Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-09-2013 01 ([color=red]ATTENTION: ====> FRST version is 6 days old and could be outdated[/color]) Ran by pawej (administrator) on KOMPJUTER on 03-10-2013 00:05:03 Running from C:\Documents and Settings\pawej\Moje dokumenty\Pobieranie\Nowy folder Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polish Internet Explorer Version 8 Boot Mode: Normal ==================== Processes (Whitelisted) =================== (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Creative Technology Ltd) C:\Program Files\Creative\Shared Files\CTAudSvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe (Cisco Systems, Inc.) C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe () C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE (Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe (Creative Technology Ltd) C:\WINDOWS\system32\CTHELPER.EXE (Team H2O) C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe (Nullsoft, Inc.) C:\Program Files\Winamp\winampa.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (DT Soft Ltd) C:\Program Files\DAEMON Tools Lite\daemon.exe (Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe (GG Network S.A.) C:\Documents and Settings\pawej\Ustawienia lokalne\Dane aplikacji\GG\Application\gghub.exe (Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Express Tray\ExpressTray.exe (Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe (StarWind Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin (Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe (Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (GG Network S.A.) C:\Documents and Settings\pawej\Ustawienia lokalne\Dane aplikacji\GG\Application\ggapp.exe (GG Network S.A.) C:\Documents and Settings\pawej\Ustawienia lokalne\Dane aplikacji\GG\Application\xulrunner\gghub.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup HKLM\...\Run: [nwiz] - nwiz.exe /install HKLM\...\Run: [SW20] - C:\WINDOWS\system32\sw20.exe [208896 2012-12-23] () HKLM\...\Run: [SW24] - C:\WINDOWS\system32\sw24.exe [69632 2012-12-23] () HKLM\...\Run: [CTHelper] - C:\Windows\system32\CTHELPER.EXE [19456 2010-03-18] (Creative Technology Ltd) HKLM\...\Run: [NvMediaCenter] - RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit HKLM\...\Run: [H2O] - C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe [385024 2005-10-23] (Team H2O) HKLM\...\Run: [WinampAgent] - C:\Program Files\Winamp\winampa.exe [74752 2012-06-28] (Nullsoft, Inc.) HKLM\...\Run: [TrojanScanner] - C:\Program Files\Trojan Remover\Trjscan.exe [1608464 2013-02-06] (Simply Super Software) HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [347192 2013-08-29] (Avira Operations GmbH & Co. KG) HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-10] (Adobe Systems Incorporated) HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\daemon.exe [216520 2008-12-10] (DT Soft Ltd) HKCU\...\Run: [AlcoholAutomount] - C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [33120 2009-11-15] (Alcohol Soft Development Team) HKCU\...\Run: [GG] - C:\Documents and Settings\pawej\Ustawienia lokalne\Dane aplikacji\GG\Application\gghub.exe [4009024 2013-09-04] (GG Network S.A.) HKCU\...\Run: [GarminExpressTrayApp] - C:\Program Files\Garmin\Express Tray\ExpressTray.exe [1093464 2013-06-12] (Garmin Ltd or its subsidiaries) Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Gamma Loader.lnk ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\VPN Client.lnk ShortcutTarget: VPN Client.lnk -> C:\WINDOWS\Installer\{1CE60928-8325-49A8-8B06-633E48DD2B67}\Icon3E5562ED7.ico () Startup: C:\Documents and Settings\pawej\Menu Start\Programy\Autostart\OpenOffice.org 3.3.lnk ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe () Startup: C:\Documents and Settings\pawej\Menu Start\Programy\Autostart\RollerCoaster Tycoon 3 Registration.lnk ShortcutTarget: RollerCoaster Tycoon 3 Registration.lnk -> C:\Documents and Settings\pawej\Ustawienia lokalne\Temp\{9CE6B284-5E79-4DEE-A266-CB9AEF03260D}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe (No File) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: IEPluginBHO Class - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\pawej\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.) Toolbar: HKCU -&Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation) Toolbar: HKCU -&Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation) Toolbar: HKCU - No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab Tcpip\Parameters: [DhcpNameServer] 87.204.204.204 62.233.233.233 FireFox: ======== FF ProfilePath: C:\Documents and Settings\pawej\Dane aplikacji\Mozilla\Firefox\Profiles\ccq3q2ag.default-1380749739593 FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll () FF Plugin: @java.com/DTPlugin,version=10.40.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ========================== Services (Whitelisted) ================= R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-08-29] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-08-29] (Avira Operations GmbH & Co. KG) S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] () R2 CVPND; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [1528616 2010-09-27] (Cisco Systems, Inc.) R2 ES lite Service; C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-08-24] () R2 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [219992 2013-06-12] (Garmin Ltd or its subsidiaries) R2 NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [3576320 2009-07-17] (Native Instruments GmbH) R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf" S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [x] ==================== Drivers (Whitelisted) ==================== R1 AmdPPM; C:\Windows\System32\DRIVERS\AmdPPM.sys [33792 2007-04-16] (Advanced Micro Devices) S3 AODDriver; C:\Program Files\Gigabyte\ET6\i386\AODDriver.sys [36864 2010-03-12] (Advanced Micro Devices) R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [19056 2011-11-02] () R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [88840 2013-09-04] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136672 2013-08-29] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-04-03] (Avira Operations GmbH & Co. KG) R3 CLEDX; C:\Windows\System32\DRIVERS\cledx.sys [33792 2005-05-09] (Team H2O) S3 COMMONFX; C:\Windows\System32\drivers\COMMONFX.SYS [99416 2010-03-18] (Creative Technology Ltd) R3 COMMONFX.SYS; C:\Windows\System32\drivers\COMMONFX.SYS [99416 2010-03-18] (Creative Technology Ltd) S3 CTAUDFX; C:\Windows\System32\drivers\CTAUDFX.SYS [555096 2010-03-18] (Creative Technology Ltd) R3 CTAUDFX.SYS; C:\Windows\System32\drivers\CTAUDFX.SYS [555096 2010-03-18] (Creative Technology Ltd) S3 ctdvda2k; C:\Windows\System32\drivers\ctdvda2k.sys [347144 2010-03-18] (Creative Technology Ltd) S3 CTERFXFX; C:\Windows\System32\drivers\CTERFXFX.SYS [100952 2010-03-18] (Creative Technology Ltd) S3 CTERFXFX.SYS; C:\Windows\System32\drivers\CTERFXFX.SYS [100952 2010-03-18] (Creative Technology Ltd) S3 CTSBLFX; C:\Windows\System32\drivers\CTSBLFX.SYS [566360 2010-03-18] (Creative Technology Ltd) R3 CTSBLFX.SYS; C:\Windows\System32\drivers\CTSBLFX.SYS [566360 2010-03-18] (Creative Technology Ltd) S3 CVirtA; C:\Windows\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.) R2 CVPNDRVA; C:\WINDOWS\system32\Drivers\CVPNDRVA.sys [308859 2010-09-27] (Cisco Systems, Inc.) R3 DNE; C:\Windows\System32\DRIVERS\dne2000.sys [131984 2008-11-16] (Deterministic Networks, Inc.) S3 etdrv; C:\WINDOWS\etdrv.sys [17488 2012-12-27] (Windows (R) 2000 DDK provider) R3 EtronHub3; C:\Windows\System32\Drivers\EtronHub3.sys [44928 2011-07-29] (Etron Technology Inc) R3 EtronXHCI; C:\Windows\System32\Drivers\EtronXHCI.sys [64256 2011-07-29] (Etron Technology Inc) R3 gdrv; C:\WINDOWS\gdrv.sys [17488 2013-10-02] (Windows (R) 2000 DDK provider) S3 GVTDrv; C:\WINDOWS\system32\Drivers\GVTDrv.sys [24944 2013-05-08] () R3 ha10kx2k; C:\Windows\System32\drivers\ha10kx2k.sys [798808 2010-03-18] (Creative Technology Ltd) R3 hap16v2k; C:\Windows\System32\drivers\hap16v2k.sys [162904 2010-03-18] (Creative Technology Ltd) S3 hap17v2k; C:\Windows\System32\drivers\hap17v2k.sys [189528 2010-03-18] (Creative Technology Ltd) S3 hSONYPVh; C:\DOCUME~1\pawej\USTAWI~1\Temp\hSONYPVh.sys [31744 2008-07-21] () R2 NPF; C:\Windows\System32\drivers\npf.sys [35088 2010-06-25] (CACE Technologies, Inc.) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2013-04-10] () R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-04-03] (Avira GmbH) S3 tap0801; C:\Windows\System32\DRIVERS\tap0801.sys [26624 2006-10-01] (The OpenVPN Project) U3 a0dq3glo; C:\Windows\System32\Drivers\a0dq3glo.sys [0 ] (Microsoft Corporation) U3 ay92s2k7; C:\Windows\System32\Drivers\ay92s2k7.sys [0 ] (Microsoft Corporation) S3 GMSIPCI; \??\I:\INSTALL\GMSIPCI.SYS [x] S4 IntelIde; No ImagePath U1 WS2IFSL; ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-10-02 23:58 - 2013-10-03 00:02 - 00000000 ____D C:\AdwCleaner 2013-10-02 23:35 - 2013-10-02 23:35 - 00000000 ____D C:\Documents and Settings\pawej\Pulpit\Stare dane programu Firefox 2013-09-30 20:26 - 2013-09-30 20:26 - 00101404 _____ C:\Documents and Settings\pawej\Pulpit\OTL.Txt 2013-09-30 20:23 - 2013-09-30 20:23 - 00035171 _____ C:\Documents and Settings\pawej\Pulpit\FRST.txt 2013-09-30 17:24 - 2013-09-30 17:24 - 00000000 ____D C:\FRST 2013-09-22 11:01 - 2013-09-23 23:48 - 00000016 _____ C:\WINDOWS\system32\w3data.vss 2013-09-22 11:01 - 2013-09-23 23:48 - 00000016 _____ C:\WINDOWS\system32\msvcsv60.dll 2013-09-22 11:01 - 2013-09-23 23:48 - 00000016 _____ C:\WINDOWS\msocreg32.dat 2013-09-22 11:01 - 2013-09-22 11:01 - 00000565 _____ C:\Documents and Settings\All Users\Menu Start\Programy\AmpegSVX.lnk 2013-09-22 11:01 - 2013-09-22 11:01 - 00000000 ____D C:\Program Files\IK Multimedia 2013-09-22 11:01 - 2013-09-22 11:01 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\IK Multimedia 2013-09-22 11:01 - 2007-05-08 10:22 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp71.dll 2013-09-22 11:01 - 2007-05-08 10:22 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr71.dll 2013-09-22 10:41 - 2013-09-22 10:57 - 00000000 ____D C:\Documents and Settings\pawej\Moje dokumenty\REAPER Media 2013-09-22 10:32 - 2013-09-22 10:43 - 00000000 ____D C:\Documents and Settings\pawej\Dane aplikacji\REAPER 2013-09-22 10:18 - 2013-09-22 10:18 - 00000562 _____ C:\Documents and Settings\All Users\Pulpit\REAPER.lnk 2013-09-22 10:18 - 2013-09-22 10:18 - 00000000 ____D C:\Program Files\Common Files\Propellerhead Software 2013-09-22 10:18 - 2013-09-22 10:18 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\REAPER 2013-09-22 09:54 - 2013-09-22 16:44 - 00000663 _____ C:\Documents and Settings\pawej\Pulpit\cala w trawie.txt 2013-09-22 00:54 - 2013-09-27 00:23 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Skype 2013-09-22 00:54 - 2013-09-22 16:29 - 00000000 ____D C:\Documents and Settings\pawej\Dane aplikacji\Skype 2013-09-22 00:13 - 2013-09-22 00:13 - 23003252 _____ C:\Documents and Settings\pawej\Moje dokumenty\vlc-2.0.8-win32.exe 2013-09-20 16:23 - 2013-09-20 16:38 - 00000000 ____D C:\Documents and Settings\pawej\Moje dokumenty\OpenTTD 2013-09-20 16:23 - 2013-09-20 16:23 - 00000815 _____ C:\Documents and Settings\All Users\Pulpit\OpenTTD.lnk 2013-09-20 16:23 - 2013-09-20 16:23 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\OpenTTD 2013-09-18 06:04 - 2013-09-18 06:04 - 98106403 _____ C:\WINDOWS\system32\ඩ䶽咔; 2013-09-17 23:40 - 2013-09-22 00:14 - 00000000 ____D C:\Program Files\Mozilla Firefox 2013-09-17 20:56 - 2013-09-17 20:56 - 00000000 _____ C:\WINDOWS\msicpl.ini 2013-09-17 16:39 - 2013-09-17 16:39 - 00000000 ____D C:\Program Files\Common Files\Java 2013-09-17 16:39 - 2013-09-17 16:39 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Java 2013-09-17 16:39 - 2013-09-17 16:38 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe 2013-09-17 16:39 - 2013-09-17 16:38 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe 2013-09-17 16:39 - 2013-09-17 16:38 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe 2013-09-17 16:39 - 2013-09-17 16:38 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll 2013-09-12 17:58 - 2013-09-12 17:58 - 00001594 _____ C:\WINDOWS\VPNInstall.MIF 2013-09-12 17:58 - 2013-09-12 17:58 - 00000000 ____D C:\Program Files\Common Files\Deterministic Networks 2013-09-12 17:58 - 2013-09-12 17:58 - 00000000 ____D C:\Program Files\Cisco Systems 2013-09-12 17:58 - 2013-09-12 17:58 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Cisco Systems VPN Client 2013-09-12 17:51 - 2013-09-12 17:54 - 00000000 ____D C:\Program Files\OpenVPN ==================== One Month Modified Files and Folders ======= 2013-10-03 00:02 - 2013-10-02 23:58 - 00000000 ____D C:\AdwCleaner 2013-10-03 00:02 - 2012-12-22 22:51 - 00000000 ____D C:\Documents and Settings\pawej\Moje dokumenty\Pobieranie 2013-10-03 00:01 - 2012-12-22 22:01 - 00331227 _____ C:\WINDOWS\WindowsUpdate.log 2013-10-02 23:56 - 2012-12-22 22:33 - 00000053 _____ C:\biosinfo 2013-10-02 23:56 - 2012-12-22 22:13 - 00000144 _____ C:\service.log 2013-10-02 23:55 - 2012-12-22 22:52 - 00000159 _____ C:\WINDOWS\wiadebug.log 2013-10-02 23:55 - 2012-12-22 22:52 - 00000000 _____ C:\WINDOWS\wiaservc.log 2013-10-02 23:55 - 2012-12-22 22:48 - 00000000 ____D C:\Documents and Settings\pawej\Dane aplikacji\GG 2013-10-02 23:54 - 2012-12-22 22:49 - 00000000 __RHD C:\Documents and Settings\All Users\Dane aplikacji 2013-10-02 23:54 - 2012-12-22 22:32 - 00043465 _____ C:\WINDOWS\system32\nvapps.xml 2013-10-02 23:54 - 2012-12-22 22:27 - 00017488 _____ (Windows (R) 2000 DDK provider) C:\WINDOWS\gdrv.sys 2013-10-02 23:54 - 2012-12-22 22:05 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2013-10-02 23:53 - 2013-06-15 09:30 - 00297544 _____ C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-S-1-5-21-2052111302-823518204-1417001333-1003-0.dat 2013-10-02 23:53 - 2013-06-15 09:30 - 00131250 _____ C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat 2013-10-02 23:53 - 2012-12-22 22:37 - 04932477 _____ C:\WINDOWS\{00000005-00000000-00000007-00001102-00000004-20021102}.CDF 2013-10-02 23:53 - 2012-12-22 22:37 - 04932477 _____ C:\WINDOWS\{00000005-00000000-00000007-00001102-00000004-20021102}.BAK 2013-10-02 23:53 - 2012-12-22 22:06 - 00000188 ___SH C:\Documents and Settings\pawej\ntuser.ini 2013-10-02 23:53 - 2012-12-22 22:06 - 00000000 ____D C:\Documents and Settings\pawej 2013-10-02 23:53 - 2012-12-22 22:05 - 00032632 _____ C:\WINDOWS\SchedLgU.Txt 2013-10-02 23:40 - 2012-12-22 22:06 - 00000000 __RHD C:\Documents and Settings\pawej\Dane aplikacji 2013-10-02 23:35 - 2013-10-02 23:35 - 00000000 ____D C:\Documents and Settings\pawej\Pulpit\Stare dane programu Firefox 2013-10-02 23:35 - 2012-12-22 22:06 - 00000000 ____D C:\Documents and Settings\pawej\Pulpit 2013-10-02 23:33 - 2013-01-08 01:33 - 00000000 ____D C:\Program Files\SweetIM 2013-10-02 23:33 - 2012-12-22 22:44 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2013-10-02 23:32 - 2012-12-22 22:06 - 00000000 ___RD C:\Documents and Settings\pawej\Moje dokumenty 2013-10-02 23:32 - 2012-12-22 22:06 - 00000000 ___RD C:\Documents and Settings\pawej\Menu Start\Programy 2013-10-02 23:30 - 2012-12-22 23:40 - 00000000 ____D C:\Program Files\DAEMON Tools Toolbar 2013-10-01 23:50 - 2013-03-18 23:48 - 00004469 _____ C:\Documents and Settings\pawej\Dane aplikacji\gns3.ini 2013-09-30 20:26 - 2013-09-30 20:26 - 00101404 _____ C:\Documents and Settings\pawej\Pulpit\OTL.Txt 2013-09-30 20:23 - 2013-09-30 20:23 - 00035171 _____ C:\Documents and Settings\pawej\Pulpit\FRST.txt 2013-09-30 17:24 - 2013-09-30 17:24 - 00000000 ____D C:\FRST 2013-09-30 16:13 - 2001-07-22 02:17 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl 2013-09-29 23:23 - 2013-03-28 17:17 - 00000000 ____D C:\WINDOWS\system32\NtmsData 2013-09-29 23:22 - 2012-12-22 21:58 - 00000000 ____D C:\WINDOWS\Registration 2013-09-29 22:41 - 2012-12-23 20:25 - 00000000 ____D C:\Documents and Settings\pawej\Dane aplikacji\Azureus 2013-09-29 12:33 - 2013-01-08 01:36 - 00000000 ____D C:\Documents and Settings\pawej\Dane aplikacji\Winamp 2013-09-29 07:10 - 2012-12-23 02:00 - 00001080 _____ C:\WINDOWS\system32\settingsbkup.sfm 2013-09-29 07:10 - 2012-12-23 02:00 - 00001080 _____ C:\WINDOWS\system32\settings.sfm 2013-09-27 00:23 - 2013-09-22 00:54 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Skype 2013-09-27 00:23 - 2012-12-22 22:49 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Start\Programy 2013-09-27 00:23 - 2012-12-22 22:49 - 00000000 ____D C:\Documents and Settings\All Users\Pulpit 2013-09-27 00:19 - 2012-12-22 22:49 - 00640400 _____ C:\WINDOWS\setupapi.log 2013-09-26 16:28 - 2012-12-22 21:58 - 00033518 _____ C:\WINDOWS\wmsetup.log 2013-09-24 21:34 - 2001-07-22 02:16 - 00000526 _____ C:\WINDOWS\win.ini 2013-09-24 21:34 - 2001-07-22 02:15 - 00000257 _____ C:\WINDOWS\system.ini 2013-09-23 23:48 - 2013-09-22 11:01 - 00000016 _____ C:\WINDOWS\system32\w3data.vss 2013-09-23 23:48 - 2013-09-22 11:01 - 00000016 _____ C:\WINDOWS\system32\msvcsv60.dll 2013-09-23 23:48 - 2013-09-22 11:01 - 00000016 _____ C:\WINDOWS\msocreg32.dat 2013-09-22 16:44 - 2013-09-22 09:54 - 00000663 _____ C:\Documents and Settings\pawej\Pulpit\cala w trawie.txt 2013-09-22 16:29 - 2013-09-22 00:54 - 00000000 ____D C:\Documents and Settings\pawej\Dane aplikacji\Skype 2013-09-22 14:07 - 2013-04-10 21:43 - 00000110 _____ C:\Documents and Settings\pawej\Moje dokumenty\ax_files.xml 2013-09-22 13:54 - 2013-07-22 06:22 - 00000000 ____D C:\Documents and Settings\pawej\Moje dokumenty\Alcohol 120% 2013-09-22 11:01 - 2013-09-22 11:01 - 00000565 _____ C:\Documents and Settings\All Users\Menu Start\Programy\AmpegSVX.lnk 2013-09-22 11:01 - 2013-09-22 11:01 - 00000000 ____D C:\Program Files\IK Multimedia 2013-09-22 11:01 - 2013-09-22 11:01 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\IK Multimedia 2013-09-22 11:01 - 2012-12-22 22:13 - 00000000 ___HD C:\Program Files\InstallShield Installation Information 2013-09-22 10:57 - 2013-09-22 10:41 - 00000000 ____D C:\Documents and Settings\pawej\Moje dokumenty\REAPER Media 2013-09-22 10:43 - 2013-09-22 10:32 - 00000000 ____D C:\Documents and Settings\pawej\Dane aplikacji\REAPER 2013-09-22 10:18 - 2013-09-22 10:18 - 00000562 _____ C:\Documents and Settings\All Users\Pulpit\REAPER.lnk 2013-09-22 10:18 - 2013-09-22 10:18 - 00000000 ____D C:\Program Files\Common Files\Propellerhead Software 2013-09-22 10:18 - 2013-09-22 10:18 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\REAPER 2013-09-22 10:15 - 2013-04-10 21:47 - 00000000 ____D C:\Documents and Settings\All Users\Dokumenty\FreeBurner 2013-09-22 00:14 - 2013-09-17 23:40 - 00000000 ____D C:\Program Files\Mozilla Firefox 2013-09-22 00:14 - 2012-12-22 22:06 - 00000000 ___HD C:\Documents and Settings\pawej\Ustawienia lokalne\Dane aplikacji 2013-09-22 00:13 - 2013-09-22 00:13 - 23003252 _____ C:\Documents and Settings\pawej\Moje dokumenty\vlc-2.0.8-win32.exe 2013-09-20 16:38 - 2013-09-20 16:23 - 00000000 ____D C:\Documents and Settings\pawej\Moje dokumenty\OpenTTD 2013-09-20 16:23 - 2013-09-20 16:23 - 00000815 _____ C:\Documents and Settings\All Users\Pulpit\OpenTTD.lnk 2013-09-20 16:23 - 2013-09-20 16:23 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\OpenTTD 2013-09-18 16:30 - 2012-12-22 22:41 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2013-09-18 06:04 - 2013-09-18 06:04 - 98106403 _____ C:\WINDOWS\system32\ඩ䶽咔; 2013-09-17 20:56 - 2013-09-17 20:56 - 00000000 _____ C:\WINDOWS\msicpl.ini 2013-09-17 16:39 - 2013-09-17 16:39 - 00000000 ____D C:\Program Files\Common Files\Java 2013-09-17 16:39 - 2013-09-17 16:39 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Java 2013-09-17 16:38 - 2013-09-17 16:39 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe 2013-09-17 16:38 - 2013-09-17 16:39 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe 2013-09-17 16:38 - 2013-09-17 16:39 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe 2013-09-17 16:38 - 2013-09-17 16:39 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll 2013-09-17 16:38 - 2012-12-23 22:39 - 00868264 _____ (Oracle Corporation) C:\WINDOWS\system32\npDeployJava1.dll 2013-09-17 16:38 - 2012-12-22 22:42 - 00790440 _____ (Oracle Corporation) C:\WINDOWS\system32\deployJava1.dll 2013-09-17 16:38 - 2012-12-22 22:42 - 00144896 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl 2013-09-17 16:38 - 2012-12-22 22:42 - 00000000 ____D C:\Program Files\Java 2013-09-17 16:37 - 2012-12-22 22:50 - 01254092 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2013-09-17 16:37 - 2001-10-26 20:15 - 00555448 _____ C:\WINDOWS\system32\perfh015.dat 2013-09-17 16:37 - 2001-10-26 20:15 - 00104478 _____ C:\WINDOWS\system32\perfc015.dat 2013-09-12 17:58 - 2013-09-12 17:58 - 00001594 _____ C:\WINDOWS\VPNInstall.MIF 2013-09-12 17:58 - 2013-09-12 17:58 - 00000000 ____D C:\Program Files\Common Files\Deterministic Networks 2013-09-12 17:58 - 2013-09-12 17:58 - 00000000 ____D C:\Program Files\Cisco Systems 2013-09-12 17:58 - 2013-09-12 17:58 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Cisco Systems VPN Client 2013-09-12 17:58 - 2012-12-22 22:49 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Start\Programy\Autostart 2013-09-12 17:54 - 2013-09-12 17:51 - 00000000 ____D C:\Program Files\OpenVPN 2013-09-11 01:33 - 2012-12-22 22:44 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2013-09-11 01:33 - 2012-12-22 22:44 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2013-09-09 10:54 - 2013-06-02 20:52 - 00632656 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr80.dll 2013-09-09 10:54 - 2013-06-02 20:52 - 00554832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp80.dll 2013-09-09 10:54 - 2013-06-02 20:52 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcm80.dll 2013-09-09 10:54 - 2013-06-02 20:52 - 00001870 _____ C:\WINDOWS\system32\Microsoft.VC80.CRT.manifest 2013-09-04 16:18 - 2013-04-03 16:43 - 00088840 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys 2013-09-04 06:46 - 2012-12-22 22:48 - 00000000 ____D C:\Documents and Settings\pawej\Ustawienia lokalne\Dane aplikacji\GG Some content of TEMP: ==================== C:\Documents and Settings\pawej\Ustawienia lokalne\Temp\AskSLib.dll C:\Documents and Settings\pawej\Ustawienia lokalne\Temp\AutoRun.exe C:\Documents and Settings\pawej\Ustawienia lokalne\Temp\AutoRunGUI.dll C:\Documents and Settings\pawej\Ustawienia lokalne\Temp\DelayInst.exe C:\Documents and Settings\pawej\Ustawienia lokalne\Temp\ggdrive-menu.exe C:\Documents and Settings\pawej\Ustawienia lokalne\Temp\ggdrive-overlay.exe C:\Documents and Settings\pawej\Ustawienia lokalne\Temp\installservice.exe C:\Documents and Settings\pawej\Ustawienia lokalne\Temp\installstats.exe C:\Documents and Settings\pawej\Ustawienia lokalne\Temp\mgsqlite3.dll C:\Documents and Settings\pawej\Ustawienia lokalne\Temp\nowegg.upgr.exe C:\Documents and Settings\pawej\Ustawienia lokalne\Temp\Quarantine.exe C:\Documents and Settings\pawej\Ustawienia lokalne\Temp\raptrpatch.exe C:\Documents and Settings\pawej\Ustawienia lokalne\Temp\Shortcut_bundlesweetimsetup.exe C:\Documents and Settings\pawej\Ustawienia lokalne\Temp\SIMEEI2Installer.exe C:\Documents and Settings\pawej\Ustawienia lokalne\Temp\SIMEEIInstaller.exe C:\Documents and Settings\pawej\Ustawienia lokalne\Temp\SIntf16.dll C:\Documents and Settings\pawej\Ustawienia lokalne\Temp\SIntf32.dll C:\Documents and Settings\pawej\Ustawienia lokalne\Temp\SIntfNT.dll C:\Documents and Settings\pawej\Ustawienia lokalne\Temp\uninst1.exe C:\Documents and Settings\pawej\Ustawienia lokalne\Temp\vpnclient_setup.exe C:\Documents and Settings\pawej\Ustawienia lokalne\Temp\wwfdist.exe ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe [2008-04-14 22:51] - [2008-04-14 22:51] - 1035264 ____A (Microsoft Corporation) c791ed9eac5e76d9525e157b1d7a599a C:\Windows\System32\winlogon.exe [2008-04-14 22:51] - [2008-04-14 22:51] - 0510464 ____A (Microsoft Corporation) 51fd2e13d723857b9ca239ae77150f48 C:\Windows\System32\svchost.exe [2008-04-14 22:51] - [2008-04-14 22:51] - 0014336 ____A (Microsoft Corporation) 8607d35d92528e2df386f19a960d23ce C:\Windows\System32\services.exe [2008-04-14 22:51] - [2008-04-14 22:51] - 0109056 ____A (Microsoft Corporation) 3e3ae424e27c4cefe4cab368c7b570ea C:\Windows\System32\User32.dll [2008-04-14 22:50] - [2008-04-14 22:50] - 0580096 ____A (Microsoft Corporation) a435c5c069afd901751ac323ad238793 C:\Windows\System32\userinit.exe [2008-04-14 22:51] - [2008-04-14 22:51] - 0026624 ____A (Microsoft Corporation) 2a5b37d520508be6570a3ea79695f5b5 C:\Windows\System32\Drivers\volsnap.sys [2008-04-14 21:31] - [2008-04-14 21:31] - 0052864 ____A (Microsoft Corporation) 56b191ac5fc0df219949c95a6c87afe7 ==================== End Of Log ============================