?Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 18-07-2015 01 Ran by Kaziu (administrator) on HOME123 on 20-07-2015 18:42:29 Running from C:\Documents and Settings\Kaziu\Pulpit\raporty Loaded Profiles: Kaziu (Available Profiles: Kaziu & Rodzice) Platform: Microsoft Windows XP Professional Dodatek Service Pack 2 (X86) OS Language: Polski Internet Explorer Version 6 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe (Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe () C:\WINDOWS\system32\PnkBstrA.exe (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Creative Technology Ltd.) C:\WINDOWS\V0420Mon.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Creative Technology Ltd) C:\Program Files\Creative\Shared Files\CTSched.exe (Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe (TeamSpeak Systems GmbH) C:\Documents and Settings\Kaziu\Ustawienia lokalne\Dane aplikacji\TeamSpeak 3 Client\ts3client_win32.exe (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16844800 2007-09-19] (Realtek Semiconductor Corp.) HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.) HKLM\...\Run: [JMB36X IDE Setup] => C:\WINDOWS\RaidTool\xInsIDE.exe [36864 2007-03-20] () HKLM\...\Run: [36X Raid Configurer] => C:\WINDOWS\system32\xRaidSetup.exe [1966080 2007-08-29] (Gigabyte Technology Corp.) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM\...\Run: [V0420Mon.exe] => C:\WINDOWS\V0420Mon.exe [32768 2007-04-30] (Creative Technology Ltd.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-07-20] (AVAST Software) HKU\S-1-5-19\...\RunOnce: [nlpo_01] => cmd.exe /c md "%USERPROFILE%\Ustawienia lokalne\Temp" HKU\S-1-5-19\...\RunOnce: [nlpo_02] => rundll32 advpack.dll,DelNodeRunDLL32 "%SystemRoot%\System32\dllcache" HKU\S-1-5-19\...\RunOnce: [nlpo_03] => cmd.exe /c md "%SystemRoot%\System32\dllcache" HKU\S-1-5-19\...\RunOnce: [nlpo_04] => C:\WINDOWS\System32\syssetup.dll [991744 2006-08-10] (Microsoft Corporation) HKU\S-1-5-19\...\RunOnce: [nlpo_05] => rundll32 advpack.dll,LaunchINFSection nlite.inf,nLiteReg HKU\S-1-5-19\...\RunOnce: [nlpo_06] => rundll32 advpack.dll,LaunchINFSection nlite.inf,S HKU\S-1-5-20\...\RunOnce: [nlpo_01] => cmd.exe /c md "%USERPROFILE%\Ustawienia lokalne\Temp" HKU\S-1-5-20\...\RunOnce: [nlpo_02] => rundll32 advpack.dll,DelNodeRunDLL32 "%SystemRoot%\System32\dllcache" HKU\S-1-5-20\...\RunOnce: [nlpo_03] => cmd.exe /c md "%SystemRoot%\System32\dllcache" HKU\S-1-5-20\...\RunOnce: [nlpo_04] => C:\WINDOWS\System32\syssetup.dll [991744 2006-08-10] (Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [nlpo_05] => rundll32 advpack.dll,LaunchINFSection nlite.inf,nLiteReg HKU\S-1-5-20\...\RunOnce: [nlpo_06] => rundll32 advpack.dll,LaunchINFSection nlite.inf,S HKU\S-1-5-21-796845957-1647877149-1801674531-1003\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [455968 2007-10-18] (Hewlett-Packard Company) HKU\S-1-5-21-796845957-1647877149-1801674531-1003\...\Run: [CreativeTaskScheduler] => C:\Program Files\Creative\Shared Files\CTSched.exe [53341 2006-11-17] (Creative Technology Ltd) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-07-20] (AVAST Software) ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Kaziu\Dane aplikacji\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Kaziu\Dane aplikacji\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Kaziu\Dane aplikacji\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Kaziu\Dane aplikacji\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm HKU\S-1-5-21-796845957-1647877149-1801674531-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKU\S-1-5-21-796845957-1647877149-1801674531-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch URLSearchHook: HKU\S-1-5-21-796845957-1647877149-1801674531-1003 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "" <======= ATTENTION SearchScopes: HKLM -> DefaultScope value is missing BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-05-12] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-05-12] (Oracle Corporation) DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2011-11-03] (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{C51AE743-7F10-4105-80F9-B2874266D3D2}: [DhcpNameServer] 192.168.1.254 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_160.dll [2015-06-22] () FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-03-11] (Google, Inc.) FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-05-12] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-05-12] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-796845957-1647877149-1801674531-1003: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\Kaziu\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll [2015-03-27] (Unity Technologies ApS) FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-07-20] Chrome: ======= CHR Profile: C:\Documents and Settings\Kaziu\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Documents and Settings\Kaziu\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-20] CHR Extension: (Google Drive) - C:\Documents and Settings\Kaziu\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-20] CHR Extension: (YouTube) - C:\Documents and Settings\Kaziu\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-20] CHR Extension: (Battlefield Heroes) - C:\Documents and Settings\Kaziu\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh [2014-06-28] CHR Extension: (Google Search) - C:\Documents and Settings\Kaziu\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-20] CHR Extension: (AdBlock) - C:\Documents and Settings\Kaziu\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-06-25] CHR Extension: (Google Wallet) - C:\Documents and Settings\Kaziu\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-20] CHR Extension: (Clash of Clans) - C:\Documents and Settings\Kaziu\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ofafmlelfljkaoaglplpikoonkceepai [2015-01-14] CHR Extension: (Battlefield Play4Free) - C:\Documents and Settings\Kaziu\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh [2014-06-25] CHR Extension: (Gmail) - C:\Documents and Settings\Kaziu\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-20] CHR Profile: C:\Documents and Settings\Kaziu\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 1 CHR Extension: (Google Slides) - C:\Documents and Settings\Kaziu\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-14] CHR Extension: (Nordic Forest) - C:\Documents and Settings\Kaziu\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 1\Extensions\amekpplpfocpmaimnmgfjoibodpjedie [2015-01-14] CHR Extension: (Google Docs) - C:\Documents and Settings\Kaziu\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-14] CHR Extension: (Google Drive) - C:\Documents and Settings\Kaziu\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-14] CHR Extension: (YouTube) - C:\Documents and Settings\Kaziu\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-14] CHR Extension: (Google Search) - C:\Documents and Settings\Kaziu\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-14] CHR Extension: (Google Sheets) - C:\Documents and Settings\Kaziu\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-14] CHR Extension: (RMFon) - C:\Documents and Settings\Kaziu\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 1\Extensions\fmimndodhalboaeakkpfbophcagcelnn [2015-01-14] CHR Extension: (AdBlock) - C:\Documents and Settings\Kaziu\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-01-14] CHR Extension: (Avast Online Security) - C:\Documents and Settings\Kaziu\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-01-14] CHR Extension: (Google Wallet) - C:\Documents and Settings\Kaziu\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-14] CHR Extension: (Gmail) - C:\Documents and Settings\Kaziu\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-14] CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-20] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-20] (AVAST Software) R2 Dhcp; C:\WINDOWS\System32\dhcpcsvc.dll [111616 2006-08-10] (Microsoft Corporation) [File not signed] S3 GEST Service; C:\Program Files\GIGABYTE\GEST\GSvr.exe [47624 2007-12-14] () R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-05-12] (Oracle Corporation) R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76888 2014-06-28] () ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24016 2015-07-20] (AVAST Software) R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [76000 2015-07-20] (AVAST Software) R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55200 2015-07-20] (AVAST Software) R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49776 2015-07-20] (AVAST Software) R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [788784 2015-07-20] (AVAST Software) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [433264 2015-07-20] (AVAST Software) R3 aswStmXP; C:\WINDOWS\system32\drivers\aswStmXP.sys [161472 2015-07-20] (AVAST Software) S3 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57888 2015-07-20] (AVAST Software) R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [208664 2015-07-20] (AVAST Software) R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [278984 2014-06-13] () S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2004-08-03] (Microsoft Corporation) R1 dtsoftbus01; C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [239168 2015-02-23] (DT Soft Ltd) S3 ET5Drv; C:\WINDOWS\system32\Drivers\ET5Drv.sys [30008 2007-10-11] (Windows (R) 2000 DDK provider) S3 gdrv; C:\WINDOWS\gdrv.sys [16608 2014-05-25] (Windows (R) 2000 DDK provider) S3 hid7906; C:\WINDOWS\System32\drivers\hid7906.sys [41272 2008-08-08] (Your Corporation) S3 hid8101; C:\WINDOWS\System32\drivers\hid8101.sys [43192 2008-08-08] (Your Corporation) S3 hid8103; C:\WINDOWS\System32\drivers\hid8103.sys [40856 2008-08-08] (Your Corporation) R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO32.SYS [21664 2014-11-05] (REALiX(tm)) R0 JRAID; C:\WINDOWS\System32\DRIVERS\jraid.sys [65024 2007-09-29] (JMicron Technology Corp.) R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [25416 2014-06-13] () S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2004-08-03] (Microsoft Corporation) S3 Secdrv; C:\WINDOWS\System32\DRIVERS\secdrv.sys [27440 2004-07-17] () S3 V0420VID; C:\WINDOWS\System32\DRIVERS\V0420Vid.sys [99648 2007-05-31] (Creative Technology Ltd.) S3 h647906; system32\drivers\h647906.sys [X] S3 h648101; system32\drivers\h648101.sys [X] S3 h648103; system32\drivers\h648103.sys [X] S4 IntelIde; No ImagePath U1 WS2IFSL; No ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-20 18:05 - 2015-07-20 18:05 - 00000000 ____D C:\Documents and Settings\Kaziu\Dane aplikacji\AVAST Software 2015-07-20 18:00 - 2015-07-20 18:00 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\AVAST Software 2015-07-20 17:59 - 2015-07-20 18:39 - 00000362 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job 2015-07-20 17:59 - 2015-07-20 17:59 - 00788784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys 2015-07-20 17:59 - 2015-07-20 17:59 - 00433264 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2015-07-20 17:59 - 2015-07-20 17:59 - 00313472 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2015-07-20 17:59 - 2015-07-20 17:59 - 00208664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys 2015-07-20 17:59 - 2015-07-20 17:59 - 00161472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStmXP.sys 2015-07-20 17:59 - 2015-07-20 17:59 - 00076000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2015-07-20 17:59 - 2015-07-20 17:59 - 00057888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys 2015-07-20 17:59 - 2015-07-20 17:59 - 00055200 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys 2015-07-20 17:59 - 2015-07-20 17:59 - 00049776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys 2015-07-20 17:59 - 2015-07-20 17:59 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr 2015-07-20 17:59 - 2015-07-20 17:59 - 00024016 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys 2015-07-20 17:57 - 2015-07-20 17:57 - 00000000 ____D C:\Program Files\AVAST Software 2015-07-20 17:57 - 2015-07-20 17:57 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software 2015-07-18 20:33 - 2015-07-18 20:33 - 00006634 _____ C:\WINDOWS\iis6.log 2015-07-18 20:33 - 2015-07-18 20:33 - 00006183 _____ C:\WINDOWS\FaxSetup.log 2015-07-18 20:33 - 2015-07-18 20:33 - 00003106 _____ C:\WINDOWS\ocgen.log 2015-07-18 20:33 - 2015-07-18 20:33 - 00002829 _____ C:\WINDOWS\tsoc.log 2015-07-18 20:33 - 2015-07-18 20:33 - 00002027 _____ C:\WINDOWS\comsetup.log 2015-07-18 20:33 - 2015-07-18 20:33 - 00001916 _____ C:\WINDOWS\msmqinst.log 2015-07-18 20:33 - 2015-07-18 20:33 - 00001374 _____ C:\WINDOWS\imsins.log 2015-07-18 20:33 - 2015-07-18 20:33 - 00001229 _____ C:\WINDOWS\ntdtcsetup.log 2015-07-18 20:33 - 2015-07-18 20:33 - 00001083 _____ C:\WINDOWS\netfxocm.log 2015-07-18 20:33 - 2015-07-18 20:33 - 00000425 _____ C:\WINDOWS\MedCtrOC.log 2015-07-18 20:33 - 2015-07-18 20:33 - 00000386 _____ C:\WINDOWS\ocmsn.log 2015-07-18 20:33 - 2015-07-18 20:33 - 00000319 _____ C:\WINDOWS\tabletoc.log 2015-07-18 20:33 - 2015-07-18 20:33 - 00000309 _____ C:\WINDOWS\msgsocm.log 2015-07-18 20:33 - 2008-11-07 18:55 - 00016928 ____N (Microsoft Corporation) C:\WINDOWS\system32\spmsgXP_2k3.dll 2015-07-18 20:32 - 2015-07-20 18:00 - 00068972 _____ C:\WINDOWS\setupapi.log 2015-07-18 20:32 - 2015-07-20 18:00 - 00053535 _____ C:\WINDOWS\Wdf01009Inst.log 2015-07-18 20:32 - 2015-07-18 20:32 - 00000000 __HDC C:\WINDOWS\$NtUninstallWdf01009$ 2015-07-18 20:32 - 2015-07-18 20:32 - 00000000 _____ C:\WINDOWS\setuperr.log 2015-07-18 20:32 - 2015-07-18 20:32 - 00000000 _____ C:\WINDOWS\setupact.log 2015-07-18 20:30 - 2015-07-18 20:30 - 00024664 _____ C:\Documents and Settings\Kaziu\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT 2015-07-16 17:55 - 2015-07-16 17:55 - 00149200 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-07-08 16:33 - 2015-07-08 16:33 - 00000000 ____D C:\Documents and Settings\Kaziu\Menu Start\Programy\Drakensang Online ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-20 18:42 - 2015-05-23 19:01 - 00000000 ____D C:\Documents and Settings\Kaziu\Pulpit\raporty 2015-07-20 18:42 - 2015-01-26 15:35 - 00000000 ____D C:\FRST 2015-07-20 18:42 - 2014-04-20 14:41 - 00764054 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-07-20 18:42 - 2014-04-20 12:53 - 00000000 ____D C:\Documents and Settings\Kaziu\Ustawienia lokalne\Temp 2015-07-20 18:42 - 2001-10-26 20:15 - 00355486 _____ C:\WINDOWS\system32\perfh015.dat 2015-07-20 18:42 - 2001-10-26 20:15 - 00049492 _____ C:\WINDOWS\system32\perfc015.dat 2015-07-20 18:39 - 2014-04-20 15:13 - 00000000 ____D C:\Documents and Settings\Kaziu\Dane aplikacji\TS3Client 2015-07-20 18:39 - 2014-04-20 13:05 - 00001032 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-07-20 18:39 - 2014-04-20 12:53 - 00000000 ___SD C:\Documents and Settings\Kaziu\Ustawienia lokalne\Historia 2015-07-20 18:39 - 2014-04-20 12:48 - 00423636 _____ C:\WINDOWS\WindowsUpdate.log 2015-07-20 18:38 - 2014-04-20 14:44 - 00000157 _____ C:\WINDOWS\wiadebug.log 2015-07-20 18:38 - 2014-04-20 14:44 - 00000050 _____ C:\WINDOWS\wiaservc.log 2015-07-20 18:38 - 2014-04-20 12:51 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-07-20 18:38 - 2014-04-20 12:51 - 00000000 ___SD C:\Documents and Settings\LocalService\Ustawienia lokalne\Historia 2015-07-20 18:37 - 2014-04-20 12:53 - 00000188 ___SH C:\Documents and Settings\Kaziu\ntuser.ini 2015-07-20 18:37 - 2014-04-20 12:51 - 00032636 _____ C:\WINDOWS\SchedLgU.Txt 2015-07-20 18:36 - 2014-04-20 15:10 - 00000000 ___SD C:\Documents and Settings\Rodzice\Ustawienia lokalne\Historia 2015-07-20 18:36 - 2014-04-20 15:10 - 00000000 ____D C:\Documents and Settings\Rodzice\Ustawienia lokalne\Temp 2015-07-20 18:36 - 2014-04-20 14:41 - 00000000 ___SD C:\Documents and Settings\Default User\Ustawienia lokalne\Historia 2015-07-20 18:36 - 2014-04-20 12:51 - 00000000 ___HD C:\Documents and Settings\NetworkService\Ustawienia lokalne\Historia 2015-07-20 18:35 - 2014-04-20 14:41 - 00000000 ____D C:\Documents and Settings\All Users\Pulpit 2015-07-20 18:35 - 2014-04-20 14:41 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy 2015-07-20 18:35 - 2014-04-20 12:53 - 00000000 ___RD C:\Documents and Settings\Kaziu\Menu Start\Programy 2015-07-20 18:35 - 2014-04-20 12:53 - 00000000 ____D C:\Documents and Settings\Kaziu\Pulpit 2015-07-20 18:33 - 2014-06-12 14:37 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-07-20 18:21 - 2014-04-20 14:22 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes 2015-07-20 18:10 - 2014-04-20 13:30 - 00004256 _____ C:\WINDOWS\system32\nvAppTimestamps 2015-07-20 18:05 - 2014-04-20 12:53 - 00000000 __RHD C:\Documents and Settings\Kaziu\Dane aplikacji 2015-07-20 17:57 - 2014-04-20 14:41 - 00000000 ___RD C:\Documents and Settings\All Users\Dokumenty 2015-07-20 17:57 - 2014-04-20 14:39 - 00000000 __RHD C:\Documents and Settings\All Users\Dane aplikacji 2015-07-20 17:54 - 2014-04-20 13:05 - 00001036 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-07-20 17:48 - 2014-04-20 14:31 - 00000211 ___SH C:\boot.ini 2015-07-19 23:49 - 2014-04-20 13:18 - 00000000 ____D C:\Documents and Settings\Kaziu\Dane aplikacji\vlc 2015-07-19 21:41 - 2014-05-24 11:59 - 00000069 _____ C:\WINDOWS\NeroDigital.ini 2015-07-18 20:30 - 2014-04-20 12:53 - 00000000 ___HD C:\Documents and Settings\Kaziu\Ustawienia lokalne\Dane aplikacji 2015-07-18 20:27 - 2014-04-20 15:10 - 00000000 __RHD C:\Documents and Settings\Rodzice\Dane aplikacji 2015-07-16 17:52 - 2014-04-20 12:53 - 00000000 ____D C:\Documents and Settings\Kaziu 2015-07-16 17:49 - 2014-09-22 15:38 - 00000000 ____D C:\Documents and Settings\Kaziu\.gimp-2.6 2015-07-15 20:54 - 2014-04-20 14:41 - 00000000 ____D C:\Documents and Settings\Default User\Ustawienia lokalne\Temp 2015-07-15 19:52 - 2014-06-14 19:59 - 00074752 _____ C:\Documents and Settings\Kaziu\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-07-15 19:44 - 2001-07-22 02:17 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl 2015-07-14 17:46 - 2014-04-20 13:06 - 00001819 _____ C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk 2015-07-08 16:33 - 2015-05-19 19:06 - 00001631 _____ C:\Documents and Settings\Kaziu\Pulpit\Drakensang Online.lnk 2015-07-08 16:33 - 2015-05-19 19:06 - 00000000 ____D C:\Program Files\Drakensang Online 2015-06-22 09:26 - 2014-06-12 14:37 - 00778416 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2015-06-22 09:26 - 2014-06-12 14:37 - 00142512 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2015-06-22 09:25 - 2014-06-13 17:13 - 00000000 ____D C:\Documents and Settings\Kaziu\Ustawienia lokalne\Dane aplikacji\Adobe ==================== Files in the root of some directories ======= 2014-06-25 20:40 - 2014-06-28 12:48 - 0138056 _____ () C:\Documents and Settings\Kaziu\Dane aplikacji\PnkBstrK.sys 2014-06-14 19:59 - 2015-07-15 19:52 - 0074752 _____ () C:\Documents and Settings\Kaziu\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-09-07 20:52 - 2014-09-07 20:52 - 0009521 _____ () C:\Documents and Settings\Kaziu\Ustawienia lokalne\Dane aplikacji\recently-used.xbel ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End of log ============================