Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-11-2014 03 Ran by justyna i darek at 2014-11-17 09:54:47 Run:1 Running from C:\Users\justyna i darek\Desktop Loaded Profile: justyna i darek (Available profiles: justyna i darek & Justyna) Boot Mode: Normal ============================================== Content of fixlist: ***************** CloseProcesses: HKU\S-1-5-21-2497160206-2615029055-3091190810-1000\...\Run: [dndmwdd.exe] => "C:\Users\justyna i darek\AppData\Roaming\dndmwdd.exe" HKU\S-1-5-21-2497160206-2615029055-3091190810-1000\...\Run: [M0JCOTNCMkY3NDQzMDNDRj] => C:\ProgramData\aqlgbtmh.exe HKU\S-1-5-21-2497160206-2615029055-3091190810-1000\...\Run: [RDUwMzMzMzE2QTU5ODNBNT] => C:\ProgramData\bryxirhy.exe HKU\S-1-5-21-2497160206-2615029055-3091190810-1000\...\Run: [84639553] => C:\ProgramData\wnvlsizt.exe HKU\S-1-5-21-2497160206-2615029055-3091190810-1000\...\Run: [MzY1QjcxRTE5NUNGM0VFRk] => C:\ProgramData\ichafcgt.exe HKU\S-1-5-21-2497160206-2615029055-3091190810-1000\...\Run: [KB7J65QX52UA] => C:\Users\justyna i darek\AppData\Roaming\OZDTD0GD.exe HKU\S-1-5-21-2497160206-2615029055-3091190810-1000\...\Run: [Ogu3FMdasw3tbhy6] => "C:\Users\justyna i darek\AppData\Roaming\dndmwdd.exe" HKU\S-1-5-21-2497160206-2615029055-3091190810-1000\...\Run: [firefox] => C:\Users\justyna i darek\AppData\Roaming\Microsoft\00010ccc.tmp HKU\S-1-5-21-2497160206-2615029055-3091190810-1000\...\Run: [sys] => C:\Users\justyna i darek\AppData\Roaming\7SHBPQBYL5.exe HKU\S-1-5-21-2497160206-2615029055-3091190810-1000\...\Run: [SYSTEM Tools] => C:\Users\justyna i darek\AppData\Roaming\pixels\admin523e2cdb4a0a46e78ba1e2037bb534de.exe HKU\S-1-5-21-2497160206-2615029055-3091190810-1000\...\Run: [Java Applet Launcher] => C:\Users\JUSTYN~1\AppData\Local\Temp\jd2launcher.exe <===== ATTENTION HKU\S-1-5-21-2497160206-2615029055-3091190810-1000\...\Run: [windows] => C:\Users\justyna i darek\AppData\Roaming\winupdatex7.exe HKU\S-1-5-21-2497160206-2615029055-3091190810-1000\...\Run: [] => C:\ [0 ] () HKU\S-1-5-21-2497160206-2615029055-3091190810-1000\...\Run: [udpqt] => C:\Users\justyna i darek\AppData\Roaming\Microsoft\jigtPFhx.exe HKU\S-1-5-21-2497160206-2615029055-3091190810-1000\...\Run: [Windows Update] => C:\Users\justyna i darek\AppData\Roaming\System\Windows Update.exe HKU\S-1-5-21-2497160206-2615029055-3091190810-1000\...\Run: [msnmsgr] => C:\Users\justyna i darek\AppData\Roaming\microsoft\StartUp.exe [55632 2009-06-10] (Microsoft Corporation) HKU\S-1-5-21-2497160206-2615029055-3091190810-1000\...\Run: [VC7T408C46XT] => C:\Users\justyna i darek\AppData\Roaming\FLASH34.exe HKU\S-1-5-21-2497160206-2615029055-3091190810-1000\...\Run: [REU0OTQzRkMzNEI3RDkzOT] => C:\ProgramData\wajyvwcl.exe HKU\S-1-5-21-2497160206-2615029055-3091190810-1000\...\Run: [MSE] => C:\Users\justyna i darek\AppData\Local\Temp\javaw.exe <===== ATTENTION HKU\S-1-5-21-2497160206-2615029055-3091190810-1000\...\Run: [bfbnlkcuf] => C:\Users\justyna i darek\AppData\Local\Temp\bmghmmg.exe <===== ATTENTION HKU\S-1-5-21-2497160206-2615029055-3091190810-1000\...\Run: [Hylqlx] => C:\Users\justyna i darek\AppData\Roaming\Hylqlx.exe HKU\S-1-5-21-2497160206-2615029055-3091190810-1000\...\Run: [06a04cf] => C:\Users\justyna i darek\AppData\Roaming\Microsoft\06a04cf.exe HKU\S-1-5-21-2497160206-2615029055-3091190810-1000\...\Policies\system: [WallpaperStyle] 2 HKU\S-1-5-18\...\Policies\system: [WallpaperStyle] 2 ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File HKU\S-1-5-21-2497160206-2615029055-3091190810-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie HKU\S-1-5-21-2497160206-2615029055-3091190810-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie URLSearchHook: HKLM-x32 - (No Name) - {d43723ae-1ae1-4a25-a6a4-bf0929273cab} - No File URLSearchHook: HKCU - (No Name) - {d43723ae-1ae1-4a25-a6a4-bf0929273cab} - No File BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File BHO-x32: AOL Toolbar BHO -> {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} -> C:\Program Files (x86)\AOL\Pasek narzÄ™dzi AOL 5.0\aoltb.dll No File BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll No File BHO-x32: IEPluginBHO Class -> {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} -> C:\ProgramData\Gadu-Gadu 10\_userdata\ggbho.2.dll No File Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File Toolbar: HKLM-x32 - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\Pasek narzÄ™dzi AOL 5.0\aoltb.dll No File Toolbar: HKU\S-1-5-21-2497160206-2615029055-3091190810-1000 -> No Name - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No File Toolbar: HKU\S-1-5-21-2497160206-2615029055-3091190810-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Task: {16539DC8-8710-41C8-973D-B0CE70934AD7} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{5DCA02B1-0B4F-444E-9654-39FDFE87EB72}.exe Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{5DCA02B1-0B4F-444E-9654-39FDFE87EB72}.exe DisableService: sptd S3 vzcmwezd; No ImagePath S3 ALSysIO; \??\C:\Users\JUSTYN~1\AppData\Local\Temp\ALSysIO64.sys [X] AlternateDataStreams: C:\Windows\Temp:temp AlternateDataStreams: C:\Users\justyna i darek\Local Settings:init C:\Program Files\AVAST Software C:\Program Files (x86)\Mozilla Firefox C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 C:\ProgramData\Doctor Web C:\ProgramData\Norton C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader C:\Users\justyna i darek\Doctor Web C:\Users\justyna i darek\AppData\Local\Google\Chrome C:\Users\justyna i darek\AppData\Local\NPE C:\Users\justyna i darek\AppData\Roaming\microsoft\*.exe C:\Users\justyna i darek\AppData\Roaming\Mozilla C:\Users\justyna i darek\Nokia PC Suite 7\bkmrksync Reg: reg delete "HKCU\Software\Microsoft\Internet Explorer\Search" /f Reg: reg delete "HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Wyszukiwarka na pasku narzÄ™dzi AOL" /f Reg: reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MenuExt\&Wyszukiwarka na pasku narzÄ™dzi AOL" /f Reg: reg delete HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7} /f Reg: reg delete HKCU\Software\Mozilla /f Reg: reg delete HKLM\SOFTWARE\MozillaPlugins /f Reg: reg delete HKLM\SOFTWARE\Wow6432Node\Mozilla /f Reg: reg delete HKLM\SOFTWARE\Wow6432Node\mozilla.org /f Reg: reg delete HKLM\SOFTWARE\Wow6432Node\MozillaPlugins /f CMD: netsh advfirewall reset CMD: dir /a "C:\Program Files" CMD: dir /a "C:\Program Files (x86)" CMD: dir /a C:\ProgramData CMD: dir /a "C:\Users\justyna i darek\AppData\Local" CMD: dir /a "C:\Users\justyna i darek\AppData\LocalLow" CMD: dir /a "C:\Users\justyna i darek\AppData\Roaming" CMD: dir /a "C:\Users\justyna i darek\AppData\Roaming\Microsoft" EmptyTemp: ***************** Processes closed successfully. HKU\S-1-5-21-2497160206-2615029055-3091190810-1000\Software\Microsoft\Windows\CurrentVersion\Run\\dndmwdd.exe => value deleted successfully. HKU\S-1-5-21-2497160206-2615029055-3091190810-1000\Software\Microsoft\Windows\CurrentVersion\Run\\M0JCOTNCMkY3NDQzMDNDRj => value deleted successfully. HKU\S-1-5-21-2497160206-2615029055-3091190810-1000\Software\Microsoft\Windows\CurrentVersion\Run\\RDUwMzMzMzE2QTU5ODNBNT => value deleted successfully. HKU\S-1-5-21-2497160206-2615029055-3091190810-1000\Software\Microsoft\Windows\CurrentVersion\Run\\84639553 => value deleted successfully. HKU\S-1-5-21-2497160206-2615029055-3091190810-1000\Software\Microsoft\Windows\CurrentVersion\Run\\MzY1QjcxRTE5NUNGM0VFRk => value deleted successfully. HKU\S-1-5-21-2497160206-2615029055-3091190810-1000\Software\Microsoft\Windows\CurrentVersion\Run\\KB7J65QX52UA => value deleted successfully. HKU\S-1-5-21-2497160206-2615029055-3091190810-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Ogu3FMdasw3tbhy6 => value deleted successfully. HKU\S-1-5-21-2497160206-2615029055-3091190810-1000\Software\Microsoft\Windows\CurrentVersion\Run\\firefox => value deleted successfully. HKU\S-1-5-21-2497160206-2615029055-3091190810-1000\Software\Microsoft\Windows\CurrentVersion\Run\\sys => value deleted successfully. HKU\S-1-5-21-2497160206-2615029055-3091190810-1000\Software\Microsoft\Windows\CurrentVersion\Run\\SYSTEM Tools => value deleted successfully. HKU\S-1-5-21-2497160206-2615029055-3091190810-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Java Applet Launcher => value deleted successfully. HKU\S-1-5-21-2497160206-2615029055-3091190810-1000\Software\Microsoft\Windows\CurrentVersion\Run\\windows => value deleted successfully. HKU\S-1-5-21-2497160206-2615029055-3091190810-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully. HKU\S-1-5-21-2497160206-2615029055-3091190810-1000\Software\Microsoft\Windows\CurrentVersion\Run\\udpqt => value deleted successfully. HKU\S-1-5-21-2497160206-2615029055-3091190810-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Windows Update => value deleted successfully. HKU\S-1-5-21-2497160206-2615029055-3091190810-1000\Software\Microsoft\Windows\CurrentVersion\Run\\msnmsgr => value deleted successfully. HKU\S-1-5-21-2497160206-2615029055-3091190810-1000\Software\Microsoft\Windows\CurrentVersion\Run\\VC7T408C46XT => value deleted successfully. HKU\S-1-5-21-2497160206-2615029055-3091190810-1000\Software\Microsoft\Windows\CurrentVersion\Run\\REU0OTQzRkMzNEI3RDkzOT => value deleted successfully. HKU\S-1-5-21-2497160206-2615029055-3091190810-1000\Software\Microsoft\Windows\CurrentVersion\Run\\MSE => value deleted successfully. HKU\S-1-5-21-2497160206-2615029055-3091190810-1000\Software\Microsoft\Windows\CurrentVersion\Run\\bfbnlkcuf => value deleted successfully. HKU\S-1-5-21-2497160206-2615029055-3091190810-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Hylqlx => value deleted successfully. HKU\S-1-5-21-2497160206-2615029055-3091190810-1000\Software\Microsoft\Windows\CurrentVersion\Run\\06a04cf => value deleted successfully. HKU\S-1-5-21-2497160206-2615029055-3091190810-1000\Software\Microsoft\Windows\CurrentVersion\Policies\system\\WallpaperStyle => value deleted successfully. HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\system\\WallpaperStyle => value deleted successfully. "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => Key deleted successfully. "HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}" => Key not found. HKU\S-1-5-21-2497160206-2615029055-3091190810-1000\Software\Microsoft\Internet Explorer\Main\\Search Bar => value deleted successfully. HKU\S-1-5-21-2497160206-2615029055-3091190810-1000\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\{d43723ae-1ae1-4a25-a6a4-bf0929273cab} => value deleted successfully. HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{d43723ae-1ae1-4a25-a6a4-bf0929273cab} => value deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully. "HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully. "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}" => Key deleted successfully. "HKCR\Wow6432Node\CLSID\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}" => Key deleted successfully. "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully. "HKCR\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully. "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}" => Key deleted successfully. "HKCR\Wow6432Node\CLSID\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}" => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value deleted successfully. "HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}" => Key not found. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{DE9C389F-3316-41A7-809B-AA305ED9D922} => value deleted successfully. "HKCR\Wow6432Node\CLSID\{DE9C389F-3316-41A7-809B-AA305ED9D922}" => Key deleted successfully. HKU\S-1-5-21-2497160206-2615029055-3091190810-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{DE9C389F-3316-41A7-809B-AA305ED9D922} => value deleted successfully. "HKCR\CLSID\{DE9C389F-3316-41A7-809B-AA305ED9D922}" => Key not found. HKU\S-1-5-21-2497160206-2615029055-3091190810-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value deleted successfully. "HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => Key not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{16539DC8-8710-41C8-973D-B0CE70934AD7}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{16539DC8-8710-41C8-973D-B0CE70934AD7}" => Key deleted successfully. C:\Windows\System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG-Secure-Search-Update_JUNE2013_TB_rmv" => Key deleted successfully. C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => Moved successfully. sptd service was disabled vzcmwezd => Service deleted successfully. ALSysIO => Service deleted successfully. C:\Windows\Temp => ":temp" ADS removed successfully. C:\Users\justyna i darek\Local Settings => ":init" ADS removed successfully. C:\Program Files\AVAST Software => Moved successfully. C:\Program Files (x86)\Mozilla Firefox => Moved successfully. C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt => Moved successfully. C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 => Moved successfully. C:\ProgramData\Doctor Web => Moved successfully. C:\ProgramData\Norton => Moved successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader => Moved successfully. C:\Users\justyna i darek\Doctor Web => Moved successfully. C:\Users\justyna i darek\AppData\Local\Google\Chrome => Moved successfully. C:\Users\justyna i darek\AppData\Local\NPE => Moved successfully. C:\Users\justyna i darek\AppData\Roaming\microsoft\*.exe => Moved successfully. C:\Users\justyna i darek\AppData\Roaming\Mozilla => Moved successfully. C:\Users\justyna i darek\Nokia PC Suite 7\bkmrksync => Moved successfully. ========= reg delete "HKCU\Software\Microsoft\Internet Explorer\Search" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Wyszukiwarka na pasku narzÄ™dzi AOL" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MenuExt\&Wyszukiwarka na pasku narzÄ™dzi AOL" /f ========= Bť¤D: System nie znalazˆ w rejestrze okre˜lonego klucza albo warto˜ci. ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7} /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete HKCU\Software\Mozilla /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\MozillaPlugins /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\Wow6432Node\Mozilla /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\Wow6432Node\mozilla.org /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\Wow6432Node\MozillaPlugins /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= netsh advfirewall reset ========= Ok. ========= End of CMD: ========= ========= dir /a "C:\Program Files" ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: 2AF5-CC4F Katalog: C:\Program Files 2014-11-17 09:55 . 2014-11-17 09:55 .. 2009-08-25 00:36 ATI 2009-08-25 00:42 Broadcom 2012-03-16 20:17 Common Files 2009-07-14 05:54 174 desktop.ini 2010-08-19 11:36 DIFX 2009-08-25 01:18 DigitalPersona 2013-03-21 20:07 DVD Maker 2012-03-16 20:01 Google 2009-08-25 01:16 Hewlett-Packard 2009-08-25 00:41 IDT 2014-11-15 03:30 Internet Explorer 2012-03-29 12:18 JAVA 2009-08-25 10:28 Microsoft Games 2010-11-02 16:43 Microsoft Office 2014-08-19 20:29 Microsoft Silverlight 2009-07-14 06:32 MSBuild 2009-07-14 06:32 Reference Assemblies 2009-08-25 00:38 Synaptics 2009-07-14 06:09 Uninstall Information 2009-08-25 00:39 Validity Sensors, Inc 2009-08-25 00:44 WIDCOMM 2013-07-17 14:47 Windows Defender 2013-03-21 20:07 Windows Mail 2013-12-18 21:09 Windows Media Player 2010-05-21 03:01 Windows NT 2013-03-21 20:07 Windows Photo Viewer 2013-03-21 20:07 Windows Portable Devices 2013-03-21 20:07 Windows Sidebar 1 plik(¢w) 174 bajt¢w 29 katalog(¢w) 312ÿ093ÿ274ÿ112 bajt¢w wolnych ========= End of CMD: ========= ========= dir /a "C:\Program Files (x86)" ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: 2AF5-CC4F Katalog: C:\Program Files (x86) 2014-11-17 09:55 . 2014-11-17 09:55 .. 2010-05-21 03:02 Adobe 2012-03-17 17:18 ADSL Router 2010-06-24 17:39 Ahead 2013-10-05 05:32 ALNET SYSTEMS 2012-09-30 09:13 Ashampoo 2009-08-25 00:37 ATI Technologies 2012-03-17 17:47 AVG 2012-03-19 18:45 Axesstel 2014-11-08 12:38 Common Files 2009-09-17 21:58 CyberLink 2012-08-19 19:21 Daum 2009-07-14 05:54 174 desktop.ini 2009-08-25 01:18 DigitalPersona 2012-09-16 14:51 FotoAS 2014-01-05 10:44 Google 2009-08-25 01:06 Hewlett-Packard 2010-06-06 11:26 Hp 2012-03-16 19:47 HP Games 2012-11-09 22:02 InstallShield Installation Information 2014-11-15 03:30 Internet Explorer 2009-08-25 00:38 JMicron 2014-11-08 13:54 Malwarebytes Anti-Malware 2010-05-21 10:37 Media Player Classic 2010-11-02 16:45 Microsoft Office 2014-08-19 20:29 Microsoft Silverlight 2010-11-02 16:45 Microsoft Visual Studio 2010-11-02 16:43 Microsoft Visual Studio 8 2012-10-11 20:02 Microsoft Works 2012-03-25 08:37 Microsoft.NET 2010-11-02 16:45 MSBuild 2010-06-09 22:09 MSXML 4.0 2012-08-19 19:14 NapiProjekt 2010-08-25 12:42 Nokia 2010-05-21 03:22 Online Services 2014-01-15 21:14 Opera 2010-08-19 11:36 PC Connectivity Solution 2012-05-27 21:28 PhotoFiltre 7 2010-05-21 10:37 Real Alternative 2009-07-14 06:32 Reference Assemblies 2014-03-05 20:50 Skype 2009-07-14 05:57 Uninstall Information 2010-06-23 18:52 VSO 2013-07-17 14:47 Windows Defender 2013-03-21 20:07 Windows Mail 2013-12-18 21:09 Windows Media Player 2009-07-14 06:32 Windows NT 2013-03-21 20:07 Windows Photo Viewer 2013-03-21 20:07 Windows Portable Devices 2013-03-21 20:07 Windows Sidebar 2012-08-05 20:47 WinRAR 1 plik(¢w) 174 bajt¢w 51 katalog(¢w) 312ÿ093ÿ270ÿ016 bajt¢w wolnych ========= End of CMD: ========= ========= dir /a C:\ProgramData ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: 2AF5-CC4F Katalog: C:\ProgramData 2014-11-17 09:55 . 2014-11-17 09:55 .. 2010-05-21 03:03 Adobe 2009-07-14 06:08 Application Data [C:\ProgramData] 2012-09-30 09:13 ashampoo 2009-08-25 00:38 ATI 2012-05-08 17:53 AVG10 2014-08-26 19:52 Avg_Update_0814tb 2010-05-30 14:49 Boss Media 2012-03-30 22:14 Common Files 2011-04-03 18:03 CyberLink 2010-11-02 16:17 DAEMON Tools Lite 2010-05-21 03:01 Dane aplikacji [C:\ProgramData] 2009-07-14 06:08 Desktop [C:\Users\Public\Desktop] 2009-07-14 06:08 Documents [C:\Users\Public\Documents] 2010-05-21 03:01 Dokumenty [C:\Users\Public\Documents] 2009-08-25 01:18 Downloaded Installations 2011-11-19 21:54 FarmFrenzy-PizzaParty 2009-07-14 06:08 Favorites [C:\Users\Public\Favorites] 2010-05-31 18:40 Gadu-Gadu 10 2012-03-16 19:44 Google 2014-11-08 12:37 Hewlett-Packard 2010-06-06 11:27 HP 2010-06-06 11:25 HP Product Assistant 2010-11-11 17:35 HPSSUPPLY 2014-11-17 09:44 179 HPWALog.txt 2012-11-04 16:00 7ÿ301 hpzinstall.log 2010-08-25 12:40 Installations 2010-06-24 17:54 LightScribe 2009-08-25 01:18 Macrovision 2014-11-08 13:54 Malwarebytes 2010-05-21 03:01 Menu Start [C:\ProgramData\Microsoft\Windows\Start Menu] 2012-05-08 17:52 MFAData 2014-02-28 19:20 Microsoft 2014-11-15 03:14 Microsoft Help 2012-03-16 19:55 Nero 2012-03-11 13:00 Net-Weave R 2010-08-25 12:49 Nokia 2009-09-17 21:07 NortonInstaller 2010-06-05 22:01 OpenFM 2010-11-06 07:56 PC Suite 2010-05-21 03:01 Pulpit [C:\Users\Public\Desktop] 2010-06-05 18:03 Recovery 2014-03-05 20:50 Skype 2009-07-14 06:08 Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu] 2010-08-11 18:27 Sun 2010-05-22 02:47 Symantec 2010-05-21 03:01 Szablony [C:\ProgramData\Microsoft\Windows\Templates] 2009-08-25 01:18 Temp 2009-07-14 06:08 Templates [C:\ProgramData\Microsoft\Windows\Templates] 2010-05-21 03:01 Ulubione [C:\Users\Public\Favorites] 2010-06-06 11:27 WEBREG 2012-03-16 19:47 WildTangent 2012-10-15 19:46 YTD Video Downloader 2009-08-25 01:18 32 {051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log 2009-09-17 21:58 109 {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log 2009-08-25 01:17 32 {23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log 2009-09-17 21:54 105 {40BF1E83-20EB-11D8-97C5-0009C5020658}.log 2009-08-25 01:16 32 {4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log 2009-08-25 01:17 32 {9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log 2009-09-17 21:52 107 {C59C179C-668D-49A9-B6EA-0121CCFC1243}.log 2009-09-17 21:58 110 {CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log 2009-08-25 01:18 105 {d36dd326-7280-11d8-97c8-000129760cbe}.log 11 plik(¢w) 8ÿ144 bajt¢w 52 katalog(¢w) 312ÿ093ÿ265ÿ920 bajt¢w wolnych ========= End of CMD: ========= ========= dir /a "C:\Users\justyna i darek\AppData\Local" ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: 2AF5-CC4F Katalog: C:\Users\justyna i darek\AppData\Local 2014-11-17 09:55 . 2014-11-17 09:55 .. 2013-09-24 16:09 Adobe 2011-08-17 19:32 Apps 2012-09-30 09:13 ashampoo 2010-05-21 03:34 ATI 2012-03-17 19:20 0 AtStart.txt 2010-05-30 14:49 Boss Media 2010-05-21 03:34 Broadcom 2010-05-31 18:58 cache 2013-12-31 18:46 CrashDumps 2010-06-02 20:45 CyberLink 2010-05-21 03:01 Dane aplikacji [C:\Users\justyna i darek\AppData\Local] 2012-08-19 19:21 Daum 2011-08-28 10:45 Deployment 2014-07-20 15:06 Diagnostics 2010-05-21 03:34 DigitalPersona 2012-03-17 19:20 0 DSwitch.txt 2013-01-22 20:34 ElevatedDiagnostics 2014-11-15 10:35 EmieBrowserModeList 2014-11-08 13:42 EmieSiteList 2014-11-08 13:42 EmieUserList 2012-11-18 17:01 116ÿ760 GDIPFONTCACHEV1.DAT 2014-11-17 09:55 Google 2010-12-25 18:16 Hewlett-Packard 2010-05-21 03:01 Historia [C:\Users\justyna i darek\AppData\Local\Microsoft\Windows\History] 2010-06-06 11:27 HP 2014-11-17 00:05 1ÿ923ÿ733 IconCache.db 2013-12-18 21:12 Microsoft 2012-04-09 14:24 Microsoft Games 2011-03-31 07:00 Microsoft Help 2010-05-22 13:46 Mozilla 2014-03-08 19:23 Opera 2014-01-15 21:14 Opera Software 2010-06-02 20:45 PowerCinema 2014-03-02 16:26 Programs 2012-03-17 19:20 0 QSwitch.txt 2010-10-28 21:11 RST 2011-10-25 18:47 Solid State Networks 2012-10-04 16:00 Storage 2011-10-13 17:55 Symantec 2014-11-17 09:55 Temp 2010-05-21 03:01 Temporary Internet Files [C:\Users\justyna i darek\AppData\Local\Microsoft\Windows\Temporary Internet Files] 2013-07-24 21:42 1ÿ465ÿ508 tmpDSC05363.JPG 2012-03-17 19:14 VirtualStore 6 plik(¢w) 3ÿ506ÿ001 bajt¢w 39 katalog(¢w) 312ÿ093ÿ265ÿ920 bajt¢w wolnych ========= End of CMD: ========= ========= dir /a "C:\Users\justyna i darek\AppData\LocalLow" ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: 2AF5-CC4F Katalog: C:\Users\justyna i darek\AppData\LocalLow 2014-11-15 10:34 . 2014-11-15 10:34 .. 2012-01-31 21:35 Adobe 2014-11-15 10:35 EmieBrowserModeList 2014-11-08 13:42 EmieSiteList 2014-11-08 13:42 EmieUserList 2013-05-16 19:54 Microsoft 2012-01-30 23:13 PlayReady [C:\ProgramData\Microsoft\PlayReady] 0 plik(¢w) 0 bajt¢w 8 katalog(¢w) 312ÿ093ÿ261ÿ824 bajt¢w wolnych ========= End of CMD: ========= ========= dir /a "C:\Users\justyna i darek\AppData\Roaming" ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: 2AF5-CC4F Katalog: C:\Users\justyna i darek\AppData\Roaming 2014-11-17 09:55 . 2014-11-17 09:55 .. 2012-03-01 09:23 5ÿ702 0QMA0O.dll 2012-03-17 18:30 7pixels 2012-03-09 22:09 562 A66F.exe 2010-05-22 02:37 Adobe 2009-06-10 22:22 32ÿ064 Adobe2.exe 2012-09-30 09:13 Ashampoo 2010-05-21 03:34 ATI 2010-05-31 17:51 CyberLink 2010-12-30 09:27 DAEMON Tools Lite 2012-02-26 20:00 32 Dati 2010-05-21 03:34 DigitalPersona 2012-03-15 19:45 Eddu 2012-03-17 18:30 Edwebi 2012-03-01 09:23 314 ErrorLogs 2009-06-10 22:23 1ÿ169ÿ224 FHEG2DWMP7.exe 2005-07-05 16:12 Filters 2011-07-28 02:37 Gadu-Gadu 10 2012-03-13 18:44 3ÿ161 Goodgame 2011-10-29 14:17 Google 2010-05-24 15:21 Hewlett-Packard 2010-06-06 11:27 HP 2010-06-06 10:07 HP Support Assistant 2010-05-21 03:22 HP TCS 2010-05-21 03:33 hpqlog 2014-11-16 21:29 HpUpdate 2010-05-21 03:33 Identities 2012-03-17 18:30 install 2012-03-17 18:30 InstallDir 2012-03-02 17:45 751 instant 2012-03-11 13:07 Java 2012-03-09 21:57 50ÿ657 justyna i darek3SQLite3.dll 2012-03-09 22:08 317 justyna i dareklog.dat 2012-03-01 07:43 justyna i darekv1.23.0remote 2010-05-22 13:39 Macromedia 2011-07-28 02:37 Macrovision 2009-08-25 10:28 Media Center Programs 2014-11-17 09:55 Microsoft 2012-08-19 19:15 NapiProjekt 2010-06-24 18:22 Nero 2009-06-10 22:22 32ÿ064 netinstall.exe 2010-08-19 11:38 Nokia 2012-03-17 17:01 265ÿ630 ntsokrn.txt 2010-06-01 18:14 OpenFM 2014-03-08 19:23 Opera 2014-01-15 21:14 Opera Software 2010-08-19 11:36 PC Suite 2012-05-27 21:34 PhotoFiltre 7 2012-03-17 18:30 Pixel 2012-03-17 18:30 pixels 2012-08-24 17:30 PotPlayerMini 2010-05-21 10:38 Real 2010-06-17 09:14 RST 2009-06-10 22:22 32ÿ064 sdtart.exe 2014-04-01 18:38 Skype 2009-06-10 22:22 32ÿ064 ss.exe 2012-03-17 18:30 System 2010-06-06 11:38 Template 2011-08-16 13:52 VSO 2012-08-05 20:52 WinRAR 2010-06-06 11:38 148 wklnhst.dat 2012-03-17 18:30 x0liai0k 15 plik(¢w) 1ÿ624ÿ754 bajt¢w 48 katalog(¢w) 312ÿ093ÿ261ÿ824 bajt¢w wolnych ========= End of CMD: ========= ========= dir /a "C:\Users\justyna i darek\AppData\Roaming\Microsoft" ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: 2AF5-CC4F Katalog: C:\Users\justyna i darek\AppData\Roaming\Microsoft 2014-11-17 09:55 . 2014-11-17 09:55 .. 2012-08-03 15:38 Clip Organizer 2010-05-21 03:32 CLR Security Config 2011-03-31 07:00 CLView 2010-05-21 03:01 Credentials 2010-05-21 03:33 Crypto 2010-05-22 03:19 Document Building Blocks 2010-05-22 03:19 Dodatki 2010-06-05 11:45 eHome 2014-07-21 18:01 Excel 2010-08-19 11:43 HTML Help 2012-03-16 19:49 IdentityCRL 2014-03-02 16:26 Installer 2011-04-27 21:39 Internet Explorer 2012-03-10 18:12 1ÿ338 kjdfhjiozeuj 2010-05-24 15:37 1ÿ686 LastFlashConfig.wfc 2010-05-24 16:57 MMC 2012-03-10 18:17 MSN Messenger 2010-05-21 03:34 Network 2012-10-22 22:10 Office 2010-06-02 20:49 OIS 2010-05-21 03:33 Protect 2010-07-16 08:43 Speech 2010-05-22 03:20 Sprawdzanie 2010-05-21 03:01 SystemCertificates 2012-11-05 22:43 Szablony 2010-07-16 15:00 UProof 2013-12-18 21:12 Windows 2013-09-15 07:20 Word 2010-06-06 11:38 Works 2 plik(¢w) 3ÿ024 bajt¢w 29 katalog(¢w) 312ÿ093ÿ257ÿ728 bajt¢w wolnych ========= End of CMD: ========= EmptyTemp: => Removed 2.4 GB temporary data. The system needed a reboot. ==== End of Fixlog ====