Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-09-2013 01 Ran by Pawelek (administrator) on PAWEL on 30-09-2013 20:50:40 Running from C:\Documents and Settings\Pawelek\Pulpit\Skanery Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polish Internet Explorer Version 8 Boot Mode: Normal ==================== Processes (Whitelisted) =================== (Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe () C:\Program Files\Lyrmix\LymxUD.exe (Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe () C:\Program Files\Sharp\Sharpdesk\SharpTray.exe (Sony) C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe (SHARP CORPORATION) C:\Program Files\SHARP\Button Manager A\btnman.exe (http://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe () C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin ==================== Registry (Whitelisted) ================== HKLM\...\Run: [IntelliPoint] - C:\Program Files\Microsoft IntelliPoint\ipoint.exe [1406024 2008-06-10] (Microsoft Corporation) HKLM\...\Run: [RTHDCPL] - C:\Windows\RTHDCPL.EXE [19557480 2010-07-28] (Realtek Semiconductor Corp.) HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [997408 2010-11-30] (Microsoft Corporation) HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM\...\Run: [ConvertAd] - C:\Documents and Settings\Pawelek\Ustawienia lokalne\Dane aplikacji\ConvertAd\ConvertAd.exe HKLM\...\Run: [MSConfig] - C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe [171520 2008-04-14] (Microsoft Corporation) HKCU\...\Run: [SharpTray] - C:\Program Files\Sharp\Sharpdesk\SharpTray.exe [28672 2003-07-18] () HKCU\...\Run: [Sony PC Companion] - C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [449248 2013-05-29] (Sony) MountPoints2: {0946eb5f-cf08-11e1-b9b4-001fd02506b0} - G:\Startme.exe MountPoints2: {277c7458-9777-11e2-baa3-001fd02506b0} - H:\urDrive.exe MountPoints2: {50368358-208c-11e0-b7a9-001fd02506b0} - F:\urDrive.exe MountPoints2: {7a5beeec-3957-11df-b670-001fd02506b0} - F:\vjxnQV.EXe MountPoints2: {b456b536-c328-11df-b711-001fd02506b0} - F:\vjxnQV.EXe MountPoints2: {c69d9d5f-075c-11e0-b783-001fd02506b0} - F:\vjxnQV.EXe MountPoints2: {d5336516-3422-11e0-b7c7-001fd02506b0} - F:\vjxnQV.EXe MountPoints2: {de7b9974-e28d-11df-b749-001fd02506b0} - F:\vjxnQV.EXe Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Button Manager A.lnk ShortcutTarget: Button Manager A.lnk -> C:\Program Files\SHARP\Button Manager A\btnman.exe (SHARP CORPORATION) Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Przyspieszenie uruchomienia programu AutoCAD.lnk ShortcutTarget: Przyspieszenie uruchomienia programu AutoCAD.lnk -> C:\Program Files\Common Files\Autodesk Shared\acstart16.exe (Autodesk, Inc) Startup: C:\Documents and Settings\Pawelek\Menu Start\Programy\Autostart\OpenOffice.org 3.4.1.lnk ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe () Startup: C:\Documents and Settings\Pawelek\Menu Start\Programy\Autostart\ORGANIZER.lnk ShortcutTarget: ORGANIZER.lnk -> C:\Program Files\Mozilla Sunbird\sunbird.exe (Mozilla) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.) BHO: DealPly Shopping - {4B6ACEA2-308A-4876-AD36-57CEC5B4FCC7} - C:\Program Files\DealPly\DealPlyIE.dll No File BHO: Lyrmix - {804efe7d-a8d7-4351-a6df-014d1ed7c6fc} - C:\Program Files\Lyrmix\133.dll () Toolbar: HKCU -&Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation) Toolbar: HKCU -&Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation) DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1297507514921 Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\..\Interfaces\{E1C1EDFF-9616-46A5-9884-A00EFF7B1F11}: [NameServer]8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1 FireFox: ======== FF ProfilePath: C:\Documents and Settings\Pawelek\Dane aplikacji\Mozilla\Firefox\Profiles\poo20hu3.default FF Homepage: user_pref("browser.startup.homepage", ); FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll () FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @SonyCreativeSoftware.com/Media Go,version=1.0 - C:\Program Files\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC) FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Documents and Settings\Pawelek\Dane aplikacji\Mozilla\Firefox\Profiles\poo20hu3.default\searchplugins\BrowserDefender.xml FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ FF HKCU\...\Firefox\Extensions: [{dde15e35-c9b3-4c30-b055-730c5f4a45d3}] - C:\Program Files\Lyrmix\133.xpi FF Extension: No Name - C:\Program Files\Lyrmix\133.xpi Chrome: ======= CHR HomePage: hxxp://www.google.com CHR RestoreOnStartup: "hxxp://www.google.com" CHR HKLM\...\Chrome\Extension: [kidmhllhjmmmnpbiaihafgchacpmokof] - C:\Program Files\Lyrmix\133.crx ========================== Services (Whitelisted) ================= S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [11736 2010-11-11] (Microsoft Corporation) S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) ==================== Drivers (Whitelisted) ==================== S3 Ambfilt; C:\Windows\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative) S3 DrvAgent32; C:\WINDOWS\system32\Drivers\DrvAgent32.sys [23456 2013-09-11] (Phoenix Technologies) S3 Monfilt; C:\Windows\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.) R1 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [165264 2010-10-24] (Microsoft Corporation) S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [104744 2009-03-25] (MCCI Corporation) S3 s1039mdm; C:\Windows\System32\DRIVERS\s1039mdm.sys [124016 2010-03-15] (MCCI Corporation) S3 SNTNLUSB; C:\Windows\System32\DRIVERS\SNTNLUSB.SYS [41896 2011-09-22] (SafeNet, Inc.) S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x] S3 GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS [x] S4 IntelIde; No ImagePath U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation) U1 WS2IFSL; ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-09-30 20:50 - 2013-09-30 20:50 - 00000000 ____D C:\FRST 2013-09-29 21:42 - 2013-09-30 20:49 - 00000000 ____D C:\Documents and Settings\Pawelek\Pulpit\Skanery 2013-09-25 12:16 - 2013-09-25 12:16 - 00008617 _____ C:\Documents and Settings\Pawelek\Pulpit\AdwCleaner[S0].txt 2013-09-25 11:57 - 2013-09-29 21:44 - 00000000 ____D C:\AdwCleaner 2013-09-25 09:30 - 2013-09-25 09:30 - 00000000 ____D C:\Program Files\Enigma Software Group 2013-09-25 09:29 - 2013-09-25 11:07 - 00000000 ____D C:\WINDOWS\865537E164904193A4B6669C62711852.TMP 2013-09-25 09:29 - 2013-09-25 09:29 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard 2013-09-23 17:56 - 2013-09-23 18:02 - 00000000 ____D C:\WINDOWS\system32\NtmsData 2013-09-23 10:05 - 2013-09-23 10:05 - 00095715 _____ C:\Documents and Settings\Pawelek\Pulpit\NOWY Ms OFFICE 2010 DLA DOMU I FIRM PL PKC FV 23% (3518488771) - Allegro.pl - Więcej niż aukcje..htm 2013-09-11 20:36 - 2013-09-11 20:36 - 00000000 ____D C:\Program Files\Lyrmix 2013-09-11 19:18 - 2013-09-11 19:18 - 00014074 _____ C:\WINDOWS\KB2870699-IE8.log 2013-09-11 19:18 - 2013-09-11 19:18 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876315$ 2013-09-11 19:18 - 2013-09-11 19:18 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876217$ 2013-09-11 19:18 - 2013-09-11 19:18 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2864063$ 2013-09-11 16:09 - 2013-09-11 16:09 - 00023456 _____ (Phoenix Technologies) C:\WINDOWS\system32\Drivers\DrvAgent32.sys 2013-09-11 16:09 - 2013-09-11 16:09 - 00000000 ____D C:\Documents and Settings\Pawelek\Ustawienia lokalne\Dane aplikacji\eSupport.com 2013-09-11 16:03 - 2013-09-20 20:33 - 00000890 _____ C:\Documents and Settings\Pawelek\Pulpit\AIDA64 Extreme Edition.lnk 2013-09-11 16:03 - 2013-09-11 16:03 - 00000000 ____D C:\Program Files\FinalWire 2013-09-11 07:13 - 2013-09-11 19:18 - 00012036 _____ C:\WINDOWS\KB2876315.log 2013-09-11 07:13 - 2013-09-11 19:18 - 00011408 _____ C:\WINDOWS\KB2876217.log 2013-09-11 07:13 - 2013-09-11 19:18 - 00010468 _____ C:\WINDOWS\KB2864063.log 2013-09-06 12:07 - 2013-09-06 13:12 - 00000000 ____D C:\Program Files\BonanzaDealsLive 2013-09-06 12:07 - 2013-09-06 12:07 - 00000000 ____D C:\Documents and Settings\Pawelek\Ustawienia lokalne\Dane aplikacji\BonanzaDealsLive 2013-09-06 12:07 - 2013-09-06 12:07 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\BonanzaDealsLive 2013-09-06 12:06 - 2013-09-30 20:50 - 00000342 _____ C:\WINDOWS\Tasks\Lyrmix Update.job 2013-09-06 12:06 - 2013-09-06 12:41 - 00000000 ____D C:\Program Files\BonanzaDeals 2013-09-06 12:06 - 2013-09-06 12:06 - 00833992 _____ (AnyProtect.com) C:\Documents and Settings\Pawelek\Ustawienia lokalne\Dane aplikacji\nsy20D.tmp.exe 2013-09-04 15:12 - 2013-09-21 20:16 - 00001819 _____ C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk 2013-09-04 15:12 - 2013-09-04 15:12 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Google Chrome 2013-09-04 15:09 - 2013-09-30 20:46 - 00000884 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2013-09-04 15:09 - 2013-09-30 18:16 - 00000888 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2013-09-04 14:00 - 2013-09-04 14:02 - 00005504 _____ C:\Documents and Settings\Pawelek\buw32.lc 2013-09-04 13:59 - 2013-09-04 14:10 - 00000000 ____D C:\Budżet Domowy 2013-09-02 20:23 - 2013-09-02 20:23 - 00004132 _____ C:\WINDOWS\KB2834904-v2.log 2013-09-02 20:23 - 2013-09-02 20:23 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$ ==================== One Month Modified Files and Folders ======= 2013-09-30 20:50 - 2013-09-30 20:50 - 00000000 ____D C:\FRST 2013-09-30 20:50 - 2013-09-06 12:06 - 00000342 _____ C:\WINDOWS\Tasks\Lyrmix Update.job 2013-09-30 20:49 - 2013-09-29 21:42 - 00000000 ____D C:\Documents and Settings\Pawelek\Pulpit\Skanery 2013-09-30 20:47 - 2009-10-08 17:05 - 00000000 ____D C:\Program Files\Mozilla Sunbird 2013-09-30 20:47 - 2009-09-01 15:51 - 01283892 _____ C:\WINDOWS\WindowsUpdate.log 2013-09-30 20:46 - 2013-09-04 15:09 - 00000884 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2013-09-30 20:46 - 2012-05-30 19:10 - 00000000 ____D C:\Documents and Settings\Pawelek\Ustawienia lokalne\Dane aplikacji\TSVNCache 2013-09-30 20:46 - 2009-09-01 17:42 - 00000157 _____ C:\WINDOWS\wiadebug.log 2013-09-30 20:46 - 2009-09-01 17:42 - 00000050 _____ C:\WINDOWS\wiaservc.log 2013-09-30 20:46 - 2009-09-01 15:55 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2013-09-30 20:46 - 2004-08-04 13:00 - 00013646 _____ C:\WINDOWS\system32\wpa.dbl 2013-09-30 18:24 - 2009-09-01 15:55 - 00032518 _____ C:\WINDOWS\SchedLgU.Txt 2013-09-30 18:24 - 2009-09-01 15:55 - 00000188 ___SH C:\Documents and Settings\Pawelek\ntuser.ini 2013-09-30 18:24 - 2009-09-01 15:55 - 00000000 ____D C:\Documents and Settings\Pawelek 2013-09-30 18:16 - 2013-09-04 15:09 - 00000888 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2013-09-30 17:57 - 2013-06-01 21:08 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2013-09-30 17:36 - 2013-08-08 16:36 - 00000428 _____ C:\WINDOWS\Tasks\At2.job 2013-09-30 17:36 - 2013-08-08 16:36 - 00000424 _____ C:\WINDOWS\Tasks\At1.job 2013-09-30 11:50 - 2010-08-03 11:42 - 00000000 ____D C:\skany 2013-09-29 21:44 - 2013-09-25 11:57 - 00000000 ____D C:\AdwCleaner 2013-09-29 21:42 - 2009-09-01 15:55 - 00000000 ____D C:\Documents and Settings\Pawelek\Pulpit 2013-09-29 21:34 - 2013-04-11 15:48 - 00008485 _____ C:\WINDOWS\RCW.INI 2013-09-29 21:34 - 2004-08-04 13:00 - 00000550 _____ C:\WINDOWS\win.ini 2013-09-29 21:23 - 2009-09-01 17:38 - 00937228 _____ C:\WINDOWS\setupapi.log 2013-09-29 21:19 - 2009-09-01 17:37 - 00000211 ___SH C:\boot.ini 2013-09-29 21:19 - 2004-08-04 13:00 - 00000227 _____ C:\WINDOWS\system.ini 2013-09-29 21:18 - 2013-06-01 20:57 - 00000424 ____H C:\WINDOWS\Tasks\MP Scheduled Scan.job 2013-09-29 21:11 - 2009-09-01 17:39 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Start\Programy\Autostart 2013-09-29 21:11 - 2009-08-31 20:15 - 00000000 ____D C:\WINDOWS\pss 2013-09-26 09:30 - 2010-09-03 10:16 - 00093696 _____ C:\Documents and Settings\Pawelek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-09-25 12:16 - 2013-09-25 12:16 - 00008617 _____ C:\Documents and Settings\Pawelek\Pulpit\AdwCleaner[S0].txt 2013-09-25 12:08 - 2009-09-01 17:38 - 00000000 __RHD C:\Documents and Settings\All Users\Dane aplikacji 2013-09-25 12:08 - 2009-09-01 15:55 - 00000000 __RHD C:\Documents and Settings\Pawelek\Dane aplikacji 2013-09-25 12:08 - 2009-09-01 15:55 - 00000000 ___HD C:\Documents and Settings\Pawelek\Ustawienia lokalne\Dane aplikacji 2013-09-25 11:07 - 2013-09-25 09:29 - 00000000 ____D C:\WINDOWS\865537E164904193A4B6669C62711852.TMP 2013-09-25 11:07 - 2009-09-01 15:55 - 00000000 ___RD C:\Documents and Settings\Pawelek\Menu Start\Programy 2013-09-25 10:31 - 2009-09-01 15:55 - 00000000 ___HD C:\Documents and Settings\Pawelek\Szablony 2013-09-25 10:08 - 2009-09-01 15:55 - 00001605 _____ C:\Documents and Settings\Pawelek\Menu Start\Programy\Pomoc zdalna.lnk 2013-09-25 10:02 - 2009-09-01 15:52 - 00001605 _____ C:\Documents and Settings\Default User\Menu Start\Programy\Pomoc zdalna.lnk 2013-09-25 09:30 - 2013-09-25 09:30 - 00000000 ____D C:\Program Files\Enigma Software Group 2013-09-25 09:29 - 2013-09-25 09:29 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard 2013-09-23 18:02 - 2013-09-23 17:56 - 00000000 ____D C:\WINDOWS\system32\NtmsData 2013-09-23 11:59 - 2009-09-01 17:38 - 00206016 _____ C:\WINDOWS\setupact.log 2013-09-23 10:06 - 2009-09-01 15:55 - 00000000 ___RD C:\Documents and Settings\Pawelek\Moje dokumenty 2013-09-23 10:05 - 2013-09-23 10:05 - 00095715 _____ C:\Documents and Settings\Pawelek\Pulpit\NOWY Ms OFFICE 2010 DLA DOMU I FIRM PL PKC FV 23% (3518488771) - Allegro.pl - Więcej niż aukcje..htm 2013-09-23 09:46 - 2012-06-15 20:52 - 00000664 _____ C:\WINDOWS\system32\d3d9caps.dat 2013-09-23 09:43 - 2011-11-01 09:54 - 00000000 ____D C:\Documents and Settings\Pawelek\Pulpit\POBRANE 2013-09-21 20:16 - 2013-09-04 15:12 - 00001819 _____ C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk 2013-09-20 20:33 - 2013-09-11 16:03 - 00000890 _____ C:\Documents and Settings\Pawelek\Pulpit\AIDA64 Extreme Edition.lnk 2013-09-20 08:57 - 2013-06-01 21:08 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2013-09-20 08:57 - 2013-06-01 21:08 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2013-09-20 08:38 - 2012-07-16 12:24 - 01220640 _____ C:\WINDOWS\DPINST.LOG 2013-09-20 08:35 - 2013-04-19 08:11 - 00001745 _____ C:\Documents and Settings\All Users\Pulpit\Sony PC Companion 2.1.lnk 2013-09-20 08:35 - 2012-07-16 12:37 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Sony 2013-09-20 08:35 - 2009-09-01 17:39 - 00000000 ____D C:\Documents and Settings\All Users\Pulpit 2013-09-20 08:35 - 2009-08-31 19:08 - 00000000 ___HD C:\Program Files\InstallShield Installation Information 2013-09-12 09:54 - 2013-06-01 21:07 - 00002347 _____ C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Reader XI.lnk 2013-09-12 09:54 - 2009-09-01 17:39 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Start\Programy 2013-09-11 20:38 - 2012-01-13 10:47 - 00000000 ___RD C:\Documents and Settings\Pawelek\Pulpit\PAWEL 2013-09-11 20:36 - 2013-09-11 20:36 - 00000000 ____D C:\Program Files\Lyrmix 2013-09-11 20:35 - 2009-09-01 17:38 - 00218448 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2013-09-11 19:18 - 2013-09-11 19:18 - 00014074 _____ C:\WINDOWS\KB2870699-IE8.log 2013-09-11 19:18 - 2013-09-11 19:18 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876315$ 2013-09-11 19:18 - 2013-09-11 19:18 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876217$ 2013-09-11 19:18 - 2013-09-11 19:18 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2864063$ 2013-09-11 19:18 - 2013-09-11 07:13 - 00012036 _____ C:\WINDOWS\KB2876315.log 2013-09-11 19:18 - 2013-09-11 07:13 - 00011408 _____ C:\WINDOWS\KB2876217.log 2013-09-11 19:18 - 2013-09-11 07:13 - 00010468 _____ C:\WINDOWS\KB2864063.log 2013-09-11 19:18 - 2009-09-01 19:48 - 00219436 _____ C:\WINDOWS\updspapi.log 2013-09-11 19:18 - 2009-09-01 17:39 - 01406556 _____ C:\WINDOWS\iis6.log 2013-09-11 19:18 - 2009-09-01 17:39 - 01279664 _____ C:\WINDOWS\FaxSetup.log 2013-09-11 19:18 - 2009-09-01 17:39 - 00624668 _____ C:\WINDOWS\ocgen.log 2013-09-11 19:18 - 2009-09-01 17:39 - 00590979 _____ C:\WINDOWS\tsoc.log 2013-09-11 19:18 - 2009-09-01 17:39 - 00438971 _____ C:\WINDOWS\comsetup.log 2013-09-11 19:18 - 2009-09-01 17:39 - 00403854 _____ C:\WINDOWS\msmqinst.log 2013-09-11 19:18 - 2009-09-01 17:39 - 00264062 _____ C:\WINDOWS\ntdtcsetup.log 2013-09-11 19:18 - 2009-09-01 17:39 - 00224988 _____ C:\WINDOWS\netfxocm.log 2013-09-11 19:18 - 2009-09-01 17:39 - 00090115 _____ C:\WINDOWS\MedCtrOC.log 2013-09-11 19:18 - 2009-09-01 17:39 - 00079917 _____ C:\WINDOWS\ocmsn.log 2013-09-11 19:18 - 2009-09-01 17:39 - 00066853 _____ C:\WINDOWS\tabletoc.log 2013-09-11 19:18 - 2009-09-01 17:39 - 00064230 _____ C:\WINDOWS\msgsocm.log 2013-09-11 19:18 - 2009-09-01 17:39 - 00001374 _____ C:\WINDOWS\imsins.log 2013-09-11 19:18 - 2009-09-01 17:39 - 00001374 _____ C:\WINDOWS\imsins.BAK 2013-09-11 19:17 - 2013-08-19 20:10 - 00000000 ____D C:\WINDOWS\system32\MRT 2013-09-11 19:16 - 2009-09-01 20:15 - 76725432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2013-09-11 16:09 - 2013-09-11 16:09 - 00023456 _____ (Phoenix Technologies) C:\WINDOWS\system32\Drivers\DrvAgent32.sys 2013-09-11 16:09 - 2013-09-11 16:09 - 00000000 ____D C:\Documents and Settings\Pawelek\Ustawienia lokalne\Dane aplikacji\eSupport.com 2013-09-11 16:03 - 2013-09-11 16:03 - 00000000 ____D C:\Program Files\FinalWire 2013-09-09 16:43 - 2013-08-26 08:27 - 00000000 ____D C:\Documents and Settings\Pawelek\Pulpit\MOJE PROJEKTY 2013-09-06 17:35 - 2013-08-21 08:46 - 00000000 ____D C:\Documents and Settings\Pawelek\Dane aplikacji\systweak 2013-09-06 13:12 - 2013-09-06 12:07 - 00000000 ____D C:\Program Files\BonanzaDealsLive 2013-09-06 12:41 - 2013-09-06 12:06 - 00000000 ____D C:\Program Files\BonanzaDeals 2013-09-06 12:07 - 2013-09-06 12:07 - 00000000 ____D C:\Documents and Settings\Pawelek\Ustawienia lokalne\Dane aplikacji\BonanzaDealsLive 2013-09-06 12:07 - 2013-09-06 12:07 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\BonanzaDealsLive 2013-09-06 12:06 - 2013-09-06 12:06 - 00833992 _____ (AnyProtect.com) C:\Documents and Settings\Pawelek\Ustawienia lokalne\Dane aplikacji\nsy20D.tmp.exe 2013-09-05 10:48 - 2011-12-19 16:36 - 00019830 _____ C:\Documents and Settings\Pawelek\Moje dokumenty\plot.log 2013-09-04 15:12 - 2013-09-04 15:12 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Google Chrome 2013-09-04 15:11 - 2011-04-01 13:45 - 00000000 ____D C:\Program Files\Google 2013-09-04 15:06 - 2013-04-03 16:01 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Apple Computer 2013-09-04 15:06 - 2012-07-16 12:27 - 00000000 ____D C:\Program Files\QuickTime 2013-09-04 15:05 - 2013-06-01 21:03 - 00000000 ____D C:\Program Files\Mozilla Firefox 2013-09-04 15:01 - 2012-01-16 14:43 - 00000000 ____D C:\Documents and Settings\Pawelek\Moje dokumenty\Pobieranie 2013-09-04 14:49 - 2011-04-01 13:46 - 00000000 ____D C:\Documents and Settings\Pawelek\Ustawienia lokalne\Dane aplikacji\Google 2013-09-04 14:25 - 2012-04-21 19:32 - 00012996 _____ C:\WINDOWS\aksdrvsetup.log 2013-09-04 14:24 - 2013-04-11 15:44 - 00000162 _____ C:\WINDOWS\notifier.ini 2013-09-04 14:10 - 2013-09-04 13:59 - 00000000 ____D C:\Budżet Domowy 2013-09-04 14:02 - 2013-09-04 14:00 - 00005504 _____ C:\Documents and Settings\Pawelek\buw32.lc 2013-09-04 09:36 - 2013-08-19 08:36 - 00000074 _____ C:\Documents and Settings\Pawelek\Dane aplikacji\WB.CFG 2013-09-04 09:36 - 2013-08-19 08:36 - 00000005 _____ C:\Documents and Settings\Pawelek\Dane aplikacji\WBPU-TTL.DAT 2013-09-03 07:36 - 2013-08-12 07:36 - 00000054 _____ C:\Documents and Settings\NetworkService\Dane aplikacji\WB.CFG 2013-09-03 07:36 - 2013-08-12 07:36 - 00000005 _____ C:\Documents and Settings\NetworkService\Dane aplikacji\WBPU-TTL.DAT 2013-09-02 20:23 - 2013-09-02 20:23 - 00004132 _____ C:\WINDOWS\KB2834904-v2.log 2013-09-02 20:23 - 2013-09-02 20:23 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$ Files to move or delete: ==================== C:\Documents and Settings\Pawelek\RegShellSM.exe C:\Windows\Tasks\At1.job C:\Windows\Tasks\At2.job Some content of TEMP: ==================== C:\Documents and Settings\Pawelek\Ustawienia lokalne\Temp\023059.exe C:\Documents and Settings\Pawelek\Ustawienia lokalne\Temp\7859uninstall.exe C:\Documents and Settings\Pawelek\Ustawienia lokalne\Temp\96106uninstall.exe C:\Documents and Settings\Pawelek\Ustawienia lokalne\Temp\AcDeltree.exe C:\Documents and Settings\Pawelek\Ustawienia lokalne\Temp\contentDATs.exe C:\Documents and Settings\Pawelek\Ustawienia lokalne\Temp\DealPlyUpdateVer.exe C:\Documents and Settings\Pawelek\Ustawienia lokalne\Temp\InstallAX.exe C:\Documents and Settings\Pawelek\Ustawienia lokalne\Temp\installChecker.exe C:\Documents and Settings\Pawelek\Ustawienia lokalne\Temp\install_flashplayer11x32_mssa_aih.exe C:\Documents and Settings\Pawelek\Ustawienia lokalne\Temp\install_flash_player_32bit.exe C:\Documents and Settings\Pawelek\Ustawienia lokalne\Temp\lrxtmp.exe C:\Documents and Settings\Pawelek\Ustawienia lokalne\Temp\MSETUP4.EXE C:\Documents and Settings\Pawelek\Ustawienia lokalne\Temp\Notification.exe C:\Documents and Settings\Pawelek\Ustawienia lokalne\Temp\nsy20D.tmp.exe C:\Documents and Settings\Pawelek\Ustawienia lokalne\Temp\SecurityScan_Release.exe C:\Documents and Settings\Pawelek\Ustawienia lokalne\Temp\setup.exe C:\Documents and Settings\Pawelek\Ustawienia lokalne\Temp\setup_wm.exe C:\Documents and Settings\Pawelek\Ustawienia lokalne\Temp\SHSetup.exe C:\Documents and Settings\Pawelek\Ustawienia lokalne\Temp\Sqlite3.dll C:\Documents and Settings\Pawelek\Ustawienia lokalne\Temp\uninst1.exe ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe [2004-08-04 13:00] - [2008-04-14 19:21] - 1035264 ____A (Microsoft Corporation) c791ed9eac5e76d9525e157b1d7a599a C:\Windows\System32\winlogon.exe [2004-08-04 13:00] - [2008-04-14 19:21] - 0510464 ____A (Microsoft Corporation) 51fd2e13d723857b9ca239ae77150f48 C:\Windows\System32\svchost.exe [2004-08-04 13:00] - [2008-04-14 19:21] - 0014336 ____A (Microsoft Corporation) 8607d35d92528e2df386f19a960d23ce C:\Windows\System32\services.exe [2004-08-04 13:00] - [2009-02-09 13:25] - 0111104 ____A (Microsoft Corporation) 02a467e27af55f7064c5b251e587315f C:\Windows\System32\User32.dll [2004-08-04 13:00] - [2008-04-14 19:20] - 0580096 ____A (Microsoft Corporation) a435c5c069afd901751ac323ad238793 C:\Windows\System32\userinit.exe [2004-08-04 13:00] - [2008-04-14 19:21] - 0026624 ____A (Microsoft Corporation) 2a5b37d520508be6570a3ea79695f5b5 C:\Windows\System32\Drivers\volsnap.sys [2004-08-04 13:00] - [2008-04-14 18:01] - 0052864 ____A (Microsoft Corporation) 56b191ac5fc0df219949c95a6c87afe7 ==================== End Of Log ============================