Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 01-02-2015
Ran by XX at 2015-02-03 12:29:28 Run:2
Running from C:\
Loaded Profiles: XX (Available profiles: XX)
Boot Mode: Safe Mode (with Networking)

==============================================

Content of fixlist:
*****************
CloseProcesses:
Task: C:\Windows\Tasks\1014avUpdateInfo.job => C:\ProgramData\Avg_Update_1014av\1014av_AVG-Secure-Search-Update.exe
Hosts:
C:\ProgramData\Avg_Update_1014av
C:\Users\XX\AppData\Local\Google\Chrome\User Data\Default\Preferences
C:\Users\XX\AppData\Local\Google\Chrome\User Data\Default\Local Storage\*localstorage*
C:\Users\XX\AppData\LocalLow\CertifiedToolbar
C:\Users\XX\AppData\Roaming\.minecraft
C:\Users\XX\AppData\Roaming\Adetymwu
C:\Users\XX\AppData\Roaming\avidemux
C:\Users\XX\AppData\Roaming\Audacity
C:\Users\XX\AppData\Roaming\Balmora.pl
C:\Users\XX\AppData\Roaming\DVD Flick
C:\Users\XX\AppData\Roaming\FileZilla
C:\Users\XX\AppData\Roaming\com.w3i.FlipToast
C:\Users\XX\AppData\Roaming\Gadu-Gadu 10
C:\Users\XX\AppData\Roaming\GoldenGate
C:\Users\XX\AppData\Roaming\Igosonne
C:\Users\XX\AppData\Roaming\Local Store
C:\Users\XX\AppData\Roaming\Mozilla
C:\Users\XX\AppData\Roaming\OpenFM
C:\Users\XX\AppData\Roaming\Opera
C:\Users\XX\AppData\Roaming\SteelSeries
C:\Users\XX\AppData\Roaming\Ubkafo
C:\Users\XX\AppData\Roaming\wargaming.net
C:\Users\XX\AppData\Roaming\WordToPDF
C:\Users\XX\AppData\Roaming\Ynehcaac
C:\Users\XX\AppData\Roaming\Microsoft\Office\Niedawny\*.LNK
C:\Users\XX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
C:\Users\XX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SteelSeries
C:\Users\XX\Documents\Decrypt-All-Files-kcirdgd.bmp
C:\Users\XX\Documents\Decrypt-All-Files-kcirdgd.txt
C:\Windows\system32\Drivers\1DF1592B.sys
C:\Windows\system32\Drivers\2F6C59A4.sys
C:\Windows\system32\Drivers\5EFA3319.sys
C:\Windows\system32\Drivers\61C35F4E.sys
C:\Windows\system32\Drivers\2F9C5F72.sys
CMD: sc config WinDefend start= demand
Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f
Reg: reg delete HKCU\Software\Mozilla /f
Reg: reg delete HKCU\Software\MozillaPlugins /f
Reg: reg delete HKLM\SOFTWARE\Mozilla /f
Reg: reg delete HKLM\SOFTWARE\mozilla.org /f
Reg: reg delete HKLM\SOFTWARE\MozillaPlugins /f
Reg: reg delete "HKCU\Software\Microsoft\Internet Explorer\AboutURLs" /f
Reg: reg delete "HKCU\Software\Microsoft\Internet Explorer\Search" /f
Reg: reg delete "HKCU\Software\Microsoft\Internet Explorer\SearchURI" /f
Reg: reg delete "HKCU\Software\Microsoft\Internet Explorer\SearchUrl" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchURI" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl" /f
Reg: reg delete "HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\AboutURLs" /f
Reg: reg delete "HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Main" /f
Reg: reg delete "HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Search" /f
Reg: reg delete "HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\SearchURI" /f
Reg: reg delete "HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\SearchUrl" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /f
Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main" /f
Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main" /f
Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main" /f
Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg query "HKCU\Control Panel\Desktop"
Reg: reg query "HKCU\Software\Microsoft\Internet Explorer\Desktop" /s
Reg: reg query "HKLM\Software\Microsoft\Internet Explorer\Desktop" /s
Reg: reg query HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System
Reg: reg query HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
CMD: dir /a "C:\Program Files"
CMD: dir /a "C:\Program Files\Common Files"
CMD: dir /a C:\ProgramData
CMD: dir /a C:\Users\XX\AppData\Local
CMD: dir /a C:\Users\XX\AppData\LocalLow
CMD: dir /a C:\Users\XX\AppData\Roaming
EmptyTemp:
*****************

Processes closed successfully.
C:\Windows\Tasks\1014avUpdateInfo.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
C:\ProgramData\Avg_Update_1014av => Moved successfully.
C:\Users\XX\AppData\Local\Google\Chrome\User Data\Default\Preferences => Moved successfully.
C:\Users\XX\AppData\Local\Google\Chrome\User Data\Default\Local Storage\*localstorage* => Moved successfully.
C:\Users\XX\AppData\LocalLow\CertifiedToolbar => Moved successfully.
"C:\Users\XX\AppData\Roaming\.minecraft" => File/Directory not found.
C:\Users\XX\AppData\Roaming\Adetymwu => Moved successfully.
C:\Users\XX\AppData\Roaming\avidemux => Moved successfully.
C:\Users\XX\AppData\Roaming\Audacity => Moved successfully.
C:\Users\XX\AppData\Roaming\Balmora.pl => Moved successfully.
C:\Users\XX\AppData\Roaming\DVD Flick => Moved successfully.
C:\Users\XX\AppData\Roaming\FileZilla => Moved successfully.
C:\Users\XX\AppData\Roaming\com.w3i.FlipToast => Moved successfully.
C:\Users\XX\AppData\Roaming\Gadu-Gadu 10 => Moved successfully.
C:\Users\XX\AppData\Roaming\GoldenGate => Moved successfully.
C:\Users\XX\AppData\Roaming\Igosonne => Moved successfully.
C:\Users\XX\AppData\Roaming\Local Store => Moved successfully.
C:\Users\XX\AppData\Roaming\Mozilla => Moved successfully.
C:\Users\XX\AppData\Roaming\OpenFM => Moved successfully.
C:\Users\XX\AppData\Roaming\Opera => Moved successfully.
C:\Users\XX\AppData\Roaming\SteelSeries => Moved successfully.
C:\Users\XX\AppData\Roaming\Ubkafo => Moved successfully.
C:\Users\XX\AppData\Roaming\wargaming.net => Moved successfully.
C:\Users\XX\AppData\Roaming\WordToPDF => Moved successfully.
C:\Users\XX\AppData\Roaming\Ynehcaac => Moved successfully.
C:\Users\XX\AppData\Roaming\Microsoft\Office\Niedawny\*.LNK => Moved successfully.
C:\Users\XX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade => Moved successfully.
C:\Users\XX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SteelSeries => Moved successfully.
C:\Users\XX\Documents\Decrypt-All-Files-kcirdgd.bmp => Moved successfully.
C:\Users\XX\Documents\Decrypt-All-Files-kcirdgd.txt => Moved successfully.
C:\Windows\system32\Drivers\1DF1592B.sys => Moved successfully.
C:\Windows\system32\Drivers\2F6C59A4.sys => Moved successfully.
C:\Windows\system32\Drivers\5EFA3319.sys => Moved successfully.
C:\Windows\system32\Drivers\61C35F4E.sys => Moved successfully.
C:\Windows\system32\Drivers\2F9C5F72.sys => Moved successfully.

=========  sc config WinDefend start= demand =========

[SC] ChangeServiceConfig SUKCES

========= End of CMD: =========


========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete HKCU\Software\Mozilla /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete HKCU\Software\MozillaPlugins /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete HKLM\SOFTWARE\Mozilla /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete HKLM\SOFTWARE\mozilla.org /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete HKLM\SOFTWARE\MozillaPlugins /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKCU\Software\Microsoft\Internet Explorer\AboutURLs" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKCU\Software\Microsoft\Internet Explorer\Search" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKCU\Software\Microsoft\Internet Explorer\SearchURI" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKCU\Software\Microsoft\Internet Explorer\SearchUrl" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchURI" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\AboutURLs" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Main" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Search" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\SearchScopes" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\SearchURI" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\SearchUrl" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg query "HKCU\Control Panel\Desktop" =========


HKEY_CURRENT_USER\Control Panel\Desktop
    ScreenSaveActive    REG_SZ    1
    ActiveWndTrackTimeout    REG_DWORD    0x0
    BlockSendInputResets    REG_SZ    0
    CaretWidth    REG_DWORD    0x1
    ClickLockTime    REG_DWORD    0x4b0
    CoolSwitchColumns    REG_SZ    7
    CoolSwitchRows    REG_SZ    3
    CursorBlinkRate    REG_SZ    600
    DockMoving    REG_SZ    1
    DragFromMaximize    REG_SZ    1
    DragFullWindows    REG_SZ    0
    DragHeight    REG_SZ    4
    DragWidth    REG_SZ    4
    FocusBorderHeight    REG_DWORD    0x1
    FocusBorderWidth    REG_DWORD    0x1
    FontSmoothing    REG_SZ    0
    FontSmoothingGamma    REG_DWORD    0x0
    FontSmoothingOrientation    REG_DWORD    0x1
    FontSmoothingType    REG_DWORD    0x2
    ForegroundFlashCount    REG_DWORD    0x7
    ForegroundLockTimeout    REG_DWORD    0x12eb7c
    LeftOverlapChars    REG_SZ    3
    MenuShowDelay    REG_SZ    400
    PaintDesktopVersion    REG_DWORD    0x0
    RightOverlapChars    REG_SZ    3
    SnapSizing    REG_SZ    1
    TileWallpaper    REG_SZ    0
    WallpaperOriginX    REG_DWORD    0x0
    WallpaperOriginY    REG_DWORD    0x0
    WallpaperStyle    REG_SZ    0
    WheelScrollChars    REG_SZ    3
    WheelScrollLines    REG_SZ    3
    WindowArrangementActive    REG_SZ    1
    UserPreferencesMask    REG_BINARY    9012018010000000
    Wallpaper    REG_SZ    C:\Users\XX\Documents\Decrypt-All-Files-kcirdgd.bmp
    Pattern Upgrade    REG_SZ    TRUE
    ScreenSaveTimeOut    REG_SZ    300
    ScreenSaverIsSecure    REG_SZ    0
    LogPixels    REG_DWORD    0x60

HKEY_CURRENT_USER\Control Panel\Desktop\Colors
HKEY_CURRENT_USER\Control Panel\Desktop\LanguageConfiguration
HKEY_CURRENT_USER\Control Panel\Desktop\WindowMetrics
HKEY_CURRENT_USER\Control Panel\Desktop\MuiCached


========= End of Reg: =========


========= reg query "HKCU\Software\Microsoft\Internet Explorer\Desktop" /s =========


HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\components

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\General
    WallpaperSource    REG_SZ    



========= End of Reg: =========


========= reg query "HKLM\Software\Microsoft\Internet Explorer\Desktop" /s =========

Bť¤D: System nie znalaz w rejestrze okrelonego klucza albo wartoci.


========= End of Reg: =========


========= reg query HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System =========




========= End of Reg: =========


========= reg query HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System =========


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
    ConsentPromptBehaviorAdmin    REG_DWORD    0x0
    ConsentPromptBehaviorUser    REG_DWORD    0x3
    EnableInstallerDetection    REG_DWORD    0x1
    EnableLUA    REG_DWORD    0x0
    EnableSecureUIAPaths    REG_DWORD    0x1
    EnableUIADesktopToggle    REG_DWORD    0x0
    EnableVirtualization    REG_DWORD    0x1
    PromptOnSecureDesktop    REG_DWORD    0x0
    ValidateAdminCodeSignatures    REG_DWORD    0x0
    dontdisplaylastusername    REG_DWORD    0x0
    legalnoticecaption    REG_SZ    
    legalnoticetext    REG_SZ    
    scforceoption    REG_DWORD    0x0
    shutdownwithoutlogon    REG_DWORD    0x1
    undockwithoutlogon    REG_DWORD    0x1
    FilterAdministratorToken    REG_DWORD    0x0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\UIPI


========= End of Reg: =========


=========  dir /a "C:\Program Files" =========

 Wolumin w stacji C nie ma etykiety.
 Numer seryjny woluminu: 13AA-F385

 Katalog: C:\Program Files

2015-02-03  11:47    <DIR>          .
2015-02-03  11:47    <DIR>          ..
2014-02-20  17:59    <DIR>          4Media
2013-09-27  20:25    <DIR>          Adobe
2014-11-14  00:00    <DIR>          Anki
2015-02-01  16:47    <DIR>          ATI Technologies
2015-02-02  01:17    <DIR>          AVG
2014-08-27  13:45    <DIR>          AVG Security Toolbar
2014-08-25  11:10    <DIR>          Avi2Dvd
2015-02-01  16:49    <DIR>          AviSynth 2.5
2014-08-25  16:11    <DIR>          AviToDvdFree
2015-01-23  20:44    <DIR>          Battle.net
2014-03-17  17:45    <DIR>          CCleaner
2015-02-01  16:49    <DIR>          CDBurnerXP
2015-02-03  11:25    <DIR>          Common Files
2011-09-05  20:23         8�391�685 data.ifs
2011-09-05  20:23             8�204 data.ifs.cch
2009-07-14  05:41               174 desktop.ini
2014-03-17  16:10    <DIR>          DivX
2013-06-22  20:14    <DIR>          dumps
2011-09-23  20:32    <DIR>          DVD Maker
2012-12-21  16:49             1�287 esl.cfg
2014-07-29  12:16    <DIR>          Foxit Software
2013-11-27  22:10    <DIR>          GameforgeLive
2014-11-09  12:02    <DIR>          Google
2014-09-07  12:58    <DIR>          Grupa IMAGE
2014-12-20  23:42    <DIR>          HEX
2015-02-02  10:49    <DIR>          HP
2013-04-27  16:56    <DIR>          HTC
2014-11-09  11:31    <DIR>          InstallShield Installation Information
2015-02-03  08:41    <DIR>          Internet Explorer
2015-02-01  17:09    <DIR>          IrfanView
2014-08-25  11:04    <DIR>          K-Lite Codec Pack
2013-12-19  15:04    <DIR>          LG Electronics
2012-06-05  19:16    <DIR>          LG Soft India Pvt Ltd
2012-12-17  16:34               305 liblist.gam
2012-12-19  16:40             5�315 live.cfg
2015-02-01  17:09    <DIR>          LocK-A-FoLdeR
2015-02-03  11:22    <DIR>          Malwarebytes Anti-Malware
2013-04-26  13:58    <DIR>          Microsoft
2010-11-01  22:36    <DIR>          Microsoft FrontPage
2009-07-14  09:28    <DIR>          Microsoft Games
2010-01-27  12:46    <DIR>          Microsoft Media
2013-09-06  09:05    <DIR>          Microsoft Office
2014-08-31  11:38    <DIR>          Microsoft Silverlight
2009-11-26  12:15    <DIR>          Microsoft SQL Server Compact Edition
2009-11-26  12:15    <DIR>          Microsoft Sync Framework
2011-03-29  13:40    <DIR>          Microsoft Virtual PC
2010-11-01  22:40    <DIR>          Microsoft Visual Studio
2013-09-06  09:03    <DIR>          Microsoft Visual Studio 8
2015-02-03  02:21    <DIR>          Microsoft Works
2010-08-17  22:47    <DIR>          Microsoft WSE
2013-09-06  09:04    <DIR>          Microsoft.NET
2014-06-26  20:34    <DIR>          MKJogo
2013-09-06  09:05    <DIR>          MSBuild
2013-07-09  11:14    <DIR>          MSECache
2015-02-03  08:51    <DIR>          MSXML 4.0
2014-07-29  15:52    <DIR>          Nero
2012-12-21  16:43                71 plugins.ini
2014-12-28  12:00    <DIR>          Real
2014-11-09  11:32    <DIR>          Realtek
2009-07-14  05:52    <DIR>          Reference Assemblies
2014-11-09  11:31    <DIR>          screenSHU
2012-12-19  15:48               575 server.cfg
2015-02-01  20:21    <DIR>          Skype
2014-06-26  11:17    <DIR>          Sony
2013-11-09  12:18    <DIR>          Sony Ericsson
2014-02-20  19:11    <DIR>          Sony Setup
2012-12-20  19:59                16 sys_ticrate.cfg
2015-02-01  20:22    <DIR>          TeamSpeak 3 Client
2014-11-09  11:32    <DIR>          Temp
2014-09-07  12:57    <DIR>          Total Video Converter
2009-07-14  05:53    <DIR>          Uninstall Information
2015-02-03  08:41    <DIR>          Windows Defender
2012-06-15  21:21    <DIR>          Windows Journal
2011-09-23  20:32    <DIR>          Windows Mail
2015-02-03  08:41    <DIR>          Windows Media Player
2009-11-26  11:29    <DIR>          Windows NT
2011-09-23  20:32    <DIR>          Windows Photo Viewer
2011-09-23  20:32    <DIR>          Windows Portable Devices
2011-09-23  20:32    <DIR>          Windows Sidebar
2015-02-01  20:35    <DIR>          WinRAR
               9 plik(�w)          8�407�632 bajt�w
              73 katalog(�w)   7�210�708�992 bajt�w wolnych

========= End of CMD: =========


=========  dir /a "C:\Program Files\Common Files" =========

 Wolumin w stacji C nie ma etykiety.
 Numer seryjny woluminu: 13AA-F385

 Katalog: C:\Program Files\Common Files

2015-02-03  11:25    <DIR>          .
2015-02-03  11:25    <DIR>          ..
2014-03-17  17:18    <DIR>          Adobe
2012-08-30  22:08    <DIR>          Adobe AIR
2014-08-31  00:07    <DIR>          Aimersoft
2014-02-20  18:14    <DIR>          AVSMedia
2015-01-23  20:49    <DIR>          Blizzard Entertainment
2013-09-06  09:05    <DIR>          DESIGNER
2014-03-17  16:10    <DIR>          DivX Shared
2010-12-28  14:59    <DIR>          GeoVid
2014-03-10  14:13    <DIR>          Grupa Image
2013-11-18  18:01    <DIR>          Hewlett-Packard
2013-11-18  18:00    <DIR>          HP
2013-01-14  16:10    <DIR>          InstallShield
2010-02-18  11:24    <DIR>          InterVideo
2010-04-10  15:35    <DIR>          MAGIX Services
2011-10-03  17:42    <DIR>          MAGIX Shared
2015-02-03  02:21    <DIR>          microsoft shared
2014-07-29  15:52    <DIR>          Nero
2013-01-14  16:14    <DIR>          PC Tools
2010-02-27  20:23    <DIR>          PX Storage Engine
2015-02-01  16:53    <DIR>          Samsung
2009-07-14  03:37    <DIR>          Services
2014-09-23  06:10    <DIR>          Skype
2009-07-14  03:37    <DIR>          SpeechEngines
2014-12-01  17:26    <DIR>          Steam
2013-01-28  16:57    <DIR>          Symantec Shared
2013-09-06  09:02    <DIR>          System
2009-11-26  12:11    <DIR>          Windows Live
2014-09-12  22:00    <DIR>          Wise Installation Wizard
2010-04-10  15:33    <DIR>          xara
2011-11-13  02:45    <DIR>          xing shared
               0 plik(�w)                  0 bajt�w
              32 katalog(�w)   7�210�704�896 bajt�w wolnych

========= End of CMD: =========


=========  dir /a C:\ProgramData =========

 Wolumin w stacji C nie ma etykiety.
 Numer seryjny woluminu: 13AA-F385

 Katalog: C:\ProgramData

2015-02-03  12:29    <DIR>          .
2015-02-03  12:29    <DIR>          ..
2014-11-03  18:18    <DIR>          25ebdc4eb7321999
2015-02-01  16:42    <DIR>          4Media
2014-01-20  21:37    <DIR>          Adobe
2014-07-29  12:16    <DIR>          APN
2010-09-26  12:57    <DIR>          Apple
2009-07-14  05:53    <JUNCTION>     Application Data [C:\ProgramData]
2014-02-20  18:27    <DIR>          Ashampoo
2009-12-03  12:46    <DIR>          ATI
2014-11-09  12:58    <DIR>          AVAST Software
2015-02-01  23:55    <DIR>          AVG2015
2014-08-27  13:45    <DIR>          Avg_Update_0814tb
2014-02-20  18:15    <DIR>          AVS4YOU
2015-02-01  20:24    <DIR>          Battle.net
2014-09-13  20:57    <DIR>          Blizzard Entertainment
2013-08-17  16:40    <DIR>          Canneverbe Limited
2011-03-14  15:55    <DIR>          Common Files
2014-11-09  12:55    <DIR>          CouponFactory
2011-02-02  16:06    <DIR>          DAEMON Tools Lite
2009-11-26  11:29    <JUNCTION>     Dane aplikacji [C:\ProgramData]
2009-07-14  05:53    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
2015-02-01  20:24    <DIR>          DivX
2009-07-14  05:53    <JUNCTION>     Documents [C:\Users\Public\Documents]
2009-11-26  11:29    <JUNCTION>     Dokumenty [C:\Users\Public\Documents]
2011-02-01  13:24    <DIR>          EA Core
2011-04-28  10:17    <DIR>          Easy Driver Pro
2011-02-01  13:31    <DIR>          Electronic Arts
2009-07-14  05:53    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
2014-09-07  20:25    <DIR>          Firefly Studios
2010-01-10  14:57    <DIR>          FLEXnet
2010-04-24  17:52    <DIR>          Gadu-Gadu 10
2010-02-25  14:12    <DIR>          GoldWave
2012-05-29  15:41    <DIR>          Google
2015-02-01  16:49             8�554 HELP_DECRYPT.HTML
2015-02-01  16:49            45�582 HELP_DECRYPT.PNG
2015-02-01  16:49             4�288 HELP_DECRYPT.TXT.wxeezfd
2015-02-01  16:49               276 HELP_DECRYPT.URL
2014-07-29  11:13    <DIR>          House Of Soft
2015-02-01  20:24    <DIR>          HP
2013-11-18  18:04    <DIR>          HP Product Assistant
2015-02-02  10:52             9�486 hpzinstall.log
2012-06-05  19:17    <DIR>          InstallShield
2015-02-01  20:24    <DIR>          MAGIX
2014-11-09  12:37    <DIR>          Malwarebytes
2009-11-26  11:29    <JUNCTION>     Menu Start [C:\ProgramData\Microsoft\Windows\Start Menu]
2015-02-03  10:36    <DIR>          MFAData
2015-02-03  09:22    <DIR>          Microsoft
2015-02-03  02:46    <DIR>          Microsoft Help
2010-04-10  15:36    <DIR>          mufin
2015-02-01  20:28    <DIR>          Nero
2012-09-28  19:09    <DIR>          Nexon
2012-09-28  18:55    <DIR>          NexonEU
2010-12-18  21:41    <DIR>          NokiaMusic
2015-02-02  22:45                 8 ntuser.pol
2012-09-02  15:29    <DIR>          OpenFM
2015-02-02  22:47    <DIR>          Package Cache
2010-12-18  22:14    <DIR>          PC Suite
2010-02-06  22:27    <DIR>          Pinnacle
2013-02-25  16:26    <DIR>          PMB Files
2009-11-26  11:29    <JUNCTION>     Pulpit [C:\Users\Public\Desktop]
2013-02-25  16:25    <DIR>          Real
2014-07-18  11:09    <DIR>          Riot Games
2012-11-02  00:01    <DIR>          RoboForm
2010-12-18  22:12    <DIR>          Samsung
2014-11-09  12:55    <DIR>          saveron
2015-02-01  20:40    <DIR>          Skype
2015-02-01  20:41    <DIR>          Sony
2013-11-09  12:18    <DIR>          Sony Ericsson
2009-07-14  05:53    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
2011-02-05  16:22    <DIR>          STOIK
2010-04-10  16:11    <DIR>          Sun
2009-11-26  11:29    <JUNCTION>     Szablony [C:\ProgramData\Microsoft\Windows\Templates]
2009-07-14  05:53    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
2013-02-10  23:43    <DIR>          TuneUp Software
2010-04-10  12:53    <DIR>          Ulead Systems
2009-11-26  11:29    <JUNCTION>     Ulubione [C:\Users\Public\Favorites]
2012-08-06  15:23    <DIR>          Web Installer
2013-11-18  18:10    <DIR>          WEBREG
2013-02-10  23:42    <DIR>          {C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
               6 plik(�w)             68�194 bajt�w
              74 katalog(�w)   7�210�700�800 bajt�w wolnych

========= End of CMD: =========


=========  dir /a C:\Users\XX\AppData\Local =========

 Wolumin w stacji C nie ma etykiety.
 Numer seryjny woluminu: 13AA-F385

 Katalog: C:\Users\XX\AppData\Local

2015-02-03  11:31    <DIR>          .
2015-02-03  11:31    <DIR>          ..
2013-12-08  00:29    <DIR>          .#
2014-12-16  23:52    <DIR>          Adobe
2010-01-27  21:10    <DIR>          Ahead
2014-08-31  00:07    <DIR>          Aimersoft
2010-09-26  12:57    <DIR>          Apple
2010-10-10  09:22    <DIR>          Apple Computer
2013-10-23  18:16    <DIR>          Apps
2014-02-20  18:30    <DIR>          Ashampoo Movie Studio
2010-01-09  10:33    <DIR>          ATI
2015-02-02  00:00    <DIR>          Avg2015
2015-02-01  20:42    <DIR>          Battle.net
2015-02-01  20:42    <DIR>          Blizzard
2015-02-01  20:42    <DIR>          Blizzard Entertainment
2010-01-09  11:30    <DIR>          cache
2014-08-25  16:08    <DIR>          CrashRpt
2010-01-09  10:32    <JUNCTION>     Dane aplikacji [C:\Users\XX\AppData\Local]
2014-10-18  23:26    <DIR>          DayZ
2014-12-02  00:25            18�432 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-12-05  21:02    <DIR>          DDMSettings
2013-10-23  18:16    <DIR>          Deployment
2012-06-02  13:34    <DIR>          Diagnostics
2013-01-14  16:13    <DIR>          Downloaded Installations
2011-02-01  13:31    <DIR>          Electronic Arts
2014-12-17  19:48    <DIR>          ElevatedDiagnostics
2012-10-16  17:18    <DIR>          GamersFirst
2015-02-03  08:47           138�584 GDIPFONTCACHEV1.DAT
2014-12-21  02:20    <DIR>          GGEmpire
2011-01-15  16:42    <DIR>          GHISLER
2014-08-25  16:08    <DIR>          globalUpdate
2015-02-03  11:00    <DIR>          Google
2015-02-01  17:17             8�554 HELP_DECRYPT.HTML
2015-02-01  17:17            45�582 HELP_DECRYPT.PNG
2015-02-01  17:17             1�376 HELP_DECRYPT.TXT.kcirdgd
2015-02-01  17:17               276 HELP_DECRYPT.URL
2010-01-09  10:32    <JUNCTION>     Historia [C:\Users\XX\AppData\Local\Microsoft\Windows\History]
2014-07-16  16:44    <DIR>          HP
2015-02-03  12:25         1�265�760 IconCache.db
2014-11-06  07:47    <DIR>          ICSharpCode.net
2014-08-25  16:08    <DIR>          Installer
2010-12-21  19:14    <DIR>          IsolatedStorage
2010-10-15  22:49    <DIR>          IVONA_INST
2012-06-23  13:40    <DIR>          Macromedia
2011-09-07  15:51    <DIR>          MAGIX
2015-02-01  22:04    <DIR>          MFAData
2015-02-01  20:42    <DIR>          Microsoft
2011-03-17  20:58    <DIR>          Microsoft Games
2013-09-06  09:02    <DIR>          Microsoft Help
2015-02-01  20:44    <DIR>          PMB Files
2012-12-27  17:47    <DIR>          Programs
2015-02-03  11:53             7�639 Resmon.ResmonCfg
2013-04-30  15:28    <DIR>          Seven Zip
2015-02-01  20:44    <DIR>          Skype
2014-02-20  19:15    <DIR>          Sony
2014-11-22  19:00    <DIR>          SteelSeries_ApS
2015-02-03  12:30    <DIR>          Temp
2010-01-09  10:32    <JUNCTION>     Temporary Internet Files [C:\Users\XX\AppData\Local\Microsoft\Windows\Temporary Internet Files]
2014-09-07  20:31    <DIR>          Unity
2011-09-21  22:10    <DIR>          VirtualStore
2010-04-25  18:16    <DIR>          WMTools Downloaded Files
2010-04-10  15:36    <DIR>          Xara
               8 plik(�w)          1�486�203 bajt�w
              54 katalog(�w)   7�210�696�704 bajt�w wolnych

========= End of CMD: =========


=========  dir /a C:\Users\XX\AppData\LocalLow =========

 Wolumin w stacji C nie ma etykiety.
 Numer seryjny woluminu: 13AA-F385

 Katalog: C:\Users\XX\AppData\LocalLow

2015-02-03  12:29    <DIR>          .
2015-02-03  12:29    <DIR>          ..
2015-02-01  20:57    <DIR>          72C8C5EA
2014-12-18  01:00    <DIR>          Adobe
2010-09-26  12:57    <DIR>          Apple Computer
2014-08-25  16:08    <DIR>          Goobzo
2015-02-01  17:18             8�554 HELP_DECRYPT.HTML
2015-02-01  17:18            45�582 HELP_DECRYPT.PNG
2015-02-01  17:18             1�376 HELP_DECRYPT.TXT.kcirdgd
2015-02-01  17:18               276 HELP_DECRYPT.URL
2012-06-23  13:40    <DIR>          Microsoft
2015-02-03  00:28                 0 prvlcl.dat
2012-11-02  00:01    <DIR>          Siber Systems
2014-04-17  10:18    <DIR>          SimplyTech
2013-11-09  12:36             8�220 SkwConfig.bin
2010-02-17  20:18    <DIR>          Temp
2014-11-09  12:32    <DIR>          TheTorntv V10
2014-09-07  20:11    <DIR>          Unity
               6 plik(�w)             64�008 bajt�w
              12 katalog(�w)   7�210�696�704 bajt�w wolnych

========= End of CMD: =========


=========  dir /a C:\Users\XX\AppData\Roaming =========

 Wolumin w stacji C nie ma etykiety.
 Numer seryjny woluminu: 13AA-F385

 Katalog: C:\Users\XX\AppData\Roaming

2015-02-03  12:30    <DIR>          .
2015-02-03  12:30    <DIR>          ..
2010-12-21  22:45    <DIR>          .#
2015-02-01  20:45    <DIR>          4Media
2015-02-01  20:45    <DIR>          Adobe
2010-01-27  21:11    <DIR>          Ahead
2012-08-30  22:24    <DIR>          app
2011-01-08  14:27    <DIR>          Apple Computer
2010-01-09  10:33    <DIR>          ATI
2014-08-25  16:08    <DIR>          AviDvdBurner
2015-02-01  21:22    <DIR>          AvitoDvd
2010-10-15  23:01    <DIR>          Avnex
2014-02-20  18:15    <DIR>          AVS4YOU
2015-02-01  20:45    <DIR>          Battle.net
2014-01-18  17:25    <DIR>          BoL
2013-08-17  16:40    <DIR>          Canneverbe Limited
2014-11-09  12:39    <DIR>          CertifiedToolsToolbar
2013-11-08  08:46    <DIR>          Cream Software
2012-09-01  10:49               165 D2Info0
2012-05-29  20:27    <DIR>          DAEMON Tools Lite
2010-10-24  22:29    <DIR>          DeepBurner
2011-02-04  12:42    <DIR>          DivX
2011-09-01  13:01    <DIR>          dll-files.com
2015-02-01  20:45    <DIR>          DMCache
2012-08-30  22:24    <DIR>          Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
2012-08-31  11:52    <DIR>          Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
2012-09-01  12:10    <DIR>          Dofus2
2012-09-01  12:12                 8 DofusAppId0_1
2012-08-31  15:31                 8 DofusAppId0_2
2011-10-05  11:33    <DIR>          dvdcss
2014-09-07  20:29    <DIR>          Firefly Studios
2014-08-23  12:15    <DIR>          Foxit Software
2012-10-22  22:52    <DIR>          FreeAudioPack
2014-11-09  12:55    <DIR>          GameCenter
2010-12-28  14:59    <DIR>          GeoVid
2010-12-31  23:43    <DIR>          GetRightToGo
2011-01-07  15:27    <DIR>          GHISLER
2011-02-27  22:35    <DIR>          Google
2014-03-10  14:13    <DIR>          Grupa IMAGE
2010-02-18  11:37    <DIR>          gtk-2.0
2015-02-01  21:34             8�554 HELP_DECRYPT.HTML
2015-02-01  21:34            45�739 HELP_DECRYPT.PNG
2015-02-01  21:34             1�376 HELP_DECRYPT.TXT.kcirdgd
2015-02-01  21:34               276 HELP_DECRYPT.URL
2014-10-24  17:57    <DIR>          HP
2010-01-09  10:32    <DIR>          Identities
2014-01-20  22:20    <DIR>          IDM
2015-02-02  02:57    <DIR>          Iduqofen
2012-01-01  19:01    <DIR>          iFree
2011-02-23  17:00    <DIR>          IrfanView
2012-08-27  14:12    <DIR>          LolClient
2010-01-09  11:00    <DIR>          Macromedia
2010-04-10  15:37    <DIR>          MAGIX
2009-07-14  09:27    <DIR>          Media Center Programs
2013-01-14  16:17    <DIR>          Media Player Classic
2012-08-06  15:38    <DIR>          MegaCloud
2015-02-01  21:27    <DIR>          Microsoft
2010-04-06  22:28    <DIR>          Microsoft Web Folders
2013-01-14  14:56    <DIR>          mIRC
2014-05-19  21:48    <DIR>          mplayer
2015-02-01  21:28    <DIR>          Nero
2010-12-18  21:41    <DIR>          Nokia
2010-12-18  22:14    <DIR>          PC Suite
2010-03-08  23:34    <DIR>          proDAD
2010-02-18  11:54    <DIR>          Publish Providers
2015-02-01  21:28    <DIR>          Real
2012-08-30  22:24    <DIR>          Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
2014-03-17  16:10    <DIR>          Riot Games
2012-11-02  00:02    <DIR>          RoboForm
2015-02-01  21:28    <DIR>          Samsung
2015-02-02  22:09    <DIR>          Skype
2012-09-12  18:35    <DIR>          skypePM
2010-02-18  11:54    <DIR>          Sony
2013-05-15  21:10    <DIR>          SumatraPDF
2010-11-06  03:55    <DIR>          Tibia
2015-02-01  22:09    <DIR>          TS3Client
2014-03-17  17:34    <DIR>          TuneUp Software
2010-03-09  18:43    <DIR>          Ulead Systems
2013-01-14  16:17    <DIR>          Ventrilo
2012-03-03  18:46    <DIR>          vlc
2012-08-24  21:58    <DIR>          VOIPlay
2014-11-09  11:58                67 WB.CFG
2010-01-10  14:53    <DIR>          WinRAR
               8 plik(�w)             56�193 bajt�w
              75 katalog(�w)   7�210�692�608 bajt�w wolnych

========= End of CMD: =========

EmptyTemp: => Removed 2 GB temporary data.


The system needed a reboot. 

==== End of Fixlog 12:54:09 ====