Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-01-2015 03 Ran by apple3 (administrator) on BARANOWS-FFE0B1 on 03-01-2015 19:45:46 Running from C:\Documents and Settings\apple3\Pulpit\Marcin\KOMPIK\PODSTAWOWE LOGI Loaded Profile: apple3 (Available profiles: apple3) Platform: Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polski Internet Explorer Version 8 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe () C:\WINDOWS\system32\AppleOSSMgr.exe (Apple Inc.) C:\WINDOWS\system32\AppleTimeSrv.exe (Juniper Networks) C:\Program Files\Juniper Networks\Common Files\dsNcService.exe (Lexmark International, Inc.) C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdmserv.exe ( ) C:\WINDOWS\system32\lxdmcoms.exe (pdfforge GmbH) C:\Program Files\PDF Architect\HelperService.exe (pdfforge GmbH) C:\Program Files\PDF Architect\ConversionService.exe (Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe (Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe (Apple Inc.) C:\Program Files\Boot Camp\Bootcamp.exe (Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 11.0\Acrobat\acrotray.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe (Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe (Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avpui.exe (Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe (FastStone Soft) C:\Program Files\FastStone Capture\FSCapture.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [nwiz] => nwiz.exe /installquiet HKLM\...\Run: [BluetoothAuthenticationAgent] => rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent HKLM\...\Run: [Apple_KbdMgr] => C:\Program Files\Boot Camp\Bootcamp.exe [431408 2009-07-22] (Apple Inc.) HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated) HKLM\...\Run: [] => [X] HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499896 2014-05-08] (Adobe Systems Inc.) HKU\S-1-5-21-1801674531-1123561945-2147047481-1003\...\Run: [] => [X] HKU\S-1-5-21-1801674531-1123561945-2147047481-1003\...\MountPoints2: {082aad18-1b87-11e1-92b2-002608d91702} - E:\AutoRun.exe HKU\S-1-5-21-1801674531-1123561945-2147047481-1003\...\MountPoints2: {082aad1a-1b87-11e1-92b2-002608d91702} - E:\AutoRun.exe HKU\S-1-5-21-1801674531-1123561945-2147047481-1003\...\MountPoints2: {26caf123-b30b-11e0-91e1-002608d91702} - E:\AutoRun.exe HKU\S-1-5-21-1801674531-1123561945-2147047481-1003\...\MountPoints2: {43461b4e-1c31-11e1-92b4-002608d91702} - E:\AutoRun.exe HKU\S-1-5-21-1801674531-1123561945-2147047481-1003\...\MountPoints2: {94bd326f-bc32-11e0-91e9-002608d91702} - E:\Toshiba\Launcher\start.exe HKU\S-1-5-21-1801674531-1123561945-2147047481-1003\...\MountPoints2: {af3d6c6a-0329-11e1-926a-002608d91702} - E:\AutoRun.exe HKU\S-1-5-21-1801674531-1123561945-2147047481-1003\...\MountPoints2: {d8e11d54-1d1a-11e1-92b8-002608d91702} - E:\AutoRun.exe HKU\S-1-5-21-1801674531-1123561945-2147047481-1003\...\MountPoints2: {f81e399a-1b85-11e1-92b1-002608d91702} - E:\AutoRun.exe HKU\S-1-5-18\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_9_900_170_Plugin.exe -update plugin HKU\S-1-5-18\...\RunOnce: [Del1157218] => cmd.exe /Q /D /c del "C:\WINDOWS\TEMP\0.del" <===== ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKU\S-1-5-21-1801674531-1123561945-2147047481-1003\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1403258150&from=cor&uid=FUJITSUXMJA2160BHXFFSXG1_K96LT9925C8ET9925C8EX&q={searchTerms} HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "http://www.interia.pl/#utm_source=instalki&utm_medium=installer&utm_campaign=instalki" <======= ATTENTION SearchScopes: HKU\S-1-5-21-1801674531-1123561945-2147047481-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO) BHO: Lexmark Pasek narzędzi -> {1017A80C-6F09-4548-A84D-EDD6AC9525F0} -> C:\Program Files\Lexmark Toolbar\toolband.dll () BHO: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GmbH) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation) BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation) BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKLM - Lexmark Pasek narzędzi - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll () Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKU\.DEFAULT -> Lexmark Pasek narzędzi - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll () Toolbar: HKU\S-1-5-21-1801674531-1123561945-2147047481-1003 -> Lexmark Pasek narzędzi - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll () Toolbar: HKU\S-1-5-21-1801674531-1123561945-2147047481-1003 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1256659542234 DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_55-windows-i586.cab DPF: {CAFEEFAC-0017-0000-0055-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_55-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_55-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 62.179.1.63 62.179.1.62 FireFox: ======== FF ProfilePath: C:\Documents and Settings\apple3\Dane aplikacji\Mozilla\Firefox\Profiles\k2n0xdxn.default-1411383432764 FF DefaultSearchEngine: Ask Search FF SelectedSearchEngine: Ask Search FF Homepage: www.google.pl FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll () FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1215155.dll (Adobe Systems, Inc.) FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC) FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com () FF Plugin: @kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82 -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com () FF Plugin: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( ) FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems) FF user.js: detected! => C:\Documents and Settings\apple3\Dane aplikacji\Mozilla\Firefox\Profiles\k2n0xdxn.default-1411383432764\user.js FF SearchPlugin: C:\Documents and Settings\apple3\Dane aplikacji\Mozilla\Firefox\Profiles\k2n0xdxn.default-1411383432764\searchplugins\ask-search.xml FF Extension: No Name - C:\Documents and Settings\apple3\Dane aplikacji\Mozilla\Firefox\Profiles\k2n0xdxn.default-1411383432764\Extensions\trash [2015-01-03] FF HKLM\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru FF HKLM\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru FF HKLM\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-02-20] FF HKLM\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files\PDF Architect\FFPDFArchitectExt FF Extension: PDF Architect Converter For Firefox - C:\Program Files\PDF Architect\FFPDFArchitectExt [2013-05-30] FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn FF Extension: Adobe Acrobat - Create PDF - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-09-07] FF HKLM\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com FF Extension: Модуль блокування небезпечних веб-сайтів - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2014-11-12] FF HKLM\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com FF Extension: Віртуальна клавіатура - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2014-11-12] FF HKLM\...\Firefox\Extensions: [online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com FF Extension: Безпечні платежі - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2014-11-12] FF Extension: No Name - C:\Documents and Settings\apple3\Dane aplikacji\Mozilla\Firefox\Profiles\k2n0xdxn.default-1411383432764\extensions\{5ebdca98-43b3-45bb-87e0-716029fb42ab} [Not Found] Chrome: ======= CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-05-08] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [69632 2014-09-06] (Adobe Systems) [File not signed] R2 AppleOSSMgr; C:\WINDOWS\system32\AppleOSSMgr.exe [136496 2009-07-22] () R2 AppleTimeSrv; C:\WINDOWS\system32\AppleTimeSrv.exe [99632 2009-07-22] (Apple Inc.) R2 AVP15.0.1; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO) R2 dsNcService; C:\Program Files\Juniper Networks\Common Files\dsNcService.exe [671368 2012-05-05] (Juniper Networks) S4 FirebirdGuardianDefaultInstance; C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe [65536 2007-11-08] (The Firebird Project) [File not signed] S4 FirebirdServerDefaultInstance; C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe [1515599 2007-11-08] (The Firebird Project) [File not signed] R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-10-17] (Oracle Corporation) R2 lxdmCATSCustConnectService; C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdmserv.exe [99248 2007-06-07] (Lexmark International, Inc.) R2 lxdm_device; C:\WINDOWS\system32\lxdmcoms.exe [598960 2007-06-07] ( ) R2 nvsvc; C:\WINDOWS\system32\nvsvc32.exe [168004 2009-04-15] (NVIDIA Corporation) [File not signed] R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH) R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH) S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R0 AppleHFS; C:\WINDOWS\system32\Drivers\AppleHFS.sys [48000 2009-07-22] (Apple Inc.) [File not signed] R0 AppleMNT; C:\WINDOWS\system32\Drivers\AppleMNT.sys [5120 2009-07-22] (Apple Inc.) [File not signed] R3 applemtm; C:\WINDOWS\System32\DRIVERS\applemtm.sys [10496 2009-07-22] (Apple Inc.) R3 applemtp; C:\WINDOWS\System32\DRIVERS\applemtp.sys [29440 2009-07-22] (Apple Inc.) S3 AR9271; C:\WINDOWS\System32\DRIVERS\athuw.sys [1763584 2011-07-28] (Atheros Communications, Inc.) [File not signed] S3 AVPsys; C:\WINDOWS\system32\drivers\cdaudio.sys [18688 2001-08-17] (Microsoft Corporation) R3 BCM43XX; C:\WINDOWS\System32\DRIVERS\bcmwl5.sys [1391104 2009-07-22] (Broadcom Corporation) S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation) R0 cm_km_w; C:\WINDOWS\System32\DRIVERS\cm_km_w.sys [189136 2013-01-14] (Kaspersky Lab UK Ltd) S3 cxbu0wdm; C:\WINDOWS\System32\DRIVERS\cxbu0wdm.sys [119040 2011-09-06] (HID Global Corporation) S3 DrvAgent32; C:\WINDOWS\system32\Drivers\DrvAgent32.sys [23456 2014-05-06] (Phoenix Technologies) [File not signed] R3 dsNcAdpt; C:\WINDOWS\System32\DRIVERS\dsNcAdpt.sys [26624 2012-05-05] (Juniper Networks) S3 GTwinUSB; C:\WINDOWS\System32\Drivers\GTwinUSB.sys [61840 2004-06-28] (Gemplus) R3 HdAudAddService; C:\WINDOWS\System32\drivers\clhdaud.sys [27648 2009-05-11] (Cirrus Logic) R3 IRRemoteFlt; C:\WINDOWS\System32\DRIVERS\IRFilter.sys [16512 2009-07-22] (Apple Inc.) R2 KeyAgent; C:\WINDOWS\system32\drivers\KeyAgent.sys [5760 2009-07-22] (Apple Inc.) [File not signed] R3 KeyMagic; C:\WINDOWS\System32\DRIVERS\KeyMagic.sys [23552 2009-07-22] (Apple Inc.) R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [143968 2014-03-31] (Kaspersky Lab ZAO) R2 kldisk; C:\WINDOWS\System32\DRIVERS\kldisk.sys [36928 2014-07-02] (Kaspersky Lab ZAO) R3 klflt; C:\WINDOWS\System32\DRIVERS\klflt.sys [116744 2014-12-15] (Kaspersky Lab ZAO) R1 klhk; C:\WINDOWS\System32\DRIVERS\klhk.sys [36024 2014-08-12] (Kaspersky Lab ZAO) R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [671432 2014-12-15] (Kaspersky Lab ZAO) R3 klim5; C:\WINDOWS\System32\DRIVERS\klim5.sys [36448 2013-04-19] (Kaspersky Lab ZAO) R3 klkbdflt; C:\WINDOWS\System32\DRIVERS\klkbdflt.sys [23648 2014-03-28] (Kaspersky Lab ZAO) R3 klmouflt; C:\WINDOWS\System32\DRIVERS\klmouflt.sys [24672 2013-08-08] (Kaspersky Lab ZAO) R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [14432 2013-04-12] (Kaspersky Lab ZAO) R1 kltdf; C:\WINDOWS\System32\DRIVERS\kltdf.sys [60552 2014-08-21] (Kaspersky Lab ZAO) R1 kltdi; C:\WINDOWS\System32\DRIVERS\kltdi.sys [44992 2014-06-05] (Kaspersky Lab ZAO) R1 kneps; C:\WINDOWS\System32\DRIVERS\kneps.sys [146240 2014-07-09] (Kaspersky Lab ZAO) R2 MacHALDriver; C:\WINDOWS\system32\drivers\MacHALDriver.sys [8576 2009-07-22] (Apple Inc.) [File not signed] S3 MSIRCOMM; C:\WINDOWS\System32\DRIVERS\MSIRCOMM.sys [22016 2008-04-13] (Microsoft Corporation) S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation) S3 Netaapl; C:\WINDOWS\System32\DRIVERS\netaapl.sys [18432 2010-04-19] (Apple Inc.) [File not signed] R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.) R3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [54784 2009-07-22] (NVIDIA Corporation) R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [22016 2009-07-22] (NVIDIA Corporation) U3 PROCMON23; C:\WINDOWS\System32\Drivers\PROCMON23.SYS [65048 2013-07-31] (Sysinternals - www.sysinternals.com) S3 tap0901; C:\WINDOWS\System32\DRIVERS\tap0901.sys [25984 2009-07-16] (The OpenVPN Project) [File not signed] S3 zte_cdc_acm; C:\WINDOWS\System32\DRIVERS\zte_cdc_acm.sys [67968 2011-08-10] (ZTE) [File not signed] S3 zte_cpo; C:\WINDOWS\System32\DRIVERS\zte_cpo.sys [9984 2011-08-10] (ZTE) [File not signed] U2 CertPropSvc; No ImagePath S4 IntelIde; No ImagePath U4 klkbdflt2; system32\DRIVERS\klkbdflt2.sys [X] U1 WS2IFSL; No ImagePath ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-03 18:41 - 2015-01-03 18:41 - 00000758 _____ () C:\Documents and Settings\All Users\Pulpit\FastStone Capture.lnk 2015-01-03 18:41 - 2015-01-03 18:41 - 00000000 ____D () C:\Program Files\FastStone Capture 2015-01-03 18:41 - 2015-01-03 18:41 - 00000000 ____D () C:\Documents and Settings\apple3\Ustawienia lokalne\Dane aplikacji\FastStone 2015-01-03 18:41 - 2015-01-03 18:41 - 00000000 ____D () C:\Documents and Settings\apple3\Dane aplikacji\FastStone 2015-01-03 18:41 - 2015-01-03 18:41 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\FastStone Capture 2015-01-03 14:27 - 2015-01-03 14:28 - 00000000 ____D () C:\Documents and Settings\apple3\Dane aplikacji\driveridentifier 2015-01-03 14:27 - 2015-01-03 14:27 - 00000000 ____D () C:\Program Files\Driver Identifier 2015-01-03 14:27 - 2015-01-03 14:27 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Driver Identifier 2015-01-03 13:49 - 2015-01-03 13:49 - 00000000 ____D () C:\Program Files\Common Files\Java 2015-01-03 13:47 - 2015-01-03 14:02 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Oracle 2015-01-03 13:22 - 2015-01-03 13:22 - 00000000 ____D () C:\WINDOWS\system32\Adobe 2014-12-27 22:03 - 2014-12-27 22:03 - 00000767 _____ () C:\Documents and Settings\apple3\Pulpit\DllSuite.lnk 2014-12-27 22:03 - 2014-12-27 22:03 - 00000000 ____D () C:\Program Files\DLLSuite 2014-12-27 22:03 - 2014-12-27 22:03 - 00000000 ____D () C:\Documents and Settings\apple3\Menu Start\Programy\Dll Suite 2014 2014-12-27 20:48 - 2014-12-27 21:17 - 00000000 ____D () C:\Program Files\RegCleaner 2014-12-27 20:48 - 2014-12-27 20:48 - 00000653 _____ () C:\Documents and Settings\apple3\Pulpit\RegCleaner.lnk 2014-12-27 20:42 - 2014-12-27 20:42 - 00000785 _____ () C:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk 2014-12-27 20:41 - 2014-12-27 20:41 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware 2014-12-27 20:41 - 2014-12-27 20:41 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes Anti-Malware 2014-12-27 20:41 - 2014-11-21 06:14 - 00054360 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2014-12-27 20:41 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2014-12-27 18:48 - 2015-01-03 15:51 - 00038792 _____ () C:\WINDOWS\setupapi.log 2014-12-25 12:54 - 2014-12-25 12:54 - 00000841 _____ () C:\Documents and Settings\apple3\Pulpit\WinASO Registry Optimizer.lnk 2014-12-25 12:54 - 2014-12-25 12:54 - 00000000 ____D () C:\Program Files\WinASO 2014-12-25 12:54 - 2014-12-25 12:54 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\WinASO 2014-12-25 12:53 - 2014-12-25 12:53 - 08009040 _____ (X.M.Y International LLC ) C:\Documents and Settings\apple3\Moje dokumenty\WinASO_RO_v4.8.7.exe 2014-12-25 12:39 - 2014-12-25 12:39 - 00290304 _____ (Microsoft Corporation) C:\WINDOWS\system32\subinacl.exe 2014-12-25 12:33 - 2014-12-25 12:39 - 00000000 ____D () C:\Program Files\Adware-Removal-Tool 2014-12-25 11:58 - 2014-12-25 11:58 - 00001083 _____ () C:\WINDOWS\netfxocm.log 2014-12-25 11:58 - 2014-12-25 11:58 - 00000425 _____ () C:\WINDOWS\MedCtrOC.log 2014-12-25 11:58 - 2014-12-25 11:58 - 00000386 _____ () C:\WINDOWS\ocmsn.log 2014-12-25 11:58 - 2014-12-25 11:58 - 00000319 _____ () C:\WINDOWS\tabletoc.log 2014-12-25 11:57 - 2014-12-25 13:09 - 00065536 _____ () C:\WINDOWS\system32\config\WindowsPowerShell.evt 2014-12-25 11:57 - 2014-12-25 11:58 - 00006723 _____ () C:\WINDOWS\iis6.log 2014-12-25 11:57 - 2014-12-25 11:58 - 00006182 _____ () C:\WINDOWS\FaxSetup.log 2014-12-25 11:57 - 2014-12-25 11:58 - 00002956 _____ () C:\WINDOWS\ocgen.log 2014-12-25 11:57 - 2014-12-25 11:58 - 00002829 _____ () C:\WINDOWS\tsoc.log 2014-12-25 11:57 - 2014-12-25 11:58 - 00002080 _____ () C:\WINDOWS\comsetup.log 2014-12-25 11:57 - 2014-12-25 11:58 - 00001393 _____ () C:\WINDOWS\imsins.log 2014-12-25 11:57 - 2014-12-25 11:58 - 00001257 _____ () C:\WINDOWS\ntdtcsetup.log 2014-12-25 11:57 - 2014-12-25 11:58 - 00000303 _____ () C:\WINDOWS\msgsocm.log 2014-12-25 11:57 - 2014-12-25 11:57 - 00001960 _____ () C:\WINDOWS\msmqinst.log 2014-12-25 11:57 - 2014-12-25 11:57 - 00000183 _____ () C:\WINDOWS\spupdsvc.log 2014-12-25 11:57 - 2014-12-25 11:57 - 00000000 ____D () C:\WINDOWS\system32\windowspowershell 2014-12-25 11:57 - 2014-12-25 11:57 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Windows PowerShell 1.0 2014-12-25 11:56 - 2014-12-25 11:58 - 00031323 _____ () C:\WINDOWS\KB926139-v2.log 2014-12-25 11:56 - 2014-12-25 11:57 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB926139-v2$ 2014-12-25 10:43 - 2005-09-29 09:35 - 00056960 _____ (OrangeWare Corporation) C:\WINDOWS\system32\Drivers\ousb2hub.sys 2014-12-25 10:43 - 2005-09-29 09:34 - 00045824 _____ (OrangeWare Corporation) C:\WINDOWS\system32\Drivers\ousbehci.sys 2014-12-25 09:22 - 2014-12-25 09:22 - 00000103 _____ () C:\WINDOWS\pro.INI 2014-12-23 10:45 - 2014-12-23 11:23 - 00000000 ____D () C:\Documents and Settings\apple3\Pulpit\juwentus 2014-12-23 10:32 - 2014-12-23 10:32 - 00000000 ____D () C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Opera Software 2014-12-23 10:32 - 2014-12-23 10:32 - 00000000 ____D () C:\Documents and Settings\NetworkService\Dane aplikacji\Opera Software 2014-12-17 18:36 - 2014-12-17 18:36 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\RaksSQL_NetKlient 2014-12-17 18:35 - 2014-12-17 18:36 - 00000000 __HDC () C:\Documents and Settings\All Users\Dane aplikacji\{B060627A-BC74-4D5E-BAF8-32D5494C7B88} 2014-12-17 14:14 - 2014-12-17 14:14 - 03514088 _____ () C:\Documents and Settings\All Users\SPL100.tmp 2014-12-16 21:52 - 2014-12-27 21:28 - 00000000 ____D () C:\Documents and Settings\apple3\Dane aplikacji\Foxtab 2014-12-16 21:50 - 2014-12-16 21:51 - 00000000 ____D () C:\Program Files\Foxtab 2014-12-15 16:09 - 2014-12-15 18:04 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\RAKSSQL 2014-12-15 16:04 - 2014-12-15 16:12 - 00000000 __HDC () C:\Documents and Settings\All Users\Dane aplikacji\{42B1D75A-0524-4DF6-9A13-A7745F5DFA70} 2014-12-15 15:50 - 2014-12-15 15:50 - 00000000 ____D () C:\Documents and Settings\apple3\Ustawienia lokalne\Dane aplikacji\PackageAware 2014-12-15 15:26 - 2014-12-15 15:26 - 00000000 ____D () C:\Documents and Settings\apple3\Pulpit\alicja 2014-12-14 21:14 - 2014-12-29 21:40 - 00000000 ____D () C:\Documents and Settings\apple3\Dane aplikacji\FlvPlayer 2014-12-14 21:14 - 2014-12-16 21:50 - 00000992 _____ () C:\Documents and Settings\All Users\Pulpit\FlvPlayer.lnk 2014-12-14 21:14 - 2014-12-14 21:14 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\FlvPlayer 2014-12-14 20:11 - 2014-12-14 20:11 - 00001437 _____ () C:\WINDOWS\wmsetup.log 2014-12-14 19:13 - 2014-12-14 19:13 - 00000000 ____D () C:\Documents and Settings\apple3\Ustawienia lokalne\Dane aplikacji\Innovative Solutions 2014-12-14 19:13 - 2014-12-14 19:13 - 00000000 ____D () C:\Documents and Settings\apple3\Dane aplikacji\Innovative Solutions 2014-12-14 19:12 - 2014-12-14 19:12 - 00000000 ____D () C:\Program Files\Innovative Solutions 2014-12-14 13:14 - 2014-12-14 13:14 - 00000000 ____D () C:\Documents and Settings\apple3\Dane aplikacji\MPC-HC 2014-12-14 13:08 - 2014-12-14 13:08 - 00000834 _____ () C:\Documents and Settings\All Users\Pulpit\Media Player Classic.lnk 2014-12-14 13:08 - 2014-12-14 13:08 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\K-Lite Codec Pack 2014-12-14 13:02 - 2014-12-14 13:02 - 32739071 _____ ( ) C:\Documents and Settings\apple3\Moje dokumenty\K-Lite_Codec_Pack_1090_Full.exe 2014-12-14 12:21 - 2014-12-14 12:21 - 00000000 ____D () C:\WINDOWS\system32\Lang 2014-12-14 12:11 - 2014-12-14 12:11 - 00000000 ____D () C:\Program Files\Realtek AC97 2014-12-14 11:58 - 2014-12-14 11:54 - 18804736 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\alsndmgr.cpl 2014-12-14 11:58 - 2014-12-14 11:54 - 10528768 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTLCPL.exe 2014-12-14 11:58 - 2014-12-14 11:54 - 00577536 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\soundman.exe 2014-12-14 11:58 - 2014-12-14 11:54 - 00147456 _____ () C:\WINDOWS\system32\RtlCPAPI.dll 2014-12-14 11:58 - 2014-12-14 11:54 - 00141016 _____ () C:\WINDOWS\system32\alsndmgr.wav 2014-12-14 11:58 - 2014-12-14 11:54 - 00049152 _____ () C:\WINDOWS\system32\ChCfg.exe 2014-12-14 11:58 - 2008-09-24 10:40 - 04122368 ____R (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\alcxwdm.sys 2014-12-14 11:55 - 2014-12-14 11:54 - 00315392 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\alcupd.exe 2014-12-14 11:55 - 2014-12-14 11:54 - 00217088 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\alcrmv.exe 2014-12-14 11:48 - 2014-12-14 11:48 - 00000000 ____D () C:\Documents and Settings\apple3\Ustawienia lokalne\Dane aplikacji\DriverToolkit 2014-12-13 10:29 - 2014-12-13 10:29 - 00000000 ____D () C:\Documents and Settings\apple3\Moje dokumenty\Nokia Suite 2014-12-13 10:26 - 2014-12-13 10:26 - 00000000 ____D () C:\Documents and Settings\apple3\Dane aplikacji\Nokia Suite 2014-12-13 10:20 - 2014-12-13 10:20 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf 2014-12-13 10:19 - 2014-12-13 10:19 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_ccdcmb_01009.Wdf 2014-12-13 10:12 - 2014-12-13 10:12 - 00001753 _____ () C:\Documents and Settings\All Users\Pulpit\Nokia Suite.lnk 2014-12-13 10:12 - 2014-12-13 10:12 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Nokia 2014-12-13 10:10 - 2014-12-13 10:11 - 00000000 ____D () C:\Program Files\Common Files\Nokia 2014-12-13 10:06 - 2014-12-13 10:06 - 00000000 ____D () C:\Program Files\PC Connectivity Solution 2014-12-13 10:06 - 2012-10-17 14:53 - 00019072 _____ (Nokia) C:\WINDOWS\system32\Drivers\pccsmcfd.sys 2014-12-13 10:05 - 2013-01-23 10:31 - 00123904 _____ (Nokia) C:\WINDOWS\system32\ccdcmbwu.dll 2014-12-13 10:05 - 2013-01-23 10:31 - 00069632 _____ (Nokia) C:\WINDOWS\system32\nmwcdcocls.dll 2014-12-13 10:05 - 2013-01-23 10:31 - 00023168 _____ (Nokia) C:\WINDOWS\system32\Drivers\ccdcmbo.sys 2014-12-13 10:05 - 2013-01-23 10:31 - 00018560 _____ (Nokia) C:\WINDOWS\system32\Drivers\ccdcmb.sys 2014-12-13 10:05 - 2013-01-23 10:31 - 00008192 _____ (Nokia) C:\WINDOWS\system32\Drivers\usbser_lowerfltj.sys 2014-12-13 10:05 - 2013-01-23 10:31 - 00008192 _____ (Nokia) C:\WINDOWS\system32\Drivers\usbser_lowerflt.sys 2014-12-13 10:00 - 2014-12-13 10:00 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\NokiaInstallerCache 2014-12-13 09:46 - 2014-12-13 09:46 - 106320416 _____ () C:\Documents and Settings\apple3\Moje dokumenty\Nokia_Suite_webinstaller_ALL.exe 2014-12-09 16:39 - 2014-12-09 16:41 - 00000000 ____D () C:\Documents and Settings\apple3\Pulpit\Alzitel Faktury ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-03 19:46 - 2009-10-27 16:44 - 00000000 ____D () C:\Documents and Settings\apple3\Ustawienia lokalne\Temp 2015-01-03 19:45 - 2014-04-27 02:29 - 00000000 ____D () C:\FRST 2015-01-03 19:34 - 2014-06-12 13:17 - 00000000 ____D () C:\Documents and Settings\apple3\Moje dokumenty\Pobrane 2015-01-03 18:41 - 2009-10-27 16:44 - 00000000 __RHD () C:\Documents and Settings\apple3\Dane aplikacji 2015-01-03 18:41 - 2009-10-27 16:44 - 00000000 ___HD () C:\Documents and Settings\apple3\Ustawienia lokalne\Dane aplikacji 2015-01-03 18:41 - 2009-10-27 16:14 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy 2015-01-03 18:41 - 2009-10-27 16:14 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit 2015-01-03 18:29 - 2012-09-16 09:33 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab 2015-01-03 18:17 - 2009-10-27 16:35 - 01972104 _____ () C:\WINDOWS\WindowsUpdate.log 2015-01-03 14:43 - 2009-10-27 16:33 - 00000000 ____D () C:\WINDOWS\system32\Restore 2015-01-03 14:02 - 2014-10-17 18:01 - 00146432 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl 2015-01-03 14:02 - 2014-10-17 18:01 - 00096680 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll 2015-01-03 13:59 - 2009-10-27 16:15 - 01266956 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2015-01-03 13:59 - 2008-04-15 13:00 - 00560072 _____ () C:\WINDOWS\system32\perfh015.dat 2015-01-03 13:59 - 2008-04-15 13:00 - 00106972 _____ () C:\WINDOWS\system32\perfc015.dat 2015-01-03 13:51 - 2011-12-28 12:23 - 00000000 ____D () C:\Program Files\Java 2015-01-03 13:47 - 2009-10-27 16:14 - 00000000 __RHD () C:\Documents and Settings\All Users\Dane aplikacji 2015-01-03 13:00 - 2014-04-26 03:06 - 00114904 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-01-03 12:37 - 2014-03-30 17:04 - 00000224 _____ () C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job 2015-01-03 12:37 - 2009-04-15 21:10 - 00228847 _____ () C:\WINDOWS\system32\NvApps.xml 2015-01-03 12:37 - 2008-04-15 13:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl 2015-01-03 12:28 - 2014-09-24 11:34 - 00000050 _____ () C:\WINDOWS\wiaservc.log 2015-01-03 12:28 - 2009-10-27 16:43 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2015-01-03 12:28 - 2009-10-27 16:17 - 00000159 _____ () C:\WINDOWS\wiadebug.log 2015-01-03 10:51 - 2009-10-27 16:44 - 00000000 ____D () C:\Documents and Settings\apple3 2015-01-03 10:51 - 2009-10-27 16:43 - 00000000 __SHD () C:\Documents and Settings\LocalService 2015-01-03 10:51 - 2009-10-27 16:39 - 00000000 __SHD () C:\Documents and Settings\NetworkService 2015-01-03 10:51 - 2009-10-27 16:32 - 00000000 ____D () C:\WINDOWS\Registration 2015-01-03 10:50 - 2009-10-27 16:43 - 00032526 _____ () C:\WINDOWS\SchedLgU.Txt 2015-01-02 16:04 - 2013-08-01 15:28 - 00000000 ____D () C:\Documents and Settings\apple3\Moje dokumenty\CERTYFIKATY 2014-12-29 21:41 - 2010-08-10 10:18 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979482$ 2014-12-29 21:40 - 2009-10-27 16:44 - 00000188 ___SH () C:\Documents and Settings\apple3\ntuser.ini 2014-12-29 19:20 - 2012-02-15 12:36 - 00000000 ____D () C:\WINDOWS\Microsoft.NET 2014-12-29 10:00 - 2014-08-05 12:08 - 00000000 ____D () C:\Documents and Settings\apple3\Pulpit\Marcin 2014-12-29 09:35 - 2009-10-27 16:44 - 00000000 ____D () C:\Documents and Settings\apple3\Pulpit 2014-12-27 22:13 - 2009-10-27 16:07 - 00000000 ____D () C:\WINDOWS\PeerNet 2014-12-27 22:03 - 2009-10-27 16:44 - 00000000 ____D () C:\Documents and Settings\apple3\Menu Start\Programy 2014-12-27 21:36 - 2012-09-13 11:09 - 00000930 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-12-27 21:28 - 2014-09-24 10:39 - 00000000 ____D () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\ICSharpCode.net 2014-12-27 21:28 - 2014-07-24 04:30 - 00000000 ____D () C:\Documents and Settings\apple3\Ustawienia lokalne\Dane aplikacji\Temp 2014-12-25 13:09 - 2014-11-12 11:23 - 00301646 _____ () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat 2014-12-25 13:09 - 2014-11-12 11:23 - 00301646 _____ () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-S-1-5-21-1801674531-1123561945-2147047481-1003-0.dat 2014-12-25 12:53 - 2009-10-27 16:44 - 00000000 ___RD () C:\Documents and Settings\apple3\Moje dokumenty 2014-12-25 11:52 - 2014-10-08 07:50 - 00000000 ____D () C:\Program Files\Cain 2014-12-25 10:43 - 2014-10-06 10:15 - 00072796 _____ () C:\WINDOWS\DPINST.LOG 2014-12-25 10:43 - 2014-10-03 07:26 - 01123584 _____ () C:\WINDOWS\setupapi.log.1.old 2014-12-25 10:39 - 2014-05-26 19:50 - 00000000 ____D () C:\Documents and Settings\apple3\Ustawienia lokalne\Dane aplikacji\Opera Software 2014-12-25 10:39 - 2014-05-26 19:50 - 00000000 ____D () C:\Documents and Settings\apple3\Dane aplikacji\Opera Software 2014-12-25 10:39 - 2014-05-26 19:45 - 00000000 ____D () C:\Program Files\Opera 2014-12-25 10:38 - 2012-09-27 13:03 - 00000000 ____D () C:\Fakturka 2014-12-25 09:42 - 2014-08-23 20:58 - 00000000 ____D () C:\Program Files\UniPDF 2014-12-25 09:41 - 2014-09-07 08:30 - 00000000 ____D () C:\Program Files\Teleport Pro 2014-12-25 09:03 - 2014-04-24 09:28 - 00000000 ____D () C:\Program Files\Google 2014-12-25 09:00 - 2014-04-24 09:28 - 00000000 ____D () C:\Documents and Settings\apple3\Ustawienia lokalne\Dane aplikacji\Google 2014-12-24 23:39 - 2013-03-09 09:00 - 00001024 ____H () C:\WINDOWS\system32\config\elam.LOG 2014-12-24 23:27 - 2009-10-27 16:56 - 00000000 ____D () C:\WINDOWS\system32\ReinstallBackups 2014-12-24 23:15 - 2013-10-14 06:45 - 00000218 _____ () C:\Documents and Settings\NetworkService\Dane aplikacji\WB.CFG 2014-12-24 22:05 - 2013-10-02 19:26 - 00019394 _____ () C:\Documents and Settings\All Users\lxdm 2014-12-24 22:05 - 2013-09-14 15:08 - 00000000 ____D () C:\Documents and Settings\All Users\Lx_cats 2014-12-23 10:32 - 2009-10-27 16:39 - 00000000 ____D () C:\Documents and Settings\NetworkService\Dane aplikacji 2014-12-21 19:38 - 2014-10-08 14:34 - 00000000 ____D () C:\Documents and Settings\apple3\Pulpit\dokumnety rozne ALA 2014-12-21 19:27 - 2013-10-13 12:45 - 00000127 _____ () C:\Documents and Settings\apple3\Dane aplikacji\WB.CFG 2014-12-19 14:09 - 2014-12-02 20:24 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-12-17 18:34 - 2014-10-05 13:32 - 00012768 _____ () C:\WINDOWS\setupact.log 2014-12-15 18:58 - 2014-11-25 11:52 - 00000000 ____D () C:\Documents and Settings\apple3\Pulpit\raks 2014-12-15 17:40 - 2014-11-12 10:39 - 00671432 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klif.sys 2014-12-15 17:40 - 2014-11-12 10:39 - 00116744 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klflt.sys 2014-12-15 16:09 - 2012-09-13 18:20 - 00000000 ____D () C:\Program Files\Raks 2014-12-14 21:14 - 2009-10-27 16:44 - 00000000 ___HD () C:\Documents and Settings\apple3\Ustawienia lokalne 2014-12-14 20:07 - 2009-10-27 16:07 - 00000000 ____D () C:\WINDOWS\Help 2014-12-14 19:54 - 2014-04-08 08:01 - 00000000 ___RD () C:\Documents and Settings\apple3\Moje dokumenty\Moje obrazy 2014-12-14 19:25 - 2012-07-30 07:27 - 00701616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2014-12-14 19:25 - 2012-07-30 07:27 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2014-12-14 19:24 - 2009-11-03 09:06 - 00000000 ____D () C:\Documents and Settings\apple3\Ustawienia lokalne\Dane aplikacji\Adobe 2014-12-14 13:08 - 2010-12-23 08:17 - 00000000 ____D () C:\Program Files\K-Lite Codec Pack 2014-12-14 13:03 - 2013-10-12 12:47 - 00000000 ____D () C:\Program Files\DSP-worx 2014-12-14 11:55 - 2009-10-27 16:56 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information 2014-12-13 14:40 - 2014-02-11 17:39 - 00000000 ____D () C:\Documents and Settings\apple3\Pulpit\straz 2014-12-13 10:12 - 2014-10-06 10:37 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Nokia 2014-12-13 10:10 - 2014-10-06 10:11 - 00000000 ____D () C:\Program Files\Nokia 2014-12-09 19:48 - 2014-06-22 17:27 - 00000000 ____D () C:\Documents and Settings\apple3\Pulpit\alzitel 2014-12-04 13:01 - 2013-11-17 19:24 - 00000000 ____D () C:\Documents and Settings\apple3\Pulpit\Nowy folder (2) Some content of TEMP: ==================== C:\Documents and Settings\apple3\Ustawienia lokalne\Temp\NEventMessages.dll C:\Documents and Settings\apple3\Ustawienia lokalne\Temp\NOSEventMessages.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================