Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-04-2015 Ran by Mateusz (administrator) on DENTKA-PC on 11-04-2015 12:43:30 Running from C:\Documents and Settings\Mateusz\Pulpit Loaded Profiles: Mateusz (Available profiles: Mateusz) Platform: Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polski Internet Explorer Version 8 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) () C:\Program Files\ATKGFNEX\GFNEXSrv.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe (Syntek America Inc.) C:\WINDOWS\system32\StkCSrv.exe (Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe (Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe (Motorola Inc.) C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe () C:\Program Files\ATK Hotkey\HControl.exe (ASUSTeK Computer INC.) C:\Program Files\ASUS\ATK Media\DMedia.exe (Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (GG Network S.A.) C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\GG\Application\gghub.exe () C:\Program Files\ATK Hotkey\ATKOSD.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe () C:\Program Files\ATK Hotkey\KBFiltr.exe () C:\Program Files\ATK Hotkey\WDC.exe (GG Network S.A.) C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\GG\Application\ggapp.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16859136 2007-12-12] (Realtek Semiconductor Corp.) HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup HKLM\...\Run: [nwiz] => nwiz.exe /install HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit HKLM\...\Run: [SMSERIAL] => C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [630784 2006-11-22] (Motorola Inc.) HKLM\...\Run: [ATKHOTKEY] => C:\Program Files\ATK Hotkey\Hcontrol.exe [225280 2007-07-12] () HKLM\...\Run: [ATKMEDIA] => C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [61440 2006-11-02] (ASUSTeK Computer INC.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [786521 2006-05-25] (Synaptics, Inc.) HKLM\...\Run: [BluetoothAuthenticationAgent] => rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5088456 2014-10-01] (ESET) HKU\S-1-5-21-2025429265-854245398-1801674531-1003\...\Run: [Facebook Update] => C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Facebook\Update\FacebookUpdate.exe [138096 2014-03-24] (Facebook Inc.) HKU\S-1-5-21-2025429265-854245398-1801674531-1003\...\Run: [GG] => C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\GG\Application\gghub.exe [4078144 2015-04-01] (GG Network S.A.) Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\McAfee Security Scan Plus.lnk ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.) ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-2025429265-854245398-1801674531-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-2025429265-854245398-1801674531-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation) DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab FireFox: ======== FF ProfilePath: C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\s0a94t6y.default FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] () FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2013-10-02] ( ) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2025429265-854245398-1801674531-1003: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited) FF Extension: Adblock Plus - C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\s0a94t6y.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-22] FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF HKU\S-1-5-21-2025429265-854245398-1801674531-1003\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\Documents and Settings\All Users\Dane aplikacji\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi FF Extension: McAfee Security Scan Plus - C:\Documents and Settings\All Users\Dane aplikacji\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] Chrome: ======= CHR Profile: C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-22] CHR Extension: (Google Drive) - C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-22] CHR Extension: (YouTube) - C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-22] CHR Extension: (Google Search) - C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-22] CHR Extension: (Google Wallet) - C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-22] CHR Extension: (Gmail) - C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-22] CHR HKLM\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.google.com/service/update2/crx ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] () [File not signed] R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [1349576 2014-10-01] (ESET) S2 KMService; C:\WINDOWS\system32\srvany.exe [8192 2014-02-22] () [File not signed] S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.) R2 StkSSrv; C:\WINDOWS\System32\StkCSrv.exe [24576 2007-04-19] (Syntek America Inc.) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [43520 2006-06-19] (Advanced Micro Devices) S3 AR5211; C:\WINDOWS\System32\DRIVERS\ar5211.sys [549184 2007-10-26] (Atheros Communications, Inc.) R2 ASMMAP; C:\Program Files\ATKGFNEX\ASMMAP.sys [13880 2007-07-24] () R3 ASNDIS5; C:\Program Files\ATK Hotkey\ASNDIS5.SYS [16269 2004-05-27] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed] S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation) R3 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [191928 2014-10-10] (ESET) R1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [135296 2014-10-10] (ESET) R1 epfwtdir; C:\WINDOWS\System32\DRIVERS\epfwtdir.sys [119792 2014-10-10] (ESET) S3 FTDIBUS; C:\WINDOWS\System32\drivers\ftdibus.sys [47249 2006-05-18] (FTDI Ltd.) R3 kbfiltr; C:\WINDOWS\System32\DRIVERS\kbfiltr.sys [5632 2007-01-24] ( ) [File not signed] R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ATKACPI.sys [7680 2006-12-14] (ATK0100) S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation) S3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [46720 2007-05-04] (NVIDIA Corporation) S3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [19968 2007-05-04] (NVIDIA Corporation) R3 StkCMini; C:\WINDOWS\System32\Drivers\StkCMini.sys [1260672 2007-06-06] (Syntek) S3 WINFLASH; C:\WINDOWS\system32\DRIVERS\WINFLASH.sys [3266 2001-09-28] () [File not signed] S3 catchme; \??\C:\DOCUME~1\Mateusz\USTAWI~1\Temp\catchme.sys [X] S4 IntelIde; No ImagePath ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-11 12:43 - 2015-04-11 12:43 - 00012166 _____ () C:\Documents and Settings\Mateusz\Pulpit\FRST.txt 2015-04-11 12:42 - 2015-04-11 12:43 - 00000000 ____D () C:\FRST 2015-04-11 12:41 - 2015-04-11 12:37 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Mateusz\Pulpit\OTL.exe 2015-04-11 12:41 - 2015-04-11 12:36 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Mateusz\Pulpit\OTL.com 2015-04-11 12:41 - 2015-04-11 12:35 - 00380416 _____ () C:\Documents and Settings\Mateusz\Pulpit\tuqrfd13.exe 2015-04-11 12:41 - 2015-04-11 12:33 - 01135104 _____ (Farbar) C:\Documents and Settings\Mateusz\Pulpit\FRST.exe 2015-04-10 21:06 - 2015-04-10 21:06 - 00000000 ____H () C:\Documents and Settings\Mateusz\Moje dokumenty\Default.rdp 2015-04-06 06:24 - 2015-04-06 06:24 - 00000729 _____ () C:\Documents and Settings\Mateusz\Moje dokumenty\fefs.txt 2015-04-06 05:34 - 2015-04-06 05:34 - 00000344 _____ () C:\Documents and Settings\Mateusz\Moje dokumenty\ORANGE INTERNET.prof 2015-04-03 07:24 - 2015-04-03 21:53 - 00000078 _____ () C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\FASTWiz.log 2015-04-03 05:28 - 2015-04-04 11:45 - 00106268 _____ () C:\WINDOWS\pfirewall.log 2015-04-03 00:28 - 2015-04-03 00:28 - 00000371 _____ () C:\Documents and Settings\Mateusz\Moje dokumenty\2.txt 2015-04-03 00:25 - 2015-04-06 06:16 - 00000029 _____ () C:\Documents and Settings\Mateusz\Moje dokumenty\haha.txt 2015-04-02 22:28 - 2015-04-02 22:28 - 00000000 ____D () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\ESET 2015-03-22 13:04 - 2015-04-03 19:19 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2015-03-18 00:33 - 2015-03-18 00:33 - 00000000 __SHD () C:\found.000 ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-11 12:43 - 2014-02-22 22:38 - 00000000 ____D () C:\Documents and Settings\Mateusz\Ustawienia lokalne\temp 2015-04-11 12:43 - 2014-02-22 18:07 - 00000000 ____D () C:\Documents and Settings\Mateusz\Pulpit 2015-04-11 12:40 - 2014-02-22 18:45 - 00874054 _____ () C:\WINDOWS\setupapi.log 2015-04-11 12:21 - 2014-09-11 20:21 - 00000000 ____D () C:\Documents and Settings\Mateusz\Dane aplikacji\GG 2015-04-11 12:20 - 2014-05-01 22:19 - 00000260 _____ () C:\WINDOWS\Tasks\WGASetup.job 2015-04-11 12:20 - 2014-03-16 20:44 - 00000226 _____ () C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job 2015-04-11 12:20 - 2014-02-22 20:11 - 00001032 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-04-11 12:15 - 2014-03-24 04:10 - 00001010 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2025429265-854245398-1801674531-1003UA.job 2015-04-11 11:59 - 2014-02-22 21:35 - 00000930 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-04-11 11:59 - 2014-02-22 18:00 - 01994239 _____ () C:\WINDOWS\WindowsUpdate.log 2015-04-11 11:58 - 2014-02-22 18:54 - 00000157 _____ () C:\WINDOWS\wiadebug.log 2015-04-11 11:58 - 2014-02-22 18:54 - 00000050 _____ () C:\WINDOWS\wiaservc.log 2015-04-11 11:58 - 2014-02-22 18:06 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2015-04-10 20:49 - 2014-02-22 15:14 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl 2015-04-06 06:49 - 2014-02-22 20:11 - 00001036 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-04-06 06:43 - 2015-01-20 14:39 - 00000016 _____ () C:\WINDOWS\SCNDRVU.INI 2015-04-06 06:43 - 2014-02-22 18:46 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy\Autostart 2015-04-06 06:43 - 2014-02-22 18:46 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy 2015-04-06 06:43 - 2014-02-22 18:46 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit 2015-04-06 06:43 - 2014-02-22 17:40 - 00000000 ____D () C:\WINDOWS\twain_32 2015-04-06 06:41 - 2014-02-22 18:46 - 00000000 ___RD () C:\Documents and Settings\Default User\Menu Start\Programy 2015-04-06 06:41 - 2014-02-22 18:07 - 00000000 ___RD () C:\Documents and Settings\Mateusz\Menu Start\Programy 2015-04-06 06:41 - 2014-02-22 17:58 - 00011299 _____ () C:\WINDOWS\wmsetup.log 2015-04-06 06:24 - 2014-02-22 18:07 - 00000000 ___RD () C:\Documents and Settings\Mateusz\Moje dokumenty 2015-04-06 04:56 - 2014-02-22 21:24 - 00000000 ____D () C:\Documents and Settings\Mateusz\Moje dokumenty\Pliki programu Outlook 2015-04-06 04:56 - 2014-02-22 18:45 - 00000000 __RHD () C:\Documents and Settings\All Users\Dane aplikacji 2015-04-04 02:29 - 2014-02-22 18:06 - 00032556 _____ () C:\WINDOWS\SchedLgU.Txt 2015-04-03 22:24 - 2014-02-22 18:46 - 00754898 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2015-04-03 22:24 - 2014-02-22 15:13 - 00353384 _____ () C:\WINDOWS\system32\perfh015.dat 2015-04-03 22:24 - 2014-02-22 15:13 - 00048430 _____ () C:\WINDOWS\system32\perfc015.dat 2015-04-03 22:22 - 2014-02-22 17:40 - 00000000 ____D () C:\WINDOWS\security 2015-04-03 21:53 - 2014-02-22 18:07 - 00000000 ___HD () C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji 2015-04-03 20:05 - 2014-05-30 17:29 - 00014901 _____ () C:\WINDOWS\KB2936068-IE8.log 2015-04-03 20:05 - 2014-05-02 23:02 - 00009309 _____ () C:\WINDOWS\KB2964358-IE8.log 2015-04-03 09:01 - 2014-02-22 18:07 - 00000188 ___SH () C:\Documents and Settings\Mateusz\ntuser.ini 2015-04-03 07:45 - 2014-02-22 17:40 - 00000000 ____D () C:\WINDOWS\Help 2015-04-03 04:58 - 2014-02-22 17:40 - 00000000 ____D () C:\WINDOWS\system32\ras 2015-04-03 04:45 - 2014-02-27 02:46 - 00036290 _____ () C:\WINDOWS\msmqinst.log 2015-04-03 04:45 - 2014-02-22 18:46 - 01116149 _____ () C:\WINDOWS\iis6.log 2015-04-03 04:45 - 2014-02-22 18:46 - 00968579 _____ () C:\WINDOWS\FaxSetup.log 2015-04-03 04:45 - 2014-02-22 18:46 - 00481418 _____ () C:\WINDOWS\ocgen.log 2015-04-03 04:45 - 2014-02-22 18:46 - 00451876 _____ () C:\WINDOWS\tsoc.log 2015-04-03 04:45 - 2014-02-22 18:46 - 00333887 _____ () C:\WINDOWS\comsetup.log 2015-04-03 04:45 - 2014-02-22 18:46 - 00201603 _____ () C:\WINDOWS\ntdtcsetup.log 2015-04-03 04:45 - 2014-02-22 18:46 - 00170650 _____ () C:\WINDOWS\netfxocm.log 2015-04-03 04:45 - 2014-02-22 18:46 - 00067719 _____ () C:\WINDOWS\MedCtrOC.log 2015-04-03 04:45 - 2014-02-22 18:46 - 00060828 _____ () C:\WINDOWS\ocmsn.log 2015-04-03 04:45 - 2014-02-22 18:46 - 00050386 _____ () C:\WINDOWS\tabletoc.log 2015-04-03 04:45 - 2014-02-22 18:46 - 00049025 _____ () C:\WINDOWS\msgsocm.log 2015-04-03 04:45 - 2014-02-22 18:46 - 00004635 _____ () C:\WINDOWS\imsins.log 2015-04-02 22:51 - 2014-06-22 13:34 - 00000000 ____D () C:\Documents and Settings\Mateusz\Moje dokumenty\Pobrane 2015-04-02 19:44 - 2014-02-22 21:15 - 00065536 _____ () C:\WINDOWS\system32\config\OAlerts.evt 2015-04-02 12:50 - 2014-02-22 20:12 - 00001825 _____ () C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk 2015-04-01 23:40 - 2014-09-11 20:20 - 00000000 ____D () C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\GG 2015-03-29 03:15 - 2014-03-24 04:10 - 00000988 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2025429265-854245398-1801674531-1003Core.job 2015-03-23 11:50 - 2014-02-22 20:10 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2015-03-23 00:20 - 2014-02-22 20:16 - 00000000 ____D () C:\Documents and Settings\Mateusz\Dane aplikacji\uTorrent 2015-03-17 02:29 - 2014-11-27 21:36 - 00000000 ____D () C:\Documents and Settings\Mateusz\Dane aplikacji\Skype 2015-03-16 23:44 - 2014-11-27 21:36 - 00002267 _____ () C:\Documents and Settings\All Users\Pulpit\Skype.lnk ==================== Files in the root of some directories ======= 2015-04-03 07:24 - 2015-04-03 21:53 - 0000078 _____ () C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\FASTWiz.log Some content of TEMP: ==================== C:\Documents and Settings\Mateusz\Ustawienia lokalne\temp\DPInstx64.exe C:\Documents and Settings\Mateusz\Ustawienia lokalne\temp\DPInstx86.exe C:\Documents and Settings\Mateusz\Ustawienia lokalne\temp\DPInst_Monx64.exe C:\Documents and Settings\Mateusz\Ustawienia lokalne\temp\DPInst_Monx86.exe C:\Documents and Settings\Mateusz\Ustawienia lokalne\temp\dskinengine.dll C:\Documents and Settings\Mateusz\Ustawienia lokalne\temp\ggdrive-menu.exe C:\Documents and Settings\Mateusz\Ustawienia lokalne\temp\ggdrive-overlay.exe C:\Documents and Settings\Mateusz\Ustawienia lokalne\temp\installstats.exe C:\Documents and Settings\Mateusz\Ustawienia lokalne\temp\OS_Detect.exe C:\Documents and Settings\Mateusz\Ustawienia lokalne\temp\SkypeSetup.exe C:\Documents and Settings\Mateusz\Ustawienia lokalne\temp\_tmpdgp.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================