Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:21-05-2014 Ran by ja sam (administrator) on ANONIM-E21ED28F on 23-05-2014 11:36:24 Running from C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Pulpit Platform: Microsoft Windows XP Home Edition Dodatek Service Pack 3 (X86) OS Language: Polish Internet Explorer Version 8 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\S24EvMon.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe (Cherished Technololgy LIMITED) C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\IePluginService\PluginService.exe (Microsoft Corporation) C:\WINDOWS\system32\scardsvr.exe (Google Inc.) C:\Program Files\Google\Update\1.3.24.7\GoogleCrashHandler.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe () C:\Program Files\004\rqpbhevlkc32.exe (SigmaTel, Inc.) C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\stacsv.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\WLKEEPER.exe (SigmaTel, Inc.) C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe (Intel Corporation) C:\WINDOWS\system32\igfxpers.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Hewlett-Packard) C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe () C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Ustawienia lokalne\Dane aplikacji\t4pc_en_3\upt4pc_en_3.exe (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe (Nikon Corporation) C:\Program Files\Nikon\PictureProject\NkbMonitor.exe (WinZip Computing, Inc.) C:\Program Files\WinZip\WZQKPICK.EXE (Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [SigmatelSysTrayApp] => C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe [405504 2007-05-10] (SigmaTel, Inc.) HKLM\...\Run: [IntelZeroConfig] => C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe [1372160 2009-11-03] (Intel(R) Corporation) HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1202448 2009-11-03] (Intel(R) Corporation) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704 2014-04-28] (AVAST Software) HKLM\...\Run: [OrderReminder] => C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe [98304 2006-07-21] (Hewlett-Packard) HKLM\...\Run: [mobilegeni daemon] => C:\Program Files\Mobogenie\DaemonProcess.exe HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM\...\Run: [fst_pl_117] => [X] HKLM\...\Run: [t4pc_en_3] => [X] HKLM\...\Run: [upt4pc_en_3.exe] => C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Ustawienia lokalne\Dane aplikacji\t4pc_en_3\upt4pc_en_3.exe [3268080 2014-05-14] () HKU\S-1-5-21-299502267-1993962763-1417001333-1004\...\Run: [SpeedUpMyComputer] => C:\Program Files\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe /ot /as IFEO\bitguard.exe: [Debugger] tasklist.exe IFEO\bprotect.exe: [Debugger] tasklist.exe IFEO\bpsvc.exe: [Debugger] tasklist.exe IFEO\browserdefender.exe: [Debugger] tasklist.exe IFEO\browserprotect.exe: [Debugger] tasklist.exe IFEO\browsersafeguard.exe: [Debugger] tasklist.exe IFEO\dprotectsvc.exe: [Debugger] tasklist.exe IFEO\jumpflip: [Debugger] tasklist.exe IFEO\protectedsearch.exe: [Debugger] tasklist.exe IFEO\searchinstaller.exe: [Debugger] tasklist.exe IFEO\searchprotection.exe: [Debugger] tasklist.exe IFEO\searchprotector.exe: [Debugger] tasklist.exe IFEO\searchsettings.exe: [Debugger] tasklist.exe IFEO\searchsettings64.exe: [Debugger] tasklist.exe IFEO\snapdo.exe: [Debugger] tasklist.exe IFEO\stinst32.exe: [Debugger] tasklist.exe IFEO\stinst64.exe: [Debugger] tasklist.exe IFEO\umbrella.exe: [Debugger] tasklist.exe IFEO\utiljumpflip.exe: [Debugger] tasklist.exe IFEO\volaro: [Debugger] tasklist.exe IFEO\vonteera: [Debugger] tasklist.exe IFEO\websteroids.exe: [Debugger] tasklist.exe IFEO\websteroidsservice.exe: [Debugger] tasklist.exe Startup: C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Autostart\NkbMonitor.exe.lnk ShortcutTarget: NkbMonitor.exe.lnk -> C:\Program Files\Nikon\PictureProject\NkbMonitor.exe (Nikon Corporation) Startup: C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Autostart\WinZip Quick Pick.lnk ShortcutTarget: WinZip Quick Pick.lnk -> C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, Inc.) Startup: C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Autostart\NkbMonitor.exe.lnk ShortcutTarget: NkbMonitor.exe.lnk -> C:\Program Files\Nikon\PictureProject\NkbMonitor.exe (Nikon Corporation) Startup: C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Autostart\WinZip Quick Pick.lnk ShortcutTarget: WinZip Quick Pick.lnk -> C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, Inc.) HKLM\...\AppCertDlls: [x64] -> c:\program files\settings manager\systemk\x64\sysapcrt.dll ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.default-search.net?sid=492&aid=109&itype=a&ver=12692&tm=354&src=hmp HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.qone8.com/web/?type=ds&ts=1396980688&from=smt&uid=ST980811AS_5LY7743GXXXX5LY7743G&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.qone8.com/web/?type=ds&ts=1396980688&from=smt&uid=ST980811AS_5LY7743GXXXX5LY7743G&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://start.qone8.com/?type=sc&ts=1396980688&from=smt&uid=ST980811AS_5LY7743GXXXX5LY7743G SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.qone8.com/web/?type=ds&ts=1396980688&from=smt&uid=ST980811AS_5LY7743GXXXX5LY7743G&q={searchTerms} SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.qone8.com/web/?type=ds&ts=1396980688&from=smt&uid=ST980811AS_5LY7743GXXXX5LY7743G&q={searchTerms} SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = http://www.default-search.net/search?sid=492&aid=109&itype=a&ver=12692&tm=354&src=ds&p={searchTerms} SearchScopes: HKCU - DefaultScope {D9DC290A-C648-4059-8596-A905DF4F5037} URL = http://search.findwide.com/serp?guid={D2B77A2A-623F-4294-9EF8-EE59945FE51C}&action=default_search&serpv=22&k={searchTerms} SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = http://www.default-search.net/search?sid=492&aid=109&itype=a&ver=12692&tm=354&src=ds&p={searchTerms} SearchScopes: HKCU - {C72DDC0F-5BF4-4DA8-9F70-9A50C53E669C} URL = http://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=10809 SearchScopes: HKCU - {D9DC290A-C648-4059-8596-A905DF4F5037} URL = http://search.findwide.com/serp?guid={D2B77A2A-623F-4294-9EF8-EE59945FE51C}&action=default_search&serpv=22&k={searchTerms} BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO: BlockAndSurf - {8E9C1CC8-FCEC-F858-9CEC-A4143CA5EE64} - C:\Program Files\BlockAndSurf-soft\170.dll () BHO: No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File BHO: Freecorder extension - {B15BBE59-42F5-4206-B3F0-BE98F5DC4B93} - C:\Program Files\Freecorder extension\ScriptHost.dll (Applian Technologies Inc.) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: BlockAndSurf - {DF521630-EB03-9984-BAFD-0E502341A6FD} - C:\Program Files\BlockAndSurf-soft\170.dll () Toolbar: HKCU - &Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) Toolbar: HKCU - &Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File Toolbar: HKCU - No Name - {8235B9EF-7F8E-4FFE-9261-CDABFB7345FA} - No File DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1382565418750 DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{F384A567-8FE2-4BBD-98C4-347DE6403466}: [NameServer]192.168.1.1,194.204.159.1 Tcpip\..\Interfaces\{FABFB3DE-BFE5-4B19-9A8A-9AC084441E81}: [NameServer]192.168.1.1,194.204.195.1 FireFox: ======== FF ProfilePath: C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Dane aplikacji\Mozilla\Firefox\Profiles\f9r3ttfl.default FF user.js: detected! => C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Dane aplikacji\Mozilla\Firefox\Profiles\f9r3ttfl.default\user.js FF NewTab: file:///C:\\Documents and Settings\\ja sam.ANONIM-E21ED28F\\Ustawienia lokalne\\Dane aplikacji\\TNT2\\Common\\pinnedSearch.htm FF DefaultSearchEngine: default-search.net FF SelectedSearchEngine: default-search.net FF Homepage: hxxp://www.default-search.net?sid=492&aid=109&itype=a&ver=12692&tm=354&src=hmp FF Keyword.URL: hxxp://www.default-search.net/search?sid=492&aid=109&itype=a&ver=12692&tm=354&src=ds&p= FF SearchEngineOrder.1: default-search.net FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll () FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/DownloadManager,version=1.1 - C:\WINDOWS\ () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Dane aplikacji\Mozilla\Firefox\Profiles\f9r3ttfl.default\searchplugins\default-search.xml FF SearchPlugin: C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Dane aplikacji\Mozilla\Firefox\Profiles\f9r3ttfl.default\searchplugins\findwide.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\default-search.xml FF Extension: Freecorder - C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Dane aplikacji\Mozilla\Firefox\Profiles\f9r3ttfl.default\Extensions\addon@freecorder.com [2013-12-20] FF Extension: DownloadHelper - C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Dane aplikacji\Mozilla\Firefox\Profiles\f9r3ttfl.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-26] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-10-23] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [] FF HKLM\...\Firefox\Extensions: [ext@VideoPlayerV3beta993.net] - C:\Program Files\VideoPlayerV3\VideoPlayerV3beta993\ff FF Extension: Video Player - C:\Program Files\VideoPlayerV3\VideoPlayerV3beta993\ff [2014-01-10] FF HKLM\...\Firefox\Extensions: [ext@MediaWatchV1home746.net] - C:\Program Files\MediaWatchV1\MediaWatchV1home746\ff FF Extension: Media Watch - C:\Program Files\MediaWatchV1\MediaWatchV1home746\ff [2014-03-22] ========================== Services (Whitelisted) ================= R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-28] (AVAST Software) R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109048 2014-04-28] (AVAST Software) R2 IePluginService; C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\IePluginService\PluginService.exe [705136 2014-04-11] (Cherished Technololgy LIMITED) R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-04-14] (Oracle Corporation) R2 rqpbhevlkc32; C:\Program Files\004\rqpbhevlkc32.exe [543232 2014-05-05] () R2 S24EventMonitor; C:\Program Files\Intel\WiFi\bin\S24EvMon.exe [909312 2009-11-03] (Intel(R) Corporation) R2 STacSV; C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe [94208 2007-05-10] (SigmaTel, Inc.) R2 WLANKEEPER; C:\Program Files\Intel\WiFi\bin\WLKeeper.exe [348160 2009-11-03] (Intel(R) Corporation) S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X] S2 Update webget; "C:\Program Files\webget\updatewebget.exe" [X] ==================== Drivers (Whitelisted) ==================== R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-04-28] () R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [26136 2014-03-31] (AVAST Software) R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-04-28] (AVAST Software) R0 aswNdis; C:\WINDOWS\System32\DRIVERS\aswNdis.sys [12112 2014-02-02] (ALWIL Software) R0 aswNdis2; C:\WINDOWS\system32\Drivers\aswNdis2.sys [252464 2014-04-28] (AVAST Software) R1 AswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [54832 2014-05-15] (AVAST Software) R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-04-28] () R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [777488 2014-05-15] (AVAST Software) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [411680 2014-05-15] (AVAST Software) S3 aswTap; C:\WINDOWS\System32\DRIVERS\aswTap.sys [35272 2013-10-23] (The OpenVPN Project) R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57672 2014-04-28] (AVAST Software) R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [180632 2014-04-28] () R3 guardian2; C:\WINDOWS\System32\Drivers\oz776.sys [68696 2007-12-23] (O2Micro) R3 HSFHWAZL; C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys [211200 2007-08-02] (Conexant Systems, Inc.) R3 HSF_DPV; C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys [989952 2007-08-02] (Conexant Systems, Inc.) R3 NETw5x32; C:\WINDOWS\System32\DRIVERS\NETw5x32.sys [4221952 2009-10-26] (Intel Corporation) S3 NETwLx32; C:\WINDOWS\System32\DRIVERS\NETwLx32.sys [6616816 2013-05-02] (Intel Corporation) R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.) R2 s24trans; C:\WINDOWS\System32\DRIVERS\s24trans.sys [11904 2008-08-13] (Intel Corporation) R3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1222840 2007-05-10] (SigmaTel, Inc.) S4 IntelIde; No ImagePath U1 WS2IFSL; ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-05-23 11:36 - 2014-05-23 11:37 - 00017432 _____ () C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Pulpit\FRST.txt 2014-05-23 10:08 - 2014-05-23 10:08 - 00000000 ____D () C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Moje dokumenty\Optimizer Pro 2014-05-23 10:06 - 2014-05-23 10:26 - 00000368 _____ () C:\WINDOWS\Tasks\APSnotifierPP1.job 2014-05-23 10:06 - 2014-05-23 10:06 - 00000366 _____ () C:\WINDOWS\Tasks\APSnotifierPP3.job 2014-05-23 10:06 - 2014-05-23 10:06 - 00000366 _____ () C:\WINDOWS\Tasks\APSnotifierPP2.job 2014-05-23 10:05 - 2014-05-23 10:06 - 00000314 _____ () C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Dane aplikacji\aps.uninstall.scan.results 2014-05-23 09:50 - 2014-05-23 11:35 - 00000000 ____D () C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Ustawienia lokalne\Dane aplikacji\t4pc_en_3 2014-05-23 09:50 - 2014-05-23 11:29 - 00000000 ____D () C:\Program Files\Bench 2014-05-23 09:50 - 2014-05-23 10:45 - 00000334 _____ () C:\WINDOWS\Tasks\bench-sys.job 2014-05-23 09:50 - 2014-05-23 09:50 - 00000000 ____D () C:\Program Files\predm 2014-05-23 09:34 - 2014-02-23 18:08 - 00000426 _____ () C:\AVScanner.ini 2014-05-22 20:04 - 2014-05-23 11:36 - 00000000 ____D () C:\FRST 2014-05-22 19:53 - 2014-05-22 19:53 - 00380416 _____ () C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Pulpit\92rimh2n.exe 2014-05-22 19:50 - 2014-05-22 19:50 - 01056768 _____ (Farbar) C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Pulpit\FRST.exe 2014-05-22 18:50 - 2014-05-23 09:51 - 00000000 ____D () C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Moje dokumenty\cos-dziwnego 2014-05-22 18:21 - 2014-05-22 18:21 - 00602112 _____ (OldTimer Tools) C:\OTL.exe 2014-05-22 14:32 - 2014-05-22 14:32 - 00000000 ____D () C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Moje dokumenty\dell 2014-05-21 19:13 - 2014-05-23 10:01 - 00000000 ____D () C:\Program Files\BlockAndSurf-soft 2014-05-21 19:12 - 2014-05-23 10:01 - 00000000 ____D () C:\Program Files\fst_pl_117 2014-05-21 19:11 - 2014-05-21 19:11 - 00000000 ____D () C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Dane aplikacji\Settings Manager 2014-05-21 19:11 - 2014-05-19 07:19 - 01705063 _____ (AnyProtect.com) C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Ustawienia lokalne\Dane aplikacji\AnyProtectScannerSetup.exe 2014-05-21 19:00 - 2014-05-21 19:00 - 00000719 _____ () C:\Documents and Settings\All Users.WINDOWS\Pulpit\VLC media player.lnk 2014-05-21 19:00 - 2014-05-21 19:00 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\VideoLAN 2014-05-21 19:00 - 2014-05-21 19:00 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\VideoLAN 2014-05-21 18:55 - 2014-05-21 18:55 - 00000000 ____D () C:\Program Files\VideoLAN 2014-05-21 18:52 - 2014-05-21 19:50 - 00000000 ____D () C:\Program Files\MyPC Backup 2014-05-21 18:52 - 2014-05-21 18:53 - 00000000 ____D () C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Moje dokumenty\vlc 2014-05-06 22:18 - 2014-05-06 22:18 - 00000000 ____D () C:\Documents and Settings\Default User.WINDOWS\Ustawienia lokalne\Dane aplikacji\Google 2014-05-05 20:49 - 2014-05-05 20:49 - 00000000 __SHD () C:\WINDOWS\ftpcache 2014-05-05 18:53 - 2014-05-05 18:53 - 00000745 _____ () C:\Documents and Settings\All Users.WINDOWS\Pulpit\Edytor postaci.lnk 2014-05-05 18:53 - 2014-05-05 18:53 - 00000740 _____ () C:\Documents and Settings\All Users.WINDOWS\Pulpit\Logomocja Imagine.lnk 2014-05-05 18:53 - 2014-05-05 18:53 - 00000000 ____D () C:\Program Files\Logomocja 2014-05-05 18:53 - 2014-05-05 18:53 - 00000000 ____D () C:\Program Files\Common Files\Imagine 2014-05-05 18:53 - 2014-05-05 18:53 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Logomocja-Imagine 2014-05-05 18:53 - 2014-05-05 18:53 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Logomocja-Imagine 2014-05-05 18:53 - 2003-01-31 03:31 - 02311168 _____ () C:\WINDOWS\system32\exeImagine.IMD 2014-05-05 18:53 - 2002-09-16 17:32 - 00398336 _____ () C:\WINDOWS\system32\nxImagine.ocx 2014-05-05 18:52 - 2014-05-05 18:52 - 00000000 ____D () C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Menu Start\Programy\WinRAR 2014-05-05 18:52 - 2014-05-05 18:52 - 00000000 ____D () C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Dane aplikacji\WinRAR 2014-05-05 18:52 - 2014-05-05 18:52 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\WinRAR 2014-05-05 18:52 - 2014-05-05 18:52 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\WinRAR 2014-05-05 18:51 - 2014-05-05 18:53 - 00000000 ____D () C:\Program Files\004 2014-05-05 18:51 - 2014-05-05 18:52 - 00000000 ____D () C:\Program Files\WinRAR 2014-05-05 18:51 - 2014-05-05 18:51 - 01929720 _____ () C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Moje dokumenty\wrar501pl.exe 2014-05-05 18:49 - 2014-05-05 18:49 - 00510864 _____ (ezinstall manager) C:\winrarfree.exe 2014-05-05 18:48 - 2014-05-05 18:48 - 00128968 _____ () C:\install.exe 2014-05-05 15:57 - 2014-05-05 15:57 - 00000814 _____ () C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Pulpit\WM Converter.lnk 2014-05-05 15:57 - 2014-05-05 15:57 - 00000638 _____ () C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Pulpit\WM Recorder 12.1.lnk 2014-05-05 15:57 - 2014-05-05 15:57 - 00000000 ____D () C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Menu Start\Programy\WM Recorder 12.1 2014-05-05 15:56 - 2014-05-05 15:58 - 00000000 ____D () C:\Program Files\WMR11 2014-05-04 20:41 - 2013-06-19 14:58 - 00017920 _____ (PerformerSoft LLC) C:\WINDOWS\system32\roboot.exe 2014-05-04 20:40 - 2014-05-04 20:41 - 00000000 ____D () C:\Program Files\Free Games 111 2014-05-04 20:40 - 2014-05-04 20:40 - 00001190 _____ () C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Pulpit\Free Games.lnk 2014-05-03 18:59 - 2014-05-03 19:00 - 00005487 _____ () C:\WINDOWS\KB2964358-IE8.log 2014-04-28 10:19 - 2014-04-28 10:19 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr 2014-04-28 10:19 - 2014-04-28 10:19 - 00024184 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys ==================== One Month Modified Files and Folders ======= 2014-05-23 11:37 - 2014-05-23 11:36 - 00017432 _____ () C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Pulpit\FRST.txt 2014-05-23 11:36 - 2014-05-22 20:04 - 00000000 ____D () C:\FRST 2014-05-23 11:36 - 2013-10-19 18:43 - 00000000 ____D () C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Pulpit 2014-05-23 11:35 - 2014-05-23 09:50 - 00000000 ____D () C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Ustawienia lokalne\Dane aplikacji\t4pc_en_3 2014-05-23 11:33 - 2013-10-23 21:49 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job 2014-05-23 11:31 - 2013-11-17 20:51 - 00000159 _____ () C:\WINDOWS\wiadebug.log 2014-05-23 11:31 - 2013-11-17 20:51 - 00000050 _____ () C:\WINDOWS\wiaservc.log 2014-05-23 11:30 - 2014-03-19 13:35 - 00000224 _____ () C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job 2014-05-23 11:30 - 2013-11-06 16:09 - 00001032 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-05-23 11:30 - 2013-10-19 18:42 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-05-23 11:29 - 2014-05-23 09:50 - 00000000 ____D () C:\Program Files\Bench 2014-05-23 11:28 - 2013-10-19 18:42 - 00032546 _____ () C:\WINDOWS\SchedLgU.Txt 2014-05-23 11:28 - 2013-10-19 18:38 - 01097383 _____ () C:\WINDOWS\WindowsUpdate.log 2014-05-23 11:27 - 2013-10-19 18:43 - 00000292 ___SH () C:\Documents and Settings\ja sam.ANONIM-E21ED28F\ntuser.ini 2014-05-23 11:26 - 2013-10-19 18:43 - 00000000 ___HD () C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Ustawienia lokalne\Dane aplikacji 2014-05-23 11:23 - 2013-10-19 20:29 - 00000000 ___RD () C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy 2014-05-23 11:23 - 2013-10-19 20:29 - 00000000 ___RD () C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy 2014-05-23 11:22 - 2013-10-19 18:43 - 00000000 __RHD () C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Dane aplikacji 2014-05-23 11:16 - 2013-11-14 10:44 - 00000930 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-05-23 10:45 - 2014-05-23 09:50 - 00000334 _____ () C:\WINDOWS\Tasks\bench-sys.job 2014-05-23 10:41 - 2013-11-06 16:09 - 00001036 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-05-23 10:26 - 2014-05-23 10:06 - 00000368 _____ () C:\WINDOWS\Tasks\APSnotifierPP1.job 2014-05-23 10:13 - 2014-04-08 20:12 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\WPM 2014-05-23 10:13 - 2014-04-08 20:12 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\WPM 2014-05-23 10:12 - 2013-10-19 20:29 - 00000000 __RHD () C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji 2014-05-23 10:08 - 2014-05-23 10:08 - 00000000 ____D () C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Moje dokumenty\Optimizer Pro 2014-05-23 10:08 - 2013-10-19 18:43 - 00000000 ___RD () C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Moje dokumenty 2014-05-23 10:07 - 2013-10-19 18:43 - 00000000 ___RD () C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Menu Start\Programy 2014-05-23 10:06 - 2014-05-23 10:06 - 00000366 _____ () C:\WINDOWS\Tasks\APSnotifierPP3.job 2014-05-23 10:06 - 2014-05-23 10:06 - 00000366 _____ () C:\WINDOWS\Tasks\APSnotifierPP2.job 2014-05-23 10:06 - 2014-05-23 10:05 - 00000314 _____ () C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Dane aplikacji\aps.uninstall.scan.results 2014-05-23 10:01 - 2014-05-21 19:13 - 00000000 ____D () C:\Program Files\BlockAndSurf-soft 2014-05-23 10:01 - 2014-05-21 19:12 - 00000000 ____D () C:\Program Files\fst_pl_117 2014-05-23 09:51 - 2014-05-22 18:50 - 00000000 ____D () C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Moje dokumenty\cos-dziwnego 2014-05-23 09:50 - 2014-05-23 09:50 - 00000000 ____D () C:\Program Files\predm 2014-05-23 09:36 - 2013-10-19 20:29 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Pulpit 2014-05-23 09:34 - 2013-10-19 20:29 - 00000000 ___RD () C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Autostart 2014-05-23 09:34 - 2013-10-19 20:29 - 00000000 ___RD () C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Autostart 2014-05-23 09:14 - 2014-04-09 22:56 - 00043552 _____ () C:\WINDOWS\setupapi.log 2014-05-23 09:14 - 2014-04-09 22:56 - 00025338 _____ () C:\WINDOWS\FaxSetup.log 2014-05-23 09:14 - 2014-04-09 22:56 - 00014637 _____ () C:\WINDOWS\ocgen.log 2014-05-23 09:14 - 2014-04-09 22:56 - 00011033 _____ () C:\WINDOWS\tsoc.log 2014-05-23 09:14 - 2014-04-09 22:56 - 00008449 _____ () C:\WINDOWS\comsetup.log 2014-05-23 09:14 - 2014-04-09 22:56 - 00005317 _____ () C:\WINDOWS\ntdtcsetup.log 2014-05-23 09:14 - 2014-04-09 22:56 - 00003885 _____ () C:\WINDOWS\iis6.log 2014-05-23 09:14 - 2014-04-09 22:56 - 00001917 _____ () C:\WINDOWS\imsins.log 2014-05-23 09:14 - 2014-04-09 22:56 - 00001627 _____ () C:\WINDOWS\ocmsn.log 2014-05-23 09:14 - 2014-04-09 22:56 - 00001406 _____ () C:\WINDOWS\msgsocm.log 2014-05-23 01:06 - 2013-10-19 18:43 - 00000000 ____D () C:\Documents and Settings\ja sam.ANONIM-E21ED28F 2014-05-22 19:53 - 2014-05-22 19:53 - 00380416 _____ () C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Pulpit\92rimh2n.exe 2014-05-22 19:50 - 2014-05-22 19:50 - 01056768 _____ (Farbar) C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Pulpit\FRST.exe 2014-05-22 19:45 - 2013-11-06 16:10 - 00001819 _____ () C:\Documents and Settings\All Users.WINDOWS\Pulpit\Google Chrome.lnk 2014-05-22 18:21 - 2014-05-22 18:21 - 00602112 _____ (OldTimer Tools) C:\OTL.exe 2014-05-22 18:13 - 2013-10-24 15:52 - 00000000 ____D () C:\Program Files\Opera 2014-05-22 14:38 - 2013-10-19 18:43 - 00000000 ___RD () C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Moje dokumenty\Moje obrazy 2014-05-22 14:32 - 2014-05-22 14:32 - 00000000 ____D () C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Moje dokumenty\dell 2014-05-21 19:50 - 2014-05-21 18:52 - 00000000 ____D () C:\Program Files\MyPC Backup 2014-05-21 19:50 - 2013-10-19 18:43 - 00000000 ___RD () C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Menu Start\Programy\Autostart 2014-05-21 19:11 - 2014-05-21 19:11 - 00000000 ____D () C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Dane aplikacji\Settings Manager 2014-05-21 19:00 - 2014-05-21 19:00 - 00000719 _____ () C:\Documents and Settings\All Users.WINDOWS\Pulpit\VLC media player.lnk 2014-05-21 19:00 - 2014-05-21 19:00 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\VideoLAN 2014-05-21 19:00 - 2014-05-21 19:00 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\VideoLAN 2014-05-21 18:55 - 2014-05-21 18:55 - 00000000 ____D () C:\Program Files\VideoLAN 2014-05-21 18:53 - 2014-05-21 18:52 - 00000000 ____D () C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Moje dokumenty\vlc 2014-05-21 14:04 - 2013-11-02 16:51 - 00000919 _____ () C:\Documents and Settings\ja sam.ANONIM-E21ED28F\intlname.ols 2014-05-19 07:19 - 2014-05-21 19:11 - 01705063 _____ (AnyProtect.com) C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Ustawienia lokalne\Dane aplikacji\AnyProtectScannerSetup.exe 2014-05-16 11:23 - 2008-04-15 14:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl 2014-05-15 11:10 - 2013-10-23 21:50 - 00777488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys 2014-05-15 11:10 - 2013-10-23 21:50 - 00411680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys 2014-05-15 11:10 - 2013-10-23 21:50 - 00054832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswrdr.sys 2014-05-14 19:17 - 2013-10-23 22:08 - 00692400 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2014-05-14 19:17 - 2013-10-23 22:08 - 00070832 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2014-05-14 14:39 - 2013-10-24 21:03 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-05-14 14:38 - 2014-03-26 21:41 - 00002347 _____ () C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Adobe Reader XI.lnk 2014-05-14 14:38 - 2014-03-26 21:41 - 00002347 _____ () C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Adobe Reader XI.lnk 2014-05-14 14:34 - 2013-10-24 21:03 - 90547776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-05-13 20:21 - 2013-12-20 15:25 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-05-08 15:00 - 2014-03-19 13:35 - 00000218 _____ () C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — co miesiąc.job 2014-05-06 22:18 - 2014-05-06 22:18 - 00000000 ____D () C:\Documents and Settings\Default User.WINDOWS\Ustawienia lokalne\Dane aplikacji\Google 2014-05-06 22:18 - 2014-04-02 12:42 - 00001767 _____ () C:\Documents and Settings\All Users.WINDOWS\Pulpit\Google Slides.lnk 2014-05-06 22:18 - 2014-04-02 12:42 - 00001765 _____ () C:\Documents and Settings\All Users.WINDOWS\Pulpit\Google Sheets.lnk 2014-05-06 22:18 - 2014-04-02 12:42 - 00001755 _____ () C:\Documents and Settings\All Users.WINDOWS\Pulpit\Google Docs.lnk 2014-05-06 22:18 - 2014-04-02 12:42 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Google Drive 2014-05-06 22:18 - 2014-04-02 12:42 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Google Drive 2014-05-06 22:18 - 2013-10-19 20:29 - 00000000 ___HD () C:\Documents and Settings\Default User.WINDOWS\Ustawienia lokalne\Dane aplikacji 2014-05-05 20:49 - 2014-05-05 20:49 - 00000000 __SHD () C:\WINDOWS\ftpcache 2014-05-05 18:53 - 2014-05-05 18:53 - 00000745 _____ () C:\Documents and Settings\All Users.WINDOWS\Pulpit\Edytor postaci.lnk 2014-05-05 18:53 - 2014-05-05 18:53 - 00000740 _____ () C:\Documents and Settings\All Users.WINDOWS\Pulpit\Logomocja Imagine.lnk 2014-05-05 18:53 - 2014-05-05 18:53 - 00000000 ____D () C:\Program Files\Logomocja 2014-05-05 18:53 - 2014-05-05 18:53 - 00000000 ____D () C:\Program Files\Common Files\Imagine 2014-05-05 18:53 - 2014-05-05 18:53 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Logomocja-Imagine 2014-05-05 18:53 - 2014-05-05 18:53 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Logomocja-Imagine 2014-05-05 18:53 - 2014-05-05 18:51 - 00000000 ____D () C:\Program Files\004 2014-05-05 18:52 - 2014-05-05 18:52 - 00000000 ____D () C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Menu Start\Programy\WinRAR 2014-05-05 18:52 - 2014-05-05 18:52 - 00000000 ____D () C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Dane aplikacji\WinRAR 2014-05-05 18:52 - 2014-05-05 18:52 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\WinRAR 2014-05-05 18:52 - 2014-05-05 18:52 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\WinRAR 2014-05-05 18:52 - 2014-05-05 18:51 - 00000000 ____D () C:\Program Files\WinRAR 2014-05-05 18:51 - 2014-05-05 18:51 - 01929720 _____ () C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Moje dokumenty\wrar501pl.exe 2014-05-05 18:49 - 2014-05-05 18:49 - 00510864 _____ (ezinstall manager) C:\winrarfree.exe 2014-05-05 18:48 - 2014-05-05 18:48 - 00128968 _____ () C:\install.exe 2014-05-05 18:19 - 2013-12-20 16:50 - 00000000 ____D () C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Dane aplikacji\Applian FLV and Media Player 2014-05-05 17:08 - 2013-12-10 15:54 - 00005632 _____ () C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-05-05 15:58 - 2014-05-05 15:56 - 00000000 ____D () C:\Program Files\WMR11 2014-05-05 15:57 - 2014-05-05 15:57 - 00000814 _____ () C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Pulpit\WM Converter.lnk 2014-05-05 15:57 - 2014-05-05 15:57 - 00000638 _____ () C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Pulpit\WM Recorder 12.1.lnk 2014-05-05 15:57 - 2014-05-05 15:57 - 00000000 ____D () C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Menu Start\Programy\WM Recorder 12.1 2014-05-05 12:54 - 2013-12-20 15:40 - 00000000 ____D () C:\Documents and Settings\ja sam.ANONIM-E21ED28F\dwhelper 2014-05-04 21:27 - 2013-12-20 16:27 - 00000000 ____D () C:\Program Files\Mobogenie 2014-05-04 21:12 - 2013-12-20 16:28 - 00000000 ____D () C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Ustawienia lokalne\Dane aplikacji\genienext 2014-05-04 20:56 - 2014-01-16 14:42 - 00000000 ____D () C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Moje dokumenty\Pobieranie 2014-05-04 20:54 - 2013-12-20 16:29 - 00000000 ____D () C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Dane aplikacji\SwvUpdater 2014-05-04 20:41 - 2014-05-04 20:40 - 00000000 ____D () C:\Program Files\Free Games 111 2014-05-04 20:40 - 2014-05-04 20:40 - 00001190 _____ () C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Pulpit\Free Games.lnk 2014-05-03 19:00 - 2014-05-03 18:59 - 00005487 _____ () C:\WINDOWS\KB2964358-IE8.log 2014-05-03 19:00 - 2014-04-09 22:56 - 00003625 _____ () C:\WINDOWS\updspapi.log 2014-05-03 19:00 - 2014-04-09 22:56 - 00001355 _____ () C:\WINDOWS\imsins.BAK 2014-05-03 18:59 - 2013-10-24 20:57 - 00000000 ____D () C:\WINDOWS\ie8updates 2014-04-30 10:12 - 2008-04-15 14:00 - 06022144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtml.dll 2014-04-30 10:12 - 2008-04-15 14:00 - 06022144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-04-28 12:24 - 2013-11-05 13:40 - 00000000 ____D () C:\WINDOWS\system32\cache 2014-04-28 10:20 - 2014-02-02 13:46 - 00001719 _____ () C:\Documents and Settings\All Users.WINDOWS\Pulpit\avast! Premier.lnk 2014-04-28 10:19 - 2014-04-28 10:19 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr 2014-04-28 10:19 - 2014-04-28 10:19 - 00024184 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys 2014-04-28 10:19 - 2013-10-23 21:50 - 00776976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys.1400145027125 2014-04-28 10:19 - 2013-10-23 21:50 - 00180632 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys 2014-04-28 10:19 - 2013-10-23 21:50 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys 2014-04-28 10:19 - 2013-10-23 21:50 - 00057672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys 2014-04-28 10:19 - 2013-10-23 21:50 - 00054832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswrdr.sys.1400145027125 2014-04-28 10:19 - 2013-10-23 21:50 - 00049944 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys 2014-04-28 10:19 - 2013-10-23 21:49 - 00271264 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2014-04-28 10:18 - 2014-02-02 13:45 - 00252464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNdis2.sys 2014-04-26 17:21 - 2014-04-09 22:56 - 00000041 _____ () C:\WINDOWS\setupact.log 2014-04-25 19:01 - 2014-04-02 12:43 - 00010240 ____H () C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Moje dokumenty\photothumb.db Some content of TEMP: ==================== C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Ustawienia lokalne\Temp\BackupSetup.exe C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Ustawienia lokalne\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpcsmwns.dll C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Ustawienia lokalne\Temp\GoogleSetup.exe C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Ustawienia lokalne\Temp\jre-7u55-windows-i586-iftw.exe C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Ustawienia lokalne\Temp\ms.exe C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Ustawienia lokalne\Temp\nsd41.tmp.exe C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Ustawienia lokalne\Temp\oi_{64681936-8B47-4D34-ADBD-E940071ABD67}.exe C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Ustawienia lokalne\Temp\smt_qone8_new.exe C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Ustawienia lokalne\Temp\SpeedUpMyComputer.exe C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Ustawienia lokalne\Temp\UNINSTALL.EXE C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Ustawienia lokalne\Temp\vcredist_x86.exe C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Ustawienia lokalne\Temp\Wise_INI.dll C:\Documents and Settings\ja sam.ANONIM-E21ED28F\Ustawienia lokalne\Temp\{7014E919-2EAA-4158-AB8A-7483300316F4}.dll ==================== Bamital & volsnap Check ================= C:\WINDOWS\explorer.exe [2008-04-15 14:00] - [2008-04-15 14:00] - 1035264 ____A (Microsoft Corporation) c791ed9eac5e76d9525e157b1d7a599a C:\WINDOWS\system32\winlogon.exe [2008-04-15 14:00] - [2008-04-15 14:00] - 0510464 ____A (Microsoft Corporation) 51fd2e13d723857b9ca239ae77150f48 C:\WINDOWS\system32\svchost.exe [2008-04-15 14:00] - [2008-04-15 14:00] - 0014336 ____A (Microsoft Corporation) 8607d35d92528e2df386f19a960d23ce C:\WINDOWS\system32\services.exe [2008-04-15 14:00] - [2009-02-09 13:25] - 0111104 ____A (Microsoft Corporation) 02a467e27af55f7064c5b251e587315f C:\WINDOWS\system32\User32.dll [2008-04-15 14:00] - [2008-04-15 14:00] - 0580096 ____A (Microsoft Corporation) a435c5c069afd901751ac323ad238793 C:\WINDOWS\system32\userinit.exe [2008-04-15 14:00] - [2008-04-15 14:00] - 0026624 ____A (Microsoft Corporation) 2a5b37d520508be6570a3ea79695f5b5 C:\WINDOWS\system32\rpcss.dll [2008-04-15 14:00] - [2009-02-09 12:53] - 0401408 ____A (Microsoft Corporation) a37311d9d628c1042a2836731787f0f3 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected. C:\WINDOWS\system32\Drivers\volsnap.sys [2008-04-15 14:00] - [2008-04-15 14:00] - 0052864 ____A (Microsoft Corporation) 56b191ac5fc0df219949c95a6c87afe7 ==================== End Of Log ============================