Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014 01 Ran by Viola (administrator) on VIOLA_LENOVO on 04-04-2014 12:17:32 Running from K:\fixitpc\inne\Farbar Recovery Scan Tool (FRST)\32 Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polish Internet Explorer Version 8 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (Lenovo) C:\WINDOWS\system32\ibmpmsvc.exe (Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe (Intel Corporation ) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Lenovo Group Limited) C:\WINDOWS\system32\IPSSVC.EXE (Lenovo ) C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe (Diskeeper Corporation) C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe (Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe () C:\Documents and Settings\All Users\Dane aplikacji\DatacardService\HWDeviceService.exe (InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (Intel Corporation) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Rocket Division Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe ( ) c:\program files\lenovo\system update\suservice.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe (Lenovo Group Limited) C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe (Lenovo.) C:\WINDOWS\System32\TPHDEXLG.exe () C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe (Lenovo Group Limited) C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe (Lenovo ) C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe (Lenovo ) C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\tv_w32.exe (Lenovo Group Limited) C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe (Diskeeper Corporation) C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe (Lenovo.) C:\WINDOWS\system32\TpShocks.exe (Lenovo Group Limited) C:\Program Files\Lenovo\Zoom\TpScrex.exe (Intel Corporation) C:\WINDOWS\system32\igfxtray.exe (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe (Intel Corporation) C:\WINDOWS\system32\igfxpers.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe (InstallShield Software Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastUI.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apntex.exe (Lenovo Group Limited) C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited) C:\Program Files\Lenovo\AwayTask\AwaySch.EXE (Gadu-Gadu S.A.) C:\Program Files\Gadu-Gadu\gg.exe (Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin (Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTStackServer.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Ghisler Software GmbH) C:\totalcmd\TOTALCMD.EXE (Intel Corporation) C:\WINDOWS\system32\igfxext.exe (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe (Intel Corporation) C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe (OldTimer Tools) k:\fixitpc\OTL\OTL.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [TPFNF7] - C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe [58416 2007-04-09] (Lenovo Group Limited) HKLM\...\Run: [TPHOTKEY] - C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe [66176 2007-03-09] (Lenovo Group Limited) HKLM\...\Run: [Apoint] - C:\Program Files\Apoint2K\Apoint.exe [172032 2007-03-05] (Alps Electric Co., Ltd.) HKLM\...\Run: [] - [X] HKLM\...\Run: [TpShocks] - C:\WINDOWS\system32\TpShocks.exe [181808 2007-03-29] (Lenovo.) HKLM\...\Run: [ISUSPM Startup] - C:\Program Files\Common Files\Installshield\UpdateService\ISUSPM.exe [221184 2004-07-27] (InstallShield Software Corporation) HKLM\...\Run: [ISUSScheduler] - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2004-07-27] (InstallShield Software Corporation) HKLM\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4297136 2012-10-31] (AVAST Software) HKLM\...\Run: [TVT Scheduler Proxy] - C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe [536576 2007-02-08] (Lenovo Group Limited) HKLM\...\Run: [AwaySch] - C:\Program Files\Lenovo\AwayTask\AwaySch.EXE [91688 2006-11-07] (Lenovo Group Limited) HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) Winlogon\Notify\ACNotify: C:\Program Files\ThinkPad\ConnectUtilities\ACNotify.dll (Lenovo ) Winlogon\Notify\tpfnf2: C:\Program Files\Lenovo\HOTKEY\notifyf2.dll () Winlogon\Notify\tphotkey: C:\Program Files\Lenovo\HOTKEY\tphklock.dll () HKU\S-1-5-21-841416981-3060091748-961958888-1005\...\Run: [Gadu-Gadu] - C:\Program Files\Gadu-Gadu\gg.exe [2127296 2008-03-20] (Gadu-Gadu S.A.) HKU\S-1-5-21-841416981-3060091748-961958888-1005\...\MountPoints2: {081f1928-ba8e-11e3-8664-001e4cda9302} - G:\AutoRun.exe HKU\S-1-5-21-841416981-3060091748-961958888-1005\...\MountPoints2: {372cb728-3104-11e2-854f-806d6172696f} - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL KitSetup.exe HKU\S-1-5-21-841416981-3060091748-961958888-1005\...\MountPoints2: {70b21fb2-bb38-11e3-866c-bd1693dd52e8} - G:\AutoRun.exe HKU\S-1-5-21-841416981-3060091748-961958888-1005\...\MountPoints2: {83b433ca-c6e7-11e2-856e-001e3723db44} - G:\Launcher.exe HKU\S-1-5-21-841416981-3060091748-961958888-1005\...\MountPoints2: {b49486a6-8bf7-11e3-8614-001e4cda9302} - G:\AutoRun.exe HKU\S-1-5-21-841416981-3060091748-961958888-1005\...\MountPoints2: {b49486a8-8bf7-11e3-8614-001e4cda9302} - G:\AutoRun.exe HKU\S-1-5-21-841416981-3060091748-961958888-1005\...\MountPoints2: {b49486ab-8bf7-11e3-8614-001e4cda9302} - G:\AutoRun.exe HKU\S-1-5-21-841416981-3060091748-961958888-1005\...\MountPoints2: {ccd99446-b76e-11e3-865c-001e4cda9302} - G:\AutoRun.exe HKU\S-1-5-21-841416981-3060091748-961958888-1005\...\MountPoints2: {ccd9944b-b76e-11e3-865c-001e4cda9302} - G:\AutoRun.exe HKU\S-1-5-21-841416981-3060091748-961958888-1005\...\MountPoints2: {ccd9944d-b76e-11e3-865c-001e4cda9302} - G:\AutoRun.exe Lsa: [Notification Packages] scecli ACGina Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\BTTray.lnk ShortcutTarget: BTTray.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.) Startup: C:\Documents and Settings\Viola\Menu Start\Programy\Autostart\OpenOffice.org 3.3.lnk ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe () ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&entrypoint={referrer:source?}&FORM=LENIE SearchScopes: HKCU - {B5C76DF6-453A-4CEC-A5C5-B4BED075ABF6} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL (Sonic Solutions) BHO: ALLYouTubeDownloader - {61DB16C5-B733-43F4-872E-B20DC9E72740} - C:\Program Files\ALLYouTubeDownloader\ALLYouTubeDownloader.dll (ALLCinema Ltd.) BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation) BHO: IplexToALLPlayer - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.) BHO: CPwmIEBrowserHelper Object - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited) Toolbar: HKLM - Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation) Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) Toolbar: HKCU - Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation) DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1353399011093 DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab DPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab Tcpip\Parameters: [DhcpNameServer] 10.0.0.1 Tcpip\..\Interfaces\{9A1B7BC7-82E8-49C5-9DBE-8F43C36CF3A3}: [NameServer]208.67.222.222,208.67.220.220 FireFox: ======== FF ProfilePath: C:\Documents and Settings\Viola\Dane aplikacji\Mozilla\Firefox\Profiles\eikt51yw.default-1396458443062 FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll () FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.) FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll No File FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! WebRep - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-11-19] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [] ========================== Services (Whitelisted) ================= R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [44808 2012-10-31] (AVAST Software) R2 Diskeeper; C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe [622700 2006-05-23] (Diskeeper Corporation) R2 HWDeviceService.exe; C:\Documents and Settings\All Users\Dane aplikacji\DatacardService\HWDeviceService.exe [271712 2011-03-14] () R2 IPSSVC; C:\WINDOWS\system32\IPSSVC.EXE [108080 2007-01-30] (Lenovo Group Limited) S3 Mobile Partner. RunOuc; C:\Program Files\Mobile Partner\UpdateDog\ouc.exe [655744 2012-06-28] () R2 S24EventMonitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [983040 2007-04-16] (Intel Corporation ) R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software) R2 SUService; c:\program files\lenovo\system update\suservice.exe [11776 2006-12-15] ( ) R2 TVT Backup Protection Service; C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe [569344 2007-02-08] () S4 TVT Scheduler; c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe [1118208 2007-02-08] (Lenovo Group Limited) S4 tvtnetwk; C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe [45056 2007-02-08] () S3 WMConnectCDS; C:\Program Files\Windows Media Connect 2\wmccds.exe [856064 2005-10-06] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== R1 Aavmker4; C:\WINDOWS\system32\Drivers\Aavmker4.sys [25256 2012-10-31] (AVAST Software) S4 abp480n5; C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation) S3 ac97intc; C:\WINDOWS\System32\drivers\ac97intc.sys [96256 2001-08-17] (Intel Corporation) R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21393 2012-11-17] (Cisco Systems, Inc.) R1 ANC; C:\WINDOWS\System32\drivers\ANC.SYS [11520 2005-11-08] (IBM Corp.) R2 aswFsBlk; C:\WINDOWS\system32\Drivers\aswFsBlk.sys [21256 2012-10-31] (AVAST Software) R2 aswMon2; C:\WINDOWS\system32\Drivers\aswMon2.sys [97608 2012-10-31] (AVAST Software) R1 AswRdr; C:\WINDOWS\system32\Drivers\AswRdr.sys [35928 2012-10-31] (AVAST Software) R1 aswSnx; C:\WINDOWS\system32\Drivers\aswSnx.sys [738504 2012-10-31] (AVAST Software) R1 aswSP; C:\WINDOWS\system32\Drivers\aswSP.sys [361032 2012-10-31] (AVAST Software) R1 aswTdi; C:\WINDOWS\system32\Drivers\aswTdi.sys [54232 2012-10-31] (AVAST Software) R3 btaudio; C:\WINDOWS\System32\drivers\btaudio.sys [530861 2007-01-24] (Broadcom Corporation.) R3 BTDriver; C:\WINDOWS\System32\DRIVERS\btport.sys [30459 2006-10-09] (Broadcom Corporation.) R3 BTKRNL; C:\WINDOWS\System32\DRIVERS\btkrnl.sys [868042 2007-02-27] (Broadcom Corporation.) R3 BTWDNDIS; C:\WINDOWS\System32\DRIVERS\btwdndis.sys [149123 2006-10-15] (Broadcom Corporation.) R3 BTWUSB; C:\WINDOWS\System32\Drivers\btwusb.sys [67960 2007-01-24] (Broadcom Corporation.) R2 DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [25628 2006-02-02] (Sonic Solutions) R1 DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [5660 2005-11-18] (Sonic Solutions) R2 DLADResN; C:\WINDOWS\System32\DLA\DLADResN.SYS [2496 2006-02-02] (Sonic Solutions) R2 DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [86652 2006-02-02] (Sonic Solutions) R2 DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [14684 2006-02-02] (Sonic Solutions) R2 DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [6364 2006-02-02] (Sonic Solutions) R1 DLARTL_N; C:\WINDOWS\System32\Drivers\DLARTL_N.SYS [22684 2005-11-18] (Sonic Solutions) R2 DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [94332 2006-02-02] (Sonic Solutions) R2 DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [87036 2006-02-02] (Sonic Solutions) R2 DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [40544 2005-11-18] (Sonic Solutions) S3 G400; C:\WINDOWS\System32\DRIVERS\G400m.sys [322432 2001-10-26] (Matrox Graphics Inc.) R3 HdAudAddService; C:\WINDOWS\System32\drivers\CHDAudN.sys [666112 2007-04-27] (Conexant Systems Inc.) R3 HSFHWAZL; C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys [210688 2007-03-25] (Conexant Systems, Inc.) R3 HSF_DPV; C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys [988032 2007-03-25] (Conexant Systems, Inc.) S3 huawei_cdcacm; C:\WINDOWS\System32\DRIVERS\ew_jucdcacm.sys [96000 2012-08-20] (Huawei Technologies Co., Ltd.) S3 huawei_cdcecm; C:\WINDOWS\System32\DRIVERS\ew_jucdcecm.sys [69760 2012-08-20] (Huawei Technologies Co., Ltd.) S3 huawei_ext_ctrl; C:\WINDOWS\System32\DRIVERS\ew_juextctrl.sys [27520 2012-08-20] (Huawei Technologies Co., Ltd.) R1 IBMTPCHK; C:\WINDOWS\system32\Drivers\IBMBLDID.sys [4224 2007-04-02] () R3 Iviaspi; C:\WINDOWS\System32\drivers\iviaspi.sys [21060 2003-09-11] (InterVideo, Inc.) R3 NETw4x32; C:\WINDOWS\System32\DRIVERS\NETw4x32.sys [2206976 2007-04-30] (Intel Corporation) R2 pmem; C:\WINDOWS\System32\drivers\pmemnt.sys [7012 2012-11-18] (Microsoft Corporation) R2 PROCDD; C:\WINDOWS\System32\DRIVERS\PROCDD.SYS [12080 2006-11-06] (Lenovo Group Limited) R2 s24trans; C:\WINDOWS\System32\DRIVERS\s24trans.sys [12416 2007-03-29] (Intel Corporation) R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [716272 2012-12-27] () R1 TPHKDRV; C:\WINDOWS\System32\DRIVERS\TPHKDRV.sys [17778 2006-10-23] (IBM Corporation) R1 TPPWRIF; C:\WINDOWS\System32\drivers\Tppwrif.sys [4442 2007-06-17] () R1 TSMAPIP; C:\WINDOWS\System32\drivers\TSMAPIP.SYS [12848 2007-04-09] () R1 tStLibG; C:\WINDOWS\System32\drivers\tStLibG.sys [55224 2014-03-25] (StdLib) R3 TVTPktFilter; C:\WINDOWS\System32\DRIVERS\tvtpktfilter.sys [17664 2007-02-08] (Lenovo Group Limited) U3 a2istnk3; C:\WINDOWS\system32\Drivers\a2istnk3.sys [0 ] (Microsoft Corporation) S3 adusbser; system32\DRIVERS\adusbser.sys [X] U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [249472 2012-04-20] (Huawei Technologies Co., Ltd.) U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation) U1 WS2IFSL; ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-04-04 11:26 - 2014-04-04 11:26 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Debugging Tools for Windows (x86) 2014-04-04 11:25 - 2014-04-04 11:25 - 00000000 ____D () C:\WinDDK 2014-04-03 22:58 - 2014-04-03 22:59 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-04-03 21:23 - 2014-04-04 09:06 - 00000222 _____ () C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job 2014-04-03 21:23 - 2014-04-04 09:06 - 00000216 _____ () C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — co miesiąc.job 2014-04-03 21:23 - 2014-04-03 21:23 - 00000000 __SHD () C:\Documents and Settings\NetworkService\IETldCache 2014-04-03 20:42 - 2014-04-03 20:42 - 00016177 _____ () C:\WINDOWS\KB2925418-IE8.log 2014-04-03 20:40 - 2014-04-03 20:40 - 00008444 _____ () C:\WINDOWS\KB2934207.log 2014-04-03 20:40 - 2014-04-03 20:40 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB970430$ 2014-04-03 20:40 - 2014-04-03 20:40 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$ 2014-04-03 20:40 - 2014-04-03 20:40 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$ 2014-04-03 20:40 - 2014-04-03 20:40 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2345886$ 2014-04-03 20:34 - 2014-04-03 20:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$ 2014-04-03 20:34 - 2014-04-03 20:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2898715$ 2014-04-03 20:33 - 2014-04-03 20:33 - 00006715 _____ () C:\WINDOWS\KB961118.log 2014-04-03 20:33 - 2014-04-03 20:33 - 00006300 _____ () C:\WINDOWS\KB2904266.log 2014-04-03 20:33 - 2014-04-03 20:33 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB961118$ 2014-04-03 20:33 - 2014-04-03 20:33 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2904266$ 2014-04-03 20:29 - 2014-04-03 20:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$ 2014-04-03 20:25 - 2014-04-03 20:25 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2893294$ 2014-04-03 20:25 - 2014-04-03 20:25 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2892075$ 2014-04-03 20:19 - 2014-04-03 20:22 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-04-03 20:19 - 2014-03-02 14:03 - 87350280 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-04-03 20:18 - 2014-04-03 20:18 - 00005285 _____ () C:\WINDOWS\KB2909210-IE8.log 2014-04-03 20:15 - 2014-04-03 20:42 - 00000000 ____D () C:\WINDOWS\ie8updates 2014-04-03 20:15 - 2014-04-03 20:15 - 00007945 _____ () C:\WINDOWS\KB2510531-IE8.log 2014-04-03 20:10 - 2014-04-03 20:10 - 00005174 _____ () C:\WINDOWS\KB2914368.log 2014-04-03 20:10 - 2014-04-03 20:10 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$ 2014-04-03 19:55 - 2014-02-24 13:35 - 00743424 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedvtool.dll 2014-04-03 19:55 - 2014-02-24 13:35 - 00522240 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsdbgui.dll 2014-04-03 19:55 - 2014-02-24 13:35 - 00247808 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieproxy.dll 2014-04-03 19:55 - 2014-02-24 13:35 - 00012800 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xpshims.dll 2014-04-03 19:48 - 2014-04-03 20:40 - 00016035 _____ () C:\WINDOWS\KB2345886.log 2014-04-03 19:48 - 2014-04-03 20:40 - 00014146 _____ () C:\WINDOWS\KB2916036.log 2014-04-03 19:48 - 2014-02-27 01:28 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\xp_eos.exe 2014-04-03 19:48 - 2014-02-27 01:28 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xp_eos.exe 2014-04-03 19:45 - 2014-04-03 20:34 - 00012198 _____ () C:\WINDOWS\KB2898715.log 2014-04-03 19:45 - 2014-04-03 20:34 - 00010872 _____ () C:\WINDOWS\KB2929961.log 2014-04-03 19:44 - 2009-01-09 21:19 - 01089883 ____N () C:\WINDOWS\system32\dllcache\ntprint.cat 2014-04-03 19:41 - 2014-04-03 20:30 - 00011483 _____ () C:\WINDOWS\KB2930275.log 2014-04-03 19:38 - 2014-04-03 20:25 - 00010348 _____ () C:\WINDOWS\KB2893294.log 2014-04-03 19:37 - 2014-04-03 20:25 - 00009851 _____ () C:\WINDOWS\KB2892075.log 2014-04-03 19:23 - 2014-04-03 19:24 - 00008350 _____ () C:\WINDOWS\WgaNotify.log 2014-04-03 16:36 - 2014-04-03 16:36 - 00000761 _____ () C:\Documents and Settings\All Users\Pulpit\Mobile Partner.lnk 2014-04-03 16:36 - 2014-04-03 16:36 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Mobile Partner 2014-04-03 16:36 - 2012-08-20 02:54 - 00096000 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_jucdcacm.sys 2014-04-03 16:36 - 2012-08-20 02:54 - 00076544 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_jubusenum.sys 2014-04-03 16:36 - 2012-08-20 02:54 - 00069760 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_jucdcecm.sys 2014-04-03 16:36 - 2012-08-20 02:54 - 00027520 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_juextctrl.sys 2014-04-03 16:36 - 2012-04-20 08:14 - 00249472 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ewusbnet.sys 2014-04-03 16:36 - 2011-12-31 03:20 - 00199168 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ewusbmdm.sys 2014-04-03 16:36 - 2010-10-08 10:55 - 00025856 _____ (Huawei Tech. Co., Ltd.) C:\WINDOWS\system32\Drivers\ewdcsc.sys 2014-04-03 16:36 - 2010-09-26 12:09 - 00019200 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_hwupgrade.sys 2014-04-03 16:36 - 2010-08-06 01:42 - 00861696 _____ (DiBcom SA) C:\WINDOWS\system32\Drivers\mod7700.sys 2014-04-03 16:36 - 2010-07-27 03:52 - 00102784 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_hwusbdev.sys 2014-04-03 16:36 - 2010-03-20 06:06 - 00011136 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_usbenumfilter.sys 2014-04-03 16:36 - 2005-05-13 10:27 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccid.sys 2014-04-03 16:35 - 2014-04-03 16:37 - 00000000 ____D () C:\Program Files\Mobile Partner 2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\Program Files\HD Tune 2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\HD Tune 2014-04-02 23:44 - 2014-04-02 23:44 - 00000000 __SHD () C:\Documents and Settings\Administrator\IETldCache 2014-04-02 20:52 - 2014-04-02 20:54 - 00000000 ____D () C:\AdwCleaner 2014-04-02 19:07 - 2014-04-02 19:07 - 00000000 ____D () C:\Documents and Settings\Viola\Pulpit\Stare dane programu Firefox 2014-04-02 18:50 - 2014-04-02 18:50 - 00000000 ____D () C:\WINDOWS\system32\appmgmt 2014-04-01 07:42 - 2014-04-01 07:42 - 00000000 ____D () C:\WINDOWS\system32\LogFiles 2014-03-28 15:51 - 2014-03-28 15:51 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\OnlineUpdate 2014-03-28 15:51 - 2014-03-28 15:51 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\log 2014-03-25 18:22 - 2014-03-25 18:22 - 00055224 _____ (StdLib) C:\WINDOWS\system32\Drivers\tStLibG.sys 2014-03-25 15:10 - 2014-04-04 12:17 - 00000000 ____D () C:\FRST 2014-03-24 22:43 - 2014-03-24 22:43 - 00007168 ___SH () C:\Documents and Settings\Viola\Pulpit\Thumbs.db 2014-03-19 15:04 - 2014-03-19 15:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB952011$ 2014-03-19 15:04 - 2014-03-19 15:04 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Picasa 3 2014-03-19 15:03 - 2014-03-19 15:04 - 00008805 _____ () C:\WINDOWS\KB952011.log 2014-03-19 15:03 - 2014-03-19 15:03 - 00000000 ____D () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Google 2014-03-11 22:07 - 2014-03-11 22:07 - 04550656 _____ (Google Inc.) C:\WINDOWS\system32\GPhotos.scr 2014-03-11 21:34 - 2014-03-11 21:34 - 00922112 ____N (Microsoft Corporation) C:\WINDOWS\system32\imapi2fs.dll 2014-03-11 21:34 - 2014-03-11 21:34 - 00922112 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imapi2fs.dll 2014-03-11 21:34 - 2014-03-11 21:34 - 00426496 ____N (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll 2014-03-11 21:34 - 2014-03-11 21:34 - 00426496 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imapi2.dll 2014-03-11 21:34 - 2014-03-11 21:34 - 00062592 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cdrom.sys ==================== One Month Modified Files and Folders ======= 2014-04-04 12:17 - 2014-03-25 15:10 - 00000000 ____D () C:\FRST 2014-04-04 12:16 - 2012-11-19 11:08 - 00000930 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-04-04 12:08 - 2012-11-18 00:41 - 00000254 _____ () C:\WINDOWS\Tasks\Sprawdź aktualizacje paska narzędzi Windows Live Toolbar.job 2014-04-04 12:05 - 2012-11-17 23:57 - 00027840 _____ () C:\WINDOWS\system32\TPAPSLOG.LOG 2014-04-04 11:26 - 2014-04-04 11:26 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Debugging Tools for Windows (x86) 2014-04-04 11:26 - 2012-11-18 00:12 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy 2014-04-04 11:25 - 2014-04-04 11:25 - 00000000 ____D () C:\WinDDK 2014-04-04 11:14 - 2012-11-19 11:14 - 00000000 ____D () C:\Documents and Settings\Viola\Moje dokumenty\Pobieranie 2014-04-04 11:13 - 2013-08-10 17:38 - 00000000 ____D () C:\FOTO 2014-04-04 10:15 - 2012-11-19 11:15 - 00000362 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job 2014-04-04 09:25 - 2012-11-18 00:30 - 00000000 ___RD () C:\Documents and Settings\Viola\Moje dokumenty 2014-04-04 09:08 - 2012-11-19 10:57 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-04-04 09:07 - 2012-11-18 00:12 - 01946548 _____ () C:\WINDOWS\WindowsUpdate.log 2014-04-04 09:07 - 2012-11-18 00:12 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit 2014-04-04 09:06 - 2014-04-03 21:23 - 00000222 _____ () C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job 2014-04-04 09:06 - 2014-04-03 21:23 - 00000216 _____ () C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — co miesiąc.job 2014-04-04 09:06 - 2014-01-02 23:32 - 00689458 _____ () C:\WINDOWS\setupapi.log 2014-04-04 09:06 - 2012-11-18 00:12 - 00002278 _____ () C:\WINDOWS\system32\wpa.dbl 2014-04-04 09:06 - 2007-03-02 14:15 - 00025297 _____ () C:\WINDOWS\system32\PROCDB.INI 2014-04-04 09:05 - 2012-11-18 00:12 - 00000157 _____ () C:\WINDOWS\wiadebug.log 2014-04-04 09:05 - 2012-11-18 00:12 - 00000050 _____ () C:\WINDOWS\wiaservc.log 2014-04-04 09:05 - 2012-11-18 00:12 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-04-04 09:05 - 2012-11-17 23:58 - 00003540 _____ () C:\TPHKLOCK.TXT 2014-04-04 09:05 - 2007-03-02 14:15 - 00000480 _____ () C:\WINDOWS\system32\IPSCtrl.INI 2014-04-04 03:06 - 2012-11-18 00:30 - 00000188 ___SH () C:\Documents and Settings\Viola\ntuser.ini 2014-04-04 03:06 - 2012-11-18 00:30 - 00000000 ____D () C:\Documents and Settings\Viola 2014-04-04 03:06 - 2012-11-18 00:12 - 00032618 _____ () C:\WINDOWS\SchedLgU.Txt 2014-04-03 22:59 - 2014-04-03 22:58 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-04-03 22:01 - 2012-11-18 00:12 - 00000586 _____ () C:\WINDOWS\win.ini 2014-04-03 22:01 - 2012-11-18 00:12 - 00000355 ___SH () C:\boot.ini 2014-04-03 22:01 - 2012-11-18 00:12 - 00000227 _____ () C:\WINDOWS\system.ini 2014-04-03 21:36 - 2012-11-18 00:12 - 00000000 ____D () C:\WINDOWS\Microsoft.NET 2014-04-03 21:23 - 2014-04-03 21:23 - 00000000 __SHD () C:\Documents and Settings\NetworkService\IETldCache 2014-04-03 21:23 - 2012-11-18 00:12 - 00000000 __SHD () C:\Documents and Settings\NetworkService 2014-04-03 21:22 - 2012-11-18 00:12 - 00125320 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-04-03 20:45 - 2012-11-18 00:12 - 01072864 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2014-04-03 20:45 - 2012-11-18 00:12 - 00500962 _____ () C:\WINDOWS\system32\perfh015.dat 2014-04-03 20:45 - 2012-11-18 00:12 - 00089458 _____ () C:\WINDOWS\system32\perfc015.dat 2014-04-03 20:42 - 2014-04-03 20:42 - 00016177 _____ () C:\WINDOWS\KB2925418-IE8.log 2014-04-03 20:42 - 2014-04-03 20:15 - 00000000 ____D () C:\WINDOWS\ie8updates 2014-04-03 20:42 - 2012-11-18 00:12 - 01077938 _____ () C:\WINDOWS\iis6.log 2014-04-03 20:42 - 2012-11-18 00:12 - 00983451 _____ () C:\WINDOWS\FaxSetup.log 2014-04-03 20:42 - 2012-11-18 00:12 - 00483973 _____ () C:\WINDOWS\ocgen.log 2014-04-03 20:42 - 2012-11-18 00:12 - 00462389 _____ () C:\WINDOWS\tsoc.log 2014-04-03 20:42 - 2012-11-18 00:12 - 00335321 _____ () C:\WINDOWS\comsetup.log 2014-04-03 20:42 - 2012-11-18 00:12 - 00309344 _____ () C:\WINDOWS\msmqinst.log 2014-04-03 20:42 - 2012-11-18 00:12 - 00233105 _____ () C:\WINDOWS\updspapi.log 2014-04-03 20:42 - 2012-11-18 00:12 - 00201715 _____ () C:\WINDOWS\ntdtcsetup.log 2014-04-03 20:42 - 2012-11-18 00:12 - 00173513 _____ () C:\WINDOWS\netfxocm.log 2014-04-03 20:42 - 2012-11-18 00:12 - 00070614 _____ () C:\WINDOWS\MedCtrOC.log 2014-04-03 20:42 - 2012-11-18 00:12 - 00060700 _____ () C:\WINDOWS\ocmsn.log 2014-04-03 20:42 - 2012-11-18 00:12 - 00051541 _____ () C:\WINDOWS\tabletoc.log 2014-04-03 20:42 - 2012-11-18 00:12 - 00049568 _____ () C:\WINDOWS\msgsocm.log 2014-04-03 20:42 - 2012-11-18 00:12 - 00001355 _____ () C:\WINDOWS\imsins.log 2014-04-03 20:40 - 2014-04-03 20:40 - 00008444 _____ () C:\WINDOWS\KB2934207.log 2014-04-03 20:40 - 2014-04-03 20:40 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB970430$ 2014-04-03 20:40 - 2014-04-03 20:40 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$ 2014-04-03 20:40 - 2014-04-03 20:40 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$ 2014-04-03 20:40 - 2014-04-03 20:40 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2345886$ 2014-04-03 20:40 - 2014-04-03 19:48 - 00016035 _____ () C:\WINDOWS\KB2345886.log 2014-04-03 20:40 - 2014-04-03 19:48 - 00014146 _____ () C:\WINDOWS\KB2916036.log 2014-04-03 20:40 - 2012-11-18 00:12 - 00001355 _____ () C:\WINDOWS\imsins.BAK 2014-04-03 20:34 - 2014-04-03 20:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$ 2014-04-03 20:34 - 2014-04-03 20:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2898715$ 2014-04-03 20:34 - 2014-04-03 19:45 - 00012198 _____ () C:\WINDOWS\KB2898715.log 2014-04-03 20:34 - 2014-04-03 19:45 - 00010872 _____ () C:\WINDOWS\KB2929961.log 2014-04-03 20:33 - 2014-04-03 20:33 - 00006715 _____ () C:\WINDOWS\KB961118.log 2014-04-03 20:33 - 2014-04-03 20:33 - 00006300 _____ () C:\WINDOWS\KB2904266.log 2014-04-03 20:33 - 2014-04-03 20:33 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB961118$ 2014-04-03 20:33 - 2014-04-03 20:33 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2904266$ 2014-04-03 20:33 - 2012-11-17 23:46 - 00122816 _____ () C:\WINDOWS\system32\TZLog.log 2014-04-03 20:30 - 2014-04-03 19:41 - 00011483 _____ () C:\WINDOWS\KB2930275.log 2014-04-03 20:29 - 2014-04-03 20:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$ 2014-04-03 20:25 - 2014-04-03 20:25 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2893294$ 2014-04-03 20:25 - 2014-04-03 20:25 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2892075$ 2014-04-03 20:25 - 2014-04-03 19:38 - 00010348 _____ () C:\WINDOWS\KB2893294.log 2014-04-03 20:25 - 2014-04-03 19:37 - 00009851 _____ () C:\WINDOWS\KB2892075.log 2014-04-03 20:22 - 2014-04-03 20:19 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-04-03 20:18 - 2014-04-03 20:18 - 00005285 _____ () C:\WINDOWS\KB2909210-IE8.log 2014-04-03 20:15 - 2014-04-03 20:15 - 00007945 _____ () C:\WINDOWS\KB2510531-IE8.log 2014-04-03 20:15 - 2014-01-05 22:01 - 00000000 ____D () C:\WINDOWS\system32\XPSViewer 2014-04-03 20:15 - 2012-11-18 00:12 - 00000000 ___HD () C:\WINDOWS\$hf_mig$ 2014-04-03 20:10 - 2014-04-03 20:10 - 00005174 _____ () C:\WINDOWS\KB2914368.log 2014-04-03 20:10 - 2014-04-03 20:10 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$ 2014-04-03 19:24 - 2014-04-03 19:23 - 00008350 _____ () C:\WINDOWS\WgaNotify.log 2014-04-03 19:24 - 2012-11-17 23:57 - 00049135 _____ () C:\WINDOWS\spupdsvc.log 2014-04-03 16:44 - 2012-11-18 00:12 - 00056407 _____ () C:\WINDOWS\setupact.log 2014-04-03 16:37 - 2014-04-03 16:35 - 00000000 ____D () C:\Program Files\Mobile Partner 2014-04-03 16:37 - 2014-02-02 17:31 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\DatacardService 2014-04-03 16:36 - 2014-04-03 16:36 - 00000761 _____ () C:\Documents and Settings\All Users\Pulpit\Mobile Partner.lnk 2014-04-03 16:36 - 2014-04-03 16:36 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Mobile Partner 2014-04-03 16:02 - 2012-11-18 00:12 - 00000188 ___SH () C:\Documents and Settings\Administrator\ntuser.ini 2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\Program Files\HD Tune 2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\HD Tune 2014-04-02 23:44 - 2014-04-02 23:44 - 00000000 __SHD () C:\Documents and Settings\Administrator\IETldCache 2014-04-02 23:44 - 2012-11-18 00:12 - 00000000 ____D () C:\Documents and Settings\Administrator 2014-04-02 21:10 - 2012-11-17 23:50 - 00052136 _____ () C:\WINDOWS\DPINST.LOG 2014-04-02 20:54 - 2014-04-02 20:52 - 00000000 ____D () C:\AdwCleaner 2014-04-02 20:54 - 2012-11-18 00:30 - 00000000 __RHD () C:\Documents and Settings\Viola\Dane aplikacji 2014-04-02 20:54 - 2012-11-18 00:12 - 00000000 __RHD () C:\Documents and Settings\All Users\Dane aplikacji 2014-04-02 19:07 - 2014-04-02 19:07 - 00000000 ____D () C:\Documents and Settings\Viola\Pulpit\Stare dane programu Firefox 2014-04-02 19:07 - 2012-11-18 00:30 - 00000000 ____D () C:\Documents and Settings\Viola\Pulpit 2014-04-02 19:01 - 2012-11-20 10:33 - 00000000 ____D () C:\Program Files\v9Soft 2014-04-02 18:50 - 2014-04-02 18:50 - 00000000 ____D () C:\WINDOWS\system32\appmgmt 2014-04-02 18:50 - 2012-11-18 00:00 - 00000000 ____D () C:\Program Files\Java 2014-04-02 18:48 - 2014-02-23 18:49 - 00000000 ____D () C:\Documents and Settings\Viola\Dane aplikacji\sweet-page 2014-04-02 18:48 - 2012-11-19 10:57 - 00000737 _____ () C:\Documents and Settings\All Users\Menu Start\Programy\Mozilla Firefox.lnk 2014-04-02 18:48 - 2012-11-19 10:57 - 00000731 _____ () C:\Documents and Settings\All Users\Pulpit\INTERNET.lnk 2014-04-02 18:48 - 2012-11-18 00:30 - 00000810 _____ () C:\Documents and Settings\Viola\Menu Start\Programy\Internet Explorer.lnk 2014-04-01 07:42 - 2014-04-01 07:42 - 00000000 ____D () C:\WINDOWS\system32\LogFiles 2014-03-28 15:51 - 2014-03-28 15:51 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\OnlineUpdate 2014-03-28 15:51 - 2014-03-28 15:51 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\log 2014-03-25 18:22 - 2014-03-25 18:22 - 00055224 _____ (StdLib) C:\WINDOWS\system32\Drivers\tStLibG.sys 2014-03-24 22:43 - 2014-03-24 22:43 - 00007168 ___SH () C:\Documents and Settings\Viola\Pulpit\Thumbs.db 2014-03-24 22:43 - 2014-02-07 18:32 - 00000000 ____D () C:\Documents and Settings\Viola\Pulpit\paula_7-2-14 2014-03-24 22:42 - 2013-07-25 18:20 - 00000000 ____D () C:\Documents and Settings\Viola\Pulpit\pmn 2014-03-19 15:04 - 2014-03-19 15:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB952011$ 2014-03-19 15:04 - 2014-03-19 15:04 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Picasa 3 2014-03-19 15:04 - 2014-03-19 15:03 - 00008805 _____ () C:\WINDOWS\KB952011.log 2014-03-19 15:04 - 2012-11-18 00:08 - 00000000 ____D () C:\Program Files\Picasa2 2014-03-19 15:03 - 2014-03-19 15:03 - 00000000 ____D () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Google 2014-03-19 15:03 - 2012-11-18 00:12 - 00000000 ___HD () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji 2014-03-19 14:44 - 2012-11-19 16:04 - 00000000 ____D () C:\Documents and Settings\Viola\Ustawienia lokalne\Dane aplikacji\GHISLER 2014-03-12 20:16 - 2012-11-19 11:08 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2014-03-12 20:16 - 2012-11-19 11:08 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2014-03-11 22:07 - 2014-03-11 22:07 - 04550656 _____ (Google Inc.) C:\WINDOWS\system32\GPhotos.scr 2014-03-11 21:34 - 2014-03-11 21:34 - 00922112 ____N (Microsoft Corporation) C:\WINDOWS\system32\imapi2fs.dll 2014-03-11 21:34 - 2014-03-11 21:34 - 00922112 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imapi2fs.dll 2014-03-11 21:34 - 2014-03-11 21:34 - 00426496 ____N (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll 2014-03-11 21:34 - 2014-03-11 21:34 - 00426496 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imapi2.dll 2014-03-11 21:34 - 2014-03-11 21:34 - 00062592 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cdrom.sys ==================== Bamital & volsnap Check ================= C:\WINDOWS\explorer.exe [2012-11-18 00:13] - [2008-04-14 23:51] - 1035264 ____A (Microsoft Corporation) c791ed9eac5e76d9525e157b1d7a599a C:\WINDOWS\system32\winlogon.exe [2012-11-18 00:13] - [2008-04-14 23:51] - 0510464 ____A (Microsoft Corporation) 51fd2e13d723857b9ca239ae77150f48 C:\WINDOWS\system32\svchost.exe [2012-11-18 00:13] - [2008-04-14 23:51] - 0014336 ____A (Microsoft Corporation) 8607d35d92528e2df386f19a960d23ce C:\WINDOWS\system32\services.exe [2012-11-18 00:13] - [2009-02-09 13:25] - 0111104 ____A (Microsoft Corporation) 02a467e27af55f7064c5b251e587315f C:\WINDOWS\system32\User32.dll [2012-11-18 00:13] - [2008-04-14 23:50] - 0580096 ____A (Microsoft Corporation) a435c5c069afd901751ac323ad238793 C:\WINDOWS\system32\userinit.exe [2012-11-18 00:13] - [2008-04-14 23:51] - 0026624 ____A (Microsoft Corporation) 2a5b37d520508be6570a3ea79695f5b5 C:\WINDOWS\system32\rpcss.dll [2012-11-18 00:13] - [2009-02-09 12:53] - 0401408 ____A (Microsoft Corporation) a37311d9d628c1042a2836731787f0f3 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected. C:\WINDOWS\system32\Drivers\volsnap.sys [2012-11-18 00:13] - [2008-04-14 22:31] - 0052864 ____A (Microsoft Corporation) 56b191ac5fc0df219949c95a6c87afe7 ==================== End Of Log ============================