Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-10-2014 01 Ran by Wiola (administrator) on LAPI on 04-10-2014 19:32:07 Running from C:\_Downloads Loaded Profile: Wiola (Available profiles: Daniel & Wiola & Dzieci & Administrator) Platform: Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polski Internet Explorer Version 8 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe () C:\Program Files\COMODO\Dragon\dragon_updater.exe (Arainia Solutions) C:\Program Files\Gizmo\gservice.exe (Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (AVG) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe (Wistron Corp.) C:\Program Files\Launch Manager\WisLMSvc.exe (Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (AVG) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Wistron) C:\Program Files\Launch Manager\HotkeyApp.exe (AdTrustMedia) C:\Program Files\AdTrustMedia\PrivDog\2.1.0.22\trustedadssvc.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe (Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Marek Jasinski - www.FreeCommander.com) C:\Program Files\FreeCommander\FreeCommander.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16858112 2008-02-19] (Realtek Semiconductor Corp.) HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.) HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1225944 2014-03-25] (COMODO) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-31] (AVAST Software) HKLM\...\Run: [HotkeyApp] => C:\Program Files\Launch Manager\HotkeyApp.exe [192512 2007-07-26] (Wistron) HKLM\...\Run: [PrivDogService] => C:\Program Files\AdTrustMedia\PrivDog\2.1.0.22\trustedadssvc.exe [662696 2014-04-18] (AdTrustMedia) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation) HKLM\...\Run: [CtrlVol] => C:\Program Files\Launch Manager\CtrlVol.exex0\c0ŮŮŮ٬c é HKLM\...\Run: [LaunchAp] => U HKLM\...\Run: [Wbutton] => ŮŮŮŮq HKU\S-1-5-21-1078081533-1604221776-1417001333-1004\...\Run: [] => [X] HKU\S-1-5-21-1078081533-1604221776-1417001333-1004\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.) HKU\S-1-5-21-1078081533-1604221776-1417001333-1004\...\Run: [GizmoDriveDelegate] => C:\Program Files\Gizmo\gizmo.exe [223640 2014-05-13] (Arainia Solutions) HKU\S-1-5-18\...\Run: [Google+ Auto Backup] => C:\Program Files\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3619096 2014-01-06] (Google Inc.) HKU\S-1-5-18\...\Run: [Google Update] => C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [116648 2014-02-08] (Google Inc.) IFEO\taskmgr.exe: [Debugger] C:\Program Files\AVG\AVG PC TuneUp\PMLauncher.exe ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: PrivDog Extension -> {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} -> C:\Program Files\AdTrustMedia\PrivDog\2.1.0.22\trustedads.dll (AdTrustMedia) DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 91.226.6.2 91.226.6.12 Tcpip\..\Interfaces\{1EA9B9DE-79EB-45BE-9D2A-02E668762360}: [NameServer] 156.154.70.22,156.154.71.22 Tcpip\..\Interfaces\{D616FF8A-90FA-4AAD-8CD5-70633AF0F363}: [NameServer] 156.154.70.22,156.154.71.22 FireFox: ======== FF ProfilePath: C:\Documents and Settings\Wiola\Dane aplikacji\Mozilla\Firefox\Profiles\njvkh7z0.default FF DefaultSearchEngine: Google FF Homepage: hxxp://www.onet.pl/# FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll () FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.) FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.) FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( ) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF user.js: detected! => C:\Documents and Settings\Wiola\Dane aplikacji\Mozilla\Firefox\Profiles\njvkh7z0.default\user.js FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Extension: PrivDog - C:\Documents and Settings\Wiola\Dane aplikacji\Mozilla\Firefox\Profiles\njvkh7z0.default\Extensions\PrivDog@AdTrustMedia.com [2014-10-04] FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\Wiola\Dane aplikacji\Mozilla\Firefox\Profiles\njvkh7z0.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011-02-06] FF Extension: Google Toolbar for Firefox - C:\Documents and Settings\Wiola\Dane aplikacji\Mozilla\Firefox\Profiles\njvkh7z0.default\Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2011-06-10] FF Extension: DownloadHelper - C:\Documents and Settings\Wiola\Dane aplikacji\Mozilla\Firefox\Profiles\njvkh7z0.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-07] FF Extension: Tangofox about:home - C:\Documents and Settings\Wiola\Dane aplikacji\Mozilla\Firefox\Profiles\njvkh7z0.default\Extensions\tangofox-abouthome@haven667.xpi [2013-06-03] FF Extension: Tangofox PDF.js - C:\Documents and Settings\Wiola\Dane aplikacji\Mozilla\Firefox\Profiles\njvkh7z0.default\Extensions\tangofox-pdf.js@haven667.xpi [2013-06-03] FF Extension: Tangofox - C:\Documents and Settings\Wiola\Dane aplikacji\Mozilla\Firefox\Profiles\njvkh7z0.default\Extensions\Tangofox@haven667.xpi [2011-04-13] FF Extension: Shine Bright Skin Aero - C:\Documents and Settings\Wiola\Dane aplikacji\Mozilla\Firefox\Profiles\njvkh7z0.default\Extensions\{c7b3cf78-9cbc-47b9-ba47-bb84a56069dd}.xpi [2011-04-13] FF Extension: Adblock Plus - C:\Documents and Settings\Wiola\Dane aplikacji\Mozilla\Firefox\Profiles\njvkh7z0.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-20] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-08-04] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-14] Chrome: ======= CHR CustomProfile: C:\Documents and Settings\Wiola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default CHR Extension: (PrivDog) - C:\Documents and Settings\Wiola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja [2014-04-10] CHR Extension: (avast! Online Security) - C:\Documents and Settings\Wiola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-02-15] CHR Extension: (Google Wallet) - C:\Documents and Settings\Wiola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22] CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-06-30] CHR HKCU\...\Chrome\Extension: [cmaiofennmphjldldcpphcechfnnohja] - C:\Documents and Settings\Wiola\Ustawienia lokalne\Dane aplikacji\AdTrustMedia\PrivDog\PrivDog_chrome.crx [2014-04-23] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-30] (AVAST Software) R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5306504 2014-04-16] (COMODO) S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [1663192 2014-03-25] (COMODO) R2 DragonUpdater; C:\Program Files\Comodo\Dragon\dragon_updater.exe [2135232 2014-05-21] () R2 Gizmo Central; C:\Program Files\Gizmo\gservice.exe [34728 2014-05-13] (Arainia Solutions) S4 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-09-17] (Oracle Corporation) R2 TuneUp.UtilitiesSvc; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [1740088 2013-09-23] (AVG) R2 WisLMSvc; C:\Program Files\Launch Manager\WisLMSvc.exe [118784 2006-11-17] (Wistron Corp.) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 AR5211; C:\WINDOWS\System32\DRIVERS\ar5211.sys [547072 2007-06-21] (Atheros Communications, Inc.) R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-06-30] () R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-06-30] (AVAST Software) R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55112 2014-06-30] (AVAST Software) R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-06-30] () R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [779536 2014-06-30] (AVAST Software) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [414520 2014-07-10] (AVAST Software) R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57800 2014-06-30] (AVAST Software) R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [192352 2014-06-30] () S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation) R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [607448 2014-04-16] (COMODO) R1 cmdHlp; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [29912 2014-04-16] (COMODO) R1 GizmoDrv; C:\WINDOWS\system32\Drivers\GizmoDrv.sys [25488 2014-05-13] (Arainia Solutions LLC) S3 grmnusb; C:\WINDOWS\System32\drivers\grmnusb.sys [9344 2009-04-17] (GARMIN Corp.) [File not signed] R1 Hotkey; C:\WINDOWS\system32\Drivers\Hotkey.sys [9867 2003-04-28] () [File not signed] R0 Inspect; C:\WINDOWS\System32\DRIVERS\inspect.sys [104920 2014-04-16] (COMODO) S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation) R0 Si3112; C:\WINDOWS\system32\Drivers\Si3112.sys [62336 2010-01-22] (Silicon Image, Inc.) [File not signed] S0 Si3114r5; C:\WINDOWS\system32\Drivers\Si3114r5.sys [195072 2010-01-22] (Silicon Image, Inc) [File not signed] R0 Si3124; C:\WINDOWS\system32\Drivers\Si3124.sys [69248 2010-01-22] (Silicon Image, Inc.) [File not signed] R0 Si3132; C:\WINDOWS\system32\Drivers\Si3132.sys [74672 2010-01-22] (Silicon Image, Inc.) R0 Si3132r5; C:\WINDOWS\system32\Drivers\Si3132r5.sys [215856 2010-01-22] (Silicon Image, Inc) R0 Si3531; C:\WINDOWS\system32\Drivers\Si3531.sys [212520 2010-01-22] (Silicon Image, Inc) R3 TuneUpUtilitiesDrv; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [12320 2013-09-18] (TuneUp Software) S4 IntelIde; No ImagePath S4 sptd; System32\Drivers\sptd.sys [X] S3 WinRing0_1_2_0; \??\D:\Daniel\RealTemp\WinRing0.sys [X] U1 WS2IFSL; No ImagePath ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-04 19:27 - 2014-10-04 19:32 - 00000000 ____D () C:\FRST 2014-10-04 15:48 - 2014-10-04 15:48 - 00048392 _____ (COMODO CA Limited) C:\WINDOWS\system32\certsentry.dll 2014-10-04 15:44 - 2014-10-04 16:32 - 00066338 _____ () C:\WINDOWS\system32\Drivers\fvstore.dat 2014-10-04 15:44 - 2014-10-04 15:44 - 00000000 ___HD () C:\VTRoot 2014-10-04 15:43 - 2014-10-04 15:43 - 00000769 _____ () C:\Documents and Settings\All Users\Pulpit\Comodo Dragon.lnk 2014-10-01 20:53 - 2014-10-01 20:53 - 00000000 ____D () C:\Documents and Settings\Dzieci\Moje dokumenty\Juka 2014-09-24 23:16 - 2014-09-25 21:22 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird 2014-09-17 20:06 - 2014-09-17 20:06 - 00000000 ____D () C:\Program Files\Common Files\Java 2014-09-17 20:06 - 2014-09-17 20:04 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe 2014-09-17 20:06 - 2014-09-17 20:04 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl 2014-09-17 20:05 - 2014-09-17 20:05 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Java 2014-09-17 20:05 - 2014-09-17 20:04 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe 2014-09-17 20:05 - 2014-09-17 20:04 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe 2014-09-17 20:05 - 2014-09-17 20:04 - 00096680 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll 2014-09-17 20:04 - 2014-09-17 20:04 - 00000000 ____D () C:\Program Files\Java 2014-09-14 22:08 - 2014-09-14 22:08 - 00176932 _____ () C:\unp303965032677390362.mdmp 2014-09-07 23:47 - 2014-09-07 23:47 - 00000000 ____D () C:\Program Files\Common Files\Skype 2014-09-07 23:37 - 2014-09-07 23:41 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-09-04 01:16 - 2014-09-04 01:16 - 00000511 _____ () C:\Documents and Settings\Wiola\Pulpit\Part 1.1.2.4 ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-04 19:32 - 2011-02-05 19:21 - 00000000 ____D () C:\tmp 2014-10-04 19:23 - 2011-06-19 14:18 - 00001136 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-1604221776-1417001333-1003UA.job 2014-10-04 19:08 - 2011-02-05 17:39 - 01416214 _____ () C:\WINDOWS\WindowsUpdate.log 2014-10-04 19:07 - 2014-02-14 22:47 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job 2014-10-04 19:06 - 2013-06-03 20:40 - 00000930 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-10-04 18:47 - 2011-08-18 07:23 - 00001034 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-10-04 18:41 - 2014-02-08 08:36 - 00001152 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-18UA.job 2014-10-04 17:05 - 2014-04-10 22:49 - 00000440 _____ () C:\WINDOWS\Tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job 2014-10-04 16:35 - 2011-02-06 01:04 - 00000000 ____D () C:\Documents and Settings\Wiola\Dane aplikacji\Skype 2014-10-04 16:33 - 2014-04-10 22:49 - 00000440 _____ () C:\WINDOWS\Tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job 2014-10-04 16:33 - 2014-03-07 00:25 - 00000222 _____ () C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job 2014-10-04 16:33 - 2011-08-18 07:23 - 00001030 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-10-04 16:33 - 2011-02-05 18:31 - 00000159 _____ () C:\WINDOWS\wiadebug.log 2014-10-04 16:33 - 2011-02-05 18:31 - 00000050 _____ () C:\WINDOWS\wiaservc.log 2014-10-04 16:33 - 2011-02-05 17:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-10-04 16:33 - 2010-01-22 00:47 - 00002228 _____ () C:\WINDOWS\system32\wpa.dbl 2014-10-04 16:31 - 2014-06-20 18:19 - 00065536 _____ () C:\WINDOWS\system32\config\TuneUp.evt 2014-10-04 16:31 - 2014-04-10 22:05 - 00065536 _____ () C:\WINDOWS\system32\config\COMODO I.evt 2014-10-04 16:31 - 2011-02-05 21:42 - 00000188 ___SH () C:\Documents and Settings\Wiola\ntuser.ini 2014-10-04 16:31 - 2011-02-05 21:42 - 00000000 ____D () C:\Documents and Settings\Wiola 2014-10-04 16:31 - 2011-02-05 17:45 - 00032586 _____ () C:\WINDOWS\SchedLgU.Txt 2014-10-04 15:47 - 2011-06-19 14:11 - 00000000 ____D () C:\Program Files\COMODO 2014-10-04 15:43 - 2011-06-19 14:12 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\COMODO 2014-10-04 15:43 - 2011-02-05 18:28 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit 2014-10-04 15:13 - 2012-09-08 20:31 - 00000000 ____D () C:\WINDOWS\Minidump 2014-10-04 13:29 - 2012-08-06 21:11 - 00000188 ___SH () C:\Documents and Settings\Dzieci\ntuser.ini 2014-10-04 13:29 - 2012-08-06 21:11 - 00000000 ____D () C:\Documents and Settings\Dzieci 2014-10-04 00:23 - 2011-06-19 14:18 - 00001084 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-1604221776-1417001333-1003Core.job 2014-10-01 20:53 - 2012-08-06 21:11 - 00000000 ___RD () C:\Documents and Settings\Dzieci\Moje dokumenty 2014-09-26 22:25 - 2012-05-01 11:46 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-09-25 21:49 - 2011-06-19 14:19 - 00001819 _____ () C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk 2014-09-23 22:06 - 2013-04-24 22:04 - 00701104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2014-09-23 22:06 - 2013-04-24 22:04 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2014-09-17 20:05 - 2011-02-05 18:28 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy 2014-09-17 20:01 - 2013-12-24 18:34 - 00000719 _____ () C:\Documents and Settings\All Users\Pulpit\VLC media player.lnk 2014-09-17 19:57 - 2011-10-18 19:54 - 00000000 ____D () C:\Program Files\Common Files\Adobe AIR 2014-09-17 19:33 - 2011-02-05 21:42 - 00000000 ____D () C:\Documents and Settings\Wiola\Pulpit 2014-09-17 19:24 - 2011-02-05 18:27 - 00000000 ___RD () C:\Documents and Settings\All Users\Dane aplikacji 2014-09-17 19:21 - 2011-05-28 22:40 - 00000000 ____D () C:\Documents and Settings\Wiola\Dane aplikacji\go 2014-09-17 19:13 - 2011-02-05 18:28 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy\Autostart 2014-09-17 18:36 - 2011-02-05 21:42 - 00000000 __RHD () C:\Documents and Settings\Wiola\Dane aplikacji 2014-09-17 18:36 - 2011-02-05 21:42 - 00000000 ___RD () C:\Documents and Settings\Wiola\Menu Start\Programy 2014-09-11 01:03 - 2013-07-19 01:21 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-09-11 00:46 - 2011-02-05 20:02 - 98758480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-09-08 00:03 - 2012-10-24 13:05 - 00002347 _____ () C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Reader XI.lnk 2014-09-08 00:02 - 2011-10-18 20:00 - 00000000 ____D () C:\Program Files\Common Files\Adobe 2014-09-07 23:47 - 2011-02-06 00:48 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Skype 2014-09-07 23:41 - 2013-04-24 21:24 - 00000682 _____ () C:\Documents and Settings\All Users\Pulpit\CCleaner.lnk 2014-09-07 23:40 - 2013-04-24 21:24 - 00000000 ____D () C:\Program Files\CCleaner ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================