Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-09-2013 Ran by Właściciel (administrator) on TTT-2E93A879B61 on 09-09-2013 16:15:36 Running from C:\Documents and Settings\Właściciel\Pulpit Microsoft Windows XP Home Edition Dodatek Service Pack 3 (X86) OS Language: Polish Internet Explorer Version 8 Boot Mode: Normal ==================== Processes (Whitelisted) =================== () C:\WINDOWS\system32\ibmpmsvc.exe (ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe (ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Analog Devices, Inc.) C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe (Analog Devices, Inc.) C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (KONICA MINOLTA) C:\Program Files\LINKMAGIC\LINKMAGIC.EXE (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [ATIPTA] - C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [344064 2005-05-25] (ATI Technologies, Inc.) HKLM\...\Run: [SoundMAXPnP] - C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe [1388544 2004-10-14] (Analog Devices, Inc.) HKLM\...\Run: [SoundMAX] - C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [860160 2004-09-23] (Analog Devices, Inc.) HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5078504 2013-03-21] (ESET) Winlogon\Notify\AtiExtEvent: Ati2evxx.dll (ATI Technologies Inc.) Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\LINKMAGIC.lnk ShortcutTarget: LINKMAGIC.lnk -> C:\Program Files\LINKMAGIC\LINKMAGIC.EXE (KONICA MINOLTA) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm SearchScopes: HKLM - DefaultScope value is missing. Toolbar: HKCU -&Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation) Toolbar: HKCU -&Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation) DPF: {075B975E-4FFE-4491-9DDA-C8D367ECFE1E} http://192.168.1.21/adm/DDCAlertCfg.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: {D4A5D384-6C53-4F3A-8A4F-5BA0D6A654A9} http://192.168.1.21/img/DDCViewer.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.20 FireFox: ======== FF ProfilePath: C:\Documents and Settings\Właściciel\Dane aplikacji\Mozilla\Firefox\Profiles\uopmvhim.default FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll () FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird Chrome: ======= CHR RestoreOnStartup: "hxxp://www.google.com" CHR DefaultSearchURL: (delta-homes) - http://www.google.com CHR DefaultSuggestURL: (delta-homes) - "suggest_url": "" CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\29.0.1547.66\pdf.dll () CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation) CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.)) CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation) CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) CHR Plugin: (Windows Presentation Foundation) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll () CHR Extension: (Google Docs) - C:\DOCUME~1\WACICI~1\USTAWI~1\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 CHR Extension: (Google Drive) - C:\DOCUME~1\WACICI~1\USTAWI~1\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 CHR Extension: (YouTube) - C:\DOCUME~1\WACICI~1\USTAWI~1\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Google Search) - C:\DOCUME~1\WACICI~1\USTAWI~1\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (Lightning Newtab) - C:\DOCUME~1\WACICI~1\USTAWI~1\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\1.1.5.4_0 CHR Extension: (Chrome In-App Payments service) - C:\DOCUME~1\WACICI~1\USTAWI~1\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0 CHR HKLM\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\newtab.crx ========================== Services (Whitelisted) ================= R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [1341664 2013-03-21] (ESET) R2 IBMPMSVC; C:\Windows\system32\ibmpmsvc.exe [73782 2005-11-11] () R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 SoundMAX Agent Service (default); C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [45056 2002-09-20] (Analog Devices, Inc.) ==================== Drivers (Whitelisted) ==================== R3 AR5211; C:\Windows\System32\DRIVERS\ar5211.sys [472224 2007-05-02] (Atheros Communications, Inc.) R3 E1000; C:\Windows\System32\DRIVERS\e1000325.sys [125952 2004-10-26] (Intel Corporation) R1 eamon; C:\Windows\System32\DRIVERS\eamon.sys [161368 2013-01-10] (ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [122240 2013-01-10] (ESET) R1 epfwtdir; C:\Windows\System32\DRIVERS\epfwtdir.sys [105784 2013-01-10] (ESET) S3 grmnusb; C:\Windows\System32\drivers\grmnusb.sys [8320 2007-03-08] (GARMIN Corp.) S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [49920 2007-03-06] (HP) S3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16496 2007-03-06] (HP) S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21568 2007-03-06] (HP) R3 HSFHWICH; C:\Windows\System32\DRIVERS\HSFHWICH.sys [247808 2006-08-29] (Conexant Systems, Inc.) R3 HSF_DPV; C:\Windows\System32\DRIVERS\HSF_DPV.sys [990592 2006-08-29] (Conexant Systems, Inc.) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation) R3 Rasirda; C:\Windows\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation) U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation) U1 WS2IFSL; ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-09-09 16:08 - 2013-09-09 16:09 - 00000000 ____D C:\AdwCleaner 2013-09-09 13:06 - 2013-09-09 13:06 - 00058358 _____ C:\Documents and Settings\Właściciel\Pulpit\OTL.Txt 2013-09-09 13:06 - 2013-09-09 13:06 - 00033230 _____ C:\Documents and Settings\Właściciel\Pulpit\Extras.Txt 2013-09-09 11:48 - 2013-09-09 11:48 - 00005201 _____ C:\Documents and Settings\Właściciel\Pulpit\gmer częściowy1.txt 2013-09-09 11:45 - 2013-09-09 11:47 - 00035907 _____ C:\Documents and Settings\Właściciel\Pulpit\Addition.txt 2013-09-09 11:44 - 2013-09-09 11:44 - 00000000 ____D C:\FRST 2013-09-09 11:40 - 2013-09-09 11:41 - 00000575 _____ C:\Documents and Settings\Właściciel\Pulpit\gmer prescan.txt 2013-09-09 11:13 - 2013-09-09 11:13 - 00377856 _____ C:\Documents and Settings\Właściciel\Pulpit\2mirw7n9.exe 2013-09-09 08:44 - 2013-09-09 08:44 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Właściciel\Pulpit\OTL.exe 2013-09-09 08:42 - 2013-09-09 08:42 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware 2013-09-09 08:42 - 2013-09-09 08:42 - 00000000 ____D C:\Documents and Settings\Właściciel\Dane aplikacji\Malwarebytes 2013-09-09 08:42 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2013-09-09 08:41 - 2013-09-09 08:41 - 01082207 _____ (Farbar) C:\Documents and Settings\Właściciel\Pulpit\FRST.exe 2013-09-09 08:37 - 2013-09-09 08:39 - 10285040 _____ (Malwarebytes Corporation ) C:\Documents and Settings\Właściciel\Pulpit\mbam-setup-1.75.0.1300.exe 2013-09-04 09:19 - 2013-09-04 09:19 - 04454952 _____ (Piriform Ltd) C:\Documents and Settings\Właściciel\Pulpit\ccsetup405.exe 2013-09-04 08:28 - 2013-09-04 08:29 - 00000000 ____D C:\Documents and Settings\Właściciel\Pulpit\magazyny skupu stare złe 2013-09-02 08:23 - 2013-09-02 08:23 - 00000000 ____D C:\Program Files\ESET 2013-08-28 08:44 - 2013-09-09 13:15 - 00000000 ____D C:\Documents and Settings\Właściciel\Pulpit\Stare dane programu Firefox 2013-08-28 08:27 - 2013-08-28 08:27 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$ 2013-08-26 15:20 - 2013-06-14 22:18 - 00000000 ____D C:\Documents and Settings\Właściciel\Pulpit\Kanye West - Yeezus (2013) 2013-08-26 15:07 - 2013-08-26 15:19 - 97197557 _____ C:\Documents and Settings\Właściciel\Pulpit\Kanye West - Yeezus (2013).rar 2013-08-23 12:16 - 2013-08-23 12:16 - 00000482 _____ C:\tmp.tif 2013-08-23 12:11 - 2013-08-23 12:11 - 00000000 ____D C:\Program Files\LINKMAGIC 2013-08-23 12:11 - 2013-08-23 12:11 - 00000000 ____D C:\FBBM 2013-08-23 12:11 - 2005-03-25 19:02 - 00047104 _____ (Avision Inc.) C:\WINDOWS\system32\SP701A.cpl 2013-08-23 12:11 - 2001-10-24 15:23 - 00000764 ____N C:\WINDOWS\Cm3.ini 2013-08-23 12:11 - 2001-08-14 09:11 - 00258560 ____N (LEAD Technologies, Inc.) C:\WINDOWS\system32\LTDIS12n.dll 2013-08-23 12:11 - 2001-08-09 11:54 - 00035328 ____N (LEAD Technologies, Inc.) C:\WINDOWS\system32\lttwn12n.dll 2013-08-23 12:11 - 2001-08-07 18:11 - 00341504 ____N (LEAD Technologies, Inc.) C:\WINDOWS\system32\LFCMP12n.DLL 2013-08-23 12:11 - 2001-08-07 14:53 - 00141824 ____N (LEAD Technologies, Inc.) C:\WINDOWS\system32\lftif12n.dll 2013-08-23 12:11 - 2001-08-07 14:52 - 00020992 ____N (LEAD Technologies, Inc.) C:\WINDOWS\system32\lftga12n.dll 2013-08-23 12:11 - 2001-08-07 14:51 - 00026624 ____N (LEAD Technologies, Inc.) C:\WINDOWS\system32\lfpcx12n.dll 2013-08-23 12:11 - 2001-08-07 14:50 - 00020992 ____N (LEAD Technologies, Inc.) C:\WINDOWS\system32\lfimg12n.dll 2013-08-23 12:11 - 2001-08-07 14:39 - 00030720 ____N (LEAD Technologies, Inc.) C:\WINDOWS\system32\lfbmp12n.dll 2013-08-23 12:11 - 2001-08-07 14:38 - 00073216 ____N (LEAD Technologies, Inc.) C:\WINDOWS\system32\lffax12n.dll 2013-08-23 12:11 - 2001-08-07 14:35 - 00207872 ____N (LEAD Technologies, Inc.) C:\WINDOWS\system32\ltefx12n.dll 2013-08-23 12:11 - 2001-08-07 14:35 - 00165888 ____N (LEAD Technologies, Inc.) C:\WINDOWS\system32\ltimg12n.dll 2013-08-23 12:11 - 2001-08-07 14:34 - 00130048 ____N (LEAD Technologies, Inc.) C:\WINDOWS\system32\ltfil12n.DLL 2013-08-23 12:11 - 2001-08-07 13:21 - 00388608 ____N (LEAD Technologies, Inc.) C:\WINDOWS\system32\ltkrn12n.dll 2013-08-23 11:54 - 2013-08-28 09:01 - 00000454 _____ C:\WINDOWS\system32\SP701ASM.dat 2013-08-23 11:54 - 2013-08-23 12:11 - 00000071 _____ C:\WINDOWS\install.ini 2013-08-23 11:54 - 2013-08-23 11:54 - 00000000 ____D C:\LinkMagic 2013-08-23 11:54 - 2005-07-13 17:45 - 00057344 _____ C:\WINDOWS\system32\SP701ALM.dll 2013-08-23 11:54 - 2005-07-13 17:45 - 00036864 _____ C:\WINDOWS\system32\SP701ASM.exe 2013-08-23 11:54 - 2005-07-06 14:47 - 00024576 _____ () C:\WINDOWS\rmdrv98.exe 2013-08-23 11:54 - 2005-04-26 18:32 - 00024576 _____ () C:\WINDOWS\rmdrv2k.exe 2013-08-23 11:54 - 2001-11-27 01:36 - 00025088 ____N (Avision Inc.) C:\WINDOWS\rmreg.exe 2013-08-23 09:40 - 2013-08-26 11:55 - 00000000 ____D C:\Program Files\Mozilla Firefox 2013-08-23 09:07 - 2013-08-23 09:07 - 04429440 _____ (Piriform Ltd) C:\Documents and Settings\Właściciel\Pulpit\ccsetup404.exe 2013-08-22 14:20 - 2013-08-22 14:20 - 00773800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100.dll 2013-08-22 14:20 - 2013-08-22 14:20 - 00421032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp100.dll 2013-08-22 13:23 - 2013-08-22 13:23 - 00212073 _____ C:\Documents and Settings\Właściciel\Pulpit\magazyn Bez tytułu 1.ods 2013-08-22 09:22 - 2013-08-22 09:24 - 00000000 ____D C:\WINDOWS\system32\MRT 2013-08-22 09:14 - 2013-08-22 09:14 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2863058$ 2013-08-22 09:14 - 2013-08-22 09:14 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2859537$ 2013-08-22 09:14 - 2013-08-22 09:14 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850869$ 2013-08-22 09:13 - 2013-08-22 09:13 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2849470$ ==================== One Month Modified Files and Folders ======= 2013-09-09 16:15 - 2011-01-17 17:15 - 00000000 ____D C:\Documents and Settings\Właściciel\Pulpit 2013-09-09 16:12 - 2013-09-09 16:12 - 00003031 _____ C:\Documents and Settings\Właściciel\Pulpit\AdwCleaner[S0].txt 2013-09-09 16:12 - 2011-01-17 17:10 - 01520913 _____ C:\WINDOWS\WindowsUpdate.log 2013-09-09 16:11 - 2011-01-17 18:03 - 00000159 _____ C:\WINDOWS\wiadebug.log 2013-09-09 16:11 - 2011-01-17 18:03 - 00000050 _____ C:\WINDOWS\wiaservc.log 2013-09-09 16:11 - 2011-01-17 17:15 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2013-09-09 16:10 - 2011-01-17 17:15 - 00032546 _____ C:\WINDOWS\SchedLgU.Txt 2013-09-09 16:10 - 2011-01-17 17:15 - 00000292 ___SH C:\Documents and Settings\Właściciel\ntuser.ini 2013-09-09 16:09 - 2013-09-09 16:08 - 00000000 ____D C:\AdwCleaner 2013-09-09 16:09 - 2011-01-17 18:00 - 00000000 ____D C:\Documents and Settings\All Users\Pulpit 2013-09-09 16:09 - 2011-01-17 17:15 - 00000755 _____ C:\Documents and Settings\Właściciel\Menu Start\Programy\Internet Explorer.lnk 2013-09-09 16:09 - 2011-01-17 17:15 - 00000000 ___RD C:\Documents and Settings\Właściciel\Menu Start\Programy 2013-09-09 16:09 - 2011-01-17 17:15 - 00000000 ____D C:\Documents and Settings\Właściciel 2013-09-09 16:07 - 2012-06-06 14:58 - 00000000 ____D C:\Documents and Settings\Właściciel\Moje dokumenty\Pobieranie 2013-09-09 16:01 - 2011-01-17 18:00 - 00000000 __RHD C:\Documents and Settings\All Users\Dane aplikacji 2013-09-09 16:01 - 2011-01-17 17:15 - 00000000 __RHD C:\Documents and Settings\Właściciel\Dane aplikacji 2013-09-09 13:15 - 2013-08-28 08:44 - 00000000 ____D C:\Documents and Settings\Właściciel\Pulpit\Stare dane programu Firefox 2013-09-09 13:06 - 2013-09-09 13:06 - 00058358 _____ C:\Documents and Settings\Właściciel\Pulpit\OTL.Txt 2013-09-09 13:06 - 2013-09-09 13:06 - 00033230 _____ C:\Documents and Settings\Właściciel\Pulpit\Extras.Txt 2013-09-09 11:48 - 2013-09-09 11:48 - 00005201 _____ C:\Documents and Settings\Właściciel\Pulpit\gmer częściowy1.txt 2013-09-09 11:47 - 2013-09-09 11:45 - 00035907 _____ C:\Documents and Settings\Właściciel\Pulpit\Addition.txt 2013-09-09 11:44 - 2013-09-09 11:44 - 00000000 ____D C:\FRST 2013-09-09 11:41 - 2013-09-09 11:40 - 00000575 _____ C:\Documents and Settings\Właściciel\Pulpit\gmer prescan.txt 2013-09-09 11:13 - 2013-09-09 11:13 - 00377856 _____ C:\Documents and Settings\Właściciel\Pulpit\2mirw7n9.exe 2013-09-09 08:44 - 2013-09-09 08:44 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Właściciel\Pulpit\OTL.exe 2013-09-09 08:42 - 2013-09-09 08:42 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware 2013-09-09 08:42 - 2013-09-09 08:42 - 00000000 ____D C:\Documents and Settings\Właściciel\Dane aplikacji\Malwarebytes 2013-09-09 08:41 - 2013-09-09 08:41 - 01082207 _____ (Farbar) C:\Documents and Settings\Właściciel\Pulpit\FRST.exe 2013-09-09 08:39 - 2013-09-09 08:37 - 10285040 _____ (Malwarebytes Corporation ) C:\Documents and Settings\Właściciel\Pulpit\mbam-setup-1.75.0.1300.exe 2013-09-09 08:02 - 2006-03-02 14:00 - 00013646 _____ C:\WINDOWS\system32\wpa.dbl 2013-09-04 16:02 - 2011-01-17 17:08 - 00000000 ____D C:\WINDOWS\system32\Restore 2013-09-04 09:26 - 2012-10-11 10:57 - 00000000 ____D C:\Program Files\CCleaner 2013-09-04 09:19 - 2013-09-04 09:19 - 04454952 _____ (Piriform Ltd) C:\Documents and Settings\Właściciel\Pulpit\ccsetup405.exe 2013-09-04 08:29 - 2013-09-04 08:28 - 00000000 ____D C:\Documents and Settings\Właściciel\Pulpit\magazyny skupu stare złe 2013-09-02 09:00 - 2011-01-17 17:15 - 00000000 ___HD C:\DOCUME~1\WACICI~1\USTAWI~1\Dane aplikacji 2013-09-02 08:23 - 2013-09-02 08:23 - 00000000 ____D C:\Program Files\ESET 2013-08-30 08:00 - 2012-04-02 19:49 - 00692104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2013-08-30 08:00 - 2011-06-03 15:39 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2013-08-28 09:01 - 2013-08-23 11:54 - 00000454 _____ C:\WINDOWS\system32\SP701ASM.dat 2013-08-28 08:27 - 2013-08-28 08:27 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$ 2013-08-27 08:08 - 2012-07-26 10:42 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2013-08-26 15:19 - 2013-08-26 15:07 - 97197557 _____ C:\Documents and Settings\Właściciel\Pulpit\Kanye West - Yeezus (2013).rar 2013-08-26 11:55 - 2013-08-23 09:40 - 00000000 ____D C:\Program Files\Mozilla Firefox 2013-08-26 08:07 - 2011-01-17 17:59 - 00356952 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2013-08-23 12:16 - 2013-08-23 12:16 - 00000482 _____ C:\tmp.tif 2013-08-23 12:11 - 2013-08-23 12:11 - 00000000 ____D C:\Program Files\LINKMAGIC 2013-08-23 12:11 - 2013-08-23 12:11 - 00000000 ____D C:\FBBM 2013-08-23 12:11 - 2013-08-23 11:54 - 00000071 _____ C:\WINDOWS\install.ini 2013-08-23 12:11 - 2011-01-17 20:55 - 00000000 ___HD C:\Program Files\InstallShield Installation Information 2013-08-23 12:11 - 2011-01-17 17:52 - 00000000 ____D C:\WINDOWS\twain_32 2013-08-23 11:54 - 2013-08-23 11:54 - 00000000 ____D C:\LinkMagic 2013-08-23 11:54 - 2011-01-17 17:15 - 00000000 ___RD C:\Documents and Settings\Właściciel\Moje dokumenty\Moje obrazy 2013-08-23 09:13 - 2013-07-09 12:48 - 00000324 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job 2013-08-23 09:07 - 2013-08-23 09:07 - 04429440 _____ (Piriform Ltd) C:\Documents and Settings\Właściciel\Pulpit\ccsetup404.exe 2013-08-22 14:20 - 2013-08-22 14:20 - 00773800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100.dll 2013-08-22 14:20 - 2013-08-22 14:20 - 00421032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp100.dll 2013-08-22 13:23 - 2013-08-22 13:23 - 00212073 _____ C:\Documents and Settings\Właściciel\Pulpit\magazyn Bez tytułu 1.ods 2013-08-22 11:37 - 2011-02-10 14:10 - 00000000 ____D C:\WINDOWS\Microsoft.NET 2013-08-22 09:24 - 2013-08-22 09:22 - 00000000 ____D C:\WINDOWS\system32\MRT 2013-08-22 09:21 - 2011-01-19 23:11 - 75778376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2013-08-22 09:17 - 2011-01-17 18:00 - 01196720 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2013-08-22 09:17 - 2006-03-02 14:00 - 00536398 _____ C:\WINDOWS\system32\perfh015.dat 2013-08-22 09:17 - 2006-03-02 14:00 - 00095680 _____ C:\WINDOWS\system32\perfc015.dat 2013-08-22 09:14 - 2013-08-22 09:14 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2863058$ 2013-08-22 09:14 - 2013-08-22 09:14 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2859537$ 2013-08-22 09:14 - 2013-08-22 09:14 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850869$ 2013-08-22 09:14 - 2011-01-19 23:00 - 00037308 _____ C:\WINDOWS\system32\TZLog.log 2013-08-22 09:13 - 2013-08-22 09:13 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2849470$ Files to move or delete: ==================== C:\DOCUME~1\WACICI~1\USTAWI~1\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe [2006-03-02 14:00] - [2008-04-14 19:21] - 1035264 ____A (Microsoft Corporation) c791ed9eac5e76d9525e157b1d7a599a C:\Windows\System32\winlogon.exe [2006-03-02 14:00] - [2008-04-14 19:21] - 0510464 ____A (Microsoft Corporation) 51fd2e13d723857b9ca239ae77150f48 C:\Windows\System32\svchost.exe [2006-03-02 14:00] - [2008-04-14 19:21] - 0014336 ____A (Microsoft Corporation) 8607d35d92528e2df386f19a960d23ce C:\Windows\System32\services.exe [2006-03-02 14:00] - [2009-02-09 13:25] - 0111104 ____A (Microsoft Corporation) 02a467e27af55f7064c5b251e587315f C:\Windows\System32\User32.dll [2006-03-02 14:00] - [2008-04-14 19:20] - 0580096 ____A (Microsoft Corporation) a435c5c069afd901751ac323ad238793 C:\Windows\System32\userinit.exe [2006-03-02 14:00] - [2008-04-14 19:21] - 0026624 ____A (Microsoft Corporation) 2a5b37d520508be6570a3ea79695f5b5 C:\Windows\System32\Drivers\volsnap.sys [2006-03-02 14:00] - [2008-04-14 18:01] - 0052864 ____A (Microsoft Corporation) 56b191ac5fc0df219949c95a6c87afe7 ==================== End Of Log ============================