Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-01-2014 01
Ran by Piotrek (administrator) on PIOTR on 03-01-2014 15:51:15
Running from C:\Documents and Settings\Piotrek\Moje dokumenty\Pobieranie
Microsoft Windows XP Dodatek Service Pack 3 (X86) OS Language: Polish
Internet Explorer Version 8
Boot Mode: Normal

ATTENTION: If processes are not listed WMI should be repaired.


==================== Processes (Whitelisted) ===================


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [COMODO Internet Security] - C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [6756048 2012-11-08] (COMODO)
HKLM\...\Run: [Cm108Sound] - RunDll32 cm108.cpl,CMICtrlWnd
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] - RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
HKLM\...\Run: [nwiz] - C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2562848 2013-05-08] ()
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\qttask.exe [98304 2013-05-21] (Apple Computer, Inc.)
HKLM\...\Run: [CDAServer] - C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [332288 2010-12-17] ()
HKLM\...\Run: [Maple_S2P] - C:\Program Files\Samsung\Samsung CLX-216x Series\SPanel\PSU\Scan2pc.exe [253952 2007-01-16] ()
HKLM\...\Run: [Samsung PanelMgr] - C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe [536576 2008-06-05] ()
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [mobilegeni daemon] - C:\Program Files\Mobogenie\DaemonProcess.exe [761024 2013-12-13] ()
HKCU\...\Run: [zASRockInstantBoot] - [x]
HKCU\...\Run: [Facebook Update] - C:\Documents and Settings\Piotrek\Ustawienia lokalne\Dane aplikacji\Facebook\Update\FacebookUpdate.exe [138096 2013-10-09] (Facebook Inc.)
HKCU\...\Run: [] - [x]
HKCU\...\Run: [NextLive] - C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\Piotrek\Dane aplikacji\newnext.me\nengine.dll",EntryPoint -m l
MountPoints2: G - G:\LaunchU3.exe -a
MountPoints2: {099e10f6-c179-11e2-b47a-806d6172696f} - E:\ASRSetup.exe
MountPoints2: {8c53f6aa-5433-11e3-8351-00252240a70e} - G:\LaunchU3.exe -a
AppInit_DLLs: C:\WINDOWS\system32\guard32.dll [ 2012-11-08] (COMODO)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.aartemis.com/web/?type=ds&ts=1388752541&from=cor&uid=ST3500320AS_9QM6M7VZXXXX9QM6M7VZ&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.aartemis.com/web/?type=ds&ts=1388752541&from=cor&uid=ST3500320AS_9QM6M7VZXXXX9QM6M7VZ&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://aartemis.com/?type=sc&ts=1388752541&from=cor&uid=ST3500320AS_9QM6M7VZXXXX9QM6M7VZ
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.aartemis.com/web/?type=ds&ts=1388752541&from=cor&uid=ST3500320AS_9QM6M7VZXXXX9QM6M7VZ&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.aartemis.com/web/?type=ds&ts=1388752541&from=cor&uid=ST3500320AS_9QM6M7VZXXXX9QM6M7VZ&q={searchTerms}
BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - &Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1369071352562
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Piotrek\Dane aplikacji\Mozilla\Firefox\Profiles\g40uf7zm.default
FF Homepage: google.pl
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin - C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin: @real.com/nppl3260;version=6.0.12.69 - C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.69 - C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Documents and Settings\Piotrek\Ustawienia lokalne\Dane aplikacji\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\wolnelektury-pl.xml
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

========================== Services (Whitelisted) =================

R2 Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [1990464 2012-11-08] (COMODO)
R2 NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [3616768 2009-12-08] (Native Instruments GmbH)
R2 Wpm; C:\Documents and Settings\All Users\Dane aplikacji\WPM\wprotectmanager.exe [499856 2014-01-03] (Cherished Technololgy LIMITED)
R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf"

==================== Drivers (Whitelisted) ====================

R1 AmdK8; C:\Windows\System32\DRIVERS\AmdK8.sys [43520 2006-07-01] (Advanced Micro Devices)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [18096 2012-11-08] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [497952 2012-11-08] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [32640 2012-11-08] (COMODO)
R0 Inspect; C:\Windows\System32\DRIVERS\inspect.sys [99080 2012-11-08] (COMODO)
R3 NVENETFD; C:\Windows\System32\DRIVERS\NVENETFD.sys [54400 2008-03-25] (NVIDIA Corporation)
R0 nvgts; C:\Windows\System32\DRIVERS\nvgts.sys [145952 2008-08-18] (NVIDIA Corporation)
R3 nvnetbus; C:\Windows\System32\DRIVERS\nvnetbus.sys [22016 2008-03-25] (NVIDIA Corporation)
S3 rtl8139; C:\Windows\System32\DRIVERS\RTL8139.SYS [20992 2004-08-03] (Realtek Semiconductor Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [685816 2013-05-20] ()
R3 USBPNPA; C:\Windows\System32\drivers\CM108.sys [1511936 2011-03-15] (C-Media Electronics Inc)
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U1 WS2IFSL; 
U3 av9h252h; No ImagePath

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-03 15:50 - 2014-01-03 15:50 - 00000000 ____D C:\FRST
2014-01-03 13:37 - 2014-01-03 15:16 - 00000000 ____D C:\Documents and Settings\Piotrek\Dane aplikacji\newnext.me
2014-01-03 13:37 - 2014-01-03 13:39 - 00000000 ____D C:\Documents and Settings\Piotrek\Ustawienia lokalne\Dane aplikacji\Mobogenie
2014-01-03 13:37 - 2014-01-03 13:37 - 00000000 ____D C:\Program Files\GreenTree Applications
2014-01-03 13:37 - 2014-01-03 13:37 - 00000000 ____D C:\Documents and Settings\Piotrek\Ustawienia lokalne\Dane aplikacji\genienext
2014-01-03 13:37 - 2014-01-03 13:37 - 00000000 ____D C:\Documents and Settings\Piotrek\Ustawienia lokalne\Dane aplikacji\cache
2014-01-03 13:37 - 2014-01-03 13:37 - 00000000 ____D C:\Documents and Settings\Piotrek\Moje dokumenty\Mobogenie
2014-01-03 13:37 - 2014-01-03 13:37 - 00000000 ____D C:\Documents and Settings\Piotrek\.android
2014-01-03 13:37 - 2014-01-03 13:37 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\YTD Video Downloader
2014-01-03 13:37 - 2014-01-03 13:37 - 00000000 _____ C:\Documents and Settings\Piotrek\daemonprocess.txt
2014-01-03 13:36 - 2014-01-03 13:39 - 00000000 ____D C:\Program Files\Mobogenie
2014-01-03 13:35 - 2014-01-03 15:14 - 00000000 ____D C:\Documents and Settings\Piotrek\Dane aplikacji\aartemis
2014-01-03 13:35 - 2014-01-03 13:35 - 11616432 _____ C:\Documents and Settings\Piotrek\Moje dokumenty\YTDSetup.exe
2014-01-03 13:35 - 2014-01-03 13:35 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\WPM
2014-01-03 12:55 - 2014-01-03 15:26 - 00000000 ____D C:\AdwCleaner
2014-01-02 16:18 - 2011-05-04 17:26 - 72679424 _____ C:\Documents and Settings\Piotrek\Pulpit\DSCN3176.MOV
2014-01-01 19:43 - 2014-01-01 19:43 - 00088711 _____ C:\Documents and Settings\Piotrek\Pulpit\lody2.mp4
2014-01-01 19:42 - 2014-01-01 19:42 - 00000000 ____D C:\Documents and Settings\Piotrek\Ustawienia lokalne\Dane aplikacji\WMTools Downloaded Files
2014-01-01 19:41 - 2014-01-01 19:41 - 00000000 ___RD C:\Documents and Settings\All Users\Dokumenty\Moje wideo
2013-12-23 19:34 - 2014-01-01 19:50 - 00000000 ____D C:\Documents and Settings\Piotrek\Pulpit\elf
2013-12-20 17:38 - 2013-12-20 17:38 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-15 18:32 - 2013-12-15 18:32 - 00025600 _____ C:\Documents and Settings\Piotrek\Pulpit\tata płytki.xls
2013-12-15 16:57 - 2013-12-15 16:57 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Google Earth
2013-12-13 20:32 - 2013-12-13 20:32 - 00000757 _____ C:\Documents and Settings\All Users\Pulpit\Traktor.lnk
2013-12-13 20:32 - 2013-12-13 20:32 - 00000000 __HDC C:\Documents and Settings\All Users\Dane aplikacji\{849DD083-B349-4E44-A4E6-B8E8DCED3B0A}
2013-12-13 20:31 - 2013-12-13 20:31 - 00000861 _____ C:\Documents and Settings\All Users\Pulpit\Controller Editor.lnk
2013-12-13 20:31 - 2013-12-13 20:31 - 00000000 __HDC C:\Documents and Settings\All Users\Dane aplikacji\{D7CFB71A-972A-44FF-AE44-8780EB53ABB2}
2013-12-13 20:31 - 2013-12-13 20:31 - 00000000 __HDC C:\Documents and Settings\All Users\Dane aplikacji\{4E70D107-00B1-4793-A17B-C6B6D7EF3151}
2013-12-13 20:31 - 2013-12-13 20:31 - 00000000 ____D C:\Program Files\Native Instruments
2013-12-13 20:31 - 2013-12-13 20:31 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Native Instruments
2013-12-13 20:22 - 2013-12-13 20:33 - 00000000 ____D C:\Documents and Settings\Piotrek\Moje dokumenty\Native Instruments
2013-12-13 20:05 - 2013-12-13 20:17 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Native Instruments
2013-12-13 20:04 - 2013-12-13 20:31 - 00000000 ____D C:\Program Files\Common Files\Native Instruments
2013-12-12 22:49 - 2013-12-12 23:23 - 00065536 _____ C:\WINDOWS\system32\config\TuneUp.evt
2013-12-12 22:49 - 2013-12-12 22:49 - 00000000 ____D C:\Documents and Settings\Piotrek\Dane aplikacji\AVG
2013-12-12 22:47 - 2013-12-12 22:49 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\AVG
2013-12-12 22:47 - 2013-12-12 22:47 - 00000000 __SHD C:\Documents and Settings\All Users\Dane aplikacji\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2013-12-12 22:46 - 2013-12-12 22:46 - 00000000 ____D C:\Documents and Settings\Piotrek\Dane aplikacji\NapiProjekt
2013-12-12 16:44 - 2013-12-12 16:44 - 00012764 _____ C:\WINDOWS\KB2898785-IE8.log
2013-12-12 16:44 - 2013-12-12 16:44 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2898715$
2013-12-12 16:43 - 2013-12-12 16:43 - 00004820 _____ C:\WINDOWS\KB2904266.log
2013-12-12 16:43 - 2013-12-12 16:43 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2904266$
2013-12-12 16:31 - 2013-12-12 16:31 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893984$
2013-12-12 16:31 - 2013-12-12 16:31 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893294$
2013-12-12 16:31 - 2013-12-12 16:31 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2892075$
2013-12-12 16:29 - 2013-12-12 20:57 - 00012715 _____ C:\WINDOWS\KB2898715.log
2013-12-12 16:29 - 2013-12-12 17:00 - 00015452 _____ C:\WINDOWS\KB2893984.log
2013-12-12 16:29 - 2013-12-12 16:31 - 00008829 _____ C:\WINDOWS\KB2893294.log
2013-12-12 16:28 - 2013-12-12 17:00 - 00013685 _____ C:\WINDOWS\KB2892075.log

==================== One Month Modified Files and Folders =======

2014-01-03 15:51 - 2013-05-20 18:00 - 00000000 ____D C:\Documents and Settings\Piotrek\Moje dokumenty\Pobieranie
2014-01-03 15:50 - 2014-01-03 15:50 - 00000000 ____D C:\FRST
2014-01-03 15:46 - 2013-05-20 17:44 - 01474832 _____ C:\WINDOWS\system32\Drivers\sfi.dat
2014-01-03 15:39 - 2013-10-09 20:34 - 00001010 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1177238915-1078081533-839522115-1004UA.job
2014-01-03 15:26 - 2014-01-03 12:55 - 00000000 ____D C:\AdwCleaner
2014-01-03 15:17 - 2013-05-20 18:18 - 00017810 _____ C:\WINDOWS\system32\nvAppTimestamps
2014-01-03 15:17 - 2013-05-20 17:35 - 01236752 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-03 15:16 - 2014-01-03 13:37 - 00000000 ____D C:\Documents and Settings\Piotrek\Dane aplikacji\newnext.me
2014-01-03 15:16 - 2013-05-30 19:29 - 00001034 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-03 15:16 - 2013-05-20 19:27 - 00000159 _____ C:\WINDOWS\wiadebug.log
2014-01-03 15:16 - 2013-05-20 19:27 - 00000050 _____ C:\WINDOWS\wiaservc.log
2014-01-03 15:16 - 2013-05-20 17:39 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-03 15:15 - 2013-05-20 17:40 - 00000188 ___SH C:\Documents and Settings\Piotrek\ntuser.ini
2014-01-03 15:15 - 2013-05-20 17:39 - 00032534 _____ C:\WINDOWS\SchedLgU.Txt
2014-01-03 15:14 - 2014-01-03 13:35 - 00000000 ____D C:\Documents and Settings\Piotrek\Dane aplikacji\aartemis
2014-01-03 15:14 - 2013-05-20 17:40 - 00000803 _____ C:\Documents and Settings\Piotrek\Menu Start\Programy\Internet Explorer.lnk
2014-01-03 15:09 - 2013-06-25 07:39 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-01-03 13:39 - 2014-01-03 13:37 - 00000000 ____D C:\Documents and Settings\Piotrek\Ustawienia lokalne\Dane aplikacji\Mobogenie
2014-01-03 13:39 - 2014-01-03 13:36 - 00000000 ____D C:\Program Files\Mobogenie
2014-01-03 13:39 - 2013-05-20 17:40 - 00000000 ___RD C:\Documents and Settings\Piotrek\Menu Start\Programy
2014-01-03 13:39 - 2013-05-20 17:40 - 00000000 ____D C:\Documents and Settings\Piotrek\Pulpit
2014-01-03 13:37 - 2014-01-03 13:37 - 00000000 ____D C:\Program Files\GreenTree Applications
2014-01-03 13:37 - 2014-01-03 13:37 - 00000000 ____D C:\Documents and Settings\Piotrek\Ustawienia lokalne\Dane aplikacji\genienext
2014-01-03 13:37 - 2014-01-03 13:37 - 00000000 ____D C:\Documents and Settings\Piotrek\Ustawienia lokalne\Dane aplikacji\cache
2014-01-03 13:37 - 2014-01-03 13:37 - 00000000 ____D C:\Documents and Settings\Piotrek\Moje dokumenty\Mobogenie
2014-01-03 13:37 - 2014-01-03 13:37 - 00000000 ____D C:\Documents and Settings\Piotrek\.android
2014-01-03 13:37 - 2014-01-03 13:37 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\YTD Video Downloader
2014-01-03 13:37 - 2014-01-03 13:37 - 00000000 _____ C:\Documents and Settings\Piotrek\daemonprocess.txt
2014-01-03 13:37 - 2013-10-31 21:20 - 00000942 _____ C:\Documents and Settings\All Users\Pulpit\YTD Video Downloader.lnk
2014-01-03 13:37 - 2013-05-21 18:07 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\YTD Video Downloader
2014-01-03 13:37 - 2013-05-20 19:24 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Start\Programy
2014-01-03 13:37 - 2013-05-20 17:40 - 00000000 __RHD C:\Documents and Settings\Piotrek\Dane aplikacji
2014-01-03 13:37 - 2013-05-20 17:40 - 00000000 ___RD C:\Documents and Settings\Piotrek\Moje dokumenty
2014-01-03 13:37 - 2013-05-20 17:40 - 00000000 ___HD C:\Documents and Settings\Piotrek\Ustawienia lokalne\Dane aplikacji
2014-01-03 13:37 - 2013-05-20 17:40 - 00000000 ____D C:\Documents and Settings\Piotrek
2014-01-03 13:35 - 2014-01-03 13:35 - 11616432 _____ C:\Documents and Settings\Piotrek\Moje dokumenty\YTDSetup.exe
2014-01-03 13:35 - 2014-01-03 13:35 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\WPM
2014-01-03 13:35 - 2013-05-20 19:24 - 00000000 __RHD C:\Documents and Settings\All Users\Dane aplikacji
2014-01-03 12:56 - 2013-05-30 19:29 - 00001038 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-03 12:46 - 2013-08-01 20:11 - 00000000 ____D C:\Documents and Settings\Piotrek\Dane aplikacji\U3
2014-01-02 23:29 - 2013-05-20 19:27 - 00000000 ____D C:\Documents and Settings\Piotrek\Dane aplikacji\uTorrent
2014-01-02 17:33 - 2013-05-20 17:40 - 00000792 _____ C:\Documents and Settings\Piotrek\Menu Start\Programy\Windows Media Player.lnk
2014-01-02 17:33 - 2013-05-20 17:33 - 00022409 _____ C:\WINDOWS\wmsetup.log
2014-01-02 17:30 - 2013-05-21 17:54 - 00003270 _____ C:\WINDOWS\system32\qtplugin.log
2014-01-02 17:30 - 2013-05-21 17:54 - 00000000 ____D C:\WINDOWS\system32\QuickTime
2014-01-02 17:30 - 2013-05-21 17:54 - 00000000 ____D C:\Program Files\QuickTime
2014-01-02 10:31 - 2013-05-20 18:37 - 00000000 ____D C:\Documents and Settings\Piotrek\Dane aplikacji\TS3Client
2014-01-01 23:13 - 2013-05-20 18:35 - 00111616 _____ C:\Documents and Settings\Piotrek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-01 21:39 - 2013-10-09 20:34 - 00000988 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1177238915-1078081533-839522115-1004Core.job
2014-01-01 19:50 - 2013-12-23 19:34 - 00000000 ____D C:\Documents and Settings\Piotrek\Pulpit\elf
2014-01-01 19:43 - 2014-01-01 19:43 - 00088711 _____ C:\Documents and Settings\Piotrek\Pulpit\lody2.mp4
2014-01-01 19:42 - 2014-01-01 19:42 - 00000000 ____D C:\Documents and Settings\Piotrek\Ustawienia lokalne\Dane aplikacji\WMTools Downloaded Files
2014-01-01 19:41 - 2014-01-01 19:41 - 00000000 ___RD C:\Documents and Settings\All Users\Dokumenty\Moje wideo
2014-01-01 19:41 - 2013-05-20 19:24 - 00000000 ___RD C:\Documents and Settings\All Users\Dokumenty
2014-01-01 17:26 - 2006-03-02 13:00 - 00013646 _____ C:\WINDOWS\system32\wpa.dbl
2013-12-29 20:39 - 2013-05-20 18:43 - 00000000 ____D C:\Documents and Settings\Piotrek\Pulpit\Zdjecia z teelfonu
2013-12-28 15:01 - 2013-08-24 07:17 - 00000288 _____ C:\WINDOWS\Tasks\Registry Optimizer_DEFAULT.job
2013-12-25 16:46 - 2013-05-20 17:47 - 00000515 _____ C:\WINDOWS\system\Cm108.ini
2013-12-21 09:41 - 2013-05-31 10:35 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-12-20 17:38 - 2013-12-20 17:38 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-15 18:32 - 2013-12-15 18:32 - 00025600 _____ C:\Documents and Settings\Piotrek\Pulpit\tata płytki.xls
2013-12-15 16:57 - 2013-12-15 16:57 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Google Earth
2013-12-15 16:57 - 2013-05-30 19:29 - 00000000 ____D C:\Program Files\Google
2013-12-13 20:33 - 2013-12-13 20:22 - 00000000 ____D C:\Documents and Settings\Piotrek\Moje dokumenty\Native Instruments
2013-12-13 20:32 - 2013-12-13 20:32 - 00000757 _____ C:\Documents and Settings\All Users\Pulpit\Traktor.lnk
2013-12-13 20:32 - 2013-12-13 20:32 - 00000000 __HDC C:\Documents and Settings\All Users\Dane aplikacji\{849DD083-B349-4E44-A4E6-B8E8DCED3B0A}
2013-12-13 20:32 - 2013-05-20 19:24 - 00000000 ____D C:\Documents and Settings\All Users\Pulpit
2013-12-13 20:31 - 2013-12-13 20:31 - 00000861 _____ C:\Documents and Settings\All Users\Pulpit\Controller Editor.lnk
2013-12-13 20:31 - 2013-12-13 20:31 - 00000000 __HDC C:\Documents and Settings\All Users\Dane aplikacji\{D7CFB71A-972A-44FF-AE44-8780EB53ABB2}
2013-12-13 20:31 - 2013-12-13 20:31 - 00000000 __HDC C:\Documents and Settings\All Users\Dane aplikacji\{4E70D107-00B1-4793-A17B-C6B6D7EF3151}
2013-12-13 20:31 - 2013-12-13 20:31 - 00000000 ____D C:\Program Files\Native Instruments
2013-12-13 20:31 - 2013-12-13 20:31 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Native Instruments
2013-12-13 20:31 - 2013-12-13 20:04 - 00000000 ____D C:\Program Files\Common Files\Native Instruments
2013-12-13 20:28 - 2013-05-20 17:53 - 00038890 _____ C:\WINDOWS\DPINST.LOG
2013-12-13 20:22 - 2013-05-20 17:40 - 00000000 ___RD C:\Documents and Settings\Piotrek\Moje dokumenty\Moja muzyka
2013-12-13 20:17 - 2013-12-13 20:05 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Native Instruments
2013-12-13 20:05 - 2013-05-20 19:24 - 00954341 _____ C:\WINDOWS\setupapi.log
2013-12-12 23:23 - 2013-12-12 22:49 - 00065536 _____ C:\WINDOWS\system32\config\TuneUp.evt
2013-12-12 22:49 - 2013-12-12 22:49 - 00000000 ____D C:\Documents and Settings\Piotrek\Dane aplikacji\AVG
2013-12-12 22:49 - 2013-12-12 22:47 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\AVG
2013-12-12 22:47 - 2013-12-12 22:47 - 00000000 __SHD C:\Documents and Settings\All Users\Dane aplikacji\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2013-12-12 22:46 - 2013-12-12 22:46 - 00000000 ____D C:\Documents and Settings\Piotrek\Dane aplikacji\NapiProjekt
2013-12-12 22:46 - 2013-05-20 18:31 - 00000000 ____D C:\Program Files\NAPI-PROJEKT
2013-12-12 22:46 - 2013-05-20 18:31 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\NAPI-PROJEKT
2013-12-12 20:57 - 2013-12-12 16:29 - 00012715 _____ C:\WINDOWS\KB2898715.log
2013-12-12 17:01 - 2013-05-20 19:23 - 00142032 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-12-12 17:00 - 2013-12-12 16:29 - 00015452 _____ C:\WINDOWS\KB2893984.log
2013-12-12 17:00 - 2013-12-12 16:28 - 00013685 _____ C:\WINDOWS\KB2892075.log
2013-12-12 16:44 - 2013-12-12 16:44 - 00012764 _____ C:\WINDOWS\KB2898785-IE8.log
2013-12-12 16:44 - 2013-12-12 16:44 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2898715$
2013-12-12 16:44 - 2013-05-20 19:27 - 00197655 _____ C:\WINDOWS\updspapi.log
2013-12-12 16:44 - 2013-05-20 19:24 - 01081161 _____ C:\WINDOWS\FaxSetup.log
2013-12-12 16:44 - 2013-05-20 19:24 - 00525982 _____ C:\WINDOWS\ocgen.log
2013-12-12 16:44 - 2013-05-20 19:24 - 00416893 _____ C:\WINDOWS\tsoc.log
2013-12-12 16:44 - 2013-05-20 19:24 - 00370574 _____ C:\WINDOWS\comsetup.log
2013-12-12 16:44 - 2013-05-20 19:24 - 00222594 _____ C:\WINDOWS\ntdtcsetup.log
2013-12-12 16:44 - 2013-05-20 19:24 - 00171141 _____ C:\WINDOWS\iis6.log
2013-12-12 16:44 - 2013-05-20 19:24 - 00067482 _____ C:\WINDOWS\ocmsn.log
2013-12-12 16:44 - 2013-05-20 19:24 - 00054172 _____ C:\WINDOWS\msgsocm.log
2013-12-12 16:44 - 2013-05-20 19:24 - 00001393 _____ C:\WINDOWS\imsins.log
2013-12-12 16:44 - 2013-05-20 19:24 - 00001393 _____ C:\WINDOWS\imsins.BAK
2013-12-12 16:43 - 2013-12-12 16:43 - 00004820 _____ C:\WINDOWS\KB2904266.log
2013-12-12 16:43 - 2013-12-12 16:43 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2904266$
2013-12-12 16:43 - 2013-05-31 17:36 - 00019354 _____ C:\WINDOWS\system32\TZLog.log
2013-12-12 16:31 - 2013-12-12 16:31 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893984$
2013-12-12 16:31 - 2013-12-12 16:31 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893294$
2013-12-12 16:31 - 2013-12-12 16:31 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2892075$
2013-12-12 16:31 - 2013-12-12 16:29 - 00008829 _____ C:\WINDOWS\KB2893294.log
2013-12-12 16:31 - 2013-05-31 17:18 - 88123800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-12-11 20:09 - 2013-05-20 18:09 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2013-12-11 20:09 - 2013-05-20 18:09 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2013-12-09 21:20 - 2013-05-20 19:23 - 00177338 _____ C:\WINDOWS\setupact.log

Some content of TEMP:
====================
C:\Documents and Settings\Piotrek\Ustawienia lokalne\Temp\ACDSee.exe
C:\Documents and Settings\Piotrek\Ustawienia lokalne\Temp\jre-7u25-windows-i586-iftw.exe
C:\Documents and Settings\Piotrek\Ustawienia lokalne\Temp\jre-7u45-windows-i586-iftw.exe
C:\Documents and Settings\Piotrek\Ustawienia lokalne\Temp\NEventMessages.dll
C:\Documents and Settings\Piotrek\Ustawienia lokalne\Temp\NOSEventMessages.dll
C:\Documents and Settings\Piotrek\Ustawienia lokalne\Temp\Quarantine.exe
C:\Documents and Settings\Piotrek\Ustawienia lokalne\Temp\SHSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2006-03-02 13:00] - [2008-04-14 21:51] - 1035264 ____A (Microsoft Corporation) 

C:\Windows\System32\winlogon.exe
[2006-03-02 13:00] - [2008-04-14 21:51] - 0510464 ____A (Microsoft Corporation) 

C:\Windows\System32\svchost.exe
[2006-03-02 13:00] - [2008-04-14 21:51] - 0014336 ____A (Microsoft Corporation) 

C:\Windows\System32\services.exe
[2006-03-02 13:00] - [2009-02-09 12:25] - 0111104 ____A (Microsoft Corporation) 

C:\Windows\System32\User32.dll
[2006-03-02 13:00] - [2008-04-14 21:50] - 0580096 ____A (Microsoft Corporation) 

C:\Windows\System32\userinit.exe
[2006-03-02 13:00] - [2008-04-14 21:51] - 0026624 ____A (Microsoft Corporation) 

C:\Windows\System32\Drivers\volsnap.sys
[2006-03-02 13:00] - [2008-04-14 20:31] - 0052864 ____A (Microsoft Corporation) 


==================== End Of Log ============================