Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 31-08-2013 04 Ran by Karolina (administrator) on KAROLINA on 01-09-2013 15:22:15 Running from C:\Documents and Settings\Karolina\Pulpit Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polish Internet Explorer Version 8 Boot Mode: Normal ==================== Processes (Whitelisted) =================== (AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE (AVAST Software) C:\Program Files\Alwil Software\Avast5\avastUI.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (BitTorrent Inc.) C:\Program Files\BitTorrent\BitTorrent.exe (Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe (GG Network S.A.) C:\Documents and Settings\Karolina\Ustawienia lokalne\Dane aplikacji\GG\Application\gghub.exe (Samsung) C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Nokia) C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe (Samsung Electronics) C:\Program Files\Samsung\Kies\KiesAirMessage.exe (Redefine Sp z o.o.) C:\Program Files\ipla\ipla.exe (Microsoft Corporation) C:\Program Files\Windows Desktop Search\WindowsSearch.exe (GG Network S.A.) C:\Documents and Settings\Karolina\Ustawienia lokalne\Dane aplikacji\GG\Application\ggapp.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Realtek Semiconductor Corp.) C:\DOCUME~1\Karolina\USTAWI~1\Temp\RtkBtMnt.exe (Nokia) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe (Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDCPL] - C:\Windows\RTHDCPL.EXE [19523616 2010-04-30] (Realtek Semiconductor Corp.) HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM\...\Run: [avast] - C:\Program Files\Alwil Software\Avast5\avastUI.exe [4858968 2013-05-09] (AVAST Software) HKLM\...\Run: [AdobeCS6ServiceManager] - C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated) HKLM\...\Run: [PDF3 Registry Controller] - C:\Program Files\ScanSoft\PDF Converter 3.0\\RegistryController.exe [106496 2005-04-12] (ScanSoft, Inc.) HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-05-15] (Apple Inc.) Winlogon\Notify\WgaLogon: WgaLogon.dll (Microsoft Corporation) HKLM\...\Policies\Explorer: [HonorAutoRunSetting] 1 HKLM\...\Policies\Explorer: [NoDriveAutoRun] 67108863 HKLM\...\Policies\Explorer: [NoDriveTypeAutoRun] 323 HKLM\...\Policies\Explorer: [NoDrives] 0 HKCU\...\Run: [BitTorrent] - C:\Program Files\BitTorrent\BitTorrent.exe [1125456 2013-05-24] (BitTorrent Inc.) HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [18678376 2013-05-09] (Skype Technologies S.A.) HKCU\...\Run: [GG] - C:\Documents and Settings\Karolina\Ustawienia lokalne\Dane aplikacji\GG\Application\gghub.exe [3365440 2013-05-20] (GG Network S.A.) HKCU\...\Run: [] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844168 2013-05-24] (Samsung) HKCU\...\Run: [NokiaSuite.exe] - C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-04-19] (Nokia) HKCU\...\Run: [KiesAirMessage] - C:\Program Files\Samsung\Kies\KiesAirMessage.exe [578560 2013-04-18] (Samsung Electronics) HKCU\...\Run: [IPLA!] - C:\Program Files\ipla\ipla.exe [21172832 2013-05-28] (Redefine Sp z o.o.) HKU\Default User\...\RunOnce: [_nltide_3] - C:\Windows\System32\advpack.dll [ 2010-06-17] (Microsoft Corporation) Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Windows Search.lnk ShortcutTarget: Windows Search.lnk -> C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation) Startup: C:\Documents and Settings\Karolina\Menu Start\Programy\Autostart\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk ShortcutTarget: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie SearchScopes: HKLM - DefaultScope value is missing. BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software) BHO: Pomocnik rejestracji usługi Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software) Toolbar: HKCU -&Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation) Toolbar: HKCU -&Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation) DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 217.113.224.135 217.113.224.36 ========================== Services (Whitelisted) ================= R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [46808 2013-05-09] (AVAST Software) S3 Macromedia Licensing Service; C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [68096 2011-01-19] () ==================== Drivers (Whitelisted) ==================== S3 Ambfilt; C:\Windows\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative) R3 AR5416; C:\Windows\System32\DRIVERS\athw.sys [1606368 2010-06-04] (Atheros Communications, Inc.) R2 Aspi32; C:\Windows\System32\drivers\aspi32.sys [16512 2008-08-12] (Adaptec) R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-05-09] (AVAST Software) R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [20624 2012-10-31] (AVAST Software) R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [66336 2013-05-09] (AVAST Software) R1 aswRdr; C:\Windows\System32\Drivers\aswRdr.sys [49760 2013-05-09] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-05-09] () R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [770344 2013-06-27] (AVAST Software) R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [369584 2013-06-27] (AVAST Software) R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-05-09] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [175176 2013-06-27] () R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [26984 2012-11-20] (AVG Technologies) R3 b57w2k; C:\Windows\System32\DRIVERS\b57xp32.sys [213544 2009-08-27] (Broadcom Corporation) R2 fssfltr; C:\Windows\System32\DRIVERS\fssfltr_tdi.sys [54760 2010-04-28] (Microsoft Corporation) R3 HSFHWAZL; C:\Windows\System32\DRIVERS\HSFHWAZL.sys [209664 2006-12-23] (Conexant Systems, Inc.) R3 HSF_DPV; C:\Windows\System32\DRIVERS\HSF_DPV.sys [988800 2006-12-23] (Conexant Systems, Inc.) S3 Monfilt; C:\Windows\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.) R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.) R0 Si3112; C:\Windows\System32\Drivers\Si3112.sys [69168 2010-06-17] (Silicon Image, Inc.) S0 Si3114r5; C:\Windows\System32\Drivers\Si3114r5.sys [211496 2010-06-17] (Silicon Image, Inc) R0 Si3124; C:\Windows\System32\Drivers\Si3124.sys [69248 2010-06-17] (Silicon Image, Inc.) R0 Si3132; C:\Windows\System32\Drivers\Si3132.sys [80424 2010-06-17] (Silicon Image, Inc) R0 Si3132r5; C:\Windows\System32\Drivers\Si3132r5.sys [217128 2010-06-17] (Silicon Image, Inc) R0 Si3531; C:\Windows\System32\Drivers\Si3531.sys [210736 2010-06-17] (Silicon Image, Inc) S4 IntelIde; No ImagePath ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-09-01 15:07 - 2013-09-01 15:07 - 00000000 ____D C:\Documents and Settings\Karolina\Dane aplikacji\Mozilla 2013-09-01 12:50 - 2013-08-31 17:24 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Karolina\Pulpit\OTL.exe 2013-09-01 12:50 - 2013-08-31 17:23 - 01085269 _____ (Farbar) C:\Documents and Settings\Karolina\Pulpit\FRST.exe 2013-09-01 04:19 - 2013-08-31 21:12 - 43253760 _____ C:\WINDOWS\system32\config\SOFTWARE.OLD 2013-09-01 04:19 - 2013-08-31 21:12 - 10485760 _____ C:\WINDOWS\system32\config\SYSTEM.OLD 2013-09-01 04:19 - 2013-08-31 21:12 - 00524288 _____ C:\WINDOWS\system32\config\DEFAULT.OLD 2013-09-01 04:19 - 2013-08-31 21:12 - 00262144 _____ C:\WINDOWS\system32\config\SECURITY.OLD 2013-09-01 04:19 - 2013-08-31 21:12 - 00262144 _____ C:\WINDOWS\system32\config\SAM.OLD 2013-08-21 23:58 - 2013-08-21 23:58 - 00000000 ____D C:\_OTL 2013-08-11 19:27 - 2013-08-11 19:27 - 00000000 ____D C:\FRST 2013-08-10 01:30 - 2013-08-25 01:03 - 00084896 _____ C:\OTL.Txt 2013-08-06 23:26 - 2013-08-06 23:27 - 00000000 ___SD C:\ComboFix 2013-08-06 23:06 - 2013-08-06 23:06 - 00000000 _SHDC C:\cmdcons 2013-08-06 23:06 - 2011-01-19 14:40 - 00000211 _____ C:\Boot.bak 2013-08-06 23:06 - 2004-08-03 23:00 - 00262400 _RSHC C:\cmldr 2013-08-06 22:57 - 2013-08-06 22:57 - 00000000 ____D C:\WINDOWS\CSC 2013-08-06 22:39 - 2013-08-06 22:40 - 00008148 _____ C:\WINDOWS\tsoc.log 2013-08-06 22:39 - 2013-08-06 22:40 - 00004507 _____ C:\WINDOWS\imsins.log 2013-08-06 22:39 - 2013-08-06 22:40 - 00002161 _____ C:\WINDOWS\netfxocm.log 2013-08-06 22:39 - 2013-08-06 22:40 - 00001207 _____ C:\WINDOWS\MedCtrOC.log 2013-08-06 22:39 - 2013-08-06 22:40 - 00000885 _____ C:\WINDOWS\ocmsn.log 2013-08-06 22:39 - 2013-08-06 22:40 - 00000877 _____ C:\WINDOWS\msgsocm.log 2013-08-06 22:39 - 2013-08-06 22:40 - 00000319 _____ C:\WINDOWS\tabletoc.log 2013-08-06 22:38 - 2013-08-06 22:40 - 00041872 _____ C:\WINDOWS\iis6.log 2013-08-06 22:38 - 2013-08-06 22:40 - 00017551 _____ C:\WINDOWS\ocgen.log 2013-08-06 21:46 - 2011-06-26 08:45 - 00256000 _____ C:\WINDOWS\PEV.exe 2013-08-06 21:46 - 2010-11-07 19:20 - 00208896 _____ C:\WINDOWS\MBR.exe 2013-08-06 21:46 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe 2013-08-06 21:46 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe 2013-08-06 21:46 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe 2013-08-06 21:46 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe 2013-08-06 21:46 - 2000-08-31 02:00 - 00098816 _____ C:\WINDOWS\sed.exe 2013-08-06 21:46 - 2000-08-31 02:00 - 00080412 _____ C:\WINDOWS\grep.exe 2013-08-06 21:46 - 2000-08-31 02:00 - 00068096 _____ C:\WINDOWS\zip.exe 2013-08-06 21:29 - 2013-08-06 23:27 - 00000000 ____D C:\Qoobox 2013-08-06 21:28 - 2013-08-06 21:59 - 00000000 ____D C:\WINDOWS\erdnt 2013-08-06 00:17 - 2013-08-30 14:27 - 00000188 ___SH C:\Documents and Settings\Administrator\ntuser.ini 2013-08-06 00:17 - 2013-08-11 19:28 - 00000000 ____D C:\Documents and Settings\Administrator 2013-08-06 00:17 - 2013-08-06 23:13 - 00000000 ___HD C:\Documents and Settings\Administrator\Ustawienia lokalne 2013-08-06 00:17 - 2013-08-06 23:08 - 00000000 __RHD C:\Documents and Settings\Administrator\Dane aplikacji 2013-08-06 00:17 - 2013-08-06 21:29 - 00000000 ____D C:\Documents and Settings\Administrator\Moje dokumenty 2013-08-06 00:17 - 2011-01-19 15:33 - 00000000 ___RD C:\Documents and Settings\Administrator\Menu Start 2013-08-06 00:17 - 2011-01-19 15:33 - 00000000 ____D C:\Documents and Settings\Administrator\Ulubione 2013-08-06 00:17 - 2011-01-19 15:33 - 00000000 ____D C:\Documents and Settings\Administrator\Pulpit 2013-08-06 00:17 - 2011-01-19 14:48 - 00000000 __SHD C:\Documents and Settings\Administrator\IETldCache 2013-08-06 00:17 - 2011-01-19 14:41 - 00000000 ___HD C:\Documents and Settings\Administrator\Szablony 2013-08-06 00:15 - 2013-08-06 23:05 - 00001324 _____ C:\WINDOWS\system32\d3d9caps.dat 2013-08-05 22:05 - 2013-08-05 22:06 - 00017920 ___SH C:\Documents and Settings\Karolina\Pulpit\Thumbs.db 2013-08-04 21:46 - 2013-09-01 15:21 - 00007217 _____ C:\WINDOWS\KB2481109.log ==================== One Month Modified Files and Folders ======= 2013-09-01 15:22 - 2012-07-31 21:36 - 01334219 _____ C:\Documents and Settings\Karolina\debug.log 2013-09-01 15:21 - 2013-08-04 21:46 - 00007217 _____ C:\WINDOWS\KB2481109.log 2013-09-01 15:21 - 2011-01-19 14:53 - 00000000 ____D C:\Documents and Settings\Karolina\Pulpit 2013-09-01 15:21 - 2011-01-19 14:47 - 01654212 _____ C:\WINDOWS\WindowsUpdate.log 2013-09-01 15:20 - 2012-11-13 11:52 - 00000366 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job 2013-09-01 15:20 - 2011-06-27 22:15 - 00000000 ____D C:\Documents and Settings\Karolina\Dane aplikacji\BitTorrent 2013-09-01 15:19 - 2013-06-12 09:50 - 00000000 ____D C:\Documents and Settings\Karolina\Dane aplikacji\ipla 2013-09-01 15:18 - 2008-04-15 14:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl 2013-09-01 15:17 - 2011-01-19 15:37 - 00000157 _____ C:\WINDOWS\wiadebug.log 2013-09-01 15:17 - 2011-01-19 15:37 - 00000050 _____ C:\WINDOWS\wiaservc.log 2013-09-01 15:17 - 2011-01-19 14:52 - 00032512 _____ C:\WINDOWS\SchedLgU.Txt 2013-09-01 15:17 - 2011-01-19 14:52 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2013-09-01 15:11 - 2011-01-19 14:53 - 00000188 ___SH C:\Documents and Settings\Karolina\ntuser.ini 2013-09-01 15:11 - 2011-01-19 14:53 - 00000000 ____D C:\Documents and Settings\Karolina 2013-09-01 15:10 - 2013-09-01 15:09 - 00000000 ____D C:\AdwCleaner 2013-09-01 15:10 - 2011-01-19 14:53 - 00000000 ___RD C:\Documents and Settings\Karolina\Menu Start\Programy 2013-09-01 15:10 - 2011-01-19 14:53 - 00000000 ___HD C:\DOCUME~1\Karolina\USTAWI~1\Dane aplikacji 2013-09-01 15:07 - 2013-09-01 15:07 - 00000000 ____D C:\Documents and Settings\Karolina\Dane aplikacji\Mozilla 2013-09-01 15:07 - 2011-01-19 14:53 - 00000000 __RHD C:\Documents and Settings\Karolina\Dane aplikacji 2013-09-01 15:04 - 2012-11-13 17:41 - 00000000 ____D C:\Documents and Settings\Karolina\Dane aplikacji\GG 2013-08-31 22:26 - 2012-11-22 22:22 - 00204801 _____ C:\WINDOWS\setupapi.log 2013-08-31 21:12 - 2013-09-01 04:19 - 43253760 _____ C:\WINDOWS\system32\config\SOFTWARE.OLD 2013-08-31 21:12 - 2013-09-01 04:19 - 10485760 _____ C:\WINDOWS\system32\config\SYSTEM.OLD 2013-08-31 21:12 - 2013-09-01 04:19 - 00524288 _____ C:\WINDOWS\system32\config\DEFAULT.OLD 2013-08-31 21:12 - 2013-09-01 04:19 - 00262144 _____ C:\WINDOWS\system32\config\SECURITY.OLD 2013-08-31 21:12 - 2013-09-01 04:19 - 00262144 _____ C:\WINDOWS\system32\config\SAM.OLD 2013-08-31 17:24 - 2013-09-01 12:50 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Karolina\Pulpit\OTL.exe 2013-08-31 17:23 - 2013-09-01 12:50 - 01085269 _____ (Farbar) C:\Documents and Settings\Karolina\Pulpit\FRST.exe 2013-08-30 14:27 - 2013-08-06 00:17 - 00000188 ___SH C:\Documents and Settings\Administrator\ntuser.ini 2013-08-30 14:27 - 2008-04-15 14:00 - 00000741 _____ C:\WINDOWS\win.ini 2013-08-25 01:03 - 2013-08-10 01:30 - 00084896 _____ C:\OTL.Txt 2013-08-21 23:58 - 2013-08-21 23:58 - 00000000 ____D C:\_OTL 2013-08-21 23:58 - 2011-01-19 15:33 - 00000000 __RHD C:\Documents and Settings\All Users\Dane aplikacji 2013-08-21 23:58 - 2011-01-19 14:53 - 00000000 ___RD C:\Documents and Settings\Karolina\Menu Start\Programy\Autostart 2013-08-11 19:28 - 2013-08-06 00:17 - 00000000 ____D C:\Documents and Settings\Administrator 2013-08-11 19:28 - 2011-01-19 14:52 - 00000000 __SHD C:\Documents and Settings\NetworkService 2013-08-11 19:28 - 2011-01-19 14:52 - 00000000 __SHD C:\Documents and Settings\LocalService 2013-08-11 19:27 - 2013-08-11 19:27 - 00000000 ____D C:\FRST 2013-08-06 23:27 - 2013-08-06 23:26 - 00000000 ___SD C:\ComboFix 2013-08-06 23:27 - 2013-08-06 21:29 - 00000000 ____D C:\Qoobox 2013-08-06 23:15 - 2011-01-19 14:44 - 00000000 ____D C:\WINDOWS\system32\Restore 2013-08-06 23:13 - 2013-08-06 00:17 - 00000000 ___HD C:\Documents and Settings\Administrator\Ustawienia lokalne 2013-08-06 23:13 - 2011-01-19 14:52 - 00000000 ___HD C:\Documents and Settings\NetworkService\Ustawienia lokalne 2013-08-06 23:11 - 2008-04-15 14:00 - 00000274 _____ C:\WINDOWS\system.ini 2013-08-06 23:08 - 2013-08-06 00:17 - 00000000 __RHD C:\Documents and Settings\Administrator\Dane aplikacji 2013-08-06 23:06 - 2013-08-06 23:06 - 00000000 _SHDC C:\cmdcons 2013-08-06 23:06 - 2011-01-19 15:32 - 00000327 ___SH C:\boot.ini 2013-08-06 23:05 - 2013-08-06 00:15 - 00001324 _____ C:\WINDOWS\system32\d3d9caps.dat 2013-08-06 22:57 - 2013-08-06 22:57 - 00000000 ____D C:\WINDOWS\CSC 2013-08-06 22:40 - 2013-08-06 22:39 - 00008148 _____ C:\WINDOWS\tsoc.log 2013-08-06 22:40 - 2013-08-06 22:39 - 00004507 _____ C:\WINDOWS\imsins.log 2013-08-06 22:40 - 2013-08-06 22:39 - 00002161 _____ C:\WINDOWS\netfxocm.log 2013-08-06 22:40 - 2013-08-06 22:39 - 00001207 _____ C:\WINDOWS\MedCtrOC.log 2013-08-06 22:40 - 2013-08-06 22:39 - 00000885 _____ C:\WINDOWS\ocmsn.log 2013-08-06 22:40 - 2013-08-06 22:39 - 00000877 _____ C:\WINDOWS\msgsocm.log 2013-08-06 22:40 - 2013-08-06 22:39 - 00000319 _____ C:\WINDOWS\tabletoc.log 2013-08-06 22:40 - 2013-08-06 22:38 - 00041872 _____ C:\WINDOWS\iis6.log 2013-08-06 22:40 - 2013-08-06 22:38 - 00017551 _____ C:\WINDOWS\ocgen.log 2013-08-06 22:40 - 2012-12-13 17:55 - 00208873 _____ C:\WINDOWS\FaxSetup.log 2013-08-06 22:40 - 2012-12-13 17:55 - 00070064 _____ C:\WINDOWS\comsetup.log 2013-08-06 22:40 - 2012-12-13 17:55 - 00043594 _____ C:\WINDOWS\ntdtcsetup.log 2013-08-06 22:40 - 2011-02-22 16:45 - 00000000 ____D C:\WINDOWS\system32\appmgmt 2013-08-06 22:40 - 2011-01-19 15:34 - 01130678 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2013-08-06 22:40 - 2008-04-15 14:00 - 00516938 _____ C:\WINDOWS\system32\perfh015.dat 2013-08-06 22:40 - 2008-04-15 14:00 - 00094916 _____ C:\WINDOWS\system32\perfc015.dat 2013-08-06 21:59 - 2013-08-06 21:28 - 00000000 ____D C:\WINDOWS\erdnt 2013-08-06 21:29 - 2013-08-06 00:17 - 00000000 ____D C:\Documents and Settings\Administrator\Moje dokumenty 2013-08-06 00:05 - 2012-11-27 13:39 - 00001209 _____ C:\WINDOWS\wmsetup.log 2013-08-05 22:31 - 2011-07-28 13:25 - 00000000 ____D C:\Documents and Settings\Karolina\Dane aplikacji\Media Player Classic 2013-08-05 22:06 - 2013-08-05 22:05 - 00017920 ___SH C:\Documents and Settings\Karolina\Pulpit\Thumbs.db 2013-08-04 22:19 - 2012-12-03 17:34 - 00009592 _____ C:\WINDOWS\setupact.log 2013-08-02 22:57 - 2011-01-19 14:53 - 00000000 ___RD C:\Documents and Settings\Karolina\Moje dokumenty\Moje obrazy 2013-08-02 22:57 - 2011-01-19 14:53 - 00000000 ___RD C:\Documents and Settings\Karolina\Moje dokumenty 2013-08-02 22:47 - 2011-02-07 00:43 - 00000000 ____D C:\WINDOWS\ie8updates Files to move or delete: ==================== C:\DOCUME~1\Karolina\USTAWI~1\Temp\NEventMessages.dll C:\DOCUME~1\Karolina\USTAWI~1\Temp\NOSEventMessages.dll C:\DOCUME~1\Karolina\USTAWI~1\Temp\Quarantine.exe C:\DOCUME~1\Karolina\USTAWI~1\Temp\RtkBtMnt.exe ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe [2008-04-15 14:00] - [2008-04-15 14:00] - 1035264 ____A (Microsoft Corporation) c791ed9eac5e76d9525e157b1d7a599a C:\Windows\System32\winlogon.exe [2008-04-15 14:00] - [2008-04-15 14:00] - 0510464 ____A (Microsoft Corporation) 51fd2e13d723857b9ca239ae77150f48 C:\Windows\System32\svchost.exe [2008-04-15 14:00] - [2008-04-15 14:00] - 0014336 ____A (Microsoft Corporation) 8607d35d92528e2df386f19a960d23ce C:\Windows\System32\services.exe [2010-06-17 10:33] - [2010-06-17 10:33] - 0111104 ____A (Microsoft Corporation) 8816e60bf654353e8e0d35ed98875445 C:\Windows\System32\User32.dll [2008-04-15 14:00] - [2008-04-15 14:00] - 0580096 ____A (Microsoft Corporation) a435c5c069afd901751ac323ad238793 C:\Windows\System32\userinit.exe [2008-04-15 14:00] - [2008-04-15 14:00] - 0026624 ____A (Microsoft Corporation) 2a5b37d520508be6570a3ea79695f5b5 C:\Windows\System32\Drivers\volsnap.sys [2008-04-15 14:00] - [2008-04-15 14:00] - 0052864 ____A (Microsoft Corporation) 56b191ac5fc0df219949c95a6c87afe7 ==================== End Of Log ============================