Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-11-2014 Ran by Bednarr (administrator) on BEDNAR on 01-11-2014 23:31:45 Running from C:\Documents and Settings\Bednarr\Moje dokumenty\Pobrane Loaded Profiles: Bednarr (Available profiles: Bednarr & Gość) Platform: Microsoft Windows XP Home Edition Dodatek Service Pack 3 (X86) OS Language: Polski Internet Explorer Version 6 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe (LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe () C:\WINDOWS\system32\nethtsrv.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe () C:\WINDOWS\system32\netupdsrv.exe (Clarus, Inc.) C:\Program Files\Clarus\Samsung Drive Manager\SZDrvSvc.exe (AVG) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe (LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (AVG) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe (Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe (Mozilla Corporation) E:\Programy\Mozilla Firefox\firefox.exe (Mozilla Corporation) E:\Programy\Mozilla Firefox\plugin-container.exe (Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe (Ghisler Software GmbH) C:\totalcmd\TOTALCMD.EXE (Valve Corporation) C:\Program Files\Steam\Steam.exe (Valve Corporation) C:\Program Files\Steam\bin\steamwebhelper.exe (Valve) C:\Program Files\Steam\SteamApps\common\Half-Life\hl.exe (Valve Corporation) C:\Program Files\Steam\GameOverlayUI.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup HKLM\...\Run: [GB_UPDATE] => E:\Programy\Razer Game Booster\AutoUpdate.exe [2051688 2013-06-05] () HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation) HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3835728 2014-10-27] (LogMeIn Inc.) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation) HKLM\...\Winlogon: [UIHost] C:\WINDOWS\system32\logonui.exe [515072 2008-04-14] (Microsoft Corporation) Winlogon\Notify\Antiwpa: C:\WINDOWS\system32\antiwpa.dll () Winlogon\Notify\WgaLogon: WgaLogon.dll [X] HKU\S-1-5-21-515967899-1958367476-725345543-1007\...\MountPoints2: M - setupSNK.exe HKU\S-1-5-21-515967899-1958367476-725345543-1007\...\MountPoints2: N - N:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-515967899-1958367476-725345543-1007\...\MountPoints2: P - P:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-515967899-1958367476-725345543-1007\...\MountPoints2: {d9881fae-288f-11e4-924b-c2ccb8f7e1ea} - M:\setupSNK.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKCU - &Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) Toolbar: HKCU - &Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) DPF: {00000055-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/A/7/D/A7D1EBE3-8E78-4CBE-B22B-EEECF9E3A1BC/fhg.CAB DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1408567394562 Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Documents and Settings\Bednarr\Dane aplikacji\Mozilla\Firefox\Profiles\iwdq16f4.default-1414768594656 FF Plugin: @adobe.com/AuthorwarePlayer -> C:\WINDOWS\system32\Macromed\AUTHORWA\np32asw.dll (Macromedia, Inc.) FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll () FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.) FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.1.5 -> E:\Programy\VLC\npvlc.dll (VideoLAN) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF StartMenuInternet: FIREFOX.EXE - E:\Programy\Mozilla Firefox\firefox.exe Chrome: ======= CHR StartupUrls: Default -> "https://www.google.com/" CHR Profile: C:\Documents and Settings\Bednarr\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default CHR Extension: (Dokumenty Google) - C:\Documents and Settings\Bednarr\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-22] CHR Extension: (Dysk Google) - C:\Documents and Settings\Bednarr\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-22] CHR Extension: (YouTube) - C:\Documents and Settings\Bednarr\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-22] CHR Extension: (Szukaj w Google) - C:\Documents and Settings\Bednarr\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-22] CHR Extension: (Google Wallet) - C:\Documents and Settings\Bednarr\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-22] CHR Extension: (Gmail) - C:\Documents and Settings\Bednarr\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-22] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1894224 2014-10-27] (LogMeIn Inc.) R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-06-04] (Hewlett-Packard Co.) [File not signed] R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [131072 2007-06-04] (Hewlett-Packard Co.) [File not signed] S4 HPSupportSolutionsFrameworkService; C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe [72992 2014-07-07] (Hewlett-Packard Company) R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-10-28] (Oracle Corporation) R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [411920 2014-10-21] (LogMeIn, Inc.) R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [43520 2006-11-08] (Hewlett-Packard) [File not signed] R2 NetHttpService; C:\WINDOWS\system32\nethtsrv.exe [180224 2014-10-20] () [File not signed] R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation) R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed] R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53248 2006-11-08] (Hewlett-Packard) [File not signed] R2 ServiceUpdater; C:\WINDOWS\system32\netupdsrv.exe [162304 2014-10-20] () [File not signed] S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) R2 SZDrvSvc; C:\Program Files\Clarus\Samsung Drive Manager\SZDrvSvc.exe [19456 2012-08-17] (Clarus, Inc.) [File not signed] R2 TuneUp.UtilitiesSvc; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [1741624 2013-12-18] (AVG) S3 UxTuneUp; C:\WINDOWS\System32\uxtuneup.dll [35640 2013-12-18] (AVG) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative) R0 amdide; C:\WINDOWS\System32\DRIVERS\amdide.sys [11944 2012-12-04] (Advanced Micro Devices Inc.) R1 AmdPPM; C:\WINDOWS\System32\DRIVERS\AmdPPM.sys [33792 2007-04-16] (Advanced Micro Devices) R1 dtsoftbus01; C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [243128 2014-08-23] (Disc Soft Ltd) R3 hamachi; C:\WINDOWS\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.) R3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2007-03-08] (HP) R3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2007-03-08] (HP) R3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2007-03-08] (HP) R3 mdf16; C:\Program Files\Clarus\Samsung Drive Manager\mdf16.sys [18864 2012-06-21] () S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.) R3 mvd23; C:\Program Files\Clarus\Samsung Drive Manager\mvd23.sys [89008 2012-06-21] () R1 nethfdrv; C:\WINDOWS\system32\drivers\nethfdrv.sys [49152 2014-10-20] () [File not signed] R3 serenum; C:\WINDOWS\System32\DRIVERS\nuvserenum.sys [17920 2014-01-12] (Windows (R) Win 7 DDK provider) R3 Serial; C:\WINDOWS\System32\DRIVERS\nuvserial.sys [76288 2014-01-12] (Nuvoton Technology Corp.) S3 SG762_XP; C:\WINDOWS\System32\DRIVERS\WlanBZXP.sys [402432 2006-01-19] (ZyDAS Technology Corporation) R3 TuneUpUtilitiesDrv; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [12320 2013-08-21] (TuneUp Software) S3 WinRing0_1_2_0; E:\Programy\Razer Game Booster\Driver\WinRing0.sys [14416 2012-08-01] (OpenLibSys.org) S3 ATP; system32\DRIVERS\cmdatp.sys [X] S3 gdrv; \??\C:\WINDOWS\gdrv.sys [X] S4 IntelIde; No ImagePath U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation) U1 WS2IFSL; No ImagePath U3 uftdqpog; \??\C:\DOCUME~1\Bednarr\USTAWI~1\Temp\uftdqpog.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-01 23:31 - 2014-11-01 23:31 - 00000000 ____D () C:\FRST 2014-11-01 12:19 - 2014-11-01 12:19 - 00000687 _____ () C:\awh6.tmp 2014-11-01 10:06 - 2014-11-01 10:06 - 00000687 _____ () C:\awhA.tmp 2014-10-31 19:51 - 2014-02-20 16:17 - 00118211 _____ () C:\Documents and Settings\Bednarr\Pulpit\SimpleRegionMarket-3.6.3.jar 2014-10-31 19:41 - 2014-10-31 19:41 - 00021116 _____ () C:\Documents and Settings\Bednarr\Pulpit\Działki.jar 2014-10-31 16:36 - 2014-10-31 16:36 - 00000687 _____ () C:\awh9.tmp 2014-10-31 16:25 - 2014-10-31 16:25 - 00000687 _____ () C:\awh5.tmp 2014-10-31 16:16 - 2014-10-31 16:16 - 00000000 ____D () C:\Documents and Settings\Bednarr\Pulpit\Stare dane programu Firefox 2014-10-31 16:12 - 2014-10-31 16:12 - 00080789 _____ () C:\Documents and Settings\Bednarr\Pulpit\bookmarks-2014-10-31.json 2014-10-31 16:03 - 2014-10-31 16:03 - 00023421 _____ () C:\Documents and Settings\Bednarr\Pulpit\hs_err_pid3068.log 2014-10-31 15:54 - 2014-10-31 15:54 - 00000687 _____ () C:\awh2.tmp 2014-10-31 12:00 - 2014-10-31 12:00 - 00000687 _____ () C:\awh4.tmp 2014-10-30 22:33 - 2014-10-30 22:33 - 01998336 _____ () C:\Documents and Settings\Bednarr\Pulpit\AdwCleaner.exe 2014-10-30 22:23 - 2014-10-30 22:23 - 00000687 _____ () C:\awh56.tmp 2014-10-30 22:02 - 2014-10-30 22:14 - 00092580 _____ () C:\Documents and Settings\Bednarr\Pulpit\SimpleRegionMarket.jar 2014-10-30 22:01 - 2014-10-30 22:01 - 00083658 _____ () C:\Documents and Settings\Bednarr\Pulpit\SimpleRegionMarket-0.1-indev.8.zip 2014-10-30 21:52 - 2014-10-30 21:52 - 00040643 _____ () C:\Documents and Settings\Bednarr\Pulpit\Simple Region Market.zip 2014-10-30 17:16 - 2014-10-30 17:16 - 00239313 _____ () C:\Documents and Settings\Bednarr\Pulpit\Quester.jar 2014-10-30 17:15 - 2014-10-30 17:15 - 00955162 _____ () C:\Documents and Settings\Bednarr\Pulpit\Citizens.jar 2014-10-30 15:55 - 2014-10-30 16:23 - 00000487 _____ () C:\Documents and Settings\Bednarr\Pulpit\misja.txt 2014-10-29 20:04 - 2014-10-29 20:04 - 00000000 _____ () C:\Documents and Settings\Bednarr\Pulpit\Nowy Dokument tekstowy.txt 2014-10-29 17:34 - 2014-10-29 17:34 - 00023578 _____ () C:\Documents and Settings\Bednarr\Pulpit\hs_err_pid1612.log 2014-10-28 09:16 - 2014-10-28 09:16 - 00002509 _____ () C:\Documents and Settings\Bednarr\Pulpit\Worlds.jar 2014-10-28 08:24 - 2014-10-28 08:24 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe 2014-10-28 08:24 - 2014-10-28 08:24 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe 2014-10-28 08:24 - 2014-10-28 08:24 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe 2014-10-28 08:24 - 2014-10-28 08:24 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl 2014-10-28 08:24 - 2014-10-28 08:24 - 00096680 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll 2014-10-28 08:24 - 2014-10-28 08:24 - 00000000 ____D () C:\Program Files\Common Files\Java 2014-10-28 08:24 - 2014-10-28 08:24 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Java 2014-10-27 17:08 - 2014-10-27 17:08 - 00000000 ____D () C:\Program Files\LogMeIn Hamachi 2014-10-27 17:08 - 2014-10-27 17:08 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\LogMeIn Hamachi 2014-10-26 15:41 - 2014-11-01 12:48 - 00000000 ____D () C:\Documents and Settings\Bednarr\Pulpit\Enlarged Grass Block by NateT_Bird 2014-10-25 16:27 - 2014-11-01 21:41 - 00000000 ____D () C:\Documents and Settings\Bednarr\Dane aplikacji\.minecraftzyczu 2014-10-22 22:59 - 2014-10-22 22:59 - 00002396 _____ () C:\Documents and Settings\Bednarr\Moje dokumenty\MumbleAutomaticCertificateBackup.p12 2014-10-22 22:56 - 2014-10-22 22:56 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Mumble 2014-10-22 22:55 - 2014-10-22 22:56 - 00000000 ____D () C:\Program Files\Mumble 2014-10-22 22:31 - 2014-10-22 22:31 - 00000000 ____D () C:\Documents and Settings\Bednarr\Dane aplikacji\Mumble 2014-10-22 22:26 - 2014-10-31 16:29 - 00000000 ____D () C:\Documents and Settings\Bednarr\Dane aplikacji\3943 2014-10-22 20:08 - 2014-10-22 20:08 - 02994505 _____ () C:\Documents and Settings\Bednarr\Pulpit\szablon by EastWestFM.rar 2014-10-22 16:10 - 2014-10-22 16:10 - 00005654 _____ () C:\Documents and Settings\Bednarr\Ustawienia lokalne\Dane aplikacji\recently-used.xbel 2014-10-21 21:32 - 2014-10-21 21:32 - 00036109 _____ () C:\Documents and Settings\Bednarr\Moje dokumenty\PvpLevels.jar 2014-10-21 21:32 - 2014-10-21 21:32 - 00022375 _____ () C:\Documents and Settings\Bednarr\Moje dokumenty\PvPTitles.jar 2014-10-21 21:00 - 2014-10-21 21:00 - 00671018 _____ () C:\Documents and Settings\Bednarr\Moje dokumenty\pvparena.jar 2014-10-21 18:12 - 2014-10-21 18:12 - 00176336 _____ () C:\Documents and Settings\Bednarr\Moje dokumenty\UltimaGuild.jar 2014-10-21 07:58 - 2009-03-18 17:35 - 00026176 ____H (LogMeIn, Inc.) C:\WINDOWS\system32\hamachi.sys 2014-10-20 15:21 - 2014-10-20 15:21 - 00162304 _____ () C:\WINDOWS\system32\netupdsrv.exe 2014-10-20 15:21 - 2014-10-20 15:21 - 00049152 _____ () C:\WINDOWS\system32\Drivers\nethfdrv.sys 2014-10-20 15:20 - 2014-10-20 15:20 - 00249856 _____ () C:\WINDOWS\system32\hfpapi.dll 2014-10-20 15:20 - 2014-10-20 15:20 - 00180224 _____ () C:\WINDOWS\system32\nethtsrv.exe 2014-10-20 15:20 - 2014-10-20 15:20 - 00110592 _____ () C:\WINDOWS\system32\installd.exe 2014-10-20 15:20 - 2014-10-20 15:20 - 00108544 _____ () C:\WINDOWS\system32\hfnapi.dll 2014-10-19 11:50 - 2014-10-19 11:50 - 00000000 ____D () C:\Documents and Settings\Bednarr\.SquashOccurrences 2014-10-19 11:49 - 2014-10-19 11:49 - 00000000 ____D () C:\Documents and Settings\Bednarr\Pulpit\MCEdit-0.1.7.1.win32 2014-10-18 21:26 - 2014-10-18 21:28 - 28349963 _____ () C:\Documents and Settings\Bednarr\Pulpit\Mapa z 1 ods_ony serwera mc.neverald.pl.rar 2014-10-18 17:30 - 2014-10-18 17:30 - 00000000 ____D () C:\Documents and Settings\Bednarr\Ustawienia lokalne\Dane aplikacji\GHISLER 2014-10-18 17:24 - 2014-10-18 17:25 - 00000000 ____D () C:\Documents and Settings\Bednarr\Dane aplikacji\GHISLER 2014-10-18 17:24 - 2014-10-18 17:24 - 00000548 _____ () C:\Documents and Settings\Bednarr\Pulpit\Total Commander.lnk 2014-10-18 17:24 - 2014-10-18 17:24 - 00000000 ____D () C:\totalcmd 2014-10-18 17:24 - 2014-10-18 17:24 - 00000000 ____D () C:\Documents and Settings\Bednarr\Menu Start\Programy\Total Commander 2014-10-18 11:16 - 2014-10-18 11:16 - 00000000 ____D () C:\Documents and Settings\Bednarr\Dane aplikacji\dvdcss 2014-10-18 10:58 - 2014-10-18 11:04 - 00000000 ____D () C:\Documents and Settings\Bednarr\Pulpit\Bal gimnazjalny cz 2 2014-10-18 10:47 - 2014-10-18 10:51 - 00000000 ____D () C:\Documents and Settings\Bednarr\Pulpit\Bal gimnazjalny cz 1 2014-10-16 20:05 - 2014-10-16 20:05 - 00000805 _____ () C:\Documents and Settings\All Users\Pulpit\Vegas Pro 10.0.lnk 2014-10-16 19:48 - 2014-10-16 20:07 - 00002504 _____ () C:\Documents and Settings\Bednarr\Moje dokumenty\Register Vegas Pro.htm 2014-10-16 19:25 - 2014-10-16 19:25 - 00000000 ____D () C:\Documents and Settings\Bednarr\Moje dokumenty\qs 2014-10-16 19:22 - 2008-06-16 12:51 - 00007910 _____ () C:\Documents and Settings\Bednarr\Moje dokumenty\quakesounds.sma 2014-10-16 19:21 - 2008-06-16 12:52 - 00011830 _____ () C:\Documents and Settings\Bednarr\Moje dokumenty\quakesounds.amxx 2014-10-14 20:43 - 2014-10-14 20:43 - 00000000 ___RD () C:\Documents and Settings\Bednarr\Moje dokumenty\Moje wideo 2014-10-14 20:43 - 2014-10-14 20:43 - 00000000 ____D () C:\Documents and Settings\Bednarr\Ustawienia lokalne\Dane aplikacji\WMTools Downloaded Files 2014-10-11 10:48 - 2014-10-11 10:48 - 00000000 ____D () C:\Documents and Settings\Bednarr\Ustawienia lokalne\Dane aplikacji\WorldofTanks 2014-10-11 10:47 - 2014-10-11 10:47 - 00933692 _____ () C:\Documents and Settings\Bednarr\Moje dokumenty\xray.exe 2014-10-08 10:56 - 2014-10-08 10:56 - 00000000 ____D () C:\Documents and Settings\Bednarr\Dane aplikacji\Solvusoft 2014-10-04 15:14 - 2014-10-04 15:14 - 00000000 ____D () C:\Documents and Settings\Bednarr\Moje dokumenty\orginal 2014-10-04 15:11 - 2014-10-04 23:18 - 00000000 ____D () C:\Documents and Settings\Bednarr\Moje dokumenty\Pliki Serwerowe Minecraft 1.7.2 Bukkit By MinecraftPixel 2014-10-03 19:51 - 2014-10-04 12:39 - 00000000 ____D () C:\Documents and Settings\Bednarr\Pulpit\100ANDRO1 2014-10-03 16:10 - 2014-11-01 21:41 - 00000000 ____D () C:\Documents and Settings\Bednarr\Dane aplikacji\.minecraft 2014-10-03 15:56 - 2011-09-19 13:16 - 00000000 ____D () C:\Documents and Settings\Bednarr\Moje dokumenty\bin 2014-10-03 15:56 - 2011-09-19 13:15 - 00000000 ____D () C:\Documents and Settings\Bednarr\Moje dokumenty\texturepacks 2014-10-03 15:56 - 2011-08-09 11:49 - 00000000 ____D () C:\Documents and Settings\Bednarr\Moje dokumenty\Backup 2014-10-03 15:56 - 2011-07-21 22:05 - 00000000 ____D () C:\Documents and Settings\Bednarr\Moje dokumenty\stats 2014-10-03 15:56 - 2011-07-18 13:53 - 00000000 ____D () C:\Documents and Settings\Bednarr\Moje dokumenty\resources 2014-10-02 16:12 - 2014-10-02 16:16 - 00000000 ____D () C:\Documents and Settings\Bednarr\Pulpit\100ANDRO ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-01 23:32 - 2014-08-22 17:32 - 00000000 ____D () C:\Documents and Settings\Bednarr\Ustawienia lokalne\Temp 2014-11-01 23:31 - 2014-09-16 10:15 - 00000000 ____D () C:\Documents and Settings\Bednarr\Moje dokumenty\Pobrane 2014-11-01 23:25 - 2014-08-22 17:40 - 00000000 ____D () C:\Documents and Settings\Bednarr\Dane aplikacji\Skype 2014-11-01 22:47 - 2014-08-20 19:08 - 00001036 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-11-01 22:44 - 2014-08-20 21:59 - 00016652 _____ () C:\WINDOWS\system32\nvAppTimestamps 2014-11-01 22:33 - 2014-08-21 15:38 - 00000000 ____D () C:\Program Files\Steam 2014-11-01 19:51 - 2014-08-22 18:11 - 00000000 ____D () C:\Documents and Settings\Bednarr\Dane aplikacji\TS3Client 2014-11-01 18:47 - 2014-08-20 19:08 - 00001032 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-11-01 18:46 - 2014-08-20 22:36 - 00002267 _____ () C:\Documents and Settings\All Users\Pulpit\Skype.lnk 2014-11-01 17:14 - 2014-08-22 17:32 - 00000000 ___RD () C:\Documents and Settings\Bednarr\Moje dokumenty 2014-11-01 17:14 - 2014-08-22 17:32 - 00000000 ____D () C:\Documents and Settings\Bednarr\Pulpit 2014-11-01 12:18 - 2014-08-20 19:35 - 01262776 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2014-11-01 12:18 - 2006-03-02 13:00 - 00558796 _____ () C:\WINDOWS\system32\perfh015.dat 2014-11-01 12:18 - 2006-03-02 13:00 - 00105734 _____ () C:\WINDOWS\system32\perfc015.dat 2014-11-01 12:16 - 2014-09-30 18:19 - 00000000 ____D () C:\Documents and Settings\Bednarr\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi 2014-11-01 12:14 - 2014-09-30 18:19 - 00000000 ____D () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi 2014-11-01 12:14 - 2014-08-23 18:02 - 00046072 _____ () C:\WINDOWS\AutoKMS.log 2014-11-01 12:14 - 2014-08-23 15:35 - 00078848 _____ () C:\WINDOWS\KMSEmulator.exe 2014-11-01 12:14 - 2014-08-23 15:35 - 00000204 _____ () C:\WINDOWS\Tasks\AutoKMS.job 2014-11-01 12:14 - 2014-08-23 15:35 - 00000202 _____ () C:\WINDOWS\Tasks\AutoKMSDaily.job 2014-11-01 12:14 - 2014-08-23 14:26 - 01735546 _____ () C:\WINDOWS\WindowsUpdate.log 2014-11-01 12:14 - 2014-08-20 19:37 - 00000159 _____ () C:\WINDOWS\wiadebug.log 2014-11-01 12:14 - 2014-08-20 19:37 - 00000050 _____ () C:\WINDOWS\wiaservc.log 2014-11-01 12:13 - 2014-08-20 18:01 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-11-01 10:09 - 2014-08-22 17:32 - 00000188 ___SH () C:\Documents and Settings\Bednarr\ntuser.ini 2014-11-01 10:09 - 2014-08-20 22:11 - 00065536 _____ () C:\WINDOWS\system32\config\TuneUp.evt 2014-11-01 10:09 - 2014-08-20 18:01 - 00032574 _____ () C:\WINDOWS\SchedLgU.Txt 2014-10-31 19:52 - 2014-08-26 16:49 - 00000000 ____D () C:\Documents and Settings\Bednarr\Dane aplikacji\Sony 2014-10-31 19:52 - 2014-08-22 17:32 - 00000000 ___RD () C:\Documents and Settings\Bednarr\Menu Start 2014-10-31 19:44 - 2014-09-27 15:16 - 00000000 ____D () C:\AdwCleaner 2014-10-31 16:29 - 2014-08-22 17:32 - 00000000 ____D () C:\Documents and Settings\Bednarr 2014-10-31 16:19 - 2014-08-23 14:39 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-10-29 16:54 - 2014-09-20 11:58 - 00000000 ____D () C:\Temp 2014-10-29 16:54 - 2014-08-23 14:26 - 00010588 _____ () C:\WINDOWS\setupact.log 2014-10-29 16:54 - 2014-08-23 13:21 - 00329018 _____ () C:\WINDOWS\setupapi.log 2014-10-28 22:08 - 2014-08-23 14:49 - 00746690 _____ () C:\WINDOWS\DPINST.LOG 2014-10-28 22:06 - 2014-09-20 10:55 - 00001739 _____ () C:\Documents and Settings\All Users\Pulpit\Sony PC Companion 2.1.lnk 2014-10-28 22:06 - 2014-08-26 16:51 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Sony 2014-10-28 22:06 - 2014-08-20 19:35 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit 2014-10-28 22:06 - 2014-08-20 18:55 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information 2014-10-28 09:46 - 2014-08-23 15:33 - 00065536 _____ () C:\WINDOWS\system32\config\OAlerts.evt 2014-10-28 08:49 - 2014-08-20 19:09 - 00001819 _____ () C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk 2014-10-28 08:24 - 2014-08-20 19:35 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy 2014-10-27 10:51 - 2014-08-31 14:33 - 00000000 ____D () C:\Documents and Settings\Bednarr\Pulpit\Nowy folder 2014-10-26 19:06 - 2014-09-30 19:13 - 00000754 _____ () C:\WINDOWS\WORDPAD.INI 2014-10-26 18:47 - 2014-08-22 17:32 - 00000000 ___HD () C:\Documents and Settings\Bednarr\Ustawienia lokalne\Dane aplikacji 2014-10-25 23:14 - 2014-09-21 15:18 - 00000000 ____D () C:\Documents and Settings\Bednarr\Dane aplikacji\vlc 2014-10-25 16:27 - 2014-08-22 17:32 - 00000000 __RHD () C:\Documents and Settings\Bednarr\Dane aplikacji 2014-10-22 16:10 - 2014-08-25 14:08 - 00000000 ____D () C:\Documents and Settings\Bednarr\Ustawienia lokalne\Dane aplikacji\gtk-2.0 2014-10-22 16:10 - 2014-08-25 14:03 - 00000000 ____D () C:\Documents and Settings\Bednarr\.gimp-2.8 2014-10-18 17:24 - 2014-08-22 17:32 - 00000000 ___RD () C:\Documents and Settings\Bednarr\Menu Start\Programy 2014-10-16 20:06 - 2014-08-26 16:52 - 00000000 ____D () C:\Documents and Settings\Bednarr\Ustawienia lokalne\Dane aplikacji\Sony 2014-10-16 20:04 - 2014-08-26 16:51 - 00000000 ____D () C:\Program Files\Sony 2014-10-10 15:19 - 2014-09-13 08:29 - 00002300 _____ () C:\WINDOWS\system32\wpa.dbl 2014-10-08 10:37 - 2014-08-23 15:41 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\YTD Video Downloader 2014-10-05 12:41 - 2014-09-30 17:29 - 03399374 _____ () C:\Documents and Settings\Bednarr\Pulpit\Minecraft.jar Some content of TEMP: ==================== C:\Documents and Settings\Bednarr\Ustawienia lokalne\Temp\bitool.dll C:\Documents and Settings\Bednarr\Ustawienia lokalne\Temp\hpzmsi01.exe C:\Documents and Settings\Bednarr\Ustawienia lokalne\Temp\hpzscr01.exe C:\Documents and Settings\Bednarr\Ustawienia lokalne\Temp\ICReinstall_GIMP(13219).exe C:\Documents and Settings\Bednarr\Ustawienia lokalne\Temp\ICReinstall_xray_installer.exe C:\Documents and Settings\Bednarr\Ustawienia lokalne\Temp\ins.exe C:\Documents and Settings\Bednarr\Ustawienia lokalne\Temp\jansi-32-git-Bukkit-1.5.2-R1.0-27-gdc25312-b2814jnks.dll C:\Documents and Settings\Bednarr\Ustawienia lokalne\Temp\jansi-32-git-Bukkit-1.6.4-R2.0-2-g7e1ac0a-b2923jnks.dll C:\Documents and Settings\Bednarr\Ustawienia lokalne\Temp\jansi-32-git-Bukkit-1.7.2-R0.3-14-g8f8716c-b3042jnks.dll C:\Documents and Settings\Bednarr\Ustawienia lokalne\Temp\jansi-32.dll C:\Documents and Settings\Bednarr\Ustawienia lokalne\Temp\jline_git-Bukkit-0_0_0-1067-g6301507-b1185jnks.dll C:\Documents and Settings\Bednarr\Ustawienia lokalne\Temp\jre-7u71-windows-i586-iftw.exe C:\Documents and Settings\Bednarr\Ustawienia lokalne\Temp\Launcher.exe C:\Documents and Settings\Bednarr\Ustawienia lokalne\Temp\ochelper.exe C:\Documents and Settings\Bednarr\Ustawienia lokalne\Temp\Opera_NI_stable.exe C:\Documents and Settings\Bednarr\Ustawienia lokalne\Temp\Package_pl_ww.exe C:\Documents and Settings\Bednarr\Ustawienia lokalne\Temp\Quarantine.exe C:\Documents and Settings\Bednarr\Ustawienia lokalne\Temp\SHSetup.exe C:\Documents and Settings\Bednarr\Ustawienia lokalne\Temp\SkypeSetup.exe C:\Documents and Settings\Bednarr\Ustawienia lokalne\Temp\smt_istartsurf.exe C:\Documents and Settings\Bednarr\Ustawienia lokalne\Temp\sqlite3.dll C:\Documents and Settings\Bednarr\Ustawienia lokalne\Temp\srv78893.exe C:\Documents and Settings\Bednarr\Ustawienia lokalne\Temp\xmlUpdater.exe C:\Documents and Settings\Bednarr\Ustawienia lokalne\Temp\yupdate-exec-yabrowser.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================