:25 - 00202208 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsdriverlx.sys
2015-02-09 13:05 - 2015-01-17 03:13 - 00000000 ____D () C:\Documents and Settings\Drothe\Moje dokumenty\Electronic Arts
2015-02-09 12:59 - 2014-11-15 22:06 - 00000000 ____D () C:\WINDOWS\system32\DirectX
2015-02-07 22:40 - 2014-11-16 01:25 - 00000000 __HDC () C:\WINDOWS\$NtUninstallXPSEPSCLP$
2015-02-07 22:40 - 2014-11-15 22:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallWdf01007$
2015-02-05 03:51 - 2014-12-17 21:13 - 00000000 ____D () C:\Documents and Settings\Drothe\Dane aplikacji\Firestorm
2015-02-04 12:09 - 2014-11-16 22:31 - 00000000 ____D () C:\Documents and Settings\Administrator
2015-02-03 10:47 - 2014-07-18 14:55 - 00265184 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avglogx.sys
2015-01-25 12:15 - 2015-01-20 01:54 - 00000000 ____D () C:\Tibia
2015-01-24 21:48 - 2014-11-15 22:12 - 00000000 ___RD () C:\Documents and Settings\Drothe\Menu Start

==================== Files in the root of some directories =======

2014-11-16 21:29 - 2014-11-16 21:29 - 0000131 _____ () C:\Documents and Settings\Drothe\Ustawienia lokalne\Dane aplikacji\fusioncache.dat

Some content of TEMP:
====================
C:\Documents and Settings\Drothe\Ustawienia lokalne\Temp\Checkupdate.exe
C:\Documents and Settings\Drothe\Ustawienia lokalne\Temp\EAD14.exe
C:\Documents and Settings\Drothe\Ustawienia lokalne\Temp\Foxit Reader Updater.exe
C:\Documents and Settings\Drothe\Ustawienia lokalne\Temp\gcapi_dll.dll
C:\Documents and Settings\Drothe\Ustawienia lokalne\Temp\gtapi_signed.dll
C:\Documents and Settings\Drothe\Ustawienia lokalne\Temp\Napisy24.exe
C:\Documents and Settings\Drothe\Ustawienia lokalne\Temp\sfamcc00001.dll
C:\Documents and Settings\Drothe\Ustawienia lokalne\Temp\sfextra.dll
C:\Documents and Settings\Drothe\Ustawienia lokalne\Temp\SRLDetectionLibrary1304724843097204335.dll
C:\Documents and Settings\Drothe\Ustawienia lokalne\Temp\SRLDetectionLibrary4539903258651524709.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================