Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 30-08-2013 01 Ran by Tatuś (administrator) on TATUŚ-KOMPUTER on 31-08-2013 09:44:11 Running from C:\Users\Tatuś\Desktop Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: Polish Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) =================== (AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG10\avgchsvx.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (LSoft Technologies Inc) C:\Program Files\LSoft Technologies Inc\Active@ Hard Disk Monitor\DiskMonitorService.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgwdsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe () C:\Windows\system32\PnkBstrA.exe (Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\loggingserver.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgam.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgnsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgemcx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgcsrvx.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgtray.exe () C:\Program Files\AVG Secure Search\vprot.exe () C:\Windows\FixCamera.exe () C:\Windows\tsnp325.exe () C:\Windows\vsnp325.exe (Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe () C:\Program Files\RocketDock\RocketDock.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (BitTorrent Inc.) C:\Program Files\uTorrent\uTorrent.exe (DT Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTLite.exe () C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe (Sony) C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe (Refactoria Paweł Urbanek) C:\Program Files\Draco Software\Draco Organizer 3\Organizer.exe (Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe (Somoto) C:\Program Files\FilesFrog Update Checker\update_checker.exe () C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe (GG Network S.A.) C:\Users\Tatuś\AppData\Local\GG\Application\gghub.exe (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (GG Network S.A.) C:\Users\Tatuś\AppData\Local\GG\Application\ggapp.exe (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe (Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe (GG Network S.A.) C:\Users\Tatuś\AppData\Local\GG\Application\ggdrive\ggdrive.exe (AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgcsrvx.exe (OldTimer Tools) C:\Users\Tatuś\Desktop\OTL.exe (Opera Software) C:\Program Files\Opera\opera.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10062440 2011-05-09] (Realtek Semiconductor) HKLM\...\Run: [AVG_TRAY] - C:\Program Files\AVG\AVG10\avgtray.exe [2345592 2012-08-01] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [vProt] - C:\Program Files\AVG Secure Search\vprot.exe [2314416 2013-08-15] () HKLM\...\Run: [FixCamera] - C:\Windows\FixCamera.exe [20480 2007-02-12] () HKLM\...\Run: [tsnp325] - C:\Windows\tsnp325.exe [270336 2006-10-10] () HKLM\...\Run: [snp325] - C:\Windows\vsnp325.exe [827392 2006-10-10] () HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM\...\Run: [hpqSRMon] - C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard) HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard) HKLM\...\Run: [Nvtmru] - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1012000 2013-05-16] (NVIDIA Corporation) HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation) HKCU\...\Run: [RocketDock] - C:\Program Files\RocketDock\RocketDock.exe [495616 2007-09-02] () HKCU\...\Run: [uTorrent] - C:\Program Files\uTorrent\uTorrent.exe [802136 2013-05-11] (BitTorrent Inc.) HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [357696 2010-04-01] (DT Soft Ltd) HKCU\...\Run: [Sony PC Companion] - C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [449248 2013-05-29] (Sony) HKCU\...\Run: [DRACO ORGANIZER] - C:\Program Files\Draco Software\Draco Organizer 3\Organizer.exe [11222528 2011-01-19] (Refactoria Paweł Urbanek) HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [18678376 2013-04-19] (Skype Technologies S.A.) HKCU\...\Run: [SDP] - C:\Program Files\FilesFrog Update Checker\update_checker.exe [201808 2013-01-31] (Somoto) HKCU\...\Run: [GG] - C:\Users\Tatuś\AppData\Local\GG\Application\gghub.exe [3365440 2013-06-20] (GG Network S.A.) HKCU\...\Policies\system: [LogonHoursAction] 2 HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 MountPoints2: {26cc5eb1-eaa0-11e1-953c-001a4d4f744d} - N:\Startme.exe MountPoints2: {65c3655a-e603-11e1-94e9-001a4d4f744d} - L:\BlacklistAutoRun.exe MountPoints2: {65c3655c-e603-11e1-94e9-001a4d4f744d} - M:\Setup.exe HKU\UpdatusUser\...\Run: [ROC_JAN2013_TB] - C:\Program Files\AVG Secure Search\ROC_JAN2013_TB.exe [ 2013-01-23] () HKU\UpdatusUser\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] - C:\Program Files\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe [ 2013-06-03] (AVG Secure Search) HKU\UpdatusUser\...\RunOnce: [spchecker] - C:\Program Files\AVG\AVG10\Notification\SPCheckerTE.exe [ 2012-08-11] () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /syncC:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=44444&tt=5112_8&babsrc=HP_ss&mntrId=20ac5fe4000000000000001a4d4f744d URLSearchHook: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.) SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/?q={searchTerms}&affID=44444&tt=5112_8&babsrc=SP_ss&mntrId=20ac5fe4000000000000001a4d4f744d SearchScopes: HKCU - {1A5F3C3D-AADD-461B-B610-B70EC372A8D4} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3072253 SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={B5652C0A-8964-4443-9C07-CF7A03989A47}&mid=7f62107ed46147d080d6d1530bab9dbe-4969d719da5ad74dc2fd5281d9d4142d3507ff38&lang=pl&ds=AVG&pr=pa&d=2012-08-09 22:51:48&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms} BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) BHO: BroaWSe2save - {13708CA9-BA14-A998-61A4-88454033501F} - C:\ProgramData\BroaWSe2save\516fca21bd5be.dll No File BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.) BHO: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\15.5.0.2\AVG Secure Search_toolbar.dll (AVG Secure Search) BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: Yontoo - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll (Yontoo LLC) BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File Toolbar: HKLM - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\15.5.0.2\AVG Secure Search_toolbar.dll (AVG Secure Search) Toolbar: HKLM - uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.) Toolbar: HKCU -No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File Toolbar: HKCU -No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File Toolbar: HKCU -No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File Toolbar: HKCU -uTorrentControl2 Toolbar - {687578B9-7132-4A7A-80E4-30EE31099E03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.) DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.) Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\15.5.0\ViProtocol.dll (AVG Secure Search) Tcpip\Parameters: [DhcpNameServer] 85.11.66.45 85.11.67.250 0.0.0.0 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll () FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\15.5.0\\npsitesafety.dll (AVG Technologies) FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll () FF HKLM\...\Firefox\Extensions: [avg@toolbar] C:\ProgramData\AVG Secure Search\FireFoxExt\15.5.0.2 FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\15.5.0.2 FF HKLM\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] C:\Program Files\AVG\AVG10\Firefox4\ FF Extension: AVG Safe Search - C:\Program Files\AVG\AVG10\Firefox4\ FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 Chrome: ======= CHR Extension: (BroaWSe2save) - C:\Users\TATU~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnecanjjgmnlkkaijklgbndiffbdjdfe\1 CHR HKLM\...\Chrome\Extension: [jbpkiefagocgkmemidfngdkamloieekf] - C:\Program Files\TornTV.com\torn11.crx CHR HKLM\...\Chrome\Extension: [jmfkcklnlgedgbglfkkgedjfmejoahla] - C:\Program Files\AVG\AVG10\Chrome\safesearch.crx CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\15.5.0.2\avg.crx CHR HKLM\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\Tatuś\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx ========================== Services (Whitelisted) ================= R2 Active@ Disk Monitor; C:\Program Files\LSoft Technologies Inc\Active@ Hard Disk Monitor\DiskMonitorService.exe [1727200 2012-10-12] (LSoft Technologies Inc) S3 AVG Security Toolbar Service; C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe [167264 2011-11-10] () R2 AVGIDSAgent; C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [7391072 2012-01-31] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files\AVG\AVG10\avgwdsvc.exe [269520 2011-02-08] (AVG Technologies CZ, s.r.o.) R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2012-12-27] () R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.) S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) R2 vToolbarUpdater15.5.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe [1643184 2013-08-15] (AVG Secure Search) ==================== Drivers (Whitelisted) ==================== R3 AVGIDSDriver; C:\Windows\System32\DRIVERS\AVGIDSDriver.Sys [134480 2011-05-27] (AVG Technologies CZ, s.r.o. ) R0 AVGIDSEH; C:\Windows\System32\DRIVERS\AVGIDSEH.Sys [22992 2011-02-22] (AVG Technologies CZ, s.r.o. ) R3 AVGIDSFilter; C:\Windows\System32\DRIVERS\AVGIDSFilter.Sys [24144 2011-02-10] (AVG Technologies CZ, s.r.o. ) R3 AVGIDSShim; C:\Windows\System32\DRIVERS\AVGIDSShim.Sys [21968 2011-02-10] (AVG Technologies CZ, s.r.o. ) R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [255968 2012-11-12] (AVG Technologies CZ, s.r.o.) R1 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [34896 2011-03-01] (AVG Technologies CZ, s.r.o.) R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [32592 2011-03-16] (AVG Technologies CZ, s.r.o.) R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [297168 2011-04-05] (AVG Technologies CZ, s.r.o.) R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [37664 2013-08-15] (AVG Technologies) R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation) R2 RtNdPt60; C:\Windows\System32\DRIVERS\RtNdPt60.sys [27648 2009-07-20] (Realtek ) S3 RTTEAMPT; C:\Windows\System32\DRIVERS\RtTeam60.sys [43520 2009-12-21] (Realtek Corporation) S3 RTVLANPT; C:\Windows\System32\DRIVERS\RtVlan60.sys [19968 2007-12-03] (Windows (R) Codename Longhorn DDK provider) S3 SNP325; C:\Windows\System32\DRIVERS\snp325.sys [10260864 2007-03-07] (Sonix Co. Ltd.) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2012-08-14] () S3 TEAM; C:\Windows\System32\DRIVERS\RtTeam60.sys [43520 2009-12-21] (Realtek Corporation) S3 VLAN; C:\Windows\System32\DRIVERS\RtVLAN60.sys [19968 2007-12-03] (Windows (R) Codename Longhorn DDK provider) U3 aapb0ur3; C:\Windows\System32\Drivers\aapb0ur3.sys [0 ] (Microsoft Corporation) S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x] S3 tsusbhub; system32\drivers\tsusbhub.sys [x] S3 VGPU; System32\drivers\rdvgkmd.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-08-31 09:37 - 2013-08-31 09:37 - 00073554 _____ C:\Users\Tatuś\Desktop\OTL.Txt 2013-08-31 09:36 - 2013-08-31 09:36 - 00000000 ____D C:\FRST 2013-08-31 09:35 - 2013-08-31 09:35 - 01082213 _____ (Farbar) C:\Users\Tatuś\Desktop\FRST.exe 2013-08-31 07:07 - 2013-08-31 07:07 - 00602112 _____ (OldTimer Tools) C:\Users\Tatuś\Desktop\OTL.exe 2013-08-31 06:56 - 2013-08-31 06:56 - 00000000 ____D C:\ProgramData\BROWSE~1 2013-08-31 06:49 - 2013-08-31 06:49 - 00669928 _____ C:\Users\Tatuś\Desktop\DownloadManagerSetup.exe 2013-08-23 20:50 - 2013-08-23 20:50 - 00000000 ____D C:\Users\Tatuś\Documents\Ubisoft 2013-08-15 01:31 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-08-15 01:31 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-08-15 01:31 - 2013-07-26 05:13 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-08-15 01:31 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-08-15 01:31 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-08-15 01:31 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-08-15 01:31 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-08-15 01:31 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-08-15 01:31 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-08-15 01:31 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-08-15 01:31 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-08-15 01:31 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-08-15 01:31 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-08-15 01:31 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-08-15 01:31 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-08-15 01:31 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-08-15 00:57 - 2013-08-15 00:57 - 00000000 ____D C:\Users\Tatuś\Nowy folder 2013-08-14 16:08 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2013-08-14 16:08 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2013-08-14 16:08 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2013-08-14 16:08 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2013-08-14 16:08 - 2013-07-09 06:53 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2013-08-14 16:08 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2013-08-14 16:08 - 2013-07-09 06:50 - 00652800 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2013-08-14 16:08 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2013-08-14 16:08 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2013-08-14 16:08 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2013-08-14 16:08 - 2013-07-06 07:05 - 01293760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2013-08-14 16:07 - 2013-06-15 05:38 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2013-08-14 16:01 - 2013-08-31 06:56 - 00000000 ____D C:\Users\Tatuś\Desktop\JUST CAUSE 2 - ALL - V1.0.0.1 + 23 TRAINER CES-LINGON 2013-08-13 12:03 - 2013-08-13 12:03 - 00000032 _____ C:\Users\Tatuś\Desktop\jacek.txt 2013-08-05 22:22 - 2013-08-15 01:37 - 00000000 ____D C:\Windows\system32\MRT ==================== One Month Modified Files and Folders ======= 2013-08-31 09:39 - 2012-08-13 19:21 - 00000000 ____D C:\Users\Tatuś\AppData\Roaming\uTorrent 2013-08-31 09:38 - 2013-08-31 09:38 - 00071988 _____ C:\Users\Tatuś\Desktop\Extras.Txt 2013-08-31 09:37 - 2013-08-31 09:37 - 00073554 _____ C:\Users\Tatuś\Desktop\OTL.Txt 2013-08-31 09:36 - 2013-08-31 09:36 - 00000000 ____D C:\FRST 2013-08-31 09:35 - 2013-08-31 09:35 - 01082213 _____ (Farbar) C:\Users\Tatuś\Desktop\FRST.exe 2013-08-31 09:19 - 2012-08-09 22:58 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-08-31 09:05 - 2012-08-09 21:34 - 02024362 _____ C:\Windows\WindowsUpdate.log 2013-08-31 07:17 - 2012-08-20 14:35 - 00000000 ____D C:\Users\Tatuś\AppData\Roaming\Draco Organizer 2013-08-31 07:07 - 2013-08-31 07:07 - 00602112 _____ (OldTimer Tools) C:\Users\Tatuś\Desktop\OTL.exe 2013-08-31 07:03 - 2009-07-14 06:34 - 00017360 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-08-31 07:03 - 2009-07-14 06:34 - 00017360 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-08-31 06:57 - 2013-07-14 21:34 - 00000000 ____D C:\Users\Tatuś\AppData\Roaming\GG 2013-08-31 06:57 - 2013-04-07 09:09 - 00000000 ____D C:\Users\Tatuś\Documents\Tożsamość1 2013-08-31 06:56 - 2013-08-31 06:56 - 00000000 ____D C:\ProgramData\BROWSE~1 2013-08-31 06:56 - 2013-08-14 16:01 - 00000000 ____D C:\Users\Tatuś\Desktop\JUST CAUSE 2 - ALL - V1.0.0.1 + 23 TRAINER CES-LINGON 2013-08-31 06:56 - 2013-06-03 21:40 - 00000350 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job 2013-08-31 06:56 - 2013-01-23 14:34 - 00000342 _____ C:\Windows\Tasks\ROC_JAN2013_TB_rmv.job 2013-08-31 06:56 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-08-31 06:56 - 2009-07-14 06:39 - 00044704 _____ C:\Windows\setupact.log 2013-08-31 06:55 - 2012-08-09 21:54 - 00000000 ____D C:\ProgramData\NVIDIA 2013-08-31 06:49 - 2013-08-31 06:49 - 00669928 _____ C:\Users\Tatuś\Desktop\DownloadManagerSetup.exe 2013-08-31 06:45 - 2012-08-09 22:45 - 00000000 ____D C:\Windows\system32\Drivers\AVG 2013-08-30 21:18 - 2012-09-23 20:32 - 00000000 ____D C:\Users\Tatuś\AppData\Roaming\Skype 2013-08-24 10:17 - 2013-04-18 12:25 - 00000000 ____D C:\Program Files\BrowseToSave 2013-08-23 20:50 - 2013-08-23 20:50 - 00000000 ____D C:\Users\Tatuś\Documents\Ubisoft 2013-08-23 20:50 - 2012-11-30 22:16 - 00000000 ____D C:\ProgramData\Orbit 2013-08-23 20:07 - 2012-08-09 21:49 - 00000000 ___HD C:\Program Files\InstallShield Installation Information 2013-08-23 10:47 - 2012-08-09 21:45 - 01662556 _____ C:\Windows\system32\PerfStringBackup.INI 2013-08-23 10:47 - 2009-07-14 10:07 - 00737730 _____ C:\Windows\system32\perfh015.dat 2013-08-23 10:47 - 2009-07-14 10:07 - 00154418 _____ C:\Windows\system32\perfc015.dat 2013-08-21 21:19 - 2012-08-09 22:58 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2013-08-21 21:19 - 2012-08-09 22:58 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2013-08-17 20:47 - 2013-03-11 11:00 - 00010703 _____ C:\Users\Tatuś\Documents\TombRaider.log 2013-08-16 12:21 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache 2013-08-16 10:53 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET 2013-08-15 21:12 - 2012-08-09 22:52 - 00000000 ____D C:\Program Files\AVG Secure Search 2013-08-15 21:11 - 2012-08-30 17:45 - 00037664 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx86.sys 2013-08-15 10:41 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\pl-PL 2013-08-15 01:37 - 2013-08-05 22:22 - 00000000 ____D C:\Windows\system32\MRT 2013-08-15 01:34 - 2012-08-11 23:06 - 75778376 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-08-15 00:57 - 2013-08-15 00:57 - 00000000 ____D C:\Users\Tatuś\Nowy folder 2013-08-15 00:57 - 2012-08-09 21:39 - 00000000 ____D C:\Users\Tatuś 2013-08-13 12:03 - 2013-08-13 12:03 - 00000032 _____ C:\Users\Tatuś\Desktop\jacek.txt 2013-08-02 18:53 - 2012-11-04 12:24 - 00000000 ____D C:\Users\Tatuś\Desktop\muzyka adam 2013-08-01 15:26 - 2013-07-14 21:34 - 00000000 ____D C:\Users\TATU~1\AppData\Local\GG Files to move or delete: ==================== C:\Users\TATU~1\AppData\Local\Temp\CH.dll C:\Users\TATU~1\AppData\Local\Temp\converter.exe C:\Users\TATU~1\AppData\Local\Temp\DeltaTB.exe C:\Users\TATU~1\AppData\Local\Temp\DracoOrganizer312.exe C:\Users\TATU~1\AppData\Local\Temp\gg10.upgr.exe C:\Users\TATU~1\AppData\Local\Temp\ggdrive-menu.exe C:\Users\TATU~1\AppData\Local\Temp\ggdrive-overlay.exe C:\Users\TATU~1\AppData\Local\Temp\htmlayout.dll C:\Users\TATU~1\AppData\Local\Temp\iMesh_setup.exe C:\Users\TATU~1\AppData\Local\Temp\installstats.exe C:\Users\TATU~1\AppData\Local\Temp\IZArcSetup.exe C:\Users\TATU~1\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe C:\Users\TATU~1\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe C:\Users\TATU~1\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe C:\Users\TATU~1\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe C:\Users\TATU~1\AppData\Local\Temp\KMP_3.2.0.0.exe C:\Users\TATU~1\AppData\Local\Temp\KMP_3.5.0.77.exe C:\Users\TATU~1\AppData\Local\Temp\MassEffect2-1.02.exe C:\Users\TATU~1\AppData\Local\Temp\MSIM7255965.exe C:\Users\TATU~1\AppData\Local\Temp\MyBabylonTB_google_20120807.exe C:\Users\TATU~1\AppData\Local\Temp\nvSCPAPI.dll C:\Users\TATU~1\AppData\Local\Temp\nvSCPAPISvr.exe C:\Users\TATU~1\AppData\Local\Temp\nvStInst.exe C:\Users\TATU~1\AppData\Local\Temp\OptimizerPro.exe C:\Users\TATU~1\AppData\Local\Temp\PCPerformerSetup.exe C:\Users\TATU~1\AppData\Local\Temp\pity2011ngsetup_aktual.exe C:\Users\TATU~1\AppData\Local\Temp\pity2012ngsetup_aktual.exe C:\Users\TATU~1\AppData\Local\Temp\run.exe C:\Users\TATU~1\AppData\Local\Temp\setup.exe C:\Users\TATU~1\AppData\Local\Temp\SIntf16.dll C:\Users\TATU~1\AppData\Local\Temp\SIntf32.dll C:\Users\TATU~1\AppData\Local\Temp\SIntfNT.dll C:\Users\TATU~1\AppData\Local\Temp\SkypeSetup.exe C:\Users\TATU~1\AppData\Local\Temp\tbedrs.dll C:\Users\TATU~1\AppData\Local\Temp\TB_3053.exe C:\Users\TATU~1\AppData\Local\Temp\uninst1.exe C:\Users\TATU~1\AppData\Local\Temp\uninstall50717547.exe C:\Users\TATU~1\AppData\Local\Temp\UpdateCheckerSetup.exe C:\Users\TATU~1\AppData\Local\Temp\uttD207.tmp.exe C:\Users\TATU~1\AppData\Local\Temp\vlc-2.0.2-win32.exe C:\Users\TATU~1\AppData\Local\Temp\YontooSetup-S.exe C:\Users\TATU~1\AppData\Local\Temp\{C5C7A588-08F5-4802-A99F-F94ABE84A7CE}\setup.exe C:\Users\TATU~1\AppData\Local\Temp\VCB\NewUI.dll C:\Users\TATU~1\AppData\Local\Temp\VCB\Setup.exe C:\Users\TATU~1\AppData\Local\Temp\VCB\Languages\ZHH\VCBResources.dll C:\Users\TATU~1\AppData\Local\Temp\VCB\Languages\TRK\VCBResources.dll C:\Users\TATU~1\AppData\Local\Temp\VCB\Languages\THA\VCBResources.dll C:\Users\TATU~1\AppData\Local\Temp\VCB\Languages\SVE\VCBResources.dll C:\Users\TATU~1\AppData\Local\Temp\VCB\Languages\RUS\VCBResources.dll C:\Users\TATU~1\AppData\Local\Temp\VCB\Languages\PTG\VCBResources.dll C:\Users\TATU~1\AppData\Local\Temp\VCB\Languages\PLK\VCBResources.dll C:\Users\TATU~1\AppData\Local\Temp\VCB\Languages\NOR\VCBResources.dll C:\Users\TATU~1\AppData\Local\Temp\VCB\Languages\NLD\VCBResources.dll C:\Users\TATU~1\AppData\Local\Temp\VCB\Languages\KOR\VCBResources.dll C:\Users\TATU~1\AppData\Local\Temp\VCB\Languages\JPN\VCBResources.dll C:\Users\TATU~1\AppData\Local\Temp\VCB\Languages\ITA\VCBResources.dll C:\Users\TATU~1\AppData\Local\Temp\VCB\Languages\HUN\VCBResources.dll C:\Users\TATU~1\AppData\Local\Temp\VCB\Languages\HEB\VCBResources.dll C:\Users\TATU~1\AppData\Local\Temp\VCB\Languages\FRC\VCBResources.dll C:\Users\TATU~1\AppData\Local\Temp\VCB\Languages\FRA\VCBResources.dll C:\Users\TATU~1\AppData\Local\Temp\VCB\Languages\FIN\VCBResources.dll C:\Users\TATU~1\AppData\Local\Temp\VCB\Languages\ESP\VCBResources.dll C:\Users\TATU~1\AppData\Local\Temp\VCB\Languages\ESM\VCBResources.dll C:\Users\TATU~1\AppData\Local\Temp\VCB\Languages\ENU\VCBResources.dll C:\Users\TATU~1\AppData\Local\Temp\VCB\Languages\ENG\VCBResources.dll C:\Users\TATU~1\AppData\Local\Temp\VCB\Languages\ELL\VCBResources.dll C:\Users\TATU~1\AppData\Local\Temp\VCB\Languages\DEU\VCBResources.dll C:\Users\TATU~1\AppData\Local\Temp\VCB\Languages\DAN\VCBResources.dll C:\Users\TATU~1\AppData\Local\Temp\VCB\Languages\CSY\VCBResources.dll C:\Users\TATU~1\AppData\Local\Temp\VCB\Languages\CHT\VCBResources.dll C:\Users\TATU~1\AppData\Local\Temp\VCB\Languages\CHS\VCBResources.dll C:\Users\TATU~1\AppData\Local\Temp\VCB\Languages\ARB\VCBResources.dll C:\Users\TATU~1\AppData\Local\Temp\VCB\Graphics\NewUI.dll C:\Users\TATU~1\AppData\Local\Temp\Sony\Sony PC Companion\AutoUpdate\Sony PC Companion_2.10.108_NetStorage.exe C:\Users\TATU~1\AppData\Local\Temp\Sony\Sony PC Companion\AutoUpdate\Sony PC Companion_2.10.115_NetStorage.exe C:\Users\TATU~1\AppData\Local\Temp\Sony\Sony PC Companion\AutoUpdate\Sony PC Companion_2.10.136_NetStorage.exe C:\Users\TATU~1\AppData\Local\Temp\Sony\Sony PC Companion\AutoUpdate\Sony PC Companion_2.10.155_NetStorage.exe C:\Users\TATU~1\AppData\Local\Temp\Sony\Sony PC Companion\AutoUpdate\Sony PC Companion_2.10.165_NetStorage.exe C:\Users\TATU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\dotNetFx40LP_Full_x86pl.exe C:\Users\TATU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\Setup.exe C:\Users\TATU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\SetupEngine.dll C:\Users\TATU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\SetupUi.dll C:\Users\TATU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\SetupUtility.exe C:\Users\TATU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\sqmapi.dll C:\Users\TATU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\3082\SetupResources.dll C:\Users\TATU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\3076\SetupResources.dll C:\Users\TATU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\2070\SetupResources.dll C:\Users\TATU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\2052\SetupResources.dll C:\Users\TATU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1055\SetupResources.dll C:\Users\TATU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1053\SetupResources.dll C:\Users\TATU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1049\SetupResources.dll C:\Users\TATU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1046\SetupResources.dll C:\Users\TATU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1045\SetupResources.dll C:\Users\TATU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1044\SetupResources.dll C:\Users\TATU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1043\SetupResources.dll C:\Users\TATU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1042\SetupResources.dll C:\Users\TATU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1041\SetupResources.dll C:\Users\TATU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1040\SetupResources.dll C:\Users\TATU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1038\SetupResources.dll C:\Users\TATU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1037\SetupResources.dll C:\Users\TATU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1036\SetupResources.dll C:\Users\TATU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1035\SetupResources.dll C:\Users\TATU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1033\SetupResources.dll C:\Users\TATU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1032\SetupResources.dll C:\Users\TATU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1031\SetupResources.dll C:\Users\TATU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1030\SetupResources.dll C:\Users\TATU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1029\SetupResources.dll C:\Users\TATU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1028\SetupResources.dll C:\Users\TATU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1025\SetupResources.dll C:\Users\TATU~1\AppData\Local\Temp\is1890775716\16027574_Setup.EXE C:\Users\TATU~1\AppData\Local\Temp\is1890775716\16572289_Setup.EXE C:\Users\TATU~1\AppData\Local\Temp\is1890775716\31125427_Setup.EXE C:\Users\TATU~1\AppData\Local\Temp\is1890775716\DeltaTB.exe C:\Users\TATU~1\AppData\Local\Temp\is1095167443\MyBabylonTB.exe C:\Users\TATU~1\AppData\Local\Temp\is-2JQOQ.tmp\BASS.dll C:\Users\TATU~1\AppData\Local\Temp\is-2JQOQ.tmp\isgsg.dll C:\Users\TATU~1\AppData\Local\Temp\is-2JQOQ.tmp\isskin.dll C:\Users\TATU~1\AppData\Local\Temp\is-2JQOQ.tmp\SkinH_EL.dll C:\Users\TATU~1\AppData\Local\Temp\is-2JQOQ.tmp\_isetup\_shfoldr.dll C:\Users\TATU~1\AppData\Local\Temp\gunF562\GU_test.exe C:\Users\TATU~1\AppData\Local\Temp\gunF0E0\GU_test.exe C:\Users\TATU~1\AppData\Local\Temp\gunEDA5\GU_test.exe C:\Users\TATU~1\AppData\Local\Temp\gunE961\GU_test.exe C:\Users\TATU~1\AppData\Local\Temp\gunE636\GU_test.exe C:\Users\TATU~1\AppData\Local\Temp\gunE1D3\GU_test.exe C:\Users\TATU~1\AppData\Local\Temp\gunDEC6\GU_test.exe C:\Users\TATU~1\AppData\Local\Temp\gunDA34\GU_test.exe C:\Users\TATU~1\AppData\Local\Temp\gunD304\GU_test.exe C:\Users\TATU~1\AppData\Local\Temp\gun92BA\GU_test.exe C:\Users\TATU~1\AppData\Local\Temp\ct3176921\ism.exe C:\Users\TATU~1\AppData\Local\Temp\CCIS\ccsqlh.exe C:\Users\TATU~1\AppData\Local\Temp\CCIS\sqlite3.dll C:\Users\TATU~1\AppData\Local\Temp\7zS338F\HPZids01.dll C:\Users\TATU~1\AppData\Local\Temp\7zS338F\HPZids40.dll C:\Users\TATU~1\AppData\Local\Temp\7zS338F\HPZstub.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\Setup.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\util\ccc\CCC_Uninstaller.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\util\ccc\FixErr1714.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\util\ccc\hpqrrx08.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\util\ccc\trk\WindowsXP-KB822603-x86-TRK.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\util\ccc\sve\WindowsXP-KB822603-x86-SVE.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\util\ccc\rus\WindowsXP-KB822603-x86-RUS.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\util\ccc\ptb\WindowsXP-KB822603-x86-ptb.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\util\ccc\plk\WindowsXP-KB822603-x86-PLK.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\util\ccc\nob\WindowsXP-KB822603-x86-NOR.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\util\ccc\nld\WindowsXP-KB822603-x86-NLD.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\util\ccc\kor\WindowsXP-KB822603-x86-KOR.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\util\ccc\jpn\WindowsXP-KB822603-x86-jpn.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\util\ccc\ita\WindowsXP-KB822603-x86-ITA.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\util\ccc\hun\WindowsXP-KB822603-x86-HUN.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\util\ccc\fra\WindowsXP-KB822603-x86-fra.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\util\ccc\fin\WindowsXP-KB822603-x86-FIN.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\util\ccc\esn\WindowsXP-KB822603-x86-esn.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\util\ccc\enu\WindowsXP-KB822603-x86-enu.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\util\ccc\ell\WindowsXP-KB822603-x86-ELL.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\util\ccc\deu\WindowsXP-KB822603-x86-DEU.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\util\ccc\dan\WindowsXP-KB822603-x86-DAN.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\util\ccc\csy\WindowsXP-KB822603-x86-CSY.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\util\ccc\cht\WindowsXP-KB822603-x86-CHT.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\util\ccc\chs\WindowsXP-KB822603-x86-CHS.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\setup\BlockSysUserInstall.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\setup\difxapi.dll C:\Users\TATU~1\AppData\Local\Temp\7zS338F\setup\doccd.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\setup\HPCommunication.dll C:\Users\TATU~1\AppData\Local\Temp\7zS338F\setup\HPeDiag.dll C:\Users\TATU~1\AppData\Local\Temp\7zS338F\setup\HPeSupport.dll C:\Users\TATU~1\AppData\Local\Temp\7zS338F\setup\hpqbhp01.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\setup\HPScripting.dll C:\Users\TATU~1\AppData\Local\Temp\7zS338F\setup\HPZarp01.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\setup\HPZcdl01.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\setup\HPZchk01.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\setup\HPZdui01.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\setup\HPZdui40.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\setup\hpzfwx01.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\setup\HPZgat01.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\setup\HPZmsi01.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\setup\HPZnop01.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\setup\hpznui01.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\setup\HPZnui40.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\setup\hpznuiprn01.dll C:\Users\TATU~1\AppData\Local\Temp\7zS338F\setup\hpznuiprn40.dll C:\Users\TATU~1\AppData\Local\Temp\7zS338F\setup\HPZpnp01.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\setup\HPZpnp40.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\setup\HPZprl01.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\setup\HPZprl40.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\setup\HPZpsc01.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\setup\HPZpsl01.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\setup\HPZrcn01.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\setup\HPZrcv01.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\setup\HPZrein01.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\setup\HPZscr01.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\setup\HPZscr40.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\setup\HPZshl01.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\setup\HPZshl40.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\setup\HPZSWP01.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\setup\HPZtim01.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\setup\HPZwis01.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\setup\HPZwrp01.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\setup\HPZwup01.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\setup\InstallMetrics.dll C:\Users\TATU~1\AppData\Local\Temp\7zS338F\setup\InternetUtil.dll C:\Users\TATU~1\AppData\Local\Temp\7zS338F\setup\msxml3.dll C:\Users\TATU~1\AppData\Local\Temp\7zS338F\setup\msxml3a.dll C:\Users\TATU~1\AppData\Local\Temp\7zS338F\setup\msxml3r.dll C:\Users\TATU~1\AppData\Local\Temp\7zS338F\setup\RDVCoinstFix.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\setup\RenameAutorun.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\setup\RulesEngine.dll C:\Users\TATU~1\AppData\Local\Temp\7zS338F\setup\TwainFix.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\setup\usbready.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\setup\yahoo\ytb_7.2.2.0_1.5.4_mail_bts_pub_uber_rev_setup_2008.11.25.01.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\setup\yahoo\y_hp_intl_detect.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\setup\x64\difxapi.dll C:\Users\TATU~1\AppData\Local\Temp\7zS338F\setup\wis\Win2K_XP\instmsi.exe C:\Users\TATU~1\AppData\Local\Temp\7zS338F\drivers\scanner\x64\hpotiop3.dll C:\Users\TATU~1\AppData\Local\Temp\7zS338F\drivers\scanner\x64\hpotscl3.dll C:\Users\TATU~1\AppData\Local\Temp\7zS338F\drivers\scanner\x64\hpovst10.dll C:\Users\TATU~1\AppData\Local\Temp\7zS338F\drivers\scanner\x64\hpowiax3.dll C:\Users\TATU~1\AppData\Local\Temp\7zS338F\drivers\scanner\x32\hpotiop3.dll C:\Users\TATU~1\AppData\Local\Temp\7zS338F\drivers\scanner\x32\hpotpusd.dll C:\Users\TATU~1\AppData\Local\Temp\7zS338F\drivers\scanner\x32\hpotscl3.dll C:\Users\TATU~1\AppData\Local\Temp\7zS338F\drivers\scanner\x32\hpovst10.dll C:\Users\TATU~1\AppData\Local\Temp\7zS338F\drivers\scanner\x32\hpowiax3.dll C:\Users\TATU~1\AppData\Local\Temp\7zS338F\drivers\dot4\win2000\difxapi.dll C:\Users\TATU~1\AppData\Local\Temp\7zS338F\drivers\dot4\win2000\hppldcoi.dll C:\Users\TATU~1\AppData\Local\Temp\7zS338F\drivers\dot4\amd64\winxp\difxapi.dll C:\Users\TATU~1\AppData\Local\Temp\7zS338F\drivers\dot4\amd64\winxp\hppldcoi.dll ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-08-22 11:14 ==================== End Of Log ============================