Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:22-06-2014 Ran by user (administrator) on USER-1C7EE8E800 on 25-06-2014 21:05:12 Running from C:\Documents and Settings\user\Moje dokumenty Platform: Microsoft Windows XP Home Edition Dodatek Service Pack 3 (X86) OS Language: Polski Internet Explorer Version 8 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe () C:\Documents and Settings\All Users\Dane aplikacji\BitGuard\2.7.1832.68\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe (Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe () C:\WINDOWS\system32\PnkBstrA.exe (Skype Technologies S.A.) C:\Documents and Settings\All Users\Dane aplikacji\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (StarWind Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe () C:\Program Files\DiVapton\updateDiVapton.exe () C:\Program Files\DiVapton\bin\utilDiVapton.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE () C:\Documents and Settings\All Users\Dane aplikacji\BitGuard\2.7.1832.68\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe () C:\Program Files\DiVapton\bin\DiVapton.BrowserAdapter.exe () C:\Program Files\DiVapton\bin\DiVapton.PurBrowse.exe (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe (Opera Software) C:\Program Files\Opera\22.0.1471.70\opera.exe () C:\Program Files\Opera\22.0.1471.70\opera_crashreporter.exe (Opera Software) C:\Program Files\Opera\22.0.1471.70\opera.exe (Opera Software) C:\Program Files\Opera\22.0.1471.70\opera.exe (Opera Software) C:\Program Files\Opera\22.0.1471.70\opera.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe (Opera Software) C:\Program Files\Opera\22.0.1471.70\opera.exe (Opera Software) C:\Program Files\Opera\22.0.1471.70\opera.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16861184 2008-04-10] (Realtek Semiconductor Corp.) HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.) HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152 2005-05-11] (Hewlett-Packard Co.) HKLM\...\Run: [Freecorder FLV Service] => "C:\Program Files\Freecorder\FLVSrvc.exe" /run HKLM\...\Run: [MP10_EnsureFileVer] => C:\WINDOWS\inf\unregmp2.exe [208896 2008-04-14] (Microsoft Corporation) HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.) HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.) HKLM\...\Run: [avast] => C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software) HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2012-11-16] (Advanced Micro Devices, Inc.) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.) HKU\S-1-5-21-790525478-1004336348-725345543-1004\...\Run: [RGSC] => C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent HKU\S-1-5-21-790525478-1004336348-725345543-1004\...\Run: [AlcoholAutomount] => C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team) HKU\S-1-5-21-790525478-1004336348-725345543-1004\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673696 2013-08-01] (Disc Soft Ltd) HKU\S-1-5-21-790525478-1004336348-725345543-1004\...\Run: [Adobe Reader Synchronizer] => C:\Program Files\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe [746376 2014-05-08] (Adobe Systems Incorporated) HKU\S-1-5-21-790525478-1004336348-725345543-1004\...\MountPoints2: {a828f641-fde9-11e2-b780-002421a1cf0f} - F:\setup.exe /autorun HKU\S-1-5-21-790525478-1004336348-725345543-1004\...\MountPoints2: {c7f72c40-34b0-11e3-b20d-806d6172696f} - F:\setup.exe /autorun HKU\S-1-5-21-790525478-1004336348-725345543-1004\...\MountPoints2: {cad72841-6c69-11e2-b3d3-002421a1cf0f} - F:\setup.exe /autorun AppInit_DLLs: c:\docume~1\alluse~1\daneap~1\bitguard\271832~1.68\{c16c1~1\bitguard.dll => c:\Documents and Settings\All Users\Dane aplikacji\BitGuard\2.7.1832.68\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll [3618304 2013-11-18] () Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) Startup: C:\Documents and Settings\user\Menu Start\Programy\Autostart\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk ShortcutTarget: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchgol.com/?babsrc=HP_ss&mntrId=1882002421A1CF0F&affID=125032&tsp=5035 HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.searchgol.com/?babsrc=HP_ss&mntrId=1882002421A1CF0F&affID=125032&tsp=5035 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank URLSearchHook: HKCU - UsProvider Class - {539F76FD-084E-4858-86D5-62F02F54AE86} - C:\Program Files\Minibar\Minibar.dll (KangoExtensions) SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.searchgol.com/?q={searchTerms}&babsrc=SP_ss&mntrId=1882002421A1CF0F&affID=125032&tsp=5035 SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.searchgol.com/?q={searchTerms}&babsrc=SP_ss&mntrId=1882002421A1CF0F&affID=125032&tsp=5035 SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = SearchScopes: HKCU - {FE03A9C1-EE31-47AE-89C5-3EE3DF94C840} URL = http://szukaj.gazeta.pl/portalSearch.do?s.si(navigation).navigationEnabled=true&s.sm.query={searchTerms} BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO: searchgol Helper Object - {8F547BDD-FCD4-48F8-A06F-573D6F404A3C} - C:\Program Files\searchgol\searchgol\1.8.16.19\bh\searchgol.dll (Montera Technologeis LTD) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO: MinibarBHO - {AA74D58F-ACD0-450D-A85E-6C04B171C044} - C:\Program Files\Minibar\Minibar.dll (KangoExtensions) BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) Toolbar: HKLM - searchgol Toolbar - {00078E95-3A4A-4137-8DE7-2824908D1C17} - C:\Program Files\searchgol\searchgol\1.8.16.19\searchgolTlbr.dll (Montera Technologeis LTD) Toolbar: HKCU - &Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) Toolbar: HKCU - &Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 8.8.4.4 213.241.79.37 192.168.1.248 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll () FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) ========================== Services (Whitelisted) ================= S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2009-08-13] () [File not signed] R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software) S2 AxAutoMntSrv; C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team) R2 BitGuard; C:\Documents and Settings\All Users\Dane aplikacji\BitGuard\2.7.1832.68\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe [3780064 2013-11-18] () S4 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed] R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182184 2013-07-03] (Oracle Corporation) R2 MSSQL$INSERTGT; C:\Program Files\Microsoft SQL Server\MSSQL10_50.INSERTGT\MSSQL\Binn\sqlservr.exe [42884448 2010-04-03] (Microsoft Corporation) S2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [69632 2004-09-29] (HP) [File not signed] R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [75136 2013-01-18] () S2 SENS; C:\WINDOWS\system32\svchost.exe [14336 2008-04-14] (Microsoft Corporation) R2 Skype C2C Service; C:\Documents and Settings\All Users\Dane aplikacji\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.) S4 SQLAgent$INSERTGT; C:\Program Files\Microsoft SQL Server\MSSQL10_50.INSERTGT\MSSQL\Binn\SQLAGENT.EXE [367456 2010-04-03] (Microsoft Corporation) R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed] R2 Update DiVapton; C:\Program Files\DiVapton\updateDiVapton.exe [317672 2014-06-21] () R2 Util DiVapton; C:\Program Files\DiVapton\bin\utilDiVapton.exe [317672 2014-06-21] () ==================== Drivers (Whitelisted) ==================== R1 AmdPPM; C:\WINDOWS\System32\DRIVERS\AmdPPM.sys [33792 2007-04-16] (Advanced Micro Devices) R2 aswFsBlk; C:\WINDOWS\system32\Drivers\aswFsBlk.sys [29816 2013-08-30] (AVAST Software) R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [66336 2013-08-30] (AVAST Software) R1 AswRdr; C:\WINDOWS\system32\Drivers\AswRdr.sys [49760 2013-08-30] (AVAST Software) R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49376 2013-08-30] () R1 aswSnx; C:\WINDOWS\system32\Drivers\aswSnx.sys [770344 2013-08-30] (AVAST Software) R1 aswSP; C:\WINDOWS\system32\Drivers\aswSP.sys [369584 2013-08-30] (AVAST Software) R1 aswTdi; C:\WINDOWS\system32\Drivers\aswTdi.sys [56080 2013-08-30] (AVAST Software) R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [177864 2013-08-30] () R3 AtiHDAudioService; C:\WINDOWS\System32\drivers\AtihdXP3.sys [103040 2012-05-14] (Advanced Micro Devices) S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation) R3 dtsoftbus01; C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [243128 2013-10-14] (Disc Soft Ltd) S3 hamachi; C:\WINDOWS\System32\DRIVERS\hamachi.sys [26176 2010-02-03] (LogMeIn, Inc.) S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [51120 2005-03-08] (HP) S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2005-03-08] (HP) S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21744 2005-03-08] (HP) S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation) R3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [54016 2008-01-29] (NVIDIA Corporation) R0 nvgts; C:\WINDOWS\System32\DRIVERS\nvgts.sys [132096 2008-01-25] (NVIDIA Corporation) R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [22016 2008-01-29] (NVIDIA Corporation) S4 RsFx0150; C:\WINDOWS\System32\DRIVERS\RsFx0150.sys [240608 2010-04-03] (Microsoft Corporation) R0 sfdrv01a; C:\WINDOWS\System32\drivers\sfdrv01a.sys [63352 2006-07-05] (Protection Technology (StarForce)) R0 sfsync04; C:\WINDOWS\System32\drivers\sfsync04.sys [59776 2006-08-11] (Protection Technology (StarForce)) R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [466008 2012-12-02] (Duplex Secure Ltd.) S3 ss_bbus; C:\WINDOWS\System32\DRIVERS\ss_bbus.sys [98432 2010-07-28] (MCCI) S3 ss_bmdfl; C:\WINDOWS\System32\DRIVERS\ss_bmdfl.sys [14848 2010-07-28] (MCCI Corporation) S3 ss_bmdm; C:\WINDOWS\System32\DRIVERS\ss_bmdm.sys [123648 2010-07-28] (MCCI Corporation) S3 ss_bserd; C:\WINDOWS\System32\DRIVERS\ss_bserd.sys [100224 2010-07-28] (MCCI Corporation) R1 StarOpen; C:\WINDOWS\system32\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed] R1 {ded74ddd-282b-4cdf-9d98-f616f14bf3af}t; C:\WINDOWS\System32\drivers\{ded74ddd-282b-4cdf-9d98-f616f14bf3af}t.sys [55224 2014-05-13] (StdLib) U3 a6ipx8n4; C:\WINDOWS\system32\Drivers\a6ipx8n4.sys [0 ] (NVIDIA Corporation) U3 a896sc4k; C:\WINDOWS\system32\Drivers\a896sc4k.sys [0 ] (NVIDIA Corporation) S4 IntelIde; No ImagePath S1 iSafeNetFilter; \??\C:\Program Files\iSafe\iSafeNetFilter.sys [X] U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation) U3 TlntSvr; U3 kgqcqaod; \??\C:\DOCUME~1\user\USTAWI~1\Temp\kgqcqaod.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-06-25 21:05 - 2014-06-25 21:05 - 00016250 _____ () C:\Documents and Settings\user\Moje dokumenty\FRST.txt 2014-06-25 20:34 - 2014-06-25 21:05 - 00000000 ____D () C:\FRST 2014-06-25 20:31 - 2014-06-25 20:31 - 01999960 _____ () C:\Documents and Settings\user\Pulpit\gmer.txt 2014-06-24 00:39 - 2014-06-24 00:39 - 00380416 _____ () C:\Documents and Settings\user\Moje dokumenty\1w86wnyp.exe 2014-06-24 00:38 - 2014-06-24 00:38 - 01073152 _____ (Farbar) C:\Documents and Settings\user\Moje dokumenty\FRST.exe 2014-06-24 00:38 - 2014-06-24 00:38 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\user\Moje dokumenty\OTL.exe 2014-06-19 11:55 - 2014-06-24 11:55 - 00000290 _____ () C:\WINDOWS\Tasks\WebReg psc 1500 series.job 2014-06-14 11:09 - 2014-06-20 18:12 - 00000000 ____D () C:\Documents and Settings\user\Pulpit\martyna 2014-06-08 12:09 - 2014-06-08 12:09 - 00000000 ____D () C:\Program Files\Common Files\Skype 2014-06-03 11:34 - 2014-06-25 13:38 - 00000444 _____ () C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1373054265.job 2014-05-27 12:33 - 2014-05-27 12:33 - 00102400 _____ () C:\WINDOWS\Minidump\Mini052714-01.dmp ==================== One Month Modified Files and Folders ======= 2014-06-25 21:05 - 2014-06-25 21:05 - 00016250 _____ () C:\Documents and Settings\user\Moje dokumenty\FRST.txt 2014-06-25 21:05 - 2014-06-25 20:34 - 00000000 ____D () C:\FRST 2014-06-25 21:05 - 2010-05-12 04:29 - 00000000 ___RD () C:\Documents and Settings\user\Moje dokumenty 2014-06-25 21:05 - 2010-05-12 04:29 - 00000000 ____D () C:\Documents and Settings\user\Ustawienia lokalne\Temp 2014-06-25 20:31 - 2014-06-25 20:31 - 01999960 _____ () C:\Documents and Settings\user\Pulpit\gmer.txt 2014-06-25 20:31 - 2010-05-12 04:29 - 00000000 ____D () C:\Documents and Settings\user\Pulpit 2014-06-25 20:23 - 2013-01-30 19:27 - 00000930 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-06-25 14:05 - 2010-11-19 17:17 - 00458752 _____ () C:\WINDOWS\system32\config\ACEEvent.evt 2014-06-25 13:43 - 2012-11-10 22:46 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job 2014-06-25 13:38 - 2014-06-03 11:34 - 00000444 _____ () C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1373054265.job 2014-06-25 13:38 - 2010-05-12 04:19 - 01696522 _____ () C:\WINDOWS\WindowsUpdate.log 2014-06-25 13:38 - 2010-05-12 04:17 - 00107920 _____ () C:\WINDOWS\wmsetup.log 2014-06-25 13:38 - 2004-08-04 14:00 - 00000762 _____ () C:\WINDOWS\win.ini 2014-06-25 13:37 - 2010-05-12 06:15 - 00000159 _____ () C:\WINDOWS\wiadebug.log 2014-06-25 13:37 - 2010-05-12 06:15 - 00000050 _____ () C:\WINDOWS\wiaservc.log 2014-06-25 13:37 - 2010-05-12 04:25 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-06-25 07:51 - 2010-05-12 04:25 - 00032480 _____ () C:\WINDOWS\SchedLgU.Txt 2014-06-25 00:08 - 2010-05-12 04:29 - 00000188 ___SH () C:\Documents and Settings\user\ntuser.ini 2014-06-24 23:45 - 2010-05-20 20:58 - 00000000 ____D () C:\Documents and Settings\user\Dane aplikacji\Skype 2014-06-24 19:45 - 2014-03-09 15:23 - 00002267 _____ () C:\Documents and Settings\All Users\Pulpit\Skype.lnk 2014-06-24 11:55 - 2014-06-19 11:55 - 00000290 _____ () C:\WINDOWS\Tasks\WebReg psc 1500 series.job 2014-06-24 00:39 - 2014-06-24 00:39 - 00380416 _____ () C:\Documents and Settings\user\Moje dokumenty\1w86wnyp.exe 2014-06-24 00:38 - 2014-06-24 00:38 - 01073152 _____ (Farbar) C:\Documents and Settings\user\Moje dokumenty\FRST.exe 2014-06-24 00:38 - 2014-06-24 00:38 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\user\Moje dokumenty\OTL.exe 2014-06-24 00:36 - 2010-05-12 04:29 - 00000000 ___RD () C:\Documents and Settings\user\Menu Start 2014-06-24 00:24 - 2010-05-12 06:13 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy 2014-06-24 00:24 - 2010-05-12 04:29 - 00000000 __RHD () C:\Documents and Settings\user\Dane aplikacji 2014-06-23 19:37 - 2010-11-11 12:00 - 00001324 _____ () C:\WINDOWS\system32\d3d9caps.dat 2014-06-21 12:44 - 2004-08-04 14:00 - 00002278 _____ () C:\WINDOWS\system32\wpa.dbl 2014-06-20 18:12 - 2014-06-14 11:09 - 00000000 ____D () C:\Documents and Settings\user\Pulpit\martyna 2014-06-18 10:17 - 2011-07-03 21:20 - 00000000 ____D () C:\Program Files\Opera 2014-06-17 11:23 - 2013-01-30 19:27 - 00692400 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2014-06-17 11:23 - 2013-01-30 19:27 - 00070832 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2014-06-14 11:13 - 2010-05-27 17:56 - 00112785 _____ () C:\WINDOWS\hpoins07.dat 2014-06-14 11:13 - 2010-05-27 17:56 - 00001599 _____ () C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log 2014-06-14 11:13 - 2010-05-12 06:12 - 00503842 _____ () C:\WINDOWS\setupapi.log 2014-06-14 11:12 - 2010-05-12 06:06 - 00000000 ____D () C:\WINDOWS\twain_32 2014-06-08 12:09 - 2014-06-08 12:09 - 00000000 ____D () C:\Program Files\Common Files\Skype 2014-06-08 12:09 - 2011-09-12 20:49 - 00000000 ___RD () C:\Program Files\Skype 2014-06-08 12:09 - 2010-05-20 20:58 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Skype 2014-05-30 22:37 - 2010-09-04 15:59 - 00000000 ____D () C:\Documents and Settings\user\Pulpit\DCIM 2014-05-27 12:33 - 2014-05-27 12:33 - 00102400 _____ () C:\WINDOWS\Minidump\Mini052714-01.dmp 2014-05-27 12:33 - 2010-06-05 15:55 - 00000000 ____D () C:\WINDOWS\Minidump 2014-05-27 08:32 - 2013-08-12 11:12 - 00000262 _____ () C:\WINDOWS\Tasks\EPUpdater.job Some content of TEMP: ==================== C:\Documents and Settings\user\Ustawienia lokalne\Temp\appshat-distribution.exe C:\Documents and Settings\user\Ustawienia lokalne\Temp\bitool.dll C:\Documents and Settings\user\Ustawienia lokalne\Temp\DiVapton_sm.exe C:\Documents and Settings\user\Ustawienia lokalne\Temp\drm_dialogs.dll C:\Documents and Settings\user\Ustawienia lokalne\Temp\SkypeSetup.exe C:\Documents and Settings\user\Ustawienia lokalne\Temp\uninst1.exe ==================== Bamital & volsnap Check ================= C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe [2004-08-04 14:00] - [2010-06-11 16:56] - 0510464 ____A (Microsoft Corporation) 66ecfe388ad1bd281dd3391b756670cf C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================