Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-01-2015 Ran by Janusz (administrator) on JANUSZ-PC on 02-01-2015 11:49:48 Running from C:\Users\Janusz\Downloads\PACZKA NA WIRY 23 MAJ 14 cz1\PACZKA NA WIRY 23 MAJ 14\LOGI\FRST Loaded Profile: Janusz (Available profiles: Janusz) Platform: Windows Vista (TM) Home Premium Service Pack 2 (X86) OS Language: Polski (Polska) Internet Explorer Version 9 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Windows\System32\SLsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Windows\WindowsMobile\wmdSync.exe (Vimicro) C:\Windows\vmsnap3.exe () C:\Windows\Domino.exe (Realtek Semiconductor) C:\Windows\RtHDVCpl.exe ( ) C:\Program Files\ChomikBox\chomikbox.exe (Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe (Marek Jasinski - www.FreeCommander.com) C:\Program Files\FreeCommander\FreeCommander.exe (Irfan Skiljan) C:\Program Files\IrfanView\i_view32.exe (Microsoft Corporation) C:\Windows\System32\perfmon.exe (Microsoft Corporation) C:\Windows\System32\conime.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdSync.exe [215552 2008-01-21] (Microsoft Corporation) HKLM\...\Run: [VMSnap3] => C:\Windows\VMSnap3.exe [49152 2006-07-18] (Vimicro) HKLM\...\Run: [Domino] => C:\Windows\Domino.exe [49152 2006-07-04] () HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4702208 2007-10-31] (Realtek Semiconductor) HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1826816 2007-10-11] (Realtek Semiconductor Corp.) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation) HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\S-1-5-21-428840236-531340148-3836443965-1000\...\Run: [ChomikBox] => C:\Program Files\ChomikBox\chomikbox.exe [5979648 2012-11-15] ( ) HKU\S-1-5-21-428840236-531340148-3836443965-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation) HKU\S-1-5-21-428840236-531340148-3836443965-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [30524520 2014-11-27] (Skype Technologies S.A.) HKU\S-1-5-21-428840236-531340148-3836443965-1000\...\MountPoints2: H - H:\Startme.exe HKU\S-1-5-21-428840236-531340148-3836443965-1000\...\MountPoints2: {695c7370-8f40-11e0-af6e-8eeb2282bde0} - H:\Startme.exe HKU\S-1-5-18\...\Run: [Copy] => "C:\Users\mk\AppData\Roaming\Copy\CopyAgent.exe" ShellIconOverlayIdentifiers: [1aCopyShExtError] -> {83BEA36E-7680-4598-A4DF-994426F6E78D} => C:\Users\mk\AppData\Roaming\Copy\overlay\CopyShExt.dll No File ShellIconOverlayIdentifiers: [2aCopyShExtSynced] -> {845B7388-6F85-4F32-9FD5-F02DC7882B89} => C:\Users\mk\AppData\Roaming\Copy\overlay\CopyShExt.dll No File ShellIconOverlayIdentifiers: [3aCopyShExtSyncing] -> {F6378A7A-F753-449B-AE1B-997A96132E61} => C:\Users\mk\AppData\Roaming\Copy\overlay\CopyShExt.dll No File ShellIconOverlayIdentifiers: [4aCopyShExtSyncingProg1] -> {3A511828-777D-46F8-82F4-5B530C1B3D9E} => C:\Users\mk\AppData\Roaming\Copy\overlay\CopyShExt.dll No File ShellIconOverlayIdentifiers: [5aCopyShExtSyncingProg2] -> {C8C88204-5B14-40EC-BA72-8AEBC762047E} => C:\Users\mk\AppData\Roaming\Copy\overlay\CopyShExt.dll No File ShellIconOverlayIdentifiers: [6aCopyShExtSyncingProg3] -> {ACFF45C3-3EEB-4351-86C2-6696BA264239} => C:\Users\mk\AppData\Roaming\Copy\overlay\CopyShExt.dll No File ShellIconOverlayIdentifiers: [7aCopyShExtSyncingProg4] -> {29AF997F-488B-46F0-AE78-7146F1B89CC3} => C:\Users\mk\AppData\Roaming\Copy\overlay\CopyShExt.dll No File ShellIconOverlayIdentifiers: [8aCopyShExtSyncingProg5] -> {03F9AD29-1C78-4B66-8890-B177B5430C53} => C:\Users\mk\AppData\Roaming\Copy\overlay\CopyShExt.dll No File ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HKU\S-1-5-21-428840236-531340148-3836443965-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-428840236-531340148-3836443965-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.pl/ HKU\S-1-5-21-428840236-531340148-3836443965-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.gry.jeja.pl/47,pryskajace-banki.html http://pasjans-online.pl/ SearchScopes: HKLM -> DefaultScope value is missing. SearchScopes: HKU\S-1-5-21-428840236-531340148-3836443965-1000 -> DefaultScope 2A156E3308864EDAB4FE51B856899563 URL = http://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-428840236-531340148-3836443965-1000 -> 2A156E3308864EDAB4FE51B856899563 URL = http://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-428840236-531340148-3836443965-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: IEPluginBHO Class -> {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} -> C:\ProgramData\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.) Toolbar: HKU\S-1-5-21-428840236-531340148-3836443965-1000 -> &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\system32\ieframe.dll (Microsoft Corporation) Toolbar: HKU\S-1-5-21-428840236-531340148-3836443965-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 194.204.152.34 194.204.159.1 FireFox: ======== FF ProfilePath: C:\Users\Janusz\AppData\Roaming\Mozilla\Firefox\Profiles\bjg1ibys.od25lut14 FF SearchEngineOrder.3: Bing FF Homepage: about:home FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q= FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll () FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-428840236-531340148-3836443965-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Janusz\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKU\S-1-5-21-428840236-531340148-3836443965-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Janusz\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Users\Janusz\AppData\Roaming\Mozilla\Firefox\Profiles\bjg1ibys.od25lut14\searchplugins\bingp.xml FF Extension: FEBE - C:\Users\Janusz\AppData\Roaming\Mozilla\Firefox\Profiles\dumjv91v.default\Extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2013-06-21] FF Extension: Saved Password Editor - C:\Users\Janusz\AppData\Roaming\Mozilla\Firefox\Profiles\dumjv91v.default\Extensions\savedpasswordeditor@daniel.dawson.xpi [2011-07-12] FF Extension: Flagfox - C:\Users\Janusz\AppData\Roaming\Mozilla\Firefox\Profiles\vzw05s1g.erodate2onplock\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2012-06-20] FF Extension: Microsoft .NET Framework Assistant - C:\Users\Janusz\AppData\Roaming\Mozilla\Firefox\Profiles\vzw05s1g.erodate2onplock\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-11-25] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-06-30] Chrome: ======= ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 FDR; C:\Program Files\Microsoft Logo\Software Certification Toolkit\FDRAgent.exe [806792 2010-05-12] (Microsoft Corp.) S4 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [43520 2006-11-08] (Hewlett-Packard) [File not signed] S4 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53248 2006-11-08] (Hewlett-Packard) [File not signed] S3 Winmgmt; C:\PROGRA~2\A24C47AA.cpp [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S2 E4LOADER; C:\Windows\System32\Drivers\e4ldr.sys [69656 2007-01-04] (Analog Deivces) S3 e4usbaw; C:\Windows\System32\DRIVERS\e4usbaw.sys [104344 2007-01-04] (Analog Devices Inc.) U4 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [37928 2014-10-10] (ESET) R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2015-01-02] (REALiX(tm)) R3 ip100Avista; C:\Windows\System32\DRIVERS\ipfnd51.sys [31232 2010-11-23] (IC Plus Corp. ) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [7680 2006-10-18] () S3 PortTalk; C:\Windows\System32\Drivers\PortTalk.sys [3567 2002-01-12] (Beyond Logic http://www.beyondlogic.org) [File not signed] S3 s1039mdm; C:\Windows\System32\DRIVERS\s1039mdm.sys [124016 2009-11-19] (MCCI Corporation) R0 SysTrace; C:\Windows\System32\Drivers\SysTrace.sys [92800 2011-09-19] (Microsoft Corp.) [File not signed] R3 vvftav303; C:\Windows\System32\drivers\vvftav303.sys [480128 2007-06-23] (Vimicro Corporation) R3 ZSMC0303; C:\Windows\System32\Drivers\usbVM303.sys [1472768 2007-05-15] (Vimicro Corporation) R4 eamonm; system32\DRIVERS\eamonm.sys [X] R4 ehdrv; system32\DRIVERS\ehdrv.sys [X] R4 epfw; system32\DRIVERS\epfw.sys [X] S4 IpInIp; system32\DRIVERS\ipinip.sys [X] S4 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X] S4 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-02 11:36 - 2015-01-02 11:36 - 00000000 ____D () C:\Users\Janusz\Downloads\PACZKA NA WIRY 23 MAJ 14 cz1 2015-01-02 11:34 - 2014-11-04 14:37 - 11059923 _____ () C:\Users\Janusz\Downloads\PACZKA NA WIRY 23 MAJ 14 cz1.7z 2015-01-02 11:28 - 2015-01-02 11:33 - 159106984 _____ () C:\Users\Janusz\Downloads\5i9ixjqk.exe 2015-01-02 11:24 - 2015-01-02 11:35 - 00000000 ____D () C:\Users\Janusz\KKKKKKKKKKKKK 2015-01-02 11:13 - 2015-01-02 11:10 - 00229520 _____ () C:\Users\Janusz\Downloads\Monmitor niezawod i wydajn vista1.html 2015-01-02 10:48 - 2015-01-02 10:48 - 06680596 _____ () C:\Users\Janusz\Downloads\2stycz15 screeny Vista.7z 2015-01-02 10:39 - 2015-01-02 10:39 - 47552262 _____ () C:\Users\Janusz\Downloads\Vista 2 stycz 2015 logi.7z 2015-01-02 10:36 - 2015-01-02 10:37 - 26808828 _____ (SuperCoders Organization ) C:\Users\Janusz\Downloads\OziBoxSyncSetup_NET2_x32.exe 2015-01-02 10:17 - 2015-01-02 10:18 - 63983616 _____ () C:\Users\Janusz\Downloads\eav_nt32_plk(1).msi 2015-01-02 10:10 - 2015-01-02 10:10 - 24762884 _____ () C:\Users\Janusz\Downloads\Vista 2 stycz 15.7z 2015-01-02 10:09 - 2015-01-02 10:38 - 00000000 ____D () C:\Users\Janusz\Downloads\Vista 2 stycz 2015 logi 2015-01-02 09:36 - 2015-01-02 09:38 - 64086016 _____ () C:\Users\Janusz\Downloads\eav_nt32_plk.msi 2015-01-02 09:32 - 2015-01-02 09:32 - 00023840 _____ (REALiX(tm)) C:\Windows\system32\Drivers\HWiNFO32.SYS 2015-01-02 09:31 - 2015-01-02 09:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO32 2015-01-02 09:28 - 2015-01-02 09:28 - 02598648 _____ (Martin Malík - REALiX ) C:\Users\Janusz\Downloads\hw32_448.exe 2015-01-02 09:21 - 2015-01-02 09:36 - 00000000 ____D () C:\Users\Janusz\Downloads\bluescreenview 2015-01-02 09:21 - 2013-10-24 07:42 - 00066913 _____ () C:\Users\Janusz\Downloads\bluescreenview.zip 2015-01-02 09:13 - 2015-01-02 07:47 - 44844128 _____ (Skype Technologies S.A.) C:\Users\Janusz\Downloads\SkypeSetup.exe 2015-01-02 08:46 - 2015-01-02 10:46 - 00000000 ____D () C:\Users\Janusz\Downloads\2stycz15 screeny Vista 2015-01-02 07:46 - 2015-01-02 08:42 - 00000000 ____D () C:\Users\Janusz\Downloads\Vista 2 stycz 15 2014-12-19 11:32 - 2014-12-19 11:32 - 48781998 _____ () C:\Users\Janusz\Downloads\Aktywator.7z.013 2014-12-19 11:32 - 2014-12-19 11:32 - 104857600 _____ () C:\Users\Janusz\Downloads\Aktywator.7z.012 2014-12-19 11:31 - 2014-12-19 11:32 - 104857600 _____ () C:\Users\Janusz\Downloads\Aktywator.7z.011 2014-12-19 11:31 - 2014-12-19 11:32 - 104857600 _____ () C:\Users\Janusz\Downloads\Aktywator.7z.006 2014-12-19 11:31 - 2014-12-19 11:31 - 104857600 _____ () C:\Users\Janusz\Downloads\Aktywator.7z.010 2014-12-19 11:31 - 2014-12-19 11:31 - 104857600 _____ () C:\Users\Janusz\Downloads\Aktywator.7z.009 2014-12-19 11:31 - 2014-12-19 11:31 - 104857600 _____ () C:\Users\Janusz\Downloads\Aktywator.7z.008 2014-12-19 11:31 - 2014-12-19 11:31 - 104857600 _____ () C:\Users\Janusz\Downloads\Aktywator.7z.007 2014-12-19 11:30 - 2014-12-19 11:32 - 104857600 _____ () C:\Users\Janusz\Downloads\Aktywator.7z.001 2014-12-19 11:30 - 2014-12-19 11:31 - 104857600 _____ () C:\Users\Janusz\Downloads\Aktywator.7z.005 2014-12-19 11:30 - 2014-12-19 11:30 - 104857600 _____ () C:\Users\Janusz\Downloads\Aktywator.7z.004 2014-12-19 11:30 - 2014-12-19 11:30 - 104857600 _____ () C:\Users\Janusz\Downloads\Aktywator.7z.003 2014-12-19 11:30 - 2014-12-19 11:30 - 104857600 _____ () C:\Users\Janusz\Downloads\Aktywator.7z.002 2014-12-19 09:12 - 2014-12-19 09:30 - 1307073076 _____ () C:\Users\Janusz\Downloads\Aktywator.rar ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-02 11:49 - 2013-12-27 10:54 - 00000000 ____D () C:\FRST 2015-01-02 11:41 - 2006-11-02 13:47 - 00003760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2015-01-02 11:41 - 2006-11-02 13:47 - 00003760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2015-01-02 11:33 - 2012-01-30 10:39 - 00000000 ____D () C:\Users\Janusz\AppData\Local\ChomikBox 2015-01-02 11:24 - 2010-06-29 07:52 - 00000000 ____D () C:\Users\Janusz 2015-01-02 11:13 - 2010-06-29 09:01 - 00000000 ____D () C:\ProgramData\ESET 2015-01-02 11:07 - 2009-04-11 13:37 - 01105587 _____ () C:\Windows\WindowsUpdate.log 2015-01-02 10:12 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\tracing 2015-01-02 09:31 - 2012-11-16 21:03 - 00000000 ____D () C:\Program Files\HWiNFO32 2015-01-02 07:51 - 2010-06-29 13:53 - 00000000 ____D () C:\Users\Janusz\AppData\Roaming\Skype 2015-01-02 07:49 - 2012-11-18 15:13 - 00000000 ____D () C:\Users\Janusz\AppData\Roaming\GG 2015-01-02 07:42 - 2010-12-03 19:13 - 00000000 ____D () C:\Users\Janusz\.gstreamer-0.10 2015-01-02 07:41 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-01-01 23:17 - 2006-11-02 14:01 - 00032544 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2015-01-01 13:19 - 2006-11-02 13:52 - 00113116 _____ () C:\Windows\setupact.log 2014-12-27 12:26 - 2010-06-29 12:27 - 00000000 ____D () C:\Users\Janusz\AppData\Roaming\Kamerzysta 2014-12-20 18:49 - 2006-11-02 12:18 - 00000000 __RHD () C:\Users\Default 2014-12-19 14:13 - 2014-06-17 22:11 - 00000000 ____D () C:\Users\Janusz\AppData\Local\Adobe 2014-12-19 14:12 - 2013-09-24 11:37 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2014-12-19 14:12 - 2013-09-24 11:37 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2014-12-19 09:00 - 2013-07-18 10:03 - 00000000 ____D () C:\Users\Janusz\Downloads\OK 2014-12-03 22:58 - 2014-10-07 06:35 - 00000000 ___RD () C:\Program Files\Skype 2014-12-03 22:58 - 2010-06-29 13:53 - 00000000 ____D () C:\ProgramData\Skype Files to move or delete: ==================== C:\Users\Public\Copy-1.41.0248.exe Some content of TEMP: ==================== C:\Users\Janusz\AppData\Local\Temp\2.exe C:\Users\Janusz\AppData\Local\Temp\2A2B.exe C:\Users\Janusz\AppData\Local\Temp\ApnStub.exe C:\Users\Janusz\AppData\Local\Temp\AskSLib.dll C:\Users\Janusz\AppData\Local\Temp\AutoMapaPPCInterface.dll C:\Users\Janusz\AppData\Local\Temp\bassmod.dll C:\Users\Janusz\AppData\Local\Temp\conduit.exe C:\Users\Janusz\AppData\Local\Temp\ffunzip.exe C:\Users\Janusz\AppData\Local\Temp\FP_PL_PFS_INSTALLER-1.exe C:\Users\Janusz\AppData\Local\Temp\FP_PL_PFS_INSTALLER.exe C:\Users\Janusz\AppData\Local\Temp\gg10.upgr.exe C:\Users\Janusz\AppData\Local\Temp\gg10_upgr_to_11790_from_11119.exe C:\Users\Janusz\AppData\Local\Temp\gg10_upgr_to_12096_from_11119.exe C:\Users\Janusz\AppData\Local\Temp\ggdrive-menu.exe C:\Users\Janusz\AppData\Local\Temp\ggdrive-overlay.exe C:\Users\Janusz\AppData\Local\Temp\InstallPlugin.exe C:\Users\Janusz\AppData\Local\Temp\installstats.exe C:\Users\Janusz\AppData\Local\Temp\InstHelper.exe C:\Users\Janusz\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe C:\Users\Janusz\AppData\Local\Temp\lisxc9zm.dll C:\Users\Janusz\AppData\Local\Temp\mdwzby71.dll C:\Users\Janusz\AppData\Local\Temp\nvStInst.exe C:\Users\Janusz\AppData\Local\Temp\ooVooTBC.exe C:\Users\Janusz\AppData\Local\Temp\Quarantine.exe C:\Users\Janusz\AppData\Local\Temp\SearchWithGoogleUpdate.exe C:\Users\Janusz\AppData\Local\Temp\sfamcc00001.dll C:\Users\Janusz\AppData\Local\Temp\sfextra.dll C:\Users\Janusz\AppData\Local\Temp\SkypeSetup.exe C:\Users\Janusz\AppData\Local\Temp\wmpfirefoxplugin.exe C:\Users\Janusz\AppData\Local\Temp\_is2B53.exe C:\Users\Janusz\AppData\Local\Temp\_is4135.exe C:\Users\Janusz\AppData\Local\Temp\_is7963.exe C:\Users\Janusz\AppData\Local\Temp\_isEFF9.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-01-02 07:48 ==================== End Of Log ============================