Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-12-2013 02 Ran by Maciej (administrator) on MACIEJ-F721B526 on 21-12-2013 22:07:28 Running from C:\Documents and Settings\Maciej\Pulpit Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polish Internet Explorer Version 8 Boot Mode: Normal ==================== Processes (Whitelisted) =================== (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (HP) C:\WINDOWS\system32\HPZipm12.exe () C:\WINDOWS\system32\PnkBstrA.exe () C:\WINDOWS\system32\PnkBstrB.exe (Skype Technologies) C:\Program Files\Skype\Updater\Updater.exe (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (AQQ Sp. z o.o.) C:\Program Files\WapSter\WapSter AQQ\AQQ.exe (Logitech Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech Inc.) C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDCPL] - C:\WINDOWS\RTHDCPL.exe [16248320 2006-06-28] (Realtek Semiconductor Corp.) HKLM\...\Run: [Alcmtr] - C:\WINDOWS\Alcmtr.exe [69632 2005-05-03] (Realtek Semiconductor Corp.) HKLM\...\Run: [Kernel and Hardware Abstraction Layer] - C:\WINDOWS\KHALMNPR.Exe [56080 2007-04-11] (Logitech Inc.) HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup HKLM\...\Run: [NvMediaCenter] - RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login HKLM\...\Run: [nwiz] - C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [1982312 2013-01-03] () HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5078504 2013-03-21] (ESET) HKCU\...\Run: [AQQ] - C:\Program Files\WapSter\WapSter AQQ\AQQ.exe [8062464 2013-07-25] (AQQ Sp. z o.o.) HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd) MountPoints2: {f2fc8296-cf6e-11e1-8f68-001617bb3d14} - G:\Autorun.exe HKU\Default User\...\RunOnce: [NeroHomeFirstStart] - C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe [ 2005-10-28] (Nero AG) Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Logitech Desktop Messenger.lnk ShortcutTarget: Logitech Desktop Messenger.lnk -> C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech Inc.) Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Logitech SetPoint.lnk ShortcutTarget: Logitech SetPoint.lnk -> C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech Inc.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKLM - DefaultScope value is missing. BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: IplexToALLPlayer - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.) Toolbar: HKCU - &Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) Toolbar: HKCU - &Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.) Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Documents and Settings\Maciej\Dane aplikacji\Mozilla\Firefox\Profiles\cgulmlrn.default-1387659729906 FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll () FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Documents and Settings\Maciej\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird Chrome: ======= CHR DefaultSearchKeyword: google.pl CHR DefaultSearchProvider: Google CHR DefaultSearchURL: {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding} CHR DefaultNewTabURL: {google:baseURL}_/chrome/newtab?{google:RLZ}{google:instantExtendedEnabledParameter}{google:ntpIsThemedParameter}ie={inputEncoding} CHR Plugin: (Widevine Content Decryption Module) - C:\Documents and Settings\Maciej\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\WidevineCDM\1.4.1.376\_platform_specific\win_x86\widevinecdmadapter.dll () CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll () CHR Plugin: (2007 Microsoft Office system) - C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation) CHR Plugin: (Winamp Application Detector) - C:\Program Files\Mozilla Firefox\plugins\npwachk.dll (Nullsoft, Inc.) CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation) CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.)) CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation) CHR Plugin: (Unity Player) - C:\Documents and Settings\Maciej\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) CHR Plugin: (Java(TM) Platform SE 7 U45) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (Windows Presentation Foundation) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll () ========================== Services (Whitelisted) ================= R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [1341664 2013-03-21] (ESET) R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [75064 2012-07-29] () R2 PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [214520 2012-07-29] () R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf" S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [x] ==================== Drivers (Whitelisted) ==================== R1 AmdK8; C:\Windows\System32\DRIVERS\AmdK8.sys [36352 2005-03-09] (Advanced Micro Devices) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2012-07-16] (DT Soft Ltd) R1 eamon; C:\Windows\System32\DRIVERS\eamon.sys [161368 2013-01-10] (ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [122240 2013-01-10] (ESET) R1 epfwtdir; C:\Windows\System32\DRIVERS\epfwtdir.sys [105784 2013-01-10] (ESET) S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [49664 2005-10-28] (HP) S3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16496 2005-10-28] (HP) S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21568 2005-10-28] (HP) R3 irsir; C:\Windows\System32\DRIVERS\irsir.sys [18688 2001-08-17] (Microsoft Corporation) R3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [28688 2007-04-11] (Logitech, Inc.) S3 nm; C:\Windows\System32\DRIVERS\NMnt.sys [40320 2008-04-15] (Microsoft Corporation) S3 NPF; C:\Windows\System32\drivers\npf.sys [32512 2005-08-02] (CACE Technologies) R0 nvata; C:\Windows\System32\DRIVERS\nvata.sys [100736 2006-04-24] (NVIDIA Corporation) R3 NVENETFD; C:\Windows\System32\DRIVERS\NVENETFD.sys [52736 2006-03-22] (NVIDIA Corporation) R3 nvnetbus; C:\Windows\System32\DRIVERS\nvnetbus.sys [18944 2006-03-22] (NVIDIA Corporation) S3 PnkBstrK; C:\WINDOWS\system32\drivers\PnkBstrK.sys [137464 2012-07-29] () R3 Rasirda; C:\Windows\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation) S3 tizeqdrv; C:\Documents and Settings\Maciej\Dane aplikacji\TZAC2\tizeq32.sys [134328 2012-08-24] () S4 IntelIde; No ImagePath U1 WS2IFSL; ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-12-21 22:02 - 2013-12-21 22:02 - 00000000 ____D C:\Documents and Settings\Maciej\Pulpit\Stare dane programu Firefox 2013-12-21 21:56 - 2013-12-21 21:58 - 01325858 _____ (Farbar) C:\Documents and Settings\Maciej\Pulpit\FRST.exe 2013-12-21 21:55 - 2013-12-21 21:55 - 00000000 _____ C:\Documents and Settings\Maciej\Pulpit\Nowy Dokument tekstowy (4).txt 2013-12-21 21:53 - 2013-12-21 21:55 - 01226750 _____ C:\Documents and Settings\Maciej\Pulpit\AdwCleaner.exe 2013-12-21 21:35 - 2013-12-21 22:04 - 00000000 ____D C:\AdwCleaner 2013-12-21 21:26 - 2013-12-21 21:48 - 00000000 ____D C:\Documents and Settings\Maciej\Pulpit\Stare dane programu Firefox(2) 2013-12-21 21:21 - 2013-12-21 21:21 - 00000000 ____D C:\Documents and Settings\Maciej\Pulpit\Upload 2013-12-21 21:12 - 2013-12-21 21:12 - 00000000 _____ C:\Documents and Settings\Maciej\Pulpit\Nowy Dokument tekstowy (3).txt 2013-12-20 22:18 - 2013-12-20 22:19 - 00018918 _____ C:\Documents and Settings\Maciej\Pulpit\Addition.txt 2013-12-20 22:17 - 2013-12-21 22:07 - 00012292 _____ C:\Documents and Settings\Maciej\Pulpit\FRST.txt 2013-12-20 22:17 - 2013-12-21 21:49 - 00000000 ____D C:\FRST 2013-12-20 22:16 - 2013-12-21 21:59 - 00000000 ____D C:\Documents and Settings\Maciej\Pulpit\Nowy folder (2) 2013-12-20 22:12 - 2013-12-20 22:12 - 00067386 _____ C:\Documents and Settings\Maciej\Pulpit\OTL.Txt 2013-12-20 22:12 - 2013-12-20 22:12 - 00055744 _____ C:\Documents and Settings\Maciej\Pulpit\Extras.Txt 2013-12-08 16:30 - 2013-12-08 16:30 - 00005415 _____ C:\WINDOWS\setupapi.log 2013-12-03 22:12 - 2013-12-03 22:12 - 00000000 ____D C:\Program Files\ESET 2013-12-03 22:12 - 2013-12-03 22:12 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\ESET 2013-12-03 22:12 - 2013-12-03 22:12 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\ESET 2013-11-25 21:05 - 2013-11-25 21:05 - 00000654 _____ C:\Documents and Settings\Maciej\Pulpit\netcut.lnk 2013-11-25 21:05 - 2013-11-25 21:05 - 00000158 _____ C:\Documents and Settings\Maciej\Pulpit\netcut support.lnk 2013-11-25 21:05 - 2013-11-25 21:05 - 00000000 ____D C:\Program Files\WinPcap 2013-11-25 21:05 - 2013-11-25 21:05 - 00000000 ____D C:\Program Files\netcut 2013-11-25 21:05 - 2013-11-25 21:05 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\WinPcap 2013-11-25 21:05 - 2013-11-25 21:05 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\arcai.com 2013-11-25 21:04 - 2008-05-25 21:38 - 01877862 _____ C:\Documents and Settings\Maciej\Pulpit\netcut.exe 2013-11-25 16:43 - 2013-11-25 16:44 - 01795068 _____ C:\Documents and Settings\Maciej\Pulpit\Netcut 2.8 [FULL].rar ==================== One Month Modified Files and Folders ======= 2013-12-21 22:07 - 2013-12-20 22:17 - 00012292 _____ C:\Documents and Settings\Maciej\Pulpit\FRST.txt 2013-12-21 22:07 - 2012-05-19 16:35 - 00000000 ____D C:\Documents and Settings\Maciej\Pulpit 2013-12-21 22:06 - 2012-05-19 18:18 - 00000159 _____ C:\WINDOWS\wiadebug.log 2013-12-21 22:06 - 2012-05-19 16:23 - 00330948 _____ C:\WINDOWS\WindowsUpdate.log 2013-12-21 22:05 - 2012-11-11 20:38 - 00001032 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2013-12-21 22:05 - 2012-05-19 18:18 - 00000050 _____ C:\WINDOWS\wiaservc.log 2013-12-21 22:05 - 2012-05-19 16:35 - 00000188 ___SH C:\Documents and Settings\Maciej\ntuser.ini 2013-12-21 22:05 - 2012-05-19 16:33 - 00032512 _____ C:\WINDOWS\SchedLgU.Txt 2013-12-21 22:05 - 2012-05-19 16:33 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2013-12-21 22:04 - 2013-12-21 21:35 - 00000000 ____D C:\AdwCleaner 2013-12-21 22:04 - 2012-05-19 16:35 - 00000000 ___RD C:\Documents and Settings\Maciej\Menu Start\Programy 2013-12-21 22:04 - 2012-05-19 16:35 - 00000000 ___HD C:\Documents and Settings\Maciej\Ustawienia lokalne\Dane aplikacji 2013-12-21 22:03 - 2012-05-19 18:15 - 00000000 __RHD C:\Documents and Settings\All Users\Dane aplikacji 2013-12-21 22:02 - 2013-12-21 22:02 - 00000000 ____D C:\Documents and Settings\Maciej\Pulpit\Stare dane programu Firefox 2013-12-21 22:02 - 2013-04-28 17:23 - 00000000 ____D C:\Program Files\Mozilla Firefox 2013-12-21 21:59 - 2013-12-20 22:16 - 00000000 ____D C:\Documents and Settings\Maciej\Pulpit\Nowy folder (2) 2013-12-21 21:59 - 2012-05-19 18:51 - 00000000 ____D C:\Program Files\Winamp 2013-12-21 21:58 - 2013-12-21 21:56 - 01325858 _____ (Farbar) C:\Documents and Settings\Maciej\Pulpit\FRST.exe 2013-12-21 21:55 - 2013-12-21 21:55 - 00000000 _____ C:\Documents and Settings\Maciej\Pulpit\Nowy Dokument tekstowy (4).txt 2013-12-21 21:55 - 2013-12-21 21:53 - 01226750 _____ C:\Documents and Settings\Maciej\Pulpit\AdwCleaner.exe 2013-12-21 21:54 - 2012-05-19 18:15 - 01096384 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2013-12-21 21:54 - 2008-04-15 13:00 - 00493632 _____ C:\WINDOWS\system32\perfh015.dat 2013-12-21 21:54 - 2008-04-15 13:00 - 00084916 _____ C:\WINDOWS\system32\perfc015.dat 2013-12-21 21:50 - 2008-04-15 13:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl 2013-12-21 21:49 - 2013-12-20 22:17 - 00000000 ____D C:\FRST 2013-12-21 21:49 - 2012-05-19 16:35 - 00000000 ____D C:\Documents and Settings\Maciej 2013-12-21 21:49 - 2012-05-19 16:33 - 00000000 __SHD C:\Documents and Settings\LocalService 2013-12-21 21:49 - 2012-05-19 16:27 - 00000000 __SHD C:\Documents and Settings\NetworkService 2013-12-21 21:49 - 2012-05-19 16:21 - 00000000 ____D C:\WINDOWS\Registration 2013-12-21 21:48 - 2013-12-21 21:26 - 00000000 ____D C:\Documents and Settings\Maciej\Pulpit\Stare dane programu Firefox(2) 2013-12-21 21:48 - 2012-05-19 16:22 - 00000000 ____D C:\WINDOWS\system32\Restore 2013-12-21 21:39 - 2012-05-19 17:21 - 00000000 ____D C:\Documents and Settings\Maciej\Moje dokumenty\BitLord 2013-12-21 21:38 - 2012-05-19 16:35 - 00000000 __RHD C:\Documents and Settings\Maciej\Dane aplikacji 2013-12-21 21:23 - 2012-05-19 18:15 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Start\Programy\Autostart 2013-12-21 21:23 - 2012-05-19 16:57 - 00000000 ____D C:\Program Files\Logitech 2013-12-21 21:23 - 2012-05-19 16:57 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Logitech 2013-12-21 21:22 - 2012-05-19 16:50 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2013-12-21 21:21 - 2013-12-21 21:21 - 00000000 ____D C:\Documents and Settings\Maciej\Pulpit\Upload 2013-12-21 21:12 - 2013-12-21 21:12 - 00000000 _____ C:\Documents and Settings\Maciej\Pulpit\Nowy Dokument tekstowy (3).txt 2013-12-21 21:12 - 2012-11-11 20:38 - 00001036 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2013-12-20 22:19 - 2013-12-20 22:18 - 00018918 _____ C:\Documents and Settings\Maciej\Pulpit\Addition.txt 2013-12-20 22:12 - 2013-12-20 22:12 - 00067386 _____ C:\Documents and Settings\Maciej\Pulpit\OTL.Txt 2013-12-20 22:12 - 2013-12-20 22:12 - 00055744 _____ C:\Documents and Settings\Maciej\Pulpit\Extras.Txt 2013-12-20 21:56 - 2012-05-19 17:20 - 00000000 ____D C:\Documents and Settings\Maciej\Dane aplikacji\TS3Client 2013-12-15 18:10 - 2012-08-25 17:26 - 00000000 ____D C:\Documents and Settings\Maciej\Dane aplikacji\NoNameScript 2013-12-15 15:16 - 2012-08-25 18:41 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client 2013-12-12 18:24 - 2012-05-19 16:50 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2013-12-12 18:24 - 2012-05-19 16:50 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2013-12-08 18:54 - 2013-01-21 21:32 - 00000000 ____D C:\Documents and Settings\Maciej\Pulpit\skany 2013-12-08 16:30 - 2013-12-08 16:30 - 00005415 _____ C:\WINDOWS\setupapi.log 2013-12-06 21:53 - 2012-05-19 18:51 - 00000000 ____D C:\Documents and Settings\Maciej\Dane aplikacji\Winamp 2013-12-03 22:20 - 2013-03-15 18:09 - 00000000 ____D C:\Documents and Settings\Maciej\Dane aplikacji\Media Player Classic 2013-12-03 22:20 - 2012-06-01 18:10 - 00000000 ____D C:\WINDOWS\Minidump 2013-12-03 22:12 - 2013-12-03 22:12 - 00000000 ____D C:\Program Files\ESET 2013-12-03 22:12 - 2013-12-03 22:12 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\ESET 2013-12-03 22:12 - 2013-12-03 22:12 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\ESET 2013-12-03 22:12 - 2012-05-19 18:15 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Start\Programy 2013-11-25 21:05 - 2013-11-25 21:05 - 00000654 _____ C:\Documents and Settings\Maciej\Pulpit\netcut.lnk 2013-11-25 21:05 - 2013-11-25 21:05 - 00000158 _____ C:\Documents and Settings\Maciej\Pulpit\netcut support.lnk 2013-11-25 21:05 - 2013-11-25 21:05 - 00000000 ____D C:\Program Files\WinPcap 2013-11-25 21:05 - 2013-11-25 21:05 - 00000000 ____D C:\Program Files\netcut 2013-11-25 21:05 - 2013-11-25 21:05 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\WinPcap 2013-11-25 21:05 - 2013-11-25 21:05 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\arcai.com 2013-11-25 16:44 - 2013-11-25 16:43 - 01795068 _____ C:\Documents and Settings\Maciej\Pulpit\Netcut 2.8 [FULL].rar 2013-11-25 16:19 - 2012-12-09 16:39 - 00240640 ___SH C:\Documents and Settings\Maciej\Pulpit\Thumbs.db Some content of TEMP: ==================== C:\Documents and Settings\Maciej\Ustawienia lokalne\Temp\InstHelper.exe C:\Documents and Settings\Maciej\Ustawienia lokalne\Temp\Quarantine.exe C:\Documents and Settings\Maciej\Ustawienia lokalne\Temp\UninstallRC-8876480.dll ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe [2008-04-15 13:00] - [2008-04-15 13:00] - 1035264 ____A (Microsoft Corporation) c791ed9eac5e76d9525e157b1d7a599a C:\Windows\System32\winlogon.exe [2008-04-15 13:00] - [2008-04-15 13:00] - 0510464 ____A (Microsoft Corporation) 51fd2e13d723857b9ca239ae77150f48 C:\Windows\System32\svchost.exe [2008-04-15 13:00] - [2008-04-15 13:00] - 0014336 ____A (Microsoft Corporation) 8607d35d92528e2df386f19a960d23ce C:\Windows\System32\services.exe [2008-04-15 13:00] - [2008-04-15 13:00] - 0109056 ____A (Microsoft Corporation) 3e3ae424e27c4cefe4cab368c7b570ea C:\Windows\System32\User32.dll [2008-04-15 13:00] - [2008-04-15 13:00] - 0580096 ____A (Microsoft Corporation) a435c5c069afd901751ac323ad238793 C:\Windows\System32\userinit.exe [2008-04-15 13:00] - [2008-04-15 13:00] - 0026624 ____A (Microsoft Corporation) 2a5b37d520508be6570a3ea79695f5b5 C:\Windows\System32\Drivers\volsnap.sys [2008-04-15 13:00] - [2008-04-15 13:00] - 0052864 ____A (Microsoft Corporation) 56b191ac5fc0df219949c95a6c87afe7 ==================== End Of Log ============================