Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015 Ran by n (administrator) on OLA on 13-03-2015 19:54:35 Running from C:\Documents and Settings\n\Moje dokumenty\pobrane Loaded Profiles: n (Available profiles: n) Platform: Microsoft Windows XP Dodatek Service Pack 3 (X86) OS Language: Polski Internet Explorer Version 7 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (COMODO) C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe (Teruten) C:\WINDOWS\system32\FsUsbExService.Exe (Microsoft Corp.) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe (ASUSTeK Computer Inc.) C:\Program Files\EeePC\ACPI\AsTray.exe (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe (ASUSTeK Computer Inc.) C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe (ASUSTeK Computer Inc.) C:\Program Files\EeePC\ACPI\AsEPCMon.exe (COMODO) C:\Program Files\Comodo\COMODO Internet Security\cistray.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Intel Corporation) C:\WINDOWS\system32\igfxext.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (ASUSTeK Computer Inc.) C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe (COMODO) C:\Program Files\Comodo\COMODO Internet Security\cis.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (COMODO) C:\Program Files\Comodo\COMODO Internet Security\cmdvirth.exe (COMODO) C:\Program Files\Comodo\COMODO Internet Security\cavwp.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16855040 2008-09-18] (Realtek Semiconductor Corp.) HKLM\...\Run: [AsusTray] => C:\Program Files\EeePC\ACPI\AsTray.exe [114688 2008-12-04] (ASUSTeK Computer Inc.) HKLM\...\Run: [AsusACPIServer] => C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe [622592 2008-12-17] (ASUSTeK Computer Inc.) HKLM\...\Run: [AsusEPCMonitor] => C:\Program Files\EeePC\ACPI\AsEPCMon.exe [94208 2008-05-21] (ASUSTeK Computer Inc.) HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1243864 2015-01-30] (COMODO) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31072 2008-10-25] (Microsoft Corporation) HKU\S-1-5-21-1661413818-2498473542-1586077186-1006\...\Run: [ccleaner] => C:\Program Files\CCleaner\CCleaner.exe [5503768 2015-02-19] (Piriform Ltd) HKU\S-1-5-21-1661413818-2498473542-1586077186-1006\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5503768 2015-02-19] (Piriform Ltd) HKU\S-1-5-21-1661413818-2498473542-1586077186-1006\...\MountPoints2: {13f17bbe-032e-11e3-ae14-0026185b1c8c} - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Współczesne_uzbrojenie_WO_PL_ANG.avi Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\BTTray.lnk ShortcutTarget: BTTray.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\SuperHybridEngine.lnk ShortcutTarget: SuperHybridEngine.lnk -> C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe (ASUSTeK Computer Inc.) ShellIconOverlayIdentifiers: [OverlayIconExtension1] -> {fe25455d-b4c2-4e32-97d2-92632ec1c224} => C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: [OverlayIconExtension2] -> {1fae2d88-a78e-4f03-909f-be818a3c1ce6} => C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm HKU\S-1-5-21-1661413818-2498473542-1586077186-1006\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.pl/ HKU\S-1-5-21-1661413818-2498473542-1586077186-1006\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch URLSearchHook: HKU\S-1-5-21-1661413818-2498473542-1586077186-1006 - (No Name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - No File SearchScopes: HKU\S-1-5-21-1661413818-2498473542-1586077186-1006 -> DefaultScope {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = http://pl.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo SearchScopes: HKU\S-1-5-21-1661413818-2498473542-1586077186-1006 -> {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = http://pl.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14] (Microsoft Corp.) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-13] (Oracle Corporation) BHO: Pomocnik rejestracji usługi Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-13] (Oracle Corporation) BHO: Windows Live Toolbar Helper -> {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} -> C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06] (Microsoft Corporation) Toolbar: HKLM - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06] (Microsoft Corporation) Toolbar: HKU\S-1-5-21-1661413818-2498473542-1586077186-1006 -> &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06] (Microsoft Corporation) Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-12] (Microsoft Corporation) Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll [2009-02-06] (Microsoft Corporation) Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation) Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll [2009-02-06] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 62.179.1.60 62.179.1.61 FireFox: ======== FF ProfilePath: C:\Documents and Settings\n\Dane aplikacji\Mozilla\Firefox\Profiles\e43pkovn.default-1426232573691 FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-03-13] () FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-13] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-13] (Oracle Corporation) FF Plugin: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll No File FF Plugin: @microsoft.com/WLPG,version=14.0.8064.0206 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2009-02-06] (Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-08-05] (Adobe Systems Inc.) FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-11-09] Chrome: ======= CHR Profile: C:\Documents and Settings\n\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Documents and Settings\n\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-05-03] CHR Extension: (Google Drive) - C:\Documents and Settings\n\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-03] CHR Extension: (YouTube) - C:\Documents and Settings\n\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-05-03] CHR Extension: (Google Search) - C:\Documents and Settings\n\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-05-03] CHR Extension: (Gmail) - C:\Documents and Settings\n\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-05-03] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) U2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5868440 2015-01-30] (COMODO) U3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [1664216 2015-01-30] (COMODO) U2 FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [217088 2009-12-22] (Teruten) [File not signed] U3 AppMgmt; %SystemRoot%\System32\appmgmts.dll [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) U3 AR5416; C:\WINDOWS\System32\DRIVERS\athw.sys [1326528 2008-09-18] (Atheros Communications, Inc.) U3 AsusACPI; C:\WINDOWS\System32\DRIVERS\ASUSACPI.sys [10752 2008-04-08] (ASUSTeK Computer Inc.) U3 btaudio; C:\WINDOWS\System32\drivers\btaudio.sys [534568 2008-05-30] (Broadcom Corporation.) U3 BTDriver; C:\WINDOWS\System32\DRIVERS\btport.sys [37160 2008-02-04] (Broadcom Corporation.) U3 BTKRNL; C:\WINDOWS\System32\DRIVERS\btkrnl.sys [991656 2008-08-19] (Broadcom Corporation.) U3 BTWDNDIS; C:\WINDOWS\System32\DRIVERS\btwdndis.sys [156816 2008-07-24] (Broadcom Corporation.) U3 btwhid; C:\WINDOWS\System32\DRIVERS\btwhid.sys [57384 2008-03-10] (Broadcom Corporation.) U3 btwmodem; C:\WINDOWS\System32\DRIVERS\btwmodem.sys [37032 2008-02-04] (Broadcom Corporation.) U3 BTWUSB; C:\WINDOWS\System32\Drivers\btwusb.sys [47272 2008-08-19] (Broadcom Corporation.) U3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation) U1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [15576 2015-01-30] (COMODO) U1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [620120 2015-01-30] (COMODO) U1 cmdHlp; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [29912 2015-01-30] (COMODO) U2 fssfltr; C:\WINDOWS\System32\DRIVERS\fssfltr_tdi.sys [55152 2009-02-06] (Microsoft Corporation) U3 FsUsbExDisk; C:\WINDOWS\system32\FsUsbExDisk.SYS [36640 2009-12-22] () [File not signed] U0 Inspect; C:\WINDOWS\System32\DRIVERS\inspect.sys [105560 2015-01-30] (COMODO) U3 Ktp; C:\WINDOWS\System32\DRIVERS\ETD.sys [93696 2009-02-12] (ELANTECH Devices Corp.) U3 L1e; C:\WINDOWS\System32\DRIVERS\l1e51x86.sys [38400 2008-09-23] (Atheros Communications, Inc.) U3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation) U3 PCAMPR5; C:\WINDOWS\system32\PCAMPR5.SYS [34688 2003-09-23] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed] U3 PCANDIS5; C:\WINDOWS\system32\PCANDIS5.SYS [32128 2006-03-01] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed] U3 RT80x86; C:\WINDOWS\System32\DRIVERS\RT2860.sys [933504 2009-01-19] (Ralink Technology, Corp.) U3 SNP2UVC; C:\WINDOWS\System32\DRIVERS\snp2uvc.sys [1752704 2008-08-11] () U4 IntelIde; No ImagePath U1 WS2IFSL; No ImagePath ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-13 16:19 - 2015-03-13 16:19 - 00185474 _____ () C:\Documents and Settings\n\Pulpit\autoruns_log.rar 2015-03-13 16:18 - 2015-03-13 16:18 - 00000000 ____D () C:\Documents and Settings\n\Pulpit\autoruns_log 2015-03-13 11:04 - 2015-03-13 11:04 - 00032134 _____ () C:\Documents and Settings\n\Moje dokumenty\Shortcut.txt 2015-03-13 11:04 - 2015-03-13 11:04 - 00020141 _____ () C:\Documents and Settings\n\Moje dokumenty\FRST.txt 2015-03-13 11:04 - 2015-03-13 11:04 - 00017131 _____ () C:\Documents and Settings\n\Moje dokumenty\Addition.txt 2015-03-13 10:03 - 2015-03-13 19:54 - 00000000 ____D () C:\FRST 2015-03-13 09:56 - 2015-03-13 09:52 - 00096680 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll 2015-03-13 09:54 - 2015-03-13 09:54 - 00000000 ____D () C:\Program Files\Common Files\Java 2015-03-13 09:52 - 2015-03-13 09:58 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Oracle 2015-03-13 09:49 - 2015-03-13 09:49 - 00000000 ___RD () C:\Documents and Settings\n\Menu Start\Programy\Narzędzia administracyjne 2015-03-13 08:58 - 2015-03-13 08:58 - 00070448 _____ () C:\Documents and Settings\n\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT 2015-03-13 08:54 - 2015-03-13 08:54 - 00000102 _____ () C:\WINDOWS\wininit.ini 2015-03-13 08:47 - 2015-03-13 08:47 - 00000682 _____ () C:\Documents and Settings\All Users\Pulpit\CCleaner.lnk 2015-03-13 08:46 - 2015-03-13 08:46 - 00506264 _____ () C:\WINDOWS\system32\prfh0415.dat 2015-03-13 08:46 - 2015-03-13 08:46 - 00092200 _____ () C:\WINDOWS\system32\prfc0415.dat 2015-03-13 08:43 - 2015-03-13 08:43 - 00000000 ____D () C:\Documents and Settings\n\Pulpit\Stare dane programu Firefox ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-13 19:55 - 2012-01-06 12:00 - 01474832 _____ () C:\WINDOWS\system32\Drivers\sfi.dat 2015-03-13 19:53 - 2014-05-29 10:17 - 00104414 _____ () C:\WINDOWS\system32\Drivers\fvstore.dat 2015-03-13 19:53 - 2013-08-25 20:24 - 00000000 ____D () C:\Documents and Settings\n\Moje dokumenty\pobrane 2015-03-13 19:53 - 2010-02-02 14:58 - 00000000 ____D () C:\Documents and Settings\n\Ustawienia lokalne\Temp 2015-03-13 19:52 - 2013-08-25 10:53 - 00000930 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-03-13 19:44 - 2014-05-28 21:52 - 00000440 _____ () C:\WINDOWS\Tasks\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9}.job 2015-03-13 18:07 - 2014-05-28 21:52 - 00000440 _____ () C:\WINDOWS\Tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job 2015-03-13 16:19 - 2010-02-02 14:58 - 00000000 ____D () C:\Documents and Settings\n\Pulpit 2015-03-13 12:01 - 2014-05-28 21:52 - 00000440 _____ () C:\WINDOWS\Tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job 2015-03-13 10:32 - 2014-06-18 12:10 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2015-03-13 09:56 - 2009-02-04 16:25 - 01126164 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2015-03-13 09:56 - 2009-02-04 16:18 - 00504724 _____ () C:\WINDOWS\system32\perfh015.dat 2015-03-13 09:56 - 2009-02-04 16:18 - 00091144 _____ () C:\WINDOWS\system32\perfc015.dat 2015-03-13 09:52 - 2014-08-18 07:48 - 00146432 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl 2015-03-13 09:52 - 2011-01-11 17:50 - 00000000 ____D () C:\Program Files\Java 2015-03-13 09:52 - 2009-02-04 16:25 - 00000000 __RHD () C:\Documents and Settings\All Users\Dane aplikacji 2015-03-13 09:49 - 2010-02-02 14:58 - 00000000 ___RD () C:\Documents and Settings\n\Menu Start\Programy 2015-03-13 09:08 - 2009-02-04 15:32 - 01099306 _____ () C:\WINDOWS\WindowsUpdate.log 2015-03-13 09:03 - 2009-02-04 16:18 - 00001158 _____ () C:\WINDOWS\system32\wpa.dbl 2015-03-13 08:58 - 2010-02-02 14:58 - 00000000 ___HD () C:\Documents and Settings\n\Ustawienia lokalne\Dane aplikacji 2015-03-13 08:56 - 2014-05-29 05:24 - 00000214 _____ () C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job 2015-03-13 08:56 - 2014-05-28 21:52 - 00000440 _____ () C:\WINDOWS\Tasks\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22}.job 2015-03-13 08:56 - 2010-02-02 14:58 - 00000188 ___SH () C:\Documents and Settings\n\ntuser.ini 2015-03-13 08:56 - 2010-02-02 14:58 - 00000000 ____D () C:\Documents and Settings\n 2015-03-13 08:56 - 2009-02-04 16:28 - 00000159 _____ () C:\WINDOWS\wiadebug.log 2015-03-13 08:56 - 2009-02-04 16:28 - 00000050 _____ () C:\WINDOWS\wiaservc.log 2015-03-13 08:56 - 2009-02-04 15:37 - 00032356 _____ () C:\WINDOWS\SchedLgU.Txt 2015-03-13 08:56 - 2009-02-04 15:37 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2015-03-13 08:52 - 2013-08-25 10:53 - 00701616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2015-03-13 08:52 - 2013-08-20 15:27 - 00000000 ____D () C:\WINDOWS\system32\MRT 2015-03-13 08:52 - 2011-11-10 15:32 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2015-03-13 08:48 - 2014-06-16 09:03 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\CCleaner 2015-03-13 08:47 - 2010-11-09 15:44 - 00000000 ____D () C:\Program Files\CCleaner 2015-03-13 08:47 - 2009-02-04 16:25 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit 2015-02-26 21:20 - 2011-01-11 18:08 - 119837696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe ==================== Files in the root of some directories ======= 2010-11-09 16:42 - 2010-11-09 16:42 - 0002528 _____ () C:\Documents and Settings\n\Dane aplikacji\$_hpcst$.hpc 2010-02-08 15:49 - 2014-07-07 18:56 - 0020992 _____ () C:\Documents and Settings\n\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2010-02-02 14:58 - 2009-03-12 13:23 - 0000135 _____ () C:\Documents and Settings\n\Ustawienia lokalne\Dane aplikacji\fusioncache.dat Some content of TEMP: ==================== C:\Documents and Settings\n\Ustawienia lokalne\Temp\jre-8u40-windows-au.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================