Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-10-2013 Ran by Kozakiewicz (administrator) on SATELLITE_A80 on 06-10-2013 21:40:35 Running from C:\Documents and Settings\Kozakiewicz\Pulpit Microsoft Windows XP Home Edition Dodatek Service Pack 3 (X86) OS Language: Polish Internet Explorer Version 8 Boot Mode: Normal ==================== Processes (Whitelisted) =================== (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe (TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jqs.exe (Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe (Raxco Software, Inc.) C:\Program Files\Raxco\PerfectDisk\PDAgent.exe () C:\WINDOWS\system32\PnkBstrA.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe (Agere Systems) C:\WINDOWS\AGRSMMSG.exe (COMPAL ELECTRONIC INC.) C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe (COMPAL ELECTRONIC INC.) C:\Program Files\TOSHIBA\TouchPad\TPTray.exe (TOSHIBA Corporation) C:\WINDOWS\system32\TPSMain.exe (TOSHIBA) C:\WINDOWS\system32\TCtrlIOHook.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apntex.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe (TOSHIBA Corporation) C:\WINDOWS\system32\TPSBattM.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Tvs\TvsTray.exe (TOSHIBA) C:\WINDOWS\system32\ZoomingHook.exe (TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe (Sonic Solutions) C:\WINDOWS\system32\dla\tfswctrl.exe (TOSHIBA) C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe () C:\Program Files\Winamp\Winampa.exe (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe (Intel Corporation) C:\WINDOWS\system32\igfxpers.exe (Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\AllShare\AllShareAgent.exe () C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (TOSHIBA) C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe (Dropbox, Inc.) C:\Documents and Settings\Kozakiewicz\Dane aplikacji\Dropbox\bin\Dropbox.exe (Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe () C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Opera Software) C:\Program Files\Opera\Opera.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Apoint] - C:\Program Files\Apoint2K\Apoint.exe [196608 2004-03-23] (Alps Electric Co., Ltd.) HKLM\...\Run: [AGRSMMSG] - C:\Windows\AGRSMMSG.exe [88363 2004-10-28] (Agere Systems) HKLM\...\Run: [CeEKEY] - C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe [667648 2004-11-29] (COMPAL ELECTRONIC INC.) HKLM\...\Run: [TPNF] - C:\Program Files\TOSHIBA\TouchPad\TPTray.exe [53248 2004-11-29] (COMPAL ELECTRONIC INC.) HKLM\...\Run: [TPSMain] - C:\Windows\system32\TPSMain.exe [266240 2004-12-17] (TOSHIBA Corporation) HKLM\...\Run: [TCtryIOHook] - C:\Windows\system32\TCtrlIOHook.exe [28672 2005-01-03] (TOSHIBA) HKLM\...\Run: [TFncKy] - TFncKy.exe HKLM\...\Run: [Tvs] - C:\Program Files\TOSHIBA\Tvs\TvsTray.exe [73728 2004-11-12] (TOSHIBA Corporation) HKLM\...\Run: [Zooming] - C:\Windows\system32\ZoomingHook.exe [24576 2004-07-14] (TOSHIBA) HKLM\...\Run: [HWSetup] - C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe [28672 2004-12-23] (TOSHIBA CO.,LTD.) HKLM\...\Run: [SVPWUTIL] - C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe [61440 2004-12-27] (TOSHIBA) HKLM\...\Run: [NDSTray.exe] - NDSTray.exe HKLM\...\Run: [dla] - C:\WINDOWS\system32\dla\tfswctrl.exe [122939 2004-08-03] (Sonic Solutions) HKLM\...\Run: [TOSHIBA Accessibility] - C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe [24576 2005-01-14] (TOSHIBA) HKLM\...\Run: [WinampAgent] - C:\Program Files\Winamp\Winampa.exe [12288 2003-04-02] () HKLM\...\Run: [NeroFilterCheck] - C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh) HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\qttask.exe [77824 2008-12-28] (Apple Computer, Inc.) HKLM\...\Run: [HotKeysCmds] - C:\WINDOWS\system32\hkcmd.exe [ ] () HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [39792 2008-10-15] (Adobe Systems Incorporated) HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.) HKLM\...\Run: [AllShareAgent] - C:\Program Files\Samsung\AllShare\AllShareAgent.exe [282512 2011-07-16] (Samsung Electronics Co., Ltd.) HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation) HKLM\...\Run: [LogitechQuickCamRibbon] - C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] () HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-05] (Avira Operations GmbH & Co. KG) HKCU\...\Run: [TOSCDSPD] - C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe [65536 2003-09-15] (TOSHIBA) MountPoints2: {e62aa5d9-cb86-11dd-ad3d-000e35de9b65} - E:\LaunchU3.exe -a HKU\Default User\...\Run: [TOSCDSPD] - C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe [ 2003-09-15] (TOSHIBA) HKU\Default User\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [ 2008-04-14] (Microsoft Corporation) HKU\Default User\...\RunOnce: [NeroHomeFirstStart] - C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe [ 2005-12-16] (Nero AG) Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation) Startup: C:\Documents and Settings\Kozakiewicz\Menu Start\Programy\Autostart\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Documents and Settings\Kozakiewicz\Dane aplikacji\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) BootExecute: PDBoot.exeautocheck autochk * ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://wyborcza.pl/0,0.html?p=014 HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://wyborcza.pl/0,0.html?p=014 SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {CE998BB3-D06A-4334-816D-4642042A2C62} URL = http://www.bing.com/search?FORM=UP22DF&PC=UP22&dt=040913&q={searchTerms}&src=IE-SearchBox BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions) BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) Toolbar: HKCU -&Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation) Toolbar: HKCU -&Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation) DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 62.179.1.63 62.179.1.62 FireFox: ======== FF ProfilePath: C:\Documents and Settings\Kozakiewicz\Dane aplikacji\Mozilla\Firefox\Profiles\g473oue5.default FF DefaultSearchEngine: Bing FF SearchEngineOrder.3: Bing FF SelectedSearchEngine: Bing FF Homepage: hxxp://wyborcza.pl/0,0.html?p=014 FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP22DF&PC=UP22&dt=040913&q= FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF Plugin: @idsoftware.com/QuakeLive - C:\Documents and Settings\All Users\Dane aplikacji\id Software\QuakeLive\npquakezero.dll (id Software Inc.) FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF SearchPlugin: C:\Documents and Settings\Kozakiewicz\Dane aplikacji\Mozilla\Firefox\Profiles\g473oue5.default\searchplugins\bingp.xml FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\Kozakiewicz\Dane aplikacji\Mozilla\Firefox\Profiles\g473oue5.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird ========================== Services (Whitelisted) ================= R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-09-05] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-05] (Avira Operations GmbH & Co. KG) R2 PDAgent; C:\Program Files\Raxco\PerfectDisk\PDAgent.exe [414984 2007-11-06] (Raxco Software, Inc.) S3 PDEngine; C:\Program Files\Raxco\PerfectDisk\PDEngine.exe [734472 2007-11-06] (Raxco Software, Inc.) R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [75064 2009-12-05] () S2 SamsungAllShareV2.0; C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [24992 2011-07-16] (Samsung Electronics Co., Ltd.) S3 SimpleSlideShowServer; C:\Program Files\Samsung\AllShare\AllShareSlideShowService.exe [27584 2011-07-16] (Samsung Electronics Co., Ltd.) R2 JavaQuickStarterService; "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf" ==================== Drivers (Whitelisted) ==================== R3 ALCXWDM; C:\Windows\System32\drivers\ALCXWDM.SYS [2284864 2004-10-27] (Realtek Semiconductor Corp.) S3 AR5211; C:\Windows\System32\DRIVERS\ar5211.sys [393600 2004-12-22] (Atheros Communications, Inc.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [88840 2013-09-05] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136672 2013-09-05] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-06-08] (Avira Operations GmbH & Co. KG) R0 DefragFS; C:\Windows\System32\Drivers\DefragFS.sys [68624 2007-10-22] (Raxco Software, Inc.) R2 drvnddm; C:\Windows\System32\drivers\drvnddm.sys [40448 2004-07-14] (Sonic Solutions) R1 EKECioCtl; C:\Program Files\TOSHIBA\E-KEY\EKECioCtl.sys [6144 2004-12-10] (TOAHIBA, ) S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [25280 2008-12-16] (LogMeIn, Inc.) R1 HWSCtrl; C:\Program Files\TOSHIBA\TOSHIBA Applet\HWS_IoDispatch.sys [6144 2004-12-11] () R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25752 2009-10-07] () S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation) R2 Netdevio; C:\Windows\System32\DRIVERS\netdevio.sys [12032 2003-01-29] (TOSHIBA Corporation.) S3 pepifilter; C:\Windows\System32\DRIVERS\lv302af.sys [13976 2009-05-01] (Logitech Inc.) S3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [2687512 2009-05-01] (Logitech Inc.) R3 Rasirda; C:\Windows\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation) R1 SerTVOutCtlr; C:\Windows\System32\drivers\EPIOMngr.sys [6400 2004-07-30] (COMPAL ELECTRONIC INC.) S3 SMCIRDA; C:\Windows\System32\DRIVERS\smcirda.sys [46080 2004-06-16] (SMSC) R1 SPCtl; C:\Program Files\Toshiba\Windows Utilities\spDispatch.sys [6144 2004-12-11] (TOSHIBA ) R1 SrvcEKIOMngr; C:\Program Files\TOSHIBA\E-KEY\EKIoMngr.sys [6400 2004-07-30] (COMPAL ELECTRONIC INC.) R1 SrvcSSIOMngr; C:\Program Files\TOSHIBA\E-KEY\SSIoMngr.sys [6400 2004-07-30] (COMPAL ELECTRONIC INC.) R1 sscdbhk5; C:\Windows\System32\drivers\sscdbhk5.sys [5627 2004-07-14] (Sonic Solutions) R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-06-08] (Avira GmbH) R1 ssrtln; C:\Windows\System32\drivers\ssrtln.sys [23545 2004-07-14] (Sonic Solutions) R1 StickyMesger; C:\Program Files\TOSHIBA\Accessibility\StickyMesger.sys [6144 2004-12-10] (TOSHIBA) R0 TCtrlIO; C:\Windows\System32\drivers\TCtrlIO.sys [6144 2004-12-11] (TOSHIBA ) R2 tfsnboio; C:\Windows\System32\dla\tfsnboio.sys [25723 2004-08-03] (Sonic Solutions) R2 tfsncofs; C:\Windows\System32\dla\tfsncofs.sys [34843 2004-08-03] (Sonic Solutions) R2 tfsndrct; C:\Windows\System32\dla\tfsndrct.sys [4123 2004-08-03] (Sonic Solutions) R2 tfsndres; C:\Windows\System32\dla\tfsndres.sys [2239 2004-08-03] (Sonic Solutions) R2 tfsnifs; C:\Windows\System32\dla\tfsnifs.sys [86138 2004-08-03] (Sonic Solutions) R2 tfsnopio; C:\Windows\System32\dla\tfsnopio.sys [14715 2004-08-03] (Sonic Solutions) R2 tfsnpool; C:\Windows\System32\dla\tfsnpool.sys [6363 2004-08-03] (Sonic Solutions) R2 tfsnudf; C:\Windows\System32\dla\tfsnudf.sys [98714 2004-08-03] (Sonic Solutions) R2 tfsnudfa; C:\Windows\System32\dla\tfsnudfa.sys [100603 2004-08-03] (Sonic Solutions) R1 TPECioCtl; C:\Program Files\TOSHIBA\TouchPad\TPECioCtl.sys [6144 2004-12-10] (TOAHIBA, ) R0 TPwSav; C:\Windows\System32\DRIVERS\TPwSav.sys [16128 2004-12-14] (TOSHIBA ) R3 Tvs; C:\Windows\System32\DRIVERS\Tvs.sys [29056 2004-11-26] (TOSHIBA Corporation) R3 w29n51; C:\Windows\System32\DRIVERS\w29n51.sys [2216064 2008-01-09] (Intel® Corporation) R3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [194362 2008-02-20] (Jungo) S3 XilinxFirmwareEmbeddedLpLoader; C:\Windows\System32\Drivers\xusb_emb.sys [17408 2008-02-20] (Xilinx, Inc.) S3 yukonwxp; C:\Windows\System32\DRIVERS\yk51x86.sys [224000 2004-11-26] (Marvell) S4 InCDFs; system32\drivers\InCDFs.sys [x] S1 InCDPass; system32\drivers\InCDPass.sys [x] S1 InCDRm; system32\drivers\InCDRm.sys [x] U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation) U5 Tosrfcom; C:\Windows\System32\Drivers\Tosrfcom.sys [62959 2004-04-20] (TOSHIBA Corporation) U1 WS2IFSL; ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-10-06 21:38 - 2013-10-06 21:38 - 01087213 _____ (Farbar) C:\Documents and Settings\Kozakiewicz\Pulpit\FRST.exe 2013-10-06 21:38 - 2013-10-06 21:38 - 00000000 ____D C:\FRST 2013-10-06 21:36 - 2013-10-06 21:36 - 00000000 ____D C:\Documents and Settings\Kozakiewicz\Pulpit\LOGI 2013-10-06 21:11 - 2013-10-06 21:11 - 00048664 _____ C:\Documents and Settings\Kozakiewicz\Pulpit\Extras.Txt 2013-10-06 21:10 - 2013-10-06 21:10 - 00077490 _____ C:\Documents and Settings\Kozakiewicz\Pulpit\OTL.Txt 2013-10-06 20:34 - 2013-10-06 20:34 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Kozakiewicz\Pulpit\OTL.exe 2013-10-06 20:10 - 2013-10-06 20:10 - 99477982 _____ C:\WINDOWS\system32\ꏾ馣囜; 2013-10-06 14:22 - 2013-10-06 14:22 - 00377856 _____ C:\Documents and Settings\Kozakiewicz\Pulpit\iid0godo.exe 2013-10-06 12:44 - 2013-10-06 12:44 - 99399748 _____ C:\WINDOWS\system32\ﵰ鐩囜; 2013-09-30 17:56 - 2013-09-30 17:56 - 98512375 _____ C:\WINDOWS\system32\礊ꅩ囜; 2013-09-29 21:46 - 2013-09-29 21:46 - 98466785 _____ C:\WINDOWS\system32\껞ԉ囜; 2013-09-29 00:49 - 2013-09-29 00:49 - 98442955 _____ C:\WINDOWS\system32\駨ꑍ囜; 2013-09-28 12:51 - 2013-09-28 12:51 - 98430869 _____ C:\WINDOWS\system32\ﬦ倂囜; 2013-09-27 21:32 - 2013-09-27 21:40 - 00014100 _____ C:\WINDOWS\KB2870699-IE8.log 2013-09-27 21:31 - 2013-09-27 21:31 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876315$ 2013-09-27 21:30 - 2013-09-27 21:30 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876217$ 2013-09-27 21:29 - 2013-09-27 21:29 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2864063$ 2013-09-23 19:16 - 2013-09-27 21:32 - 00012693 _____ C:\WINDOWS\KB2876315.log 2013-09-23 19:16 - 2013-09-27 21:30 - 00011656 _____ C:\WINDOWS\KB2876217.log 2013-09-23 19:15 - 2013-09-27 21:30 - 00011687 _____ C:\WINDOWS\KB2864063.log 2013-09-08 16:25 - 2013-09-08 16:25 - 96566691 _____ C:\WINDOWS\system32\䛟言囜; ==================== One Month Modified Files and Folders ======= 2013-10-06 21:38 - 2013-10-06 21:38 - 01087213 _____ (Farbar) C:\Documents and Settings\Kozakiewicz\Pulpit\FRST.exe 2013-10-06 21:38 - 2013-10-06 21:38 - 00000000 ____D C:\FRST 2013-10-06 21:38 - 2008-12-16 17:18 - 00000000 ____D C:\Documents and Settings\Kozakiewicz\Pulpit 2013-10-06 21:36 - 2013-10-06 21:36 - 00000000 ____D C:\Documents and Settings\Kozakiewicz\Pulpit\LOGI 2013-10-06 21:11 - 2013-10-06 21:11 - 00048664 _____ C:\Documents and Settings\Kozakiewicz\Pulpit\Extras.Txt 2013-10-06 21:10 - 2013-10-06 21:10 - 00077490 _____ C:\Documents and Settings\Kozakiewicz\Pulpit\OTL.Txt 2013-10-06 20:34 - 2013-10-06 20:34 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Kozakiewicz\Pulpit\OTL.exe 2013-10-06 20:34 - 2005-01-17 14:34 - 01899266 _____ C:\WINDOWS\WindowsUpdate.log 2013-10-06 20:10 - 2013-10-06 20:10 - 99477982 _____ C:\WINDOWS\system32\ꏾ馣囜; 2013-10-06 20:04 - 2013-03-23 16:34 - 00000000 ___RD C:\Documents and Settings\Kozakiewicz\Moje dokumenty\Dropbox 2013-10-06 20:04 - 2013-03-23 16:24 - 00000000 ____D C:\Documents and Settings\Kozakiewicz\Dane aplikacji\Dropbox 2013-10-06 19:50 - 2005-01-17 15:32 - 00000159 _____ C:\WINDOWS\wiadebug.log 2013-10-06 19:50 - 2005-01-17 15:32 - 00000050 _____ C:\WINDOWS\wiaservc.log 2013-10-06 19:50 - 2005-01-17 14:39 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2013-10-06 14:22 - 2013-10-06 14:22 - 00377856 _____ C:\Documents and Settings\Kozakiewicz\Pulpit\iid0godo.exe 2013-10-06 12:44 - 2013-10-06 12:44 - 99399748 _____ C:\WINDOWS\system32\ﵰ鐩囜; 2013-10-06 12:19 - 2005-01-17 14:22 - 00001158 _____ C:\WINDOWS\system32\wpa.dbl 2013-10-03 23:10 - 2008-12-16 17:18 - 00000188 ___SH C:\Documents and Settings\Kozakiewicz\ntuser.ini 2013-10-03 23:10 - 2005-01-17 14:39 - 00032516 _____ C:\WINDOWS\SchedLgU.Txt 2013-10-03 23:09 - 2008-12-16 17:18 - 00000000 ____D C:\Documents and Settings\Kozakiewicz 2013-10-03 23:08 - 2008-12-16 20:42 - 00000000 ____D C:\Documents and Settings\Kozakiewicz\Dane aplikacji\Skype 2013-09-30 17:56 - 2013-09-30 17:56 - 98512375 _____ C:\WINDOWS\system32\礊ꅩ囜; 2013-09-29 21:46 - 2013-09-29 21:46 - 98466785 _____ C:\WINDOWS\system32\껞ԉ囜; 2013-09-29 00:49 - 2013-09-29 00:49 - 98442955 _____ C:\WINDOWS\system32\駨ꑍ囜; 2013-09-28 16:04 - 2008-12-16 17:18 - 00000000 ___RD C:\Documents and Settings\Kozakiewicz\Moje dokumenty 2013-09-28 15:31 - 2009-09-24 21:28 - 00899983 _____ C:\WINDOWS\setupapi.log 2013-09-28 14:12 - 2005-01-17 15:28 - 00213613 _____ C:\WINDOWS\setupact.log 2013-09-28 12:51 - 2013-09-28 12:51 - 98430869 _____ C:\WINDOWS\system32\ﬦ倂囜; 2013-09-28 12:26 - 2005-01-17 15:28 - 00286112 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2013-09-27 21:40 - 2013-09-27 21:32 - 00014100 _____ C:\WINDOWS\KB2870699-IE8.log 2013-09-27 21:40 - 2008-12-24 13:09 - 00345264 _____ C:\WINDOWS\updspapi.log 2013-09-27 21:40 - 2005-01-17 15:29 - 01959203 _____ C:\WINDOWS\FaxSetup.log 2013-09-27 21:40 - 2005-01-17 15:29 - 00945574 _____ C:\WINDOWS\ocgen.log 2013-09-27 21:40 - 2005-01-17 15:29 - 00756242 _____ C:\WINDOWS\tsoc.log 2013-09-27 21:40 - 2005-01-17 15:29 - 00660647 _____ C:\WINDOWS\comsetup.log 2013-09-27 21:40 - 2005-01-17 15:29 - 00399110 _____ C:\WINDOWS\ntdtcsetup.log 2013-09-27 21:40 - 2005-01-17 15:29 - 00313626 _____ C:\WINDOWS\iis6.log 2013-09-27 21:40 - 2005-01-17 15:29 - 00122294 _____ C:\WINDOWS\ocmsn.log 2013-09-27 21:40 - 2005-01-17 15:29 - 00098050 _____ C:\WINDOWS\msgsocm.log 2013-09-27 21:40 - 2005-01-17 15:29 - 00001374 _____ C:\WINDOWS\imsins.log 2013-09-27 21:38 - 2009-06-04 11:18 - 00000000 ____D C:\WINDOWS\ie8updates 2013-09-27 21:32 - 2013-09-23 19:16 - 00012693 _____ C:\WINDOWS\KB2876315.log 2013-09-27 21:32 - 2005-01-17 15:29 - 00001374 _____ C:\WINDOWS\imsins.BAK 2013-09-27 21:31 - 2013-09-27 21:31 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876315$ 2013-09-27 21:30 - 2013-09-27 21:30 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876217$ 2013-09-27 21:30 - 2013-09-23 19:16 - 00011656 _____ C:\WINDOWS\KB2876217.log 2013-09-27 21:30 - 2013-09-23 19:15 - 00011687 _____ C:\WINDOWS\KB2864063.log 2013-09-27 21:29 - 2013-09-27 21:29 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2864063$ 2013-09-27 21:26 - 2013-08-16 22:09 - 00000000 ____D C:\WINDOWS\system32\MRT 2013-09-27 20:40 - 2008-12-25 21:52 - 76725432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2013-09-08 16:25 - 2013-09-08 16:25 - 96566691 _____ C:\WINDOWS\system32\䛟言囜; Some content of TEMP: ==================== C:\Documents and Settings\Kozakiewicz\Ustawienia lokalne\Temp\SkypeSetup.exe ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe [2005-01-17 14:22] - [2008-04-14 19:21] - 1035264 ____N (Microsoft Corporation) c791ed9eac5e76d9525e157b1d7a599a C:\Windows\System32\winlogon.exe [2005-01-17 14:22] - [2008-04-14 19:21] - 0510464 ____N (Microsoft Corporation) 51fd2e13d723857b9ca239ae77150f48 C:\Windows\System32\svchost.exe [2005-01-17 14:22] - [2008-04-14 19:21] - 0014336 ____N (Microsoft Corporation) 8607d35d92528e2df386f19a960d23ce C:\Windows\System32\services.exe [2005-01-17 14:22] - [2009-02-09 13:25] - 0111104 ____N (Microsoft Corporation) 02a467e27af55f7064c5b251e587315f C:\Windows\System32\User32.dll [2005-01-17 14:22] - [2008-04-14 19:20] - 0580096 ____N (Microsoft Corporation) a435c5c069afd901751ac323ad238793 C:\Windows\System32\userinit.exe [2005-01-17 14:22] - [2008-04-14 19:21] - 0026624 ____N (Microsoft Corporation) 2a5b37d520508be6570a3ea79695f5b5 C:\Windows\System32\Drivers\volsnap.sys [2005-01-17 14:22] - [2008-04-14 18:01] - 0052864 ____A (Microsoft Corporation) 56b191ac5fc0df219949c95a6c87afe7 ==================== End Of Log ============================