Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-08-2013 Ran by ddd (administrator) on 29-08-2013 11:25:28 Running from F:\ Microsoft Windows XP Professional Dodatek Service Pack 2 (X86) OS Language: Polish Internet Explorer Version 6 Boot Mode: Normal ==================== Processes (Whitelisted) =================== (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (Agere Systems) C:\WINDOWS\system32\agrsmsvc.exe (Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe (Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe () C:\Program Files\ATK Hotkey\HcontrolUser.exe (ATK0100) C:\Program Files\ATK Hotkey\Hcontrol.exe () C:\Program Files\ATK Hotkey\MsgTranAgt.exe (ASUSTeK Computer INC.) C:\Program Files\ASUS\ATK Media\DMEDIA.EXE () C:\Program Files\ATKOSD2\ATKOSD2.exe (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe () C:\Program Files\NetMeter\NetMeter.exe (GG Network S.A.) C:\Documents and Settings\ddd\Ustawienia lokalne\Dane aplikacji\GG\Application\gghub.exe (GG Network S.A.) C:\Documents and Settings\ddd\Ustawienia lokalne\Dane aplikacji\GG\Application\ggapp.exe () C:\Program Files\ATK Hotkey\ATKOSD.exe () C:\Program Files\ATK Hotkey\WDC.exe (Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe (Ghisler Software GmbH) C:\totalcmd\TOTALCMD.EXE ==================== Registry (Whitelisted) ================== HKLM\...\Run: [NvCplDaemon] - C:\WINDOWS\system32\NvCpl.dll [13590528 2008-11-04] (NVIDIA Corporation) HKLM\...\Run: [NvMediaCenter] - C:\WINDOWS\system32\NvMcTray.dll [86016 2008-10-25] (NVIDIA Corporation) HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1024000 2007-11-16] (Synaptics, Inc.) HKLM\...\Run: [HControlUser] - C:\Program Files\ATK Hotkey\HcontrolUser.exe [98304 2008-01-11] () HKLM\...\Run: [ATKHOTKEY] - C:\Program Files\ATK Hotkey\Hcontrol.exe [233472 2008-02-01] (ATK0100) HKLM\...\Run: [MsgTranAgt] - C:\Program Files\ATK Hotkey\MsgTranAgt.exe [106496 2007-11-04] () HKLM\...\Run: [ATKMEDIA] - C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [61440 2006-11-02] (ASUSTeK Computer INC.) HKLM\...\Run: [ATKOSD2] - C:\Program Files\ATKOSD2\ATKOSD2.exe [7766016 2008-01-23] () HKLM\...\Run: [RTHDCPL] - C:\Windows\RTHDCPL.EXE [18063872 2008-12-09] (Realtek Semiconductor Corp.) HKLM\...\Run: [Alcmtr] - C:\Windows\ALCMTR.EXE [57344 2008-06-19] (Realtek Semiconductor Corp.) HKLM\...\Run: [COMODO Internet Security] - C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [6756048 2012-11-08] (COMODO) HKLM\...\Run: [AdslTaskBar] - C:\Windows\System32\stmctrl.dll [167936 2008-04-23] (STMicroelectronics ) HKLM\...\Run: [KernelFaultCheck] - %systemroot%\system32\dumprep 0 -k [x] HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation) Winlogon\Notify\WgaLogon: WgaLogon.dll (Microsoft Corporation) HKCU\...\Run: [ALLUpdate] - "C:\Program Files\ALLPlayer\ALLUpdate.exe" "sleep" [x] HKCU\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [1694208 2004-10-13] (Microsoft Corporation) HKCU\...\Run: [C:\Program Files\NetMeter\NetMeter.exe] - C:\Program Files\NetMeter\NetMeter.exe [331264 2007-08-11] () HKCU\...\Run: [C:\DOCUME~1\ddd\USTAWI~1\Temp\Katalog tymczasowy 1 dla NetMeter.113_[www.programosy.pl].zip\NetMeter.exe] - C:\DOCUME~1\ddd\USTAWI~1\Temp\Katalog tymczasowy 1 dla NetMeter.113_[www.programosy.pl].zip\NetMeter.exe [917504 2007-09-08] () <===== ATTENTION HKCU\...\Run: [GG] - C:\Documents and Settings\ddd\Ustawienia lokalne\Dane aplikacji\GG\Application\gghub.exe [3365440 2013-06-20] (GG Network S.A.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKCU - Backup.Old.DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKCU -&Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\System32\browseui.dll (Microsoft Corporation) Toolbar: HKCU -&Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation) DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {9B479D7B-916A-45B0-B042-D42865A60E21} http://89.72.36.198:8903/DvrOcx.cab DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab Handler: ipp - No CLSID Value - Handler: msdaipp - No CLSID Value - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) Tcpip\..\Interfaces\{5F3A39C4-911B-41DC-8983-5F1520695BC9}: [NameServer]217.116.100.65,79.163.127.70 FireFox: ======== FF ProfilePath: C:\Documents and Settings\ddd\Dane aplikacji\Mozilla\Firefox\Profiles\bj17soe4.default FF Homepage: hxxp://www.onet.pl/ FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll () FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF SearchPlugin: C:\Documents and Settings\ddd\Dane aplikacji\Mozilla\Firefox\Profiles\bj17soe4.default\searchplugins\wyszukiwarka-onetpl.xml FF Extension: No Name - C:\Documents and Settings\ddd\Dane aplikacji\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ========================== Services (Whitelisted) ================= S2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] () R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [1990464 2012-11-08] (COMODO) S4 HidServ; %SystemRoot%\System32\hidserv.dll [x] R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf" [x] S2 WsysSvc; C:\Documents and Settings\All Users\Dane aplikacji\eSafe\eGdpSvc.exe [x] ==================== Drivers (Whitelisted) ==================== R3 AR5416; C:\Windows\System32\DRIVERS\athw.sys [1315776 2008-06-27] (Atheros Communications, Inc.) R2 ASMMAP; C:\Program Files\ATKGFNEX\ASMMAP.sys [13880 2007-07-24] () R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [18096 2012-11-08] (COMODO) R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [497952 2012-11-08] (COMODO) R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [32640 2012-11-08] (COMODO) S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [57536 2008-03-13] (FTDI Ltd.) R0 Inspect; C:\Windows\System32\DRIVERS\inspect.sys [99080 2012-11-08] (COMODO) R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2006-12-17] (ATK0100) S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2004-08-04] (Microsoft Corporation) R3 NVHDA; C:\Windows\System32\drivers\nvhda32.sys [38560 2008-04-24] (NVIDIA Corporation) R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1769984 2008-11-14] () S3 TaurusUsb; C:\Windows\System32\DRIVERS\torususb.sys [684672 2008-04-23] () S4 IntelIde; No ImagePath S4 sptd; System32\Drivers\sptd.sys [x] U3 kfncyfog; \??\C:\DOCUME~1\ddd\USTAWI~1\Temp\kfncyfog.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-08-29 10:45 - 2013-08-29 10:45 - 00000000 ____D C:\FRST 2013-08-29 10:16 - 2013-08-29 10:50 - 00000000 ____D C:\Program Files\DAEMON Tools Pro 2013-08-29 10:15 - 2013-08-29 10:15 - 00000000 ____D C:\Program Files\Mozilla Firefox 2013-08-29 10:14 - 2013-08-29 10:14 - 00000000 ____D C:\Documents and Settings\ddd\Menu Start\Programy\AidemMedia 2013-08-29 09:46 - 2002-09-23 14:00 - 00028288 ____C C:\WINDOWS\system32\dllcache\xjis.nls 2013-08-29 09:40 - 2002-09-23 14:00 - 00083748 ____C C:\WINDOWS\system32\dllcache\prcp.nls 2013-08-29 09:40 - 2002-09-23 14:00 - 00083748 ____C C:\WINDOWS\system32\dllcache\prc.nls 2013-08-29 09:37 - 2002-09-23 14:00 - 00047066 ____C C:\WINDOWS\system32\dllcache\ksc.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00195618 ____C C:\WINDOWS\system32\dllcache\c_10002.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00189986 ____C C:\WINDOWS\system32\dllcache\c_1361.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00187938 ____C C:\WINDOWS\system32\dllcache\c_20005.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00186402 ____C C:\WINDOWS\system32\dllcache\c_20001.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00185378 ____C C:\WINDOWS\system32\dllcache\c_20003.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00180770 ____C C:\WINDOWS\system32\dllcache\c_20932.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00180258 ____C C:\WINDOWS\system32\dllcache\c_20004.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00180258 ____C C:\WINDOWS\system32\dllcache\c_20000.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00177698 ____C C:\WINDOWS\system32\dllcache\c_20949.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00177698 ____C C:\WINDOWS\system32\dllcache\c_10003.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00173602 ____C C:\WINDOWS\system32\dllcache\c_20936.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00173602 ____C C:\WINDOWS\system32\dllcache\c_20002.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00173602 ____C C:\WINDOWS\system32\dllcache\c_10008.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00162850 ____C C:\WINDOWS\system32\dllcache\c_10001.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00082172 ____C C:\WINDOWS\system32\dllcache\bopomofo.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00066728 ____C C:\WINDOWS\system32\dllcache\big5.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00066594 ____C C:\WINDOWS\system32\dllcache\c_864.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00066594 ____C C:\WINDOWS\system32\dllcache\c_862.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00066594 ____C C:\WINDOWS\system32\dllcache\c_858.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00066594 ____C C:\WINDOWS\system32\dllcache\c_720.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_870.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_708.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_28596.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_21027.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_21025.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20924.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20880.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20871.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20838.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20833.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20424.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20423.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20420.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20297.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20290.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20285.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20284.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20280.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20278.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20277.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20273.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20269.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20108.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20107.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20106.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20105.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1149.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1148.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1147.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1146.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1145.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1144.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1143.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1142.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1141.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1140.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1047.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_10021.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_10005.nls 2013-08-29 09:31 - 2002-09-23 14:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_10004.nls 2013-08-29 09:20 - 2002-09-20 18:05 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\explorer.ex_ 2013-08-29 08:59 - 2013-08-29 10:17 - 00000000 ____D C:\WINDOWS\471D8B37C5B344579FA1B3C693334F4F.TMP 2013-08-29 08:58 - 2013-08-29 08:58 - 00000000 ___RD C:\Documents and Settings\ddd\Menu Start\Programy\Narzędzia administracyjne 2013-08-29 07:49 - 2013-08-29 08:12 - 00065536 _____ C:\WINDOWS\system32\config\Doctor Web.evt 2013-08-29 07:49 - 2013-08-29 08:10 - 00000000 ____D C:\Documents and Settings\ddd\Doctor Web 2013-08-01 16:18 - 2013-08-01 16:25 - 00000000 ____D C:\Documents and Settings\ddd\Dane aplikacji\wsInspector 2013-08-01 16:15 - 2013-08-01 16:15 - 00000000 ____D C:\Documents and Settings\ddd\Moje dokumenty\wsInspector 2013-08-01 16:13 - 2013-08-29 10:16 - 00000000 ____D C:\Program Files\Startup Inspector for Windows 2013-08-01 15:56 - 2013-08-01 15:56 - 00000000 ____D C:\Program Files\Enigma Software Group 2013-08-01 15:22 - 2013-08-29 08:59 - 00000000 ____D C:\Program Files\Common Files\Java 2013-08-01 15:22 - 2013-08-01 15:21 - 00263592 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe 2013-08-01 15:22 - 2013-08-01 15:21 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe 2013-08-01 15:22 - 2013-08-01 15:21 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe 2013-08-01 15:22 - 2013-08-01 15:21 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll ==================== One Month Modified Files and Folders ======= 2013-08-29 11:25 - 2009-07-27 17:12 - 01474832 _____ C:\WINDOWS\system32\Drivers\sfi.dat 2013-08-29 11:23 - 2008-12-22 23:20 - 00004060 _____ C:\WINDOWS\WINCMD.INI 2013-08-29 11:18 - 2013-07-14 18:40 - 00000000 ____D C:\Documents and Settings\ddd\Dane aplikacji\GG 2013-08-29 11:17 - 2008-12-19 01:02 - 00203214 _____ C:\WINDOWS\system32\nvapps.xml 2013-08-29 11:09 - 2012-05-26 15:59 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2013-08-29 10:57 - 2008-12-19 00:57 - 01142615 _____ C:\WINDOWS\WindowsUpdate.log 2013-08-29 10:55 - 2012-02-24 17:11 - 00001026 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2013-08-29 10:55 - 2008-12-19 00:40 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2013-08-29 10:55 - 2008-12-18 07:34 - 00000159 _____ C:\WINDOWS\wiadebug.log 2013-08-29 10:55 - 2008-12-18 07:34 - 00000050 _____ C:\WINDOWS\wiaservc.log 2013-08-29 10:55 - 2002-09-23 14:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl 2013-08-29 10:54 - 2008-12-19 00:42 - 00032468 _____ C:\WINDOWS\SchedLgU.Txt 2013-08-29 10:50 - 2013-08-29 10:16 - 00000000 ____D C:\Program Files\DAEMON Tools Pro 2013-08-29 10:50 - 2008-12-23 21:19 - 00741835 _____ C:\WINDOWS\setupapi.log 2013-08-29 10:50 - 2008-12-18 07:33 - 00000000 ____D C:\Documents and Settings\All Users\Pulpit 2013-08-29 10:45 - 2013-08-29 10:45 - 00000000 ____D C:\FRST 2013-08-29 10:30 - 2008-12-19 00:43 - 00000292 ___SH C:\Documents and Settings\ddd\ntuser.ini 2013-08-29 10:17 - 2013-08-29 08:59 - 00000000 ____D C:\WINDOWS\471D8B37C5B344579FA1B3C693334F4F.TMP 2013-08-29 10:17 - 2008-12-19 00:43 - 00000000 ____D C:\Documents and Settings\ddd 2013-08-29 10:17 - 2008-12-19 00:42 - 00000000 __SHD C:\Documents and Settings\NetworkService 2013-08-29 10:17 - 2008-12-19 00:42 - 00000000 __SHD C:\Documents and Settings\LocalService 2013-08-29 10:17 - 2008-12-19 00:37 - 00000000 ____D C:\WINDOWS\Registration 2013-08-29 10:16 - 2013-08-01 16:13 - 00000000 ____D C:\Program Files\Startup Inspector for Windows 2013-08-29 10:16 - 2008-12-19 00:43 - 00000000 ____D C:\Documents and Settings\ddd\Pulpit 2013-08-29 10:15 - 2013-08-29 10:15 - 00000000 ____D C:\Program Files\Mozilla Firefox 2013-08-29 10:14 - 2013-08-29 10:14 - 00000000 ____D C:\Documents and Settings\ddd\Menu Start\Programy\AidemMedia 2013-08-29 10:14 - 2010-07-01 18:18 - 00000000 ____D C:\Program Files\King Arthur - The Role-playing Wargame 2013-08-29 09:55 - 2012-02-24 17:11 - 00001030 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2013-08-29 08:59 - 2013-08-01 15:22 - 00000000 ____D C:\Program Files\Common Files\Java 2013-08-29 08:59 - 2012-03-08 19:31 - 00000000 ____D C:\Program Files\AidemMedia 2013-08-29 08:59 - 2008-12-19 00:43 - 00000000 __RHD C:\Documents and Settings\ddd\Dane aplikacji 2013-08-29 08:58 - 2013-08-29 08:58 - 00000000 ___RD C:\Documents and Settings\ddd\Menu Start\Programy\Narzędzia administracyjne 2013-08-29 08:58 - 2013-07-10 13:14 - 00000000 ____D C:\Fraps 2013-08-29 08:58 - 2011-04-09 15:44 - 00000000 ____D C:\Program Files\Java 2013-08-29 08:58 - 2008-12-19 00:43 - 00000000 ___RD C:\Documents and Settings\ddd\Menu Start\Programy 2013-08-29 08:58 - 2008-12-19 00:43 - 00000000 ___HD C:\DOCUME~1\ddd\USTAWI~1\Dane aplikacji 2013-08-29 08:56 - 2013-07-06 16:57 - 00000000 ____D C:\Documents and Settings\ddd\Dane aplikacji\.minecraft 2013-08-29 08:56 - 2010-02-21 19:23 - 00000000 ____D C:\Program Files\Valve 2013-08-29 08:56 - 2010-01-22 19:22 - 00000000 ____D C:\Program Files\Pity 2009 2013-08-29 08:55 - 2008-12-18 07:32 - 00000000 __RHD C:\Documents and Settings\All Users\Dane aplikacji 2013-08-29 08:12 - 2013-08-29 07:49 - 00065536 _____ C:\WINDOWS\system32\config\Doctor Web.evt 2013-08-29 08:10 - 2013-08-29 07:49 - 00000000 ____D C:\Documents and Settings\ddd\Doctor Web 2013-08-29 07:03 - 2002-09-23 14:00 - 00000231 _____ C:\WINDOWS\system.ini 2013-08-17 18:38 - 2011-04-30 18:20 - 00000664 _____ C:\WINDOWS\system32\d3d9caps.dat 2013-08-01 16:25 - 2013-08-01 16:18 - 00000000 ____D C:\Documents and Settings\ddd\Dane aplikacji\wsInspector 2013-08-01 16:15 - 2013-08-01 16:15 - 00000000 ____D C:\Documents and Settings\ddd\Moje dokumenty\wsInspector 2013-08-01 16:15 - 2008-12-19 00:43 - 00000000 ___RD C:\Documents and Settings\ddd\Moje dokumenty 2013-08-01 16:13 - 2010-04-04 13:38 - 00000000 ____D C:\Documents and Settings\ddd\Moje dokumenty\Pobieranie 2013-08-01 15:56 - 2013-08-01 15:56 - 00000000 ____D C:\Program Files\Enigma Software Group 2013-08-01 15:55 - 2010-07-01 18:36 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard 2013-08-01 15:21 - 2013-08-01 15:22 - 00263592 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe 2013-08-01 15:21 - 2013-08-01 15:22 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe 2013-08-01 15:21 - 2013-08-01 15:22 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe 2013-08-01 15:21 - 2013-08-01 15:22 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll 2013-08-01 15:21 - 2012-05-26 15:57 - 00867240 _____ (Oracle Corporation) C:\WINDOWS\system32\npDeployJava1.dll 2013-08-01 15:21 - 2011-04-09 15:45 - 00789416 _____ (Oracle Corporation) C:\WINDOWS\system32\deployJava1.dll 2013-08-01 15:21 - 2011-04-09 15:45 - 00144896 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl Files to move or delete: ==================== C:\DOCUME~1\ddd\USTAWI~1\Temp\Katalog tymczasowy 1 dla NetMeter.113_[www.programosy.pl].zip\NetMeter.exe C:\DOCUME~1\ddd\USTAWI~1\Temp\AskSLib.dll C:\DOCUME~1\ddd\USTAWI~1\Temp\FP_PL_PFS_INSTALLER_32bit.exe C:\DOCUME~1\ddd\USTAWI~1\Temp\gg10.upgr.exe C:\DOCUME~1\ddd\USTAWI~1\Temp\gg10_upgr_to_11999_from_11790.exe C:\DOCUME~1\ddd\USTAWI~1\Temp\gg10_upgr_to_12096_from_11790.exe C:\DOCUME~1\ddd\USTAWI~1\Temp\ggdrive-menu.exe C:\DOCUME~1\ddd\USTAWI~1\Temp\ggdrive-overlay.exe C:\DOCUME~1\ddd\USTAWI~1\Temp\i.exe C:\DOCUME~1\ddd\USTAWI~1\Temp\installstats.exe C:\DOCUME~1\ddd\USTAWI~1\Temp\jre-6u26-windows-i586-iftw-rv.exe C:\DOCUME~1\ddd\USTAWI~1\Temp\jre-6u30-windows-i586-iftw-rv.exe C:\DOCUME~1\ddd\USTAWI~1\Temp\jre-7u13-windows-i586-iftw.exe C:\DOCUME~1\ddd\USTAWI~1\Temp\jre-7u15-windows-i586-iftw.exe C:\DOCUME~1\ddd\USTAWI~1\Temp\jre-7u21-windows-i586-iftw.exe C:\DOCUME~1\ddd\USTAWI~1\Temp\jre-7u25-windows-i586-iftw.exe C:\DOCUME~1\ddd\USTAWI~1\Temp\Minecraft.exe C:\DOCUME~1\ddd\USTAWI~1\Temp\setup_wm.exe C:\DOCUME~1\ddd\USTAWI~1\Temp\SHSetup.exe C:\DOCUME~1\ddd\USTAWI~1\Temp\SkypeSetup.exe C:\DOCUME~1\ddd\USTAWI~1\Temp\SPTDinst-x64.exe C:\DOCUME~1\ddd\USTAWI~1\Temp\{16C175CB-4400-45F3-8C25-23E310EF0200}\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}\XP\InstallDriver.exe C:\DOCUME~1\ddd\USTAWI~1\Temp\{16C175CB-4400-45F3-8C25-23E310EF0200}\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}\XP\pnpreg.exe C:\DOCUME~1\ddd\USTAWI~1\Temp\{16C175CB-4400-45F3-8C25-23E310EF0200}\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}\XP\QRemover.exe C:\DOCUME~1\ddd\USTAWI~1\Temp\_ir_sf7_temp_0\irsetup.exe C:\DOCUME~1\ddd\USTAWI~1\Temp\Katalog tymczasowy 3 dla opengl.dll.zip\FixMyRegistry.exe C:\DOCUME~1\ddd\USTAWI~1\Temp\IXP003.TMP\VCREDI~3.EXE C:\DOCUME~1\ddd\USTAWI~1\Temp\IXP002.TMP\VCREDI~3.EXE C:\DOCUME~1\ddd\USTAWI~1\Temp\IXP001.TMP\VCREDI~3.EXE C:\DOCUME~1\ddd\USTAWI~1\Temp\IXP000.TMP\VCREDI~3.EXE C:\DOCUME~1\ddd\USTAWI~1\Temp\isp65.tmp\_Setup.dll C:\DOCUME~1\ddd\USTAWI~1\Temp\isp6.tmp\_Setup.dll C:\DOCUME~1\ddd\USTAWI~1\Temp\isp27.tmp\_Setup.dll C:\DOCUME~1\ddd\USTAWI~1\Temp\isp23.tmp\setup.dll C:\DOCUME~1\ddd\USTAWI~1\Temp\is357113909\JDownloaderSetup_IC.exe C:\DOCUME~1\ddd\USTAWI~1\Temp\is357113909\MyBabylonTB.exe C:\DOCUME~1\ddd\USTAWI~1\Temp\is1890775716\36718047_Setup.EXE C:\DOCUME~1\ddd\USTAWI~1\Temp\is1095167443\19197342_Setup.EXE C:\DOCUME~1\ddd\USTAWI~1\Temp\IPMx4\Lang\PackMan\PLK\packmanplk.dll C:\DOCUME~1\ddd\USTAWI~1\Temp\ipla_tmp\iplawgg.exe C:\DOCUME~1\ddd\USTAWI~1\Temp\e4j10.tmp_dir1373122656\i4jdel.exe C:\DOCUME~1\ddd\USTAWI~1\Temp\comodo\Firewall Pro\Data\TempFiles\fixbase.exe C:\DOCUME~1\ddd\USTAWI~1\Temp\bye22.tmp\Disk1\setup.exe C:\DOCUME~1\ddd\USTAWI~1\Temp\7zO1B.tmp\fraps303.exe C:\DOCUME~1\ddd\USTAWI~1\Temp\430EE90F-BAB0-7891-AE74-AC92403A5A7F\BExternal.dll C:\DOCUME~1\ddd\USTAWI~1\Temp\430EE90F-BAB0-7891-AE74-AC92403A5A7F\IECookieLow.dll C:\DOCUME~1\ddd\USTAWI~1\Temp\430EE90F-BAB0-7891-AE74-AC92403A5A7F\Setup.exe C:\DOCUME~1\ddd\USTAWI~1\Temp\430EE90F-BAB0-7891-AE74-AC92403A5A7F\sqlite3.dll C:\DOCUME~1\ddd\USTAWI~1\Temp\430EE90F-BAB0-7891-AE74-AC92403A5A7F\Latest\BExternal.dll C:\DOCUME~1\ddd\USTAWI~1\Temp\430EE90F-BAB0-7891-AE74-AC92403A5A7F\Latest\IECookieLow.dll C:\DOCUME~1\ddd\USTAWI~1\Temp\430EE90F-BAB0-7891-AE74-AC92403A5A7F\Latest\Setup.exe C:\DOCUME~1\ddd\USTAWI~1\Temp\430EE90F-BAB0-7891-AE74-AC92403A5A7F\Latest\sqlite3.dll C:\DOCUME~1\ddd\USTAWI~1\Temp\._msige61\GoogleEarth.exe C:\DOCUME~1\ddd\USTAWI~1\Temp\._msige61\program files\Google\Google Earth\plugin\earthps.dll C:\DOCUME~1\ddd\USTAWI~1\Temp\._msige61\program files\Google\Google Earth\plugin\geplugin.exe C:\DOCUME~1\ddd\USTAWI~1\Temp\._msige61\program files\Google\Google Earth\plugin\ge_expat.dll C:\DOCUME~1\ddd\USTAWI~1\Temp\._msige61\program files\Google\Google Earth\plugin\googleearth_free.dll C:\DOCUME~1\ddd\USTAWI~1\Temp\._msige61\program files\Google\Google Earth\plugin\msvcp100.dll C:\DOCUME~1\ddd\USTAWI~1\Temp\._msige61\program files\Google\Google Earth\plugin\msvcr100.dll C:\DOCUME~1\ddd\USTAWI~1\Temp\._msige61\program files\Google\Google Earth\plugin\npgeplugin.dll C:\DOCUME~1\ddd\USTAWI~1\Temp\._msige61\program files\Google\Google Earth\plugin\plugin_ax.dll C:\DOCUME~1\ddd\USTAWI~1\Temp\._msige61\program files\Google\Google Earth\client\earthflashsol.exe C:\DOCUME~1\ddd\USTAWI~1\Temp\._msige61\program files\Google\Google Earth\client\earthps.dll C:\DOCUME~1\ddd\USTAWI~1\Temp\._msige61\program files\Google\Google Earth\client\ge_expat.dll C:\DOCUME~1\ddd\USTAWI~1\Temp\._msige61\program files\Google\Google Earth\client\googleearth.exe C:\DOCUME~1\ddd\USTAWI~1\Temp\._msige61\program files\Google\Google Earth\client\googleearth_free.dll C:\DOCUME~1\ddd\USTAWI~1\Temp\._msige61\program files\Google\Google Earth\client\gpsbabel.exe C:\DOCUME~1\ddd\USTAWI~1\Temp\._msige61\program files\Google\Google Earth\client\msvcp100.dll C:\DOCUME~1\ddd\USTAWI~1\Temp\._msige61\program files\Google\Google Earth\client\msvcr100.dll C:\DOCUME~1\ddd\USTAWI~1\Temp\._msige61\program files\Google\Google Earth\client\Plugins\npgeinprocessplugin.dll ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe [2002-09-23 14:00] - [2007-06-13 15:23] - 1034752 ____A (Microsoft Corporation) 029a562e81bbee088c61d418bf408f44 C:\Windows\System32\winlogon.exe [2002-09-23 14:00] - [2004-08-04 01:44] - 0504832 ____A (Microsoft Corporation) 0344407089b08548d4feba62bb0f32d0 C:\Windows\System32\svchost.exe [2002-09-23 14:00] - [2004-08-04 01:44] - 0014336 ____A (Microsoft Corporation) ba98327e90022dbd6ee76490e0622e2e C:\Windows\System32\services.exe [2002-09-23 14:00] - [2009-02-09 12:10] - 0111104 ____A (Microsoft Corporation) ed4e5391100287b9eabf8f2cf4b42235 C:\Windows\System32\User32.dll [2002-09-23 14:00] - [2007-03-08 17:38] - 0579072 ____A (Microsoft Corporation) a37a4637f84f8dd771274eaf8d17fa65 C:\Windows\System32\userinit.exe [2002-09-23 14:00] - [2004-08-04 01:44] - 0025088 ____A (Microsoft Corporation) bd768099b4c44aa631728cb74eb54396 C:\Windows\System32\Drivers\volsnap.sys [2002-09-23 14:00] - [2004-08-04 01:36] - 0052864 ____A (Microsoft Corporation) ecd173739b8ec10a814cc18653df5a36 ==================== End Of Log ============================