Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 17-01-2014 02 Ran by Kacper (administrator) on KOMPUTEREK on 19-01-2014 17:58:01 Running from C:\Documents and Settings\Kacper\Moje dokumenty\Downloads Microsoft Windows XP Home Edition Dodatek Service Pack 3 (X86) OS Language: Polish Internet Explorer Version 8 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) =================== (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (StarWind Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe (Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe (Opera Software) C:\Program Files\Opera\18.0.1284.68\opera.exe () C:\Program Files\Opera\18.0.1284.68\opera_crashreporter.exe (Opera Software) C:\Program Files\Opera\18.0.1284.68\opera.exe (Opera Software) C:\Program Files\Opera\18.0.1284.68\opera.exe (Opera Software) C:\Program Files\Opera\18.0.1284.68\opera.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDCPL] - C:\Windows\RTHDCPL.EXE [20143688 2013-03-12] (Realtek Semiconductor Corp.) HKLM\...\Run: [NvCplDaemon] - C:\WINDOWS\system32\NvCpl.dll [15711008 2013-11-11] (NVIDIA Corporation) HKLM\...\Run: [NvMediaCenter] - C:\Windows\system32\NvMCTray.dll [209184 2013-11-11] (NVIDIA Corporation) HKLM\...\Run: [nwiz] - C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2602784 2013-11-11] () HKLM\...\Run: [Nvtmru] - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-08] (NVIDIA Corporation) HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5110672 2013-09-12] (ESET) HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.) HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.) HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.) HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd) HKCU\...\Run: [AlcoholAutomount] - C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team) HKCU\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation) MountPoints2: {23265c40-56b6-11e3-b5d2-806d6172696f} - J:\AutoRun.exe --autorun MountPoints2: {d3eec0d4-56ac-11e3-b0da-001fd0018e28} - I:\autorun.exe AppInit_DLLs: [ ] () Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\McAfee Security Scan Plus.lnk ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe (McAfee, Inc.) ==================== Internet (Whitelisted) ==================== ProxyEnable: Internet Explorer proxy is enabled. ProxyServer: http=127.0.0.1:8555;https=127.0.0.1:8555 SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.) BHO: BitComet Helper - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKCU - &Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation) Toolbar: HKCU - &Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 95.160.170.92 88.156.222.92 82.139.8.40 Tcpip\..\Interfaces\{12C4924D-EFE3-4348-A085-C397A0883E87}: [NameServer]8.8.8.8 Chrome: ======= CHR Extension: (Dokumenty Google) - C:\Documents and Settings\Kacper\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-08] CHR Extension: (Dysk Google) - C:\Documents and Settings\Kacper\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-08] CHR Extension: (YouTube) - C:\Documents and Settings\Kacper\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-08] CHR Extension: (Szukaj w Google) - C:\Documents and Settings\Kacper\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-08] CHR Extension: (AdBlock) - C:\Documents and Settings\Kacper\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-01-08] CHR Extension: (Google Wallet) - C:\Documents and Settings\Kacper\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-25] CHR Extension: (Gmail) - C:\Documents and Settings\Kacper\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-08] ========================== Services (Whitelisted) ================= S2 AxAutoMntSrv; C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team) R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [1337752 2013-09-12] (ESET) R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-01-08] (Oracle Corporation) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [235216 2013-09-06] (McAfee, Inc.) R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) ==================== Drivers (Whitelisted) ==================== S3 Ambfilt; C:\Windows\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative) S3 BrScnUsb; C:\Windows\System32\DRIVERS\BrScnUsb.sys [15295 2004-10-15] (Brother Industries Ltd.) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2013-11-26] (Disc Soft Ltd) R1 eamon; C:\Windows\System32\DRIVERS\eamon.sys [184664 2013-09-17] (ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [134248 2013-09-17] (ESET) R1 epfwtdir; C:\Windows\System32\DRIVERS\epfwtdir.sys [118768 2013-09-17] (ESET) S3 Monfilt; C:\Windows\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [320120 2013-11-26] (Duplex Secure Ltd.) U3 aqxdha88; C:\Windows\System32\Drivers\aqxdha88.sys [0 ] (Microsoft Corporation) U3 av0hgs7f; C:\Windows\System32\Drivers\av0hgs7f.sys [0 ] (Microsoft Corporation) S4 IntelIde; No ImagePath U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation) S3 taphss; system32\DRIVERS\taphss.sys [x] U1 WS2IFSL; ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-01-19 13:43 - 2014-01-19 17:46 - 00020023 _____ C:\WINDOWS\setupapi.log 2014-01-19 13:28 - 2014-01-19 13:28 - 00000000 ____D C:\Documents and Settings\Kacper\Pulpit\ht 2014-01-18 16:33 - 2014-01-18 16:33 - 02419254 _____ C:\Documents and Settings\Kacper\Pulpit\JA buty.bmp 2014-01-18 16:06 - 2014-01-18 16:06 - 00000682 _____ C:\Documents and Settings\All Users\Pulpit\CCleaner.lnk 2014-01-18 16:06 - 2014-01-18 16:06 - 00000000 ____D C:\Program Files\CCleaner 2014-01-18 16:06 - 2014-01-18 16:06 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\CCleaner 2014-01-18 14:42 - 2014-01-18 14:42 - 00000740 _____ C:\Documents and Settings\Kacper\Pulpit\Eusing Free Registry Cleaner.lnk 2014-01-18 14:42 - 2014-01-18 14:42 - 00000000 ____D C:\Program Files\Eusing Free Registry Cleaner 2014-01-18 14:42 - 2014-01-18 14:42 - 00000000 ____D C:\Documents and Settings\Kacper\Menu Start\Programy\Free Registry Cleaner 2014-01-18 14:42 - 2014-01-18 14:42 - 00000000 ____D C:\Documents and Settings\Kacper\Dane aplikacji\Eusing 2014-01-18 14:35 - 2014-01-18 14:35 - 00000976 _____ C:\Documents and Settings\Kacper\Pulpit\Nowy Dokument tekstowy.txt 2014-01-17 21:52 - 2014-01-17 21:52 - 00000000 ____D C:\FRST 2014-01-16 16:57 - 2014-01-16 16:57 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2884256$ 2014-01-16 16:56 - 2014-01-16 16:56 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2914368$ 2014-01-14 21:18 - 2014-01-16 20:48 - 00153246 _____ C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat 2014-01-14 21:18 - 2014-01-16 20:48 - 00153246 _____ C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-S-1-5-21-1801674531-448539723-725345543-1004-0.dat 2014-01-14 20:41 - 2013-08-29 01:56 - 00026240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbser.sys 2014-01-14 20:41 - 2013-08-29 01:56 - 00026240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys 2014-01-14 20:33 - 2014-01-14 20:33 - 00000000 ____D C:\Program Files\The Weather Channel 2014-01-14 20:33 - 2013-09-20 08:50 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp71.dll 2014-01-14 20:33 - 2013-09-20 08:50 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr71.dll 2014-01-14 20:32 - 2014-01-14 20:32 - 00000000 ____D C:\Program Files\GreenTree Applications 2014-01-08 17:22 - 2014-01-18 14:36 - 00001819 _____ C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk 2014-01-08 17:22 - 2014-01-08 17:22 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Google Chrome 2014-01-08 17:20 - 2014-01-19 17:54 - 00001032 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-01-08 17:20 - 2014-01-19 17:30 - 00001036 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-01-08 17:19 - 2014-01-08 17:19 - 00819176 _____ (Google Inc.) C:\Documents and Settings\Kacper\Moje dokumenty\ChromeSetup.exe 2014-01-08 17:17 - 2014-01-08 17:17 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe 2014-01-08 17:17 - 2014-01-08 17:17 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe 2014-01-08 17:17 - 2014-01-08 17:17 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe 2014-01-08 17:17 - 2014-01-08 17:17 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl 2014-01-08 17:17 - 2014-01-08 17:17 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll 2014-01-08 17:17 - 2014-01-08 17:17 - 00000000 ____D C:\Program Files\Java 2014-01-08 17:17 - 2014-01-08 17:17 - 00000000 ____D C:\Program Files\Common Files\Java 2014-01-08 17:17 - 2014-01-08 17:17 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Java 2014-01-08 17:06 - 2014-01-08 17:06 - 00000000 ____D C:\Documents and Settings\LocalService\Pulpit 2014-01-08 17:06 - 2014-01-08 17:06 - 00000000 ____D C:\Documents and Settings\LocalService\Menu Start\Programy 2014-01-08 17:06 - 2014-01-08 17:06 - 00000000 ____D C:\Documents and Settings\LocalService\Menu Start 2014-01-08 17:06 - 2014-01-08 17:06 - 00000000 ____D C:\Documents and Settings\LocalService\Dane aplikacji\Hotspot Shield 2014-01-08 15:33 - 2014-01-08 17:33 - 00000000 ____D C:\Program Files\Opera 2014-01-08 15:33 - 2014-01-08 15:33 - 00000669 _____ C:\Documents and Settings\All Users\Pulpit\Opera.lnk 2014-01-08 15:33 - 2014-01-08 15:33 - 00000669 _____ C:\Documents and Settings\All Users\Menu Start\Programy\Opera.lnk 2014-01-04 13:37 - 2014-01-04 13:37 - 00000000 __SHD C:\Documents and Settings\Kacper\PrivacIE 2014-01-04 13:19 - 2014-01-08 17:01 - 00000000 ____D C:\AdwCleaner 2014-01-03 23:11 - 2014-01-03 23:13 - 00000000 ____D C:\Documents and Settings\Kacper\Dane aplikacji\Apple Computer 2014-01-03 23:11 - 2014-01-03 23:11 - 00000000 ____D C:\Documents and Settings\Kacper\Ustawienia lokalne\Dane aplikacji\Apple Computer 2014-01-03 23:11 - 2014-01-03 23:11 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\iTunes 2014-01-03 23:11 - 2012-08-21 13:01 - 00026840 _____ (GEAR Software Inc.) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys 2014-01-03 23:10 - 2014-01-03 23:11 - 00000000 ____D C:\Program Files\iTunes 2014-01-03 23:10 - 2014-01-03 23:11 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\188F1432-103A-4ffb-80F1-36B633C5C9E1 2014-01-03 23:10 - 2014-01-03 23:10 - 00001830 _____ C:\Documents and Settings\All Users\Menu Start\Programy\Apple Software Update.lnk 2014-01-03 23:10 - 2014-01-03 23:10 - 00000000 ____D C:\Program Files\iPod 2014-01-03 23:10 - 2014-01-03 23:10 - 00000000 ____D C:\Program Files\Apple Software Update 2014-01-03 23:10 - 2014-01-03 23:10 - 00000000 ____D C:\Documents and Settings\LocalService\Dane aplikacji\Apple Computer 2014-01-03 23:10 - 2014-01-03 23:10 - 00000000 ____D C:\Documents and Settings\Kacper\Ustawienia lokalne\Dane aplikacji\Apple 2014-01-03 23:10 - 2014-01-03 23:10 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Apple Computer 2014-01-03 23:09 - 2014-01-03 23:10 - 00000000 ____D C:\Program Files\Common Files\Apple 2014-01-03 23:09 - 2014-01-03 23:09 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Apple 2014-01-03 15:25 - 2014-01-03 15:25 - 00000000 ____D C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\ESET 2014-01-03 15:22 - 2014-01-03 15:22 - 00000000 ____D C:\Documents and Settings\Kacper\Ustawienia lokalne\Dane aplikacji\ESET 2014-01-03 15:15 - 2014-01-03 15:15 - 00000000 ____D C:\Program Files\ESET 2014-01-03 15:15 - 2014-01-03 15:15 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\ESET 2014-01-03 15:15 - 2014-01-03 15:15 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\ESET 2014-01-02 16:55 - 2014-01-02 16:55 - 00000000 ____D C:\WINDOWS\system32\log 2013-12-30 13:46 - 2013-12-30 13:46 - 00012380 _____ C:\Program2.RPT 2013-12-30 13:03 - 2014-01-03 15:23 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\FunDeeaals 2013-12-30 13:03 - 2014-01-03 15:23 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Fuan2Saevae 2013-12-30 13:03 - 2013-12-30 13:03 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\mlhonofiodjginbilajdkjehfehfbfhp 2013-12-29 20:41 - 2013-12-29 20:41 - 00012379 _____ C:\Program1.RPT 2013-12-28 13:31 - 2013-12-28 13:31 - 00000188 ___SH C:\Documents and Settings\Administrator\ntuser.ini 2013-12-28 13:30 - 2013-12-28 13:31 - 00000000 ____D C:\Documents and Settings\Administrator 2013-12-28 13:30 - 2013-12-15 19:49 - 00000000 ___HD C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji 2013-12-28 13:30 - 2013-12-15 19:49 - 00000000 ____D C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google 2013-12-28 13:30 - 2013-11-25 21:11 - 00000000 __RHD C:\Documents and Settings\Administrator\Dane aplikacji 2013-12-28 13:30 - 2013-11-25 21:11 - 00000000 ___RD C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart 2013-12-28 13:30 - 2013-11-25 21:11 - 00000000 ___RD C:\Documents and Settings\Administrator\Menu Start 2013-12-28 13:30 - 2013-11-25 21:11 - 00000000 ___HD C:\Documents and Settings\Administrator\Ustawienia lokalne\Historia 2013-12-28 13:30 - 2013-11-25 21:11 - 00000000 ___HD C:\Documents and Settings\Administrator\Ustawienia lokalne 2013-12-28 13:30 - 2013-11-25 21:11 - 00000000 ____D C:\Documents and Settings\Administrator\Ulubione 2013-12-28 13:30 - 2013-11-25 21:11 - 00000000 ____D C:\Documents and Settings\Administrator\Pulpit 2013-12-28 13:30 - 2013-11-25 21:11 - 00000000 ____D C:\Documents and Settings\Administrator\Moje dokumenty 2013-12-28 13:30 - 2013-11-25 20:25 - 00001599 _____ C:\Documents and Settings\Administrator\Menu Start\Programy\Pomoc zdalna.lnk 2013-12-28 13:30 - 2013-11-25 20:25 - 00000792 _____ C:\Documents and Settings\Administrator\Menu Start\Programy\Windows Media Player.lnk 2013-12-28 13:30 - 2013-11-25 20:25 - 00000000 ___RD C:\Documents and Settings\Administrator\Menu Start\Programy\Akcesoria 2013-12-28 13:30 - 2013-11-25 20:25 - 00000000 ___RD C:\Documents and Settings\Administrator\Menu Start\Programy 2013-12-28 13:30 - 2013-11-25 20:21 - 00000000 ___HD C:\Documents and Settings\Administrator\Szablony 2013-12-27 17:08 - 2013-12-27 17:08 - 00004096 _____ C:\WINDOWS\d3dx.dat 2013-12-27 17:05 - 2013-12-27 17:05 - 00000890 _____ C:\Documents and Settings\Kacper\Pulpit\Gothic Multiplayer.lnk 2013-12-27 17:05 - 2013-12-27 17:05 - 00000000 ____D C:\Documents and Settings\Kacper\Menu Start\Programy\Gothic Multiplayer 2013-12-27 17:02 - 2013-12-27 17:02 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Gothic II 2013-12-27 16:58 - 2013-12-27 16:58 - 00000000 ____D C:\Program Files\JoWood 2013-12-27 16:58 - 2013-12-27 16:58 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\JoWood 2013-12-21 15:01 - 2013-12-21 15:02 - 00000000 ____D C:\Documents and Settings\Kacper\Pulpit\Skriny 2013-12-21 14:57 - 2013-12-23 20:19 - 00000000 ____D C:\Documents and Settings\Kacper\Pulpit\GTA Parking SA 1.0 2013-12-21 12:00 - 2013-12-21 12:01 - 00000000 ____D C:\Fraps 2013-12-21 12:00 - 2013-12-21 12:00 - 00000478 _____ C:\Documents and Settings\All Users\Pulpit\Fraps.lnk 2013-12-21 12:00 - 2013-12-21 12:00 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Fraps ==================== One Month Modified Files and Folders ======= 2014-01-19 17:57 - 2013-11-27 21:23 - 00008796 _____ C:\WINDOWS\system32\nvAppTimestamps 2014-01-19 17:55 - 2013-11-25 21:12 - 00000000 ____D C:\Documents and Settings\Kacper\Dane aplikacji\Skype 2014-01-19 17:55 - 2013-11-25 20:24 - 01412315 _____ C:\WINDOWS\WindowsUpdate.log 2014-01-19 17:54 - 2014-01-08 17:20 - 00001032 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-01-19 17:54 - 2013-11-25 21:14 - 00000159 _____ C:\WINDOWS\wiadebug.log 2014-01-19 17:54 - 2013-11-25 21:14 - 00000050 _____ C:\WINDOWS\wiaservc.log 2014-01-19 17:54 - 2013-11-25 20:29 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2014-01-19 17:53 - 2013-11-25 20:30 - 00000188 ___SH C:\Documents and Settings\Kacper\ntuser.ini 2014-01-19 17:53 - 2013-11-25 20:29 - 00032536 _____ C:\WINDOWS\SchedLgU.Txt 2014-01-19 17:50 - 2013-11-25 21:10 - 00000000 __RHD C:\Documents and Settings\All Users\Dane aplikacji 2014-01-19 17:50 - 2013-11-25 20:30 - 00000000 __RHD C:\Documents and Settings\Kacper\Dane aplikacji 2014-01-19 17:46 - 2014-01-19 13:43 - 00020023 _____ C:\WINDOWS\setupapi.log 2014-01-19 17:45 - 2013-11-25 21:11 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Start\Programy 2014-01-19 17:45 - 2013-11-25 21:11 - 00000000 ____D C:\Documents and Settings\All Users\Pulpit 2014-01-19 17:30 - 2014-01-08 17:20 - 00001036 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-01-19 17:17 - 2013-12-12 21:02 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-01-19 16:50 - 2013-12-02 17:48 - 00000000 ____D C:\Documents and Settings\Kacper\Ustawienia lokalne\Dane aplikacji\PMB Files 2014-01-19 16:50 - 2013-12-02 17:48 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\PMB Files 2014-01-19 13:39 - 2013-12-02 20:13 - 00000000 ____D C:\Program Files\Steam 2014-01-19 13:39 - 2013-11-26 17:02 - 00000000 ____D C:\Documents and Settings\Kacper\Dane aplikacji\DAEMON Tools Lite 2014-01-19 13:38 - 2013-11-25 20:30 - 00000000 ____D C:\Documents and Settings\Kacper 2014-01-19 13:36 - 2013-11-25 20:30 - 00000000 ____D C:\Documents and Settings\Kacper\Pulpit 2014-01-19 13:28 - 2014-01-19 13:28 - 00000000 ____D C:\Documents and Settings\Kacper\Pulpit\ht 2014-01-18 16:33 - 2014-01-18 16:33 - 02419254 _____ C:\Documents and Settings\Kacper\Pulpit\JA buty.bmp 2014-01-18 16:06 - 2014-01-18 16:06 - 00000682 _____ C:\Documents and Settings\All Users\Pulpit\CCleaner.lnk 2014-01-18 16:06 - 2014-01-18 16:06 - 00000000 ____D C:\Program Files\CCleaner 2014-01-18 16:06 - 2014-01-18 16:06 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\CCleaner 2014-01-18 15:52 - 2013-12-16 15:18 - 00000000 ____D C:\Documents and Settings\Kacper\Dane aplikacji\TS3Client 2014-01-18 14:45 - 2013-12-01 16:18 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\DriverDoc 2014-01-18 14:42 - 2014-01-18 14:42 - 00000740 _____ C:\Documents and Settings\Kacper\Pulpit\Eusing Free Registry Cleaner.lnk 2014-01-18 14:42 - 2014-01-18 14:42 - 00000000 ____D C:\Program Files\Eusing Free Registry Cleaner 2014-01-18 14:42 - 2014-01-18 14:42 - 00000000 ____D C:\Documents and Settings\Kacper\Menu Start\Programy\Free Registry Cleaner 2014-01-18 14:42 - 2014-01-18 14:42 - 00000000 ____D C:\Documents and Settings\Kacper\Dane aplikacji\Eusing 2014-01-18 14:42 - 2013-11-25 20:30 - 00000000 ___RD C:\Documents and Settings\Kacper\Menu Start\Programy 2014-01-18 14:36 - 2014-01-08 17:22 - 00001819 _____ C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk 2014-01-18 14:35 - 2014-01-18 14:35 - 00000976 _____ C:\Documents and Settings\Kacper\Pulpit\Nowy Dokument tekstowy.txt 2014-01-18 13:33 - 2004-08-04 13:00 - 00001230 _____ C:\WINDOWS\system32\wpa.dbl 2014-01-17 21:52 - 2014-01-17 21:52 - 00000000 ____D C:\FRST 2014-01-16 20:48 - 2014-01-14 21:18 - 00153246 _____ C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat 2014-01-16 20:48 - 2014-01-14 21:18 - 00153246 _____ C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-S-1-5-21-1801674531-448539723-725345543-1004-0.dat 2014-01-16 20:11 - 2013-11-25 20:30 - 00000000 ___HD C:\Documents and Settings\Kacper\Ustawienia lokalne\Dane aplikacji 2014-01-16 17:00 - 2013-12-16 19:15 - 00002347 _____ C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Reader XI.lnk 2014-01-16 16:57 - 2014-01-16 16:57 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2884256$ 2014-01-16 16:56 - 2014-01-16 16:56 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2914368$ 2014-01-14 21:18 - 2013-11-25 20:29 - 00000000 ___HD C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji 2014-01-14 20:36 - 2013-11-25 20:30 - 00000792 _____ C:\Documents and Settings\Kacper\Menu Start\Programy\Windows Media Player.lnk 2014-01-14 20:34 - 2013-11-25 20:30 - 00000000 ___RD C:\Documents and Settings\Kacper\Moje dokumenty 2014-01-14 20:33 - 2014-01-14 20:33 - 00000000 ____D C:\Program Files\The Weather Channel 2014-01-14 20:32 - 2014-01-14 20:32 - 00000000 ____D C:\Program Files\GreenTree Applications 2014-01-12 20:42 - 2013-11-25 21:09 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Skype 2014-01-08 17:33 - 2014-01-08 15:33 - 00000000 ____D C:\Program Files\Opera 2014-01-08 17:22 - 2014-01-08 17:22 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Google Chrome 2014-01-08 17:21 - 2013-11-25 21:01 - 00000000 ____D C:\Program Files\Google 2014-01-08 17:19 - 2014-01-08 17:19 - 00819176 _____ (Google Inc.) C:\Documents and Settings\Kacper\Moje dokumenty\ChromeSetup.exe 2014-01-08 17:17 - 2014-01-08 17:17 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe 2014-01-08 17:17 - 2014-01-08 17:17 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe 2014-01-08 17:17 - 2014-01-08 17:17 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe 2014-01-08 17:17 - 2014-01-08 17:17 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl 2014-01-08 17:17 - 2014-01-08 17:17 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll 2014-01-08 17:17 - 2014-01-08 17:17 - 00000000 ____D C:\Program Files\Java 2014-01-08 17:17 - 2014-01-08 17:17 - 00000000 ____D C:\Program Files\Common Files\Java 2014-01-08 17:17 - 2014-01-08 17:17 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Java 2014-01-08 17:06 - 2014-01-08 17:06 - 00000000 ____D C:\Documents and Settings\LocalService\Pulpit 2014-01-08 17:06 - 2014-01-08 17:06 - 00000000 ____D C:\Documents and Settings\LocalService\Menu Start\Programy 2014-01-08 17:06 - 2014-01-08 17:06 - 00000000 ____D C:\Documents and Settings\LocalService\Menu Start 2014-01-08 17:06 - 2014-01-08 17:06 - 00000000 ____D C:\Documents and Settings\LocalService\Dane aplikacji\Hotspot Shield 2014-01-08 17:06 - 2013-11-25 20:29 - 00000000 __SHD C:\Documents and Settings\LocalService 2014-01-08 17:06 - 2013-11-25 20:29 - 00000000 ____D C:\Documents and Settings\LocalService\Dane aplikacji 2014-01-08 17:01 - 2014-01-04 13:19 - 00000000 ____D C:\AdwCleaner 2014-01-08 16:54 - 2013-11-26 17:20 - 00000000 ____D C:\Program Files\Smart File Advisor 2014-01-08 15:33 - 2014-01-08 15:33 - 00000669 _____ C:\Documents and Settings\All Users\Pulpit\Opera.lnk 2014-01-08 15:33 - 2014-01-08 15:33 - 00000669 _____ C:\Documents and Settings\All Users\Menu Start\Programy\Opera.lnk 2014-01-08 15:33 - 2013-12-12 19:43 - 00000000 ____D C:\Documents and Settings\Kacper\Dane aplikacji\Opera Software 2014-01-08 15:32 - 2013-12-12 19:43 - 00000000 ____D C:\Documents and Settings\Kacper\Ustawienia lokalne\Dane aplikacji\Opera Software 2014-01-04 17:57 - 2013-11-25 20:30 - 00000747 _____ C:\Documents and Settings\Kacper\Menu Start\Programy\Internet Explorer.lnk 2014-01-04 13:37 - 2014-01-04 13:37 - 00000000 __SHD C:\Documents and Settings\Kacper\PrivacIE 2014-01-04 13:12 - 2013-11-25 21:01 - 00000000 ____D C:\Documents and Settings\Kacper\Ustawienia lokalne\Dane aplikacji\Google 2014-01-04 13:10 - 2013-12-01 16:09 - 00000000 ____D C:\Program Files\Bonjour 2014-01-04 13:03 - 2013-11-25 18:45 - 00000000 ____D C:\WINDOWS\ime 2014-01-04 13:01 - 2013-11-25 20:22 - 00000000 ____D C:\Program Files\NetMeeting 2014-01-04 13:00 - 2013-11-25 20:23 - 00000000 ____D C:\Program Files\Movie Maker 2014-01-03 23:13 - 2014-01-03 23:11 - 00000000 ____D C:\Documents and Settings\Kacper\Dane aplikacji\Apple Computer 2014-01-03 23:11 - 2014-01-03 23:11 - 00000000 ____D C:\Documents and Settings\Kacper\Ustawienia lokalne\Dane aplikacji\Apple Computer 2014-01-03 23:11 - 2014-01-03 23:11 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\iTunes 2014-01-03 23:11 - 2014-01-03 23:10 - 00000000 ____D C:\Program Files\iTunes 2014-01-03 23:11 - 2014-01-03 23:10 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\188F1432-103A-4ffb-80F1-36B633C5C9E1 2014-01-03 23:11 - 2013-11-25 20:30 - 00000000 ___RD C:\Documents and Settings\Kacper\Moje dokumenty\Moja muzyka 2014-01-03 23:10 - 2014-01-03 23:10 - 00001830 _____ C:\Documents and Settings\All Users\Menu Start\Programy\Apple Software Update.lnk 2014-01-03 23:10 - 2014-01-03 23:10 - 00000000 ____D C:\Program Files\iPod 2014-01-03 23:10 - 2014-01-03 23:10 - 00000000 ____D C:\Program Files\Apple Software Update 2014-01-03 23:10 - 2014-01-03 23:10 - 00000000 ____D C:\Documents and Settings\LocalService\Dane aplikacji\Apple Computer 2014-01-03 23:10 - 2014-01-03 23:10 - 00000000 ____D C:\Documents and Settings\Kacper\Ustawienia lokalne\Dane aplikacji\Apple 2014-01-03 23:10 - 2014-01-03 23:10 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Apple Computer 2014-01-03 23:10 - 2014-01-03 23:09 - 00000000 ____D C:\Program Files\Common Files\Apple 2014-01-03 23:09 - 2014-01-03 23:09 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Apple 2014-01-03 19:16 - 2013-11-25 21:18 - 00008510 _____ C:\Documents and Settings\Kacper\daemonprocess.txt 2014-01-03 15:27 - 2013-12-01 16:18 - 00000000 ____D C:\Program Files\DriverDoc 2014-01-03 15:26 - 2013-11-30 12:21 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\YoutubeBookmark 2014-01-03 15:25 - 2014-01-03 15:25 - 00000000 ____D C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\ESET 2014-01-03 15:23 - 2013-12-30 13:03 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\FunDeeaals 2014-01-03 15:23 - 2013-12-30 13:03 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Fuan2Saevae 2014-01-03 15:22 - 2014-01-03 15:22 - 00000000 ____D C:\Documents and Settings\Kacper\Ustawienia lokalne\Dane aplikacji\ESET 2014-01-03 15:15 - 2014-01-03 15:15 - 00000000 ____D C:\Program Files\ESET 2014-01-03 15:15 - 2014-01-03 15:15 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\ESET 2014-01-03 15:15 - 2014-01-03 15:15 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\ESET 2014-01-02 16:55 - 2014-01-02 16:55 - 00000000 ____D C:\WINDOWS\system32\log 2014-01-01 16:18 - 2013-12-01 16:18 - 00000268 _____ C:\WINDOWS\Tasks\DriverDoc_UPDATES.job 2013-12-30 13:46 - 2013-12-30 13:46 - 00012380 _____ C:\Program2.RPT 2013-12-30 13:03 - 2013-12-30 13:03 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\mlhonofiodjginbilajdkjehfehfbfhp 2013-12-30 13:03 - 2013-11-30 12:20 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\acbf208918d9463f 2013-12-29 20:41 - 2013-12-29 20:41 - 00012379 _____ C:\Program1.RPT 2013-12-28 23:46 - 2013-11-25 20:25 - 00001573 _____ C:\Documents and Settings\All Users\Menu Start\Aktywacja systemu Windows.lnk 2013-12-28 13:34 - 2013-11-25 21:02 - 00000664 _____ C:\WINDOWS\system32\d3d9caps.dat 2013-12-28 13:31 - 2013-12-28 13:31 - 00000188 ___SH C:\Documents and Settings\Administrator\ntuser.ini 2013-12-28 13:31 - 2013-12-28 13:30 - 00000000 ____D C:\Documents and Settings\Administrator 2013-12-28 13:23 - 2013-11-27 21:21 - 00000188 ___SH C:\Documents and Settings\UpdatusUser\ntuser.ini 2013-12-27 17:08 - 2013-12-27 17:08 - 00004096 _____ C:\WINDOWS\d3dx.dat 2013-12-27 17:05 - 2013-12-27 17:05 - 00000890 _____ C:\Documents and Settings\Kacper\Pulpit\Gothic Multiplayer.lnk 2013-12-27 17:05 - 2013-12-27 17:05 - 00000000 ____D C:\Documents and Settings\Kacper\Menu Start\Programy\Gothic Multiplayer 2013-12-27 17:04 - 2013-12-01 16:00 - 00000000 ____D C:\Documents and Settings\Kacper\Pulpit\Nowy folder 2013-12-27 17:03 - 2013-11-25 20:56 - 00000000 ___HD C:\Program Files\InstallShield Installation Information 2013-12-27 17:02 - 2013-12-27 17:02 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Gothic II 2013-12-27 16:58 - 2013-12-27 16:58 - 00000000 ____D C:\Program Files\JoWood 2013-12-27 16:58 - 2013-12-27 16:58 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\JoWood 2013-12-23 20:19 - 2013-12-21 14:57 - 00000000 ____D C:\Documents and Settings\Kacper\Pulpit\GTA Parking SA 1.0 2013-12-21 15:02 - 2013-12-21 15:01 - 00000000 ____D C:\Documents and Settings\Kacper\Pulpit\Skriny 2013-12-21 12:01 - 2013-12-21 12:00 - 00000000 ____D C:\Fraps 2013-12-21 12:00 - 2013-12-21 12:00 - 00000478 _____ C:\Documents and Settings\All Users\Pulpit\Fraps.lnk 2013-12-21 12:00 - 2013-12-21 12:00 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Fraps ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe [2004-08-04 13:00] - [2008-04-14 22:51] - 1035264 ____A (Microsoft Corporation) c791ed9eac5e76d9525e157b1d7a599a C:\Windows\System32\winlogon.exe [2004-08-04 13:00] - [2008-04-14 22:51] - 0510464 ____A (Microsoft Corporation) 51fd2e13d723857b9ca239ae77150f48 C:\Windows\System32\svchost.exe [2004-08-04 13:00] - [2008-04-14 22:51] - 0014336 ____A (Microsoft Corporation) 8607d35d92528e2df386f19a960d23ce C:\Windows\System32\services.exe [2004-08-04 13:00] - [2009-02-09 12:25] - 0111104 ____A (Microsoft Corporation) 02a467e27af55f7064c5b251e587315f C:\Windows\System32\User32.dll [2004-08-04 13:00] - [2008-04-14 22:50] - 0580096 ____A (Microsoft Corporation) a435c5c069afd901751ac323ad238793 C:\Windows\System32\userinit.exe [2004-08-04 13:00] - [2008-04-14 22:51] - 0026624 ____A (Microsoft Corporation) 2a5b37d520508be6570a3ea79695f5b5 C:\Windows\System32\rpcss.dll [2004-08-04 13:00] - [2009-02-09 11:53] - 0401408 ____A (Microsoft Corporation) a37311d9d628c1042a2836731787f0f3 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected. C:\Windows\System32\Drivers\volsnap.sys [2004-08-04 13:00] - [2008-04-14 21:31] - 0052864 ____A (Microsoft Corporation) 56b191ac5fc0df219949c95a6c87afe7 ==================== End Of Log ============================