Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:25-07-2014 Ran by Misiek (administrator) on MICHAŁ on 27-07-2014 20:04:22 Running from C:\Documents and Settings\Misiek\Pulpit\do kompa Platform: Microsoft Windows XP Home Edition Dodatek Service Pack 3 (X86) OS Language: Polski Internet Explorer Version 8 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVAST Software) C:\Programy\AVAST Software\Avast\AvastSvc.exe (AVAST Software) C:\Programy\AVAST Software\Avast\AvastUI.exe (Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Farbar) C:\Documents and Settings\Misiek\Pulpit\do kompa\FRST (2).exe (EFD Software) C:\Programy\HD Tune\HDTune.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKU\S-1-5-21-746137067-1123561945-1177238915-1004\...\MountPoints2: {1b6dace3-641c-11e3-9ee0-0013ce0d71dd} - E:\Startme.exe ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Programy\AVAST Software\Avast\ashShell.dll (AVAST Software) ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Misiek\Dane aplikacji\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Misiek\Dane aplikacji\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Misiek\Dane aplikacji\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Misiek\Dane aplikacji\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch SearchScopes: HKLM - DefaultScope value is missing. BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Programy\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKCU - &Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) Toolbar: HKCU - &Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 FireFox: ======== FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @RIM.com/WebSLLauncher,version=1.0 - C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll () FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Programy\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Documents and Settings\Misiek\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-08-17] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Programy\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Programy\AVAST Software\Avast\WebRep\FF [2014-03-29] Chrome: ======= CHR HomePage: hxxp://www.google.pl/ CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\34.0.1847.137\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\34.0.1847.137\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\34.0.1847.137\pdf.dll () CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation) CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.)) CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation) CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.149\npGoogleUpdate3.dll No File CHR Extension: (Dokumenty Google) - C:\Documents and Settings\Misiek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-07-10] CHR Extension: (Dysk Google) - C:\Documents and Settings\Misiek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-07-10] CHR Extension: (YouTube) - C:\Documents and Settings\Misiek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-07-10] CHR Extension: (Szukaj w Google) - C:\Documents and Settings\Misiek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-07-10] CHR Extension: (AdBlock) - C:\Documents and Settings\Misiek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-01-18] CHR Extension: (Google Wallet) - C:\Documents and Settings\Misiek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-08] CHR Extension: (Gmail) - C:\Documents and Settings\Misiek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-07-10] CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Programy\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-10] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 6to4; C:\WINDOWS\System32\6to4svc.dll [100864 2010-02-12] (Microsoft Corporation) R2 avast! Antivirus; C:\Programy\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-10] (AVAST Software) S4 BlackBerry Device Manager; C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [585728 2014-01-21] (BlackBerry Limited) [File not signed] S4 Hamachi2Svc; C:\Programy\LogMeIn Hamachi\hamachi-2.exe [1682256 2014-04-15] (LogMeIn Inc.) S4 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-05-30] (Oracle Corporation) S4 RIM MDNS; C:\Program Files\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [389632 2014-05-07] (Apple Inc.) [File not signed] S4 RIM Tunnel Service; C:\Program Files\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1324544 2014-05-07] (Research In Motion Limited) [File not signed] S4 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2000-01-01] (Creative) R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-07-10] () R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-07-10] (AVAST Software) R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55112 2014-07-10] (AVAST Software) R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-07-10] () R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [779536 2014-07-10] (AVAST Software) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [414520 2014-07-10] (AVAST Software) R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57800 2014-07-10] (AVAST Software) R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [192352 2014-07-10] () S3 hamachi; C:\WINDOWS\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.) R3 HSFHWAZL; C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys [201600 2000-01-01] (Conexant Systems, Inc.) [File not signed] R3 HSF_DPV; C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys [1035008 2000-01-01] (Conexant Systems, Inc.) [File not signed] R2 mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [12544 2000-01-01] (Conexant) [File not signed] S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2000-01-01] (Creative Technology Ltd.) S3 RimUsb; C:\WINDOWS\System32\Drivers\RimUsb.sys [68096 2013-12-02] (BlackBerry Limited) S3 rimvndis; C:\WINDOWS\System32\Drivers\rimvndis.sys [12800 2014-05-07] (Research in Motion Limited) S3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2008-04-14] (Realtek Semiconductor Corporation) R1 Tcpip6; C:\WINDOWS\System32\DRIVERS\tcpip6.sys [226880 2010-02-11] (Microsoft Corporation) R3 w29n51; C:\WINDOWS\System32\DRIVERS\w29n51.sys [2216064 2009-11-11] (Intel® Corporation) R3 winachsf; C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys [718464 2000-01-01] (Conexant Systems, Inc.) [File not signed] S4 s24trans; system32\DRIVERS\s24trans.sys [X] U1 WS2IFSL; ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-07-27 20:04 - 2014-07-27 20:04 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\HD Tune 2014-07-27 19:55 - 2014-07-27 19:55 - 00065536 _____ () C:\WINDOWS\Minidump\Mini072714-02.dmp 2014-07-27 18:45 - 2014-07-27 18:45 - 00065536 _____ () C:\WINDOWS\Minidump\Mini072714-01.dmp 2014-07-27 17:56 - 2014-07-27 17:56 - 00022092 _____ () C:\Documents and Settings\Misiek\Pulpit\dmp.rar 2014-07-27 17:44 - 2014-07-27 17:44 - 00065536 _____ () C:\Documents and Settings\Misiek\Pulpit\Mini072714-01.dmp 2014-07-26 22:57 - 2014-07-26 22:57 - 00065536 _____ () C:\Documents and Settings\Misiek\Pulpit\Mini072614-03.dmp 2014-07-26 19:55 - 2014-07-26 19:55 - 00065536 _____ () C:\Documents and Settings\Misiek\Pulpit\Mini072614-02.dmp 2014-07-26 12:44 - 2014-07-26 12:44 - 00065536 _____ () C:\Documents and Settings\Misiek\Pulpit\Mini072614-01.dmp 2014-07-26 12:43 - 2014-07-26 12:43 - 00000000 __SHD () C:\found.001 2014-07-22 23:27 - 2014-07-22 23:27 - 00065536 _____ () C:\WINDOWS\Minidump\Mini072214-01.dmp 2014-07-20 22:47 - 2014-07-20 22:48 - 00000000 ____D () C:\zdn 2014-07-20 00:31 - 2014-07-20 00:31 - 00065536 _____ () C:\WINDOWS\Minidump\Mini072014-01.dmp 2014-07-19 20:01 - 2014-07-19 20:01 - 00065536 _____ () C:\WINDOWS\Minidump\Mini071914-01.dmp 2014-07-17 20:17 - 2014-07-26 11:45 - 00000000 ____D () C:\Documents and Settings\Misiek\Pulpit\ebay 2014-07-10 11:12 - 2014-07-10 11:12 - 00000000 ____D () C:\WINDOWS\jumpshot.com 2014-07-10 10:16 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\system32\sqlite3.dll 2014-07-10 10:15 - 2014-07-10 11:09 - 00000000 ____D () C:\AdwCleaner 2014-07-10 10:04 - 2014-07-10 10:04 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr 2014-06-30 00:55 - 2014-06-30 20:47 - 00150138 _____ () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat 2014-06-30 00:55 - 2014-06-30 00:55 - 00150138 _____ () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-S-1-5-21-746137067-1123561945-1177238915-1004-0.dat 2014-06-30 00:00 - 2014-06-30 00:00 - 00000000 ____D () C:\Documents and Settings\Misiek\Moje dokumenty\Misiek 2014-06-29 23:59 - 2014-06-30 11:05 - 00014658 _____ () C:\ads_err.adt 2014-06-29 23:59 - 2014-06-30 11:05 - 00003072 _____ () C:\ads_err.adi 2014-06-29 23:59 - 2014-06-29 23:59 - 00004562 _____ () C:\ads_err.adm 2014-06-29 23:59 - 2014-06-29 23:59 - 00000000 ____D () C:\Documents and Settings\Misiek\Moje dokumenty\BlackBerry 2014-06-29 23:59 - 2014-06-29 23:59 - 00000000 ____D () C:\Documents and Settings\Misiek\Dane aplikacji\XCPCSync.OEM 2014-06-29 23:58 - 2014-06-30 00:01 - 00000000 ____D () C:\Documents and Settings\Misiek\Dane aplikacji\Research In Motion 2014-06-29 23:56 - 2008-04-14 00:26 - 00030592 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rndismpx.sys 2014-06-29 23:56 - 2008-04-14 00:26 - 00030592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rndismpx.sys 2014-06-29 23:48 - 2014-06-29 23:48 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_RimUsb_01007.Wdf 2014-06-29 23:48 - 2014-06-29 23:48 - 00000000 ____D () C:\Documents and Settings\Misiek\Ustawienia lokalne\Dane aplikacji\Research In Motion 2014-06-29 23:47 - 2014-06-29 23:47 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_RimSerial_01007.Wdf 2014-06-29 23:47 - 2014-06-29 23:47 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\BlackBerry 2014-06-29 23:47 - 2014-06-29 23:47 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Research In Motion 2014-06-29 23:47 - 2014-06-29 23:47 - 00000000 _____ () C:\WINDOWS\system32\out.txt 2014-06-29 23:47 - 2014-06-29 23:47 - 00000000 _____ () C:\WINDOWS\system32\err.txt 2014-06-29 23:47 - 2012-12-10 15:48 - 00035840 ____R (Research in Motion Ltd) C:\WINDOWS\system32\Drivers\RimSerial.sys 2014-06-29 23:46 - 2014-06-29 23:47 - 00000000 ____D () C:\Program Files\Common Files\Research in Motion 2014-06-29 23:45 - 2014-06-29 23:46 - 00000000 ____D () C:\Program Files\Common Files\XCPCSync.OEM ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-07-27 20:08 - 2013-07-05 16:31 - 00000000 ____D () C:\Documents and Settings\Misiek\Ustawienia lokalne\Temp 2014-07-27 20:04 - 2014-07-27 20:04 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\HD Tune 2014-07-27 20:04 - 2014-01-15 01:01 - 00000000 ____D () C:\FRST 2014-07-27 20:04 - 2014-01-15 00:16 - 00000000 ____D () C:\Documents and Settings\Misiek\Pulpit\do kompa 2014-07-27 20:04 - 2013-07-05 17:52 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy 2014-07-27 20:04 - 2013-07-05 16:42 - 00000000 ____D () C:\Programy 2014-07-27 20:01 - 2014-03-29 12:09 - 00000354 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job 2014-07-27 19:56 - 2013-07-05 17:55 - 00000159 _____ () C:\WINDOWS\wiadebug.log 2014-07-27 19:56 - 2013-07-05 17:55 - 00000050 _____ () C:\WINDOWS\wiaservc.log 2014-07-27 19:56 - 2013-07-05 16:11 - 01726465 _____ () C:\WINDOWS\WindowsUpdate.log 2014-07-27 19:55 - 2014-07-27 19:55 - 00065536 _____ () C:\WINDOWS\Minidump\Mini072714-02.dmp 2014-07-27 19:55 - 2014-03-21 12:42 - 00000224 _____ () C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job 2014-07-27 19:55 - 2013-07-14 17:00 - 00000000 ____D () C:\WINDOWS\Minidump 2014-07-27 19:55 - 2013-07-10 13:48 - 00001032 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-07-27 19:55 - 2013-07-05 17:43 - 152571904 _____ () C:\WINDOWS\MEMORY.DMP 2014-07-27 19:55 - 2013-07-05 16:29 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-07-27 19:49 - 2013-07-10 13:48 - 00001036 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-07-27 19:15 - 2014-03-29 12:52 - 00000930 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-07-27 18:45 - 2014-07-27 18:45 - 00065536 _____ () C:\WINDOWS\Minidump\Mini072714-01.dmp 2014-07-27 17:56 - 2014-07-27 17:56 - 00022092 _____ () C:\Documents and Settings\Misiek\Pulpit\dmp.rar 2014-07-27 17:56 - 2013-07-05 16:31 - 00000000 ____D () C:\Documents and Settings\Misiek\Pulpit 2014-07-27 17:44 - 2014-07-27 17:44 - 00065536 _____ () C:\Documents and Settings\Misiek\Pulpit\Mini072714-01.dmp 2014-07-27 16:48 - 2013-10-12 21:16 - 00000000 ____D () C:\Documents and Settings\Misiek\Dane aplikacji\uTorrent 2014-07-27 00:36 - 2013-07-05 16:31 - 00000188 ___SH () C:\Documents and Settings\Misiek\ntuser.ini 2014-07-27 00:36 - 2013-07-05 16:29 - 00032224 _____ () C:\WINDOWS\SchedLgU.Txt 2014-07-26 22:57 - 2014-07-26 22:57 - 00065536 _____ () C:\Documents and Settings\Misiek\Pulpit\Mini072614-03.dmp 2014-07-26 19:55 - 2014-07-26 19:55 - 00065536 _____ () C:\Documents and Settings\Misiek\Pulpit\Mini072614-02.dmp 2014-07-26 18:42 - 2013-10-17 08:59 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-07-26 13:31 - 2013-10-17 08:59 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Silverlight 2014-07-26 12:44 - 2014-07-26 12:44 - 00065536 _____ () C:\Documents and Settings\Misiek\Pulpit\Mini072614-01.dmp 2014-07-26 12:43 - 2014-07-26 12:43 - 00000000 __SHD () C:\found.001 2014-07-26 11:45 - 2014-07-17 20:17 - 00000000 ____D () C:\Documents and Settings\Misiek\Pulpit\ebay 2014-07-26 11:29 - 2008-04-15 14:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl 2014-07-23 22:57 - 2013-07-05 17:52 - 01218647 _____ () C:\WINDOWS\setupapi.log 2014-07-23 22:57 - 2013-07-05 17:52 - 00203935 _____ () C:\WINDOWS\setupact.log 2014-07-22 23:27 - 2014-07-22 23:27 - 00065536 _____ () C:\WINDOWS\Minidump\Mini072214-01.dmp 2014-07-20 22:48 - 2014-07-20 22:47 - 00000000 ____D () C:\zdn 2014-07-20 22:48 - 2013-07-05 17:52 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit 2014-07-20 00:31 - 2014-07-20 00:31 - 00065536 _____ () C:\WINDOWS\Minidump\Mini072014-01.dmp 2014-07-19 20:01 - 2014-07-19 20:01 - 00065536 _____ () C:\WINDOWS\Minidump\Mini071914-01.dmp 2014-07-15 22:39 - 2013-07-05 17:53 - 01219598 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2014-07-15 22:39 - 2008-04-15 14:00 - 00542822 _____ () C:\WINDOWS\system32\perfh015.dat 2014-07-15 22:39 - 2008-04-15 14:00 - 00099372 _____ () C:\WINDOWS\system32\perfc015.dat 2014-07-11 00:45 - 2013-07-05 16:31 - 00000000 ____D () C:\Documents and Settings\Misiek 2014-07-10 11:12 - 2014-07-10 11:12 - 00000000 ____D () C:\WINDOWS\jumpshot.com 2014-07-10 11:09 - 2014-07-10 10:15 - 00000000 ____D () C:\AdwCleaner 2014-07-10 11:09 - 2013-07-05 17:52 - 00000000 __RHD () C:\Documents and Settings\All Users\Dane aplikacji 2014-07-10 10:29 - 2013-08-14 23:26 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-07-10 10:23 - 2013-07-10 16:28 - 93585272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-07-10 10:05 - 2014-03-29 12:09 - 00414520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys 2014-07-10 10:04 - 2014-07-10 10:04 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr 2014-07-10 10:04 - 2014-04-22 20:55 - 00024184 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys 2014-07-10 10:04 - 2014-03-29 12:09 - 00779536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys 2014-07-10 10:04 - 2014-03-29 12:09 - 00276432 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2014-07-10 10:04 - 2014-03-29 12:09 - 00192352 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys 2014-07-10 10:04 - 2014-03-29 12:09 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2014-07-10 10:04 - 2014-03-29 12:09 - 00057800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys 2014-07-10 10:04 - 2014-03-29 12:09 - 00055112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys 2014-07-10 10:04 - 2014-03-29 12:09 - 00049944 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys 2014-07-02 20:25 - 2014-03-23 21:46 - 00000572 _____ () C:\Documents and Settings\Misiek\Moje dokumenty\spider.sav 2014-07-02 12:27 - 2013-07-05 17:51 - 00000211 ___SH () C:\boot.ini 2014-07-02 12:27 - 2008-04-15 14:00 - 00000507 _____ () C:\WINDOWS\win.ini 2014-07-02 12:27 - 2008-04-15 14:00 - 00000227 _____ () C:\WINDOWS\system.ini 2014-06-30 20:47 - 2014-06-30 00:55 - 00150138 _____ () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat 2014-06-30 18:51 - 2013-07-10 17:36 - 00000000 ____D () C:\WINDOWS\Microsoft.NET 2014-06-30 11:05 - 2014-06-29 23:59 - 00014658 _____ () C:\ads_err.adt 2014-06-30 11:05 - 2014-06-29 23:59 - 00003072 _____ () C:\ads_err.adi 2014-06-30 00:55 - 2014-06-30 00:55 - 00150138 _____ () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-S-1-5-21-746137067-1123561945-1177238915-1004-0.dat 2014-06-30 00:55 - 2013-07-05 16:29 - 00000000 ___HD () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji 2014-06-30 00:01 - 2014-06-29 23:58 - 00000000 ____D () C:\Documents and Settings\Misiek\Dane aplikacji\Research In Motion 2014-06-30 00:00 - 2014-06-30 00:00 - 00000000 ____D () C:\Documents and Settings\Misiek\Moje dokumenty\Misiek 2014-06-30 00:00 - 2013-11-03 18:56 - 00000000 ___RD () C:\Documents and Settings\Misiek\Moje dokumenty\Moje wideo 2014-06-30 00:00 - 2013-07-05 16:31 - 00000000 ___RD () C:\Documents and Settings\Misiek\Moje dokumenty\Moje obrazy 2014-06-30 00:00 - 2013-07-05 16:31 - 00000000 ___RD () C:\Documents and Settings\Misiek\Moje dokumenty\Moja muzyka 2014-06-30 00:00 - 2013-07-05 16:31 - 00000000 ___RD () C:\Documents and Settings\Misiek\Moje dokumenty 2014-06-29 23:59 - 2014-06-29 23:59 - 00004562 _____ () C:\ads_err.adm 2014-06-29 23:59 - 2014-06-29 23:59 - 00000000 ____D () C:\Documents and Settings\Misiek\Moje dokumenty\BlackBerry 2014-06-29 23:59 - 2014-06-29 23:59 - 00000000 ____D () C:\Documents and Settings\Misiek\Dane aplikacji\XCPCSync.OEM 2014-06-29 23:59 - 2013-07-05 16:31 - 00000000 __RHD () C:\Documents and Settings\Misiek\Dane aplikacji 2014-06-29 23:52 - 2013-07-05 17:43 - 00000000 ____D () C:\WINDOWS\security 2014-06-29 23:48 - 2014-06-29 23:48 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_RimUsb_01007.Wdf 2014-06-29 23:48 - 2014-06-29 23:48 - 00000000 ____D () C:\Documents and Settings\Misiek\Ustawienia lokalne\Dane aplikacji\Research In Motion 2014-06-29 23:48 - 2013-07-07 01:12 - 00000000 ____D () C:\WINDOWS\system32\ReinstallBackups 2014-06-29 23:48 - 2013-07-05 16:31 - 00000000 ___HD () C:\Documents and Settings\Misiek\Ustawienia lokalne\Dane aplikacji 2014-06-29 23:47 - 2014-06-29 23:47 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_RimSerial_01007.Wdf 2014-06-29 23:47 - 2014-06-29 23:47 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\BlackBerry 2014-06-29 23:47 - 2014-06-29 23:47 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Research In Motion 2014-06-29 23:47 - 2014-06-29 23:47 - 00000000 _____ () C:\WINDOWS\system32\out.txt 2014-06-29 23:47 - 2014-06-29 23:47 - 00000000 _____ () C:\WINDOWS\system32\err.txt 2014-06-29 23:47 - 2014-06-29 23:46 - 00000000 ____D () C:\Program Files\Common Files\Research in Motion 2014-06-29 23:46 - 2014-06-29 23:45 - 00000000 ____D () C:\Program Files\Common Files\XCPCSync.OEM 2014-06-29 23:40 - 2013-07-05 17:43 - 00000000 ____D () C:\WINDOWS\system32\pl-pl 2014-06-29 23:33 - 2013-10-15 14:20 - 00000000 ____D () C:\Program Files\Microsoft.NET 2014-06-27 22:21 - 2014-06-10 21:35 - 00000000 ____D () C:\Documents and Settings\Misiek\Pulpit\Logika Files to move or delete: ==================== C:\Documents and Settings\Misiek\sqlite3.dll Some content of TEMP: ==================== C:\Documents and Settings\Misiek\Ustawienia lokalne\Temp\BlackBerryDeviceManager.exe C:\Documents and Settings\Misiek\Ustawienia lokalne\Temp\BlackBerryLauncher.exe C:\Documents and Settings\Misiek\Ustawienia lokalne\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmumu4r.dll C:\Documents and Settings\Misiek\Ustawienia lokalne\Temp\ose00000.exe C:\Documents and Settings\Misiek\Ustawienia lokalne\Temp\ose00002.exe C:\Documents and Settings\Misiek\Ustawienia lokalne\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================