Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:29-08-2014 01 Ran by user (administrator) on BIURO-215F75360 on 30-08-2014 08:56:59 Running from C:\Documents and Settings\user\Pulpit\diagnostyka Platform: Microsoft Windows XP Home Edition Dodatek Service Pack 3 (X86) OS Language: Polski Internet Explorer Version 8 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG2014\avgrsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe (Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe (Sony Corporation) D:\wczasy\aparat\PMBVolumeWatcher.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe () C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe () C:\Documents and Settings\All Users\Dane aplikacji\DatacardService\HWDeviceService.exe (Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe () C:\Program Files\MagicTune Premium\MagicTuneEngine.exe () C:\WINDOWS\system32\C2MP\TrayMenu.exe () C:\Program Files\MagicTune Premium\GammaTray.exe (Pandora.TV) C:\Program Files\PANDORA.TV\PanService\PandoraService.exe (PandoraTV) C:\Program Files\PANDORA.TV\PanService\PanProcess.exe () C:\Documents and Settings\All Users\Dane aplikacji\PLAY ONLINE\OnlineUpdate\ouc.exe (Sony Corporation) D:\wczasy\aparat\PMBDeviceInfoProvider.exe (SEC) C:\Program Files\MagicTune Premium\MagicTune.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [18084864 2009-01-13] (Realtek Semiconductor Corp.) HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [57344 2008-06-19] (Realtek Semiconductor Corp.) HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [570664 2008-02-27] (Nero AG) HKLM\...\Run: [nwiz] => nwiz.exe /install HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup HKLM\...\Run: [PMBVolumeWatcher] => D:\wczasy\aparat\PMBVolumeWatcher.exe [650080 2011-03-15] (Sony Corporation) HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.) HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2014\avgui.exe [5187088 2014-08-11] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM\...\Run: [QuickTime Task] => D:\Nowy folder\Q\QTTask.exe [421888 2012-10-25] (Apple Inc.) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation) HKU\S-1-5-21-606747145-1409082233-1801674531-1004\...\Run: [AVG-Secure-Search-Update_0913b] => C:\Documents and Settings\user\Dane aplikacji\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe /PROMPT --mid e1550c2359c3be5c638c477affd5c71c-bff81dce305edee65692b8468e171ef1ccdff3f8 --CMPID 0913 (the data entry has 1 more characters). HKU\S-1-5-21-606747145-1409082233-1801674531-1004\...\Policies\Explorer: [NoRecentDocsNetHood] 1 HKU\S-1-5-21-606747145-1409082233-1801674531-1004\...\Policies\Explorer: [NoRecentDocsHistory] 1 HKU\S-1-5-21-606747145-1409082233-1801674531-1004\...\Policies\Explorer: [NoRecentDocsMenu] 1 HKU\S-1-5-21-606747145-1409082233-1801674531-1004\...\MountPoints2: E - E:\Launch.exe HKU\S-1-5-21-606747145-1409082233-1801674531-1004\...\MountPoints2: {995f079f-0f8c-11e4-96b8-00241d85eaa0} - F:\Startme.exe HKU\S-1-5-21-606747145-1409082233-1801674531-1004\...\MountPoints2: {ceaf40f9-1b74-11e1-8f58-00241d85eaa0} - F:\AutoRun.exe HKU\S-1-5-21-606747145-1409082233-1801674531-1004\...\MountPoints2: {e2c1b709-3c73-11e1-8fa5-00241d85eaa0} - F:\Startme.exe Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\CodecPackTrayMenu.lnk ShortcutTarget: CodecPackTrayMenu.lnk -> C:\WINDOWS\system32\C2MP\TrayMenu.exe () Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\CodecPackUpdateChecker.lnk ShortcutTarget: CodecPackUpdateChecker.lnk -> C:\WINDOWS\system32\C2MP\UpdateChecker.exe () Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\GammaTray.lnk ShortcutTarget: GammaTray.lnk -> C:\Program Files\MagicTune Premium\GammaTray.exe () ShellIconOverlayIdentifiers: GGDriveOverlay1 -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.) ShellIconOverlayIdentifiers: GGDriveOverlay2 -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.) ShellIconOverlayIdentifiers: GGDriveOverlay3 -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.) ShellIconOverlayIdentifiers: GGDriveOverlay4 -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.) BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2014\avgrsx.exe /sync /restart ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl/0,0.html?p=137 HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKCU - &Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) Toolbar: HKCU - &Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 83.218.120.190 FireFox: ======== FF ProfilePath: C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\ngnwt6vn.default-1356517578140 FF Homepage: hxxp://www.google.pl FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_14_0_0_179.dll () FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.) FF Plugin: @Apple.com/iTunes,version=1.0 -> D:\programy\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin: @comarch.com/NOL,version=3.0 -> C:\Program Files\Common Files\NOL3\npn30plugin.dll (COMARCH S.A.) FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @real.com/nppl3260;version=6.0.12.69 -> C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprpjplug;version=6.0.12.69 -> C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF Plugin: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files\Sony\Media Go\npmediago.dll (Sony Media Software and Services Inc) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin8.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.) FF Extension: Site Advisor - C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\ngnwt6vn.default-1356517578140\Extensions\{6d0f26ba-45b8-4871-9c07-43ab341d5b73} [2014-08-24] FF Extension: Iplex to ALLPlayer - C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\ngnwt6vn.default-1356517578140\Extensions\IplextoALL@ALLPlayer.org.xpi [2013-01-15] FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-07-29] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-29] Chrome: ======= ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3244048 2014-08-11] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [289328 2014-08-11] (AVG Technologies CZ, s.r.o.) R2 GEST Service; C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe [68136 2009-02-06] () R2 HWDeviceService.exe; C:\Documents and Settings\All Users\Dane aplikacji\DatacardService\HWDeviceService.exe [264704 2010-11-16] () [File not signed] R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-08-10] (Oracle Corporation) R2 MagicTuneEngine; C:\Program Files\MagicTune Premium\MagicTuneEngine.exe [45056 2007-08-23] () [File not signed] R2 PanService; C:\Program Files\PANDORA.TV\PanService\PandoraService.exe [625304 2012-09-28] (Pandora.TV) S2 PLAY ONLINE. RunOuc; D:\Nowy folder\play\PLAY ONLINE\UpdateDog\ouc.exe [218624 2011-11-30] () [File not signed] R2 PMBDeviceInfoProvider; D:\wczasy\aparat\PMBDeviceInfoProvider.exe [428384 2011-03-15] (Sony Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [281760 2012-08-12] () R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [121624 2014-06-30] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriverl; C:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys [190232 2014-06-17] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [147736 2014-06-17] (AVG Technologies CZ, s.r.o.) R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-17] (AVG Technologies CZ, s.r.o.) R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [188696 2014-06-17] (AVG Technologies CZ, s.r.o.) R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [241944 2014-06-17] (AVG Technologies CZ, s.r.o.) R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [98584 2014-06-17] (AVG Technologies CZ, s.r.o.) R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [27416 2014-06-17] (AVG Technologies CZ, s.r.o.) R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [197400 2014-06-17] (AVG Technologies CZ, s.r.o.) R3 gdrv; C:\WINDOWS\gdrv.sys [17488 2014-08-30] (Windows (R) 2000 DDK provider) R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [25888 2012-08-12] () R3 MagicTune; C:\WINDOWS\System32\drivers\MTiCtwl.sys [14080 2009-06-04] (Samsung Electronics, Inc. ) [File not signed] S3 s1039mdm; C:\WINDOWS\System32\DRIVERS\s1039mdm.sys [124016 2010-03-15] (MCCI Corporation) S4 IntelIde; No ImagePath U1 WS2IFSL; No ImagePath ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-30 08:55 - 2014-08-30 08:57 - 00000000 ____D () C:\FRST 2014-08-30 08:44 - 2014-08-30 08:56 - 00000000 ____D () C:\Documents and Settings\user\Pulpit\diagnostyka 2014-08-27 22:41 - 2014-08-27 22:40 - 00090112 _____ () C:\WINDOWS\Minidump\Mini082714-01.dmp 2014-08-25 16:53 - 2014-08-25 16:53 - 00000000 ____D () C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Adobe 2014-08-24 09:57 - 2014-08-24 09:57 - 00000000 ____D () C:\Program Files\SiteLookup 2014-08-24 09:57 - 2014-08-24 09:57 - 00000000 ____D () C:\Documents and Settings\user\Dane aplikacji\SimilarAddon 2014-08-10 23:57 - 2014-08-10 23:57 - 00000000 ____D () C:\Program Files\Common Files\Java 2014-08-10 23:57 - 2014-08-10 23:56 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe 2014-08-10 23:57 - 2014-08-10 23:56 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl 2014-08-10 23:56 - 2014-08-10 23:56 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe 2014-08-10 23:56 - 2014-08-10 23:56 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe 2014-08-10 23:56 - 2014-08-10 23:56 - 00096680 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll 2014-08-10 23:56 - 2014-08-10 23:56 - 00000000 ____D () C:\Program Files\Java 2014-08-10 23:56 - 2014-08-10 23:56 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Java ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-30 08:57 - 2014-08-30 08:55 - 00000000 ____D () C:\FRST 2014-08-30 08:57 - 2009-09-25 09:52 - 00032133 _____ () C:\service.log 2014-08-30 08:57 - 2009-09-25 09:50 - 00000000 ____D () C:\Documents and Settings\user\Ustawienia lokalne\Temp 2014-08-30 08:56 - 2014-08-30 08:44 - 00000000 ____D () C:\Documents and Settings\user\Pulpit\diagnostyka 2014-08-30 08:54 - 2013-02-14 15:25 - 00000930 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-08-30 08:48 - 2010-01-31 16:48 - 00000460 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{3D9D833D-1D57-4632-BB29-64DD3879D730}.job 2014-08-30 08:44 - 2009-09-25 09:50 - 00000000 ____D () C:\Documents and Settings\user\Pulpit 2014-08-30 08:06 - 2011-02-10 19:22 - 00001032 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-08-30 08:04 - 2009-09-25 09:46 - 01799243 _____ () C:\WINDOWS\WindowsUpdate.log 2014-08-30 08:03 - 2009-09-25 10:35 - 00017488 _____ (Windows (R) 2000 DDK provider) C:\WINDOWS\gdrv.sys 2014-08-30 08:03 - 2009-06-10 08:28 - 00235289 _____ () C:\WINDOWS\system32\NvApps.xml 2014-08-30 08:02 - 2014-03-18 19:55 - 00000220 _____ () C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job 2014-08-30 08:02 - 2011-02-10 19:22 - 00001028 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-08-30 08:02 - 2009-09-25 09:49 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-08-30 00:28 - 2009-09-25 09:50 - 00000188 ___SH () C:\Documents and Settings\user\ntuser.ini 2014-08-30 00:28 - 2009-09-25 09:49 - 00032270 _____ () C:\WINDOWS\SchedLgU.Txt 2014-08-29 19:42 - 2011-05-27 21:07 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\MFAData 2014-08-29 17:11 - 2013-04-05 21:42 - 00000000 ____D () C:\Program Files\The KMPlayer 2014-08-28 20:29 - 2013-10-04 19:38 - 00000000 ____D () C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Avg2014 2014-08-27 22:41 - 2010-09-13 16:36 - 00000000 ____D () C:\WINDOWS\Minidump 2014-08-27 22:40 - 2014-08-27 22:41 - 00090112 _____ () C:\WINDOWS\Minidump\Mini082714-01.dmp 2014-08-27 00:13 - 2009-09-25 11:41 - 00000214 ____C () C:\WINDOWS\wiadebug.log 2014-08-26 22:15 - 2009-09-25 11:41 - 00000050 ____C () C:\WINDOWS\wiaservc.log 2014-08-25 16:53 - 2014-08-25 16:53 - 00000000 ____D () C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Adobe 2014-08-25 16:53 - 2009-09-25 09:50 - 00000000 ___HD () C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji 2014-08-24 09:57 - 2014-08-24 09:57 - 00000000 ____D () C:\Program Files\SiteLookup 2014-08-24 09:57 - 2014-08-24 09:57 - 00000000 ____D () C:\Documents and Settings\user\Dane aplikacji\SimilarAddon 2014-08-24 09:57 - 2009-09-25 09:50 - 00000000 __RHD () C:\Documents and Settings\user\Dane aplikacji 2014-08-24 09:54 - 2009-09-26 15:32 - 00000715 _____ () C:\Documents and Settings\user\Pulpit\KMPlayer.lnk 2014-08-23 00:30 - 2012-11-10 11:28 - 00699568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2014-08-23 00:30 - 2012-11-10 11:28 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2014-08-22 19:06 - 2009-09-26 10:04 - 00000000 ____D () C:\Documents and Settings\user\Pulpit\sk 2014-08-22 19:05 - 2009-09-26 18:16 - 00000069 _____ () C:\WINDOWS\NeroDigital.ini 2014-08-21 15:54 - 2009-09-25 09:44 - 00115449 _____ () C:\WINDOWS\wmsetup.log 2014-08-16 15:59 - 2009-09-29 14:01 - 00225792 _____ () C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-08-14 13:04 - 2014-04-01 09:07 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\AVG 2014-08-14 13:04 - 2013-10-04 19:40 - 00000737 _____ () C:\Documents and Settings\All Users\Pulpit\AVG 2014.lnk 2014-08-14 13:04 - 2013-08-14 07:00 - 00197772 _____ () C:\WINDOWS\setupapi.log 2014-08-14 13:04 - 2009-09-25 11:40 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit 2014-08-13 17:11 - 2009-09-29 20:05 - 00000000 ____D () C:\WINDOWS\Microsoft.NET 2014-08-13 15:27 - 2013-08-14 07:04 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-08-13 15:25 - 2009-09-28 13:15 - 96303304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-08-10 23:57 - 2014-08-10 23:57 - 00000000 ____D () C:\Program Files\Common Files\Java 2014-08-10 23:56 - 2014-08-10 23:57 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe 2014-08-10 23:56 - 2014-08-10 23:57 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl 2014-08-10 23:56 - 2014-08-10 23:56 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe 2014-08-10 23:56 - 2014-08-10 23:56 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe 2014-08-10 23:56 - 2014-08-10 23:56 - 00096680 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll 2014-08-10 23:56 - 2014-08-10 23:56 - 00000000 ____D () C:\Program Files\Java 2014-08-10 23:56 - 2014-08-10 23:56 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Java 2014-08-10 23:56 - 2009-09-25 11:40 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy 2014-08-08 16:23 - 2014-03-18 19:55 - 00000214 _____ () C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — co miesiąc.job 2014-08-02 22:05 - 2013-01-09 20:14 - 00000000 ____D () C:\Documents and Settings\user\Dane aplikacji\AVG Some content of TEMP: ==================== C:\Documents and Settings\user\Ustawienia lokalne\Temp\ggdrive-menu.exe C:\Documents and Settings\user\Ustawienia lokalne\Temp\ggdrive-overlay.exe C:\Documents and Settings\user\Ustawienia lokalne\Temp\installstats.exe C:\Documents and Settings\user\Ustawienia lokalne\Temp\jre-7u45-windows-i586-iftw.exe C:\Documents and Settings\user\Ustawienia lokalne\Temp\jre-7u51-windows-i586-iftw.exe C:\Documents and Settings\user\Ustawienia lokalne\Temp\jre-7u55-windows-i586-iftw.exe C:\Documents and Settings\user\Ustawienia lokalne\Temp\jre-7u65-windows-i586-iftw.exe C:\Documents and Settings\user\Ustawienia lokalne\Temp\jre-7u67-windows-i586-iftw.exe C:\Documents and Settings\user\Ustawienia lokalne\Temp\KMP_3.9.0.126.exe C:\Documents and Settings\user\Ustawienia lokalne\Temp\SimBundD.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================