Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 24-01-2015 01 Ran by daria1 at 2015-01-28 11:27:45 Run:1 Running from C:\Users\daria1\Downloads Loaded Profiles: daria1 (Available profiles: daria1) Boot Mode: Normal ============================================== Content of fixlist: ***************** CloseProcesses: CreateRestorePoint: Task: {045FE7F2-8CF9-4DF9-B824-8D379766DC39} - System32\Tasks\{3079D775-01E7-4D1A-A066-6C73EB729E8B} => pcalua.exe -a "C:\Users\daria1\Downloads\CDM v2.12.00 WHQL Certified.exe" -d C:\Users\daria1\Downloads Task: {0B378213-A571-421F-8844-2AEA1AD894AC} - System32\Tasks\QDWVEM => C:\Users\daria1\AppData\Roaming\QDWVEM.exe <==== ATTENTION Task: {41892EF8-896E-4F0F-AE9A-EE483B600B04} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATTENTION Task: {4D7F08FF-BD02-465C-B851-D86CF52621A9} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\WSCStub.exe Task: {54B16C43-7700-4CBA-BA07-760B631997F0} - System32\Tasks\Inst_Rep => C:\Users\daria1\AppData\Local\Installer\Install_7967\DCytdieamo_amodc_setup.exe [2015-01-26] () Task: {9F006367-734C-4969-A181-D0E4E1344908} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\SymErr.exe Task: {AC3CCE51-E85F-46D8-A9B6-FE4F8E6C701C} - System32\Tasks\{01B2E54B-F654-4981-B799-7D6AB13C3EBE} => pcalua.exe -a "C:\Users\daria1\Downloads\CDM v2.12.00 WHQL Certified (1).exe" -d C:\Users\daria1\Downloads Task: {C5EEA6B8-ED3C-49A4-9F68-AB3AD56D2C9C} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== ATTENTION Task: {ED82E5F8-3ECE-40A2-9843-5ED1A76D1C48} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\SymErr.exe Task: {EFB1E031-2818-4CAA-81B6-14705F5018F3} - \SPBIW_UpdateTask_Time_323635393433333037302d7837235a576c4a3241345041 No Task File <==== ATTENTION Task: C:\WINDOWS\Tasks\QDWVEM.job => C:\Users\daria1\AppData\Roaming\QDWVEM.exe <==== ATTENTION S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X] ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File BHO: Cinemax -> {11111111-1111-1111-1111-110711011101} -> C:\Program Files (x86)\Cinemax\Cinemax-bho64.dll No File Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com HKU\S-1-5-21-2870285692-4238083046-3277192755-1001\...\Policies\system: [DisableLockWorkstation] 0 HKU\S-1-5-21-2870285692-4238083046-3277192755-1001\...\Policies\Explorer: [NofolderOptions] 0 C:\ProgramData\Temp C:\Users\daria1\AppData\Local\CrashDumps C:\Users\daria1\AppData\Roaming\QDWVEM C:\Users\daria1\AppData\Roaming\Opera Software\Opera Stable\Local Storage\*localstorage* C:\Users\daria1\Desktop\dk\pcmscan.exe — skrót.lnk C:\Users\Public\Documents\ShopperPro C:\Windows\System32\Tasks\Norton Internet Security Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main" /f Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main" /f Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main" /f Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f CMD: dir /a "C:\Program Files" CMD: dir /a "C:\Program Files (x86)" CMD: dir /a "C:\Program Files\Common Files\System" CMD: dir /a "C:\Program Files (x86)\Common Files\System" CMD: dir /a C:\ProgramData CMD: dir /a C:\Users\user\AppData\Local CMD: dir /a C:\Users\user\AppData\LocalLow CMD: dir /a C:\Users\user\AppData\Roaming EmptyTemp: ***************** Processes closed successfully. Restore point was successfully created. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{045FE7F2-8CF9-4DF9-B824-8D379766DC39}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{045FE7F2-8CF9-4DF9-B824-8D379766DC39}" => Key deleted successfully. C:\Windows\System32\Tasks\{3079D775-01E7-4D1A-A066-6C73EB729E8B} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3079D775-01E7-4D1A-A066-6C73EB729E8B}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0B378213-A571-421F-8844-2AEA1AD894AC}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0B378213-A571-421F-8844-2AEA1AD894AC}" => Key deleted successfully. C:\Windows\System32\Tasks\QDWVEM => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\QDWVEM" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{41892EF8-896E-4F0F-AE9A-EE483B600B04}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{41892EF8-896E-4F0F-AE9A-EE483B600B04}" => Key deleted successfully. C:\Windows\System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Maintenance\SMupdate2" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4D7F08FF-BD02-465C-B851-D86CF52621A9}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D7F08FF-BD02-465C-B851-D86CF52621A9}" => Key deleted successfully. C:\Windows\System32\Tasks\Norton WSC Integration => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton WSC Integration" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{54B16C43-7700-4CBA-BA07-760B631997F0}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{54B16C43-7700-4CBA-BA07-760B631997F0}" => Key deleted successfully. C:\Windows\System32\Tasks\Inst_Rep => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Inst_Rep" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9F006367-734C-4969-A181-D0E4E1344908}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F006367-734C-4969-A181-D0E4E1344908}" => Key deleted successfully. C:\Windows\System32\Tasks\Norton Internet Security\Norton Error Processor => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton Internet Security\Norton Error Processor" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AC3CCE51-E85F-46D8-A9B6-FE4F8E6C701C}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC3CCE51-E85F-46D8-A9B6-FE4F8E6C701C}" => Key deleted successfully. C:\Windows\System32\Tasks\{01B2E54B-F654-4981-B799-7D6AB13C3EBE} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{01B2E54B-F654-4981-B799-7D6AB13C3EBE}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C5EEA6B8-ED3C-49A4-9F68-AB3AD56D2C9C}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C5EEA6B8-ED3C-49A4-9F68-AB3AD56D2C9C}" => Key deleted successfully. C:\Windows\System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Multimedia\SMupdate3" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ED82E5F8-3ECE-40A2-9843-5ED1A76D1C48}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ED82E5F8-3ECE-40A2-9843-5ED1A76D1C48}" => Key deleted successfully. C:\Windows\System32\Tasks\Norton Internet Security\Norton Error Analyzer => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton Internet Security\Norton Error Analyzer" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EFB1E031-2818-4CAA-81B6-14705F5018F3}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EFB1E031-2818-4CAA-81B6-14705F5018F3}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SPBIW_UpdateTask_Time_323635393433333037302d7837235a576c4a3241345041" => Key deleted successfully. C:\WINDOWS\Tasks\QDWVEM.job => Moved successfully. VBoxNetFlt => Service deleted successfully. "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => Key deleted successfully. HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => Key not found. "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110711011101}" => Key deleted successfully. "HKCR\CLSID\{11111111-1111-1111-1111-110711011101}" => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value deleted successfully. HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => Key not found. HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully. HKU\S-1-5-21-2870285692-4238083046-3277192755-1001\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableLockWorkstation => value deleted successfully. HKU\S-1-5-21-2870285692-4238083046-3277192755-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NofolderOptions => value deleted successfully. C:\ProgramData\Temp => Moved successfully. C:\Users\daria1\AppData\Local\CrashDumps => Moved successfully. C:\Users\daria1\AppData\Roaming\QDWVEM => Moved successfully. C:\Users\daria1\AppData\Roaming\Opera Software\Opera Stable\Local Storage\*localstorage* => Moved successfully. C:\Users\daria1\Desktop\dk\pcmscan.exe — skrót.lnk => Moved successfully. C:\Users\Public\Documents\ShopperPro => Moved successfully. C:\Windows\System32\Tasks\Norton Internet Security => Moved successfully. ========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main" /f ========= ERROR: The system was unable to find the specified registry key or value. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main" /f ========= ERROR: The system was unable to find the specified registry key or value. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= dir /a "C:\Program Files" ========= Volume in drive C has no label. Volume Serial Number is 04F6-3C5A Directory of C:\Program Files 2015-01-27 18:02 . 2015-01-27 18:02 .. 2014-02-12 18:14 AMD 2013-07-17 10:48 AMD Quick Stream 2012-11-26 04:14 ATI 2013-07-17 10:47 ATI Technologies 2014-11-28 17:40 CCleaner 2014-12-08 09:16 CodeMeter 2015-01-27 18:03 Common Files 2014-01-22 11:20 CPUID 2013-08-22 16:35 174 desktop.ini 2014-12-12 23:26 Internet Explorer 2013-07-16 15:23 Microsoft Office 2014-08-23 09:57 Microsoft Silverlight 2014-03-11 19:25 MPC-BE x64 2014-02-12 17:58 MSBuild 2014-02-12 18:14 Realtek 2014-02-12 17:58 Reference Assemblies 2014-04-19 02:23 Samsung 2014-02-12 18:14 Synaptics 2014-01-18 12:56 Topos 2013-07-17 14:10 Tracker Software 2012-07-26 08:22 Uninstall Information 2013-07-17 13:51 Unlocker 2015-01-27 18:00 VS Revo Group 2014-11-22 09:57 Windows Defender 2014-10-08 17:08 Windows Journal 2014-02-12 18:25 Windows Mail 2014-04-27 23:40 Windows Media Player 2014-04-27 23:40 Windows Multimedia Platform 2014-02-12 18:38 Windows NT 2014-02-12 18:25 Windows Photo Viewer 2014-04-27 23:40 Windows Portable Devices 2014-02-12 18:25 Windows Sidebar 2015-01-23 21:03 WindowsApps 2013-08-22 16:36 WindowsPowerShell 2013-07-16 15:11 WinRAR 1 File(s) 174 bytes 36 Dir(s) 621ÿ276ÿ815ÿ360 bytes free ========= End of CMD: ========= ========= dir /a "C:\Program Files (x86)" ========= Volume in drive C has no label. Volume Serial Number is 04F6-3C5A Directory of C:\Program Files (x86) 2015-01-27 18:54 . 2015-01-27 18:54 .. 2015-01-27 18:54 Ad Muncher 2015-01-27 19:23 Adobe 2015-01-27 19:23 AMD APP 2013-07-17 10:48 AMD AVT 2013-07-17 10:42 ATI Technologies 2013-12-30 10:38 BlueSprig 2014-03-06 14:02 Bluetooth Suite 2014-12-08 09:16 CodeMeter 2015-01-26 20:05 Common Files 2015-01-27 18:09 CyberLink 2013-08-22 16:34 174 desktop.ini 2014-12-08 09:15 GetData 2013-07-16 14:23 Google 2015-01-27 18:09 InstallShield Installation Information 2014-12-12 23:26 Internet Explorer 2014-11-28 18:07 Java 2014-12-06 23:26 Malwarebytes Anti-Malware 2014-02-17 18:15 Microsoft Office 2014-08-23 09:57 Microsoft Silverlight 2013-07-16 15:26 Microsoft Visual Studio 2013-07-16 15:23 Microsoft Visual Studio 8 2013-07-16 15:32 Microsoft Works 2014-02-12 18:25 Microsoft.NET 2013-07-15 14:19 MobileWiFi 2014-02-12 18:25 MSBuild 2015-01-27 19:32 Opera 2012-11-26 03:15 Qualcomm Atheros 2012-11-26 04:18 Realtek 2014-02-12 17:59 Reference Assemblies 2014-03-06 13:58 Samsung 2015-01-26 20:05 ScanXLPro 2014-12-03 17:16 Silabs 2014-04-17 10:01 Skype 2012-11-26 04:47 SymSilent 2012-11-26 04:17 Temp 2013-12-31 23:19 UEFI WinFlash 2014-11-22 09:57 Windows Defender 2012-11-26 04:34 Windows Live 2014-02-12 18:25 Windows Mail 2014-04-27 23:40 Windows Media Player 2014-04-27 23:40 Windows Multimedia Platform 2013-08-22 16:36 Windows NT 2014-02-12 18:25 Windows Photo Viewer 2014-04-27 23:40 Windows Portable Devices 2014-02-12 18:25 Windows Sidebar 2013-08-22 16:36 WindowsPowerShell 1 File(s) 174 bytes 47 Dir(s) 621ÿ276ÿ811ÿ264 bytes free ========= End of CMD: ========= ========= dir /a "C:\Program Files\Common Files\System" ========= Volume in drive C has no label. Volume Serial Number is 04F6-3C5A Directory of C:\Program Files\Common Files\System 2015-01-26 18:40 . 2015-01-26 18:40 .. 2013-11-14 08:13 ado 2013-08-22 12:03 30ÿ208 DirectDB.dll 2013-08-22 15:51 en-US 2013-07-17 10:08 fr-FR 2013-11-14 08:13 msadc 2012-11-26 20:44 nl-NL 2013-11-14 08:13 Ole DB 2013-11-14 08:13 pl-PL 2014-12-17 14:49 649ÿ576 SysMenu.dll 2014-12-17 14:49 821ÿ096 SysMenu64.dll 2013-08-22 11:16 851ÿ456 wab32.dll 2013-08-22 12:42 988ÿ160 wab32res.dll 5 File(s) 3ÿ340ÿ496 bytes 9 Dir(s) 621ÿ276ÿ811ÿ264 bytes free ========= End of CMD: ========= ========= dir /a "C:\Program Files (x86)\Common Files\System" ========= Volume in drive C has no label. Volume Serial Number is 04F6-3C5A Directory of C:\Program Files (x86)\Common Files\System 2014-02-12 18:25 . 2014-02-12 18:25 .. 2013-11-14 08:13 ado 2013-08-22 04:40 26ÿ112 DirectDB.dll 2013-08-22 15:51 en-US 2013-07-17 10:08 fr-FR 2013-11-14 08:13 msadc 2013-07-17 13:05 MSMAPI 2012-11-26 20:44 nl-NL 2014-02-12 18:25 Ole DB 2013-11-14 08:13 pl-PL 2013-08-22 04:01 710ÿ656 wab32.dll 2013-08-22 05:17 988ÿ160 wab32res.dll 3 File(s) 1ÿ724ÿ928 bytes 10 Dir(s) 621ÿ276ÿ807ÿ168 bytes free ========= End of CMD: ========= ========= dir /a C:\ProgramData ========= Volume in drive C has no label. Volume Serial Number is 04F6-3C5A Directory of C:\ProgramData 2015-01-28 11:28 . 2015-01-28 11:28 .. 2015-01-27 18:54 Ad Muncher 2015-01-27 18:07 Adobe 2013-07-17 10:48 AMD 2013-08-22 15:45 Application Data [C:\ProgramData] 2014-12-26 21:48 Atheros 2013-07-17 10:53 ATI 2014-12-01 19:29 AVAST Software 2014-02-17 18:04 boost_interprocess 2012-11-26 04:24 ColorMode 2013-07-16 15:19 CyberLink 2013-07-16 15:20 DAEMON Tools Lite 2014-02-12 18:38 Dane aplikacji [C:\ProgramData] 2013-07-15 14:19 DatacardService 2013-08-22 15:45 Desktop [C:\Users\Public\Desktop] 2013-08-22 15:45 Documents [C:\Users\Public\Documents] 2014-02-12 18:38 Dokumenty [C:\Users\Public\Documents] 2012-11-26 04:32 install_clap 2014-02-02 23:43 Logs 2013-02-21 15:59 2ÿ063ÿ240 MakeMarkerFile.exe 2013-01-12 22:51 3ÿ004 MakeMarkerFile.xml 2014-12-02 17:03 Malwarebytes 2014-02-12 18:38 Menu Start [C:\ProgramData\Microsoft\Windows\Start Menu] 2014-12-12 23:26 Microsoft 2014-12-12 21:14 Microsoft Help 2013-07-15 17:44 Mozilla 2014-02-17 18:16 Norton 2013-07-15 18:55 NortonInstaller 2014-03-18 17:36 Oracle 2013-06-21 17:11 PopCap Games 2015-01-27 16:38 19ÿ456 ppe_fleetdb.vdb 2014-02-12 18:25 PRICache 2014-02-12 18:38 Pulpit [C:\Users\Public\Desktop] 2012-11-26 03:15 Qualcomm Atheros 2013-11-14 08:16 regid.1991-06.com.microsoft 2014-02-17 17:58 Returnil 2014-03-06 13:58 SAMSUNG 2015-01-26 17:33 2ÿ679 scantool.tr 2014-04-17 10:01 Skype 2013-08-22 15:45 Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu] 2013-07-16 08:09 Sun 2012-11-26 04:44 Synaptics 2014-02-12 18:38 Szablony [C:\ProgramData\Microsoft\Windows\Templates] 2013-08-22 15:45 Templates [C:\ProgramData\Microsoft\Windows\Templates] 2015-01-28 11:22 WinClon 4 File(s) 2ÿ088ÿ379 bytes 42 Dir(s) 621ÿ276ÿ807ÿ168 bytes free ========= End of CMD: ========= ========= dir /a C:\Users\user\AppData\Local ========= System nie mo¾e odnale«† okre˜lonej ˜cie¾ki. ========= End of CMD: ========= ========= dir /a C:\Users\user\AppData\LocalLow ========= System nie mo¾e odnale«† okre˜lonej ˜cie¾ki. ========= End of CMD: ========= ========= dir /a C:\Users\user\AppData\Roaming ========= System nie mo¾e odnale«† okre˜lonej ˜cie¾ki. ========= End of CMD: ========= EmptyTemp: => Removed 1.1 GB temporary data. The system needed a reboot. ==== End of Fixlog 11:30:07 ====