Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-05-2015 Ran by Stefanija (administrator) on STEFANIJ-D3C639 on 03-05-2015 23:31:31 Running from D:\Nowy folder (2)\FRST Loaded Profiles: Stefanija (Available profiles: Stefanija & MasterAdmin) Platform: Microsoft Windows XP Professional Dodatek Service Pack 2 (X86) OS Language: Polski Internet Explorer Version 7 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (IObit) C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (IObit) C:\Program Files\IObit\Smart Defrag 4\SmartDefrag.exe () C:\Documents and Settings\Stefanija\Ustawienia lokalne\Dane aplikacji\tuto4pc_pl_1\supt4pc_pl_1.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe (Intel Corporation) C:\WINDOWS\system32\igfxpers.exe (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe () C:\PROGRA~1\HEWLET~1\Shared\HPQTOA~1.EXE (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\WINDOWS\system32\sndvol32.exe (Microsoft Corporation) C:\WINDOWS\system32\taskmgr.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe (Gretech Corp.) C:\Program Files\GRETECH\GomPlayer\GOM.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [hpWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [472776 2007-01-10] (Hewlett-Packard Development Company, L.P.) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [3117384 2012-11-16] (ESET) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM\...\Run: [NPSStartup] => [X] HKU\S-1-5-19\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32 HKU\S-1-5-19\...\RunOnce: [nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N HKU\S-1-5-20\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32 HKU\S-1-5-20\...\RunOnce: [nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N HKU\S-1-5-18\...\Run: [Advanced SystemCare 8] => C:\Program Files\IObit\Advanced SystemCare 8\ASCTray.exe [2429728 2015-04-08] (IObit) HKU\S-1-5-18\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32 HKU\S-1-5-18\...\RunOnce: [nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp220150314 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-1060284298-2147154963-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?ocid=iehp URLSearchHook: [S-1-5-21-1060284298-2147154963-839522115-1003] ATTENTION ==> Default URLSearchHook is missing. SearchScopes: HKLM -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://startsear.ch/?aff=2&src=sp&cf=30900424-1de3-11e2-9cb5-001a73392c8d&q={searchTerms} SearchScopes: HKU\.DEFAULT -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://startsear.ch/?aff=2&src=sp&cf=30900424-1de3-11e2-9cb5-001a73392c8d&q={searchTerms} SearchScopes: HKU\S-1-5-21-1060284298-2147154963-839522115-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.v9.com/web/?q={searchTerms} SearchScopes: HKU\S-1-5-21-1060284298-2147154963-839522115-1003 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=U3&apn_dtid=OSJ000YYPL&apn_uid=AB1111E1-2EC7-44DF-AFAD-AE38CA13EE17&apn_sauid=68DBDC0E-B595-45FE-964F-3E762046BF80 SearchScopes: HKU\S-1-5-21-1060284298-2147154963-839522115-1003 -> {2AB582F3-130F-439A-9AFF-D7A9AF2CC214} URL = http://isearch.avg.com/search?cid={5071202F-549E-4184-AAFE-0ACDC17CCF36}&mid=16ac0536431747d1bf10d15335ddc57e-563424ff8416fc81fd4757abb07d68bf87fcca3e&lang=pl&ds=AVG&pr=fr&d=2012-02-01 20:41:46&v=10.0.0.7&sap=dsp&q={searchTerms} SearchScopes: HKU\S-1-5-21-1060284298-2147154963-839522115-1003 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.v9.com/web/?q={searchTerms} SearchScopes: HKU\S-1-5-21-1060284298-2147154963-839522115-1003 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={5071202F-549E-4184-AAFE-0ACDC17CCF36}&mid=16ac0536431747d1bf10d15335ddc57e-563424ff8416fc81fd4757abb07d68bf87fcca3e&lang=pl&ds=AVG&pr=fr&d=2012-02-01 20:41:46&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms} BHO: Lexmark Pasek narzędzi -> {1017A80C-6F09-4548-A84D-EDD6AC9525F0} -> C:\Program Files\Lexmark Toolbar\toolband.dll [2006-01-25] () BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll [2015-01-21] (IObit) BHO: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll [2011-04-11] (BitComet) BHO: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2015-04-01] (IObit) Toolbar: HKLM - Lexmark Pasek narzędzi - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll [2006-01-25] () Toolbar: HKLM - ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll [2015-01-21] (IObit) Toolbar: HKU\.DEFAULT -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File Toolbar: HKU\.DEFAULT -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Toolbar: HKU\S-1-5-21-1060284298-2147154963-839522115-1003 -> Lexmark Pasek narzędzi - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll [2006-01-25] () Toolbar: HKU\S-1-5-21-1060284298-2147154963-839522115-1003 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File Toolbar: HKU\S-1-5-21-1060284298-2147154963-839522115-1003 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File Toolbar: HKU\S-1-5-21-1060284298-2147154963-839522115-1003 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll [2007-07-14] (Microsoft Corporation) Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll [2007-07-14] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{BD2571C4-E078-4E22-9A16-AA19E0758C26}: [NameServer] 8.8.8.8,8.8.4.4 FireFox: ======== FF ProfilePath: C:\Documents and Settings\Stefanija\Dane aplikacji\Mozilla\Firefox\Profiles\4yhh2aoz.default-1429698319406 FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-05-02] () FF Plugin: @IObit.com/np_Asc_Plugin -> C:\Program Files\IObit\Surfing Protection\BrowerProtect\np_Asc_plugin.dll [2013-07-17] (IObit) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation) FF Plugin: @real.com/nppl3260;version=6.0.12.69 -> C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll [2008-09-10] (RealNetworks, Inc.) FF Plugin: @real.com/nprpjplug;version=6.0.12.69 -> C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll [2008-09-10] (RealNetworks, Inc.) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-07-31] (VideoLAN) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.) FF user.js: detected! => C:\Documents and Settings\Stefanija\Dane aplikacji\Mozilla\Firefox\Profiles\4yhh2aoz.default-1429698319406\user.js [2015-04-22] FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll [2012-01-12] (BitComet) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-08-05] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2008-09-10] (RealNetworks, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll [2008-09-10] (RealNetworks, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npvsharetvplg.dll [2011-10-27] (LiveVDO ) FF Extension: Advanced SystemCare Surfing Protection - C:\Documents and Settings\Stefanija\Dane aplikacji\Mozilla\Firefox\Profiles\4yhh2aoz.default-1429698319406\Extensions\iobitascsurfingprotection@iobit.com [2015-04-22] FF Extension: Adblock Plus - C:\Documents and Settings\Stefanija\Dane aplikacji\Mozilla\Firefox\Profiles\4yhh2aoz.default-1429698319406\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-23] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-02-01] FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-12-22] FF ExtraCheck: C:\Program Files\mozilla firefox\firefox.cfg [2015-04-23] <==== ATTENTION Chrome: ======= CHR Profile: C:\Documents and Settings\Stefanija\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default CHR Extension: (AdBlock) - C:\Documents and Settings\Stefanija\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-06-26] CHR Extension: (Chrome In-App Payments service) - C:\Documents and Settings\Stefanija\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30] CHR Extension: (LiveVDO plugin) - C:\Documents and Settings\Stefanija\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pbiamblgmkgbcgbcgejjgebalncpmhnp [2013-02-28] CHR HKLM\...\Chrome\Extension: [jmfkcklnlgedgbglfkkgedjfmejoahla] - C:\Program Files\AVG\AVG2012\Chrome\safesearch.crx [Not Found] CHR HKLM\...\Chrome\Extension: [pbiamblgmkgbcgbcgejjgebalncpmhnp] - C:\Program Files\StartSearch plugin\vshareplg.crx [Not Found] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S2 AdvancedSystemCareService8; C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe [814880 2015-04-03] (IObit) S2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [913184 2012-11-16] (ESET) S2 HDDlife HDD Access service; C:\Program Files\Common Files\BinarySense\hldasvc.exe [2050312 2013-09-13] (BinarySense, Inc.) R3 hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [135168 2006-05-02] (Hewlett-Packard Development Company, L.P.) [File not signed] R2 IMFservice; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [344896 2014-09-30] (IObit) S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2585376 2015-03-26] (IObit) S2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation) R2 supt4pc_pl_1; C:\Documents and Settings\Stefanija\Ustawienia lokalne\Dane aplikacji\tuto4pc_pl_1\supt4pc_pl_1.exe [3055976 2012-11-05] () [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 BCM43XX; C:\WINDOWS\System32\DRIVERS\bcmwl5.sys [604928 2006-11-01] (Broadcom Corporation) S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2004-08-04] (Microsoft Corporation) R1 eamon; C:\WINDOWS\System32\DRIVERS\eamon.sys [160856 2012-11-16] (ESET) R1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [120152 2012-03-14] (ESET) R1 epfwtdir; C:\WINDOWS\System32\DRIVERS\epfwtdir.sys [104160 2012-03-14] (ESET) S3 FileMonitor; C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys [247968 2013-03-23] (IObit) S3 FsUsbExDisk; C:\WINDOWS\system32\FsUsbExDisk.SYS [36608 2010-06-14] () [File not signed] R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [File not signed] R3 HdAudAddService; C:\WINDOWS\System32\drivers\CHDAud.sys [594432 2006-08-22] (Conexant Systems Inc.) R3 HDAudBus; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [138752 2007-10-16] (Windows (R) Server 2003 DDK provider) [File not signed] R3 HSFHWAZL; C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys [209664 2006-12-21] (Conexant Systems, Inc.) R3 HSF_DPV; C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys [988800 2006-12-21] (Conexant Systems, Inc.) R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO32.SYS [23840 2015-01-21] (REALiX(tm)) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation) S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [114904 2015-04-30] (Malwarebytes Corporation) S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2004-08-04] (Microsoft Corporation) S3 RegFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\regfilter.sys [31776 2013-11-19] (IObit.com) S3 Secdrv; C:\WINDOWS\System32\DRIVERS\secdrv.sys [27440 2004-07-17] () R0 SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [15808 2014-06-04] (IObit) R0 speedfan; C:\WINDOWS\System32\speedfan.sys [24184 2012-12-29] (Almico Software) S3 ss_bbus; C:\WINDOWS\System32\DRIVERS\ss_bbus.sys [98432 2010-04-27] (MCCI) S3 ss_bmdfl; C:\WINDOWS\System32\DRIVERS\ss_bmdfl.sys [14848 2010-04-27] (MCCI Corporation) S3 ss_bmdm; C:\WINDOWS\System32\DRIVERS\ss_bmdm.sys [123648 2010-04-27] (MCCI Corporation) R1 StarOpen; C:\WINDOWS\system32\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed] R1 Tcpip; C:\WINDOWS\System32\DRIVERS\tcpip.sys [360576 2007-10-16] (Microsoft Corporation) [File not signed] S3 UrlFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\UrlFilter.sys [17360 2013-11-19] (IObit.com) S3 EraserUtilDrv11220; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11220.sys [X] S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X] S4 IntelIde; No ImagePath S3 UIUSys; system32\DRIVERS\UIUSYS.SYS [X] U1 WS2IFSL; No ImagePath ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-05-03 08:57 - 2015-05-03 08:57 - 00000754 _____ () C:\WINDOWS\setupapi.log 2015-05-03 08:46 - 2015-05-03 09:12 - 00000159 _____ () C:\WINDOWS\wiadebug.log 2015-05-03 08:46 - 2015-05-03 09:12 - 00000050 _____ () C:\WINDOWS\wiaservc.log 2015-05-03 08:46 - 2015-05-03 08:46 - 00000000 _____ () C:\WINDOWS\Sti_Trace.log 2015-05-03 08:40 - 2015-05-03 09:03 - 00019874 _____ () C:\WINDOWS\SchedLgU.Txt 2015-05-02 23:38 - 2015-05-02 23:38 - 00000613 _____ () C:\Documents and Settings\Stefanija\Pulpit\HD Tune.lnk 2015-05-02 23:38 - 2015-05-02 23:38 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\HD Tune 2015-05-02 23:37 - 2015-05-02 23:38 - 00000000 ____D () C:\Program Files\HD Tune 2015-05-02 13:53 - 2015-05-02 13:53 - 00000000 ____D () C:\DbzC6CC0 2015-05-02 11:47 - 2015-05-02 11:47 - 00000704 _____ () C:\Documents and Settings\Stefanija\Pulpit\ty.txt 2015-05-02 06:30 - 2015-05-02 06:30 - 00000000 ____D () C:\Documents and Settings\MasterAdmin.STEFANIJ-D3C639\Ustawienia lokalne\Dane aplikacji\Mozilla 2015-05-02 06:30 - 2015-05-02 06:30 - 00000000 ____D () C:\Documents and Settings\MasterAdmin.STEFANIJ-D3C639\Dane aplikacji\Mozilla 2015-05-02 06:03 - 2015-05-02 06:37 - 00000188 ___SH () C:\Documents and Settings\MasterAdmin.STEFANIJ-D3C639\ntuser.ini 2015-05-02 06:03 - 2015-05-02 06:36 - 00000000 ____D () C:\Documents and Settings\MasterAdmin.STEFANIJ-D3C639 2015-05-02 06:03 - 2015-05-02 06:35 - 00000000 ____D () C:\Documents and Settings\MasterAdmin.STEFANIJ-D3C639\Ustawienia lokalne\Temp 2015-05-02 06:03 - 2015-05-02 06:30 - 00000000 __RHD () C:\Documents and Settings\MasterAdmin.STEFANIJ-D3C639\Dane aplikacji 2015-05-02 06:03 - 2015-05-02 06:30 - 00000000 ___HD () C:\Documents and Settings\MasterAdmin.STEFANIJ-D3C639\Ustawienia lokalne\Dane aplikacji 2015-05-02 06:03 - 2013-10-16 00:51 - 00000000 ____D () C:\Documents and Settings\MasterAdmin.STEFANIJ-D3C639\Dane aplikacji\Macromedia 2015-05-02 06:03 - 2013-01-31 11:01 - 00000000 ____D () C:\Documents and Settings\MasterAdmin.STEFANIJ-D3C639\Dane aplikacji\TuneUp Software 2015-05-02 06:03 - 2011-12-28 23:10 - 00000000 __SHD () C:\Documents and Settings\MasterAdmin.STEFANIJ-D3C639\Ustawienia lokalne\Historia 2015-05-02 06:03 - 2011-12-28 23:10 - 00000000 ___RD () C:\Documents and Settings\MasterAdmin.STEFANIJ-D3C639\Menu Start\Programy\Autostart 2015-05-02 06:03 - 2011-12-28 23:10 - 00000000 ___RD () C:\Documents and Settings\MasterAdmin.STEFANIJ-D3C639\Menu Start 2015-05-02 06:03 - 2011-12-28 23:10 - 00000000 ___HD () C:\Documents and Settings\MasterAdmin.STEFANIJ-D3C639\Ustawienia lokalne 2015-05-02 06:03 - 2011-12-28 23:10 - 00000000 ____D () C:\Documents and Settings\MasterAdmin.STEFANIJ-D3C639\Ulubione 2015-05-02 06:03 - 2011-12-28 23:10 - 00000000 ____D () C:\Documents and Settings\MasterAdmin.STEFANIJ-D3C639\Pulpit 2015-05-02 06:03 - 2011-12-28 23:10 - 00000000 ____D () C:\Documents and Settings\MasterAdmin.STEFANIJ-D3C639\Moje dokumenty 2015-05-02 06:03 - 2011-12-28 22:17 - 00001599 _____ () C:\Documents and Settings\MasterAdmin.STEFANIJ-D3C639\Menu Start\Programy\Pomoc zdalna.lnk 2015-05-02 06:03 - 2011-12-28 22:17 - 00000788 _____ () C:\Documents and Settings\MasterAdmin.STEFANIJ-D3C639\Menu Start\Programy\Windows Media Player.lnk 2015-05-02 06:03 - 2011-12-28 22:17 - 00000000 ___RD () C:\Documents and Settings\MasterAdmin.STEFANIJ-D3C639\Menu Start\Programy\Akcesoria 2015-05-02 06:03 - 2011-12-28 22:17 - 00000000 ___RD () C:\Documents and Settings\MasterAdmin.STEFANIJ-D3C639\Menu Start\Programy 2015-05-02 06:03 - 2011-12-28 22:14 - 00000000 ___HD () C:\Documents and Settings\MasterAdmin.STEFANIJ-D3C639\Szablony 2015-04-25 14:20 - 2015-04-28 02:20 - 00000572 _____ () C:\Documents and Settings\Stefanija\Pulpit\friendly_fondling.lnk 2015-04-25 12:03 - 2015-04-25 12:03 - 00013571 _____ () C:\Documents and Settings\Stefanija\Pulpit\indeks.jpeg 2015-04-25 04:56 - 2015-04-30 03:23 - 00001831 _____ () C:\Documents and Settings\Stefanija\Pulpit\okj.txt 2015-04-23 11:07 - 2015-05-03 23:33 - 00000000 ____D () C:\FRST 2015-04-23 02:12 - 2015-04-23 02:29 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2015-04-22 21:04 - 2015-04-30 19:40 - 00114904 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-04-22 20:58 - 2015-04-22 20:58 - 00000777 _____ () C:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk 2015-04-22 20:58 - 2015-04-22 20:58 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes Anti-Malware 2015-04-22 20:57 - 2015-04-22 20:58 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware 2015-04-22 20:57 - 2014-11-21 06:14 - 00054360 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2015-04-22 20:57 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2015-04-22 20:33 - 2015-04-22 20:37 - 00000000 ____D () C:\Documents and Settings\Stefanija\Pulpit\WAŻNE2015 2015-04-22 18:58 - 2015-05-03 09:08 - 00000282 _____ () C:\WINDOWS\Tasks\SmartDefrag4_Startup.job 2015-04-22 18:57 - 2015-05-03 09:10 - 00000280 _____ () C:\WINDOWS\Tasks\SmartDefrag4_Update.job 2015-04-22 18:57 - 2015-01-10 15:32 - 00109856 _____ (IObit) C:\WINDOWS\system32\IObitSmartDefragExtension.dll 2015-04-22 18:55 - 2014-06-04 15:17 - 00015808 _____ (IObit) C:\WINDOWS\system32\Drivers\SmartDefragDriver.sys 2015-04-22 18:54 - 2015-04-22 18:54 - 00000823 _____ () C:\Documents and Settings\All Users\Pulpit\Smart Defrag 4.lnk 2015-04-22 18:54 - 2015-04-22 18:54 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Smart Defrag 4 2015-04-21 21:32 - 2015-04-21 21:32 - 00000893 _____ () C:\Documents and Settings\Stefanija\Pulpit\Win Fix.lnk 2015-04-21 14:47 - 2015-04-21 14:48 - 00150654 _____ () C:\extremepack.zip 2015-04-21 14:47 - 2015-04-21 14:47 - 00050210 _____ () C:\elliot.zip 2015-04-17 02:49 - 2015-05-03 23:17 - 00000930 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-04-17 02:49 - 2015-05-02 13:51 - 00778416 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2015-04-17 02:49 - 2015-05-02 13:51 - 00142512 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2015-04-15 15:32 - 2015-04-15 15:33 - 00000000 ____D () C:\Nowy folder (2) 2015-04-11 22:47 - 2015-04-11 22:47 - 00000000 ____D () C:\Program Files\Common Files\PDF Architect 2015-04-06 01:11 - 2015-04-06 01:11 - 00000783 _____ () C:\Documents and Settings\Stefanija\Pulpit\Kamerzysta.lnk 2015-04-06 01:11 - 2015-04-06 01:11 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Kamerzysta ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-05-04 00:15 - 2011-12-28 22:20 - 00000000 ____D () C:\Documents and Settings\Stefanija\Ustawienia lokalne\Temp 2015-05-03 23:31 - 2012-12-18 10:27 - 00001036 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-05-03 23:25 - 2013-01-20 01:25 - 00567910 _____ () C:\WINDOWS\WindowsUpdate.log 2015-05-03 22:54 - 2015-01-30 15:31 - 00000000 ____D () C:\Documents and Settings\Stefanija\Dane aplikacji\GG 2015-05-03 21:28 - 2012-12-18 10:26 - 00000000 ____D () C:\Documents and Settings\Stefanija\Dane aplikacji\BitComet 2015-05-03 17:44 - 2011-12-28 23:10 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy 2015-05-03 17:29 - 2011-12-28 22:20 - 00000000 ___HD () C:\Documents and Settings\Stefanija\Ustawienia lokalne\Dane aplikacji 2015-05-03 17:29 - 2011-12-28 22:19 - 00000000 ___HD () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji 2015-05-03 16:46 - 2013-12-10 22:37 - 00000000 ____D () C:\Documents and Settings\Stefanija\Ustawienia lokalne\Dane aplikacji\Mobogenie 2015-05-03 16:38 - 2011-12-28 23:10 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit 2015-05-03 16:32 - 2012-12-18 10:27 - 00000000 ____D () C:\Documents and Settings\Stefanija\Ustawienia lokalne\Dane aplikacji\Google 2015-05-03 16:32 - 2012-12-18 10:26 - 00000000 ____D () C:\Program Files\Google 2015-05-03 16:32 - 2011-12-28 23:10 - 00000000 __RHD () C:\Documents and Settings\All Users\Dane aplikacji 2015-05-03 16:32 - 2011-12-28 22:20 - 00000000 __RHD () C:\Documents and Settings\Stefanija\Dane aplikacji 2015-05-03 15:31 - 2011-12-28 22:20 - 00000000 ___RD () C:\Documents and Settings\Stefanija\Menu Start\Programy 2015-05-03 15:31 - 2011-12-28 22:20 - 00000000 ____D () C:\Documents and Settings\Stefanija\Pulpit 2015-05-03 11:31 - 2012-12-18 10:27 - 00001032 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-05-03 09:13 - 2014-12-13 15:49 - 00000274 _____ () C:\WINDOWS\Tasks\Driver Booster Update.job 2015-05-03 09:12 - 2014-12-13 15:49 - 00000272 _____ () C:\WINDOWS\Tasks\Driver Booster Scan.job 2015-05-03 09:12 - 2013-12-28 15:45 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\TEMP 2015-05-03 09:07 - 2011-12-28 22:19 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2015-05-03 09:03 - 2011-12-28 22:20 - 00000188 ___SH () C:\Documents and Settings\Stefanija\ntuser.ini 2015-05-03 09:02 - 2011-12-28 22:20 - 00000000 ____D () C:\Documents and Settings\Stefanija 2015-05-03 05:29 - 2011-12-28 23:13 - 00000000 ____D () C:\Documents and Settings\Stefanija\Dane aplikacji\Media Player Classic 2015-05-03 04:03 - 2015-03-21 18:24 - 19992576 _____ () C:\WINDOWS\system32\config\software.iobit 2015-05-03 04:03 - 2015-03-21 18:24 - 00438272 _____ () C:\WINDOWS\system32\config\default.iobit 2015-05-03 04:03 - 2015-03-21 18:24 - 00049152 _____ () C:\WINDOWS\system32\config\SECURITY.iobit 2015-05-03 04:03 - 2015-03-21 18:24 - 00024576 _____ () C:\WINDOWS\system32\config\SAM.iobit 2015-05-03 04:03 - 2011-12-28 22:19 - 00000000 __SHD () C:\Documents and Settings\NetworkService 2015-05-03 04:03 - 2011-12-28 22:19 - 00000000 __SHD () C:\Documents and Settings\LocalService 2015-05-02 15:36 - 2012-10-29 15:42 - 00000000 ____D () C:\WINDOWS\Minidump 2015-05-02 13:14 - 2011-12-28 23:10 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy\Autostart 2015-05-02 13:07 - 2014-12-13 15:49 - 00001785 _____ () C:\Documents and Settings\All Users\Pulpit\Driver Booster 2.lnk 2015-05-02 13:01 - 2011-12-28 23:05 - 00000000 ____D () C:\Documents and Settings\Stefanija\Dane aplikacji\AIMP 2015-05-02 02:31 - 2001-07-22 04:17 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl 2015-04-30 08:18 - 2014-04-23 09:35 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\ProductData 2015-04-28 08:28 - 2011-12-28 22:59 - 00000000 ____D () C:\WINDOWS\mui 2015-04-28 03:46 - 2013-06-04 02:41 - 00000000 ____D () C:\WINDOWS\system32\WNLT 2015-04-28 03:45 - 2011-12-28 22:20 - 00000000 ___RD () C:\Documents and Settings\Stefanija\Menu Start\Programy\Autostart 2015-04-27 21:40 - 2011-12-30 18:10 - 00000000 ____D () C:\Documents and Settings\Stefanija\Moje dokumenty\Pobieranie 2015-04-24 03:56 - 2014-04-23 10:02 - 00000909 _____ () C:\Documents and Settings\Stefanija\Pulpit\LICENCJA NA ROK.txt 2015-04-23 22:32 - 2014-07-14 00:05 - 00000000 ____D () C:\Documents and Settings\Stefanija\Moje dokumenty\Pobrane 2015-04-23 12:51 - 2015-03-05 22:13 - 00000000 ____D () C:\Documents and Settings\Stefanija\Moje dokumenty\Nowy folder (2) 2015-04-23 12:50 - 2015-03-07 12:06 - 00000000 ____D () C:\Documents and Settings\Stefanija\Moje dokumenty\VICKA 2015-04-23 12:49 - 2011-12-28 22:20 - 00000000 ___RD () C:\Documents and Settings\Stefanija\Moje dokumenty 2015-04-23 12:18 - 2012-11-08 23:39 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2015-04-22 23:10 - 2015-01-24 12:27 - 00000000 ____D () C:\Documents and Settings\NetworkService\Dane aplikacji\IObit 2015-04-22 23:00 - 2011-12-28 22:19 - 00000188 __SHC () C:\Documents and Settings\LocalService\ntuser.ini 2015-04-22 20:59 - 2012-12-22 18:16 - 00000000 ____D () C:\Documents and Settings\Stefanija\Dane aplikacji\Malwarebytes 2015-04-22 20:57 - 2012-12-22 18:16 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes 2015-04-22 20:56 - 2012-12-22 18:16 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware 2015-04-22 20:42 - 2014-09-16 03:30 - 00000000 ____D () C:\Documents and Settings\Stefanija\Moje dokumenty\slófka 2015-04-22 20:20 - 2015-01-21 22:58 - 00001822 _____ () C:\Documents and Settings\All Users\Pulpit\Advanced SystemCare 8.lnk 2015-04-22 18:53 - 2015-01-21 22:58 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Advanced SystemCare 8 2015-04-22 18:52 - 2014-04-23 09:31 - 00000000 ____D () C:\Program Files\IObit 2015-04-22 18:50 - 2014-04-23 09:31 - 00000000 ____D () C:\Documents and Settings\Stefanija\Dane aplikacji\IObit 2015-04-22 18:32 - 2014-12-13 15:49 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Driver Booster 2 2015-04-21 23:31 - 2013-10-03 11:12 - 00000000 ____D () C:\Documents and Settings\Stefanija\Dane aplikacji\vlc 2015-04-21 18:31 - 2014-04-23 09:58 - 00000000 ____D () C:\Documents and Settings\Stefanija\Moje dokumenty\Nowy folder (3) 2015-04-21 14:36 - 2001-10-26 22:15 - 00488150 _____ () C:\WINDOWS\system32\perfh015.dat 2015-04-21 14:36 - 2001-10-26 22:15 - 00082484 _____ () C:\WINDOWS\system32\perfc015.dat 2015-04-21 14:34 - 2011-12-28 23:11 - 01078760 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2015-04-17 21:33 - 2013-12-10 23:43 - 00000000 ____D () C:\Program Files\Samsung 2015-04-17 21:32 - 2013-12-10 22:49 - 00000000 ____D () C:\Documents and Settings\Stefanija\Dane aplikacji\Samsung 2015-04-17 02:46 - 2014-05-29 06:55 - 00000000 ____D () C:\Documents and Settings\Stefanija\Ustawienia lokalne\Dane aplikacji\Adobe 2015-04-16 21:43 - 2011-12-28 22:51 - 00039936 ____C () C:\Documents and Settings\Stefanija\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-04-12 17:58 - 2011-12-28 22:32 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information 2015-04-10 09:17 - 2015-01-30 15:17 - 00000000 ____D () C:\Documents and Settings\Stefanija\Ustawienia lokalne\Dane aplikacji\GG 2015-04-06 01:11 - 2012-10-10 01:34 - 00000000 ____D () C:\Program Files\Common Files\Onet.pl 2015-04-06 01:11 - 2012-10-10 01:34 - 00000000 ____D () C:\Documents and Settings\Stefanija\Dane aplikacji\Kamerzysta 2015-04-06 01:01 - 2013-01-05 23:22 - 00000000 ____D () C:\Program Files\Onet ==================== Files in the root of some directories ======= 2013-12-10 23:46 - 2013-12-10 23:46 - 0002528 _____ () C:\Documents and Settings\Stefanija\Dane aplikacji\$_hpcst$.hpc 2011-12-28 22:51 - 2015-04-16 21:43 - 0039936 ____C () C:\Documents and Settings\Stefanija\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini Some content of TEMP: ==================== C:\Documents and Settings\Stefanija\Ustawienia lokalne\Temp\uninst1.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe [2007-10-17 21:30] - [2007-10-17 21:30] - 0974848 ____A (Microsoft Corporation) 16df8a100e8966e48ba00c86f6c89972 C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll [2007-07-10 15:06] - [2007-07-10 15:06] - 0642560 ____A (Microsoft Corporation) ce594e18fe0d0af804f1f3694921ce62 C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed