Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-04-2015 04 Ran by Administrator (administrator) on PC832424392834 on 16-04-2015 05:59:05 Running from D:\Downloads Loaded Profiles: Administrator (Available profiles: Administrator & Gość) Platform: Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polski Internet Explorer Version 8 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe (NoVirusThanks Company Srl) C:\Program Files\NoVirusThanks\EXE Radar Pro\ERPSvc.exe (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe (NoVirusThanks Company Srl) C:\Program Files\NoVirusThanks\EXE Radar Pro\EXERadar.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe (Blue Ridge Networks (C) 2007-2008) C:\Program Files\Blue Ridge Networks\Edgeguard Solo\BrnTokenGuardTrayApp.exe (Blue Ridge Networks (C) 2007-2008) C:\Program Files\Blue Ridge Networks\Edgeguard Solo\EgaSecSvc.exe (Kerio Technologies) C:\Program Files\Kerio\Personal Firewall\PERSFW.exe (Cognizance Corporation) C:\Program Files\Hewlett-Packard\IAM\Bin\asghost.exe (Microsoft Corporation) C:\WINDOWS\system32\scardsvr.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Marek Jasinski - www.FreeCommander.com) C:\Moje programy\FreeCommander\FreeCommander.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1791272 2010-06-04] (Synaptics Incorporated) HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [872448 2007-01-05] (Analog Devices, Inc.) HKLM\...\Run: [BootNaMir] => C:\Program Files\Wondershare\Time Freeze\BootSP.exe [322152 2010-12-13] (Wondershare Software Co.,Ltd) HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k HKLM\...\Run: [] => [X] HKLM\...\Run: [Edgeguard Solo Tray] => C:\Program Files\Blue Ridge Networks\Edgeguard Solo\BrnTokenGuardTrayApp.exe [114688 2008-04-03] (Blue Ridge Networks (C) 2007-2008) HKLM\...\Run: [BrStsMon00] => C:\Program Files\Browny02\Brother\BrStMonW.exe [4522496 2012-12-27] (Brother Industries, Ltd.) HKLM Group Policy restriction on software: *:\RECYCLER <====== ATTENTION HKLM Group Policy restriction on software: *.pdf*.bat <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.bat <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.bat <====== ATTENTION HKLM Group Policy restriction on software: *.png*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.xlsx*.js <====== ATTENTION HKLM Group Policy restriction on software: *.gif*.com <====== ATTENTION HKLM Group Policy restriction on software: *.jpg*.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.png*.cmd <====== ATTENTION HKLM Group Policy restriction on software: *.rar*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.wma*.bat <====== ATTENTION HKLM Group Policy restriction on software: *.bmp*.js <====== ATTENTION HKLM Group Policy restriction on software: *.mp3*.cmd <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.js <====== ATTENTION HKLM Group Policy restriction on software: *.avi*.exe <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.pif <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.exe <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.pdf*.jse <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.divx*.com <====== ATTENTION HKLM Group Policy restriction on software: *.mp4*.bat <====== ATTENTION HKLM Group Policy restriction on software: *.gif*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.pub*.js <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.wav*.com <====== ATTENTION HKLM Group Policy restriction on software: *.jpeg*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.txt*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.xlsx*.bat <====== ATTENTION HKLM Group Policy restriction on software: *.xls*.cmd <====== ATTENTION HKLM Group Policy restriction on software: *.mp3*.js <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.js <====== ATTENTION HKLM Group Policy restriction on software: *.xls*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.divx*.jse <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.com <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*\*.com <====== ATTENTION HKLM Group Policy restriction on software: *.jpg*.cmd <====== ATTENTION HKLM Group Policy restriction on software: *.ppt*.jse <====== ATTENTION HKLM Group Policy restriction on software: *.jpeg*.scr <====== ATTENTION HKLM Group Policy restriction on software: C:\Documents and Settings\*.js <====== ATTENTION HKLM Group Policy restriction on software: *.xls*.bat <====== ATTENTION HKLM Group Policy restriction on software: *.pptx*.cmd <====== ATTENTION HKLM Group Policy restriction on software: *.7z*.bat <====== ATTENTION HKLM Group Policy restriction on software: syskey.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.scr <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.bat <====== ATTENTION HKLM Group Policy restriction on software: *.xlsx*.pif <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\*.bat <====== ATTENTION HKLM Group Policy restriction on software: *.mp4*.js <====== ATTENTION HKLM Group Policy restriction on software: *.zip*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.pdf*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.zip*.cmd <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.jse <====== ATTENTION HKLM Group Policy restriction on software: *.jpeg*.bat <====== ATTENTION HKLM Group Policy restriction on software: *.avi*.com <====== ATTENTION HKLM Group Policy restriction on software: *.rar*.jse <====== ATTENTION HKLM Group Policy restriction on software: *.wma*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.wav*.jse <====== ATTENTION HKLM Group Policy restriction on software: *.pub*.cmd <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\*.scr <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.cmd <====== ATTENTION HKLM Group Policy restriction on software: *.zip*.com <====== ATTENTION HKLM Group Policy restriction on software: *.pub*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.avi*.bat <====== ATTENTION HKLM Group Policy restriction on software: *.bmp*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.7z*.jse <====== ATTENTION HKLM Group Policy restriction on software: *.txt*.jse <====== ATTENTION HKLM Group Policy restriction on software: *.rar*.exe <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\*.scr <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.bat <====== ATTENTION HKLM Group Policy restriction on software: *.zip*.js <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.bat <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*\*.jse <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.jse <====== ATTENTION HKLM Group Policy restriction on software: *.ppt*.com <====== ATTENTION HKLM Group Policy restriction on software: cipher.exe <====== ATTENTION HKLM Group Policy restriction on software: *.gif*.pif <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\*.jse <====== ATTENTION HKLM Group Policy restriction on software: %programfiles%\*\svchost.exe <====== ATTENTION HKLM Group Policy restriction on software: *.avi*.cmd <====== ATTENTION HKLM Group Policy restriction on software: *.png*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.wav*.exe <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*\*.bat <====== ATTENTION HKLM Group Policy restriction on software: *.doc*.exe <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*\*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.mp3*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.txt*.com <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*\*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.rtf*.cmd <====== ATTENTION HKLM Group Policy restriction on software: *.rtf*.pif <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\*.jse <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\*\*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.ppt*.bat <====== ATTENTION HKLM Group Policy restriction on software: *.png*.com <====== ATTENTION HKLM Group Policy restriction on software: *.png*.bat <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*\*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.7z*.scr <====== ATTENTION HKLM Group Policy restriction on software: C:\Documents and Settings\*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.mp4*.jse <====== ATTENTION HKLM Group Policy restriction on software: *.doc*.jse <====== ATTENTION HKLM Group Policy restriction on software: *.xls*.jse <====== ATTENTION HKLM Group Policy restriction on software: *.zip*.scr <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.cmd <====== ATTENTION HKLM Group Policy restriction on software: lsassvrtdbks.exe <====== ATTENTION HKLM Group Policy restriction on software: *.avi*.js <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\*\*.com <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.js <====== ATTENTION HKLM Group Policy restriction on software: *.jpeg*.js <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Application Data\Microsoft\Windows\IEUpdate\*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.jpg*.com <====== ATTENTION HKLM Group Policy restriction on software: *.wmv*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.jpg*.js <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Application Data\*.cmd <====== ATTENTION HKLM Group Policy restriction on software: *.jpeg*.com <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*\*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.wmv*.pif <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.scr <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Application Data\*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.divx*.exe <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.cmd <====== ATTENTION HKLM Group Policy restriction on software: *.mp3*.bat <====== ATTENTION HKLM Group Policy restriction on software: *.txt*.cmd <====== ATTENTION HKLM Group Policy restriction on software: *.ppt*.cmd <====== ATTENTION HKLM Group Policy restriction on software: *.divx*.js <====== ATTENTION HKLM Group Policy restriction on software: *.wma*.com <====== ATTENTION HKLM Group Policy restriction on software: *.doc*.js <====== ATTENTION HKLM Group Policy restriction on software: *.rtf*.bat <====== ATTENTION HKLM Group Policy restriction on software: *.png*.js <====== ATTENTION HKLM Group Policy restriction on software: *.wav*.cmd <====== ATTENTION HKLM Group Policy restriction on software: *.zip*.exe <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.cmd <====== ATTENTION HKLM Group Policy restriction on software: *.wmv*.js <====== ATTENTION HKLM Group Policy restriction on software: *.gif*.cmd <====== ATTENTION HKLM Group Policy restriction on software: *.avi*.jse <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.bat <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Application Data\*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.mp4*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.ppt*.js <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\*.bat <====== ATTENTION HKLM Group Policy restriction on software: *.xlsx*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.divx*.bat <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*\*.jse <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*\*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.gif*.jse <====== ATTENTION HKLM Group Policy restriction on software: *.wmv*.scr <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.xlsx*.scr <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.cmd <====== ATTENTION HKLM Group Policy restriction on software: C:\Documents and Settings\*.exe <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.com <====== ATTENTION HKLM Group Policy restriction on software: ** <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.docx*.cmd <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*\*.cmd <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.doc*.bat <====== ATTENTION HKLM Group Policy restriction on software: *.docx*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.rtf*.exe <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\*.js <====== ATTENTION HKLM Group Policy restriction on software: scsvserv.exe <====== ATTENTION HKLM Group Policy restriction on software: *.avi*.scr <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*\*.bat <====== ATTENTION HKLM Group Policy restriction on software: *.mp4*.exe <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.pdf*.cmd <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Application Data\*.js <====== ATTENTION HKLM Group Policy restriction on software: *.txt*.js <====== ATTENTION HKLM Group Policy restriction on software: *.ppt*.scr <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Application Data\*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.divx*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.mp4*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.mp3*.com <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.js <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\*.com <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Application Data\*.jse <====== ATTENTION HKLM Group Policy restriction on software: *.wmv*.jse <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.exe <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.com <====== ATTENTION HKLM Group Policy restriction on software: *.xls*.js <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.jse <====== ATTENTION HKLM Group Policy restriction on software: *.rtf*.js <====== ATTENTION HKLM Group Policy restriction on software: *.jpg*.scr <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.wma*.cmd <====== ATTENTION HKLM Group Policy restriction on software: C:\Documents and Settings\*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.xlsx*.com <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\*.cmd <====== ATTENTION HKLM Group Policy restriction on software: C:\Documents and Settings\*.cmd <====== ATTENTION HKLM Group Policy restriction on software: *.rar*.com <====== ATTENTION HKLM Group Policy restriction on software: *.wav*.pif <====== ATTENTION HKLM Group Policy restriction on software: %programdata%\*\svchost.exe <====== ATTENTION HKLM Group Policy restriction on software: *.pdf*.js <====== ATTENTION HKLM Group Policy restriction on software: *.xls*.scr <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\*\*.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.com <====== ATTENTION HKLM Group Policy restriction on software: *.wav*.js <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.doc*.cmd <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.com <====== ATTENTION HKLM Group Policy restriction on software: *.pub*.exe <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*\*.exe <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\*\*.js <====== ATTENTION HKLM Group Policy restriction on software: *.jpeg*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.7z*.js <====== ATTENTION HKLM Group Policy restriction on software: *.mp3*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.rar*.js <====== ATTENTION HKLM Group Policy restriction on software: *.doc*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.mp3*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.7z*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.pub*.pif <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*\*.cmd <====== ATTENTION HKLM Group Policy restriction on software: *.ppt*.exe <====== ATTENTION HKLM Group Policy restriction on software: C:\Documents and Settings\*.jse <====== ATTENTION HKLM Group Policy restriction on software: *.pptx*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.pdf*.com <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.pdf*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.ppt*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.wav*.bat <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\*.cmd <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\*.com <====== ATTENTION HKLM Group Policy restriction on software: *.docx*.bat <====== ATTENTION HKLM Group Policy restriction on software: *.wmv*.bat <====== ATTENTION HKLM Group Policy restriction on software: *.wma*.jse <====== ATTENTION HKLM Group Policy restriction on software: *.zip*.jse <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.js <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\*.cmd <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.pif <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.docx*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.pptx*.pif <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.com <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.js <====== ATTENTION HKLM Group Policy restriction on software: *.mp4*.cmd <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.pif <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*\*.js <====== ATTENTION HKLM Group Policy restriction on software: *.docx*.jse <====== ATTENTION HKLM Group Policy restriction on software: *.pub*.jse <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.7z*.cmd <====== ATTENTION HKLM Group Policy restriction on software: *.wma*.scr <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.jse <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.js <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\*\*.cmd <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.jpeg*.cmd <====== ATTENTION HKLM Group Policy restriction on software: *.rtf*.jse <====== ATTENTION HKLM Group Policy restriction on software: *.wmv*.cmd <====== ATTENTION HKLM Group Policy restriction on software: *.pptx*.com <====== ATTENTION HKLM Group Policy restriction on software: *.bmp*.bat <====== ATTENTION HKLM Group Policy restriction on software: *.bmp*.com <====== ATTENTION HKLM Group Policy restriction on software: *.doc*.pif <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.jse <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.xls*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.png*.scr <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\*.js <====== ATTENTION HKLM Group Policy restriction on software: *.7z*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.rtf*.scr <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\*.com <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.jse <====== ATTENTION HKLM Group Policy restriction on software: *.mp3*.jse <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\*.jse <====== ATTENTION HKLM Group Policy restriction on software: *.wmv*.com <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.jse <====== ATTENTION HKLM Group Policy restriction on software: *.avi*.pif <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*\*.com <====== ATTENTION HKLM Group Policy restriction on software: *.bmp*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.rar*.bat <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.txt*.bat <====== ATTENTION HKLM Group Policy restriction on software: *.docx*.com <====== ATTENTION HKLM Group Policy restriction on software: *.pptx*.jse <====== ATTENTION HKLM Group Policy restriction on software: *.bmp*.scr <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.bat <====== ATTENTION HKLM Group Policy restriction on software: *.txt*.pif <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.xls*.com <====== ATTENTION HKLM Group Policy restriction on software: *.txt*.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.com <====== ATTENTION HKLM Group Policy restriction on software: *.rar*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.jpg*.jse <====== ATTENTION HKLM Group Policy restriction on software: *.jpeg*.jse <====== ATTENTION HKLM Group Policy restriction on software: *.wav*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.bmp*.jse <====== ATTENTION HKLM Group Policy restriction on software: *.jpg*.bat <====== ATTENTION HKLM Group Policy restriction on software: *.pptx*.bat <====== ATTENTION HKLM Group Policy restriction on software: *.7z*.com <====== ATTENTION HKLM Group Policy restriction on software: *.zip*.bat <====== ATTENTION HKLM Group Policy restriction on software: *.wma*.js <====== ATTENTION HKLM Group Policy restriction on software: %systemdrive%\*\svchost.exe <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\*\*.jse <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\*.bat <====== ATTENTION HKLM Group Policy restriction on software: *.png*.jse <====== ATTENTION HKLM Group Policy restriction on software: *.doc*.com <====== ATTENTION HKLM Group Policy restriction on software: *.gif*.bat <====== ATTENTION HKLM Group Policy restriction on software: vssadmin.exe <====== ATTENTION HKLM Group Policy restriction on software: *.mp4*.com <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.cmd <====== ATTENTION HKLM Group Policy restriction on software: *.xlsx*.cmd <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*\*.js <====== ATTENTION HKLM Group Policy restriction on software: *.wma*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.gif*.js <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Application Data\*.com <====== ATTENTION HKLM Group Policy restriction on software: *.bmp*.cmd <====== ATTENTION HKLM Group Policy restriction on software: *.divx*.cmd <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\*.js <====== ATTENTION HKLM Group Policy restriction on software: *.pdf*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.pub*.com <====== ATTENTION HKLM Group Policy restriction on software: *.rar*.cmd <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\*\*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.docx*.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Application Data\*.bat <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.cmd <====== ATTENTION HKLM Group Policy restriction on software: *.pub*.bat <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.exe <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\*\*.bat <====== ATTENTION HKLM Group Policy restriction on software: C:\Documents and Settings\*.bat <====== ATTENTION HKLM Group Policy restriction on software: *.rtf*.com <====== ATTENTION HKLM Group Policy restriction on software: *.pptx*.js <====== ATTENTION HKLM Group Policy restriction on software: lsassw86s.exe <====== ATTENTION HKLM Group Policy restriction on software: *.gif*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.jpg*.pif <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.pptx*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.divx*.scr <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.xlsx*.jse <====== ATTENTION HKLM Group Policy restriction on software: *.docx*.js <====== ATTENTION HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <====== ATTENTION HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot%*.exe <====== ATTENTION HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot%System32\*.exe <====== ATTENTION HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <====== ATTENTION Winlogon\Notify\AtiExtEvent: C:\Windows\system32\Ati2evxx.dll (ATI Technologies Inc.) Winlogon\Notify\OneCard: C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll (Cognizance Corporation) HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0 HKLM\...\Policies\Explorer: [NoCDBurning] 0 HKLM\...\Policies\Explorer: [NoResolveSearch] 1 HKU\S-1-5-21-73048860-3076797083-264437785-500\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0 HKU\S-1-5-21-73048860-3076797083-264437785-500\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 Lsa: [Notification Packages] scecli scecli Startup: C:\Documents and Settings\Default User\Menu Start\Programy\Autostart\CCC.lnk ShortcutTarget: CCC.lnk -> C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ATI Technologies Inc.) Startup: C:\Documents and Settings\Gość\Menu Start\Programy\Autostart\CCC.lnk ShortcutTarget: CCC.lnk -> C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ATI Technologies Inc.) BootExecute: autocheck autochk * NaBootMir ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-73048860-3076797083-264437785-500\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.pl/ HKU\S-1-5-21-73048860-3076797083-264437785-500\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-73048860-3076797083-264437785-500 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab Filter: AutorunsDisabled\application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\system32\mscoree.dll [2009-11-07] (Microsoft Corporation) Filter: AutorunsDisabled\application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\system32\mscoree.dll [2009-11-07] (Microsoft Corporation) Filter: AutorunsDisabled\application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\system32\mscoree.dll [2009-11-07] (Microsoft Corporation) Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - No File [] ShellExecuteHooks: - {4F07DA45-8170-4859-9B5F-037EF2970034} - No File [ ] Tcpip\Parameters: [DhcpNameServer] 62.179.1.62 62.179.1.63 FireFox: ======== FF ProfilePath: C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\om5ctyzt.default FF Homepage: https://www.google.pl/ FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation) FF Plugin HKU\S-1-5-21-73048860-3076797083-264437785-500: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll [2014-08-04] (Unity Technologies ApS) FF Extension: 隱私分頁 - C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\om5ctyzt.default\Extensions\privateTab@infocatcher.xpi [2014-08-09] FF Extension: No Name - C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\om5ctyzt.default\Extensions\uBlock0@raymondhill.net.xpi [2015-04-15] FF Extension: Undo Closed Tabs Button - C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\om5ctyzt.default\Extensions\undoclosedtabsbutton@supernova00.biz.xpi [2013-05-19] FF Extension: No Name - C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\om5ctyzt.default\Extensions\{2b10c1c8-a11f-4bad-fe9c-1c11e82cac42}.xpi [2014-12-19] FF Extension: X-notifier - C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\om5ctyzt.default\Extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi [2013-05-19] FF Extension: NoScript - C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\om5ctyzt.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-05-19] FF Extension: No Name - C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\om5ctyzt.default\Extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}.xpi [2013-05-19] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-09-04] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [14336 2008-08-26] (Agere Systems) R2 ASBroker; C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll [74240 2007-02-07] (Cognizance Corporation) [File not signed] R2 ASChannel; C:\Program Files\Hewlett-Packard\IAM\Bin\ASChnl.dll [131584 2006-06-22] (Cognizance Corporation) [File not signed] R2 BRN_EGASEC_SVC; C:\Program Files\Blue Ridge Networks\Edgeguard Solo\EgaSecSvc.exe [139264 2008-03-12] (Blue Ridge Networks (C) 2007-2008) [File not signed] S3 BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [File not signed] S3 btwdins; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [266295 2007-02-06] (Broadcom Corporation.) [File not signed] R2 ERPSvc; C:\Program Files\NoVirusThanks\EXE Radar Pro\ERPSvc.exe [1940304 2015-03-03] (NoVirusThanks Company Srl) S3 getPlusHelper; C:\WINDOWS\System32\svchost.exe [14336 2008-04-14] (Microsoft Corporation) S2 HidServ; C:\WINDOWS\System32\svchost.exe [14336 2008-04-14] (Microsoft Corporation) S3 HpFkCryptService; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [221184 2007-03-29] (SafeBoot International) [File not signed] S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed] S2 MSMQ; C:\WINDOWS\system32\mqsvc.exe [4608 2009-06-22] (Microsoft Corporation) [File not signed] S2 MSMQTriggers; C:\WINDOWS\system32\mqtgsvc.exe [117248 2009-06-22] (Microsoft Corporation) [File not signed] R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [44032 2008-07-18] (Hewlett-Packard) [File not signed] R2 PersFw; C:\Program Files\Kerio\Personal Firewall\persfw.exe [389120 2003-04-30] (Kerio Technologies) [File not signed] R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53760 2008-07-18] (Hewlett-Packard) [File not signed] S4 gswserv; No ImagePath S2 LocalCpa; No ImagePath S3 stllssvr; No ImagePath ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 A2DDA; C:\MOJE PROGRAMY\EEK\BIN\a2ddax86.sys [22056 2014-09-04] (Emsisoft GmbH) S4 abp480n5; C:\WINDOWS\system32\Drivers\abp480n5.sys [23552 2001-08-31] (Microsoft Corporation) R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [43520 2006-07-01] (Advanced Micro Devices) R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49376 2013-05-09] () R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [174664 2013-05-09] () R3 ATSWPDRV; C:\WINDOWS\System32\DRIVERS\ATSwpDrv.sys [140808 2007-04-10] (AuthenTec, Inc.) R3 BCM43XX; C:\WINDOWS\System32\DRIVERS\bcmwl5.sys [604928 2006-11-02] (Broadcom Corporation) R0 BrnFileLock; C:\WINDOWS\System32\Drivers\BrnFilelock.sys [53248 2008-03-25] (Blue Ridge Networks) [File not signed] R3 BTDriver; C:\WINDOWS\System32\DRIVERS\btport.sys [30459 2007-02-14] (Broadcom Corporation.) R3 BTKRNL; C:\WINDOWS\System32\DRIVERS\btkrnl.sys [868298 2007-02-14] (Broadcom Corporation.) R3 btwmodem; C:\WINDOWS\System32\DRIVERS\btwmodem.sys [30285 2007-02-14] (Broadcom Corporation.) R3 BTWUSB; C:\WINDOWS\System32\Drivers\btwusb.sys [67960 2007-02-14] (Broadcom Corporation.) S3 cleanhlp; C:\MOJE PROGRAMY\EEK\BIN\cleanhlp32.sys [50200 2014-09-04] (Emsisoft GmbH) S3 eabfiltr; C:\WINDOWS\System32\DRIVERS\eabfiltr.sys [7808 2005-09-19] (Hewlett-Packard Development Company, L.P.) S3 eabusb; C:\WINDOWS\System32\DRIVERS\eabusb.sys [5760 2005-09-19] (Hewlett-Packard Development Company, L.P.) R1 fwdrv; C:\WINDOWS\System32\Drivers\fwdrv.sys [102912 2002-04-15] () [File not signed] R0 HKDirFlt; C:\WINDOWS\System32\drivers\HKDirFlt.sys [33896 2010-12-13] (Wondershare Software Co.,Ltd) S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2005-10-21] (HP) S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2005-10-21] (HP) S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2005-10-21] (HP) R3 IFXTPM; C:\WINDOWS\System32\DRIVERS\IFXTPM.SYS [36608 2006-09-19] (Infineon Technologies AG) S1 lbrtfdc; C:\WINDOWS\system32\Drivers\lbrtfdc.sys [34688 2008-04-13] (Toshiba Corp.) R0 MirDisk; C:\WINDOWS\System32\drivers\MirDisk.sys [28648 2010-12-13] (Wondershare Software Co.,Ltd) R3 MQAC; C:\WINDOWS\system32\drivers\mqac.sys [91776 2009-06-22] (Microsoft Corporation) [File not signed] S4 Profos; C:\WINDOWS\system32\Drivers\Profos.sys [13056 2010-06-19] () [File not signed] S3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [47632 2013-04-29] (Panda Security, S.L.) S3 Rasirda; C:\WINDOWS\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation) R1 RsvLock; C:\WINDOWS\system32\Drivers\RsvLock.sys [5808 2007-02-07] (SafeBoot International) [File not signed] R0 SafeBoot; C:\WINDOWS\system32\Drivers\SafeBoot.sys [100495 2007-02-07] () [File not signed] R0 SbAlg; C:\WINDOWS\system32\Drivers\SbAlg.sys [44720 2006-10-09] (SafeBoot N.V.) R0 SbFsLock; C:\WINDOWS\system32\Drivers\SbFsLock.sys [13696 2007-03-29] (SafeBoot International) S3 SMCIRDA; C:\WINDOWS\System32\DRIVERS\smcirda.sys [36425 2001-10-26] (SMC) S3 a2acc; No ImagePath S1 ASPI32; No ImagePath S1 Beep; No ImagePath S3 MEMSWEEP2; No ImagePath U5 nvterp; C:\WINDOWS\system32\drivers\nvterp.sys [19064 2015-03-02] (NoVirusThanks Company Srl) U5 nvterpprotect; C:\WINDOWS\system32\drivers\nvterpprotect.sys [13432 2015-01-14] (NoVirusThanks Company Srl) U5 P3; C:\Windows\System32\Drivers\P3.sys [46848 2008-04-14] (Microsoft Corporation) U3 SAAppCtl; No ImagePath U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation) S4 Trufos; No ImagePath U5 UnlockerDriver5; C:\Moje programy\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-16 05:54 - 2015-04-16 05:59 - 00000000 ____D () C:\FRST 2015-04-16 05:45 - 2015-04-16 05:45 - 00000454 _____ () C:\WINDOWS\DtcInstall.log 2015-04-16 05:45 - 2015-04-16 05:45 - 00000193 _____ () C:\WINDOWS\ERP_Driver_Error.log 2015-04-15 21:27 - 2015-04-15 21:27 - 00000841 _____ () C:\WINDOWS\WindowsUpdate.log 2015-04-09 06:17 - 2015-04-09 06:17 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2015-04-09 06:07 - 2015-04-09 06:07 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\NoVirusThanks 2015-04-09 06:07 - 2015-03-02 13:32 - 00019064 _____ (NoVirusThanks Company Srl) C:\WINDOWS\system32\Drivers\nvterp.sys 2015-04-09 06:07 - 2015-01-14 01:09 - 00013432 _____ (NoVirusThanks Company Srl) C:\WINDOWS\system32\Drivers\nvterpprotect.sys 2015-03-26 22:18 - 2015-03-26 22:18 - 00000000 ____D () C:\Program Files\Foolish IT ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-16 05:59 - 2014-04-10 21:24 - 00000000 ____D () C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp 2015-04-16 05:45 - 2014-12-14 16:23 - 00000471 _____ () C:\WINDOWS\wiadebug.log 2015-04-16 05:45 - 2014-12-14 16:23 - 00000050 _____ () C:\WINDOWS\wiaservc.log 2015-04-16 05:45 - 2004-09-20 08:24 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2015-04-16 05:45 - 2004-09-20 08:23 - 00001158 _____ () C:\WINDOWS\system32\wpa.dbl 2015-04-15 21:27 - 2008-11-23 12:21 - 00032530 _____ () C:\WINDOWS\Tasks\SCHEDLGU.TXT 2015-04-15 21:27 - 2008-08-02 16:31 - 00000000 ____D () C:\Documents and Settings\Administrator 2015-04-15 19:01 - 2014-10-28 19:44 - 00000000 ____D () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Adobe 2015-04-15 19:01 - 2013-07-23 19:57 - 00000930 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-04-15 19:01 - 2012-05-04 13:51 - 00778416 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2015-04-15 19:01 - 2011-08-16 15:14 - 00142512 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2015-04-15 18:45 - 2008-08-02 16:31 - 00000000 ___HD () C:\Documents and Settings\Administrator\Ustawienia lokalne 2015-04-15 18:17 - 2011-04-18 19:55 - 00000000 ____D () C:\Documents and Settings\Administrator\Dane aplikacji\XnView 2015-04-15 07:15 - 2014-09-01 21:23 - 00015600 _____ () C:\WINDOWS\BRRBCOM.INI 2015-04-09 07:32 - 2008-08-02 17:54 - 00000000 ___RD () C:\Documents and Settings\Administrator\Pulpit\Narzędzia 2015-04-09 07:32 - 2008-08-02 16:31 - 00000000 ____D () C:\Documents and Settings\Administrator\Pulpit 2015-04-09 06:56 - 2012-05-04 13:47 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2015-04-09 06:07 - 2008-08-02 16:31 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy 2015-03-26 22:26 - 2008-09-13 11:15 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Własne narzędzia 2015-03-26 22:24 - 2009-09-05 13:39 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit 2015-03-26 22:23 - 2008-08-02 16:31 - 00000000 __RHD () C:\Documents and Settings\Administrator\Dane aplikacji 2015-03-20 11:02 - 2008-10-12 17:18 - 00000000 ____D () C:\Documents and Settings\Administrator\Menu Start\Programy\Własne narzędzia 2015-03-20 11:02 - 2008-08-02 16:31 - 00000000 ___RD () C:\Documents and Settings\Administrator\Menu Start\Programy 2015-03-20 02:04 - 2008-08-02 16:12 - 00000000 ____D () C:\Moje programy 2015-03-20 00:46 - 2008-08-02 16:31 - 00000000 ___HD () C:\Documents and Settings\All Users\Dane aplikacji 2015-03-20 00:46 - 2008-08-02 16:31 - 00000000 ___HD () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji 2015-03-19 22:21 - 2014-11-30 11:30 - 00000387 _____ () C:\Documents and Settings\Administrator\EdgeGuardSoloAppList.txt 2015-03-19 21:54 - 2011-12-17 05:16 - 00000000 __SHD () C:\Documents and Settings\Administrator\UserData 2015-03-19 21:43 - 2014-04-09 16:56 - 00000000 ____D () C:\Program Files\NoVirusThanks ==================== Files in the root of some directories ======= 2012-09-02 08:15 - 2012-09-02 08:15 - 0001966 _____ () C:\Documents and Settings\Administrator\Dane aplikacji\PatchUpdate_HP_CounterReport_Update_HPSU.log 2012-09-02 08:15 - 2012-09-02 08:16 - 0001509 _____ () C:\Documents and Settings\Administrator\Dane aplikacji\PatchUpdate_InstantShareJPG.log 2012-09-02 08:15 - 2012-09-02 08:15 - 0002878 _____ () C:\Documents and Settings\Administrator\Dane aplikacji\Update_HP_RedboxHprblog_HPSU.log 2007-07-28 01:51 - 2007-07-28 01:51 - 0000000 _____ () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\AtStart.txt 2013-07-12 17:04 - 2013-07-12 17:46 - 0020480 _____ () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2007-07-28 00:56 - 2007-07-28 00:56 - 0000138 _____ () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\fusioncache.dat ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================