Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-02-2015 Ran by komputer (administrator) on KOMPUTER-756745 on 22-02-2015 10:02:11 Running from C:\Documents and Settings\komputer\Moje dokumenty\Downloads Loaded Profiles: komputer (Available profiles: komputer) Platform: Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polski Internet Explorer Version 7 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe (Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [nwiz] => nwiz.exe /installquiet HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [20065936 2012-06-06] (Realtek Semiconductor Corp.) HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-27] (AVAST Software) HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup HKU\S-1-5-19\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32 HKU\S-1-5-20\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32 HKU\S-1-5-21-796845957-329068152-1801674531-1003\...\MountPoints2: {52382c92-0227-11e1-84bb-001d7dd7086e} - D:\Gothic2-AddonSetup.exe HKU\S-1-5-21-796845957-329068152-1801674531-1003\...\MountPoints2: {aaacc604-fd77-11e0-849b-001d7dd7086e} - D:\w9.exe HKU\S-1-5-21-796845957-329068152-1801674531-1003\...\MountPoints2: {b63fc82a-d034-11e0-a4a4-806d6172696f} - D:\w9.exe HKU\S-1-5-21-796845957-329068152-1801674531-1003\...\MountPoints2: {b63fc82b-d034-11e0-a4a4-806d6172696f} - E:\w9.exe HKU\S-1-5-21-796845957-329068152-1801674531-1003\...\MountPoints2: {ddd8f7c5-a79b-11e3-b6e4-00e05306841d} - D:\_AUTORUN\AUTORUN.EXE HKU\S-1-5-21-796845957-329068152-1801674531-1003\...\MountPoints2: {ddd8f7c7-a79b-11e3-b6e4-00e05306841d} - D:\_AUTORUN\AUTORUN.EXE HKU\S-1-5-18\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32 Startup: C:\Documents and Settings\komputer\Menu Start\Programy\Autostart\OPTISetup.lnk ShortcutTarget: OPTISetup.lnk -> C:\Documents and Settings\All Users\Dane aplikacji\{41dd2fbb-aaaf-3438-41dd-d2fbbaaabeee}\OPTISetup.exe (No File) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software) ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.) BootExecute: autocheck autochk * ROBoot \??\C:\WINDOWS\system32\ASOROSet.binDfSDKBt GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds&ts=1424105409&from=ild&uid=ST3320613AS_9SZ5HG00XXXX9SZ5HG00&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm HKU\S-1-5-21-796845957-329068152-1801674531-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 HKU\S-1-5-21-796845957-329068152-1801674531-1003\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01 HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION SearchScopes: HKLM -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-796845957-329068152-1801674531-1003 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 BHO: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: EpsonToolBandKicker Class -> {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} -> C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) Toolbar: HKLM - EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) Toolbar: HKLM - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Toolbar: HKU\S-1-5-21-796845957-329068152-1801674531-1003 -> EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 195.238.181.164 8.8.8.8 StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll () FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.) FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-796845957-329068152-1801674531-1003: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\komputer\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-11-01] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-11-05] FF HKU\S-1-5-21-796845957-329068152-1801674531-1003\...\Firefox\Extensions: [gemgecko@gemius.com] - C:\Program Files\NetPanel\gemgecko_ext FF Extension: Badanie Megapanel PBI/Gemius - C:\Program Files\NetPanel\gemgecko_ext [2011-12-25] Chrome: ======= CHR HomePage: Profile 2 -> hxxp://google.pl/ CHR StartupUrls: Profile 2 -> "hxxp://www.google.pl/" CHR Profile: C:\Documents and Settings\komputer\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default CHR Extension: (SourceApp) - C:\Documents and Settings\komputer\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\idhbnjbbcnalphnliphggnfgjldpmnnj [2014-12-23] CHR Profile: C:\Documents and Settings\komputer\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 2 CHR Extension: (Adblock Plus) - C:\Documents and Settings\komputer\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-02-16] CHR Extension: (Avast Online Security) - C:\Documents and Settings\komputer\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 2\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-02-16] CHR Extension: (Google Wallet) - C:\Documents and Settings\komputer\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-16] CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-13] CHR HKLM\...\Chrome\Extension: [nonnbhnjfhfcpmfdegkohnemghnglgpp] - C:\Documents and Settings\All Users\Dane aplikacji\ADDICT-THING\nonnbhnjfhfcpmfdegkohnemghnglgpp.crx [Not Found] CHR HKU\S-1-5-21-796845957-329068152-1801674531-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [jmlmanpnnbnpabnonijjmnmplnbfcgbf] - C:\Program Files\NetPanel\chromegem.crx [2011-12-25] StartMenuInternet: chrome.exe - Chrome.exe ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-13] (AVAST Software) S3 DfSdkS; C:\Program Files\Ashampoo\Ashampoo WinOptimizer 10\DfsdkS.exe [406016 2009-08-24] (mst software GmbH, Germany) [File not signed] S4 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed] S4 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-11-02] (Oracle Corporation) S2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation) S3 WO_LiveService; C:\Program Files\Ashampoo\Ashampoo WinOptimizer 10\LiveTunerService.exe [885096 2013-03-06] () ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative) R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2015-01-13] () R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [70384 2015-01-13] (AVAST Software) R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55240 2015-01-13] (AVAST Software) R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2015-01-13] () R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [787800 2015-01-13] (AVAST Software) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [423784 2015-01-13] (AVAST Software) R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57928 2015-01-13] (AVAST Software) R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [206248 2015-01-13] () S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation) S3 gdrv; C:\WINDOWS\gdrv.sys [16608 2011-08-26] (Windows (R) 2000 DDK provider) S3 hamachi; C:\WINDOWS\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.) R2 LiveTunerPM; C:\Program Files\Ashampoo\Ashampoo WinOptimizer 10\LiveTunerProcessMonitor32.sys [12696 2011-03-08] () S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation) S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.) S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation) R1 prodrv06; C:\WINDOWS\System32\drivers\prodrv06.sys [51744 2003-09-06] (Protection Technology) [File not signed] R0 prohlp02; C:\WINDOWS\System32\drivers\prohlp02.sys [62656 2003-09-06] (Protection Technology) [File not signed] R0 prosync1; C:\WINDOWS\System32\drivers\prosync1.sys [6944 2003-09-06] (Protection Technology) [File not signed] R3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2008-04-13] (Realtek Semiconductor Corporation) R0 sfhlp01; C:\WINDOWS\System32\drivers\sfhlp01.sys [4832 2003-09-06] (Protection Technology) [File not signed] R2 StarOpen; C:\WINDOWS\system32\Drivers\StarOpen.sys [5504 2012-06-03] () [File not signed] S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X] S4 IntelIde; No ImagePath S4 sptd; \SystemRoot\System32\Drivers\sptd.sys [X] U5 UnlockerDriver5; G:\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed] S3 WinRing0_1_2_0; \??\C:\Program Files\Razer\Razer Game Booster\Driver\WinRing0.sys [X] U1 WS2IFSL; No ImagePath ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-22 10:01 - 2015-02-22 10:02 - 00000000 ____D () C:\FRST 2015-02-22 09:45 - 2015-02-22 09:45 - 00063008 _____ () C:\Documents and Settings\komputer\Pulpit\OTL.Txt 2015-02-22 09:45 - 2015-02-22 09:45 - 00053066 _____ () C:\Documents and Settings\komputer\Pulpit\Extras.Txt 2015-02-22 08:54 - 2015-02-22 09:51 - 00114904 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-02-22 08:53 - 2015-02-22 09:14 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware 2015-02-22 08:53 - 2015-02-22 08:53 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes 2015-02-22 08:53 - 2014-11-21 06:14 - 00054360 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2015-02-22 08:53 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2015-02-21 23:01 - 2015-02-22 09:49 - 00002429 _____ () C:\WINDOWS\WindowsUpdate.log 2015-02-19 19:50 - 2015-02-19 19:52 - 00000000 ____D () C:\Documents and Settings\komputer\Pulpit\Podanie 2015-02-19 14:11 - 2015-02-19 14:11 - 01173842 _____ () C:\Documents and Settings\komputer\Moje dokumenty\backup_20150219_141146.reg 2015-02-16 22:24 - 2015-02-16 22:28 - 00000000 ____D () C:\Program Files\STOPzilla 2015-02-16 22:24 - 2015-02-16 22:25 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\STOPzilla! 2015-02-16 17:51 - 2015-02-16 17:51 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\f692c51800004be1 2015-02-16 17:50 - 2015-02-22 09:11 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\{41dd2fbb-aaaf-3438-41dd-d2fbbaaabeee} 2015-02-11 15:49 - 2015-02-11 15:49 - 00000684 _____ () C:\Documents and Settings\All Users\Menu Start\Programy\e-Deklaracje.lnk 2015-02-11 15:49 - 2015-02-11 15:49 - 00000000 ____D () C:\Program Files\e-Deklaracje 2015-02-11 15:49 - 2015-02-11 15:49 - 00000000 ____D () C:\Documents and Settings\komputer\Dane aplikacji\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1 2015-02-11 15:49 - 2015-02-11 15:49 - 00000000 ____D () C:\Documents and Settings\komputer\Dane aplikacji\e-Deklaracje 2015-02-11 14:05 - 2015-02-11 14:05 - 00707744 _____ () C:\Documents and Settings\komputer\Ustawienia lokalne\Dane aplikacji\unins000.exe 2015-02-11 14:02 - 2015-02-11 14:05 - 00011761 _____ () C:\Documents and Settings\komputer\Ustawienia lokalne\Dane aplikacji\unins000.msg 2015-02-11 14:02 - 2015-02-11 14:05 - 00005925 _____ () C:\Documents and Settings\komputer\Ustawienia lokalne\Dane aplikacji\unins000.dat 2015-02-10 13:38 - 2015-02-10 13:40 - 00000000 ____D () C:\Program Files\AppCleaner 2015-02-10 13:38 - 2015-02-10 13:38 - 00000000 ____D () C:\Documents and Settings\komputer\Menu Start\Programy\AppCleaner 2015-02-08 21:47 - 2015-02-08 21:47 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Kolekcja Klasyki 2015-02-08 21:45 - 2015-02-08 21:45 - 00000000 ____D () C:\Program Files\Kolekcja Klasyki 2015-02-08 21:10 - 2015-02-08 21:10 - 00000000 ____D () C:\Program Files\Firefly Studios 2015-02-08 21:10 - 2015-02-08 21:10 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Firefly Studios 2015-01-31 22:47 - 2015-01-31 22:47 - 00008795 _____ () C:\Program1.RPT 2015-01-28 22:14 - 2015-01-28 22:14 - 00000298 _____ () C:\WINDOWS\wininit.ini 2015-01-28 21:53 - 2015-01-28 21:52 - 00450676 ____R () C:\WINDOWS\system32\Drivers\etc\hosts.20150128-215328.backup 2015-01-28 21:50 - 2015-02-21 23:01 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Spybot - Search & Destroy 2015-01-28 21:50 - 2015-01-28 21:52 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2015-01-28 21:50 - 2015-01-28 21:50 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Spybot - Search & Destroy ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-22 10:02 - 2011-08-26 22:05 - 00000000 ____D () C:\Documents and Settings\komputer\Ustawienia lokalne\Temp 2015-02-22 09:56 - 2012-07-06 18:11 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job 2015-02-22 09:50 - 2012-01-21 14:57 - 00001032 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-02-22 09:50 - 2011-08-26 23:55 - 00000159 _____ () C:\WINDOWS\wiadebug.log 2015-02-22 09:50 - 2011-08-26 23:55 - 00000050 _____ () C:\WINDOWS\wiaservc.log 2015-02-22 09:50 - 2011-08-26 22:05 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2015-02-22 09:50 - 2009-11-20 20:32 - 00272291 _____ () C:\WINDOWS\system32\NvApps.xml 2015-02-22 09:49 - 2012-06-20 08:33 - 00032536 _____ () C:\WINDOWS\SchedLgU.Txt 2015-02-22 09:46 - 2011-08-26 22:05 - 00000000 ____D () C:\Documents and Settings\komputer\Pulpit 2015-02-22 09:43 - 2012-10-14 22:02 - 00000930 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-02-22 09:17 - 2011-09-08 19:55 - 00000000 ____D () C:\Documents and Settings\komputer\Pulpit\Moje rzeczy 2015-02-22 09:17 - 2011-08-26 23:52 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit 2015-02-22 09:11 - 2011-11-01 07:58 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2508429$ 2015-02-22 09:10 - 2012-05-11 21:13 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\InstallMate 2015-02-22 09:10 - 2011-08-26 23:50 - 00000000 __RHD () C:\Documents and Settings\All Users\Dane aplikacji 2015-02-22 08:56 - 2013-02-17 15:47 - 00000000 ____D () C:\Documents and Settings\komputer\Dane aplikacji\AIMP 2015-02-22 08:54 - 2001-07-22 02:17 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl 2015-02-22 08:53 - 2012-02-24 23:09 - 00000000 ____D () C:\Documents and Settings\komputer\Ustawienia lokalne\Dane aplikacji\Last.fm 2015-02-21 23:01 - 2011-08-26 22:05 - 00000000 ____D () C:\Documents and Settings\komputer 2015-02-21 22:58 - 2012-03-25 20:45 - 00000000 ____D () C:\Documents and Settings\komputer\Dane aplikacji\vlc 2015-02-21 22:11 - 2012-01-21 14:57 - 00001036 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-02-21 21:05 - 2012-03-25 20:40 - 00000000 ____D () C:\Documents and Settings\komputer\Dane aplikacji\Media Player Classic 2015-02-21 21:02 - 2013-12-26 22:46 - 00000000 ____D () C:\Documents and Settings\komputer\Dane aplikacji\FreeVideoConverter 2015-02-21 21:02 - 2001-07-22 02:16 - 00000842 _____ () C:\WINDOWS\win.ini 2015-02-21 20:23 - 2013-10-16 17:28 - 00000000 ____D () C:\Documents and Settings\komputer\Dane aplikacji\GG 2015-02-21 20:06 - 2014-09-22 19:01 - 00001014 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-796845957-329068152-1801674531-1003UA.job 2015-02-21 20:06 - 2014-09-22 19:01 - 00000992 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-796845957-329068152-1801674531-1003Core.job 2015-02-21 19:53 - 2011-08-26 22:05 - 00000000 __SHD () C:\Documents and Settings\komputer\Ustawienia lokalne\Historia 2015-02-21 19:46 - 2013-10-16 17:28 - 00000000 ____D () C:\Documents and Settings\komputer\Ustawienia lokalne\Dane aplikacji\GG 2015-02-20 19:12 - 2013-11-19 18:20 - 00001821 _____ () C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk 2015-02-19 15:31 - 2011-09-20 14:31 - 00000246 _____ () C:\WINDOWS\Tasks\Epson Printer Software Downloader.job 2015-02-19 14:11 - 2014-06-28 20:10 - 00000000 ____D () C:\AdwCleaner 2015-02-19 14:11 - 2013-02-09 18:25 - 00000000 ____D () C:\Program Files\K-Lite Codec Pack 2015-02-19 14:11 - 2012-05-11 21:19 - 00000000 ____D () C:\Documents and Settings\komputer\Dane aplikacji\uTorrent 2015-02-19 14:11 - 2011-10-29 20:16 - 00000000 ____D () C:\Documents and Settings\komputer\Dane aplikacji\DAEMON Tools Lite 2015-02-19 14:11 - 2011-09-18 16:05 - 00000000 ____D () C:\Documents and Settings\komputer\Dane aplikacji\.minecraft 2015-02-19 14:11 - 2011-09-17 17:46 - 00000000 ____D () C:\Documents and Settings\komputer\Dane aplikacji\Skype 2015-02-19 14:11 - 2011-08-26 22:05 - 00000000 ___RD () C:\Documents and Settings\komputer\Moje dokumenty 2015-02-18 14:59 - 2014-01-19 14:58 - 00000242 _____ () C:\WINDOWS\Tasks\DLL-Files.Com Fixer_MONTHLY.job 2015-02-16 22:28 - 2011-08-26 23:52 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy 2015-02-16 18:27 - 2014-06-28 20:00 - 00196608 _____ () C:\WINDOWS\system32\config\WindowsPowerShell.evt 2015-02-16 17:51 - 2011-08-26 22:05 - 00000000 __RHD () C:\Documents and Settings\komputer\Dane aplikacji 2015-02-16 17:50 - 2011-08-26 22:05 - 00000000 ___RD () C:\Documents and Settings\komputer\Menu Start\Programy\Autostart 2015-02-15 00:02 - 2011-08-26 22:45 - 00236544 _____ () C:\Documents and Settings\komputer\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-02-14 14:58 - 2014-01-19 14:58 - 00000258 _____ () C:\WINDOWS\Tasks\DLL-Files.Com Fixer_Updates.job 2015-02-11 20:31 - 2012-09-24 17:31 - 00000000 ____D () C:\Documents and Settings\komputer\Dane aplikacji\Audacity 2015-02-11 17:03 - 2011-08-26 23:52 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy\Autostart 2015-02-11 17:02 - 2012-01-04 18:29 - 00000000 ____D () C:\Documents and Settings\komputer\Pulpit\A.Z 2015-02-11 16:59 - 2011-09-18 15:06 - 00000000 ____D () C:\Documents and Settings\komputer\Ustawienia lokalne\Dane aplikacji\Adobe 2015-02-11 16:56 - 2011-08-27 22:18 - 00000000 ____D () C:\Documents and Settings\komputer\Dane aplikacji\Adobe 2015-02-11 15:51 - 2014-11-30 10:42 - 00000000 ____D () C:\Program Files\Common Files\Adobe AIR 2015-02-11 14:05 - 2011-08-26 22:05 - 00000000 ___HD () C:\Documents and Settings\komputer\Ustawienia lokalne\Dane aplikacji 2015-02-11 12:37 - 2015-01-16 18:08 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Program Pit 2014 - rozliczenie roczne 2015-02-10 13:39 - 2011-09-08 19:55 - 00000000 ____D () C:\Documents and Settings\komputer\Ustawienia lokalne\Dane aplikacji\Temp 2015-02-10 13:38 - 2011-08-26 22:05 - 00000000 ___RD () C:\Documents and Settings\komputer\Menu Start\Programy 2015-02-10 13:29 - 2011-08-26 23:52 - 01171828 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2015-02-10 13:29 - 2001-10-26 20:15 - 00521806 _____ () C:\WINDOWS\system32\perfh015.dat 2015-02-10 13:29 - 2001-10-26 20:15 - 00096856 _____ () C:\WINDOWS\system32\perfc015.dat 2015-02-10 13:21 - 2011-08-26 23:49 - 00000211 ___SH () C:\boot.ini 2015-02-10 13:21 - 2001-07-22 02:15 - 00000227 _____ () C:\WINDOWS\system.ini 2015-02-10 12:54 - 2014-10-19 18:13 - 00000000 ____D () C:\WINDOWS\46B04D534E344388B6EE80FAB66AEF9B.TMP 2015-02-09 17:15 - 2013-02-22 19:21 - 00002267 _____ () C:\Documents and Settings\All Users\Pulpit\Skype.lnk 2015-02-08 21:21 - 2011-08-26 22:10 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information 2015-01-31 20:18 - 2011-08-26 23:52 - 00000000 ___RD () C:\Documents and Settings\All Users\Dokumenty 2015-01-28 22:14 - 2011-08-26 22:05 - 00000000 ___RD () C:\Documents and Settings\komputer\Menu Start ==================== Files in the root of some directories ======= 2011-09-20 19:08 - 2011-09-20 19:08 - 0000268 ___RH () C:\Documents and Settings\komputer\Dane aplikacji\Light Machine 2011-09-20 19:09 - 2012-07-28 16:49 - 0000000 _____ () C:\Documents and Settings\komputer\Dane aplikacji\Logs 2011-08-26 22:45 - 2015-02-15 00:02 - 0236544 _____ () C:\Documents and Settings\komputer\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-06-03 22:21 - 2014-06-03 22:21 - 0022756 _____ () C:\Documents and Settings\komputer\Ustawienia lokalne\Dane aplikacji\recently-used.xbel 2015-02-11 14:02 - 2015-02-11 14:05 - 0005925 _____ () C:\Documents and Settings\komputer\Ustawienia lokalne\Dane aplikacji\unins000.dat 2015-02-11 14:05 - 2015-02-11 14:05 - 0707744 _____ () C:\Documents and Settings\komputer\Ustawienia lokalne\Dane aplikacji\unins000.exe 2015-02-11 14:02 - 2015-02-11 14:05 - 0011761 _____ () C:\Documents and Settings\komputer\Ustawienia lokalne\Dane aplikacji\unins000.msg ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => MD5 is legit C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================