Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-04-2015 01 Ran by AMP (administrator) on MARCIN on 30-04-2015 10:20:20 Running from C:\Documents and Settings\AMP\Pulpit\fix Loaded Profiles: AMP (Available profiles: AMP & piotr) Platform: Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polski Internet Explorer Version 8 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG2015\avgrsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcsrvx.exe (Agere Systems) C:\WINDOWS\system32\agrsmsvc.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe (InterVideo Inc.) C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe (Skype Technologies S.A.) C:\Documents and Settings\All Users\Dane aplikacji\Skype\Toolbars\Skype C2C Service\c2c_service.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgnsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgemcx.exe (Intel Corporation) C:\WINDOWS\system32\igfxtray.exe (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe (Intel Corporation) C:\WINDOWS\system32\igfxpers.exe (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe (Dritek System Inc.) C:\PROGRA~1\LAUNCH~1\LManager.exe (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe (Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe (Spotify Ltd) C:\Documents and Settings\AMP\Dane aplikacji\Spotify\SpotifyWebHelper.exe (Intel Corporation) C:\WINDOWS\system32\igfxext.exe (Spotify Ltd) C:\Documents and Settings\AMP\Dane aplikacji\Spotify\Spotify.exe (Realtek Semiconductor Corp.) C:\DOCUME~1\AMP\USTAWI~1\Temp\RtkBtMnt.exe (Spotify Ltd) C:\Documents and Settings\AMP\Dane aplikacji\Spotify\SpotifyCrashService.exe (Spotify Ltd) C:\Documents and Settings\AMP\Dane aplikacji\Spotify\Spotify.exe (mozilla.org) C:\Program Files\SeaMonkey\seamonkey.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [809480 2008-07-24] (Dritek System Inc.) HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16871936 2008-06-13] (Realtek Semiconductor Corp.) HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.) HKLM\...\Run: [AzMixerSel] => C:\Program Files\Realtek\Audio\InstallShield\AzMixerSel.exe [53248 2006-07-17] (Realtek Semiconductor Corp.) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3723728 2015-03-25] (AVG Technologies CZ, s.r.o.) HKU\S-1-5-21-2000478354-1482476501-725345543-1003\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation) HKU\S-1-5-21-2000478354-1482476501-725345543-1003\...\Run: [Spotify Web Helper] => C:\Documents and Settings\AMP\Dane aplikacji\Spotify\SpotifyWebHelper.exe [2018360 2015-04-07] (Spotify Ltd) HKU\S-1-5-21-2000478354-1482476501-725345543-1003\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd) HKU\S-1-5-21-2000478354-1482476501-725345543-1003\...\Run: [Spotify] => C:\Documents and Settings\AMP\Dane aplikacji\Spotify\spotify.exe [7112248 2015-04-07] (Spotify Ltd) HKU\S-1-5-21-2000478354-1482476501-725345543-1003\...\MountPoints2: {2b16242a-a921-11e4-9887-00242bd3afba} - H:\AutoRun.exe HKU\S-1-5-21-2000478354-1482476501-725345543-1003\...\MountPoints2: {d1d8a744-bd22-11e1-a117-00242bd3afba} - H:\Data\setup.exe Startup: C:\Documents and Settings\AMP\Menu Start\Programy\Autostart\Skrót do do zrobienia.lnk [2015-03-31] ShortcutTarget: Skrót do do zrobienia.lnk -> C:\Documents and Settings\AMP\Pulpit\do zrobienia.txt () Startup: C:\Documents and Settings\piotr\Menu Start\Programy\Autostart\OpenOffice.org 3.3.lnk [2012-11-06] ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe (No File) ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll No File ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll No File ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll No File ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll No File BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2015\avgrsx.exe /sync /restart ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-2000478354-1482476501-725345543-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-2000478354-1482476501-725345543-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://192.168.0.200/doc/page/main.asp SearchScopes: HKLM -> DefaultScope value is missing. SearchScopes: HKU\S-1-5-21-2000478354-1482476501-725345543-1003 -> DefaultScope {B97F91DB-5C79-4D2A-A927-F8B0E3841263} URL = https://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-2000478354-1482476501-725345543-1003 -> {B97F91DB-5C79-4D2A-A927-F8B0E3841263} URL = https://www.google.com/search?q={searchTerms} BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24] (Oracle Corporation) BHO: Easy Gif Animator Toolbar Helper -> {96372AB6-15EB-4316-B497-71C741BC548C} -> C:\Program Files\Easy Gif Animator Extension\v3.3.0.3\EasyGifAnimator_Toolbar.dll [2013-12-31] () BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24] (Oracle Corporation) Toolbar: HKLM - Easy Gif Animator Toolbar - {35065594-9169-4A34-B167-FC4865038E53} - C:\Program Files\Easy Gif Animator Extension\v3.3.0.3\EasyGifAnimator_Toolbar.dll [2013-12-31] () Toolbar: HKU\S-1-5-21-2000478354-1482476501-725345543-1003 -> Easy Gif Animator Toolbar - {35065594-9169-4A34-B167-FC4865038E53} - C:\Program Files\Easy Gif Animator Extension\v3.3.0.3\EasyGifAnimator_Toolbar.dll [2013-12-31] () DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-10-02] (Skype Technologies S.A.) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll [2014-03-06] (Microsoft Corporation) Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll [2014-03-06] (Microsoft Corporation) Tcpip\..\Interfaces\{DBC10D13-2A22-40FD-93CD-4AD4951C472A}: [NameServer] 89.108.202.20,89.108.195.20 FireFox: ======== FF ProfilePath: C:\Documents and Settings\AMP\Dane aplikacji\Mozilla\Firefox\Profiles\np05mi0v.default FF Homepage: hxxp://nakazdaokazje.com/ FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] () FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1165635.dll [2012-07-05] (Adobe Systems, Inc.) FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-24] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-24] (Oracle Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation) FF Plugin: @real.com/nppl3260;version=6.0.12.69 -> C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll [2008-09-10] (RealNetworks, Inc.) FF Plugin: @real.com/nprpjplug;version=6.0.12.69 -> C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll [2008-09-10] (RealNetworks, Inc.) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-12-18] (Adobe Systems Inc.) FF Plugin: Web Components -> C:\Program Files\Web Components\npWebVideoPlugin.dll [2014-04-22] () FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-01-13] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 6to4; C:\WINDOWS\System32\6to4svc.dll [100864 2010-02-12] (Microsoft Corporation) R2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3416016 2015-03-25] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [309232 2015-03-25] (AVG Technologies CZ, s.r.o.) R2 Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.) R2 Skype C2C Service; C:\Documents and Settings\All Users\Dane aplikacji\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.) R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5448976 2015-04-17] (TeamViewer GmbH) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 AR5416; C:\WINDOWS\System32\DRIVERS\athw.sys [1309504 2008-04-08] (Atheros Communications, Inc.) [File not signed] R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriverl; C:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys [209376 2015-03-25] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [154904 2014-11-18] (AVG Technologies CZ, s.r.o.) R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [192792 2014-08-28] (AVG Technologies CZ, s.r.o.) R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [265184 2015-02-03] (AVG Technologies CZ, s.r.o.) R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [107488 2015-02-05] (AVG Technologies CZ, s.r.o.) R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [210912 2015-02-25] (AVG Technologies CZ, s.r.o.) S3 awUSB; C:\WINDOWS\System32\DRIVERS\USBDrv.sys [13824 2012-12-05] (Scott) R0 BtHidBus; C:\WINDOWS\System32\Drivers\BtHidBus.sys [20744 2009-06-17] (IVT Corporation.) S3 btnetBUs; C:\WINDOWS\System32\Drivers\btnetBus.sys [29192 2009-06-17] () S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation) R1 dtsoftbus01; C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [243128 2014-07-23] (Disc Soft Ltd) S3 FTDIBUS; C:\WINDOWS\System32\drivers\ftdibus.sys [47249 2006-05-17] (FTDI Ltd.) R2 Hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [24064 2005-11-09] () [File not signed] S3 IT9135BDA; C:\WINDOWS\System32\Drivers\IT9135BDA.sys [145280 2012-07-26] (ITE ) S3 IvtBtBUs; C:\WINDOWS\System32\Drivers\IvtBtBus.sys [25480 2009-06-17] (IVT Corporation.) S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15232 2008-04-14] (Microsoft Corporation) S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation) S3 RT-USB; C:\WINDOWS\System32\drivers\RT-USB.SYS [59464 2010-06-17] (Ross-Tech LLC) R1 Tcpip6; C:\WINDOWS\System32\DRIVERS\tcpip6.sys [226880 2010-02-11] (Microsoft Corporation) S3 vtcdrv; C:\WINDOWS\System32\DRIVERS\vtcdrv.sys [18688 2009-10-15] (Windows (R) Codename Longhorn DDK provider) [File not signed] S3 yukonwxp; C:\WINDOWS\System32\DRIVERS\yk51x86.sys [286336 2008-02-21] (Marvell) S3 BT; system32\DRIVERS\btnetdrv.sys [X] S3 Btcsrusb; System32\Drivers\btcusb.sys [X] S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X] S3 HSPADataCardusbmdm; system32\DRIVERS\HSPADataCardusbmdm.sys [X] S3 HSPADataCardusbnmea; system32\DRIVERS\HSPADataCardusbnmea.sys [X] S3 HSPADataCardusbser; system32\DRIVERS\HSPADataCardusbser.sys [X] S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X] S3 hwusb_cdcacm; system32\DRIVERS\ew_cdcacm.sys [X] S3 hwusb_cdcecm; system32\DRIVERS\ew_cdcecm.sys [X] S4 IntelIde; No ImagePath S3 massfilter; system32\drivers\massfilter.sys [X] S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X] U5 phunter; C:\WINDOWS\system32\unikey.sys [13816 2012-12-05] () S3 rt2870; system32\DRIVERS\rt2870.sys [X] U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation) S3 VComm; system32\DRIVERS\VComm.sys [X] S3 VcommMgr; System32\Drivers\VcommMgr.sys [X] U1 WS2IFSL; No ImagePath S3 X86BDA; system32\DRIVERS\OEMDrv.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-30 10:19 - 2015-04-30 10:20 - 00000000 ____D () C:\FRST 2015-04-30 10:17 - 2015-04-30 10:20 - 00000000 ____D () C:\Documents and Settings\AMP\Pulpit\fix 2015-04-28 22:04 - 2015-04-29 15:55 - 00026112 _____ () C:\Documents and Settings\AMP\Pulpit\Zadanie_funkcje-2.xls 2015-04-28 09:11 - 2015-04-28 09:11 - 00002552 _____ () C:\Documents and Settings\AMP\Pulpit\protokol-102001-7.json 2015-04-28 09:09 - 2015-04-28 09:09 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2015-04-21 14:08 - 2015-04-21 14:08 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\TeamViewer 10 2015-04-18 09:42 - 2015-04-18 09:42 - 00000000 ___RD () C:\Documents and Settings\AMP\Pulpit\Fotki 2015-04-15 10:18 - 2015-04-15 10:18 - 00000000 ____D () C:\Documents and Settings\AMP\Pulpit\word 2015-04-12 13:43 - 2015-04-12 13:43 - 00001674 _____ () C:\Documents and Settings\All Users\Menu Start\Programy\Mozilla Thunderbird.lnk 2015-04-12 13:43 - 2015-04-12 13:43 - 00001668 _____ () C:\Documents and Settings\All Users\Pulpit\Mozilla Thunderbird.lnk 2015-04-12 13:43 - 2015-04-12 13:43 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird 2015-04-12 13:43 - 2015-04-12 13:43 - 00000000 ____D () C:\Documents and Settings\AMP\Ustawienia lokalne\Dane aplikacji\Thunderbird 2015-04-12 13:43 - 2015-04-12 13:43 - 00000000 ____D () C:\Documents and Settings\AMP\Dane aplikacji\Thunderbird 2015-04-09 16:58 - 2015-04-09 16:58 - 00000290 _____ () C:\Documents and Settings\AMP\Pulpit\aac_muzykaludowa.pls 2015-04-09 13:37 - 2015-04-23 16:45 - 00000000 ____D () C:\Documents and Settings\AMP\Pulpit\tmp 2015-04-08 16:34 - 2015-04-08 16:34 - 00000000 ____D () C:\Documents and Settings\piotr\Ustawienia lokalne\Dane aplikacji\bluesoleil 2015-04-08 16:34 - 2015-04-08 16:34 - 00000000 ____D () C:\Documents and Settings\piotr\Ustawienia lokalne\Dane aplikacji\Avg2015 2015-04-08 16:34 - 2015-04-08 16:34 - 00000000 ____D () C:\Documents and Settings\piotr\Dane aplikacji\AVG2015 2015-04-07 18:38 - 2015-04-07 18:38 - 00001820 _____ () C:\Documents and Settings\AMP\Pulpit\Spotify.lnk 2015-03-31 23:39 - 2015-04-18 07:54 - 00000420 _____ () C:\Documents and Settings\AMP\Pulpit\do zrobienia.txt 2015-03-31 12:38 - 2015-03-31 12:38 - 00000000 ____D () C:\Documents and Settings\AMP\Pulpit\moja_sitemap ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-30 10:20 - 2012-01-18 22:01 - 00000000 ____D () C:\Documents and Settings\AMP\Ustawienia lokalne\Temp 2015-04-30 10:19 - 2012-01-18 22:01 - 00000000 ____D () C:\Documents and Settings\AMP\Pulpit 2015-04-30 10:16 - 2014-06-03 18:00 - 00000000 ____D () C:\Documents and Settings\AMP\Dane aplikacji\Spotify 2015-04-30 10:16 - 2013-03-02 21:44 - 00000930 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-04-30 10:14 - 2012-01-18 22:37 - 01256880 ____C () C:\WINDOWS\system32\PerfStringBackup.INI 2015-04-30 10:14 - 2001-10-26 19:15 - 00556404 _____ () C:\WINDOWS\system32\perfh015.dat 2015-04-30 10:14 - 2001-10-26 19:15 - 00105396 _____ () C:\WINDOWS\system32\perfc015.dat 2015-04-30 10:12 - 2014-06-03 18:03 - 00000000 ____D () C:\Documents and Settings\AMP\Ustawienia lokalne\Dane aplikacji\Spotify 2015-04-30 10:12 - 2013-01-12 22:46 - 01142442 _____ () C:\WINDOWS\setupapi.log 2015-04-30 10:11 - 2012-01-18 21:54 - 01426934 _____ () C:\WINDOWS\WindowsUpdate.log 2015-04-30 10:10 - 2014-03-13 12:47 - 00000218 _____ () C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job 2015-04-30 10:10 - 2012-04-05 16:44 - 00001032 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-04-30 10:10 - 2012-01-18 22:40 - 00000159 _____ () C:\WINDOWS\wiadebug.log 2015-04-30 10:10 - 2012-01-18 22:40 - 00000050 _____ () C:\WINDOWS\wiaservc.log 2015-04-30 10:09 - 2014-11-09 22:57 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2015-04-30 10:09 - 2012-01-18 22:01 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2015-04-30 10:09 - 2001-07-22 01:17 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl 2015-04-30 10:08 - 2012-01-18 22:01 - 00032634 _____ () C:\WINDOWS\SchedLgU.Txt 2015-04-30 10:08 - 2012-01-18 22:01 - 00000188 ___SH () C:\Documents and Settings\AMP\ntuser.ini 2015-04-30 10:08 - 2012-01-18 22:01 - 00000000 ____D () C:\Documents and Settings\AMP 2015-04-30 10:06 - 2012-11-04 11:34 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\MFAData 2015-04-29 21:02 - 2012-02-02 18:53 - 00000000 ____D () C:\Documents and Settings\AMP\Dane aplikacji\BitTorrent 2015-04-29 20:36 - 2012-04-05 16:44 - 00001036 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-04-29 20:03 - 2012-01-23 16:38 - 00003584 _____ () C:\Documents and Settings\AMP\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-04-29 20:03 - 2012-01-18 22:01 - 00000000 ___HD () C:\Documents and Settings\AMP\Ustawienia lokalne\Dane aplikacji 2015-04-29 13:26 - 2013-03-28 15:45 - 00000000 ____D () C:\Documents and Settings\AMP\Dane aplikacji\FileZilla 2015-04-27 11:46 - 2015-03-30 13:48 - 00000537 _____ () C:\Documents and Settings\AMP\Pulpit\Skrót do PETRI.lnk 2015-04-27 11:44 - 2015-02-21 11:34 - 00000000 ____D () C:\Documents and Settings\AMP\Pulpit\suszone 2015-04-22 16:09 - 2014-10-28 20:05 - 00000032 _____ () C:\WINDOWS\0 2015-04-21 17:51 - 2014-05-28 10:21 - 00000000 ____D () C:\Documents and Settings\AMP\Pulpit\Allegro 2015-04-21 14:08 - 2013-08-28 10:44 - 00000000 ____D () C:\Program Files\TeamViewer 2015-04-21 14:08 - 2012-01-18 22:37 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy 2015-04-21 14:08 - 2012-01-18 22:37 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit 2015-04-15 14:25 - 2013-07-11 23:34 - 00000000 ____D () C:\WINDOWS\system32\MRT 2015-04-15 14:24 - 2013-01-12 22:28 - 125832184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-04-15 14:24 - 2012-01-18 22:01 - 00000000 ___RD () C:\Documents and Settings\AMP\Ulubione 2015-04-15 11:16 - 2012-03-31 16:55 - 00778416 ____C (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2015-04-15 11:16 - 2012-01-19 13:40 - 00142512 ____C (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2015-04-13 08:45 - 2012-01-18 22:31 - 00000000 ____D () C:\WINDOWS\security 2015-04-12 13:43 - 2012-01-18 22:01 - 00000000 __RHD () C:\Documents and Settings\AMP\Dane aplikacji 2015-04-10 07:10 - 2012-01-18 23:01 - 00000000 ____D () C:\Program Files\SeaMonkey 2015-04-08 16:34 - 2012-04-17 14:27 - 00000188 __SHC () C:\Documents and Settings\piotr\ntuser.ini 2015-04-08 16:34 - 2012-04-17 14:27 - 00000000 __RHD () C:\Documents and Settings\piotr\Dane aplikacji 2015-04-08 16:34 - 2012-04-17 14:27 - 00000000 ___HD () C:\Documents and Settings\piotr\Ustawienia lokalne\Dane aplikacji 2015-04-08 16:34 - 2012-04-17 14:27 - 00000000 ____D () C:\Documents and Settings\piotr\Ustawienia lokalne\Temp 2015-04-07 19:53 - 2012-01-18 22:37 - 01492127 ____C () C:\WINDOWS\iis6.log 2015-04-07 19:53 - 2012-01-18 22:37 - 01243612 ____C () C:\WINDOWS\FaxSetup.log 2015-04-07 19:53 - 2012-01-18 22:37 - 00622321 ____C () C:\WINDOWS\ocgen.log 2015-04-07 19:53 - 2012-01-18 22:37 - 00581204 ____C () C:\WINDOWS\tsoc.log 2015-04-07 19:53 - 2012-01-18 22:37 - 00426601 ____C () C:\WINDOWS\comsetup.log 2015-04-07 19:53 - 2012-01-18 22:37 - 00258402 ____C () C:\WINDOWS\ntdtcsetup.log 2015-04-07 19:53 - 2012-01-18 22:37 - 00089300 ____C () C:\WINDOWS\MedCtrOC.log 2015-04-07 19:53 - 2012-01-18 22:37 - 00078016 ____C () C:\WINDOWS\ocmsn.log 2015-04-07 19:53 - 2012-01-18 22:37 - 00064578 ____C () C:\WINDOWS\tabletoc.log 2015-04-07 19:53 - 2012-01-18 22:37 - 00063105 ____C () C:\WINDOWS\msgsocm.log 2015-04-07 19:53 - 2012-01-18 22:37 - 00005301 _____ () C:\WINDOWS\imsins.log 2015-04-07 19:53 - 2012-01-18 22:31 - 00000000 ____D () C:\WINDOWS\system32\inetsrv 2015-04-07 19:52 - 2012-01-18 22:37 - 00407276 ____C () C:\WINDOWS\msmqinst.log 2015-04-07 19:52 - 2012-01-18 22:37 - 00219486 ____C () C:\WINDOWS\netfxocm.log 2015-04-07 18:42 - 2012-01-18 22:36 - 00001052 _____ () C:\WINDOWS\setupact.log 2015-04-07 18:38 - 2014-06-03 18:03 - 00001826 _____ () C:\Documents and Settings\AMP\Menu Start\Programy\Spotify.lnk 2015-04-02 10:44 - 2014-05-06 16:07 - 00002219 _____ () C:\Documents and Settings\AMP\Pulpit\na ulotke.txt 2015-03-31 23:40 - 2012-01-18 22:01 - 00000000 ___RD () C:\Documents and Settings\AMP\Menu Start\Programy\Autostart 2015-03-31 11:36 - 2014-10-27 17:07 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\AVG 2015-03-31 00:57 - 2015-03-30 23:27 - 00000000 ____D () C:\Documents and Settings\AMP\Dane aplikacji\Inspyder Sitemap Creator 2015-03-31 00:57 - 2014-11-09 15:02 - 00000000 ____D () C:\Documents and Settings\AMP\Pulpit\www ==================== Files in the root of some directories ======= 2011-01-20 15:58 - 2011-01-20 15:58 - 130026163 ____C () C:\Program Files\openofficeorg1.cab 2011-01-20 16:02 - 2011-01-20 16:02 - 2994176 ____C () C:\Program Files\openofficeorg33.msi 2011-01-20 16:00 - 2011-01-20 16:00 - 0475016 ____C () C:\Program Files\setup.exe 2011-01-20 15:13 - 2011-01-20 15:13 - 0000290 ____C () C:\Program Files\setup.ini 2012-04-03 22:49 - 2012-04-03 22:49 - 0002528 ____C () C:\Documents and Settings\AMP\Dane aplikacji\$_hpcst$.hpc 2012-01-23 16:38 - 2015-04-29 20:03 - 0003584 _____ () C:\Documents and Settings\AMP\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-03-19 13:22 - 2014-03-19 13:22 - 0000998 ____C () C:\Documents and Settings\AMP\Ustawienia lokalne\Dane aplikacji\recently-used.xbel Some content of TEMP: ==================== C:\Documents and Settings\AMP\Ustawienia lokalne\Temp\RtkBtMnt.exe C:\Documents and Settings\piotr\Ustawienia lokalne\Temp\Dexxon_v2.34.exe C:\Documents and Settings\piotr\Ustawienia lokalne\Temp\RtkBtMnt.exe C:\Documents and Settings\piotr\Ustawienia lokalne\Temp\setup.exe C:\Documents and Settings\piotr\Ustawienia lokalne\Temp\Shockwave_Installer_FF.exe C:\Documents and Settings\piotr\Ustawienia lokalne\Temp\SkypeSetup.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================