Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-11-2014 Ran by 4 (administrator) on 4-738229A91A604 on 02-11-2014 11:38:03 Running from C:\Documents and Settings\4\Pulpit Loaded Profile: 4 (Available profiles: 4 & siwek & Administrator & Gość) Platform: Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polski Internet Explorer Version 8 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (Teruten) C:\WINDOWS\system32\FsUsbExService.Exe (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe (NeoSmart Technologies) C:\Program Files\NeoSmart Technologies\ToolTipFixer\ToolTipFixer.exe (AVAST Software) C:\Program Files\Alwil Software\Avast5\avastui.exe (Sonix) C:\WINDOWS\vsnp2std.exe (A4Tech Co.,Ltd.) C:\Program Files\A4Tech\Mouse\Amoumain.exe (Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe (Opera Software) C:\Program Files\Opera\25.0.1614.68\opera.exe () C:\Program Files\Opera\25.0.1614.68\opera_crashreporter.exe (Opera Software) C:\Program Files\Opera\25.0.1614.68\opera.exe (Opera Software) C:\Program Files\Opera\25.0.1614.68\opera.exe (Opera Software) C:\Program Files\Opera\25.0.1614.68\opera.exe (Opera Software) C:\Program Files\Opera\25.0.1614.68\opera.exe (Opera Software) C:\Program Files\Opera\25.0.1614.68\opera.exe (Opera Software) C:\Program Files\Opera\25.0.1614.68\opera.exe (Opera Software) C:\Program Files\Opera\25.0.1614.68\opera.exe (Opera Software) C:\Program Files\Opera\25.0.1614.68\opera.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [4085896 2014-07-31] (AVAST Software) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM\...\Run: [nwiz] => nwiz.exe /install HKLM\...\Run: [tsnp2std] => C:\WINDOWS\tsnp2std.exe [258048 2009-03-10] (SONIX) HKLM\...\Run: [snp2std] => C:\WINDOWS\vsnp2std.exe [675840 2007-08-07] (Sonix) HKLM\...\Run: [WheelMouse] => C:\Program Files\A4Tech\Mouse\Amoumain.exe [241664 2007-02-10] (A4Tech Co.,Ltd.) HKLM\...\Winlogon: [UIHost] C:\WINDOWS\system32\logonui.exe [515072 2008-04-14] (Microsoft Corporation) HKU\S-1-5-21-776561741-706699826-682003330-1003\...\MountPoints2: {081c683e-5871-11e3-8954-001fd034bfa5} - K:\Startme.exe HKU\S-1-5-21-776561741-706699826-682003330-1003\...\MountPoints2: {38e9b840-1835-11e1-93aa-806d6172696f} - E:\DisneySplash.exe HKU\S-1-5-21-776561741-706699826-682003330-1003\...\MountPoints2: {50c9dcfc-88ed-11df-8e73-001fd034bfa5} - K:\LaunchU3.exe -a HKU\S-1-5-21-776561741-706699826-682003330-1003\...\MountPoints2: {58eab3d6-3e36-11e2-9dff-001fd034bfa5} - K:\Setup.exe HKU\S-1-5-21-776561741-706699826-682003330-1003\...\MountPoints2: {9238d6c0-16d1-11e1-ac5e-806d6172696f} - E:\Setup.exe HKU\S-1-5-21-776561741-706699826-682003330-1003\...\MountPoints2: {ab09ff7a-2334-11e1-93c0-001fd034bfa5} - K:\launcher.exe HKU\S-1-5-21-776561741-706699826-682003330-1003\...\MountPoints2: {e6291407-fcf2-11e1-bb7e-001fd034bfa5} - K:\Setup.exe ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll (AVAST Software) BootExecute: ￾￿콈м괵粑 GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ HKCU\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKCU - {31DEEF83-0D6B-4528-807D-AC6CE7B1F3CE} URL = https://www.google.com/search?q={searchTerms} SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software) BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKCU - &Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) Toolbar: HKCU - &Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} https://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.80.2.cab DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Documents and Settings\4\Dane aplikacji\Mozilla\Firefox\Profiles\75besv1t.default-1414495172058 FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_189.dll () FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.) FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @ngm.nexoneu.com/NxGame -> C:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\npNxGameEU.dll (Nexon) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Extension: Adblock Plus - C:\Documents and Settings\4\Dane aplikacji\Mozilla\Firefox\Profiles\75besv1t.default-1414495172058\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-01] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-06-29] Chrome: ======= CHR Profile: C:\Documents and Settings\4\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default CHR Extension: (Angry Birds) - C:\Documents and Settings\4\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-02-15] CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2014-07-06] CHR HKCU\...\Chrome\Extension: [bhnjjbcnbmjmhgpliahlamecmbejpaol] - C:\Documents and Settings\4\Ustawienia lokalne\Dane aplikacji\CRE\bhnjjbcnbmjmhgpliahlamecmbejpaol.crx [2014-07-06] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2014-07-06] (AVAST Software) R2 FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [233472 2013-05-22] (Teruten) [File not signed] S4 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2014-01-21] (Macrovision Corporation) [File not signed] S3 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-11-04] (Oracle Corporation) S3 npggsvc; C:\WINDOWS\system32\GameMon.des [4033024 2012-03-07] (INCA Internet Co., Ltd.) S4 PuranDefrag; C:\WINDOWS\system32\PuranDefragS.exe [260992 2013-01-17] (Puran Software) [File not signed] R2 ToolTipFixer; C:\Program Files\NeoSmart Technologies\ToolTipFixer\ToolTipFixer.exe [61952 2008-10-14] (NeoSmart Technologies) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative) R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [43520 2006-06-18] (Advanced Micro Devices) R1 Amfilter; C:\WINDOWS\System32\DRIVERS\Amfilter.sys [8704 2007-01-24] (A4Tech Co.,Ltd.) [File not signed] R3 Amusbprt; C:\WINDOWS\System32\DRIVERS\Amusbprt.sys [13824 2007-02-11] (A4Tech Co.,Ltd.) [File not signed] R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-07-06] () R0 aswKbd; C:\WINDOWS\system32\Drivers\aswKbd.sys [21576 2013-05-09] (AVAST Software) R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-07-06] (AVAST Software) R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55112 2014-07-06] (AVAST Software) R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-07-06] () R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [779536 2014-07-06] (AVAST Software) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [414520 2014-07-06] (AVAST Software) R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57800 2014-07-06] (AVAST Software) R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [192352 2014-07-06] () S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation) R3 FsUsbExDisk; C:\WINDOWS\system32\FsUsbExDisk.SYS [37344 2013-05-22] () [File not signed] R0 imagedrv; C:\WINDOWS\System32\Drivers\imagedrv.sys [5888 2005-09-01] (Ahead Software AG) [File not signed] R0 imagesrv; C:\WINDOWS\System32\DRIVERS\imagesrv.sys [127488 2005-09-01] (Ahead Software AG) [File not signed] S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.) S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation) S3 NPF; C:\WINDOWS\System32\drivers\NPF.sys [50704 2012-03-02] (CACE Technologies, Inc.) R0 nvata; C:\WINDOWS\System32\DRIVERS\nvata.sys [105344 2006-08-14] (NVIDIA Corporation) R3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [70912 2010-03-04] (NVIDIA Corporation) R0 nvgts; C:\WINDOWS\System32\DRIVERS\nvgts.sys [168040 2010-04-08] (NVIDIA Corporation) R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [13824 2010-03-04] (NVIDIA Corporation) S3 PRODIGY; C:\WINDOWS\System32\Drivers\PRODIGY.SYS [32377 2006-08-29] (B-phreaks) [File not signed] S3 RTCore32; C:\Program Files\MSI Afterburner\RTCore32.sys [5632 2013-03-11] () [File not signed] S3 s0016bus; C:\WINDOWS\System32\DRIVERS\s0016bus.sys [89256 2008-05-16] (MCCI Corporation) S3 s0016nd5; C:\WINDOWS\System32\DRIVERS\s0016nd5.sys [25512 2008-05-16] (MCCI Corporation) S3 s0016unic; C:\WINDOWS\System32\DRIVERS\s0016unic.sys [115752 2008-05-16] (MCCI Corporation) R3 SCREAMINGBDRIVER; C:\WINDOWS\System32\drivers\ScreamingBAudio.sys [34384 2009-12-01] (Screaming Bee LLC) R0 sfhlp02; C:\WINDOWS\System32\drivers\sfhlp02.sys [6656 2005-02-23] (Protection Technology) [File not signed] S3 SNP2STD; C:\WINDOWS\System32\DRIVERS\snp2sxp.sys [12067328 2008-02-13] () [File not signed] R1 StarOpen; C:\WINDOWS\system32\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed] R1 Tcpip; C:\WINDOWS\System32\DRIVERS\tcpip.sys [361600 2008-06-20] (Microsoft Corporation) [File not signed] R0 tffsport; C:\WINDOWS\System32\DRIVERS\tffsport.sys [149376 2008-04-13] (M-Systems) S3 vsbus; C:\WINDOWS\System32\DRIVERS\vsb.sys [15264 2008-07-23] () [File not signed] S3 vserial; C:\WINDOWS\System32\DRIVERS\vserial.sys [47744 2008-07-23] () [File not signed] S3 vulfnths; C:\WINDOWS\System32\Drivers\vulfnth.sys [6912 2005-01-05] (VIA Technologies, Inc.) [File not signed] S3 vulfntrs; C:\WINDOWS\System32\Drivers\vulfntr.sys [11264 2005-06-06] (VIA Technologies, Inc.) [File not signed] S3 dgderdrv; System32\drivers\dgderdrv.sys [X] S3 EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys [X] S4 IntelIde; No ImagePath S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X] U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation) U5 Tcpip6; C:\Windows\System32\Drivers\Tcpip6.sys [226880 2010-02-11] (Microsoft Corporation) U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-03-09] () [File not signed] U1 WS2IFSL; No ImagePath ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-02 11:36 - 2014-11-02 11:38 - 00014920 _____ () C:\Documents and Settings\4\Pulpit\FRST.txt 2014-11-02 11:36 - 2014-11-02 11:38 - 00000000 ____D () C:\FRST 2014-11-02 11:35 - 2014-11-02 11:35 - 01105920 _____ (Farbar) C:\Documents and Settings\4\Pulpit\FRST.exe 2014-10-30 11:17 - 2014-10-30 11:17 - 00014168 _____ () C:\Documents and Settings\4\Pulpit\cc_20141030_111723.reg 2014-10-30 11:07 - 2014-10-30 11:07 - 00000358 _____ () C:\WINDOWS\Tasks\InfiniteCrisis TW2.job 2014-10-30 11:07 - 2014-10-30 11:07 - 00000358 _____ () C:\WINDOWS\Tasks\InfiniteCrisis TW1.job 2014-10-30 11:07 - 2014-10-30 11:07 - 00000000 ____D () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\ICSharpCode.net 2014-10-30 11:07 - 2014-10-30 11:07 - 00000000 ____D () C:\Documents and Settings\4\Menu Start\Programy\InfiniteCrisis 2014-10-30 11:07 - 2014-10-30 11:07 - 00000000 ____D () C:\Documents and Settings\4\Dane aplikacji\InfiniteCrisis486 2014-10-30 11:07 - 2014-10-30 11:07 - 00000000 ____D () C:\Documents and Settings\4\Dane aplikacji\GameOff 2014-10-25 18:46 - 2014-10-25 18:46 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\TeamViewer 9 2014-10-25 16:36 - 2014-10-25 16:36 - 00001422 _____ () C:\WINDOWS\wmsetup.log 2014-10-25 16:30 - 2014-10-25 16:30 - 02117934 _____ () C:\Documents and Settings\4\Pulpit\WARROCK_2014_10_25_17_18_27_468_x264.mp4 2014-10-10 14:38 - 2014-10-30 11:07 - 00000000 ____D () C:\Documents and Settings\4\Menu Start\Programy 2014-10-10 14:38 - 2014-10-10 14:38 - 00000000 ____D () C:\Documents and Settings\4\Menu Start\Programy\Autostart 2014-10-10 14:34 - 2014-10-10 14:34 - 00000000 ____D () C:\Documents and Settings\4\Ustawienia lokalne\Dane aplikacji\com 2014-10-10 14:26 - 2014-10-10 14:26 - 00000000 ____D () C:\Documents and Settings\4\Dane aplikacji\Rovio 2014-10-10 14:25 - 2014-10-14 23:17 - 00000000 ____D () C:\Documents and Settings\4\Dane aplikacji\Rovio Entertainment Ltd 2014-10-08 14:00 - 2014-10-08 14:00 - 00000027 _____ () C:\Documents and Settings\4\Pulpit\Nowy Dokument tekstowy.txt 2014-10-07 13:59 - 2014-10-07 13:59 - 00000474 _____ () C:\WINDOWS\regopt.log 2014-10-07 10:49 - 2014-10-07 10:49 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-10-03 11:24 - 2014-10-03 11:24 - 00000000 ____D () C:\Documents and Settings\NetworkService\Pulpit 2014-10-03 11:24 - 2014-10-03 11:24 - 00000000 ____D () C:\Documents and Settings\NetworkService\Menu Start\Programy\Autostart 2014-10-03 11:24 - 2014-10-03 11:24 - 00000000 ____D () C:\Documents and Settings\NetworkService\Menu Start\Programy 2014-10-03 11:24 - 2014-10-03 11:24 - 00000000 ____D () C:\Documents and Settings\NetworkService\Menu Start 2014-10-03 11:21 - 2014-10-03 11:22 - 00000000 ____D () C:\Documents and Settings\4\Dane aplikacji\Elex-tech 2014-10-03 10:55 - 2014-10-30 11:21 - 00000000 ____D () C:\Documents and Settings\4\Moje dokumenty\Pobrane ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-02 11:38 - 2007-04-18 22:18 - 00000000 ____D () C:\Documents and Settings\4\Ustawienia lokalne\Temp 2014-11-02 11:38 - 2007-04-18 22:18 - 00000000 ____D () C:\Documents and Settings\4\Pulpit 2014-11-02 11:36 - 2012-12-18 17:31 - 00000930 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-11-02 11:35 - 2007-04-18 22:18 - 00000000 ___SD () C:\Documents and Settings\4\Moje dokumenty 2014-11-02 10:53 - 2012-07-04 12:46 - 00000366 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job 2014-11-02 10:48 - 2014-06-03 09:04 - 00000444 _____ () C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1390330399.job 2014-11-02 10:48 - 2014-03-24 17:27 - 00000214 _____ () C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job 2014-11-02 10:48 - 2014-03-14 13:03 - 00000270 _____ () C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-776561741-706699826-682003330-1003.job 2014-11-02 10:44 - 2007-04-18 22:01 - 01630303 _____ () C:\WINDOWS\WindowsUpdate.log 2014-11-02 10:43 - 2007-04-18 23:53 - 00000159 _____ () C:\WINDOWS\wiadebug.log 2014-11-02 10:43 - 2007-04-18 23:53 - 00000050 _____ () C:\WINDOWS\wiaservc.log 2014-11-02 10:42 - 2007-04-18 22:13 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-11-02 10:42 - 2001-07-21 21:17 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl 2014-11-02 00:10 - 2007-04-18 22:13 - 00032278 _____ () C:\WINDOWS\SchedLgU.Txt 2014-11-01 19:44 - 2007-04-18 22:18 - 00000188 ___SH () C:\Documents and Settings\4\ntuser.ini 2014-11-01 01:15 - 2007-04-18 22:18 - 00000000 ____D () C:\Documents and Settings\4 2014-10-31 10:04 - 2007-04-18 23:51 - 00000000 __RHD () C:\Documents and Settings\All Users\Dane aplikacji 2014-10-31 10:04 - 2007-04-18 22:18 - 00000000 __RHD () C:\Documents and Settings\4\Dane aplikacji 2014-10-30 17:30 - 2009-06-13 23:47 - 00000000 ____D () C:\Program Files\Opera 2014-10-30 11:12 - 2013-01-08 18:36 - 00000730 _____ () C:\Documents and Settings\All Users\Menu Start\Programy\Mozilla Firefox.lnk 2014-10-30 11:12 - 2013-01-08 18:36 - 00000724 _____ () C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk 2014-10-30 11:11 - 2007-04-18 23:51 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit 2014-10-30 11:11 - 2007-04-18 23:51 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy 2014-10-29 20:42 - 2013-01-12 14:53 - 00000000 ____D () C:\Documents and Settings\4\Moje dokumenty\Pobieranie 2014-10-28 12:07 - 2011-04-08 14:58 - 00000278 _____ () C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-776561741-706699826-682003330-1003.job 2014-10-26 09:52 - 2007-04-18 23:51 - 01405810 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2014-10-26 09:52 - 2001-10-26 15:15 - 00608350 _____ () C:\WINDOWS\system32\perfh015.dat 2014-10-26 09:52 - 2001-10-26 15:15 - 00131930 _____ () C:\WINDOWS\system32\perfc015.dat 2014-10-25 18:46 - 2014-04-10 13:43 - 00000815 _____ () C:\Documents and Settings\All Users\Pulpit\TeamViewer 9.lnk 2014-10-25 16:29 - 2014-06-06 11:32 - 00000852 _____ () C:\Documents and Settings\4\Pulpit\Any Video Converter.lnk 2014-10-25 16:29 - 2014-06-06 11:32 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\AnvSoft 2014-10-25 16:29 - 2011-05-22 12:28 - 00000000 ____D () C:\Documents and Settings\4\Dane aplikacji\AnvSoft 2014-10-25 16:11 - 2014-05-29 11:15 - 00000000 ____D () C:\Program Files\RivaTuner Statistics Server 2014-10-25 16:11 - 2014-05-29 11:14 - 00000000 ____D () C:\Program Files\MSI Afterburner 2014-10-24 10:44 - 2013-12-10 01:00 - 00000000 ____D () C:\Documents and Settings\4\Dane aplikacji\TS3Client 2014-10-23 16:43 - 2014-07-31 10:48 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2014-10-21 13:38 - 2014-09-13 07:03 - 00503745 _____ () C:\WINDOWS\setupapi.log 2014-10-19 15:45 - 2012-07-25 10:50 - 00701104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2014-10-19 15:45 - 2012-07-25 10:50 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2014-10-19 12:09 - 2014-09-13 07:04 - 00000749 _____ () C:\WINDOWS\setupact.log 2014-10-17 15:26 - 2009-12-23 16:21 - 00000000 ___SD () C:\Documents and Settings\4\Pulpit\diablo 2014-10-16 16:32 - 2014-08-27 08:40 - 00000000 ____D () C:\Documents and Settings\4\Ustawienia lokalne\Dane aplikacji\Adobe 2014-10-15 07:37 - 2012-09-16 19:10 - 00000000 ____D () C:\Documents and Settings\4\Dane aplikacji\Samsung 2014-10-15 07:36 - 2013-08-14 19:16 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-10-15 07:33 - 2012-09-17 15:05 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Samsung 2014-10-15 07:33 - 2011-05-06 20:32 - 00000682 _____ () C:\Documents and Settings\All Users\Pulpit\CCleaner.lnk 2014-10-15 07:33 - 2011-05-06 20:32 - 00000000 ____D () C:\Program Files\CCleaner 2014-10-15 07:33 - 2007-04-18 22:21 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information 2014-10-15 07:31 - 2009-08-20 11:06 - 100290944 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-10-14 23:20 - 2007-04-18 23:51 - 00000000 __RHD () C:\Documents and Settings\Default User\Dane aplikacji 2014-10-14 23:20 - 2007-04-18 23:51 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start 2014-10-13 23:14 - 2012-09-16 23:38 - 02086840 _____ () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-S-1-5-21-776561741-706699826-682003330-1003-0.dat 2014-10-13 23:14 - 2012-09-16 23:38 - 00154698 _____ () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat 2014-10-13 14:32 - 2009-08-13 14:51 - 00000000 ____D () C:\WINDOWS\Microsoft.NET 2014-10-13 13:41 - 2007-04-18 23:51 - 00000000 ___RD () C:\Documents and Settings\All Users\Dokumenty 2014-10-13 13:35 - 2007-04-18 22:13 - 00000000 ____D () C:\Documents and Settings\LocalService\Ustawienia lokalne\Temp 2014-10-10 23:28 - 2011-01-02 10:58 - 00262144 _____ () C:\WINDOWS\system32\config\WindowsPowerShell.evt 2014-10-10 14:38 - 2007-04-18 22:18 - 00000000 ___RD () C:\Documents and Settings\4\Menu Start 2014-10-10 14:37 - 2014-05-29 15:25 - 00000000 ____D () C:\Documents and Settings\4\Dane aplikacji\DVDVideoSoft 2014-10-10 14:37 - 2007-04-18 22:18 - 00000000 ___HD () C:\Documents and Settings\4\Ustawienia lokalne\Dane aplikacji 2014-10-09 14:17 - 2014-05-03 09:11 - 00000000 ____D () C:\Documents and Settings\4\Dane aplikacji\TeamViewer 2014-10-08 14:00 - 2014-03-24 17:27 - 00000208 _____ () C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — co miesiąc.job 2014-10-08 08:35 - 2013-01-08 18:36 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-10-03 11:30 - 2007-04-18 23:50 - 00161936 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-10-03 11:24 - 2007-04-18 22:05 - 00000000 __SHD () C:\Documents and Settings\NetworkService 2014-10-03 10:56 - 2008-12-09 11:09 - 00031968 ____C () C:\Documents and Settings\4\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT Some content of TEMP: ==================== C:\Documents and Settings\4\Ustawienia lokalne\Temp\wtw-update.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================