Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-01-2014 01 Ran by Darek (administrator) on HP_LAP on 03-01-2014 23:24:05 Running from C:\Documents and Settings\Darek\Moje dokumenty\Downloads Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polish Internet Explorer Version 8 Boot Mode: Normal ==================== Processes (Whitelisted) =================== (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe () C:\WINDOWS\system32\WLTRYSVC.EXE (Broadcom Corporation) C:\WINDOWS\system32\BCMWLTRY.EXE (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Agere Systems) C:\Program Files\LSI SoftModem\agrsmsvc.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE () C:\Program Files\CDBurnerXP\NMSAccessU.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation) C:\WINDOWS\system32\WLTRAY.EXE (Hewlett-Packard) C:\Program Files\Hp\HP Software Update\hpwuschd2.exe (Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe () C:\Program Files\Winamp\winampa.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Cyberlink Corp.) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Ask) C:\Program Files\Ask.com\Updater\Updater.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jucheck.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1430824 2009-08-21] (Synaptics Incorporated) HKLM\...\Run: [QlbCtrl.exe] - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe [287800 2010-02-25] ( Hewlett-Packard Development Company, L.P.) HKLM\...\Run: [Broadcom Wireless Manager UI] - C:\WINDOWS\system32\WLTRAY.EXE [2351104 2012-03-14] (Broadcom Corporation) HKLM\...\Run: [HP Software Update] - C:\Program Files\Hp\HP Software Update\hpwuschd2.exe [49208 2011-05-10] (Hewlett-Packard) HKLM\...\Run: [SoundMAXPnP] - C:\Program Files\Analog Devices\Core\smax4pnp.exe [1044480 2009-07-20] (Analog Devices, Inc.) HKLM\...\Run: [SoundMAX] - C:\Program Files\Analog Devices\SoundMAX\SMax4.exe [888832 2008-07-25] (Analog Devices, Inc.) HKLM\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [4241512 2012-03-07] (AVAST Software) HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.) HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [421736 2012-03-06] (Apple Inc.) HKLM\...\Run: [WinampAgent] - C:\Program Files\Winamp\winampa.exe [12288 2003-04-02] () HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated) HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM\...\Run: [RemoteControl] - C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [32768 2003-10-31] (Cyberlink Corp.) HKLM\...\Run: [NeroFilterCheck] - C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh) HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation) HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.) HKLM\...\Run: [] - [x] HKLM\...\Run: [ApnUpdater] - C:\Program Files\Ask.com\Updater\Updater.exe [1648264 2013-04-25] (Ask) HKLM\...\Run: [mobilegeni daemon] - C:\Program Files\Mobogenie\DaemonProcess.exe [761024 2013-12-13] () Winlogon\Notify\AtiExtEvent: C:\Windows\system32\Ati2evxx.dll (ATI Technologies Inc.) Winlogon\Notify\DeviceNP: C:\Windows\system32\DeviceNP.dll (Hewlett-Packard Limited) HKCU\...\Run: [Vidalia] - "C:\Documents and Settings\Darek\Pulpit\Tor Browser\App\vidalia.exe" HKCU\...\Run: [NextLive] - C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\Darek\Dane aplikacji\newnext.me\nengine.dll",EntryPoint -m l ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/ HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) SearchScopes: HKCU - {DCA8931A-F8A2-48C4-8DBE-8BC6D93D2A3D} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^PL&apn_uid=290F73DB-B067-48F7-810E-BF4DA161D313&apn_sauid=68346695-3AE4-4446-BB14-D1DADB61FF25 BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: IE5BarLauncherBHO Class - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files\StartSearch plugin\ssBarLcher.dll (StartSearch Inc.) BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) Toolbar: HKLM - StartSearchToolBar - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files\StartSearch plugin\ssBarLcher.dll (StartSearch Inc.) Toolbar: HKLM - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) Toolbar: HKCU - &Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) Toolbar: HKCU - &Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) Toolbar: HKCU - StartSearchToolBar - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files\StartSearch plugin\ssBarLcher.dll (StartSearch Inc.) Toolbar: HKCU - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation) ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation) Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Documents and Settings\Darek\Dane aplikacji\Mozilla\Firefox\Profiles\k2am8aku.default FF NetworkProxy: "type", 0 FF SelectedSearchEngine: Ask.com FF SearchEngineOrder.1: Ask.com FF DefaultSearchEngine: Ask.com FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll () FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin: @java.com/DTPlugin,version=10.13.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.13.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Documents and Settings\Darek\Dane aplikacji\Mozilla\Firefox\Profiles\k2am8aku.default\searchplugins\askcom.xml FF Extension: Ask Toolbar - C:\Documents and Settings\Darek\Dane aplikacji\Mozilla\Firefox\Profiles\k2am8aku.default\Extensions\toolbar@ask.com FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! WebRep - C:\Program Files\AVAST Software\Avast\WebRep\FF Chrome: ======= CHR Extension: (Google Docs) - C:\Documents and Settings\Darek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 CHR Extension: (Google Drive) - C:\Documents and Settings\Darek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 CHR Extension: (YouTube) - C:\Documents and Settings\Darek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Google Search) - C:\Documents and Settings\Darek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (AdBlock) - C:\Documents and Settings\Darek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.16_0 CHR Extension: (avast! WebRep) - C:\Documents and Settings\Darek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0 CHR Extension: (Google Wallet) - C:\Documents and Settings\Darek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0 CHR Extension: (LiveVDO plugin) - C:\Documents and Settings\Darek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pbiamblgmkgbcgbcgejjgebalncpmhnp\1.3_0 CHR Extension: (Gmail) - C:\Documents and Settings\Darek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1 CHR HKLM\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx CHR HKLM\...\Chrome\Extension: [pbiamblgmkgbcgbcgejjgebalncpmhnp] - C:\Program Files\StartSearch plugin\vshareplg.crx CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ========================== Services (Whitelisted) ================= R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [14336 2008-08-26] (Agere Systems) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [44768 2012-03-07] (AVAST Software) S3 FLCDLOCK; C:\WINDOWS\system32\flcdlock.exe [362040 2011-10-07] (Hewlett-Packard Ltd) S3 ImapiService; C:\WINDOWS\system32\imapihp.exe [155136 2012-03-14] (Microsoft Corporation) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation) R2 NMSAccess; C:\Program Files\CDBurnerXP\NMSAccessU.exe [71096 2010-03-04] () S4 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [635416 2010-03-06] (PDF Complete Inc) R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [2084864 2012-03-14] (Broadcom Corporation) R2 yksvc; C:\Windows\System32\yk51x86.dll [282624 2009-07-17] (Marvell) R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf" ==================== Drivers (Whitelisted) ==================== R1 Aavmker4; C:\Windows\System32\Drivers\Aavmker4.sys [24920 2012-03-07] (AVAST Software) R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [20696 2012-03-07] (AVAST Software) R2 aswMon2; C:\Windows\System32\Drivers\aswMon2.sys [95704 2012-03-07] (AVAST Software) R1 AswRdr; C:\Windows\System32\Drivers\AswRdr.sys [35672 2012-03-07] (AVAST Software) R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [612184 2012-03-07] (AVAST Software) R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [337880 2012-03-07] (AVAST Software) R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [53848 2012-03-07] (AVAST Software) R3 BCM43XX; C:\Windows\System32\DRIVERS\bcmwl5.sys [2696320 2012-03-14] (Broadcom Corporation) R2 BCMWLNPF; C:\Windows\System32\drivers\bcmwlnpf.sys [33664 2012-03-14] (CACE Technologies) R3 BTKRNL; C:\Windows\System32\DRIVERS\btkrnl.sys [991656 2009-01-14] (Broadcom Corporation.) R3 BTWUSB; C:\Windows\System32\Drivers\btwusb.sys [47272 2009-01-14] (Broadcom Corporation.) S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation) S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv.sys [32312 2011-10-07] (Hewlett-Packard Development Company L.P.) S3 ENTECH; C:\WINDOWS\system32\DRIVERS\ENTECH.sys [21664 2004-10-25] (EnTech Taiwan) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation) S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation) R0 SFAUDIO; C:\Windows\System32\drivers\sfaudio.sys [24064 2008-03-28] (Sonic Focus, Inc) R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1765168 2009-07-02] () R2 StarOpen; C:\Windows\System32\Drivers\StarOpen.sys [5504 2009-11-12] () R3 yukonwxp; C:\Windows\System32\DRIVERS\yk51x86.sys [297728 2009-07-17] (Marvell) S4 IntelIde; No ImagePath U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation) U1 WS2IFSL; ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-01-03 23:21 - 2014-01-03 23:21 - 00000000 ____D C:\FRST 2013-12-18 19:30 - 2013-12-18 19:30 - 00000000 ____D C:\Documents and Settings\Darek\.android 2013-12-18 19:29 - 2014-01-03 23:02 - 00000000 ____D C:\Documents and Settings\Darek\Dane aplikacji\newnext.me 2013-12-18 19:29 - 2013-12-18 19:48 - 00000000 ____D C:\Documents and Settings\Darek\Dane aplikacji\redsn0w 2013-12-18 19:29 - 2013-12-18 19:31 - 00000000 ____D C:\Documents and Settings\Darek\Ustawienia lokalne\Dane aplikacji\Mobogenie 2013-12-18 19:29 - 2013-12-18 19:29 - 00000000 ____D C:\Documents and Settings\Darek\Ustawienia lokalne\Dane aplikacji\genienext 2013-12-18 19:29 - 2013-12-18 19:29 - 00000000 ____D C:\Documents and Settings\Darek\Moje dokumenty\Mobogenie 2013-12-18 19:29 - 2013-12-18 19:29 - 00000000 _____ C:\Documents and Settings\Darek\daemonprocess.txt 2013-12-18 19:27 - 2013-12-18 19:31 - 00000000 ____D C:\Program Files\Mobogenie 2013-12-12 14:22 - 2013-12-12 14:23 - 00012742 _____ C:\WINDOWS\KB2898785-IE8.log 2013-12-12 14:22 - 2013-12-12 14:22 - 00004818 _____ C:\WINDOWS\KB2904266.log 2013-12-12 14:22 - 2013-12-12 14:22 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2904266$ 2013-12-12 14:22 - 2013-12-12 14:22 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2898715$ 2013-12-12 14:19 - 2013-12-12 14:19 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893294$ 2013-12-12 14:18 - 2013-12-12 14:18 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893984$ 2013-12-12 14:18 - 2013-12-12 14:18 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2892075$ 2013-12-11 18:10 - 2013-12-12 16:45 - 00012688 _____ C:\WINDOWS\KB2898715.log 2013-12-11 18:09 - 2013-12-12 16:45 - 00012477 _____ C:\WINDOWS\KB2893984.log 2013-12-11 18:09 - 2013-12-12 16:45 - 00011503 _____ C:\WINDOWS\KB2893294.log 2013-12-11 18:09 - 2013-12-12 16:45 - 00010708 _____ C:\WINDOWS\KB2892075.log 2013-12-10 17:53 - 2013-12-10 17:53 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Google Chrome 2013-12-10 17:51 - 2014-01-03 23:07 - 00001034 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2013-12-10 17:51 - 2014-01-03 23:01 - 00001030 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2013-12-06 01:13 - 2013-12-06 01:13 - 00000632 _____ C:\Documents and Settings\Darek\Menu Start\Programy\Anki.lnk ==================== One Month Modified Files and Folders ======= 2014-01-03 23:21 - 2014-01-03 23:21 - 00000000 ____D C:\FRST 2014-01-03 23:21 - 2013-02-06 19:06 - 00000234 _____ C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job 2014-01-03 23:21 - 2012-03-15 19:23 - 00000462 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{F06273C6-1F23-40BE-B89E-29AD5F74323B}.job 2014-01-03 23:13 - 2012-03-14 15:07 - 01520385 _____ C:\WINDOWS\WindowsUpdate.log 2014-01-03 23:11 - 2013-10-23 17:31 - 00000406 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job 2014-01-03 23:09 - 2012-09-20 14:23 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-01-03 23:07 - 2013-12-10 17:51 - 00001034 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-01-03 23:02 - 2013-12-18 19:29 - 00000000 ____D C:\Documents and Settings\Darek\Dane aplikacji\newnext.me 2014-01-03 23:02 - 2004-08-04 13:00 - 00013646 _____ C:\WINDOWS\system32\wpa.dbl 2014-01-03 23:01 - 2013-12-10 17:51 - 00001030 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-01-03 23:01 - 2012-03-14 15:55 - 00000050 _____ C:\WINDOWS\wiaservc.log 2014-01-03 23:01 - 2012-03-14 15:54 - 00000159 _____ C:\WINDOWS\wiadebug.log 2014-01-03 23:01 - 2012-03-14 15:49 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2014-01-03 23:01 - 2009-02-03 23:13 - 00121808 _____ C:\WINDOWS\system32\ativvaxx.cap 2014-01-03 03:08 - 2012-03-14 15:51 - 00000292 ___SH C:\Documents and Settings\Darek\ntuser.ini 2014-01-03 03:08 - 2012-03-14 15:49 - 00032418 _____ C:\WINDOWS\SchedLgU.Txt 2014-01-03 03:07 - 2012-03-14 15:51 - 00000000 ____D C:\Documents and Settings\Darek\Pulpit 2014-01-02 17:26 - 2012-03-14 18:13 - 00000000 ____D C:\Documents and Settings\Darek\Ustawienia lokalne\Dane aplikacji\AskToolbar 2013-12-27 16:51 - 2012-03-14 15:47 - 01009903 _____ C:\WINDOWS\setupapi.log 2013-12-27 16:32 - 2012-03-14 15:48 - 01158260 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2013-12-27 16:32 - 2004-08-04 13:00 - 00526254 _____ C:\WINDOWS\system32\perfh015.dat 2013-12-27 16:32 - 2004-08-04 13:00 - 00100154 _____ C:\WINDOWS\system32\perfc015.dat 2013-12-25 15:56 - 2012-03-14 15:47 - 00222234 _____ C:\WINDOWS\setupact.log 2013-12-20 22:16 - 2012-03-28 20:33 - 00001065 _____ C:\WINDOWS\winamp.ini 2013-12-19 02:06 - 2012-04-30 21:25 - 00000000 ____D C:\Documents and Settings\Darek\Moje dokumenty\Anki 2013-12-18 19:48 - 2013-12-18 19:29 - 00000000 ____D C:\Documents and Settings\Darek\Dane aplikacji\redsn0w 2013-12-18 19:31 - 2013-12-18 19:29 - 00000000 ____D C:\Documents and Settings\Darek\Ustawienia lokalne\Dane aplikacji\Mobogenie 2013-12-18 19:31 - 2013-12-18 19:27 - 00000000 ____D C:\Program Files\Mobogenie 2013-12-18 19:31 - 2012-03-14 15:51 - 00000000 ___RD C:\Documents and Settings\Darek\Menu Start\Programy 2013-12-18 19:30 - 2013-12-18 19:30 - 00000000 ____D C:\Documents and Settings\Darek\.android 2013-12-18 19:30 - 2012-03-14 18:13 - 00000000 ____D C:\Documents and Settings\Darek\Ustawienia lokalne\Dane aplikacji\cache 2013-12-18 19:30 - 2012-03-14 15:51 - 00000000 ____D C:\Documents and Settings\Darek 2013-12-18 19:29 - 2013-12-18 19:29 - 00000000 ____D C:\Documents and Settings\Darek\Ustawienia lokalne\Dane aplikacji\genienext 2013-12-18 19:29 - 2013-12-18 19:29 - 00000000 ____D C:\Documents and Settings\Darek\Moje dokumenty\Mobogenie 2013-12-18 19:29 - 2013-12-18 19:29 - 00000000 _____ C:\Documents and Settings\Darek\daemonprocess.txt 2013-12-18 19:29 - 2012-03-14 15:51 - 00000000 __RHD C:\Documents and Settings\Darek\Dane aplikacji 2013-12-18 19:29 - 2012-03-14 15:51 - 00000000 ___RD C:\Documents and Settings\Darek\Moje dokumenty 2013-12-18 19:29 - 2012-03-14 15:51 - 00000000 ___HD C:\Documents and Settings\Darek\Ustawienia lokalne\Dane aplikacji 2013-12-12 16:45 - 2013-12-11 18:10 - 00012688 _____ C:\WINDOWS\KB2898715.log 2013-12-12 16:45 - 2013-12-11 18:09 - 00012477 _____ C:\WINDOWS\KB2893984.log 2013-12-12 16:45 - 2013-12-11 18:09 - 00011503 _____ C:\WINDOWS\KB2893294.log 2013-12-12 16:45 - 2013-12-11 18:09 - 00010708 _____ C:\WINDOWS\KB2892075.log 2013-12-12 16:43 - 2012-03-14 15:47 - 00290888 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2013-12-12 14:23 - 2013-12-12 14:22 - 00012742 _____ C:\WINDOWS\KB2898785-IE8.log 2013-12-12 14:23 - 2012-03-15 19:04 - 00000000 ____D C:\WINDOWS\ie8updates 2013-12-12 14:23 - 2012-03-14 18:35 - 00263713 _____ C:\WINDOWS\updspapi.log 2013-12-12 14:23 - 2012-03-14 15:48 - 02278259 _____ C:\WINDOWS\FaxSetup.log 2013-12-12 14:23 - 2012-03-14 15:48 - 01111684 _____ C:\WINDOWS\ocgen.log 2013-12-12 14:23 - 2012-03-14 15:48 - 01046534 _____ C:\WINDOWS\tsoc.log 2013-12-12 14:23 - 2012-03-14 15:48 - 00717626 _____ C:\WINDOWS\msmqinst.log 2013-12-12 14:23 - 2012-03-14 15:48 - 00646957 _____ C:\WINDOWS\comsetup.log 2013-12-12 14:23 - 2012-03-14 15:48 - 00477126 _____ C:\WINDOWS\iis6.log 2013-12-12 14:23 - 2012-03-14 15:48 - 00399351 _____ C:\WINDOWS\netfxocm.log 2013-12-12 14:23 - 2012-03-14 15:48 - 00390355 _____ C:\WINDOWS\ntdtcsetup.log 2013-12-12 14:23 - 2012-03-14 15:48 - 00160954 _____ C:\WINDOWS\MedCtrOC.log 2013-12-12 14:23 - 2012-03-14 15:48 - 00119675 _____ C:\WINDOWS\ocmsn.log 2013-12-12 14:23 - 2012-03-14 15:48 - 00118910 _____ C:\WINDOWS\tabletoc.log 2013-12-12 14:23 - 2012-03-14 15:48 - 00113973 _____ C:\WINDOWS\msgsocm.log 2013-12-12 14:23 - 2012-03-14 15:48 - 00001393 _____ C:\WINDOWS\imsins.log 2013-12-12 14:22 - 2013-12-12 14:22 - 00004818 _____ C:\WINDOWS\KB2904266.log 2013-12-12 14:22 - 2013-12-12 14:22 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2904266$ 2013-12-12 14:22 - 2013-12-12 14:22 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2898715$ 2013-12-12 14:22 - 2013-08-15 16:23 - 00000000 ____D C:\WINDOWS\system32\MRT 2013-12-12 14:22 - 2012-03-14 18:39 - 00035234 _____ C:\WINDOWS\system32\TZLog.log 2013-12-12 14:22 - 2012-03-14 15:48 - 00001393 _____ C:\WINDOWS\imsins.BAK 2013-12-12 14:19 - 2013-12-12 14:19 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893294$ 2013-12-12 14:19 - 2012-03-15 16:37 - 88123800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2013-12-12 14:18 - 2013-12-12 14:18 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893984$ 2013-12-12 14:18 - 2013-12-12 14:18 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2892075$ 2013-12-11 21:09 - 2012-05-14 15:59 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2013-12-11 21:09 - 2012-03-15 16:41 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2013-12-11 01:44 - 2012-03-14 15:47 - 00000000 ____D C:\Documents and Settings\All Users\Pulpit 2013-12-10 17:53 - 2013-12-10 17:53 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Google Chrome 2013-12-10 17:53 - 2012-03-14 18:13 - 00000000 ____D C:\Documents and Settings\Darek\Ustawienia lokalne\Dane aplikacji\Google 2013-12-10 17:53 - 2012-03-14 15:47 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Start\Programy 2013-12-10 17:52 - 2012-03-20 22:29 - 00000000 ____D C:\Program Files\Google 2013-12-10 17:50 - 2012-03-14 18:13 - 00000000 ____D C:\Documents and Settings\Darek\Ustawienia lokalne\Dane aplikacji\Deployment 2013-12-07 04:31 - 2012-03-14 17:06 - 00000000 _____ C:\Documents and Settings\Darek\Ustawienia lokalne\Dane aplikacji\FnF4.txt 2013-12-06 01:14 - 2012-04-30 21:23 - 00000000 ____D C:\Program Files\Anki 2013-12-06 01:13 - 2013-12-06 01:13 - 00000632 _____ C:\Documents and Settings\Darek\Menu Start\Programy\Anki.lnk 2013-12-05 19:08 - 2012-04-01 15:41 - 00002539 _____ C:\Documents and Settings\Darek\Pulpit\Microsoft Office Word 2003.lnk Some content of TEMP: ==================== C:\Documents and Settings\Darek\Ustawienia lokalne\Temp\APNStub.exe C:\Documents and Settings\Darek\Ustawienia lokalne\Temp\AVG.exe C:\Documents and Settings\Darek\Ustawienia lokalne\Temp\chutil.dll C:\Documents and Settings\Darek\Ustawienia lokalne\Temp\jre-7u13-windows-i586-iftw.exe C:\Documents and Settings\Darek\Ustawienia lokalne\Temp\jre-7u25-windows-i586-iftw.exe C:\Documents and Settings\Darek\Ustawienia lokalne\Temp\setup.exe C:\Documents and Settings\Darek\Ustawienia lokalne\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe [2004-08-04 13:00] - [2008-04-14 22:51] - 1035264 ____A (Microsoft Corporation) c791ed9eac5e76d9525e157b1d7a599a C:\Windows\System32\winlogon.exe [2004-08-04 13:00] - [2008-04-14 22:51] - 0510464 ____A (Microsoft Corporation) 51fd2e13d723857b9ca239ae77150f48 C:\Windows\System32\svchost.exe [2004-08-04 13:00] - [2008-04-14 22:51] - 0014336 ____A (Microsoft Corporation) 8607d35d92528e2df386f19a960d23ce C:\Windows\System32\services.exe [2004-08-04 13:00] - [2009-02-09 12:25] - 0111104 ____A (Microsoft Corporation) 02a467e27af55f7064c5b251e587315f C:\Windows\System32\User32.dll [2004-08-04 13:00] - [2008-04-14 22:50] - 0580096 ____A (Microsoft Corporation) a435c5c069afd901751ac323ad238793 C:\Windows\System32\userinit.exe [2004-08-04 13:00] - [2008-04-14 22:51] - 0026624 ____A (Microsoft Corporation) 2a5b37d520508be6570a3ea79695f5b5 C:\Windows\System32\Drivers\volsnap.sys [2004-08-04 13:00] - [2008-04-14 21:31] - 0052864 ____A (Microsoft Corporation) 56b191ac5fc0df219949c95a6c87afe7 ==================== End Of Log ============================