frst.txt w załączniku addition.txt w załączniku Jak włączam fix pojawia się komunikat No fixlist.txt found the fixlist.txt should be in the same folder / directory the tools is located
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:01-07-2014
Ran by Miroslaw (administrator) on MIROSLAW-D656D8 on 03-07-2014 13:51:44
Running from C:\Documents and Settings\Miroslaw\Moje dokumenty\Pobieranie\CZYSZCZENIE SYSTEMU
Platform: Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polski
Internet Explorer Version 8
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\WINDOWS\system32\netdde.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\WINDOWS\system32\cisvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\clipsrv.exe
(Acresso Software Inc.) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(HP) C:\WINDOWS\system32\HPZipm12.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\WINDOWS\system32\tlntsvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corp., Veritas Software) C:\WINDOWS\system32\dmadmin.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Microsoft Corporation) C:\WINDOWS\system32\cidaemon.exe
(Don HO don.h@free.fr) C:\Program Files\Notepad++\notepad++.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [avgnt] = & gt; C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [737872 2014-06-03] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [NvCplDaemon] = & gt; C:\WINDOWS\system32\NvCpl.dll [7335936 2005-11-21] (NVIDIA Corporation)
HKU\S-1-5-21-606747145-1708537768-725345543-1003\...\Run: [DIMPobieranie aktualizacji...1300677038363] = & gt; C:\Program Files\Corel\CorelDRAW Graphics Suite X5\Programs\DIM.exe [95592 2010-01-13] (Corel Corporation)
HKU\S-1-5-21-606747145-1708537768-725345543-1003\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-606747145-1708537768-725345543-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DIMPobieranie aktualizacji...1300677038363] = & gt; C:\Program Files\Corel\CorelDRAW Graphics Suite X5\Programs\DIM.exe [95592 2010-01-13] (Corel Corporation)
HKU\S-1-5-21-606747145-1708537768-725345543-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
GroupPolicy: Group Policy on Chrome detected & lt; ======= ATTENTION
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.es/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie & ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {02DF48B9-834F-FCBC-489D-5BDEF12E8A65} URL = http://www.searchya.com/?q={searchTerms} & f=4 & a=SearchooD & cd=2XzuyEtN2Y1L1QzutDtDtCzz0FtAyBtCtAyE0B0D0AzytCtAtN0D0Tzu0CyDyBtBtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu0U1E1Q1T2Z1P0S2Z1T1C1V0T1P2V2Z & cr=2085468601 & ir=
SearchScopes: HKCU - 6C11929DA5B840D6B1ACDD2069502A3C URL = http://www.searchya.com/?q={searchTerms} & f=4 & a=SearchooD & cd=2XzuyEtN2Y1L1QzutDtDtCzz0FtAyBtCtAyE0B0D0AzytCtAtN0D0Tzu0CyDyBtBtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu0U1E1Q1T2Z1P0S2Z1T1C1V0T1P2V2Z & cr=2085468601 & ir=
BHO: Re-markit - {5E31959F-9B04-3FC0-3BFF-2799785BE7F7} - C:\Program Files\Re_Markable\173.dll ()
Toolbar: HKCU - & Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - & Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {41564952-412D-5637-00A7-7A786E7484D7} - No File
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1374728033838
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Miroslaw\Dane aplikacji\Mozilla\Firefox\Profiles\4yoqqwht.default
FF NewTab: chrome://quick_start/content/index.html
FF SearchEngineOrder.3: Bing
FF Homepage: https://www.google.es/
FF NetworkProxy: " autoconfig_url " , " http://f7796b320430cb7c4d0014f9468c6adab604df65/ "
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF SearchPlugin: C:\Documents and Settings\Miroslaw\Dane aplikacji\Mozilla\Firefox\Profiles\4yoqqwht.default\searchplugins\synomix.xml
FF Extension: SeoQuake - C:\Documents and Settings\Miroslaw\Dane aplikacji\Mozilla\Firefox\Profiles\4yoqqwht.default\Extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74} [2014-05-12]
FF Extension: Autofill - C:\Documents and Settings\Miroslaw\Dane aplikacji\Mozilla\Firefox\Profiles\4yoqqwht.default\Extensions\firefox-autofill@googlegroups.com.xpi [2014-05-12]
FF Extension: Link Checker - C:\Documents and Settings\Miroslaw\Dane aplikacji\Mozilla\Firefox\Profiles\4yoqqwht.default\Extensions\linkchecker@vik.josh.xpi [2014-05-12]
FF Extension: RankChecker - C:\Documents and Settings\Miroslaw\Dane aplikacji\Mozilla\Firefox\Profiles\4yoqqwht.default\Extensions\rankchecker@seobook.com.xpi [2013-07-29]
FF Extension: Enhance Views - C:\Documents and Settings\Miroslaw\Dane aplikacji\Mozilla\Firefox\Profiles\4yoqqwht.default\Extensions\{10d0b221-588a-4920-9d9f-1f6929149755}.xpi [2013-07-29]
FF Extension: NoDoFollow - C:\Documents and Settings\Miroslaw\Dane aplikacji\Mozilla\Firefox\Profiles\4yoqqwht.default\Extensions\{c2b1f3ae-5cd5-49b7-8a0c-2c3bcbbbb294}.xpi [2014-05-12]
FF HKLM\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox
FF Extension: Freemake Video Converter Plugin - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox [2013-07-25]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-07-29]
FF HKCU\...\Firefox\Extensions: [{BC050BAB-31FA-3BE3-53E2-8982544D341D}] - C:\Program Files\Re_Markable\173.xpi
FF Extension: Re-markit - C:\Program Files\Re_Markable\173.xpi [2014-06-13]
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR StartupUrls: " hxxp://www.google.com "
CHR Extension: (Google Docs) - C:\Documents and Settings\Miroslaw\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-07-25]
CHR Extension: (Google Drive) - C:\Documents and Settings\Miroslaw\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-07-25]
CHR Extension: (YouTube) - C:\Documents and Settings\Miroslaw\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-07-25]
CHR Extension: (Búsqueda de Google) - C:\Documents and Settings\Miroslaw\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-07-25]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Miroslaw\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-25]
CHR Extension: (Gmail) - C:\Documents and Settings\Miroslaw\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-07-25]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction & lt; ======= ATTENTION
========================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-06-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-06-03] (Avira Operations GmbH & Co. KG)
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [69632 2004-09-29] (HP) [File not signed]
S2 WiseBootAssistant; C:\Program Files\Wise\Wise Care 365\BootTime.exe [580232 2014-05-05] (WiseCleaner.com)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [93528 2014-06-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\System32\DRIVERS\avipbb.sys [136216 2014-06-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\System32\DRIVERS\avkmgr.sys [37352 2013-10-31] (Avira Operations GmbH & Co. KG)
R0 FantomDVDBus; C:\WINDOWS\System32\DRIVERS\FantomDVDBus.sys [130232 2009-03-23] (An Chen Computer Co., Ltd.)
R3 FantomDVDPort; C:\WINDOWS\System32\DRIVERS\FantomDVDPort.sys [10544 2008-07-15] (An Chen Computer Co., Ltd.)
R3 HdAudAddService; C:\WINDOWS\System32\drivers\HdAudio.sys [145920 2005-01-07] (Windows (R) Server 2003 DDK provider)
R3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [51120 2005-03-08] (HP)
R3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2005-03-08] (HP)
R3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21744 2005-03-08] (HP)
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ATKACPI.sys [5632 2005-02-17] () [File not signed]
R1 ssmdrv; C:\WINDOWS\System32\DRIVERS\ssmdrv.sys [28520 2013-10-31] (Avira GmbH)
S3 w39n51; C:\WINDOWS\System32\DRIVERS\w39n51.sys [1428480 2006-10-29] (Intel® Corporation)
S3 WiseHDInfo; C:\Program Files\Wise\Wise Care 365\WiseHDInfo32.dll [11816 2014-06-04] (wisecleaner.com)
R1 {55685567-4840-4a91-962b-49a412e9485a}Gt; C:\WINDOWS\System32\drivers\{55685567-4840-4a91-962b-49a412e9485a}Gt.sys [55224 2014-05-26] (StdLib)
R1 {55685567-4840-4a91-962b-49a412e9485a}t; C:\WINDOWS\System32\drivers\{55685567-4840-4a91-962b-49a412e9485a}t.sys [55224 2014-05-26] (StdLib)
R1 {57f143ae-1ecd-493d-9ddb-32c45a3cecd5}Gt; C:\WINDOWS\System32\drivers\{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}Gt.sys [55224 2014-06-13] (StdLib)
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
S3 smserial; system32\DRIVERS\smserial.sys [X]
U1 WS2IFSL;
========================== Drivers MD5 =======================
C:\WINDOWS\System32\DRIVERS\ACPI.sys 05118282F5D039595A2B92B4A4AFE197
C:\WINDOWS\System32\DRIVERS\ACPIEC.sys 66A42B7DB194E24B973BBCCE840A0F3F
C:\WINDOWS\system32\Drivers\adfs.sys 6D7F09CD92A9FEF3A8EFCE66231FDD79
C:\WINDOWS\System32\drivers\aec.sys 8BED39E3C35D6A489438B8141717A557
C:\WINDOWS\System32\drivers\afd.sys 1E44BC1E83D8FD2305F8D452DB109CF9
C:\WINDOWS\System32\DRIVERS\arp1394.sys B5B8A80875C1DEDEDA8B02765642C32F
C:\WINDOWS\System32\DRIVERS\asyncmac.sys B153AFFAC761E7F5FCFA822B9C4E97BC
C:\WINDOWS\System32\DRIVERS\atapi.sys 9F3A2F5AA6875C72BF062C712CFA2674
C:\WINDOWS\System32\DRIVERS\atmarpc.sys 9916C1225104BA14794209CFA8012159
C:\WINDOWS\System32\DRIVERS\audstub.sys D9F724AA26C010A217C97606B160ED68
C:\WINDOWS\System32\DRIVERS\avgntflt.sys 06740B4CA398D0D00A49CB1D22FC2BC3
C:\WINDOWS\System32\DRIVERS\avipbb.sys 05AF7CBF0BDA1571BBADC36703EB9CA4
C:\WINDOWS\System32\DRIVERS\avkmgr.sys D8C712305F73CD34D1B344810E522728
C:\WINDOWS\system32\Drivers\Beep.sys DA1F27D85E0D1525F6621372E7B685E9
C:\WINDOWS\system32\Drivers\cbidf2k.sys 90A673FC8E12A79AFBED2576F6A7AAF9
C:\WINDOWS\system32\Drivers\Cdaudio.sys C1B486A7658353D33A10CC15211A873B
C:\WINDOWS\system32\Drivers\Cdfs.sys C885B02847F5D2FD45A24E219ED93B32
C:\WINDOWS\System32\DRIVERS\cdrom.sys 1F4260CC5B42272D71F79E570A27A4FE
C:\WINDOWS\System32\DRIVERS\CmBatt.sys 0F6C187D38D98F8DF904589A5F94D411
C:\WINDOWS\System32\DRIVERS\compbatt.sys 6E4C9F21F0FAE8940661144F41B13203
C:\WINDOWS\System32\DRIVERS\ssudbus.sys D720E872772D004E304FCE0CE54E1F8A
C:\WINDOWS\System32\DRIVERS\disk.sys 044452051F3E02E7963599FC8F4F3E25
C:\WINDOWS\System32\drivers\dmboot.sys BC9219ABC5696942E6F9AC8A9B28670F
C:\WINDOWS\System32\drivers\dmio.sys 5FA232E3BA6E1346F9F5A7E519320CB0
C:\WINDOWS\System32\drivers\dmload.sys E9317282A63CA4D188C0DF5E09C6AC5F
C:\WINDOWS\System32\drivers\DMusic.sys 8A208DFCF89792A484E76C40E5F50B45
C:\WINDOWS\System32\drivers\drmkaud.sys 8F5FCFF8E8848AFAC920905FBD9D33C8
C:\WINDOWS\System32\DRIVERS\FantomDVDBus.sys 6A5A84DEBE710FD86B9414CA3C230CE9
C:\WINDOWS\System32\DRIVERS\FantomDVDPort.sys 71C39B5E42EAE8403152DB1C7149DEC6
C:\WINDOWS\system32\Drivers\Fastfat.sys 38D332A6D56AF32635675F132548343E
C:\WINDOWS\system32\Drivers\Fdc.sys 92CDD60B6730B9F50F6A1A0C1F8CDC81
C:\WINDOWS\system32\Drivers\Fips.sys 09E2A4D33F81A06A8AAB2BA0A0B5D235
C:\WINDOWS\system32\Drivers\Flpydisk.sys 9D27E7B80BFCDF1CDD9B555862D5E7F0
C:\WINDOWS\System32\drivers\fltmgr.sys B2CF4B0786F8212CB92ED2B50C6DB6B0
C:\WINDOWS\system32\Drivers\Fs_Rec.sys 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A
C:\WINDOWS\System32\DRIVERS\ftdisk.sys ED6D921D8AB423138FB35BEEE6D6A6CB
C:\WINDOWS\System32\DRIVERS\msgpc.sys 0A02C63C8B144BD8C86B103DEE7C86A2
C:\WINDOWS\System32\drivers\HdAudio.sys 2A013E7530BEAB6E569FAA83F517E836
C:\WINDOWS\System32\DRIVERS\HDAudBus.sys 573C7D0A32852B48F3058CFD8026F511
C:\WINDOWS\System32\DRIVERS\HPZid412.sys 9F1D80908658EB7F1BF70809E0B51470
C:\WINDOWS\System32\DRIVERS\HPZipr12.sys F7E3E9D50F9CD3DE28085A8FDAA0A1C3
C:\WINDOWS\System32\DRIVERS\HPZius12.sys CF1B7951B4EC8D13F3C93B74BB2B461B
C:\WINDOWS\System32\Drivers\HTTP.sys F80A415EF82CD06FFAF0D971528EAD38
C:\WINDOWS\System32\DRIVERS\i8042prt.sys 177B372AF55C4460D0968B5F1D02AA1C
C:\WINDOWS\System32\DRIVERS\imapi.sys 083A052659F5310DD8B6A6CB05EDCF8E
C:\WINDOWS\System32\DRIVERS\intelppm.sys DA153EDC09DE8C4F846C085CAA39D1CC
C:\WINDOWS\System32\drivers\ip6fw.sys 3BB22519A194418D5FEC05D800A19AD0
C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys 731F22BA402EE4B62748ADAF6363C182
C:\WINDOWS\System32\DRIVERS\ipinip.sys B87AB476DCF76E72010632B5550955F5
C:\WINDOWS\System32\DRIVERS\ipnat.sys CC748EA12C6EFFDE940EE98098BF96BB
C:\WINDOWS\System32\DRIVERS\ipsec.sys 23C74D75E36E7158768DD63D92789A91
C:\WINDOWS\System32\DRIVERS\irenum.sys C93C9FF7B04D772627A3646D89F7BF89
C:\WINDOWS\System32\DRIVERS\isapnp.sys C8EEF2E93835B81BD335DE2123121283
C:\WINDOWS\System32\DRIVERS\kbdclass.sys 2AECA45D4AEAACBDCB77AD11184E4601
C:\WINDOWS\System32\drivers\kmixer.sys 692BCF44383D056AED41B045A323D378
C:\WINDOWS\system32\Drivers\KSecDD.sys B467646C54CC746128904E1654C750C1
C:\WINDOWS\system32\Drivers\mnmdd.sys 4AE068242760A1FB6E1A44BF4E16AFA6
C:\WINDOWS\system32\Drivers\Modem.sys 4A068DB7DC37D5AFEDB6512D2931D7B3
C:\WINDOWS\System32\DRIVERS\mouclass.sys FBED3DF6B884F8CF00447B73507F2C48
C:\WINDOWS\system32\Drivers\MountMgr.sys A80B9A0BAD1B73637DBCBBA7DF72D3FD
C:\WINDOWS\System32\DRIVERS\mrxdav.sys 11D42BB6206F33FBB3BA0288D3EF81BD
C:\WINDOWS\System32\DRIVERS\mrxsmb.sys 7D304A5EB4344EBEEAB53A2FE3FFB9F0
C:\WINDOWS\system32\Drivers\Msfs.sys C941EA2454BA8350021D774DAF0F1027
C:\WINDOWS\System32\drivers\MSKSSRV.sys D1575E71568F4D9E14CA56B7B0453BF1
C:\WINDOWS\System32\drivers\MSPCLOCK.sys 325BB26842FC7CCC1FCCE2C457317F3E
C:\WINDOWS\System32\drivers\MSPQM.sys BAD59648BA099DA4A17680B39730CB3D
C:\WINDOWS\System32\DRIVERS\mssmbios.sys AF5F4F3F14A8EA2C26DE30F7A1E17136
C:\WINDOWS\System32\DRIVERS\ATKACPI.sys E333010A50BF603ACC350F6019E9CE02
C:\WINDOWS\system32\Drivers\Mup.sys DE6A75F5C270E756C5508D94B6CF68F5
C:\WINDOWS\system32\Drivers\NDIS.sys 1DF7F42665C94B825322FAE71721130D
C:\WINDOWS\System32\DRIVERS\ndistapi.sys 0109C4F3850DFBAB279542515386AE22
C:\WINDOWS\System32\DRIVERS\ndisuio.sys F927A4434C5028758A842943EF1A3849
C:\WINDOWS\System32\DRIVERS\ndiswan.sys EDC1531A49C80614B2CFDA43CA8659AB
C:\WINDOWS\system32\Drivers\NDProxy.sys 2F597BB467E05B1FE3830EABD821B8E0
C:\WINDOWS\System32\DRIVERS\netbios.sys 5D81CF9A2F1A3A756B66CF684911CDF0
C:\WINDOWS\System32\DRIVERS\netbt.sys 74B2B2F5BEA5E9A3DC021D685551BD3D
C:\WINDOWS\System32\DRIVERS\nic1394.sys E9E47CFB2D461FA0FC75B7A74C6383EA
C:\WINDOWS\system32\Drivers\Npfs.sys 3182D64AE053D6FB034F44B6DEF8034A
C:\WINDOWS\system32\Drivers\Ntfs.sys 78A08DD6A8D65E697C18E1DB01C5CDCA
C:\WINDOWS\system32\Drivers\Null.sys 73C1E1F395918BC2C6DD67AF7591A3AD
C:\WINDOWS\System32\DRIVERS\nv4_mini.sys 723F13C0EDE32339338DAC8ECAEB9979
C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys B305F3FAD35083837EF46A0BBCE2FC57
C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys C99B3415198D1AAB7227F2C88FD664B9
C:\WINDOWS\System32\DRIVERS\ohci1394.sys CA33832DF41AFB202EE7AEB05145922F
C:\WINDOWS\system32\Drivers\Parport.sys 2D4CDAEBCED17743AA9E25D3016DC229
C:\WINDOWS\system32\Drivers\PartMgr.sys BEB3BA25197665D82EC7065B724171C6
C:\WINDOWS\system32\Drivers\ParVdm.sys 453EC2C2A20A1382F564541918520EEB
C:\WINDOWS\System32\DRIVERS\pci.sys 6862C69168D787B85A7D95CCD33C694E
C:\WINDOWS\System32\DRIVERS\pciide.sys 548CF2D6369EAE441A4C6BAA75BC4F0A
C:\WINDOWS\System32\DRIVERS\pcmcia.sys 8DB27F1AE9593C94095485305A583862
C:\WINDOWS\System32\DRIVERS\raspptp.sys EFEEC01B1D3CF84F16DDD24D9D9D8F99
C:\WINDOWS\System32\DRIVERS\psched.sys 09298EC810B07E5D582CB3A3F9255424
C:\WINDOWS\System32\DRIVERS\ptilink.sys 80D317BD1C3DBC5D4FE7B1678C60CADD
C:\WINDOWS\System32\DRIVERS\rasacd.sys FE0D99D6F31E4FAD8159F690D68DED9C
C:\WINDOWS\System32\DRIVERS\rasl2tp.sys 11B4A627BC9614B885C4969BFA5FF8A6
C:\WINDOWS\System32\DRIVERS\raspppoe.sys 5BC962F2654137C9909C3D4603587DEE
C:\WINDOWS\System32\DRIVERS\raspti.sys FDBB1D60066FCFBB7452FD8F9829B242
C:\WINDOWS\System32\DRIVERS\rdbss.sys 7AD224AD1A1437FE28D89CF22B17780A
C:\WINDOWS\System32\DRIVERS\RDPCDD.sys 4912D5B403614CE99C28420F75353332
C:\WINDOWS\System32\DRIVERS\rdpdr.sys 15CABD0F7C00C47C70124907916AF3F1
C:\WINDOWS\system32\Drivers\RDPWD.sys 43AF5212BD8FB5BA6EED9754358BD8F7
C:\WINDOWS\System32\DRIVERS\redbook.sys E0C7BBD18040B58651BAC700C804861D
C:\WINDOWS\System32\DRIVERS\rimsptsk.sys 1BDBA2D2D402415A78A4BA766DFE0F7B
C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys D6E1B1BD04FAD422AF17FC4B810CB9AF
C:\WINDOWS\System32\DRIVERS\sdbus.sys 8D04819A3CE51B9EB47E5689B44D43C4
C:\WINDOWS\System32\DRIVERS\secdrv.sys == & gt; MD5 is legit
C:\WINDOWS\system32\Drivers\Serial.sys D07B02F88165E69B9F17162CF592C8A6
C:\WINDOWS\system32\Drivers\Sfloppy.sys 8E6B8C671615D126FDC553D1E2DE5562
C:\WINDOWS\System32\drivers\splitter.sys AB8B92451ECB048A4D1DE7C3FFCB4A9F
C:\WINDOWS\System32\DRIVERS\sr.sys EB032822BE406EF220D546DDFFCF0002
C:\WINDOWS\System32\DRIVERS\srv.sys 47DDFC2F003F7F9F0592C6874962A2E7
C:\WINDOWS\System32\DRIVERS\ssmdrv.sys A36EE93698802CD899F98BFD553D8185
C:\WINDOWS\System32\DRIVERS\ssudmdm.sys A1CC726323FB41FFD29F436A77237E41
C:\WINDOWS\System32\DRIVERS\swenum.sys 3941D127AEF12E93ADDF6FE6EE027E0F
C:\WINDOWS\System32\drivers\swmidi.sys 8CE882BCC6CF8A62F2B2323D95CB3D01
C:\WINDOWS\System32\drivers\sysaudio.sys 8B83F3ED0F1688B4958F77CD6D2BF290
C:\WINDOWS\System32\DRIVERS\tcpip.sys 9AEFA14BD6B182D61E3119FA5F436D3D
C:\WINDOWS\system32\Drivers\TDPIPE.sys 6471A66807F5E104E4885F5B67349397
C:\WINDOWS\system32\Drivers\TDTCP.sys C56B6D0402371CF3700EB322EF3AAF61
C:\WINDOWS\System32\DRIVERS\termdd.sys 88155247177638048422893737429D9E
C:\WINDOWS\system32\Drivers\Udfs.sys 5787B80C2E3C5E2F56C2A233D91FA2C9
C:\WINDOWS\System32\DRIVERS\update.sys 402DDC88356B1BAC0EE3DD1580C76A31
C:\WINDOWS\System32\DRIVERS\usbccgp.sys 1B611611C28D2DF25BC057D79C6F13FC
C:\WINDOWS\System32\DRIVERS\usbehci.sys 4BAC8DF07F1D8434FC640E677A62204E
C:\WINDOWS\System32\DRIVERS\usbhub.sys 1AB3CDDE553B6E064D2E754EFE20285C
C:\WINDOWS\System32\DRIVERS\usbprint.sys A717C8721046828520C9EDF31288FC00
C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS A32426D9B14A089EAA1D922E0C5801A9
C:\WINDOWS\System32\DRIVERS\usbuhci.sys 26496F9DEE2D787FC3E61AD54821FFE6
C:\WINDOWS\System32\drivers\vga.sys 0D3A8FAFCEACD8B7625CD549757A7DF1
C:\WINDOWS\system32\Drivers\VolSnap.sys 56B191AC5FC0DF219949C95A6C87AFE7
C:\WINDOWS\System32\DRIVERS\w39n51.sys 4E7B07653F4F9937CF62AD2869FBA520
C:\WINDOWS\System32\DRIVERS\wanarp.sys E20B95BAEDB550F32DD489265C1DA1F6
C:\WINDOWS\System32\drivers\wdmaud.sys 6768ACF64B18196494413695F0C3A00F
C:\Program Files\Wise\Wise Care 365\WiseHDInfo32.dll 56C066DE7DDD0C891194ADAE6A4A04B3
C:\WINDOWS\System32\drivers\{55685567-4840-4a91-962b-49a412e9485a}Gt.sys B098D44AE71E97E15DCA97AC1A769297
C:\WINDOWS\System32\drivers\{55685567-4840-4a91-962b-49a412e9485a}t.sys 84A567CAA516B5CC2920B32D96EE2761
C:\WINDOWS\System32\drivers\{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}Gt.sys 6DDE64129C7A40B374801163619E52CC
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-03 13:25 - 2014-07-03 13:27 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-07-03 13:22 - 2014-07-03 13:36 - 00007424 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-03 13:21 - 2014-07-03 13:22 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-07-03 13:21 - 2014-07-03 13:22 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2014-07-03 13:21 - 2014-07-03 13:21 - 02082400 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-07-03 13:21 - 2014-07-03 13:21 - 00000000 _____ () C:\WINDOWS\Sti_Trace.log
2014-07-03 12:24 - 2014-07-03 13:51 - 00000000 ____D () C:\FRST
2014-07-03 08:58 - 2014-07-03 09:11 - 00001244 _____ () C:\Documents and Settings\Miroslaw\Moje dokumenty\formularz online.txt
2014-07-01 13:41 - 2014-07-01 14:09 - 00000000 ____D () C:\Documents and Settings\Miroslaw\Moje dokumenty\XANIT
2014-06-27 19:39 - 2014-06-27 19:39 - 00000220 _____ () C:\Documents and Settings\Miroslaw\Moje dokumenty\ruso palabras clabes.txt
2014-06-26 11:55 - 2014-06-26 11:55 - 00000000 __SHD () C:\Documents and Settings\NetworkService\IETldCache
2014-06-25 20:40 - 2014-07-03 13:20 - 01119584 _____ () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
2014-06-25 20:02 - 2014-06-27 13:31 - 00000000 ____D () C:\Documents and Settings\Miroslaw\Moje dokumenty\oferta clinica dental
2014-06-25 11:55 - 2014-06-13 13:36 - 00055224 _____ (StdLib) C:\WINDOWS\system32\Drivers\{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}Gt.sys
2014-06-24 17:05 - 2014-06-24 17:05 - 00000000 ____D () C:\Program Files\MSECache
2014-06-24 16:50 - 2014-06-24 16:43 - 00092794 _____ () C:\Documents and Settings\Miroslaw\Moje dokumenty\solicitut.doc_0.odt
2014-06-24 16:23 - 2014-06-24 14:28 - 00092622 _____ () C:\Documents and Settings\Miroslaw\Moje dokumenty\cuestionario.doc_0.odt
2014-06-24 13:41 - 2014-06-24 13:41 - 00000000 ____D () C:\output
2014-06-24 13:33 - 2014-06-24 14:24 - 00000000 ____D () C:\Documents and Settings\Miroslaw\Dane aplikacji\PhotoScape
2014-06-24 13:32 - 2014-06-24 13:32 - 00000706 _____ () C:\Documents and Settings\Miroslaw\Pulpit\PhotoScape.lnk
2014-06-24 13:32 - 2014-06-24 13:32 - 00000000 ____D () C:\Program Files\PhotoScape
2014-06-24 13:32 - 2014-06-24 13:32 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\PhotoScape
2014-06-23 12:30 - 2014-06-20 17:30 - 00015579 _____ () C:\Documents and Settings\Miroslaw\Moje dokumenty\treść%20dyplomu.doc_0.odt
2014-06-23 12:30 - 2014-06-20 16:13 - 00026791 _____ () C:\Documents and Settings\Miroslaw\Moje dokumenty\zalnr6.rtf_0.odt
2014-06-16 15:28 - 2014-06-26 08:16 - 00000000 ____D () C:\Documents and Settings\Miroslaw\Dane aplikacji\Foxit Software
2014-06-16 15:27 - 2014-06-16 15:27 - 00001793 _____ () C:\Documents and Settings\All Users\Pulpit\Foxit Reader.lnk
2014-06-16 15:27 - 2014-06-16 15:27 - 00000000 ____D () C:\Documents and Settings\LocalService\Dane aplikacji\Foxit Software
2014-06-16 15:27 - 2014-06-16 15:27 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Foxit Reader
2014-06-16 15:27 - 2014-06-16 15:27 - 00000000 ____D () C:\Documents and Settings\All Users\Foxit Software
2014-06-16 15:26 - 2014-06-16 15:26 - 00000000 ____D () C:\Program Files\Foxit Software
2014-06-13 17:01 - 2014-06-13 17:02 - 00000000 ____D () C:\Program Files\Re_Markable
2014-06-13 17:01 - 2014-06-13 17:01 - 00000472 __RSH () C:\Documents and Settings\All Users\ntuser.pol
2014-06-13 17:00 - 2014-06-13 17:01 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
2014-06-12 15:02 - 2014-06-12 15:02 - 00000000 ____H () C:\WINDOWS\system32\config\software.rhk.LOG
2014-06-12 15:02 - 2014-06-12 15:02 - 00000000 ____H () C:\WINDOWS\system32\config\SECURITY.rhk.LOG
2014-06-12 15:02 - 2014-06-12 15:02 - 00000000 ____H () C:\WINDOWS\system32\config\SAM.rhk.LOG
2014-06-12 15:02 - 2014-06-12 15:02 - 00000000 ____H () C:\WINDOWS\system32\config\default.rhk.LOG
2014-06-12 15:02 - 2014-06-12 15:02 - 00000000 ____H () C:\Documents and Settings\NetworkService\NTUSER.rhk.LOG
2014-06-12 15:02 - 2014-06-12 15:02 - 00000000 ____H () C:\Documents and Settings\Miroslaw\NTUSER.rhk.LOG
2014-06-12 15:02 - 2014-06-12 15:02 - 00000000 ____H () C:\Documents and Settings\LocalService\NTUSER.rhk.LOG
2014-06-10 12:28 - 2014-06-03 19:39 - 00015532 _____ () C:\Documents and Settings\Miroslaw\Moje dokumenty\heladosmarbela.xls_1.ods
2014-06-09 17:27 - 2014-06-09 17:27 - 00000145 ____H () C:\Documents and Settings\Miroslaw\Moje dokumenty\.~lock.umowa użyczenia.doc#
2014-06-03 11:47 - 2014-07-03 07:47 - 00000000 ____D () C:\Program Files\Mozilla Firefox
==================== One Month Modified Files and Folders =======
2014-07-03 13:52 - 2013-07-24 04:48 - 00000000 ____D () C:\Documents and Settings\Miroslaw\Ustawienia lokalne\Temp
2014-07-03 13:51 - 2014-07-03 12:24 - 00000000 ____D () C:\FRST
2014-07-03 13:36 - 2014-07-03 13:22 - 00007424 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-03 13:36 - 2013-07-24 06:08 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy
2014-07-03 13:36 - 2013-07-24 06:08 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit
2014-07-03 13:34 - 2013-07-25 06:58 - 00000930 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-07-03 13:30 - 2014-02-04 19:30 - 00000432 _____ () C:\WINDOWS\Tasks\At1.job
2014-07-03 13:28 - 2014-02-07 15:37 - 00000000 ____D () C:\Documents and Settings\Miroslaw\Dane aplikacji\Malwarebytes
2014-07-03 13:27 - 2014-07-03 13:25 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-07-03 13:24 - 2012-01-24 17:46 - 00000000 ____D () C:\Documents and Settings\Miroslaw\Moje dokumenty\Pobieranie
2014-07-03 13:22 - 2014-07-03 13:21 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-07-03 13:22 - 2014-07-03 13:21 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2014-07-03 13:22 - 2014-05-29 12:11 - 00000000 ____D () C:\Documents and Settings\Miroslaw\Dane aplikacji\Wise Care 365
2014-07-03 13:22 - 2013-11-20 00:13 - 00000000 ____D () C:\WINDOWS\system32\NtmsData
2014-07-03 13:22 - 2013-07-24 06:01 - 00000000 ____D () C:\WINDOWS\system32\ias
2014-07-03 13:21 - 2014-07-03 13:21 - 02082400 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-07-03 13:21 - 2014-07-03 13:21 - 00000000 _____ () C:\WINDOWS\Sti_Trace.log
2014-07-03 13:21 - 2014-04-01 11:53 - 00000228 _____ () C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job
2014-07-03 13:21 - 2013-07-25 05:35 - 00041156 _____ () C:\WINDOWS\system32\nvapps.xml
2014-07-03 13:21 - 2013-07-24 04:44 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-03 13:21 - 2013-07-24 04:35 - 00000000 ____D () C:\WINDOWS\Registration
2014-07-03 13:20 - 2014-06-25 20:40 - 01119584 _____ () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
2014-07-03 13:20 - 2013-07-24 04:44 - 00032566 _____ () C:\WINDOWS\SchedLgU.Txt
2014-07-03 13:20 - 2013-07-24 04:44 - 00000000 ___HD () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji
2014-07-03 13:19 - 2013-07-24 04:48 - 00000188 ___SH () C:\Documents and Settings\Miroslaw\ntuser.ini
2014-07-03 13:19 - 2013-07-24 04:48 - 00000000 ____D () C:\Documents and Settings\Miroslaw
2014-07-03 13:17 - 2014-05-26 08:17 - 00000432 _____ () C:\WINDOWS\Tasks\At3.job
2014-07-03 13:07 - 2014-02-07 14:18 - 00000000 ____D () C:\AdwCleaner
2014-07-03 13:07 - 2013-07-24 06:08 - 00000000 __RHD () C:\Documents and Settings\All Users\Dane aplikacji
2014-07-03 13:07 - 2013-07-24 04:48 - 00000000 __RHD () C:\Documents and Settings\Miroslaw\Dane aplikacji
2014-07-03 13:07 - 2013-07-24 04:48 - 00000000 ___HD () C:\Documents and Settings\Miroslaw\Ustawienia lokalne\Dane aplikacji
2014-07-03 13:00 - 2014-05-29 13:18 - 00000384 _____ () C:\WINDOWS\Tasks\Wise Turbo Checker.job
2014-07-03 09:11 - 2014-07-03 08:58 - 00001244 _____ () C:\Documents and Settings\Miroslaw\Moje dokumenty\formularz online.txt
2014-07-03 08:58 - 2013-07-24 04:48 - 00000000 ___RD () C:\Documents and Settings\Miroslaw\Moje dokumenty
2014-07-03 07:47 - 2014-06-03 11:47 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-07-03 07:39 - 2001-07-21 22:17 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-07-02 13:47 - 2014-03-31 07:53 - 01616202 _____ () C:\Documents and Settings\Miroslaw\Moje dokumenty\2014zestawienie 1-3 .cdr
2014-07-02 12:07 - 2013-04-05 19:38 - 00000000 ____D () C:\Documents and Settings\Miroslaw\Moje dokumenty\!!!!OGŁOSZENIA W INTERNECIE
2014-07-01 14:39 - 2012-08-17 20:38 - 00000000 ____D () C:\Documents and Settings\Miroslaw\Moje dokumenty\!!!!POPRAWA STRONY
2014-07-01 14:09 - 2014-07-01 13:41 - 00000000 ____D () C:\Documents and Settings\Miroslaw\Moje dokumenty\XANIT
2014-07-01 12:36 - 2013-04-03 16:49 - 00000000 ____D () C:\Documents and Settings\Miroslaw\Moje dokumenty\!!!!KLINIKA
2014-06-30 19:35 - 2013-07-25 09:12 - 00934912 ___SH () C:\Documents and Settings\Miroslaw\Moje dokumenty\Thumbs.db
2014-06-27 19:39 - 2014-06-27 19:39 - 00000220 _____ () C:\Documents and Settings\Miroslaw\Moje dokumenty\ruso palabras clabes.txt
2014-06-27 16:18 - 2012-09-20 19:26 - 00000000 ____D () C:\Documents and Settings\Miroslaw\Moje dokumenty\!!!NOWA STRONA WWW
2014-06-27 15:50 - 2013-07-24 04:48 - 00000000 ___RD () C:\Documents and Settings\Miroslaw\Moje dokumenty\Moje obrazy
2014-06-27 13:31 - 2014-06-25 20:02 - 00000000 ____D () C:\Documents and Settings\Miroslaw\Moje dokumenty\oferta clinica dental
2014-06-27 13:31 - 2013-05-17 12:19 - 00000000 ____D () C:\Documents and Settings\Miroslaw\Moje dokumenty\do fotografa
2014-06-27 13:30 - 2012-05-31 16:34 - 00000000 ____D () C:\Documents and Settings\Miroslaw\Moje dokumenty\!!!tattoo
2014-06-27 13:20 - 2013-05-29 13:02 - 00000000 ____D () C:\Documents and Settings\Miroslaw\Moje dokumenty\!!!!BLOGI ZAPLECZOWE
2014-06-27 13:18 - 2013-05-21 14:52 - 00000000 ____D () C:\Documents and Settings\Miroslaw\Moje dokumenty\!!! UNAS NA STRONĘ I DO OGŁOSZEŃ
2014-06-27 13:18 - 2013-01-08 18:23 - 00000000 ____D () C:\Documents and Settings\Miroslaw\Moje dokumenty\!!!!!FB
2014-06-26 15:38 - 2013-07-24 04:48 - 00000000 ____D () C:\Documents and Settings\Miroslaw\Pulpit
2014-06-26 11:55 - 2014-06-26 11:55 - 00000000 __SHD () C:\Documents and Settings\NetworkService\IETldCache
2014-06-26 11:55 - 2013-07-24 04:43 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2014-06-26 09:31 - 2012-08-20 14:02 - 00000000 ____D () C:\Documents and Settings\Miroslaw\Moje dokumenty\PORTALE ROSJA
2014-06-26 08:16 - 2014-06-16 15:28 - 00000000 ____D () C:\Documents and Settings\Miroslaw\Dane aplikacji\Foxit Software
2014-06-25 14:45 - 2013-07-25 06:55 - 00000000 ____D () C:\Program Files\Google
2014-06-25 14:43 - 2001-07-21 22:16 - 00001318 _____ () C:\WINDOWS\win.ini
2014-06-24 17:08 - 2013-11-29 16:32 - 00035843 _____ () C:\WINDOWS\FontData.fdb
2014-06-24 17:06 - 2013-12-31 12:03 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-06-24 17:06 - 2013-07-24 06:09 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-06-24 17:05 - 2014-06-24 17:05 - 00000000 ____D () C:\Program Files\MSECache
2014-06-24 16:43 - 2014-06-24 16:50 - 00092794 _____ () C:\Documents and Settings\Miroslaw\Moje dokumenty\solicitut.doc_0.odt
2014-06-24 14:28 - 2014-06-24 16:23 - 00092622 _____ () C:\Documents and Settings\Miroslaw\Moje dokumenty\cuestionario.doc_0.odt
2014-06-24 14:24 - 2014-06-24 13:33 - 00000000 ____D () C:\Documents and Settings\Miroslaw\Dane aplikacji\PhotoScape
2014-06-24 13:41 - 2014-06-24 13:41 - 00000000 ____D () C:\output
2014-06-24 13:32 - 2014-06-24 13:32 - 00000706 _____ () C:\Documents and Settings\Miroslaw\Pulpit\PhotoScape.lnk
2014-06-24 13:32 - 2014-06-24 13:32 - 00000000 ____D () C:\Program Files\PhotoScape
2014-06-24 13:32 - 2014-06-24 13:32 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\PhotoScape
2014-06-23 19:53 - 2013-07-25 18:29 - 00256938 _____ () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat
2014-06-23 13:25 - 2012-09-25 13:37 - 00000000 ____D () C:\Documents and Settings\Miroslaw\Moje dokumenty\!!!KURS MP
2014-06-20 17:30 - 2014-06-23 12:30 - 00015579 _____ () C:\Documents and Settings\Miroslaw\Moje dokumenty\treść%20dyplomu.doc_0.odt
2014-06-20 16:13 - 2014-06-23 12:30 - 00026791 _____ () C:\Documents and Settings\Miroslaw\Moje dokumenty\zalnr6.rtf_0.odt
2014-06-16 18:14 - 2012-05-18 13:39 - 00000000 ____D () C:\Documents and Settings\Miroslaw\Moje dokumenty\!Google ADwords
2014-06-16 15:27 - 2014-06-16 15:27 - 00001793 _____ () C:\Documents and Settings\All Users\Pulpit\Foxit Reader.lnk
2014-06-16 15:27 - 2014-06-16 15:27 - 00000000 ____D () C:\Documents and Settings\LocalService\Dane aplikacji\Foxit Software
2014-06-16 15:27 - 2014-06-16 15:27 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Foxit Reader
2014-06-16 15:27 - 2014-06-16 15:27 - 00000000 ____D () C:\Documents and Settings\All Users\Foxit Software
2014-06-16 15:27 - 2013-07-24 04:44 - 00000000 ____D () C:\Documents and Settings\LocalService\Dane aplikacji
2014-06-16 15:26 - 2014-06-16 15:26 - 00000000 ____D () C:\Program Files\Foxit Software
2014-06-16 14:51 - 2013-07-25 22:56 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Adobe
2014-06-16 14:51 - 2013-07-25 22:55 - 00000000 ____D () C:\Program Files\Adobe
2014-06-16 14:51 - 2013-07-25 22:30 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-06-13 19:00 - 2013-07-25 06:55 - 00000730 _____ () C:\Documents and Settings\All Users\Menu Start\Programy\Mozilla Firefox.lnk
2014-06-13 19:00 - 2013-07-25 06:55 - 00000724 _____ () C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
2014-06-13 19:00 - 2013-07-24 04:48 - 00000751 _____ () C:\Documents and Settings\Miroslaw\Menu Start\Programy\Internet Explorer.lnk
2014-06-13 19:00 - 2013-07-24 04:48 - 00000000 ___RD () C:\Documents and Settings\Miroslaw\Menu Start\Programy
2014-06-13 17:02 - 2014-06-13 17:01 - 00000000 ____D () C:\Program Files\Re_Markable
2014-06-13 17:01 - 2014-06-13 17:01 - 00000472 __RSH () C:\Documents and Settings\All Users\ntuser.pol
2014-06-13 17:01 - 2014-06-13 17:00 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
2014-06-13 13:36 - 2014-06-25 11:55 - 00055224 _____ (StdLib) C:\WINDOWS\system32\Drivers\{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}Gt.sys
2014-06-12 15:11 - 2014-05-29 12:11 - 00000809 _____ () C:\Documents and Settings\All Users\Pulpit\Wise Care 365.lnk
2014-06-12 15:11 - 2014-05-29 12:11 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Wise Care 365
2014-06-12 15:09 - 2013-08-15 11:57 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-06-12 15:07 - 2013-08-12 14:46 - 92708840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-06-12 15:03 - 2013-07-24 06:07 - 00262144 _____ () C:\WINDOWS\system32\config\SECURITY.bak
2014-06-12 15:03 - 2013-07-24 06:07 - 00262144 _____ () C:\WINDOWS\system32\config\SAM.bak
2014-06-12 15:03 - 2013-07-24 06:06 - 34340864 _____ () C:\WINDOWS\system32\config\software.bak
2014-06-12 15:03 - 2013-07-24 06:06 - 00262144 _____ () C:\WINDOWS\system32\config\default.bak
2014-06-12 15:03 - 2013-07-24 04:48 - 05242880 ____H () C:\Documents and Settings\Miroslaw\NTUSER.bak
2014-06-12 15:03 - 2013-07-24 04:44 - 00262144 ____H () C:\Documents and Settings\LocalService\NTUSER.bak
2014-06-12 15:03 - 2013-07-24 04:43 - 00229376 ____H () C:\Documents and Settings\NetworkService\NTUSER.bak
2014-06-12 15:02 - 2014-06-12 15:02 - 00000000 ____H () C:\WINDOWS\system32\config\software.rhk.LOG
2014-06-12 15:02 - 2014-06-12 15:02 - 00000000 ____H () C:\WINDOWS\system32\config\SECURITY.rhk.LOG
2014-06-12 15:02 - 2014-06-12 15:02 - 00000000 ____H () C:\WINDOWS\system32\config\SAM.rhk.LOG
2014-06-12 15:02 - 2014-06-12 15:02 - 00000000 ____H () C:\WINDOWS\system32\config\default.rhk.LOG
2014-06-12 15:02 - 2014-06-12 15:02 - 00000000 ____H () C:\Documents and Settings\NetworkService\NTUSER.rhk.LOG
2014-06-12 15:02 - 2014-06-12 15:02 - 00000000 ____H () C:\Documents and Settings\Miroslaw\NTUSER.rhk.LOG
2014-06-12 15:02 - 2014-06-12 15:02 - 00000000 ____H () C:\Documents and Settings\LocalService\NTUSER.rhk.LOG
2014-06-12 15:02 - 2013-07-24 04:44 - 00000000 __SHD () C:\Documents and Settings\LocalService
2014-06-09 18:56 - 2013-07-25 06:55 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-06-09 18:54 - 2013-07-25 18:29 - 02464398 _____ () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-S-1-5-21-606747145-1708537768-725345543-1003-0.dat
2014-06-09 17:27 - 2014-06-09 17:27 - 00000145 ____H () C:\Documents and Settings\Miroslaw\Moje dokumenty\.~lock.umowa użyczenia.doc#
2014-06-08 15:00 - 2014-04-01 11:53 - 00000222 _____ () C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — co miesiąc.job
2014-06-07 09:43 - 2013-08-04 12:18 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.dat
2014-06-04 12:45 - 2013-07-25 07:01 - 00000000 ____D () C:\Documents and Settings\Miroslaw\Dane aplikacji\Skype
2014-06-03 19:39 - 2014-06-10 12:28 - 00015532 _____ () C:\Documents and Settings\Miroslaw\Moje dokumenty\heladosmarbela.xls_1.ods
2014-06-03 10:51 - 2013-11-19 22:12 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2014-06-03 10:51 - 2013-11-19 22:12 - 00093528 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
Files to move or delete:
====================
C:\Windows\Tasks\At1.job
C:\Windows\Tasks\At3.job
Some content of TEMP:
====================
C:\Documents and Settings\Miroslaw\Ustawienia lokalne\Temp\avgnt.exe
C:\Documents and Settings\Miroslaw\Ustawienia lokalne\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\WINDOWS\explorer.exe = & gt; File is digitally signed
C:\WINDOWS\system32\winlogon.exe = & gt; File is digitally signed
C:\WINDOWS\system32\svchost.exe = & gt; File is digitally signed
C:\WINDOWS\system32\services.exe = & gt; File is digitally signed
C:\WINDOWS\system32\User32.dll = & gt; File is digitally signed
C:\WINDOWS\system32\userinit.exe = & gt; File is digitally signed
C:\WINDOWS\system32\rpcss.dll = & gt; File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys = & gt; File is digitally signed
==================== End Of Log ============================