Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-07-2013 Ran by GK (administrator) on 06-07-2013 11:31:28 Running from G:\Moje dokumenty\Downloads Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polish Internet Explorer Version 8 Boot Mode: Normal ==================== Processes (Whitelisted) =================== (ATI Technologies Inc.) F:\WINDOWS\system32\Ati2evxx.exe (AVAST Software) F:\Program Files\AVAST Software\Avast\AvastSvc.exe (ATI Technologies Inc.) F:\WINDOWS\system32\Ati2evxx.exe (SafeNet Inc.) F:\WINDOWS\system32\hasplms.exe (Oracle Corporation) F:\Program Files\Java\jre7\bin\jqs.exe (Hewlett-Packard Company) F:\Program Files\Common Files\LightScribe\LSSrvc.exe () F:\Documents and Settings\All Users\Dane aplikacji\MobileBrServ\mbbservice.exe (Microsoft Corporation) F:\Program Files\Microsoft SQL Server\MSSQL10_50.INSERTGT\MSSQL\Binn\sqlservr.exe (Skype Technologies S.A.) F:\Documents and Settings\All Users\Dane aplikacji\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Microsoft Corporation) F:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) F:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Macrovision) F:\PROGRA~1\MONITO~1\monitor.exe (Sun Microsystems, Inc.) F:\Program Files\MonitorSoftware\jre\bin\javaw.exe (Realtek Semiconductor Corp.) F:\WINDOWS\RTHDCPL.EXE (AVAST Software) F:\Program Files\AVAST Software\Avast\avastUI.exe (Citrix Systems, Inc.) F:\Program Files\Citrix\ICA Client\concentr.exe (Macrovision) F:\Program Files\MonitorSoftware\UPSMS.exe (Microsoft Corporation) F:\Program Files\Microsoft IntelliType Pro\itype.exe (Citrix Systems, Inc.) F:\Program Files\Citrix\ICA Client\wfcrun32.exe (Oracle Corporation) F:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) F:\Program Files\MonitorSoftware\jre\bin\javaw.exe (Macrovision) F:\PROGRA~1\MONITO~1\wpRMI.exe (Akamai Technologies, Inc.) F:\Documents and Settings\GK\Ustawienia lokalne\Dane aplikacji\Akamai\netsession_win.exe (Samsung) F:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung) F:\Program Files\Samsung\Kies\Kies.exe (Sun Microsystems, Inc.) F:\Program Files\MonitorSoftware\jre\bin\javaw.exe (Microsoft Corporation) F:\WINDOWS\system32\wscntfy.exe (Akamai Technologies, Inc.) F:\Documents and Settings\GK\Ustawienia lokalne\Dane aplikacji\Akamai\netsession_win.exe (TheBestWare Studio) F:\Program Files\RadioSure\RadioSure.exe (Google Inc.) F:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) F:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) F:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) F:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDCPL] RTHDCPL.EXE [x] HKLM\...\Run: [avast] "F:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [x] HKLM\...\Run: [ConnectionCenter] "F:\Program Files\Citrix\ICA Client\concentr.exe" /startup [x] HKLM\...\Run: [UPSMS] F:\Program Files\MonitorSoftware\UPSMS.exe [x] HKLM\...\Run: [itype] "F:\Program Files\Microsoft IntelliType Pro\itype.exe" [x] HKLM\...\Run: [QuickTime Task] "F:\Program Files\QuickTime\QTTask.exe" -atboottime [x] HKLM\...\Run: [SunJavaUpdateSched] "F:\Program Files\Common Files\Java\Java Update\jusched.exe" [x] HKLM\...\Winlogon: [Userinit] F:\WINDOWS\system32\userinit.exe, [x] Winlogon\Notify\AtiExtEvent: Ati2evxx.dll (ATI Technologies Inc.) HKCU\...\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe [x] HKCU\...\Run: [Akamai NetSession Interface] "F:\Documents and Settings\GK\Ustawienia lokalne\Dane aplikacji\Akamai\netsession_win.exe" [x] HKCU\...\Run: [] F:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [x] HKCU\...\Run: [KiesAirMessage] F:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup [x] HKCU\...\Run: [KiesPreload] F:\Program Files\Samsung\Kies\Kies.exe /preload [x] MountPoints2: {bd00720f-41e1-11e2-929f-000fea5b57a7} - C:\Install_Nokia_Ovi_Suite.exe MountPoints2: {da6953a4-bc7e-11e1-9187-000fea5b57a7} - C:\./MI.exe HKU\Administrator\...\Run: [ChomikBox] F:\Program Files\ChomikBox\chomikbox.exe [ 2012-12-29] ( ) BootExecute: autocheck autochk * sdnclean.exe ==================== Internet (Whitelisted) ==================== ProxyServer: localhost:8080 HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM SearchScopes: DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} HKCU SearchScopes: DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - F:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - F:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - F:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) Toolbar: HKCU -&Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - F:\Windows\System32\browseui.dll (Microsoft Corporation) Toolbar: HKCU -&Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - F:\Windows\system32\SHELL32.dll (Microsoft Corporation) DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1363517296921 DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: ipp - No CLSID Value - Handler: msdaipp - No CLSID Value - Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - F:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - F:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - F:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - F:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 ========================== Services (Whitelisted) ================= R2 avast! Antivirus; F:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software) R2 hasplms; F:\WINDOWS\system32\hasplms.exe [4889032 2011-12-30] (SafeNet Inc.) R2 Mobile Broadband HL Service; F:\Documents and Settings\All Users\Dane aplikacji\MobileBrServ\mbbservice.exe [232288 2012-03-12] () R2 MSSQL$INSERTGT; F:\Program Files\Microsoft SQL Server\MSSQL10_50.INSERTGT\MSSQL\Binn\sqlservr.exe [42884448 2010-04-03] (Microsoft Corporation) S4 MSSQLServerADHelper100; F:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [44896 2010-04-03] (Microsoft Corporation) R2 Skype C2C Service; F:\Documents and Settings\All Users\Dane aplikacji\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.) S4 SQLAgent$INSERTGT; F:\Program Files\Microsoft SQL Server\MSSQL10_50.INSERTGT\MSSQL\Binn\SQLAGENT.EXE [367456 2010-04-03] (Microsoft Corporation) S3 UPSmanager; F:\PROGRA~1\MONITO~1\manager.exe [114688 2012-04-06] (Macrovision) R2 UPSmonitor; F:\PROGRA~1\MONITO~1\monitor.exe [114688 2012-04-06] (Macrovision) R3 UPSRMI; F:\PROGRA~1\MONITO~1\wpRMI.exe [114688 2012-04-06] (Macrovision) R2 JavaQuickStarterService; "F:\Program Files\Java\jre7\bin\jqs.exe" -service -config "F:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf" [x] ==================== Drivers (Whitelisted) ==================== R2 aksfridge; F:\WINDOWS\system32\drivers\aksfridge.sys [367560 2011-10-04] (SafeNet Inc.) S3 Ambfilt; F:\Windows\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative) R2 aswFsBlk; F:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-05-09] (AVAST Software) R2 aswMonFlt; F:\WINDOWS\system32\drivers\aswMonFlt.sys [66336 2013-05-09] (AVAST Software) R1 aswRdr; F:\Windows\System32\Drivers\aswRdr.sys [49760 2013-05-09] (AVAST Software) R0 aswRvrt; F:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-05-09] () R1 aswSnx; F:\Windows\System32\Drivers\aswSnx.sys [770344 2013-06-27] (AVAST Software) R1 aswSP; F:\Windows\System32\Drivers\aswSP.sys [369584 2013-06-27] (AVAST Software) R1 aswTdi; F:\Windows\System32\Drivers\aswTdi.sys [56080 2013-05-09] (AVAST Software) R0 aswVmm; F:\Windows\System32\Drivers\aswVmm.sys [175176 2013-06-27] () R3 ati2mtag; F:\Windows\System32\DRIVERS\ati2mtag.sys [3565056 2010-02-11] (ATI Technologies Inc.) R2 atksgt; F:\Windows\System32\DRIVERS\atksgt.sys [281760 2012-03-07] () R1 cdrblock; F:\Windows\System32\DRIVERS\cdrblock.sys [27704 2008-05-30] (Canopus Co,. Ltd.) S3 dgderdrv; F:\Windows\System32\drivers\dgderdrv.sys [20032 2013-04-18] (Devguru Co., Ltd) R1 eusk2par; F:\WINDOWS\system32\Drivers\eusk2par.sys [25680 2008-12-18] (Aladdin Knowledge Systems Ltd.) S3 FcSerial; F:\Windows\System32\DRIVERS\FcSerial.sys [190976 2012-08-28] (Flash Card.) R2 hardlock; F:\WINDOWS\system32\drivers\hardlock.sys [596424 2011-08-10] (SafeNet Inc.) R3 HDAudBus; F:\Windows\System32\DRIVERS\HDAudBus.sys [144384 2008-04-13] (Windows (R) Server 2003 DDK provider) S3 huawei_cdcacm; F:\Windows\System32\DRIVERS\ew_jucdcacm.sys [95616 2012-08-21] (Huawei Technologies Co., Ltd.) R2 lirsgt; F:\Windows\System32\DRIVERS\lirsgt.sys [25888 2012-03-07] () S3 Monfilt; F:\Windows\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.) S3 nmwcdnsu; F:\Windows\System32\drivers\nmwcdnsu.sys [137600 2011-11-01] (Nokia) S3 nmwcdnsuc; F:\Windows\System32\drivers\nmwcdnsuc.sys [8576 2011-11-01] (Nokia) R2 NwlnkIpx; F:\Windows\System32\DRIVERS\nwlnkipx.sys [88320 2008-04-14] (Microsoft Corporation) R2 NwlnkNb; F:\Windows\System32\DRIVERS\nwlnknb.sys [63232 2003-04-16] (Microsoft Corporation) R2 NwlnkSpx; F:\Windows\System32\DRIVERS\nwlnkspx.sys [55936 2003-04-16] (Microsoft Corporation) S3 pneteth; F:\Windows\System32\DRIVERS\pneteth.sys [13312 2011-07-19] (June Fabrics Technology Inc.) S4 RsFx0150; F:\Windows\System32\DRIVERS\RsFx0150.sys [240608 2010-04-03] (Microsoft Corporation) R3 RTLE8023xp; F:\Windows\System32\DRIVERS\Rtenicxp.sys [83200 2006-08-14] (Realtek Semiconductor Corporation ) R0 sfvfs02; F:\Windows\System32\drivers\sfvfs02.sys [63488 2005-11-03] (Protection Technology) S4 IntelIde; No ImagePath S1 SydexFDD; system32\drives\sydexfdd.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-07-06 11:30 - 2013-07-06 11:30 - 00000000 ____D F:\FRST 2013-07-06 10:31 - 2013-07-06 10:31 - 00006790 ____A F:\Windows\FaxSetup.log 2013-07-06 10:31 - 2013-07-06 10:31 - 00006553 ____A F:\Windows\iis6.log 2013-07-06 10:31 - 2013-07-06 10:31 - 00005684 ____A F:\Windows\ocgen.log 2013-07-06 10:31 - 2013-07-06 10:31 - 00004599 ____A F:\Windows\tsoc.log 2013-07-06 10:31 - 2013-07-06 10:31 - 00002503 ____A F:\Windows\comsetup.log 2013-07-06 10:31 - 2013-07-06 10:31 - 00001891 ____A F:\Windows\imsins.log 2013-07-06 10:31 - 2013-07-06 10:31 - 00001876 ____A F:\Windows\msmqinst.log 2013-07-06 10:31 - 2013-07-06 10:31 - 00001809 ____A F:\Windows\ntdtcsetup.log 2013-07-06 10:31 - 2013-07-06 10:31 - 00001592 ____A F:\Windows\netfxocm.log 2013-07-06 10:31 - 2013-07-06 10:31 - 00000719 ____A F:\Windows\MedCtrOC.log 2013-07-06 10:31 - 2013-07-06 10:31 - 00000469 ____A F:\Windows\ocmsn.log 2013-07-06 10:31 - 2013-07-06 10:31 - 00000430 ____A F:\Windows\msgsocm.log 2013-07-06 10:31 - 2013-07-06 10:31 - 00000319 ____A F:\Windows\tabletoc.log 2013-07-06 10:31 - 2013-07-06 10:31 - 00000000 ____A F:\Windows\setuperr.log 2013-07-06 10:31 - 2013-07-06 10:31 - 00000000 ____A F:\Windows\setupact.log 2013-07-06 09:56 - 2013-07-06 09:57 - 00001342 ____A F:\AdwCleaner[R5].txt 2013-07-06 09:50 - 2013-07-06 09:50 - 00005146 ____A F:\cc_20130706_095019.reg 2013-07-06 09:47 - 2013-07-06 09:47 - 00000000 ____D F:\Windows\CSC 2013-07-06 09:44 - 2013-07-06 09:46 - 00001360 ____A F:\AdwCleaner[R4].txt 2013-07-06 09:36 - 2013-07-06 09:37 - 00001300 ____A F:\AdwCleaner[S3].txt 2013-07-06 09:36 - 2013-07-06 09:36 - 00001239 ____A F:\AdwCleaner[R3].txt 2013-07-06 09:19 - 2013-07-06 09:19 - 00000079 ____A F:\Windows\wininit.ini 2013-07-06 09:08 - 2013-07-06 09:08 - 00003772 ____A F:\AdwCleaner[S2].txt 2013-07-06 09:07 - 2013-07-06 09:07 - 00003764 ____A F:\AdwCleaner[R2].txt 2013-07-06 09:05 - 2003-04-16 14:00 - 00000742 ____A F:\Windows\System32\Drivers\etc\hosts.20130706-090515.backup 2013-07-06 08:50 - 2013-07-06 09:20 - 00000000 ____D F:\Program Files\Spybot - Search & Destroy 2 2013-07-06 08:50 - 2013-07-06 09:19 - 00065536 ____A F:\Windows\System32\config\SpybotSD.evt 2013-06-27 22:24 - 2013-06-27 22:24 - 00000175 ____A F:\Windows\System32\Drivers\aswVmm.sys.sum 2013-06-27 18:34 - 2013-06-27 18:34 - 00263592 ____A (Oracle Corporation) F:\Windows\System32\javaws.exe 2013-06-27 18:34 - 2013-06-27 18:34 - 00175016 ____A (Oracle Corporation) F:\Windows\System32\javaw.exe 2013-06-27 18:34 - 2013-06-27 18:34 - 00175016 ____A (Oracle Corporation) F:\Windows\System32\java.exe 2013-06-27 18:34 - 2013-06-27 18:34 - 00144896 ____A (Oracle Corporation) F:\Windows\System32\javacpl.cpl 2013-06-27 18:34 - 2013-06-27 18:34 - 00094632 ____A (Oracle Corporation) F:\Windows\System32\WindowsAccessBridge.dll 2013-06-27 18:34 - 2013-06-27 18:34 - 00000000 ____D F:\Program Files\Common Files\Java 2013-06-27 06:19 - 2013-06-27 22:24 - 00000175 ____A F:\Windows\System32\Drivers\aswSP.sys.sum 2013-06-27 06:19 - 2013-06-27 22:24 - 00000175 ____A F:\Windows\System32\Drivers\aswSnx.sys.sum 2013-06-25 20:44 - 2013-06-25 20:45 - 00000000 ____D F:\Program Files\Mozilla Thunderbird 2013-06-23 10:11 - 2013-06-23 10:11 - 00000000 ____D F:\Program Files\MarkAny 2013-06-22 20:03 - 2013-06-22 20:03 - 00000000 ____D F:\Program Files\Notepad++ 2013-06-22 20:00 - 2013-06-22 20:00 - 00000000 __SHD F:\Windows\ftpcache 2013-06-18 21:58 - 2013-06-18 21:58 - 00000000 ____D F:\Program Files\IrfanView 2013-06-18 07:34 - 2013-06-18 07:34 - 18049946 ____A F:\Windows\System32\Colorland.pl_Easy Color Basic 2.0_uninstaller.exe 2013-06-18 07:34 - 2013-06-18 07:34 - 00000000 ____D F:\Program Files\EasyColor_Basic_2_0 2013-06-18 07:34 - 2013-06-18 07:34 - 00000000 ____D F:\Colorland 2013-06-18 07:14 - 2013-06-18 07:14 - 00000000 __SHD F:\Documents and Settings\Administrator\IETldCache 2013-06-18 07:13 - 2013-06-23 11:28 - 00000000 ____D F:\Program Files\EasyColor Foto 2013-06-16 16:19 - 2013-06-16 16:19 - 00000000 ____D F:\Program Files\QuickTime 2013-06-16 16:18 - 2008-06-26 02:00 - 00086016 ____A (Canopus Co., Ltd.) F:\Windows\System32\cuvccodc.dll 2013-06-16 16:18 - 2008-03-06 11:25 - 00671815 ____A (Canopus Co., Ltd.) F:\Windows\System32\csehqa.dll 2013-06-16 16:18 - 2008-03-06 11:25 - 00372736 ____A (Canopus Co., Ltd.) F:\Windows\System32\cmiccodc.dll 2013-06-16 16:18 - 2008-03-06 11:25 - 00258048 ____A (Canopus Co., Ltd.) F:\Windows\System32\cllccodc.dll 2013-06-16 16:18 - 2008-03-06 11:25 - 00122961 ____A (Canopus Co., Ltd.) F:\Windows\System32\csellc.dll 2013-06-16 16:18 - 2008-03-06 11:25 - 00069632 ____A (Canopus Co., Ltd.) F:\Windows\System32\cdvhcodc.dll 2013-06-16 16:18 - 2008-03-06 11:25 - 00069632 ____A (Canopus Co., Ltd.) F:\Windows\System32\cdvccodc.dll 2013-06-16 16:18 - 2008-03-06 11:25 - 00069632 ____A (Canopus Co., Ltd.) F:\Windows\System32\cdv5codc.dll 2013-06-16 16:18 - 2002-12-02 10:42 - 00049152 ____A (Canopus Co., Ltd.) F:\Windows\System32\cvpcdvc.dll 2013-06-16 16:18 - 2002-06-29 07:41 - 00385108 ____A (Canopus Co., Ltd.) F:\Windows\System32\csedv.dll 2013-06-16 16:18 - 2002-05-29 10:20 - 00159832 ____A (Canopus Co., Ltd.) F:\Windows\System32\csccdvc.dll 2013-06-16 16:18 - 2002-05-29 10:20 - 00147456 ____A (Canopus Co., Ltd.) F:\Windows\System32\csccdvcx.dll 2013-06-16 16:18 - 1999-09-24 05:10 - 00022528 ____A (Canopus Corporation) F:\Windows\System32\csthread.dll 2013-06-16 16:17 - 2013-06-16 16:18 - 00000000 ____D F:\Program Files\Common Files\Canopus Shared 2013-06-16 16:17 - 2008-03-06 11:25 - 01085520 ____A (Canopus Co., Ltd.) F:\Windows\System32\csedvh.dll 2013-06-16 16:17 - 2008-03-06 11:25 - 00798801 ____A (Canopus Co., Ltd.) F:\Windows\System32\cseuvec.dll 2013-06-16 16:17 - 2008-03-06 11:25 - 00122880 ____A (Canopus Co., Ltd.) F:\Windows\System32\icmpeg2.dll 2013-06-16 16:12 - 2013-06-16 16:12 - 00000000 ____A F:\Windows\canopus.ini 2013-06-16 15:48 - 2013-06-16 15:48 - 00000033 ____A F:\Windows\System32\cnpsedufet5a.EXT 2013-06-16 15:47 - 2008-05-30 14:13 - 00027704 ____A (Canopus Co,. Ltd.) F:\Windows\System32\Drivers\cdrblock.sys 2013-06-16 15:44 - 2003-11-21 16:48 - 00049152 ____A (Microsoft Corporation) F:\Windows\System32\MFC71JPN.DLL 2013-06-16 15:44 - 2003-03-19 14:20 - 01060864 ____A (Microsoft Corporation) F:\Windows\System32\MFC71.dll 2013-06-16 15:44 - 2003-03-19 14:12 - 01047552 ____A (Microsoft Corporation) F:\Windows\System32\MFC71u.dll 2013-06-16 15:44 - 2003-03-19 13:44 - 00065536 ____A (Microsoft Corporation) F:\Windows\System32\MFC71DEU.DLL 2013-06-16 15:44 - 2003-03-19 13:44 - 00061440 ____A (Microsoft Corporation) F:\Windows\System32\MFC71ITA.DLL 2013-06-16 15:44 - 2003-03-19 13:44 - 00061440 ____A (Microsoft Corporation) F:\Windows\System32\MFC71FRA.DLL 2013-06-16 15:44 - 2003-03-19 13:44 - 00057344 ____A (Microsoft Corporation) F:\Windows\System32\MFC71ENU.DLL 2013-06-16 15:44 - 2003-03-18 21:44 - 00045056 ____A (Microsoft Corporation) F:\Windows\System32\MFC71CHT.DLL 2013-06-16 15:44 - 2003-03-18 21:44 - 00040960 ____A (Microsoft Corporation) F:\Windows\System32\MFC71CHS.DLL 2013-06-16 15:43 - 2008-05-15 02:00 - 00942080 ____N (Canopus Co., Ltd.) F:\Windows\System32\pavplal.dll 2013-06-16 15:43 - 2008-05-15 02:00 - 00065536 ____N F:\Windows\System32\pavedius5db.dll 2013-06-16 15:43 - 2008-05-15 02:00 - 00065536 ____N F:\Windows\System32\pavedius.dll 2013-06-16 15:43 - 2008-03-18 08:04 - 00462848 ____N (Canopus Co., Ltd.) F:\Windows\System32\pavapi.dll 2013-06-16 15:43 - 2008-03-18 08:04 - 00006656 ____N (Canopus Co., Ltd.) F:\Windows\System32\paveno.dll 2013-06-16 15:43 - 2003-03-19 13:14 - 00499712 ____N (Microsoft Corporation) F:\Windows\System32\msvcp71.dll 2013-06-15 11:00 - 2013-06-15 11:00 - 00000000 ____D F:\Windows\pss 2013-06-15 10:02 - 2013-07-06 08:19 - 00000000 ____D F:\Program Files\CCleaner 2013-06-15 10:02 - 2013-06-15 10:02 - 00000000 ____D F:\Program Files\VS Revo Group ==================== One Month Modified Files and Folders ======== 2013-07-06 11:30 - 2013-07-06 11:30 - 00000000 ____D F:\FRST 2013-07-06 10:54 - 2011-12-02 20:52 - 00000000 ____D F:\Documents and Settings\GK\Pulpit 2013-07-06 10:51 - 2012-02-25 21:15 - 00001036 ____A F:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-07-06 10:37 - 2011-12-02 20:52 - 00000000 ___RD F:\Documents and Settings\GK\Ulubione 2013-07-06 10:32 - 2011-12-02 21:53 - 01130770 ____A F:\Windows\WindowsUpdate.log 2013-07-06 10:31 - 2013-07-06 10:31 - 00006790 ____A F:\Windows\FaxSetup.log 2013-07-06 10:31 - 2013-07-06 10:31 - 00006553 ____A F:\Windows\iis6.log 2013-07-06 10:31 - 2013-07-06 10:31 - 00005684 ____A F:\Windows\ocgen.log 2013-07-06 10:31 - 2013-07-06 10:31 - 00004599 ____A F:\Windows\tsoc.log 2013-07-06 10:31 - 2013-07-06 10:31 - 00002503 ____A F:\Windows\comsetup.log 2013-07-06 10:31 - 2013-07-06 10:31 - 00001891 ____A F:\Windows\imsins.log 2013-07-06 10:31 - 2013-07-06 10:31 - 00001876 ____A F:\Windows\msmqinst.log 2013-07-06 10:31 - 2013-07-06 10:31 - 00001809 ____A F:\Windows\ntdtcsetup.log 2013-07-06 10:31 - 2013-07-06 10:31 - 00001592 ____A F:\Windows\netfxocm.log 2013-07-06 10:31 - 2013-07-06 10:31 - 00000719 ____A F:\Windows\MedCtrOC.log 2013-07-06 10:31 - 2013-07-06 10:31 - 00000469 ____A F:\Windows\ocmsn.log 2013-07-06 10:31 - 2013-07-06 10:31 - 00000430 ____A F:\Windows\msgsocm.log 2013-07-06 10:31 - 2013-07-06 10:31 - 00000319 ____A F:\Windows\tabletoc.log 2013-07-06 10:31 - 2013-07-06 10:31 - 00000000 ____A F:\Windows\setuperr.log 2013-07-06 10:31 - 2013-07-06 10:31 - 00000000 ____A F:\Windows\setupact.log 2013-07-06 09:57 - 2013-07-06 09:56 - 00001342 ____A F:\AdwCleaner[R5].txt 2013-07-06 09:52 - 2012-07-08 12:27 - 00000364 ___AH F:\Windows\Tasks\avast! Emergency Update.job 2013-07-06 09:52 - 2012-02-25 21:15 - 00001032 ____A F:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-07-06 09:52 - 2011-12-02 20:39 - 00000159 ____N F:\Windows\wiadebug.log 2013-07-06 09:52 - 2011-12-02 20:39 - 00000050 ____N F:\Windows\wiaservc.log 2013-07-06 09:51 - 2011-12-02 20:44 - 00000006 ___AH F:\Windows\Tasks\SA.DAT 2013-07-06 09:50 - 2013-07-06 09:50 - 00005146 ____A F:\cc_20130706_095019.reg 2013-07-06 09:50 - 2011-12-02 21:42 - 00000188 __ASH F:\Documents and Settings\Administrator\ntuser.ini 2013-07-06 09:49 - 2011-12-02 20:37 - 00000000 __RHD F:\Documents and Settings\All Users\Dane aplikacji 2013-07-06 09:47 - 2013-07-06 09:47 - 00000000 ____D F:\Windows\CSC 2013-07-06 09:46 - 2013-07-06 09:44 - 00001360 ____A F:\AdwCleaner[R4].txt 2013-07-06 09:46 - 2011-12-02 20:52 - 00000188 ___SH F:\Documents and Settings\GK\ntuser.ini 2013-07-06 09:46 - 2011-12-02 20:48 - 00032462 ____N F:\Windows\SchedLgU.Txt 2013-07-06 09:37 - 2013-07-06 09:36 - 00001300 ____A F:\AdwCleaner[S3].txt 2013-07-06 09:36 - 2013-07-06 09:36 - 00001239 ____A F:\AdwCleaner[R3].txt 2013-07-06 09:20 - 2013-07-06 08:50 - 00000000 ____D F:\Program Files\Spybot - Search & Destroy 2 2013-07-06 09:19 - 2013-07-06 09:19 - 00000079 ____A F:\Windows\wininit.ini 2013-07-06 09:19 - 2013-07-06 08:50 - 00065536 ____A F:\Windows\System32\config\SpybotSD.evt 2013-07-06 09:15 - 2011-12-02 21:36 - 00000243 __RSH F:\boot.ini 2013-07-06 09:08 - 2013-07-06 09:08 - 00003772 ____A F:\AdwCleaner[S2].txt 2013-07-06 09:08 - 2011-12-02 20:52 - 00000000 __RHD F:\Documents and Settings\GK\Dane aplikacji 2013-07-06 09:07 - 2013-07-06 09:07 - 00003764 ____A F:\AdwCleaner[R2].txt 2013-07-06 09:00 - 2011-12-02 20:38 - 00000000 ____D F:\Documents and Settings\All Users\Pulpit 2013-07-06 08:56 - 2012-04-06 20:10 - 00000000 ____D F:\Program Files\MonitorSoftware 2013-07-06 08:19 - 2013-06-15 10:02 - 00000000 ____D F:\Program Files\CCleaner 2013-07-05 19:53 - 2003-04-16 14:00 - 00002422 ____A F:\Windows\System32\wpa.dbl 2013-06-29 22:33 - 2012-05-29 18:11 - 00000000 ____D F:\Documents and Settings\GK\.gstreamer-0.10 2013-06-29 10:55 - 2012-04-13 18:29 - 00692104 ____A (Adobe Systems Incorporated) F:\Windows\System32\FlashPlayerApp.exe 2013-06-29 10:55 - 2012-01-12 07:52 - 00071048 ____A (Adobe Systems Incorporated) F:\Windows\System32\FlashPlayerCPLApp.cpl 2013-06-29 08:56 - 2012-01-19 20:51 - 00000116 ____A F:\Windows\NeroDigital.ini 2013-06-27 22:24 - 2013-06-27 22:24 - 00000175 ____A F:\Windows\System32\Drivers\aswVmm.sys.sum 2013-06-27 22:24 - 2013-06-27 06:19 - 00000175 ____A F:\Windows\System32\Drivers\aswSP.sys.sum 2013-06-27 22:24 - 2013-06-27 06:19 - 00000175 ____A F:\Windows\System32\Drivers\aswSnx.sys.sum 2013-06-27 22:24 - 2013-03-13 20:07 - 00175176 ____A F:\Windows\System32\Drivers\aswVmm.sys 2013-06-27 22:24 - 2011-12-02 22:25 - 00770344 ____A (AVAST Software) F:\Windows\System32\Drivers\aswSnx.sys 2013-06-27 22:24 - 2011-12-02 22:25 - 00369584 ____A (AVAST Software) F:\Windows\System32\Drivers\aswSP.sys 2013-06-27 18:34 - 2013-06-27 18:34 - 00263592 ____A (Oracle Corporation) F:\Windows\System32\javaws.exe 2013-06-27 18:34 - 2013-06-27 18:34 - 00175016 ____A (Oracle Corporation) F:\Windows\System32\javaw.exe 2013-06-27 18:34 - 2013-06-27 18:34 - 00175016 ____A (Oracle Corporation) F:\Windows\System32\java.exe 2013-06-27 18:34 - 2013-06-27 18:34 - 00144896 ____A (Oracle Corporation) F:\Windows\System32\javacpl.cpl 2013-06-27 18:34 - 2013-06-27 18:34 - 00094632 ____A (Oracle Corporation) F:\Windows\System32\WindowsAccessBridge.dll 2013-06-27 18:34 - 2013-06-27 18:34 - 00000000 ____D F:\Program Files\Common Files\Java 2013-06-27 18:34 - 2012-06-24 10:15 - 00867240 ____A (Oracle Corporation) F:\Windows\System32\npdeployJava1.dll 2013-06-27 18:34 - 2011-12-04 13:09 - 00789416 ____A (Oracle Corporation) F:\Windows\System32\deployJava1.dll 2013-06-27 18:33 - 2011-12-02 20:38 - 01437914 ____A F:\Windows\System32\PerfStringBackup.INI 2013-06-27 18:33 - 2003-04-16 14:00 - 00621036 ____A F:\Windows\System32\perfh015.dat 2013-06-27 18:33 - 2003-04-16 14:00 - 00128900 ____A F:\Windows\System32\perfc015.dat 2013-06-25 21:12 - 2013-01-08 23:18 - 00000000 ____D F:\Program Files\Mozilla Maintenance Service 2013-06-25 20:45 - 2013-06-25 20:44 - 00000000 ____D F:\Program Files\Mozilla Thunderbird 2013-06-23 11:28 - 2013-06-18 07:13 - 00000000 ____D F:\Program Files\EasyColor Foto 2013-06-23 10:45 - 2012-04-07 10:56 - 00045934 ____A F:\Windows\php.ini 2013-06-23 10:42 - 2011-12-17 22:51 - 00000000 ____D F:\Windows\Microsoft.NET 2013-06-23 10:16 - 2011-12-02 20:38 - 00000000 ___RD F:\Documents and Settings\All Users\Dokumenty 2013-06-23 10:15 - 2013-05-17 22:15 - 00000000 ____D F:\Program Files\Samsung 2013-06-23 10:15 - 2011-12-02 20:56 - 00000000 ___HD F:\Program Files\InstallShield Installation Information 2013-06-23 10:11 - 2013-06-23 10:11 - 00000000 ____D F:\Program Files\MarkAny 2013-06-22 20:03 - 2013-06-22 20:03 - 00000000 ____D F:\Program Files\Notepad++ 2013-06-22 20:02 - 2011-12-02 20:52 - 00000000 ___RD F:\Documents and Settings\GK\Menu Start 2013-06-22 20:00 - 2013-06-22 20:00 - 00000000 __SHD F:\Windows\ftpcache 2013-06-19 19:47 - 2011-12-04 22:48 - 00000000 ____D F:\Program Files\JDownloader 2013-06-18 21:58 - 2013-06-18 21:58 - 00000000 ____D F:\Program Files\IrfanView 2013-06-18 07:34 - 2013-06-18 07:34 - 18049946 ____A F:\Windows\System32\Colorland.pl_Easy Color Basic 2.0_uninstaller.exe 2013-06-18 07:34 - 2013-06-18 07:34 - 00000000 ____D F:\Program Files\EasyColor_Basic_2_0 2013-06-18 07:34 - 2013-06-18 07:34 - 00000000 ____D F:\Colorland 2013-06-18 07:14 - 2013-06-18 07:14 - 00000000 __SHD F:\Documents and Settings\Administrator\IETldCache 2013-06-16 16:19 - 2013-06-16 16:19 - 00000000 ____D F:\Program Files\QuickTime 2013-06-16 16:18 - 2013-06-16 16:17 - 00000000 ____D F:\Program Files\Common Files\Canopus Shared 2013-06-16 16:17 - 2011-12-02 20:44 - 00000000 ____D F:\Windows\System32\DirectX 2013-06-16 16:12 - 2013-06-16 16:12 - 00000000 ____A F:\Windows\canopus.ini 2013-06-16 15:48 - 2013-06-16 15:48 - 00000033 ____A F:\Windows\System32\cnpsedufet5a.EXT 2013-06-16 10:20 - 2013-01-06 12:38 - 00000000 ____D F:\Program Files\EAGLE-5.6.0 2013-06-16 09:22 - 2012-12-31 12:35 - 00000320 ____A F:\Windows\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1343024091-861567501-839522115-1003.job 2013-06-16 09:22 - 2012-12-31 12:35 - 00000302 ____A F:\Windows\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1343024091-861567501-839522115-1003.job 2013-06-16 09:22 - 2012-12-31 12:35 - 00000294 ____A F:\Windows\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1343024091-861567501-839522115-1003.job 2013-06-16 09:22 - 2012-12-25 20:32 - 00000280 ____A F:\Windows\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1343024091-861567501-839522115-1003.job 2013-06-16 09:22 - 2012-12-25 20:32 - 00000272 ____A F:\Windows\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1343024091-861567501-839522115-1003.job 2013-06-15 11:24 - 2011-12-02 20:37 - 03550904 ____A F:\Windows\System32\FNTCACHE.DAT 2013-06-15 11:00 - 2013-06-15 11:00 - 00000000 ____D F:\Windows\pss 2013-06-15 10:56 - 2012-08-05 14:36 - 00000000 ____D F:\Program Files\NCH Software 2013-06-15 10:32 - 2012-04-09 11:28 - 00000000 ____D F:\Program Files\Nokia 2013-06-15 10:30 - 2012-02-25 21:15 - 00000000 ____D F:\Program Files\Google 2013-06-15 10:29 - 2012-01-13 20:36 - 00000000 ____D F:\Program Files\Canon 2013-06-15 10:27 - 2011-12-02 21:33 - 00000000 ____D F:\Windows\twain_32 2013-06-15 10:13 - 2012-06-23 09:37 - 00000000 ____D F:\Windows\Minidump 2013-06-15 10:02 - 2013-06-15 10:02 - 00000000 ____D F:\Program Files\VS Revo Group 2013-06-15 09:45 - 2011-12-02 20:43 - 00000000 ____D F:\Windows\System32\Restore ==================== Bamital & volsnap Check ================= F:\Windows\explorer.exe [2003-04-16 14:00] - [2008-04-14 23:51] - 1035264 ____A (Microsoft Corporation) c791ed9eac5e76d9525e157b1d7a599a F:\Windows\System32\winlogon.exe [2003-04-16 14:00] - [2008-04-14 23:51] - 0510464 ____A (Microsoft Corporation) 51fd2e13d723857b9ca239ae77150f48 F:\Windows\System32\svchost.exe [2003-04-16 14:00] - [2008-04-14 23:51] - 0014336 ____A (Microsoft Corporation) 8607d35d92528e2df386f19a960d23ce F:\Windows\System32\services.exe [2003-04-16 14:00] - [2008-04-14 23:51] - 0109056 ____A (Microsoft Corporation) 3e3ae424e27c4cefe4cab368c7b570ea F:\Windows\System32\User32.dll [2003-04-16 14:00] - [2008-04-14 23:50] - 0580096 ____A (Microsoft Corporation) a435c5c069afd901751ac323ad238793 F:\Windows\System32\userinit.exe [2003-04-16 14:00] - [2008-04-14 23:51] - 0026624 ____A (Microsoft Corporation) 2a5b37d520508be6570a3ea79695f5b5 F:\Windows\System32\Drivers\volsnap.sys [2003-04-16 14:00] - [2008-04-14 22:31] - 0052864 ____A (Microsoft Corporation) 56b191ac5fc0df219949c95a6c87afe7 ==================== End Of Log ============================