Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-01-2015 02 Ran by User (administrator) on USER-00856A0944 on 12-01-2015 23:48:37 Running from C:\Documents and Settings\User\Moje dokumenty\Downloads Loaded Profile: User (Available profiles: User & Administrator) Platform: Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polski Internet Explorer Version 8 (Default browser: Opera) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe (Realtek Semiconductor Corp.) C:\WINDOWS\soundman.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe (Microsoft Corporation) C:\Program Files\Zune\ZuneBusEnum.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Desktop.exe (Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Farbar) C:\Documents and Settings\User\Moje dokumenty\Downloads\FRST (1).exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SoundMan] => C:\WINDOWS\SOUNDMAN.EXE [577536 2006-08-02] (Realtek Semiconductor Corp.) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2021400 2009-02-06] (ESET) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation) Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.) HKU\S-1-5-21-117609710-1123561945-1417001333-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5489944 2014-12-12] (Piriform Ltd) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\User\Dane aplikacji\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\User\Dane aplikacji\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\User\Dane aplikacji\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\User\Dane aplikacji\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.) CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "http://www.google.com" <======= ATTENTION SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\..\Interfaces\{687C1E5B-2D5D-499F-9871-0554A919AF6B}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll () FF Plugin: @Apple.com/iTunes,version=1.0 -> D:\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin: @ganymede/GanymedeNetPlugin,version=1.0 -> C:\Program Files\Ganymede\Plugins\npganymedenet.dll ( ) FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( ) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-117609710-1123561945-1417001333-1003: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-03-08] FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-06-11] FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF Extension: Eset Plugin - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014-12-30] FF HKU\S-1-5-21-117609710-1123561945-1417001333-1003\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 Chrome: ======= CHR HomePage: Default -> hxxp://google.pl/ CHR StartupUrls: Default -> "hxxp://www.google.pl/" CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter} CHR Profile: C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default CHR Extension: (YouTube) - C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-14] CHR Extension: (Szukaj w Google) - C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-14] CHR Extension: (AdBlock) - C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-01-12] CHR Extension: (Google Wallet) - C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-25] CHR Extension: (Gmail) - C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-14] CHR HKLM\...\Chrome\Extension: [naipdapbimiiikbbgjcpbgmfhnlbagpj] - C:\DOCUME~1\User\USTAWI~1\Temp\ccex.crx [Not Found] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [602112 2010-02-11] (ATI Technologies Inc.) [File not signed] S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2010-02-10] () [File not signed] R2 d4d75d37; c:\Program Files\CutterInstance\CutterInstance.dll [2149376 2015-01-10] () [File not signed] S3 EhttpSrv; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [20680 2009-02-06] (ESET) R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [727720 2009-02-06] (ESET) R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-09-26] (Oracle Corporation) R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [44032 2009-05-14] (Hewlett-Packard) [File not signed] R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53760 2009-05-14] (Hewlett-Packard) [File not signed] R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH) R2 ZuneBusEnum; C:\Program Files\Zune\ZuneBusEnum.exe [57056 2011-08-05] (Microsoft Corporation) S2 .EsetTrialReset; C:\WINDOWS\system32\regedt32.exe /s C:\WINDOWS\esettrialreset.reg S3 COMSysApp; C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} S3 SwPrv; C:\WINDOWS\system32\dllhost.exe /Processid:{528D6B0F-5919-4D0C-A884-D9C05CD53E0E} ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 ALCXWDM; C:\WINDOWS\System32\drivers\ALCXWDM.SYS [4017536 2006-08-18] (Realtek Semiconductor Corp.) R3 ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [3565056 2010-02-11] (ATI Technologies Inc.) [File not signed] R3 Cap7134; C:\WINDOWS\System32\DRIVERS\Cap7134.sys [353856 2011-02-26] (AVerMedia TECHNOLOGIES, Inc.) [File not signed] S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation) R2 eamon; C:\WINDOWS\System32\DRIVERS\eamon.sys [113448 2009-02-06] (ESET) R1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [106208 2009-02-06] (ESET) R1 epfwtdir; C:\WINDOWS\System32\DRIVERS\epfwtdir.sys [93336 2009-02-06] (ESET) S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2008-10-29] (HP) S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2008-10-29] (HP) S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2009-02-25] (HP) S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation) R3 PhTVTune; C:\WINDOWS\System32\DRIVERS\PhTVTune.sys [25216 2011-02-26] (AVerMedia TECHNOLOGIES, Inc.) [File not signed] R0 PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [46080 2006-05-16] (Sonic Solutions) [File not signed] R0 viamraid; C:\WINDOWS\System32\DRIVERS\viamraid.sys [74112 2004-05-18] (VIA Technologies inc,.ltd) R3 yukonwxp; C:\WINDOWS\System32\DRIVERS\yk51x86.sys [250496 2006-11-22] (Marvell) R2 zumbus; C:\WINDOWS\System32\DRIVERS\zumbus.sys [41472 2011-08-05] (Microsoft Corporation) S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X] U1 WS2IFSL; No ImagePath ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-12 23:21 - 2015-01-12 23:38 - 00000188 ___SH () C:\Documents and Settings\Administrator\ntuser.ini 2015-01-12 23:21 - 2015-01-12 23:38 - 00000000 ____D () C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp 2015-01-12 23:21 - 2015-01-12 23:21 - 00000000 ____D () C:\WINDOWS\CSC 2015-01-12 23:21 - 2015-01-12 23:21 - 00000000 ____D () C:\Documents and Settings\Administrator 2015-01-12 23:21 - 2014-12-30 20:16 - 00001599 _____ () C:\Documents and Settings\Administrator\Menu Start\Programy\Pomoc zdalna.lnk 2015-01-12 23:21 - 2011-04-26 21:17 - 00000000 ___HD () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji 2015-01-12 23:21 - 2011-04-26 21:17 - 00000000 ____D () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft Help 2015-01-12 23:21 - 2011-02-26 15:12 - 00000000 __RHD () C:\Documents and Settings\Administrator\Dane aplikacji 2015-01-12 23:21 - 2011-02-26 15:12 - 00000000 ___RD () C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart 2015-01-12 23:21 - 2011-02-26 15:12 - 00000000 ___RD () C:\Documents and Settings\Administrator\Menu Start 2015-01-12 23:21 - 2011-02-26 15:12 - 00000000 ___HD () C:\Documents and Settings\Administrator\Ustawienia lokalne 2015-01-12 23:21 - 2011-02-26 15:12 - 00000000 ____D () C:\Documents and Settings\Administrator\Ulubione 2015-01-12 23:21 - 2011-02-26 15:12 - 00000000 ____D () C:\Documents and Settings\Administrator\Pulpit 2015-01-12 23:21 - 2011-02-26 15:12 - 00000000 ____D () C:\Documents and Settings\Administrator\Moje dokumenty 2015-01-12 23:21 - 2011-02-26 14:40 - 00000788 _____ () C:\Documents and Settings\Administrator\Menu Start\Programy\Windows Media Player.lnk 2015-01-12 23:21 - 2011-02-26 14:40 - 00000000 __SHD () C:\Documents and Settings\Administrator\Ustawienia lokalne\Historia 2015-01-12 23:21 - 2011-02-26 14:40 - 00000000 __SHD () C:\Documents and Settings\Administrator\IETldCache 2015-01-12 23:21 - 2011-02-26 14:40 - 00000000 ___RD () C:\Documents and Settings\Administrator\Menu Start\Programy\Akcesoria 2015-01-12 23:21 - 2011-02-26 14:40 - 00000000 ___RD () C:\Documents and Settings\Administrator\Menu Start\Programy 2015-01-12 23:21 - 2011-02-26 14:36 - 00000000 ___HD () C:\Documents and Settings\Administrator\Szablony 2015-01-12 23:15 - 2015-01-12 23:15 - 00000000 ____D () C:\Program Files\Common Files\Java 2015-01-12 23:15 - 2014-09-26 18:42 - 00096680 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll 2015-01-12 23:15 - 2014-09-26 18:36 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe 2015-01-12 23:15 - 2014-09-26 18:36 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe 2015-01-12 23:15 - 2014-09-26 18:35 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe 2015-01-12 23:14 - 2015-01-12 23:15 - 00004189 _____ () C:\WINDOWS\system32\jupdate-1.7.0_71-b14.log 2015-01-12 22:37 - 2015-01-12 22:38 - 00114904 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-01-12 22:33 - 2015-01-12 22:33 - 00000777 _____ () C:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk 2015-01-12 22:33 - 2015-01-12 22:33 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware 2015-01-12 22:33 - 2015-01-12 22:33 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes Anti-Malware 2015-01-12 22:33 - 2015-01-12 22:33 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes 2015-01-12 22:33 - 2014-11-21 06:14 - 00054360 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2015-01-12 22:33 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2015-01-12 20:53 - 2015-01-12 20:53 - 00001819 _____ () C:\Documents and Settings\All Users\Pulpit\Internet.lnk 2015-01-12 20:53 - 2015-01-12 20:53 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Google Chrome 2015-01-12 20:45 - 2015-01-12 23:39 - 00001028 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-01-12 20:45 - 2015-01-12 22:50 - 00001032 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-01-12 20:45 - 2015-01-12 20:51 - 00000000 ____D () C:\Program Files\Google 2015-01-10 16:40 - 2015-01-12 17:59 - 00000000 ____D () C:\Program Files\CutterInstance 2014-12-30 22:36 - 2015-01-12 23:48 - 00000000 ____D () C:\FRST 2014-12-30 20:35 - 2014-12-30 20:35 - 00000000 ____D () C:\Program Files\Enigma Software Group 2014-12-30 20:34 - 2014-12-30 22:30 - 00000000 ____D () C:\WINDOWS\AF54923662584AC6A0435B5B89C6EB61.TMP 2014-12-30 20:34 - 2014-12-30 20:34 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard 2014-12-30 20:20 - 2014-12-30 20:20 - 00000000 ____D () C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\ESET 2014-12-30 18:47 - 2014-12-30 18:47 - 00000706 _____ () C:\Documents and Settings\All Users\Pulpit\TeamViewer 10.lnk 2014-12-30 18:47 - 2014-12-30 18:47 - 00000000 ____D () C:\Documents and Settings\User\Dane aplikacji\TeamViewer 2014-12-30 18:47 - 2014-12-30 18:47 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\TeamViewer 10 2014-12-30 18:46 - 2014-12-30 20:29 - 00000000 ____D () C:\Program Files\TeamViewer 2014-12-30 18:13 - 2014-12-30 18:13 - 00000682 _____ () C:\Documents and Settings\All Users\Pulpit\CCleaner.lnk 2014-12-30 18:07 - 2014-12-30 18:07 - 00000000 ____D () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\ESET 2014-12-30 17:55 - 2014-12-30 17:55 - 00000000 ____D () C:\Program Files\ESET 2014-12-30 17:55 - 2014-12-30 17:55 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\ESET 2014-12-30 17:55 - 2014-12-30 17:55 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\ESET 2014-12-30 17:39 - 2014-12-30 17:39 - 00000004 _____ () C:\Documents and Settings\User\Dane aplikacji\appdataFr2.bin 2014-12-30 17:30 - 2014-12-30 17:30 - 00121286 _____ () C:\unp304179974165017638.mdmp 2014-12-30 17:24 - 2014-12-30 17:24 - 00028062 _____ () C:\Documents and Settings\User\Moje dokumenty\cc_20141230_172422.reg ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-12 23:49 - 2011-02-26 15:15 - 00000000 ____D () C:\Documents and Settings\User\Ustawienia lokalne\Temp 2015-01-12 23:40 - 2011-02-26 15:14 - 00000159 _____ () C:\WINDOWS\wiadebug.log 2015-01-12 23:40 - 2011-02-26 15:14 - 00000050 _____ () C:\WINDOWS\wiaservc.log 2015-01-12 23:40 - 2011-02-26 14:39 - 02027811 _____ () C:\WINDOWS\WindowsUpdate.log 2015-01-12 23:39 - 2011-02-26 15:14 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2015-01-12 23:21 - 2011-02-26 15:10 - 00000213 ___SH () C:\boot.ini 2015-01-12 23:20 - 2011-02-26 15:15 - 00000188 ___SH () C:\Documents and Settings\User\ntuser.ini 2015-01-12 23:20 - 2011-02-26 15:14 - 00032404 _____ () C:\WINDOWS\SchedLgU.Txt 2015-01-12 23:15 - 2011-04-14 16:49 - 00000000 ____D () C:\Program Files\Java 2015-01-12 22:59 - 2011-02-26 14:45 - 00000000 ___HD () C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji 2015-01-12 22:33 - 2011-02-26 15:12 - 00000000 __RHD () C:\Documents and Settings\All Users\Dane aplikacji 2015-01-12 22:33 - 2011-02-26 15:12 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy 2015-01-12 22:33 - 2011-02-26 15:12 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit 2015-01-12 22:04 - 2014-05-30 18:08 - 00000000 ____D () C:\AdwCleaner 2015-01-12 21:52 - 2011-09-22 14:21 - 00000000 ____D () C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\BrotherSoft_Extreme 2015-01-12 21:13 - 2011-04-25 18:16 - 00000000 ____D () C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google 2015-01-12 21:10 - 2011-02-26 15:15 - 00000000 ___RD () C:\Documents and Settings\User\Menu Start\Programy 2015-01-12 21:10 - 2011-02-26 15:15 - 00000000 ____D () C:\Documents and Settings\User\Pulpit 2015-01-12 18:00 - 2012-07-23 19:33 - 00002379 _____ () C:\Documents and Settings\All Users\Pulpit\PSS.lnk 2015-01-12 17:58 - 2008-04-15 13:00 - 00002228 _____ () C:\WINDOWS\system32\wpa.dbl 2014-12-30 22:30 - 2012-10-12 12:08 - 00057484 _____ () C:\WINDOWS\setupapi.log 2014-12-30 22:30 - 2011-02-26 15:15 - 00000000 __RHD () C:\Documents and Settings\User\Dane aplikacji 2014-12-30 22:27 - 2011-04-25 18:34 - 00000000 ____D () C:\Documents and Settings\User\Menu Start\Programy\BitLord 2014-12-30 22:27 - 2011-02-26 15:15 - 00000000 ___HD () C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji 2014-12-30 20:20 - 2011-02-26 15:15 - 00001599 _____ () C:\Documents and Settings\User\Menu Start\Programy\Pomoc zdalna.lnk 2014-12-30 20:16 - 2011-02-26 14:40 - 00001607 _____ () C:\Documents and Settings\All Users\Menu Start\Określ dostęp do programów i ich ustawienia domyślne.lnk 2014-12-30 20:16 - 2011-02-26 14:40 - 00001599 _____ () C:\Documents and Settings\Default User\Menu Start\Programy\Pomoc zdalna.lnk 2014-12-30 20:16 - 2011-02-26 14:40 - 00001507 _____ () C:\Documents and Settings\All Users\Menu Start\Windows Update.lnk 2014-12-30 19:50 - 2011-02-26 15:23 - 00046824 _____ () C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT 2014-12-30 19:48 - 2011-02-26 15:11 - 00200936 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-12-30 18:13 - 2012-09-10 16:38 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\CCleaner 2014-12-30 18:13 - 2012-09-10 16:37 - 00000000 ____D () C:\Program Files\CCleaner 2014-12-30 17:43 - 2012-09-17 16:19 - 00000644 _____ () C:\Documents and Settings\All Users\Menu Start\Programy\Opera.lnk 2014-12-30 17:43 - 2011-02-26 15:15 - 00000743 _____ () C:\Documents and Settings\User\Menu Start\Programy\Internet Explorer.lnk 2014-12-30 17:43 - 2011-02-26 15:15 - 00000000 ___RD () C:\Documents and Settings\User\Moje dokumenty 2014-12-30 17:23 - 2011-02-26 16:16 - 00000000 ____D () C:\WINDOWS\pss 2014-12-30 17:23 - 2011-02-26 15:15 - 00000000 ___RD () C:\Documents and Settings\User\Menu Start\Programy\Autostart 2014-12-20 19:59 - 2011-02-26 15:12 - 01098196 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2014-12-20 19:59 - 2008-04-15 13:00 - 00494450 _____ () C:\WINDOWS\system32\perfh015.dat 2014-12-20 19:59 - 2008-04-15 13:00 - 00085610 _____ () C:\WINDOWS\system32\perfc015.dat Some content of TEMP: ==================== C:\Documents and Settings\User\Ustawienia lokalne\Temp\AVGToolbarInstaller.exe C:\Documents and Settings\User\Ustawienia lokalne\Temp\avguidx.dll C:\Documents and Settings\User\Ustawienia lokalne\Temp\DeskMetrics.dll C:\Documents and Settings\User\Ustawienia lokalne\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpduyqis.dll C:\Documents and Settings\User\Ustawienia lokalne\Temp\gothic3-instalator.exe C:\Documents and Settings\User\Ustawienia lokalne\Temp\jre-7u60-windows-i586-iftw.exe C:\Documents and Settings\User\Ustawienia lokalne\Temp\jre-7u71-windows-i586-iftw.exe C:\Documents and Settings\User\Ustawienia lokalne\Temp\MachineIdCreator.exe C:\Documents and Settings\User\Ustawienia lokalne\Temp\oi_{CB2F2871-DF5E-4E20-A648-FD32AECE2FED}.exe C:\Documents and Settings\User\Ustawienia lokalne\Temp\Quarantine.exe C:\Documents and Settings\User\Ustawienia lokalne\Temp\Runner2.exe C:\Documents and Settings\User\Ustawienia lokalne\Temp\Runner4.exe C:\Documents and Settings\User\Ustawienia lokalne\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================