Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-09-2013 04 Ran by Sapper (administrator) on KUPCZAK-69D913D on 03-09-2013 17:13:24 Running from C:\Documents and Settings\Sapper\Moje dokumenty\Downloads Microsoft Windows XP Home Edition Dodatek Service Pack 3 (X86) OS Language: Polish Internet Explorer Version 8 Boot Mode: Normal ==================== Processes (Whitelisted) =================== (AVG Technologies CZ, s.r.o.) D:\PROGRA~1\AVG\AVG2013\avgrsx.exe (AVG Technologies CZ, s.r.o.) D:\Program Files\AVG\AVG2013\avgcsrvx.exe (ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe (ATI Technologies Inc.) C:\WINDOWS\SYSTEM32\Ati2evxx.exe (ATI Technologies Inc.) D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE (AVG Technologies CZ, s.r.o.) D:\Program Files\AVG\AVG2013\avgui.exe (Oracle Corporation) D:\Program Files\Common Files\Java\Java Update\jusched.exe (ATI Technologies Inc.) D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe (Skype Technologies S.A.) D:\Program Files\Skype\Phone\Skype.exe (AVG Technologies CZ, s.r.o.) D:\Program Files\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.) D:\Program Files\AVG\AVG2013\avgwdsvc.exe (LogMeIn Inc.) D:\Program Files\LogMeIn Hamachi\hamachi-2.exe (AVG Technologies CZ, s.r.o.) D:\Program Files\AVG\AVG2013\avgnsx.exe (AVG Technologies CZ, s.r.o.) D:\Program Files\AVG\AVG2013\avgemcx.exe (Oracle Corporation) D:\Program Files\Java\jre7\bin\jqs.exe (Skype Technologies) D:\Program Files\Skype\Updater\Updater.exe (TeamViewer GmbH) D:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe (LogMeIn Inc.) D:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (Google Inc.) D:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) D:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) D:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) D:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [High Definition Audio Property Page Shortcut] - C:\Windows\SYSTEM32\HDAShCut.exe [61952 2005-01-07] (Windows (R) Server 2003 DDK provider) HKLM\...\Run: [StartCCC] - D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [90112 2006-11-10] () HKLM\...\Run: [AVG_UI] - D:\Program Files\AVG\AVG2013\avgui.exe [4411440 2013-07-01] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [SunJavaUpdateSched] - D:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation) HKLM\...\Run: [LogMeIn Hamachi Ui] - D:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2255184 2013-06-28] (LogMeIn Inc.) HKLM\...\Run: [KernelFaultCheck] - %systemroot%\system32\dumprep 0 -k [x] Winlogon\Notify\Antiwpa: antiwpa.dll () Winlogon\Notify\AtiExtEvent: Ati2evxx.dll (ATI Technologies Inc.) HKCU\...\Run: [Skype] - D:\Program Files\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.) HKCU\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [1667584 2004-08-04] (Microsoft Corporation) HKCU\...\Run: [MX Skype Recorder] - C:\Documents and Settings\All Users\Dane aplikacji\MXSkypeRecorder\MXSkypeRecorder.exe [591696 2012-08-06] (MX Soft) HKCU\...\Policies\Explorer: [NoDrives] 992 BootExecute: autocheck autochk * D:\PROGRA~1\AVG\AVG2013\avgrsx.exe /sync /restart ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.pl/ HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKCU -&Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation) Toolbar: HKCU -&Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) Chrome: ======= CHR RestoreOnStartup: "https://www.google.pl/" CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding} CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter} CHR Plugin: (Shockwave Flash) - D:\Program Files\Google\Chrome\Application\29.0.1547.62\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - D:\Program Files\Google\Chrome\Application\29.0.1547.62\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - D:\Program Files\Google\Chrome\Application\29.0.1547.62\pdf.dll () CHR Plugin: (Microsoft\u00AE DRM) - D:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation) CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - D:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.)) CHR Plugin: (Microsoft\u00AE DRM) - D:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation) CHR Plugin: (Windows Presentation Foundation) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) CHR Plugin: (Google Update) - D:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) CHR Plugin: (Java(TM) Platform SE 7 U25) - D:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (Pando Web Plugin) - D:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) CHR Extension: (Adblock Plus) - C:\DOCUME~1\Sapper\USTAWI~1\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.5_0 CHR Extension: (Chrome In-App Payments service) - C:\DOCUME~1\Sapper\USTAWI~1\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0 ========================== Services (Whitelisted) ================= S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [520192 2007-06-06] () R2 AVGIDSAgent; D:\Program Files\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.) R2 avgwd; D:\Program Files\AVG\AVG2013\avgwdsvc.exe [283136 2013-07-23] (AVG Technologies CZ, s.r.o.) S2 gupdate; D:\Program Files\Google\Update\GoogleUpdate.exe [116648 2013-07-03] (Google Inc.) S3 gupdatem; D:\Program Files\Google\Update\GoogleUpdate.exe [116648 2013-07-03] (Google Inc.) R2 Hamachi2Svc; D:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1440080 2013-06-28] (LogMeIn Inc.) S2 MBAMScheduler; D:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) S2 MBAMService; D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) S2 SkypeUpdate; D:\Program Files\Skype\Updater\Updater.exe [162408 2013-06-21] (Skype Technologies) R2 TeamViewer8; D:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe [4153184 2013-07-08] (TeamViewer GmbH) S3 AppMgmt; %SystemRoot%\System32\appmgmts.dll [x] S4 HidServ; %SystemRoot%\System32\hidserv.dll [x] R2 JavaQuickStarterService; "D:\Program Files\Java\jre7\bin\jqs.exe" -service -config "D:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf" [x] ==================== Drivers (Whitelisted) ==================== R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [208184 2013-07-20] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [60216 2013-07-20] (AVG Technologies CZ, s.r.o.) R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [22328 2013-03-01] (AVG Technologies CZ, s.r.o.) R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [171320 2013-07-20] (AVG Technologies CZ, s.r.o.) R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [246072 2013-07-20] (AVG Technologies CZ, s.r.o.) R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [96568 2013-07-01] (AVG Technologies CZ, s.r.o.) R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [39224 2013-07-10] (AVG Technologies CZ, s.r.o.) R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [182072 2013-03-21] (AVG Technologies CZ, s.r.o.) R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.) R3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [145920 2005-01-07] (Windows (R) Server 2003 DDK provider) S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation) S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\mbamswissarmy.sys [40776 2013-09-02] (Malwarebytes Corporation) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] () S3 nm; C:\Windows\System32\DRIVERS\NMnt.sys [40320 2008-04-14] (Microsoft Corporation) S4 IntelIde; No ImagePath U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation) U1 WS2IFSL; ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-09-03 16:54 - 2013-09-03 16:56 - 00000000 ____D C:\Documents and Settings\Sapper\Pulpit\Nowy folder 2013-09-03 16:06 - 2013-09-03 16:05 - 00090112 _____ C:\WINDOWS\Minidump\Mini090313-01.dmp 2013-09-02 22:30 - 2013-09-02 22:30 - 00036114 _____ C:\Documents and Settings\Sapper\Pulpit\Logi.rar 2013-09-02 22:03 - 2013-09-02 22:03 - 00040776 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2013-09-02 21:59 - 2013-09-03 16:56 - 00000000 ____D C:\FRST 2013-08-30 17:30 - 2013-08-30 17:30 - 00000000 ____D D:\Program Files\Realtek 2013-08-30 17:30 - 2013-01-16 16:02 - 02079816 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll 2013-08-30 17:24 - 2013-08-30 17:24 - 00000000 ____D C:\WINDOWS\system32\Lang 2013-08-30 09:36 - 2013-08-30 10:33 - 00000000 ____D C:\Documents and Settings\Sapper\Dane aplikacji\Audacity 2013-08-28 23:00 - 2013-08-28 23:00 - 00005869 _____ C:\WINDOWS\KB2803821-v2.log 2013-08-28 23:00 - 2013-08-28 23:00 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2803821-v2_WM9$ 2013-08-27 19:29 - 2013-08-27 19:29 - 00000000 ____D C:\_OTL 2013-08-27 16:04 - 2013-08-27 16:04 - 00000850 _____ C:\Documents and Settings\Sapper\Moje dokumenty\Fixit50388.reg 2013-08-26 23:20 - 2013-08-26 23:22 - 00000000 ____D C:\rsit 2013-08-24 10:09 - 2013-08-24 10:09 - 00000000 ____D C:\Documents and Settings\Sapper\Dane aplikacji\IsolatedStorage 2013-08-24 10:05 - 2013-08-24 10:05 - 00000000 ____D C:\Spacekace 2013-08-23 01:14 - 2013-08-23 01:14 - 00000000 ___RD C:\Documents and Settings\Sapper\Menu Start\Programy\Narzędzia administracyjne 2013-08-23 01:14 - 2013-08-23 01:14 - 00000000 ____D C:\WINDOWS\system32\NtmsData 2013-08-23 01:12 - 2013-08-23 01:12 - 00000144 _____ C:\WINDOWS\Eudcedit.ini 2013-08-22 22:49 - 2013-08-22 22:49 - 00000665 _____ C:\Documents and Settings\Sapper\Pulpit\Dr.Tweak XP.lnk 2013-08-22 22:49 - 2013-08-22 22:49 - 00000665 _____ C:\Documents and Settings\Sapper\Menu Start\DrTweak XP.lnk 2013-08-22 22:49 - 2013-08-22 22:49 - 00000000 ____D C:\Documents and Settings\Sapper\Menu Start\Programy\Fic_Products 2013-08-21 18:40 - 2002-10-17 10:35 - 00026096 _____ (Microsoft Corporation) C:\WINDOWS\system32\xmlinst.exe 2013-08-21 18:40 - 2002-04-24 12:43 - 00035840 _____ C:\WINDOWS\system32\comdlg32.oca 2013-08-21 18:40 - 2002-04-09 17:23 - 00029184 _____ C:\WINDOWS\system32\MSINET.oca 2013-08-21 18:40 - 2002-01-07 17:30 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3a.dll 2013-08-21 18:40 - 2000-05-22 00:00 - 00140488 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.ocx 2013-08-21 18:40 - 2000-03-17 09:21 - 00069632 _____ C:\WINDOWS\system32\xmltok.dll 2013-08-21 18:40 - 2000-03-17 09:21 - 00036864 _____ C:\WINDOWS\system32\xmlparse.dll 2013-08-21 18:40 - 1998-06-24 00:00 - 00115016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSINET.OCX 2013-08-21 18:40 - 1998-06-18 00:00 - 00089360 _____ (Microsoft Corporation) C:\WINDOWS\system32\VB5DB.DLL 2013-08-21 18:32 - 2013-08-21 20:24 - 00000000 ____D D:\Program Files\Ubisoft 2013-08-21 18:29 - 2013-08-21 18:29 - 00000000 ____D D:\Program Files\Common Files\Adobe 2013-08-21 18:29 - 2013-08-21 18:29 - 00000000 ____D C:\Documents and Settings\Sapper\Moje dokumenty\My eBooks 2013-08-21 18:29 - 2013-08-21 18:29 - 00000000 ____D C:\Documents and Settings\Sapper\Dane aplikacji\AdobeUM 2013-08-21 18:13 - 2013-08-21 18:13 - 00000000 ____D D:\Program Files\Adobe 2013-08-21 18:12 - 2013-08-21 18:12 - 00000000 ____D C:\WINDOWS\Cache 2013-08-20 16:21 - 2013-08-20 16:21 - 00000000 ____D C:\Documents and Settings\Sapper\Dane aplikacji\Malwarebytes 2013-08-20 16:20 - 2013-08-20 16:20 - 00000000 ____D D:\Program Files\Malwarebytes' Anti-Malware 2013-08-20 16:20 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2013-08-19 09:01 - 2013-08-19 09:01 - 00000699 _____ C:\Documents and Settings\Sapper\Pulpit\Mount&Blade Warband.lnk 2013-08-19 09:01 - 2013-08-19 09:01 - 00000000 ____D C:\Documents and Settings\Sapper\Menu Start\Programy\Mount&Blade Warband 2013-08-17 16:55 - 2013-08-17 16:55 - 00090112 _____ C:\WINDOWS\Minidump\Mini081713-01.dmp 2013-08-17 00:29 - 2013-08-21 18:15 - 00000000 ____D C:\Documents and Settings\Sapper\Pulpit\world 2013-08-15 01:49 - 2013-08-15 01:49 - 00014018 _____ C:\WINDOWS\KB2862772-IE8.log 2013-08-15 01:47 - 2013-08-15 01:49 - 00000000 ____D C:\WINDOWS\system32\MRT 2013-08-15 01:47 - 2013-08-15 01:47 - 00006530 _____ C:\WINDOWS\KB2863058.log 2013-08-15 01:47 - 2013-08-15 01:47 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2863058$ 2013-08-15 01:47 - 2013-08-15 01:47 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2859537$ 2013-08-15 01:47 - 2013-08-15 01:47 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850869$ 2013-08-15 01:47 - 2013-08-15 01:47 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2849470$ 2013-08-14 17:36 - 2013-09-02 15:33 - 00000000 ____D C:\Documents and Settings\Sapper\Moje dokumenty\iFree Skype Recorder 2013-08-14 17:36 - 2013-08-14 19:15 - 00000000 ____D C:\Documents and Settings\Sapper\Dane aplikacji\iFree 2013-08-14 17:36 - 2013-08-14 17:36 - 00000477 _____ C:\Documents and Settings\Sapper\Pulpit\iFree Skype Recorder.lnk 2013-08-14 17:36 - 2013-08-14 17:36 - 00000000 ____D D:\Program Files\iFree Skype Recorder 2013-08-14 17:36 - 2013-08-14 17:36 - 00000000 ____D C:\Documents and Settings\Sapper\Menu Start\Programy\iFree Skype Recorder 2013-08-14 17:32 - 2013-08-19 15:18 - 00000000 ____D C:\Documents and Settings\Sapper\Dane aplikacji\Yahoo! 2013-08-14 17:32 - 2013-08-14 17:32 - 00000000 ____D C:\Documents and Settings\Sapper\Moje dokumenty\Recordings 2013-08-14 09:41 - 2013-08-15 01:47 - 00012101 _____ C:\WINDOWS\KB2859537.log 2013-08-14 09:41 - 2013-08-15 01:47 - 00011232 _____ C:\WINDOWS\KB2850869.log 2013-08-11 17:19 - 2013-08-19 09:10 - 00000000 ____D D:\Program Files\Mount&Blade Warband 2013-08-11 09:09 - 2013-08-19 09:12 - 00000000 ____D C:\Documents and Settings\Sapper\Moje dokumenty\Mount&Blade Warband 2013-08-11 09:08 - 2013-08-19 11:52 - 00000000 ____D C:\Documents and Settings\Sapper\Dane aplikacji\Movdap 2013-08-11 09:04 - 2013-08-11 17:41 - 00000000 ____D C:\Documents and Settings\Sapper\Moje dokumenty\Mount&Blade Warband Savegames 2013-08-11 09:03 - 2013-08-11 17:32 - 00000000 ____D C:\Documents and Settings\Sapper\Dane aplikacji\Mount&Blade Warband 2013-08-11 00:11 - 2013-08-11 00:15 - 00000000 ____D C:\Documents and Settings\Sapper\Menu Start\Programy\CPUFSB 2013-08-11 00:04 - 2013-08-11 00:04 - 00000000 ____D D:\Program Files\SystemRequirementsLab 2013-08-11 00:04 - 2013-08-11 00:04 - 00000000 ____D C:\WINDOWS\Sun 2013-08-08 23:49 - 2013-08-08 23:49 - 00000000 ____D C:\Documents and Settings\Sapper\Dane aplikacji\Help 2013-08-08 23:44 - 2013-08-08 23:44 - 00000000 ____D C:\Documents and Settings\Sapper\WINDOWS 2013-08-07 13:50 - 2013-08-07 13:50 - 00000372 _____ C:\Documents and Settings\Sapper\Moje dokumenty\spider.sav ==================== One Month Modified Files and Folders ======= 2013-09-03 17:13 - 2013-06-29 18:50 - 00000000 ____D C:\Documents and Settings\Sapper\Pulpit 2013-09-03 17:12 - 2013-06-29 21:23 - 00000000 ____D C:\Documents and Settings\Sapper\Dane aplikacji\Skype 2013-09-03 17:12 - 2013-06-29 18:45 - 02082649 _____ C:\WINDOWS\WindowsUpdate.log 2013-09-03 17:11 - 2013-06-29 20:55 - 00001032 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2013-09-03 17:11 - 2013-06-29 18:49 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2013-09-03 17:11 - 2013-06-29 18:18 - 00000159 _____ C:\WINDOWS\wiadebug.log 2013-09-03 17:11 - 2013-06-29 18:18 - 00000050 _____ C:\WINDOWS\wiaservc.log 2013-09-03 17:10 - 2013-06-30 10:31 - 00393216 _____ C:\WINDOWS\system32\config\ACEEvent.evt 2013-09-03 17:10 - 2013-06-29 18:50 - 00000188 ___SH C:\Documents and Settings\Sapper\ntuser.ini 2013-09-03 17:10 - 2013-06-29 18:49 - 00032634 _____ C:\WINDOWS\SchedLgU.Txt 2013-09-03 17:09 - 2013-06-29 18:16 - 01089352 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2013-09-03 17:09 - 2006-03-02 12:00 - 00491064 _____ C:\WINDOWS\system32\perfh015.dat 2013-09-03 17:09 - 2006-03-02 12:00 - 00084316 _____ C:\WINDOWS\system32\perfc015.dat 2013-09-03 16:58 - 2013-07-17 23:01 - 00000000 ____D D:\Program Files\DAEMON Tools Lite 2013-09-03 16:58 - 2013-06-29 18:16 - 00548962 _____ C:\WINDOWS\setupapi.log 2013-09-03 16:58 - 2013-06-29 18:16 - 00000000 ____D C:\Documents and Settings\All Users\Pulpit 2013-09-03 16:56 - 2013-09-03 16:54 - 00000000 ____D C:\Documents and Settings\Sapper\Pulpit\Nowy folder 2013-09-03 16:56 - 2013-09-02 21:59 - 00000000 ____D C:\FRST 2013-09-03 16:56 - 2013-06-29 18:50 - 00000000 __RHD C:\Documents and Settings\Sapper\Dane aplikacji 2013-09-03 16:48 - 2013-06-29 20:55 - 00001036 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2013-09-03 16:05 - 2013-09-03 16:06 - 00090112 _____ C:\WINDOWS\Minidump\Mini090313-01.dmp 2013-09-03 15:49 - 2013-07-04 12:46 - 00000464 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{A6CCC8B2-B50E-4713-9839-E0EEE7EFF97E}.job 2013-09-02 22:30 - 2013-09-02 22:30 - 00036114 _____ C:\Documents and Settings\Sapper\Pulpit\Logi.rar 2013-09-02 22:03 - 2013-09-02 22:03 - 00040776 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2013-09-02 15:33 - 2013-08-14 17:36 - 00000000 ____D C:\Documents and Settings\Sapper\Moje dokumenty\iFree Skype Recorder 2013-08-30 17:30 - 2013-08-30 17:30 - 00000000 ____D D:\Program Files\Realtek 2013-08-30 17:30 - 2013-06-29 22:11 - 00000000 ___HD D:\Program Files\InstallShield Installation Information 2013-08-30 17:24 - 2013-08-30 17:24 - 00000000 ____D C:\WINDOWS\system32\Lang 2013-08-30 17:24 - 2013-06-29 22:32 - 00021381 _____ C:\WINDOWS\KB888111.log 2013-08-30 10:38 - 2013-06-29 18:50 - 00000000 ___RD C:\Documents and Settings\Sapper\Moje dokumenty\Moja muzyka 2013-08-30 10:33 - 2013-08-30 09:36 - 00000000 ____D C:\Documents and Settings\Sapper\Dane aplikacji\Audacity 2013-08-29 14:47 - 2013-06-30 13:33 - 00004096 _____ C:\WINDOWS\system32\crash 2013-08-29 10:04 - 2006-03-02 12:00 - 00002278 _____ C:\WINDOWS\system32\wpa.dbl 2013-08-28 23:00 - 2013-08-28 23:00 - 00005869 _____ C:\WINDOWS\KB2803821-v2.log 2013-08-28 23:00 - 2013-08-28 23:00 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2803821-v2_WM9$ 2013-08-28 23:00 - 2013-06-29 18:16 - 00846854 _____ C:\WINDOWS\FaxSetup.log 2013-08-28 23:00 - 2013-06-29 18:16 - 00416387 _____ C:\WINDOWS\ocgen.log 2013-08-28 23:00 - 2013-06-29 18:16 - 00328549 _____ C:\WINDOWS\tsoc.log 2013-08-28 23:00 - 2013-06-29 18:16 - 00294144 _____ C:\WINDOWS\comsetup.log 2013-08-28 23:00 - 2013-06-29 18:16 - 00176167 _____ C:\WINDOWS\ntdtcsetup.log 2013-08-28 23:00 - 2013-06-29 18:16 - 00131132 _____ C:\WINDOWS\iis6.log 2013-08-28 23:00 - 2013-06-29 18:16 - 00052897 _____ C:\WINDOWS\ocmsn.log 2013-08-28 23:00 - 2013-06-29 18:16 - 00042600 _____ C:\WINDOWS\msgsocm.log 2013-08-28 23:00 - 2013-06-29 18:16 - 00001374 _____ C:\WINDOWS\imsins.log 2013-08-28 01:00 - 2013-06-29 18:43 - 00013828 _____ C:\WINDOWS\wmsetup.log 2013-08-27 19:29 - 2013-08-27 19:29 - 00000000 ____D C:\_OTL 2013-08-27 16:04 - 2013-08-27 16:04 - 00000850 _____ C:\Documents and Settings\Sapper\Moje dokumenty\Fixit50388.reg 2013-08-27 16:04 - 2013-06-29 18:50 - 00000000 ___RD C:\Documents and Settings\Sapper\Moje dokumenty 2013-08-26 23:22 - 2013-08-26 23:20 - 00000000 ____D C:\rsit 2013-08-25 01:51 - 2013-06-29 18:50 - 00000000 ____D C:\Documents and Settings\Sapper 2013-08-24 18:53 - 2013-08-02 21:30 - 00000000 ____D C:\Documents and Settings\Sapper\Dane aplikacji\.minecraft 2013-08-24 10:09 - 2013-08-24 10:09 - 00000000 ____D C:\Documents and Settings\Sapper\Dane aplikacji\IsolatedStorage 2013-08-24 10:09 - 2013-06-29 18:50 - 00000000 ___HD C:\DOCUME~1\Sapper\USTAWI~1\Dane aplikacji 2013-08-24 10:09 - 2013-06-29 18:16 - 00000000 __RHD C:\Documents and Settings\All Users\Dane aplikacji 2013-08-24 10:05 - 2013-08-24 10:05 - 00000000 ____D C:\Spacekace 2013-08-23 17:02 - 2006-03-02 12:00 - 00011973 _____ (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\WINDOWS\system32\Drivers\secdrv.sys 2013-08-23 01:14 - 2013-08-23 01:14 - 00000000 ___RD C:\Documents and Settings\Sapper\Menu Start\Programy\Narzędzia administracyjne 2013-08-23 01:14 - 2013-08-23 01:14 - 00000000 ____D C:\WINDOWS\system32\NtmsData 2013-08-23 01:14 - 2013-06-29 18:50 - 00000000 ___RD C:\Documents and Settings\Sapper\Menu Start\Programy 2013-08-23 01:12 - 2013-08-23 01:12 - 00000144 _____ C:\WINDOWS\Eudcedit.ini 2013-08-23 01:06 - 2013-06-29 18:50 - 00000000 ___RD C:\Documents and Settings\Sapper\Menu Start\Programy\Autostart 2013-08-22 23:21 - 2013-06-29 18:16 - 00001917 _____ C:\WINDOWS\imsins.BAK 2013-08-22 22:49 - 2013-08-22 22:49 - 00000665 _____ C:\Documents and Settings\Sapper\Pulpit\Dr.Tweak XP.lnk 2013-08-22 22:49 - 2013-08-22 22:49 - 00000665 _____ C:\Documents and Settings\Sapper\Menu Start\DrTweak XP.lnk 2013-08-22 22:49 - 2013-08-22 22:49 - 00000000 ____D C:\Documents and Settings\Sapper\Menu Start\Programy\Fic_Products 2013-08-22 22:49 - 2013-06-29 18:50 - 00000000 ___RD C:\Documents and Settings\Sapper\Menu Start 2013-08-21 20:24 - 2013-08-21 18:32 - 00000000 ____D D:\Program Files\Ubisoft 2013-08-21 18:29 - 2013-08-21 18:29 - 00000000 ____D D:\Program Files\Common Files\Adobe 2013-08-21 18:29 - 2013-08-21 18:29 - 00000000 ____D C:\Documents and Settings\Sapper\Moje dokumenty\My eBooks 2013-08-21 18:29 - 2013-08-21 18:29 - 00000000 ____D C:\Documents and Settings\Sapper\Dane aplikacji\AdobeUM 2013-08-21 18:29 - 2013-06-30 05:58 - 00000000 ____D C:\Documents and Settings\Sapper\Dane aplikacji\Adobe 2013-08-21 18:29 - 2013-06-29 21:20 - 00000000 ____D D:\Program Files\common files 2013-08-21 18:28 - 2013-07-17 23:01 - 00000000 ____D C:\Documents and Settings\Sapper\Dane aplikacji\DAEMON Tools Lite 2013-08-21 18:15 - 2013-08-17 00:29 - 00000000 ____D C:\Documents and Settings\Sapper\Pulpit\world 2013-08-21 18:13 - 2013-08-21 18:13 - 00000000 ____D D:\Program Files\Adobe 2013-08-21 18:13 - 2013-07-03 15:41 - 00096263 _____ C:\WINDOWS\DirectX.log 2013-08-21 18:12 - 2013-08-21 18:12 - 00000000 ____D C:\WINDOWS\Cache 2013-08-21 17:55 - 2013-07-01 22:34 - 00000000 ____D C:\Documents and Settings\Sapper\Dane aplikacji\uTorrent 2013-08-20 18:17 - 2013-07-01 22:33 - 00000000 ____D D:\Program Files\Pobierane Qtorrent 2013-08-20 16:21 - 2013-08-20 16:21 - 00000000 ____D C:\Documents and Settings\Sapper\Dane aplikacji\Malwarebytes 2013-08-20 16:20 - 2013-08-20 16:20 - 00000000 ____D D:\Program Files\Malwarebytes' Anti-Malware 2013-08-19 15:43 - 2013-06-29 21:13 - 00000000 ____D D:\Program Files\Pobierane 2013-08-19 15:18 - 2013-08-14 17:32 - 00000000 ____D C:\Documents and Settings\Sapper\Dane aplikacji\Yahoo! 2013-08-19 11:52 - 2013-08-11 09:08 - 00000000 ____D C:\Documents and Settings\Sapper\Dane aplikacji\Movdap 2013-08-19 09:12 - 2013-08-11 09:09 - 00000000 ____D C:\Documents and Settings\Sapper\Moje dokumenty\Mount&Blade Warband 2013-08-19 09:10 - 2013-08-11 17:19 - 00000000 ____D D:\Program Files\Mount&Blade Warband 2013-08-19 09:01 - 2013-08-19 09:01 - 00000699 _____ C:\Documents and Settings\Sapper\Pulpit\Mount&Blade Warband.lnk 2013-08-19 09:01 - 2013-08-19 09:01 - 00000000 ____D C:\Documents and Settings\Sapper\Menu Start\Programy\Mount&Blade Warband 2013-08-19 08:51 - 2013-06-29 18:45 - 00000000 ____D C:\WINDOWS\system32\DirectX 2013-08-17 16:55 - 2013-08-17 16:55 - 00090112 _____ C:\WINDOWS\Minidump\Mini081713-01.dmp 2013-08-17 16:55 - 2013-07-01 21:37 - 00000000 ____D C:\WINDOWS\Minidump 2013-08-17 00:29 - 2013-08-02 21:42 - 00000000 ____D C:\Documents and Settings\Sapper\Pulpit\Server 2013-08-15 13:47 - 2013-06-30 10:22 - 00000000 ____D C:\WINDOWS\Microsoft.NET 2013-08-15 01:49 - 2013-08-15 01:49 - 00014018 _____ C:\WINDOWS\KB2862772-IE8.log 2013-08-15 01:49 - 2013-08-15 01:47 - 00000000 ____D C:\WINDOWS\system32\MRT 2013-08-15 01:49 - 2013-07-05 11:01 - 00000000 ____D C:\WINDOWS\ie8updates 2013-08-15 01:49 - 2013-07-03 22:56 - 00408494 _____ C:\WINDOWS\updspapi.log 2013-08-15 01:49 - 2013-06-29 21:20 - 00000000 ____D D:\Program Files\internet explorer 2013-08-15 01:47 - 2013-08-15 01:47 - 00006530 _____ C:\WINDOWS\KB2863058.log 2013-08-15 01:47 - 2013-08-15 01:47 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2863058$ 2013-08-15 01:47 - 2013-08-15 01:47 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2859537$ 2013-08-15 01:47 - 2013-08-15 01:47 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850869$ 2013-08-15 01:47 - 2013-08-15 01:47 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2849470$ 2013-08-15 01:47 - 2013-08-14 09:41 - 00012101 _____ C:\WINDOWS\KB2859537.log 2013-08-15 01:47 - 2013-08-14 09:41 - 00011232 _____ C:\WINDOWS\KB2850869.log 2013-08-15 01:47 - 2013-07-05 19:08 - 75778376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2013-08-15 01:47 - 2013-07-05 11:11 - 00012546 _____ C:\WINDOWS\system32\TZLog.log 2013-08-14 19:15 - 2013-08-14 17:36 - 00000000 ____D C:\Documents and Settings\Sapper\Dane aplikacji\iFree 2013-08-14 17:36 - 2013-08-14 17:36 - 00000477 _____ C:\Documents and Settings\Sapper\Pulpit\iFree Skype Recorder.lnk 2013-08-14 17:36 - 2013-08-14 17:36 - 00000000 ____D D:\Program Files\iFree Skype Recorder 2013-08-14 17:36 - 2013-08-14 17:36 - 00000000 ____D C:\Documents and Settings\Sapper\Menu Start\Programy\iFree Skype Recorder 2013-08-14 17:32 - 2013-08-14 17:32 - 00000000 ____D C:\Documents and Settings\Sapper\Moje dokumenty\Recordings 2013-08-14 16:39 - 2013-07-29 19:41 - 00000000 ____D C:\WINDOWS\system32\cache 2013-08-11 17:41 - 2013-08-11 09:04 - 00000000 ____D C:\Documents and Settings\Sapper\Moje dokumenty\Mount&Blade Warband Savegames 2013-08-11 17:32 - 2013-08-11 09:03 - 00000000 ____D C:\Documents and Settings\Sapper\Dane aplikacji\Mount&Blade Warband 2013-08-11 00:15 - 2013-08-11 00:11 - 00000000 ____D C:\Documents and Settings\Sapper\Menu Start\Programy\CPUFSB 2013-08-11 00:04 - 2013-08-11 00:04 - 00000000 ____D D:\Program Files\SystemRequirementsLab 2013-08-11 00:04 - 2013-08-11 00:04 - 00000000 ____D C:\WINDOWS\Sun 2013-08-09 00:01 - 2013-06-29 18:16 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Start 2013-08-08 23:49 - 2013-08-08 23:49 - 00000000 ____D C:\Documents and Settings\Sapper\Dane aplikacji\Help 2013-08-08 23:44 - 2013-08-08 23:44 - 00000000 ____D C:\Documents and Settings\Sapper\WINDOWS 2013-08-07 13:50 - 2013-08-07 13:50 - 00000372 _____ C:\Documents and Settings\Sapper\Moje dokumenty\spider.sav ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe [2006-03-02 12:00] - [2008-04-14 22:51] - 1035264 ____A (Microsoft Corporation) c791ed9eac5e76d9525e157b1d7a599a C:\Windows\System32\winlogon.exe [2006-03-02 12:00] - [2008-04-14 22:51] - 0510464 ____A (Microsoft Corporation) 51fd2e13d723857b9ca239ae77150f48 C:\Windows\System32\svchost.exe [2006-03-02 12:00] - [2008-04-14 22:51] - 0014336 ____A (Microsoft Corporation) 8607d35d92528e2df386f19a960d23ce C:\Windows\System32\services.exe [2006-03-02 12:00] - [2009-02-09 13:25] - 0111104 ____A (Microsoft Corporation) 02a467e27af55f7064c5b251e587315f C:\Windows\System32\User32.dll [2006-03-02 12:00] - [2008-04-14 22:50] - 0580096 ____A (Microsoft Corporation) a435c5c069afd901751ac323ad238793 C:\Windows\System32\userinit.exe [2006-03-02 12:00] - [2008-04-14 22:51] - 0026624 ____A (Microsoft Corporation) 2a5b37d520508be6570a3ea79695f5b5 C:\Windows\System32\Drivers\volsnap.sys [2006-03-02 12:00] - [2008-04-14 21:31] - 0052864 ____A (Microsoft Corporation) 56b191ac5fc0df219949c95a6c87afe7 ==================== End Of Log ============================