Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-09-2014 Ran by UNIDROG (administrator) on JAREK on 26-09-2014 23:54:35 Running from E:\Moje Dokumenty\Downloads Loaded Profile: UNIDROG (Available profiles: UNIDROG & Administrator) Platform: Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polski Internet Explorer Version 8 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG2012\avgrsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgcsrvx.exe (Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation ) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Agere Systems) C:\WINDOWS\system32\agrsmsvc.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgwdsvc.exe (France Telecom SA) C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe (Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jqs.exe (Intel Corporation) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgnsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgemcx.exe (France Telecom SA) C:\Program Files\CardDetector\HUAWEI177\CardDetector.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgtray.exe (Google Inc.) C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [CardDetectorHUAWEI177] => C:\Program Files\CardDetector\HUAWEI177\CardDetector.exe [290816 2011-02-23] (France Telecom SA) HKLM\...\Run: [BEWINTERNET-PL-IEWSessionManager] => C:\Program Files\OrangeBS\BEWInternet-PL-IEW\SessionManager\SessionManager.exe [140016 2011-02-23] (France Telecom SA) HKLM\...\Run: [BEWINTERNET-PL-IEWSMSNotify] => C:\Program Files\OrangeBS\BEWInternet-PL-IEW\Phonetools\SMSNotify.exe [131072 2011-02-23] (France Telecom) HKLM\...\Run: [AVG_TRAY] => C:\Program Files\AVG\AVG2012\avgtray.exe [2598520 2012-11-19] (AVG Technologies CZ, s.r.o.) Winlogon\Notify\ATFUS: C:\WINDOWS\system32\FpWinLogonNp.dll (AuthenTec,Inc) Winlogon\Notify\tphotkey: C:\Program Files\Lenovo\HOTKEY\tphklock.dll () HKU\S-1-5-21-2000478354-362288127-839522115-1003\...\MountPoints2: {064bff30-3dab-11df-995d-001eec08cd74} - G:\LaunchU3.exe -a HKU\S-1-5-21-2000478354-362288127-839522115-1003\...\MountPoints2: {92bf7b6e-9ee5-11e3-9ac3-001eec08cd74} - G:\MicroLauncher.exe HKU\S-1-5-21-2000478354-362288127-839522115-1003\...\MountPoints2: {ea797d0a-3c3d-11df-9951-001eec08cd74} - G:\AutoRun.exe HKU\S-1-5-21-2000478354-362288127-839522115-1003\...\MountPoints2: {ea797d0d-3c3d-11df-9951-001eec08cd74} - G:\AutoRun.exe BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wp.pl/ HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.pl/ HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie SearchScopes: HKCU - {FFA97B32-A7C7-408F-9DCE-6E2728F4A617} URL = http://www.google.pl/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) Toolbar: HKCU - &Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) Toolbar: HKCU - &Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1269971353133 DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.) Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Documents and Settings\UNIDROG\Dane aplikacji\Mozilla\Firefox\Profiles\59lmxqms.default FF SelectedSearchEngine: Google FF Homepage: hxxp://www.google.pl/ FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll () FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npnul32.dll (mozilla.org) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\UNIDROG\Dane aplikacji\Mozilla\Firefox\Profiles\59lmxqms.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2012-06-19] FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\UNIDROG\Dane aplikacji\Mozilla\Firefox\Profiles\59lmxqms.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2012-06-19] FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2011-06-24] FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} [2010-03-31] FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-05-31] FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2010-03-31] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-06-27] FF HKLM\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files\AVG\AVG2012\Firefox4 FF Extension: AVG Safe Search - C:\Program Files\AVG\AVG2012\Firefox4 [2012-08-10] FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird Chrome: ======= CHR HomePage: Default -> CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\36.0.1985.143\PepperFlash\pepflashplayer.dll () CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\36.0.1985.143\gcswf32.dll No File CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File CHR Plugin: (Remoting Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\36.0.1985.143\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Java Deployment Toolkit 6.0.200.2) - C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.) CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation) CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation) CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.)) CHR Plugin: (Google Update) - C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\\npsitesafety.dll No File CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) CHR CustomProfile: C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default CHR Extension: (Adblock Plus) - C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-03-22] CHR Extension: (Google Wallet) - C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-23] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AVGIDSAgent; C:\Program Files\AVG\AVG2012\avgidsagent.exe [5175856 2013-10-16] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [193288 2012-02-14] (AVG Technologies CZ, s.r.o.) S4 btwdins; C:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe [266295 2006-11-11] (Broadcom Corporation.) [File not signed] R2 EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [434176 2006-11-08] (Intel Corporation) [File not signed] S4 FingerprintServer; C:\WINDOWS\system32\FpLogonServ.exe [106496 2008-07-15] (AuthenTec,Inc) [File not signed] R2 FTRTSVC; C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [90112 2011-02-23] (France Telecom SA) [File not signed] R2 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [153376 2010-04-12] (Sun Microsystems, Inc.) R2 RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [327680 2006-11-08] (Intel Corporation) [File not signed] R2 S24EventMonitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [950272 2006-11-08] (Intel Corporation ) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21425 2010-03-30] (Meetinghouse Data Communications) [File not signed] R3 ATSWPDRV; C:\WINDOWS\System32\DRIVERS\ATSwpDrv.sys [146944 2008-06-05] (AuthenTec, Inc.) R3 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdriverx.sys [142176 2012-12-10] (AVG Technologies CZ, s.r.o. ) R3 AVGIDSFilter; C:\WINDOWS\System32\DRIVERS\avgidsfilterx.sys [24144 2011-12-23] (AVG Technologies CZ, s.r.o. ) R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [24896 2012-04-19] (AVG Technologies CZ, s.r.o. ) R3 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [17232 2011-12-23] (AVG Technologies CZ, s.r.o. ) R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [250080 2012-11-08] (AVG Technologies CZ, s.r.o.) R1 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [41040 2011-12-23] (AVG Technologies CZ, s.r.o.) R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [31952 2012-01-31] (AVG Technologies CZ, s.r.o.) R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [302368 2013-04-11] (AVG Technologies CZ, s.r.o.) S1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [33112 2013-02-22] () [File not signed] R3 btaudio; C:\WINDOWS\System32\drivers\btaudio.sys [329901 2006-10-30] (Broadcom Corporation.) S3 BTDriver; C:\WINDOWS\System32\DRIVERS\btport.sys [30459 2006-10-30] (Broadcom Corporation.) R3 BTKRNL; C:\WINDOWS\System32\DRIVERS\btkrnl.sys [862922 2006-11-13] (Broadcom Corporation.) S3 BTWDNDIS; C:\WINDOWS\System32\DRIVERS\btwdndis.sys [149123 2006-10-30] (Broadcom Corporation.) S3 btwhid; C:\WINDOWS\System32\DRIVERS\btwhid.sys [47875 2006-10-30] (Broadcom Corporation.) S3 BTWUSB; C:\WINDOWS\System32\Drivers\btwusb.sys [67672 2006-10-30] (Broadcom Corporation.) S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation) S3 huawei_cdcacm; C:\WINDOWS\System32\DRIVERS\ew_jucdcacm.sys [82816 2010-11-15] (Huawei Technologies Co., Ltd.) S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation) R3 NETw3x32; C:\WINDOWS\System32\DRIVERS\NETw3x32.sys [1711488 2006-11-15] (Intel® Corporation) S3 PCAMPR5; C:\WINDOWS\system32\PCAMPR5.SYS [34688 2003-09-23] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed] S3 PCANDIS5; C:\WINDOWS\system32\PCANDIS5.SYS [32128 2006-03-01] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed] R2 s24trans; C:\WINDOWS\System32\DRIVERS\s24trans.sys [12544 2006-11-08] (Intel Corporation) [File not signed] R3 SNP2UVC; C:\WINDOWS\System32\DRIVERS\snp2uvc.sys [9598080 2007-02-16] () S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X] S4 IntelIde; No ImagePath U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation) U4 WMCoreService; No ImagePath U1 WS2IFSL; No ImagePath ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-26 23:37 - 2014-09-26 23:56 - 00000000 ____D () C:\FRST 2014-09-26 21:29 - 2014-09-26 21:29 - 00000220 _____ () C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — co miesiąc.job 2014-09-26 21:21 - 2014-09-26 21:21 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2922229$ 2014-09-26 21:21 - 2014-09-26 21:21 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868626$ 2014-09-26 21:20 - 2014-09-26 21:20 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$ 2014-09-26 21:20 - 2014-09-26 21:20 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$ 2014-09-26 21:19 - 2014-09-26 21:20 - 00132344 _____ () C:\WINDOWS\KB2934207.log 2014-09-26 21:19 - 2014-09-26 21:19 - 00132201 _____ () C:\WINDOWS\KB2834886.log 2014-09-26 21:19 - 2014-09-26 21:19 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2834886$ 2014-09-26 21:17 - 2014-09-26 21:19 - 00135747 _____ () C:\WINDOWS\KB2964358-IE8.log 2014-09-26 21:08 - 2014-09-26 21:08 - 00131989 _____ () C:\WINDOWS\KB2900986.log 2014-09-26 21:08 - 2014-09-26 21:08 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2900986$ 2014-09-26 21:08 - 2014-09-26 21:08 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2847311$ 2014-09-26 21:08 - 2014-09-26 21:08 - 00000000 ____D () C:\Program Files\Common Files\Skype 2014-09-26 21:08 - 2014-09-26 21:08 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Skype 2014-09-26 21:03 - 2014-09-26 21:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2898715$ 2014-09-26 21:02 - 2014-09-26 21:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$ 2014-09-26 21:01 - 2014-09-26 21:01 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862335$ 2014-09-26 21:00 - 2014-09-26 21:01 - 00131503 _____ () C:\WINDOWS\KB2862335.log 2014-09-26 21:00 - 2014-09-26 21:00 - 00130950 _____ () C:\WINDOWS\KB2834904-v2.log 2014-09-26 21:00 - 2014-09-26 21:00 - 00130896 _____ () C:\WINDOWS\KB2904266.log 2014-09-26 21:00 - 2014-09-26 21:00 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2904266$ 2014-09-26 21:00 - 2014-09-26 21:00 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$ 2014-09-26 20:59 - 2014-09-26 20:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$ 2014-09-26 20:59 - 2014-09-26 20:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876217$ 2014-09-26 20:58 - 2014-09-26 20:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2864063$ 2014-09-26 20:58 - 2014-09-26 20:58 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862152$ 2014-09-26 20:56 - 2014-09-26 20:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2850869$ 2014-09-26 20:55 - 2014-09-26 20:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876331$ 2014-09-26 20:55 - 2014-09-26 20:55 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2859537$ 2014-09-26 20:39 - 2014-09-26 20:54 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-09-26 20:24 - 2014-09-26 20:24 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868038$ 2014-09-26 20:23 - 2014-09-26 20:24 - 00129867 _____ () C:\WINDOWS\KB2868038.log 2014-09-26 20:23 - 2014-09-26 20:23 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2893294$ 2014-09-26 20:17 - 2014-09-26 20:17 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2892075$ 2014-09-26 20:17 - 2014-09-26 20:17 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862330$ 2014-09-26 20:15 - 2014-09-26 20:15 - 00009142 _____ () C:\WINDOWS\KB2909210-IE8.log 2014-09-26 19:59 - 2014-09-26 21:21 - 00006820 _____ () C:\WINDOWS\updspapi.log 2014-09-26 19:57 - 2014-09-26 20:00 - 00011860 _____ () C:\WINDOWS\KB2936068-IE8.log 2014-09-26 19:46 - 2014-09-26 21:21 - 00029241 _____ () C:\WINDOWS\netfxocm.log 2014-09-26 19:46 - 2014-09-26 21:21 - 00011475 _____ () C:\WINDOWS\MedCtrOC.log 2014-09-26 19:46 - 2014-09-26 21:21 - 00010422 _____ () C:\WINDOWS\ocmsn.log 2014-09-26 19:46 - 2014-09-26 21:21 - 00008613 _____ () C:\WINDOWS\tabletoc.log 2014-09-26 19:45 - 2014-09-26 21:21 - 00180661 _____ () C:\WINDOWS\iis6.log 2014-09-26 19:45 - 2014-09-26 21:21 - 00166935 _____ () C:\WINDOWS\FaxSetup.log 2014-09-26 19:45 - 2014-09-26 21:21 - 00079812 _____ () C:\WINDOWS\ocgen.log 2014-09-26 19:45 - 2014-09-26 21:21 - 00076383 _____ () C:\WINDOWS\tsoc.log 2014-09-26 19:45 - 2014-09-26 21:21 - 00055187 _____ () C:\WINDOWS\comsetup.log 2014-09-26 19:45 - 2014-09-26 21:21 - 00052210 _____ () C:\WINDOWS\msmqinst.log 2014-09-26 19:45 - 2014-09-26 21:21 - 00033481 _____ () C:\WINDOWS\ntdtcsetup.log 2014-09-26 19:45 - 2014-09-26 21:21 - 00008343 _____ () C:\WINDOWS\msgsocm.log 2014-09-26 19:45 - 2014-09-26 21:21 - 00001374 _____ () C:\WINDOWS\imsins.log 2014-09-26 19:45 - 2014-09-26 21:21 - 00001374 _____ () C:\WINDOWS\imsins.BAK 2014-09-26 19:45 - 2014-09-26 19:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$ 2014-09-26 19:45 - 2014-09-26 19:45 - 00000000 _____ () C:\WINDOWS\setuperr.log 2014-09-26 19:45 - 2014-09-26 19:45 - 00000000 _____ () C:\WINDOWS\setupact.log 2014-09-26 19:44 - 2014-09-26 19:46 - 00004748 _____ () C:\WINDOWS\KB2914368.log 2014-09-26 18:56 - 2014-09-26 21:21 - 00138489 _____ () C:\WINDOWS\KB2868626.log 2014-09-26 18:55 - 2014-09-26 21:21 - 00137679 _____ () C:\WINDOWS\KB2922229.log 2014-09-26 18:55 - 2014-09-26 21:20 - 00137462 _____ () C:\WINDOWS\KB2916036.log 2014-09-26 18:55 - 2014-02-27 01:28 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\xp_eos.exe 2014-09-26 18:55 - 2014-02-27 01:28 - 00013312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xp_eos.exe 2014-09-26 18:54 - 2014-09-26 21:08 - 00136938 _____ () C:\WINDOWS\KB2847311.log 2014-09-26 18:53 - 2014-09-26 21:03 - 00136427 _____ () C:\WINDOWS\KB2898715.log 2014-09-26 18:53 - 2014-09-26 21:02 - 00135068 _____ () C:\WINDOWS\KB2929961.log 2014-09-26 18:53 - 2013-07-03 04:12 - 00025088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidparse.sys 2014-09-26 18:53 - 2013-07-03 03:59 - 00014976 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbscan.sys 2014-09-26 18:52 - 2014-09-26 20:59 - 00135504 _____ () C:\WINDOWS\KB2930275.log 2014-09-26 18:52 - 2014-09-26 20:59 - 00135414 _____ () C:\WINDOWS\KB2876217.log 2014-09-26 18:52 - 2014-09-26 20:59 - 00134192 _____ () C:\WINDOWS\KB2864063.log 2014-09-26 18:51 - 2014-09-26 20:58 - 00133467 _____ () C:\WINDOWS\KB2862152.log 2014-09-26 18:51 - 2014-09-26 20:56 - 00133668 _____ () C:\WINDOWS\KB2850869.log 2014-09-26 18:51 - 2014-09-26 20:56 - 00132956 _____ () C:\WINDOWS\KB2876331.log 2014-09-26 18:50 - 2014-09-26 20:55 - 00135897 _____ () C:\WINDOWS\KB2859537.log 2014-09-26 18:48 - 2014-09-26 20:23 - 00133938 _____ () C:\WINDOWS\KB2893294.log 2014-09-26 18:48 - 2014-09-26 20:17 - 00013345 _____ () C:\WINDOWS\KB2892075.log 2014-09-26 18:48 - 2013-07-17 02:58 - 00123008 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbvideo.sys 2014-09-26 18:48 - 2013-07-17 02:58 - 00060160 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbaudio.sys 2014-09-26 18:48 - 2013-07-17 02:58 - 00046848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\irbus.sys 2014-09-26 18:47 - 2013-08-09 02:55 - 00144128 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbport.sys 2014-09-26 18:47 - 2013-08-09 02:55 - 00032384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbccgp.sys 2014-09-26 18:47 - 2013-08-09 02:55 - 00005376 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbd.sys 2014-09-26 18:47 - 2009-03-18 13:02 - 00030336 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbehci.sys 2014-09-26 18:35 - 2014-09-26 18:35 - 00000000 ____D () C:\Documents and Settings\UNIDROG\Dane aplikacji\TuneUp Software 2014-09-26 18:26 - 2014-09-26 18:26 - 00001643 _____ () C:\Documents and Settings\UNIDROG\Pulpit\CrystalDiskInfo.lnk 2014-09-26 18:25 - 2014-09-26 18:26 - 00000000 ____D () C:\Program Files\CrystalDiskInfo 2014-09-26 17:48 - 2014-09-26 17:48 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes 2014-09-26 17:38 - 2014-09-26 17:41 - 00000000 ____D () C:\AdwCleaner 2014-09-26 17:32 - 2014-09-26 21:01 - 00022403 _____ () C:\WINDOWS\setupapi.log 2014-09-25 22:52 - 2014-09-26 22:27 - 00003614 _____ () C:\WINDOWS\SchedLgU.Txt ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-27 00:00 - 2010-03-30 17:39 - 00000000 ____D () C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Temp 2014-09-26 22:36 - 2010-03-30 19:11 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit 2014-09-26 22:36 - 2010-03-30 17:32 - 02071008 _____ () C:\WINDOWS\WindowsUpdate.log 2014-09-26 22:35 - 2010-03-30 17:39 - 00000000 ___RD () C:\Documents and Settings\UNIDROG\Menu Start\Programy 2014-09-26 22:28 - 2010-06-15 22:19 - 00000555 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.ics 2014-09-26 22:28 - 2001-07-22 00:17 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl 2014-09-26 22:27 - 2010-03-30 19:14 - 00000159 _____ () C:\WINDOWS\wiadebug.log 2014-09-26 22:27 - 2010-03-30 19:14 - 00000050 _____ () C:\WINDOWS\wiaservc.log 2014-09-26 22:27 - 2010-03-30 17:37 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-09-26 22:21 - 2010-03-30 17:39 - 00000188 ___SH () C:\Documents and Settings\UNIDROG\ntuser.ini 2014-09-26 22:17 - 2010-03-30 20:16 - 00049536 _____ (Absolute Software Corp.) C:\WINDOWS\system32\agremove.exe 2014-09-26 21:38 - 2010-06-01 09:06 - 00000000 ____D () C:\WINDOWS\Microsoft.NET 2014-09-26 21:28 - 2013-06-22 12:51 - 00017408 _____ () C:\WINDOWS\system32\rpcnetp.dll 2014-09-26 21:27 - 2010-03-30 19:10 - 00122136 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-09-26 21:26 - 2013-06-22 12:50 - 00017408 _____ () C:\WINDOWS\system32\rpcnetp.exe 2014-09-26 21:18 - 2010-03-30 23:06 - 00000000 ____D () C:\WINDOWS\ie8updates 2014-09-26 21:16 - 2010-03-30 19:12 - 01045262 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2014-09-26 21:16 - 2001-10-26 18:15 - 00491314 _____ () C:\WINDOWS\system32\perfh015.dat 2014-09-26 21:16 - 2001-10-26 18:15 - 00084526 _____ () C:\WINDOWS\system32\perfc015.dat 2014-09-26 21:08 - 2012-01-29 10:52 - 00001880 _____ () C:\Documents and Settings\All Users\Pulpit\Skype.lnk 2014-09-26 21:08 - 2011-06-24 16:29 - 00000000 ___RD () C:\Program Files\Skype 2014-09-26 21:08 - 2010-03-30 19:11 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy 2014-09-26 21:07 - 2011-06-24 16:29 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Skype 2014-09-26 21:00 - 2010-03-30 23:26 - 00045652 _____ () C:\WINDOWS\system32\TZLog.log 2014-09-26 20:21 - 2010-08-31 22:20 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Silverlight 2014-09-26 20:19 - 2010-08-31 22:20 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-09-26 20:03 - 2010-06-27 13:22 - 00000000 ____D () C:\WINDOWS\system32\XPSViewer 2014-09-26 19:43 - 2010-03-30 17:39 - 00000000 ____D () C:\Documents and Settings\UNIDROG 2014-09-26 18:38 - 2010-03-31 07:41 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-09-26 18:37 - 2010-03-30 17:33 - 00001507 _____ () C:\Documents and Settings\All Users\Menu Start\Windows Update.lnk 2014-09-26 18:35 - 2010-03-30 17:39 - 00000000 __RHD () C:\Documents and Settings\UNIDROG\Dane aplikacji 2014-09-26 18:34 - 2012-08-10 17:29 - 00000000 ____D () C:\WINDOWS\system32\Drivers\AVG 2014-09-26 18:26 - 2010-03-30 17:39 - 00000000 ____D () C:\Documents and Settings\UNIDROG\Pulpit 2014-09-26 17:48 - 2010-03-30 19:11 - 00000000 __RHD () C:\Documents and Settings\All Users\Dane aplikacji 2014-09-26 17:40 - 2010-03-30 17:39 - 00000000 ___HD () C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji 2014-09-25 22:55 - 2010-03-30 19:09 - 00000211 ___SH () C:\boot.ini 2014-09-25 22:55 - 2001-07-22 00:16 - 00000565 _____ () C:\WINDOWS\win.ini 2014-09-25 22:55 - 2001-07-22 00:15 - 00000227 _____ () C:\WINDOWS\system.ini 2014-09-25 15:43 - 2010-05-02 14:36 - 00000000 ____D () C:\Documents and Settings\UNIDROG\Dane aplikacji\Media Player Classic 2014-09-25 15:42 - 2013-02-22 21:50 - 00000000 ____D () C:\WINDOWS\Minidump 2014-09-25 15:42 - 2011-07-31 16:42 - 00000000 ____D () C:\Documents and Settings\UNIDROG\Dane aplikacji\uTorrent 2014-09-25 15:42 - 2011-06-24 16:30 - 00000000 ____D () C:\Documents and Settings\UNIDROG\Dane aplikacji\Skype 2014-08-29 13:01 - 2010-03-30 23:03 - 98758480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe Some content of TEMP: ==================== C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Temp\CommonInstaller.exe C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Temp\fp_pl_pfs_installer-1.exe C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Temp\fp_pl_pfs_installer-2.exe C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Temp\fp_pl_pfs_installer.exe C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Temp\jre-6u20-windows-i586-iftw-rv.exe C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Temp\MachineIdCreator.exe C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Temp\Quarantine.exe C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Temp\ToolbarInstaller.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================