Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-04-2015 01 Ran by dalewa (administrator) on USERXP-1CBA67F5 on 30-04-2015 09:06:53 Running from E:\diag Loaded Profiles: dalewa (Available profiles: dalewa & Administrator) Platform: Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polski Internet Explorer Version 7 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe (TOSHIBA CORPORATION) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe (Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE (Google) C:\Program Files\Google\Google Talk\googletalk.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe ( ) C:\Program Files\ChomikBox\chomikbox.exe (TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe (TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe (TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe (TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe (TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosOBEX.exe (TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDCPL] => C:\windows\RTHDCPL.EXE [18702336 2009-08-04] (Realtek Semiconductor Corp.) HKLM\...\Run: [googletalk] => C:\Program Files\Google\Google Talk\googletalk.exe [3739648 2007-01-01] (Google) HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [951576 2014-03-11] (Microsoft Corporation) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation) HKU\S-1-5-21-839522115-1788223648-725345543-1004\...\Run: [ChomikBox] => C:\Program Files\ChomikBox\ChomikBox.exe [6033408 2014-03-11] ( ) HKU\S-1-5-21-839522115-1788223648-725345543-1004\...\Run: [ALLUpdate] => C:\Program Files\ALLPlayer\ALLUpdate.exe [2765256 2014-11-03] (ALLPlayer Group Ltd.) HKU\S-1-5-21-839522115-1788223648-725345543-1004\...\Run: [ALLPlayer WiFi Remote] => C:\Program Files\ALLPlayer Remote\ALLPlayerRemoteControl.exe [5182896 2014-07-23] (ALLPlayer Group Ltd.) HKU\S-1-5-18\...\RunOnce: [FlashPlayerUpdate] => C:\windows\system32\Macromed\Flash\FlashUtil32_16_0_0_310_pepper.exe [961200 2015-03-22] (Adobe Systems Incorporated) Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Bluetooth Manager.lnk [2012-02-24] ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe (TOSHIBA CORPORATION.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-839522115-1788223648-725345543-1004\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-839522115-1788223648-725345543-1004\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-01-13] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-01-13] (Oracle Corporation) DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab DPF: {32505657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/0/A/9/0A9F8B32-9F8C-4D74-A130-E4CAB36EB01F/wmvadvd.cab Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\windows\system32\urlmon.dll [2014-02-26] (Microsoft Corporation) Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\windows\system32\urlmon.dll [2014-02-26] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Documents and Settings\dalewa\Dane aplikacji\Mozilla\Firefox\Profiles\069lv5xw.default FF SearchEngineOrder.1: V9 FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-07] () FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-01-13] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-01-13] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation) FF Plugin: @real.com/nprjplug;version=15.0.6.14 -> c:\program files\real\realplayer\Netscape6\nprjplug.dll [2012-11-18] (RealNetworks, Inc.) FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-11-18] (RealNetworks, Inc.) FF Plugin: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-11-18] (RealNetworks, Inc.) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll [2015-02-15] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll [2015-02-15] (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdivx32.dll [2006-06-02] (DivX,Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll [2006-06-02] (DivX, Inc) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-08-05] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2010-02-15] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2010-02-15] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2010-02-15] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2010-02-15] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2010-02-15] (Apple Inc.) FF Extension: 1-Click YouTube Video Downloader - C:\Documents and Settings\dalewa\Dane aplikacji\Mozilla\Firefox\Profiles\069lv5xw.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2014-08-15] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Documents and Settings\All Users\Dane aplikacji\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - C:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-06-09] FF Extension: No Name - C:\Documents and Settings\dalewa\Dane aplikacji\Mozilla\Firefox\Profiles\069lv5xw.default\extensions\istart_ffnt@gmail.com [Not Found] Chrome: ======= CHR Profile: C:\Documents and Settings\dalewa\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Documents and Settings\dalewa\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-14] CHR Extension: (Google Drive) - C:\Documents and Settings\dalewa\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-14] CHR Extension: (YouTube) - C:\Documents and Settings\dalewa\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-03-24] CHR Extension: (Google Search) - C:\Documents and Settings\dalewa\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-03-24] CHR Extension: (Gmail) - C:\Documents and Settings\dalewa\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-03-24] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2015-01-13] (Oracle Corporation) S4 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 Ambfilt; C:\windows\System32\drivers\Ambfilt.sys [1684736 2008-08-05] (Creative) S3 CCDECODE; C:\windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation) S2 DgiVecp; C:\windows\system32\Drivers\DgiVecp.sys [41984 2006-06-12] (Samsung Electronics Co., Ltd.) [File not signed] S3 Monfilt; C:\windows\System32\drivers\Monfilt.sys [1389056 2006-01-04] (Creative Technology Ltd.) R0 MpFilter; C:\windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation) S3 NdisIP; C:\windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation) R3 RT80x86; C:\windows\System32\DRIVERS\RT2860.sys [1334240 2010-06-28] (Ralink Technology, Corp.) R0 sptd; C:\windows\System32\Drivers\sptd.sys [691696 2011-08-01] () [File not signed] S3 catchme; \??\C:\DOCUME~1\dalewa\USTAWI~1\Temp\catchme.sys [X] S4 IntelIde; No ImagePath U5 ScsiPort; C:\windows\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-30 08:40 - 2015-04-30 08:44 - 00000000 ____D () C:\AdwCleaner 2015-04-30 08:40 - 2015-04-30 08:34 - 02224640 _____ () C:\Documents and Settings\dalewa\Pulpit\adwcleaner_4.202.exe 2015-04-29 09:37 - 2015-04-30 09:07 - 00000000 ____D () C:\FRST 2015-04-14 10:24 - 2015-04-30 09:07 - 00000000 ____D () C:\Documents and Settings\dalewa\Ustawienia lokalne\temp 2015-04-14 10:24 - 2015-04-14 10:24 - 00064395 _____ () C:\ComboFix.txt 2015-04-14 10:24 - 2015-04-14 10:24 - 00000000 ____D () C:\Documents and Settings\NetworkService\Ustawienia lokalne\temp 2015-04-14 10:24 - 2015-04-14 10:24 - 00000000 ____D () C:\Documents and Settings\LocalService\Ustawienia lokalne\temp 2015-04-14 10:24 - 2015-04-14 10:24 - 00000000 ____D () C:\Documents and Settings\Default User\Ustawienia lokalne\temp 2015-04-14 10:24 - 2015-04-14 10:24 - 00000000 ____D () C:\Documents and Settings\Administrator\Ustawienia lokalne\temp 2015-04-14 10:01 - 2015-04-14 10:24 - 00000000 ____D () C:\ComboFix 2015-04-14 09:47 - 2015-04-14 09:47 - 02572334 _____ () C:\Documents and Settings\All Users\Dane aplikacji\SMRResults430.dat 2015-04-14 09:47 - 2015-04-14 09:47 - 00000000 ____D () C:\Program Files\Common Files\system 2015-04-14 08:23 - 2015-04-14 09:27 - 00000000 ____D () C:\Documents and Settings\dalewa\Ustawienia lokalne\Dane aplikacji\NPE 2015-03-31 20:50 - 2015-03-31 20:50 - 00000000 ____D () C:\Program Files\astrojargon.net 2015-03-31 20:50 - 2015-03-31 20:50 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\astrojargon.net 2015-03-31 04:47 - 2015-03-31 04:47 - 00000664 _____ () C:\Documents and Settings\dalewa\Ustawienia lokalne\Dane aplikacji\d3d9caps.dat ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-30 09:06 - 2011-06-24 21:05 - 01097793 _____ () C:\windows\WindowsUpdate.log 2015-04-30 09:05 - 2013-09-02 22:15 - 00000000 ____D () C:\Documents and Settings\dalewa\.gstreamer-0.10 2015-04-30 09:03 - 2015-02-15 13:10 - 00001032 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-04-30 09:03 - 2015-02-15 12:37 - 00000444 _____ () C:\windows\Tasks\Opera scheduled Autoupdate 1423996644.job 2015-04-30 09:03 - 2014-06-20 17:41 - 00000008 __RSH () C:\Documents and Settings\All Users\ntuser.pol 2015-04-30 09:03 - 2014-03-09 14:22 - 00000224 _____ () C:\windows\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job 2015-04-30 09:03 - 2013-08-29 18:10 - 00000280 _____ () C:\windows\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-839522115-1788223648-725345543-1004.job 2015-04-30 09:03 - 2012-03-30 15:52 - 00000280 _____ () C:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-839522115-1788223648-725345543-1004.job 2015-04-30 09:03 - 2012-02-24 09:24 - 00000000 ____D () C:\Program Files\Opera 2015-04-30 09:03 - 2012-02-24 09:07 - 00000000 __SHD () C:\Documents and Settings\dalewa\Ustawienia lokalne\Historia 2015-04-30 09:03 - 2011-06-24 22:58 - 00000159 _____ () C:\windows\wiadebug.log 2015-04-30 09:03 - 2011-06-24 22:58 - 00000050 _____ () C:\windows\wiaservc.log 2015-04-30 09:03 - 2011-06-24 21:09 - 00000006 ____H () C:\windows\Tasks\SA.DAT 2015-04-30 09:03 - 2011-06-24 21:09 - 00000000 __SHD () C:\Documents and Settings\LocalService\Ustawienia lokalne\Historia 2015-04-30 09:03 - 2011-06-24 20:34 - 00002206 _____ () C:\windows\system32\wpa.dbl 2015-04-30 09:00 - 2012-12-21 22:17 - 00000930 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job 2015-04-30 09:00 - 2012-02-24 09:07 - 00000188 ___SH () C:\Documents and Settings\dalewa\ntuser.ini 2015-04-30 09:00 - 2011-06-24 21:09 - 00032596 _____ () C:\windows\SchedLgU.Txt 2015-04-30 08:59 - 2011-06-24 21:10 - 00000000 __SHD () C:\Documents and Settings\Administrator\Ustawienia lokalne\Historia 2015-04-30 08:58 - 2012-02-24 09:24 - 00000646 _____ () C:\Documents and Settings\All Users\Menu Start\Programy\Opera.lnk 2015-04-30 08:58 - 2012-02-24 09:07 - 00000000 __RHD () C:\Documents and Settings\dalewa\Dane aplikacji 2015-04-30 08:58 - 2012-02-24 09:07 - 00000000 ___HD () C:\Documents and Settings\dalewa\Ustawienia lokalne\Dane aplikacji 2015-04-30 08:58 - 2012-02-24 09:07 - 00000000 ____D () C:\Documents and Settings\dalewa 2015-04-30 08:58 - 2011-11-05 11:54 - 00000000 ____D () C:\Documents and Settings\Administrator\Pulpit\GRY 2015-04-30 08:58 - 2011-09-07 16:50 - 00000000 ____D () C:\Documents and Settings\Administrator\Menu Start\Programy\VAG-COM-PL 2015-04-30 08:58 - 2011-08-11 23:14 - 00000000 ____D () C:\Documents and Settings\Administrator\Menu Start\Programy\XP Codec Pack 2.5.1 2015-04-30 08:58 - 2011-06-25 19:46 - 00000000 ____D () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Mozilla 2015-04-30 08:58 - 2011-06-25 19:45 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2015-04-30 08:58 - 2011-06-24 22:56 - 00000000 __SHD () C:\Documents and Settings\Default User\Ustawienia lokalne\Historia 2015-04-30 08:58 - 2011-06-24 22:56 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy 2015-04-30 08:58 - 2011-06-24 21:10 - 00000000 ___HD () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji 2015-04-30 08:58 - 2011-06-24 21:10 - 00000000 ___HD () C:\Documents and Settings\Administrator\Ustawienia lokalne 2015-04-30 08:58 - 2011-06-24 21:10 - 00000000 ____D () C:\Documents and Settings\Administrator 2015-04-30 08:58 - 2011-06-24 21:09 - 00000000 ___HD () C:\Documents and Settings\NetworkService\Ustawienia lokalne\Historia 2015-04-30 08:55 - 2014-06-20 17:41 - 00000000 ___HD () C:\windows\system32\GroupPolicy 2015-04-30 08:55 - 2012-02-24 09:07 - 00000000 ___RD () C:\Documents and Settings\dalewa\Menu Start\Programy\Autostart 2015-04-30 08:44 - 2014-06-20 17:41 - 00000000 ____D () C:\Documents and Settings\SUPPORT_388945a0\Ustawienia lokalne\Dane aplikacji 2015-04-30 08:44 - 2014-06-20 17:41 - 00000000 ____D () C:\Documents and Settings\Pomocnik\Ustawienia lokalne\Dane aplikacji 2015-04-30 08:44 - 2014-06-20 17:41 - 00000000 ____D () C:\Documents and Settings\Gość\Ustawienia lokalne\Dane aplikacji 2015-04-30 08:43 - 2014-06-20 17:41 - 00000000 ____D () C:\Documents and Settings\ASPNET\Ustawienia lokalne\Dane aplikacji 2015-04-30 08:43 - 2011-06-24 22:55 - 00000000 __RHD () C:\Documents and Settings\All Users\Dane aplikacji 2015-04-30 08:40 - 2012-02-24 09:07 - 00000000 ____D () C:\Documents and Settings\dalewa\Pulpit 2015-04-29 12:15 - 2015-02-15 13:10 - 00001036 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-04-18 15:01 - 2012-10-19 19:59 - 00778416 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe 2015-04-18 15:01 - 2011-06-25 20:25 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl 2015-04-18 14:57 - 2015-03-22 13:00 - 00000892 _____ () C:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job 2015-04-18 14:37 - 2012-12-21 22:20 - 00000288 _____ () C:\windows\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-839522115-1788223648-725345543-1004.job 2015-04-14 11:07 - 2012-12-11 20:25 - 00000000 ____D () C:\Documents and Settings\dalewa\Dane aplikacji\foobar2000 2015-04-14 10:24 - 2012-11-19 10:40 - 00000000 ____D () C:\Qoobox 2015-04-14 10:24 - 2012-02-24 09:07 - 00000000 ___HD () C:\Documents and Settings\dalewa\Ustawienia lokalne 2015-04-14 10:24 - 2011-06-24 22:56 - 00000000 __RHD () C:\Documents and Settings\Default User\Ustawienia lokalne 2015-04-14 10:24 - 2011-06-24 21:09 - 00000000 ___HD () C:\Documents and Settings\NetworkService\Ustawienia lokalne 2015-04-14 10:24 - 2011-06-24 21:09 - 00000000 ___HD () C:\Documents and Settings\LocalService\Ustawienia lokalne 2015-04-14 10:22 - 2011-06-24 20:32 - 00000227 _____ () C:\windows\system.ini 2015-04-14 10:13 - 2012-02-24 10:11 - 00000000 ____D () C:\Documents and Settings\dalewa\Ustawienia lokalne\Dane aplikacji\Temp 2015-04-14 08:47 - 2011-11-14 23:23 - 00000664 _____ () C:\windows\system32\d3d9caps.dat 2015-04-14 08:23 - 2011-11-05 18:47 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Norton 2015-04-14 08:16 - 2012-02-24 10:41 - 00585048 _____ () C:\windows\setupapi.log 2015-04-08 17:58 - 2012-02-25 19:28 - 00078848 _____ () C:\Documents and Settings\dalewa\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-04-08 17:58 - 2012-02-25 16:59 - 00000000 ____D () C:\Program Files\The KMPlayer 2015-04-08 15:00 - 2014-03-09 14:22 - 00000218 _____ () C:\windows\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — co miesiąc.job 2015-04-02 21:12 - 2011-06-24 22:56 - 00000000 ___RD () C:\Documents and Settings\All Users\Dokumenty 2015-03-31 22:17 - 2011-06-24 22:56 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit 2015-03-31 20:43 - 2011-06-24 22:55 - 00299084 _____ () C:\windows\setupact.log ==================== Files in the root of some directories ======= 2012-09-01 20:22 - 2012-09-01 20:22 - 6955968 ____C (Microsoft Corporation) C:\Program Files\Silverlight.exe 2011-01-12 02:00 - 2011-01-12 02:00 - 0146944 _____ () C:\Program Files\Common Files\dsfFLACDecoder.dll 2011-01-12 02:00 - 2011-01-12 02:00 - 0221184 _____ () C:\Program Files\Common Files\dsfFLACEncoder.dll 2011-01-12 02:00 - 2011-01-12 02:00 - 0204800 _____ () C:\Program Files\Common Files\dsfNativeFLACSource.dll 2012-05-11 14:16 - 2012-05-11 14:16 - 0171520 _____ () C:\Program Files\Common Files\dsfOggDemux2.dll 2011-01-12 02:00 - 2011-01-12 02:00 - 0240128 _____ () C:\Program Files\Common Files\dsfVorbisDecoder.dll 2009-07-11 23:08 - 2009-07-11 23:08 - 0001860 _____ () C:\Program Files\Common Files\Microsoft.VC90.CRT.manifest 2011-04-18 22:51 - 2011-04-18 22:51 - 0569680 _____ (Microsoft Corporation) C:\Program Files\Common Files\MSVCP90.dll 2011-04-18 22:51 - 2011-04-18 22:51 - 0653136 _____ (Microsoft Corporation) C:\Program Files\Common Files\MSVCR90.dll 2010-12-16 21:39 - 2010-12-16 21:39 - 0412672 _____ (Google) C:\Program Files\Common Files\vp8decoder.dll 2010-12-16 21:39 - 2010-12-16 21:39 - 0701440 _____ (Google) C:\Program Files\Common Files\vp8encoder.dll 2010-12-16 21:39 - 2010-12-16 21:39 - 0302592 _____ (Google) C:\Program Files\Common Files\webmmux.dll 2010-12-16 21:39 - 2010-12-16 21:39 - 0292352 _____ (Google) C:\Program Files\Common Files\webmsplit.dll 2011-01-12 02:00 - 2011-01-12 02:00 - 0030208 _____ () C:\Program Files\Common Files\wmpinfo.dll 2015-03-31 04:47 - 2015-03-31 04:47 - 0000664 _____ () C:\Documents and Settings\dalewa\Ustawienia lokalne\Dane aplikacji\d3d9caps.dat 2012-02-25 19:28 - 2015-04-08 17:58 - 0078848 _____ () C:\Documents and Settings\dalewa\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\windows\explorer.exe => File is digitally signed C:\windows\system32\winlogon.exe => File is digitally signed C:\windows\system32\svchost.exe => File is digitally signed C:\windows\system32\services.exe => File is digitally signed C:\windows\system32\User32.dll => File is digitally signed C:\windows\system32\userinit.exe => File is digitally signed C:\windows\system32\rpcss.dll => File is digitally signed C:\windows\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================