Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014  01
Ran by berger (administrator) on XP-75CF98363E2C on 18-03-2014 16:23:56
Running from C:\Documents and Settings\berger.XP-75CF98363E2C\Pulpit
Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polish
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
() C:\Program Files\Core Temp\Core Temp.exe
(Mozilla Corporation) C:\Program Files\Mozilla\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [NvCplDaemon] - C:\WINDOWS\system32\NvCpl.dll [15714592 2014-03-09] (NVIDIA Corporation)
HKLM\...\Run: [NvMediaCenter] - C:\WINDOWS\system32\NvMcTray.dll [377288 2014-03-09] (NVIDIA Corporation)
HKU\.DEFAULT\...\Policies\system: [DisableCMD] 0
HKU\.DEFAULT\...\Policies\system: [NoDispAppearancePage] 0
HKU\.DEFAULT\...\Policies\system: [NoDispBackgroundPage] 0
HKU\.DEFAULT\...\Policies\system: [NoDispSettingsPage] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoFolderOptions] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoControlPanel] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoFind] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoFile] 0
HKU\.DEFAULT\...\Policies\Explorer: [HideClock] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSetFolders] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDFSTab] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoLogoff] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoResolveSearch] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSaveSettings] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoHardwareTab] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-19\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-19\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-20\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-20\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-343818398-1757981266-839522115-1003\...\MountPoints2: {296bd530-119c-11e3-9b55-1c6f65fcb841} - H:\AutoRun.exe
HKU\S-1-5-21-343818398-1757981266-839522115-1003\...\MountPoints2: {4118dc19-f3bc-11e1-96c9-1c6f65fcb841} - I:\AutoRun.exe
HKU\S-1-5-21-343818398-1757981266-839522115-1003\...\MountPoints2: {b15be3e6-f37e-11e1-96c6-1c6f65fcb841} - I:\AutoRun.exe
HKU\S-1-5-21-343818398-1757981266-839522115-1003\...\MountPoints2: {be155ac8-f41d-11e1-96ca-1c6f65fcb841} - I:\AutoRun.exe
HKU\S-1-5-21-343818398-1757981266-839522115-1003\...\MountPoints2: {e932a2f2-f36e-11e1-96c5-4d6564696130} - I:\AutoRun.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {1E69A14C-02A0-4B0D-BF70-1C1E66677AD4} URL = http://www.google.com/search?hl=pl&q={searchTerms}
SearchScopes: HKCU - {1E69A14C-02A0-4B0D-BF70-1C1E66677AD4} URL = http://www.google.com/search?hl=pl&q={searchTerms}
Toolbar: HKCU - &Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1394986474062
DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Documents and Settings\berger.XP-75CF98363E2C\Dane aplikacji\Mozilla\Firefox\Profiles\7f8o4de8.default-1386175172031
FF SearchEngineOrder.1: Web Search
FF SelectedSearchEngine: Google
FF Homepage: https://www.google.pl/
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @IObit.com/np_Asc_Plugin - C:\Program Files\IObit\Surfing Protection\BrowerProtect\np_Asc_plugin.dll No File
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.0.282 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nppl3260;version=6.0.12.450 - C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=15.0.6.14 - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.0 - C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.0 - C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.0 - C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 - C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.6.14 - C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 - C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.0.282 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Advanced SystemCare Surfing Protection - C:\Documents and Settings\berger.XP-75CF98363E2C\Dane aplikacji\Mozilla\Firefox\Profiles\7f8o4de8.default-1386175172031\Extensions\ascsurfingprotection@iobit.com [2014-03-16]
FF Extension: Flashblock - C:\Documents and Settings\berger.XP-75CF98363E2C\Dane aplikacji\Mozilla\Firefox\Profiles\7f8o4de8.default-1386175172031\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2013-12-05]
FF Extension: DownloadHelper - C:\Documents and Settings\berger.XP-75CF98363E2C\Dane aplikacji\Mozilla\Firefox\Profiles\7f8o4de8.default-1386175172031\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013-12-04]
FF Extension: No Name - C:\Documents and Settings\berger.XP-75CF98363E2C\Dane aplikacji\Mozilla\Firefox\Profiles\7f8o4de8.default-1386175172031\Extensions\savedpasswordeditor@daniel.dawson.xpi [2014-02-03]
FF Extension: Google Translator for Firefox - C:\Documents and Settings\berger.XP-75CF98363E2C\Dane aplikacji\Mozilla\Firefox\Profiles\7f8o4de8.default-1386175172031\Extensions\translator@zoli.bod.xpi [2014-01-05]
FF Extension: Adblock Plus - C:\Documents and Settings\berger.XP-75CF98363E2C\Dane aplikacji\Mozilla\Firefox\Profiles\7f8o4de8.default-1386175172031\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-06]
FF HKLM\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla\firefox.exe

========================== Services (Whitelisted) =================

S4 ES lite Service; C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-08-24] ()
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-01-18] (Oracle Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S4 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [X]

==================== Drivers (Whitelisted) ====================

S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
R1 AmdPPM; C:\WINDOWS\System32\DRIVERS\AmdPPM.sys [33792 2007-04-16] (Advanced Micro Devices)
S3 AODDriver; C:\Program Files\Gigabyte\ET6\i386\AODDriver.sys [36864 2010-03-12] (Advanced Micro Devices)
R1 AppleCharger; C:\WINDOWS\System32\DRIVERS\AppleCharger.sys [18544 2011-01-10] ()
S3 appliand; C:\WINDOWS\System32\DRIVERS\appliand.sys [28256 2011-06-26] (Applian Technologies Inc.)
R3 appliandMP; C:\WINDOWS\System32\DRIVERS\appliand.sys [28256 2011-06-26] (Applian Technologies Inc.)
S3 etdrv; C:\WINDOWS\etdrv.sys [17488 2013-08-19] (Windows (R) 2000 DDK provider)
R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] ()
S3 GVTDrv; C:\WINDOWS\system32\Drivers\GVTDrv.sys [24944 2013-11-19] ()
R1 ISODrive; C:\Program Files\UltraISO\drivers\ISODrive.sys [82320 2010-01-29] (EZB Systems, Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
R3 NVHDA; C:\WINDOWS\System32\drivers\nvhda32.sys [129312 2013-11-28] (NVIDIA Corporation)
R0 speedfan; C:\WINDOWS\System32\speedfan.sys [24184 2012-12-29] (Almico Software)
R3 ALSysIO; \??\C:\DOCUME~1\BERGER~2.XP-\USTAWI~1\Temp\ALSysIO.sys [X]
S3 cpuz136; \??\C:\DOCUME~1\BERGER~2.XP-\USTAWI~1\Temp\cpuz136\cpuz136_x32.sys [X]
S3 gdrv; \??\C:\WINDOWS\gdrv.sys [X]
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2008-05-02] () <===== ATTENTION Necurs Rootkit?
U3 fwryrkob; \??\C:\DOCUME~1\BERGER~2.XP-\USTAWI~1\Temp\fwryrkob.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-18 16:23 - 2014-03-18 16:24 - 00016574 _____ () C:\Documents and Settings\berger.XP-75CF98363E2C\Pulpit\FRST.txt
2014-03-18 16:23 - 2014-03-18 16:23 - 00005000 _____ () C:\Documents and Settings\berger.XP-75CF98363E2C\Pulpit\gmer.txt
2014-03-18 15:40 - 2014-02-09 16:31 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\berger.XP-75CF98363E2C\Pulpit\OTL.exe
2014-03-18 15:36 - 2014-03-15 20:46 - 01145856 _____ (Farbar) C:\Documents and Settings\berger.XP-75CF98363E2C\Pulpit\FRST.exe
2014-03-18 14:52 - 2014-03-18 14:52 - 00000000 ____D () C:\AdwCleaner
2014-03-18 14:37 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-03-18 14:28 - 2014-03-18 14:28 - 00000000 ____D () C:\Program Files\AGEIA Technologies
2014-03-18 14:25 - 2014-03-09 21:35 - 01051080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco3233528.dll
2014-03-18 14:25 - 2014-03-09 21:35 - 00896456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco3233528.dll
2014-03-18 14:25 - 2013-11-22 09:36 - 00895264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco3220103.dll
2014-03-18 14:21 - 2014-01-18 15:10 - 617037946 _____ () C:\Documents and Settings\berger.XP-75CF98363E2C\Pulpit\dnia.pl.avi
2014-03-18 14:20 - 2014-03-18 14:20 - 00000000 ____D () C:\Documents and Settings\berger.XP-75CF98363E2C\Pulpit\Nowy folder
2014-03-18 14:18 - 2014-03-18 14:18 - 00000000 ____D () C:\Documents and Settings\berger.XP-75CF98363E2C\Pulpit\Graham Masterton
2014-03-18 14:12 - 2014-03-18 15:18 - 00000000 ____D () C:\Documents and Settings\berger.XP-75CF98363E2C\Pulpit\king
2014-03-18 14:10 - 2014-03-18 14:11 - 00000000 ____D () C:\Documents and Settings\berger.XP-75CF98363E2C\Pulpit\Anne Rice
2014-03-17 21:09 - 2014-03-17 21:09 - 00000435 _____ () C:\Documents and Settings\berger.XP-75CF98363E2C\Pulpit\Skrót do prices.lnk
2014-03-16 23:55 - 2014-03-18 14:27 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.dat
2014-03-16 23:46 - 2014-03-18 16:23 - 00000878 _____ () C:\WINDOWS\system32\nvAppTimestamps
2014-03-16 22:47 - 2014-03-09 21:35 - 00018700 _____ () C:\WINDOWS\system32\nvinfo.pb
2014-03-16 21:59 - 2014-03-16 22:03 - 00000000 ____D () C:\WINDOWS\LastGood(2)
2014-03-16 21:21 - 2014-03-09 21:35 - 09682944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2014-03-16 21:21 - 2014-03-04 15:19 - 01049888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco3233523.dll
2014-03-16 21:20 - 2014-03-04 15:19 - 00894296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco3233523.dll
2014-03-16 19:07 - 2014-03-18 16:08 - 00000000 ____D () C:\Program Files\MSOffice2007Settings
2014-03-16 18:56 - 2013-08-20 11:26 - 228264615 _____ (Microsoft Corporation) C:\Program Files\Microsoft Word 2007.exe
2014-03-16 18:56 - 2013-08-20 10:25 - 00047477 _____ (Microsoft Corporation) C:\Program Files\Microsoft Excel 2007.exe
2014-03-16 18:14 - 2014-03-18 14:40 - 00445728 _____ () C:\WINDOWS\setupapi.log
2014-03-16 18:14 - 2014-03-16 18:14 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-03-16 18:14 - 2014-03-16 18:14 - 00000000 _____ () C:\WINDOWS\setupact.log
2014-03-16 17:56 - 2014-03-18 14:40 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-03-16 17:56 - 2014-03-18 14:40 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2014-03-16 17:56 - 2014-03-16 17:56 - 00000000 _____ () C:\WINDOWS\Sti_Trace.log
2014-03-16 17:55 - 2014-03-18 14:39 - 00032152 _____ () C:\WINDOWS\SchedLgU.Txt
2014-03-16 17:40 - 2014-03-16 17:40 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\ProductData
2014-03-16 17:40 - 2014-03-16 17:40 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-03-16 17:39 - 2014-03-16 17:58 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\IObit
2014-03-16 17:37 - 2014-03-16 17:40 - 00000000 ____D () C:\Documents and Settings\berger.XP-75CF98363E2C\Dane aplikacji\IObit
2014-03-16 17:37 - 2014-03-16 17:37 - 00000223 _____ () C:\ASCInit.log
2014-03-16 17:15 - 2012-06-02 15:19 - 00045080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-03-16 17:15 - 2012-06-02 15:19 - 00024088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltui.dll.mui
2014-03-16 17:15 - 2012-06-02 15:19 - 00018968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll.mui
2014-03-16 17:15 - 2012-06-02 15:19 - 00016408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaucpl.cpl.mui
2014-03-16 17:15 - 2012-06-02 15:19 - 00015896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll.mui
2014-03-16 15:11 - 2014-03-16 15:11 - 00000000 ____D () C:\Program Files\Mozilla
2014-03-15 21:06 - 2014-03-15 21:06 - 00000020 ___SH () C:\Documents and Settings\Administrator\ntuser.ini
2014-03-15 21:06 - 2014-03-15 21:06 - 00000000 __SHD () C:\Documents and Settings\Administrator\IETldCache
2014-03-15 21:06 - 2014-03-15 21:06 - 00000000 ____D () C:\Documents and Settings\Administrator
2014-03-15 21:06 - 2012-04-18 17:51 - 00000000 __SHD () C:\Documents and Settings\Administrator\Ustawienia lokalne\Historia
2014-03-15 21:06 - 2012-04-18 17:51 - 00000000 __RHD () C:\Documents and Settings\Administrator\Dane aplikacji
2014-03-15 21:06 - 2012-04-18 17:51 - 00000000 ___RD () C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart
2014-03-15 21:06 - 2012-04-18 17:51 - 00000000 ___RD () C:\Documents and Settings\Administrator\Menu Start
2014-03-15 21:06 - 2012-04-18 17:51 - 00000000 ___HD () C:\Documents and Settings\Administrator\Ustawienia lokalne
2014-03-15 21:06 - 2012-04-18 17:51 - 00000000 ____D () C:\Documents and Settings\Administrator\Ulubione
2014-03-15 21:06 - 2012-04-18 17:51 - 00000000 ____D () C:\Documents and Settings\Administrator\Pulpit
2014-03-15 21:06 - 2012-04-18 17:51 - 00000000 ____D () C:\Documents and Settings\Administrator\Moje dokumenty
2014-03-15 21:06 - 2012-04-18 16:02 - 00001599 _____ () C:\Documents and Settings\Administrator\Menu Start\Programy\Pomoc zdalna.lnk
2014-03-15 21:06 - 2012-04-18 16:02 - 00000792 _____ () C:\Documents and Settings\Administrator\Menu Start\Programy\Windows Media Player.lnk
2014-03-15 21:06 - 2012-04-18 16:02 - 00000000 ___RD () C:\Documents and Settings\Administrator\Menu Start\Programy\Akcesoria
2014-03-15 21:06 - 2012-04-18 16:02 - 00000000 ___RD () C:\Documents and Settings\Administrator\Menu Start\Programy
2014-03-15 21:06 - 2012-04-18 16:01 - 00000000 ___HD () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji
2014-03-15 21:06 - 2012-04-18 15:57 - 00000000 ___HD () C:\Documents and Settings\Administrator\Szablony
2014-03-15 19:38 - 2014-03-18 16:23 - 00000000 ____D () C:\FRST
2014-03-15 15:33 - 2014-03-15 17:21 - 00000000 ____D () C:\Documents and Settings\berger.XP-75CF98363E2C\Ustawienia lokalne\Dane aplikacji\Avg2014
2014-03-02 21:17 - 2014-03-02 21:17 - 00000000 ____D () C:\Program Files\PORTABLE.Foxit.PDF.Editor.v2.0.1011-YAG
2014-02-19 12:39 - 2014-02-19 12:39 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\PITy
2014-02-16 22:38 - 2014-02-16 22:38 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Package Cache

==================== One Month Modified Files and Folders =======

2014-03-18 16:24 - 2014-03-18 16:23 - 00016574 _____ () C:\Documents and Settings\berger.XP-75CF98363E2C\Pulpit\FRST.txt
2014-03-18 16:23 - 2014-03-18 16:23 - 00005000 _____ () C:\Documents and Settings\berger.XP-75CF98363E2C\Pulpit\gmer.txt
2014-03-18 16:23 - 2014-03-16 23:46 - 00000878 _____ () C:\WINDOWS\system32\nvAppTimestamps
2014-03-18 16:23 - 2014-03-15 19:38 - 00000000 ____D () C:\FRST
2014-03-18 16:23 - 2012-04-18 16:09 - 00000000 ____D () C:\Documents and Settings\berger.XP-75CF98363E2C\Pulpit
2014-03-18 16:08 - 2014-03-16 19:07 - 00000000 ____D () C:\Program Files\MSOffice2007Settings
2014-03-18 16:01 - 2012-05-27 15:32 - 00005120 ___SH () C:\WINDOWS\system32\Thumbs.db
2014-03-18 15:19 - 2012-04-18 18:20 - 00005689 _____ () C:\WINDOWS\zmodeler.INI
2014-03-18 15:18 - 2014-03-18 14:12 - 00000000 ____D () C:\Documents and Settings\berger.XP-75CF98363E2C\Pulpit\king
2014-03-18 14:52 - 2014-03-18 14:52 - 00000000 ____D () C:\AdwCleaner
2014-03-18 14:44 - 2012-04-21 16:36 - 00000000 ____D () C:\Program Files\SpeedFan
2014-03-18 14:40 - 2014-03-16 18:14 - 00445728 _____ () C:\WINDOWS\setupapi.log
2014-03-18 14:40 - 2014-03-16 17:56 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-03-18 14:40 - 2014-03-16 17:56 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2014-03-18 14:40 - 2014-02-15 14:33 - 00000474 _____ () C:\WINDOWS\Tasks\AVG_SYS_TASK_DELETE.job
2014-03-18 14:40 - 2014-02-15 14:33 - 00000446 _____ () C:\WINDOWS\Tasks\AVG_SYS_TASK.job
2014-03-18 14:40 - 2012-04-18 16:08 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-18 14:39 - 2014-03-16 17:55 - 00032152 _____ () C:\WINDOWS\SchedLgU.Txt
2014-03-18 14:39 - 2012-04-18 16:09 - 00000188 ___SH () C:\Documents and Settings\berger.XP-75CF98363E2C\ntuser.ini
2014-03-18 14:39 - 2012-04-18 16:00 - 00573063 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-18 14:37 - 2012-07-30 22:52 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Malwarebytes' Anti-Malware
2014-03-18 14:37 - 2012-07-30 21:56 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-03-18 14:28 - 2014-03-18 14:28 - 00000000 ____D () C:\Program Files\AGEIA Technologies
2014-03-18 14:27 - 2014-03-16 23:55 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.dat
2014-03-18 14:26 - 2012-04-23 19:45 - 01144544 _____ () C:\WINDOWS\system32\nvdrsdb1.bin
2014-03-18 14:26 - 2012-04-23 19:45 - 01144544 _____ () C:\WINDOWS\system32\nvdrsdb0.bin
2014-03-18 14:26 - 2012-04-23 19:45 - 00000001 _____ () C:\WINDOWS\system32\nvdrssel.bin
2014-03-18 14:26 - 2011-11-07 15:47 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-03-18 14:20 - 2014-03-18 14:20 - 00000000 ____D () C:\Documents and Settings\berger.XP-75CF98363E2C\Pulpit\Nowy folder
2014-03-18 14:18 - 2014-03-18 14:18 - 00000000 ____D () C:\Documents and Settings\berger.XP-75CF98363E2C\Pulpit\Graham Masterton
2014-03-18 14:11 - 2014-03-18 14:10 - 00000000 ____D () C:\Documents and Settings\berger.XP-75CF98363E2C\Pulpit\Anne Rice
2014-03-18 11:51 - 2012-04-18 17:52 - 01254156 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-03-18 11:51 - 2001-10-26 17:15 - 00555448 _____ () C:\WINDOWS\system32\perfh015.dat
2014-03-18 11:51 - 2001-10-26 17:15 - 00104478 _____ () C:\WINDOWS\system32\perfc015.dat
2014-03-18 00:11 - 2012-04-18 17:51 - 00000000 ___RD () C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy
2014-03-18 00:11 - 2012-04-18 16:09 - 00000000 ___RD () C:\Documents and Settings\berger.XP-75CF98363E2C\Menu Start
2014-03-17 23:35 - 2012-04-18 17:51 - 00000000 ___RD () C:\Documents and Settings\All Users.WINDOWS\Dokumenty
2014-03-17 23:27 - 2012-04-18 16:09 - 00000000 ____D () C:\Documents and Settings\berger.XP-75CF98363E2C
2014-03-17 22:38 - 2012-11-21 17:04 - 00000000 ____D () C:\Documents and Settings\berger.XP-75CF98363E2C\Dane aplikacji\FlashGet
2014-03-17 22:38 - 2012-04-18 16:09 - 00000000 __RHD () C:\Documents and Settings\berger.XP-75CF98363E2C\Dane aplikacji
2014-03-17 22:20 - 2014-02-09 17:01 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\MFAData
2014-03-17 22:17 - 2014-02-09 17:04 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\AVG2014
2014-03-17 21:51 - 2013-12-05 11:55 - 00000000 ____D () C:\WINDOWS\system32\NtmsData
2014-03-17 21:09 - 2014-03-17 21:09 - 00000435 _____ () C:\Documents and Settings\berger.XP-75CF98363E2C\Pulpit\Skrót do prices.lnk
2014-03-17 12:31 - 2011-11-07 16:39 - 00000000 ____D () C:\Program Files\K-Lite Codec Pack
2014-03-16 23:49 - 2011-11-07 22:32 - 00000000 ___RD () C:\WINDOWS\Web
2014-03-16 23:48 - 2001-07-21 23:15 - 00000227 _____ () C:\WINDOWS\system.ini
2014-03-16 22:03 - 2014-03-16 21:59 - 00000000 ____D () C:\WINDOWS\LastGood(2)
2014-03-16 20:39 - 2011-11-07 22:32 - 00000000 ____D () C:\WINDOWS\Help
2014-03-16 18:14 - 2014-03-16 18:14 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-03-16 18:14 - 2014-03-16 18:14 - 00000000 _____ () C:\WINDOWS\setupact.log
2014-03-16 17:58 - 2014-03-16 17:39 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\IObit
2014-03-16 17:56 - 2014-03-16 17:56 - 00000000 _____ () C:\WINDOWS\Sti_Trace.log
2014-03-16 17:49 - 2011-11-07 22:54 - 00000000 ____D () C:\WINDOWS\Minidump
2014-03-16 17:40 - 2014-03-16 17:40 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\ProductData
2014-03-16 17:40 - 2014-03-16 17:40 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-03-16 17:40 - 2014-03-16 17:37 - 00000000 ____D () C:\Documents and Settings\berger.XP-75CF98363E2C\Dane aplikacji\IObit
2014-03-16 17:37 - 2014-03-16 17:37 - 00000223 _____ () C:\ASCInit.log
2014-03-16 17:29 - 2012-04-18 16:32 - 00000000 __SHD () C:\Documents and Settings\berger.XP-75CF98363E2C\UserData
2014-03-16 17:15 - 2012-04-18 17:50 - 01371125 _____ () C:\WINDOWS\setupapi.log.0.old
2014-03-16 15:11 - 2014-03-16 15:11 - 00000000 ____D () C:\Program Files\Mozilla
2014-03-16 15:09 - 2013-12-05 17:01 - 00000000 ____D () C:\Program Files\Mozilla Firefox1
2014-03-15 22:02 - 2012-02-04 20:56 - 00000000 __SHD () C:\WINDOWS\CSC
2014-03-15 21:45 - 2001-07-21 23:16 - 00000598 _____ () C:\WINDOWS\win.ini
2014-03-15 21:39 - 2012-04-19 14:50 - 00319488 ___SH () C:\Documents and Settings\berger.XP-75CF98363E2C\Pulpit\Thumbs.db
2014-03-15 21:06 - 2014-03-15 21:06 - 00000020 ___SH () C:\Documents and Settings\Administrator\ntuser.ini
2014-03-15 21:06 - 2014-03-15 21:06 - 00000000 __SHD () C:\Documents and Settings\Administrator\IETldCache
2014-03-15 21:06 - 2014-03-15 21:06 - 00000000 ____D () C:\Documents and Settings\Administrator
2014-03-15 20:46 - 2014-03-18 15:36 - 01145856 _____ (Farbar) C:\Documents and Settings\berger.XP-75CF98363E2C\Pulpit\FRST.exe
2014-03-15 17:21 - 2014-03-15 15:33 - 00000000 ____D () C:\Documents and Settings\berger.XP-75CF98363E2C\Ustawienia lokalne\Dane aplikacji\Avg2014
2014-03-15 15:33 - 2012-04-18 16:09 - 00000000 ___HD () C:\Documents and Settings\berger.XP-75CF98363E2C\Ustawienia lokalne\Dane aplikacji
2014-03-12 17:24 - 2012-04-18 20:19 - 00000116 _____ () C:\WINDOWS\NeroDigital.ini
2014-03-12 17:20 - 2012-04-19 23:14 - 00000000 ____D () C:\Documents and Settings\berger.XP-75CF98363E2C\Ustawienia lokalne\Dane aplikacji\Adobe
2014-03-12 17:20 - 2012-04-18 17:32 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-03-12 17:20 - 2012-04-18 17:32 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-03-10 14:33 - 2012-04-18 19:43 - 00000168 _____ () C:\Program Files\hwmonitorw.ini
2014-03-09 21:35 - 2014-03-18 14:25 - 01051080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco3233528.dll
2014-03-09 21:35 - 2014-03-18 14:25 - 00896456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco3233528.dll
2014-03-09 21:35 - 2014-03-16 22:47 - 00018700 _____ () C:\WINDOWS\system32\nvinfo.pb
2014-03-09 21:35 - 2014-03-16 21:21 - 09682944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2014-03-09 21:35 - 2012-05-04 23:25 - 02411684 _____ () C:\WINDOWS\system32\nvdata.data
2014-03-09 21:35 - 2012-04-23 19:44 - 22921216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglnt.dll
2014-03-09 21:35 - 2012-04-23 19:44 - 09715712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2014-03-09 21:35 - 2012-04-23 19:44 - 02944344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2014-03-09 21:35 - 2012-04-23 19:44 - 02410784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvenc.dll
2014-03-09 21:35 - 2012-04-23 19:43 - 17551360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2014-03-09 21:35 - 2012-04-23 19:43 - 02652160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi.dll
2014-03-09 21:35 - 2012-04-18 16:21 - 04080384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv4_disp.dll
2014-03-09 21:35 - 2012-04-18 16:15 - 12856232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nv4_mini.sys
2014-03-09 20:33 - 2011-03-20 15:52 - 00335872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrshe.dll
2014-03-09 20:33 - 2011-03-20 15:52 - 00335872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsar.dll
2014-03-09 20:33 - 2011-03-20 15:52 - 00286720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsfr.dll
2014-03-09 20:33 - 2011-03-20 15:52 - 00282624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsit.dll
2014-03-09 20:33 - 2011-03-20 15:52 - 00282624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrses.dll
2014-03-09 20:33 - 2011-03-20 15:52 - 00282624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsel.dll
2014-03-09 20:33 - 2011-03-20 15:52 - 00278528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsde.dll
2014-03-09 20:33 - 2011-03-20 15:52 - 00274432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrspt.dll
2014-03-09 20:33 - 2011-03-20 15:52 - 00274432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsnl.dll
2014-03-09 20:33 - 2011-03-20 15:52 - 00274432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsja.dll
2014-03-09 20:33 - 2011-03-20 15:52 - 00274432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsesm.dll
2014-03-09 20:33 - 2011-03-20 15:52 - 00270336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsru.dll
2014-03-09 20:33 - 2011-03-20 15:52 - 00270336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsptb.dll
2014-03-09 20:33 - 2011-03-20 15:52 - 00266240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsko.dll
2014-03-09 20:33 - 2011-03-20 15:52 - 00262144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrshu.dll
2014-03-09 20:33 - 2011-03-20 15:52 - 00258048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrstr.dll
2014-03-09 20:33 - 2011-03-20 15:52 - 00258048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrssl.dll
2014-03-09 20:33 - 2011-03-20 15:52 - 00258048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrssk.dll
2014-03-09 20:33 - 2011-03-20 15:52 - 00258048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrspl.dll
2014-03-09 20:33 - 2011-03-20 15:52 - 00253952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsth.dll
2014-03-09 20:33 - 2011-03-20 15:52 - 00253952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrssv.dll
2014-03-09 20:33 - 2011-03-20 15:52 - 00253952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsno.dll
2014-03-09 20:33 - 2011-03-20 15:52 - 00253952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsda.dll
2014-03-09 20:33 - 2011-03-20 15:52 - 00249856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsfi.dll
2014-03-09 20:33 - 2011-03-20 15:52 - 00249856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrseng.dll
2014-03-09 20:33 - 2011-03-20 15:52 - 00249856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrscs.dll
2014-03-09 20:33 - 2011-03-20 15:52 - 00229376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrszhc.dll
2014-03-09 20:33 - 2011-03-20 15:52 - 00126976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrszht.dll
2014-03-09 20:31 - 2011-03-20 15:52 - 00156960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
2014-03-09 20:31 - 2011-03-20 15:52 - 00145352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcolor.exe
2014-03-09 20:31 - 2011-03-20 14:52 - 15714592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2014-03-09 20:31 - 2011-03-20 14:52 - 00377288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2014-03-09 20:31 - 2011-03-20 14:52 - 00054272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwddi.dll
2014-03-08 19:39 - 2012-04-18 16:57 - 00042984 _____ () C:\Documents and Settings\berger.XP-75CF98363E2C\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
2014-03-08 13:05 - 2012-04-18 17:49 - 00200936 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-04 15:19 - 2014-03-16 21:21 - 01049888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco3233523.dll
2014-03-04 15:19 - 2014-03-16 21:20 - 00894296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco3233523.dll
2014-03-04 14:01 - 2011-03-20 15:52 - 15714592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl(2).dll
2014-03-02 21:17 - 2014-03-02 21:17 - 00000000 ____D () C:\Program Files\PORTABLE.Foxit.PDF.Editor.v2.0.1011-YAG
2014-02-19 12:39 - 2014-02-19 12:39 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\PITy
2014-02-16 22:38 - 2014-02-16 22:38 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Package Cache
2014-02-16 22:25 - 2012-04-21 16:36 - 00000045 _____ () C:\WINDOWS\system32\initdebug.nfo

==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe
[2004-08-04 00:44] - [2008-04-14 21:51] - 1035264 ____A (Microsoft Corporation) c791ed9eac5e76d9525e157b1d7a599a 

C:\WINDOWS\system32\winlogon.exe
[2004-08-04 00:44] - [2008-04-14 21:51] - 0510464 ____A (Microsoft Corporation) 51fd2e13d723857b9ca239ae77150f48 

C:\WINDOWS\system32\svchost.exe
[2004-08-04 00:44] - [2008-04-14 21:51] - 0014336 ____A (Microsoft Corporation) 8607d35d92528e2df386f19a960d23ce 

C:\WINDOWS\system32\services.exe
[2004-08-04 00:44] - [2008-04-14 21:51] - 0109056 ____A (Microsoft Corporation) 3e3ae424e27c4cefe4cab368c7b570ea 

C:\WINDOWS\system32\User32.dll
[2004-08-04 00:44] - [2008-04-14 21:50] - 0580096 ____A (Microsoft Corporation) a435c5c069afd901751ac323ad238793 

C:\WINDOWS\system32\userinit.exe
[2004-08-04 00:44] - [2008-04-14 21:51] - 0026624 ____A (Microsoft Corporation) 2a5b37d520508be6570a3ea79695f5b5 

C:\WINDOWS\system32\rpcss.dll
[2004-08-04 00:44] - [2008-04-14 21:50] - 0399360 ____A (Microsoft Corporation) 02396dab9dd407b06539981f477f3fec 

 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\WINDOWS\system32\Drivers\volsnap.sys
[2004-08-04 00:36] - [2008-04-14 20:31] - 0052864 ____A (Microsoft Corporation) 56b191ac5fc0df219949c95a6c87afe7 


==================== End Of Log ============================