Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-01-2015 01 Ran by Grzegorz (administrator) on GOMAK-027C74590 on 28-01-2015 18:51:57 Running from C:\Documents and Settings\Grzegorz\Pulpit Loaded Profiles: Grzegorz (Available profiles: Grzegorz) Platform: Microsoft Windows XP Home Edition Dodatek Service Pack 3 (X86) OS Language: Polski Internet Explorer Version 8 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe () C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (HP) C:\WINDOWS\system32\HPZipm12.exe (Skype Technologies S.A.) C:\Documents and Settings\All Users\Dane aplikacji\Skype\Toolbars\Skype C2C Service\c2c_service.exe (GG Network S.A.) C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\GG\Application\gghub.exe (GG Network S.A.) C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\GG\Application\ggapp.exe (GG Network S.A.) C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\GG\Application\ggapp.exe (SigmaTel, Inc.) C:\Program Files\SigmaTel\C-Major Audio\WDM\stacsv.exe (Glarysoft Ltd) C:\Program Files\Glary Utilities 4\Integrator.exe (GG Network S.A.) C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\GG\Application\ggdrive\ggdrive.exe (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.) HKU\S-1-5-21-1123561945-1580818891-725345543-1004\...\Run: [GG] => C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\GG\Application\gghub.exe [4023360 2015-01-28] (GG Network S.A.) ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google) ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google) ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google) ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google) ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google) ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.) ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => D:\instalki\office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => D:\instalki\office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => D:\instalki\office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => D:\instalki\office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => D:\instalki\office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-1123561945-1580818891-725345543-1004\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-1123561945-1580818891-725345543-1004\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.microsoft.com/isapi/redir.dll?Prd=ie&Pver=5.0&Ar=ie5update&O1=b1 BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> D:\instalki\office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File BHO: IplexToALLPlayer -> {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} -> C:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.) BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll No File Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\instalki\office\Office12\GrooveSystemServices.dll (Microsoft Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 217.113.224.134 217.113.224.35 FireFox: ======== FF ProfilePath: C:\Documents and Settings\Grzegorz\Dane aplikacji\Mozilla\Firefox\Profiles\3grg2w5s.default-1421778185078 FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll () FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( ) FF Plugin: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeActiveFileMonitor5.0; C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe [108712 2006-12-22] () S3 Microsoft Office Groove Audit Service; D:\instalki\office\Office12\GrooveAuditService.exe [64856 2009-02-26] (Microsoft Corporation) R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [73728 2007-08-09] (HP) [File not signed] R2 Skype C2C Service; C:\Documents and Settings\All Users\Dane aplikacji\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.) R2 STacSV; C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe [86016 2006-05-26] (SigmaTel, Inc.) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 aswKbd; C:\WINDOWS\system32\Drivers\aswKbd.sys [21576 2013-03-07] (AVAST Software) S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation) S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2009-08-26] (HP) S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2009-08-26] (HP) S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2009-08-26] (HP) S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation) S3 sfng32; C:\WINDOWS\System32\drivers\sfng32.sys [41728 2005-12-03] (Sonic Focus, Inc) R3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1177032 2006-05-26] (SigmaTel, Inc.) R3 VX1000; C:\WINDOWS\System32\DRIVERS\VX1000.sys [1965872 2006-06-30] (Microsoft Corporation) U5 GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [26840 2012-08-21] (GEAR Software Inc.) S4 IntelIde; No ImagePath U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-28 18:35 - 2015-01-28 18:35 - 00000000 __SHD () C:\Documents and Settings\Grzegorz\IETldCache 2015-01-28 18:33 - 2015-01-28 18:33 - 00046557 _____ () C:\WINDOWS\KB2909921-IE8.log 2015-01-28 18:33 - 2015-01-28 18:33 - 00040660 _____ () C:\WINDOWS\KB2936068-IE8.log 2015-01-28 18:33 - 2015-01-28 18:33 - 00040074 _____ () C:\WINDOWS\KB2598845-IE8.log 2015-01-28 18:32 - 2015-01-28 18:36 - 00007489 _____ () C:\WINDOWS\spupdsvc.log 2015-01-28 18:32 - 2015-01-28 18:34 - 00065536 _____ () C:\WINDOWS\system32\config\Internet.evt 2015-01-28 18:32 - 2015-01-28 18:33 - 00054488 _____ () C:\WINDOWS\KB982381-IE8.log 2015-01-28 18:32 - 2015-01-28 18:33 - 00034024 _____ () C:\WINDOWS\updspapi.log 2015-01-28 18:32 - 2015-01-28 18:33 - 00030916 _____ () C:\WINDOWS\FaxSetup.log 2015-01-28 18:32 - 2015-01-28 18:33 - 00014780 _____ () C:\WINDOWS\ocgen.log 2015-01-28 18:32 - 2015-01-28 18:33 - 00011835 _____ () C:\WINDOWS\tsoc.log 2015-01-28 18:32 - 2015-01-28 18:33 - 00010260 _____ () C:\WINDOWS\comsetup.log 2015-01-28 18:32 - 2015-01-28 18:33 - 00007087 _____ () C:\WINDOWS\setupapi.log 2015-01-28 18:32 - 2015-01-28 18:33 - 00006217 _____ () C:\WINDOWS\ntdtcsetup.log 2015-01-28 18:32 - 2015-01-28 18:33 - 00004921 _____ () C:\WINDOWS\iis6.log 2015-01-28 18:32 - 2015-01-28 18:33 - 00001930 _____ () C:\WINDOWS\ocmsn.log 2015-01-28 18:32 - 2015-01-28 18:33 - 00001545 _____ () C:\WINDOWS\msgsocm.log 2015-01-28 18:32 - 2015-01-28 18:33 - 00001374 _____ () C:\WINDOWS\imsins.log 2015-01-28 18:32 - 2015-01-28 18:33 - 00001374 _____ () C:\WINDOWS\imsins.BAK 2015-01-28 18:32 - 2015-01-28 18:32 - 00000000 ____D () C:\WINDOWS\ie8updates 2015-01-28 18:32 - 2015-01-28 18:32 - 00000000 _____ () C:\WINDOWS\setuperr.log 2015-01-28 18:32 - 2015-01-28 18:32 - 00000000 _____ () C:\WINDOWS\setupact.log 2015-01-28 18:31 - 2015-01-28 18:32 - 00051444 _____ () C:\WINDOWS\ie8.log 2015-01-28 18:31 - 2015-01-28 18:31 - 00000000 __HDC () C:\WINDOWS\ie8 2015-01-28 18:20 - 2014-03-06 18:58 - 00522240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsdbgui.dll 2015-01-28 18:20 - 2011-08-16 11:45 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iecompat.dll 2015-01-28 18:19 - 2014-03-06 18:58 - 11113472 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieframe.dll 2015-01-28 18:19 - 2014-03-06 18:58 - 02006016 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iertutil.dll 2015-01-28 18:19 - 2014-03-06 18:58 - 00743424 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedvtool.dll 2015-01-28 18:19 - 2014-03-06 18:58 - 00630272 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeeds.dll 2015-01-28 18:19 - 2014-03-06 18:58 - 00247808 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieproxy.dll 2015-01-28 18:19 - 2014-03-06 18:58 - 00055296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeedsbs.dll 2015-01-28 18:19 - 2014-03-06 18:58 - 00012800 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xpshims.dll 2015-01-28 18:18 - 2015-01-28 18:34 - 00082154 _____ () C:\WINDOWS\ie8_main.log 2015-01-28 17:41 - 2015-01-28 17:41 - 00000000 ____D () C:\Documents and Settings\Grzegorz\Pulpit\FRST-OlderVersion 2015-01-28 17:32 - 2015-01-28 17:32 - 00007168 ___SH () C:\Documents and Settings\Grzegorz\Pulpit\Thumbs.db 2015-01-28 17:16 - 2015-01-28 17:16 - 00001161 _____ () C:\Documents and Settings\Grzegorz\Menu Start\Programy\GG.lnk 2015-01-28 17:16 - 2015-01-28 17:16 - 00001155 _____ () C:\Documents and Settings\Grzegorz\Pulpit\GG.lnk 2015-01-28 17:15 - 2015-01-28 17:15 - 00001200 _____ () C:\Documents and Settings\Grzegorz\Menu Start\Programy\OpenFM.lnk 2015-01-28 17:15 - 2015-01-28 17:15 - 00001194 _____ () C:\Documents and Settings\Grzegorz\Pulpit\OpenFM.lnk 2015-01-28 17:15 - 2015-01-28 17:15 - 00000000 ____D () C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\OpenFM 2015-01-28 17:15 - 2015-01-28 17:15 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\GG 2015-01-28 17:10 - 2015-01-28 17:10 - 00052564 _____ () C:\Documents and Settings\Grzegorz\Pulpit\Kontakty_7244093.xml 2015-01-28 17:10 - 2015-01-28 17:10 - 00038705 _____ () C:\Documents and Settings\Grzegorz\Pulpit\Kontakty_10250852.xml 2015-01-28 00:37 - 2015-01-28 17:41 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2015-01-27 19:47 - 2015-01-27 19:47 - 00038791 _____ () C:\Documents and Settings\Grzegorz\Pulpit\Shortcut.txt 2015-01-27 19:46 - 2015-01-27 19:47 - 00019425 _____ () C:\Documents and Settings\Grzegorz\Pulpit\Addition.txt 2015-01-27 19:45 - 2015-01-28 18:52 - 00010738 _____ () C:\Documents and Settings\Grzegorz\Pulpit\FRST.txt 2015-01-27 19:43 - 2015-01-28 18:51 - 00000000 ____D () C:\FRST 2015-01-27 19:33 - 2015-01-27 19:33 - 00004696 _____ () C:\Documents and Settings\Grzegorz\Pulpit\GMER.txt 2015-01-27 17:20 - 2015-01-27 17:20 - 00380416 _____ () C:\Documents and Settings\Grzegorz\Pulpit\33mkb8o1.exe 2015-01-27 17:18 - 2015-01-28 17:41 - 01121792 _____ (Farbar) C:\Documents and Settings\Grzegorz\Pulpit\FRST.exe 2015-01-20 19:23 - 2015-01-20 19:23 - 00000000 ____D () C:\Documents and Settings\Grzegorz\Pulpit\Stare dane programu Firefox 2015-01-20 16:40 - 2015-01-20 16:40 - 00014705 _____ () C:\ComboFix.txt 2015-01-20 16:40 - 2015-01-20 16:40 - 00000000 ____D () C:\Documents and Settings\NetworkService\Ustawienia lokalne\temp 2015-01-20 16:40 - 2015-01-20 16:40 - 00000000 ____D () C:\Documents and Settings\Default User\Ustawienia lokalne\temp 2015-01-20 16:40 - 2015-01-20 16:40 - 00000000 ____D () C:\Documents and Settings\Administrator\Ustawienia lokalne\temp 2015-01-20 16:10 - 2015-01-20 16:40 - 00000000 ____D () C:\Qoobox 2015-01-20 16:10 - 2015-01-20 16:39 - 00000000 ____D () C:\WINDOWS\erdnt 2015-01-20 16:10 - 2011-06-26 07:45 - 00256000 _____ () C:\WINDOWS\PEV.exe 2015-01-20 16:10 - 2010-11-07 18:20 - 00208896 _____ () C:\WINDOWS\MBR.exe 2015-01-20 16:10 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe 2015-01-20 16:10 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe 2015-01-20 16:10 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe 2015-01-20 16:10 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe 2015-01-20 16:10 - 2000-08-31 01:00 - 00098816 _____ () C:\WINDOWS\sed.exe 2015-01-20 16:10 - 2000-08-31 01:00 - 00080412 _____ () C:\WINDOWS\grep.exe 2015-01-20 16:10 - 2000-08-31 01:00 - 00068096 _____ () C:\WINDOWS\zip.exe 2015-01-20 09:56 - 2015-01-20 16:38 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.dat 2015-01-19 15:37 - 2015-01-19 15:37 - 00000000 ____D () C:\Documents and Settings\Grzegorz\Pulpit\ml 2015-01-19 15:26 - 2015-01-19 15:27 - 00112640 ___SH () C:\Documents and Settings\Grzegorz\Moje dokumenty\Thumbs.db ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-28 18:52 - 2011-01-20 16:24 - 00000000 ____D () C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Temp 2015-01-28 18:51 - 2013-05-10 00:12 - 00000000 ____D () C:\Documents and Settings\Grzegorz\Pulpit 2015-01-28 18:39 - 2014-04-02 14:50 - 02192971 _____ () C:\WINDOWS\system32\RegFile3.txt 2015-01-28 18:37 - 2011-01-20 16:15 - 01951042 _____ () C:\WINDOWS\WindowsUpdate.log 2015-01-28 18:36 - 2014-04-02 14:42 - 00000324 _____ () C:\WINDOWS\Tasks\GlaryInitialize 4.job 2015-01-28 18:36 - 2014-04-02 14:42 - 00000000 ____D () C:\Program Files\Glary Utilities 4 2015-01-28 18:36 - 2011-01-20 16:24 - 00000000 ___HD () C:\Documents and Settings\Grzegorz\Szablony 2015-01-28 18:35 - 2014-03-21 21:25 - 00000228 _____ () C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job 2015-01-28 18:35 - 2014-02-25 07:55 - 00000000 ___RD () C:\Documents and Settings\Grzegorz\Moje dokumenty\Moje obrazy 2015-01-28 18:35 - 2013-10-05 12:01 - 00000000 ____D () C:\Documents and Settings\Grzegorz\Dane aplikacji\GG 2015-01-28 18:35 - 2011-02-01 01:16 - 00000000 ____D () C:\WINDOWS\system32\pl-pl 2015-01-28 18:35 - 2011-01-20 17:10 - 00000159 _____ () C:\WINDOWS\wiadebug.log 2015-01-28 18:35 - 2011-01-20 17:10 - 00000050 _____ () C:\WINDOWS\wiaservc.log 2015-01-28 18:35 - 2011-01-20 16:59 - 00000000 ____D () C:\WINDOWS\Help 2015-01-28 18:35 - 2011-01-20 16:24 - 00000803 _____ () C:\Documents and Settings\Grzegorz\Menu Start\Programy\Internet Explorer.lnk 2015-01-28 18:35 - 2011-01-20 16:24 - 00000000 ___RD () C:\Documents and Settings\Grzegorz\Ulubione 2015-01-28 18:35 - 2011-01-20 16:24 - 00000000 ___RD () C:\Documents and Settings\Grzegorz\Moje dokumenty\Moja muzyka 2015-01-28 18:35 - 2011-01-20 16:24 - 00000000 ___RD () C:\Documents and Settings\Grzegorz\Moje dokumenty 2015-01-28 18:35 - 2011-01-20 16:24 - 00000000 ___RD () C:\Documents and Settings\Grzegorz\Menu Start\Programy\Akcesoria 2015-01-28 18:35 - 2011-01-20 16:24 - 00000000 ____D () C:\Documents and Settings\Grzegorz\Menu Start\Programy 2015-01-28 18:35 - 2011-01-20 16:24 - 00000000 ____D () C:\Documents and Settings\Grzegorz 2015-01-28 18:35 - 2011-01-20 16:23 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2015-01-28 18:34 - 2011-01-20 16:24 - 00000188 ___SH () C:\Documents and Settings\Grzegorz\ntuser.ini 2015-01-28 18:34 - 2011-01-20 16:23 - 00032616 _____ () C:\WINDOWS\SchedLgU.Txt 2015-01-28 18:33 - 2011-01-20 16:17 - 00000000 ___HD () C:\WINDOWS\$hf_mig$ 2015-01-28 18:32 - 2011-01-20 16:59 - 00000000 ____D () C:\WINDOWS\Media 2015-01-28 18:18 - 2014-05-20 17:27 - 00000000 ____D () C:\Documents and Settings\Grzegorz\Moje dokumenty\Pobrane 2015-01-28 18:11 - 2006-03-02 13:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl 2015-01-28 17:44 - 2013-10-05 12:00 - 00000000 ____D () C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\GG 2015-01-28 17:43 - 2011-01-20 16:24 - 00000000 __SHD () C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Historia 2015-01-28 17:43 - 2011-01-20 16:23 - 00000000 __SHD () C:\Documents and Settings\LocalService\Ustawienia lokalne\Historia 2015-01-28 17:41 - 2011-01-20 17:07 - 00000000 ___SD () C:\Documents and Settings\Default User\Ustawienia lokalne\Historia 2015-01-28 17:41 - 2011-01-20 17:07 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy 2015-01-28 17:41 - 2011-01-20 17:06 - 00000000 __RHD () C:\Documents and Settings\All Users\Dane aplikacji 2015-01-28 17:41 - 2011-01-20 16:24 - 00000000 ___HD () C:\Documents and Settings\Grzegorz\Dane aplikacji 2015-01-28 17:41 - 2011-01-20 16:23 - 00000000 ____D () C:\Documents and Settings\LocalService\Ustawienia lokalne\Temp 2015-01-28 17:41 - 2011-01-20 16:21 - 00000000 ___HD () C:\Documents and Settings\NetworkService\Ustawienia lokalne\Historia 2015-01-28 17:41 - 2011-01-20 16:21 - 00000000 ____D () C:\Documents and Settings\NetworkService\Dane aplikacji 2015-01-28 17:36 - 2011-04-12 23:11 - 00001870 ____C () C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log 2015-01-28 17:17 - 2013-10-05 12:01 - 00000000 ___SD () C:\Documents and Settings\Grzegorz\GG dysk 2015-01-28 17:16 - 2011-01-20 17:07 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit 2015-01-28 17:15 - 2011-01-20 16:24 - 00000000 ___HD () C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji 2015-01-28 10:53 - 2011-01-21 00:02 - 00000000 ____D () C:\Documents and Settings\Grzegorz\Dane aplikacji\Gadu-Gadu 10 2015-01-28 02:27 - 2011-01-20 22:19 - 00000000 ____D () C:\Documents and Settings\Grzegorz\Dane aplikacji\Skype 2015-01-28 02:10 - 2014-04-26 10:43 - 00002267 _____ () C:\Documents and Settings\All Users\Pulpit\Skype.lnk 2015-01-26 19:12 - 2013-01-12 13:42 - 00000284 _____ () C:\WINDOWS\Tasks\AppleSoftwareUpdate.job 2015-01-26 18:57 - 2011-04-13 07:17 - 00000000 ___SD () C:\Documents and Settings\Grzegorz\UserData 2015-01-25 10:18 - 2014-04-02 14:42 - 00000000 ____D () C:\Documents and Settings\Grzegorz\Dane aplikacji\DiskDefrag 2015-01-22 00:54 - 2011-01-20 16:21 - 00000000 __SHD () C:\Documents and Settings\NetworkService 2015-01-20 18:35 - 2011-01-20 16:24 - 00001599 _____ () C:\Documents and Settings\Grzegorz\Menu Start\Programy\Pomoc zdalna.lnk 2015-01-20 18:30 - 2011-01-20 16:17 - 00001599 ____C () C:\Documents and Settings\Default User\Menu Start\Programy\Pomoc zdalna.lnk 2015-01-20 18:30 - 2011-01-20 16:17 - 00001507 _____ () C:\Documents and Settings\All Users\Menu Start\Windows Update.lnk 2015-01-20 18:29 - 2011-01-20 16:17 - 00001563 _____ () C:\Documents and Settings\All Users\Menu Start\Określ dostęp do programów i ich ustawienia domyślne.lnk 2015-01-20 17:17 - 2011-01-20 16:59 - 00000000 ____D () C:\WINDOWS\twain_32 2015-01-20 16:40 - 2012-12-11 01:17 - 00000000 ____D () C:\Documents and Settings\Administrator\Ustawienia lokalne 2015-01-20 16:40 - 2011-01-20 17:07 - 00000000 __RHD () C:\Documents and Settings\Default User\Ustawienia lokalne 2015-01-20 16:40 - 2011-01-20 16:21 - 00000000 ___HD () C:\Documents and Settings\NetworkService\Ustawienia lokalne 2015-01-20 16:38 - 2006-03-02 13:00 - 00000227 _____ () C:\WINDOWS\system.ini 2015-01-20 10:23 - 2011-01-20 16:13 - 00000819 _____ () C:\Documents and Settings\All Users\Menu Start\Programy\Windows Messenger.lnk 2015-01-20 10:15 - 2013-08-08 13:57 - 00000000 ____D () C:\Documents and Settings\Grzegorz\Dane aplikacji\PhotoScape 2015-01-20 10:05 - 2006-03-02 13:00 - 00000719 _____ () C:\WINDOWS\win.ini 2015-01-19 15:38 - 2014-06-29 22:48 - 00000000 ____D () C:\Documents and Settings\Grzegorz\Pulpit\z aparatu 2015-01-19 15:26 - 2011-04-13 07:21 - 00000000 ____D () C:\Documents and Settings\Grzegorz\Moje dokumenty\Moje zeskanowane obrazy 2015-01-19 15:26 - 2011-01-20 22:50 - 00000000 ____D () C:\Documents and Settings\Grzegorz\Moje dokumenty\Pobieranie 2015-01-19 15:26 - 2011-01-20 16:24 - 00000000 ___RD () C:\Documents and Settings\Grzegorz\Moje dokumenty\Moje obrazy-2011 2015-01-17 22:22 - 2011-01-30 20:50 - 00000000 ____D () C:\WINDOWS\Minidump 2015-01-14 16:55 - 2013-08-15 13:45 - 00000000 ____D () C:\WINDOWS\system32\MRT 2015-01-14 16:43 - 2011-02-01 00:19 - 110348472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-01-12 09:11 - 2014-12-11 22:08 - 00000000 ____D () C:\Documents and Settings\Grzegorz\Pulpit\vip 2015-01-12 09:11 - 2014-03-22 20:35 - 00000000 ____D () C:\Documents and Settings\Grzegorz\Pulpit\Nowy folder 2015-01-12 09:11 - 2014-03-08 09:36 - 00000000 ____D () C:\Documents and Settings\Grzegorz\Pulpit\dla prababci 2015-01-08 21:27 - 2012-04-09 20:11 - 00460824 _____ () C:\img2-001.raw 2015-01-08 15:10 - 2014-03-21 21:24 - 00000222 _____ () C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — co miesiąc.job ==================== Files in the root of some directories ======= 2013-12-20 00:04 - 2014-03-25 00:04 - 0000116 _____ () C:\Documents and Settings\Grzegorz\Dane aplikacji\WB.CFG 2011-01-20 16:57 - 2014-12-11 21:50 - 0224768 _____ () C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini Some content of TEMP: ==================== C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Temp\ggdrive-menu.exe C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Temp\ggdrive-overlay.exe C:\Documents and Settings\Grzegorz\Ustawienia lokalne\Temp\installstats.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================