Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-02-2015 Ran by Baśka (administrator) on ZABA on 23-02-2015 22:48:15 Running from D:\Baśka - Dokumenty\Moja muzyka\Downloads Loaded Profiles: Baśka (Available profiles: Baśka & Żabczak & Administrator) Platform: Microsoft Windows XP Home Edition Dodatek Service Pack 3 (X86) OS Language: Polski Internet Explorer Version 8 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Microsoft Corporation) C:\Program Files\Windows Media Player\wmplayer.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1404928 2004-10-14] (Analog Devices, Inc.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-26] (AVAST Software) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software) CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-57989841-1177238915-839522115-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-57989841-1177238915-839522115-1004\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation) DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1415020960781 DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1415021147406 Tcpip\Parameters: [DhcpNameServer] 192.168.3.1 FireFox: ======== FF ProfilePath: C:\Documents and Settings\Baśka\Dane aplikacji\Mozilla\Firefox\Profiles\ol1su46o.default FF NetworkProxy: "type", 4 FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll () FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Extension: Element Hiding Helper for Adblock Plus - C:\Documents and Settings\Baśka\Dane aplikacji\Mozilla\Firefox\Profiles\ol1su46o.default\Extensions\elemhidehelper@adblockplus.org.xpi [2014-09-30] FF Extension: Session Manager - C:\Documents and Settings\Baśka\Dane aplikacji\Mozilla\Firefox\Profiles\ol1su46o.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2014-12-19] FF Extension: SoundCloud Downloader - Technowise - C:\Documents and Settings\Baśka\Dane aplikacji\Mozilla\Firefox\Profiles\ol1su46o.default\Extensions\{c8d3bc80-0810-4d21-a2c2-be5f2b2832ac}.xpi [2014-08-13] FF Extension: Adblock Plus - C:\Documents and Settings\Baśka\Dane aplikacji\Mozilla\Firefox\Profiles\ol1su46o.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-18] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-03-21] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-11-25] Chrome: ======= CHR HomePage: Default -> CHR Profile: C:\Documents and Settings\Baśka\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Documents and Settings\Baśka\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-20] CHR Extension: (Google Drive) - C:\Documents and Settings\Baśka\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-20] CHR Extension: (YouTube) - C:\Documents and Settings\Baśka\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-20] CHR Extension: (Google Search) - C:\Documents and Settings\Baśka\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-20] CHR Extension: (Avast Online Security) - C:\Documents and Settings\Baśka\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-03-22] CHR Extension: (Google Wallet) - C:\Documents and Settings\Baśka\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-20] CHR Extension: (Gmail) - C:\Documents and Settings\Baśka\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-20] CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-13] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 6to4; C:\WINDOWS\System32\6to4svc.dll [100864 2010-02-12] (Microsoft Corporation) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-13] (AVAST Software) S4 matlabserver; C:\Program Files\MATLAB71\webserver\bin\win32\matlabserver.exe [536576 2005-07-27] () [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 ALCXWDM; C:\WINDOWS\System32\drivers\ALCXWDM.SYS [4122368 2000-01-01] (Realtek Semiconductor Corp.) [File not signed] R2 Aspi32; C:\WINDOWS\system32\Drivers\Aspi32.sys [16877 2002-07-17] (Adaptec) R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-12-13] () R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [70384 2014-12-13] (AVAST Software) R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55240 2014-12-13] (AVAST Software) R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-12-13] () R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [787800 2014-12-13] (AVAST Software) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [423784 2014-12-13] (AVAST Software) R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57928 2014-12-13] (AVAST Software) R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [206248 2014-12-13] () S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation) S3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] () S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation) R1 Tcpip6; C:\WINDOWS\System32\DRIVERS\tcpip6.sys [226880 2010-02-11] (Microsoft Corporation) U3 catchme; \??\C:\DOCUME~1\BAKA~1\USTAWI~1\Temp\catchme.sys [X] S4 IntelIde; No ImagePath S3 OSFMount; \??\C:\Program Files\Counter-Strike Global Offensive\image\x86\OSFMount.sys [X] S3 rtl8029; system32\DRIVERS\RTL8029.SYS [X] U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation) U3 TlntSvr; No ImagePath U3 mbr; \??\C:\ComboFix\mbr.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-23 22:27 - 2015-02-23 22:48 - 00000000 ____D () C:\FRST 2015-02-23 19:26 - 2015-02-23 22:49 - 00000000 ____D () C:\Documents and Settings\Baśka\Ustawienia lokalne\temp 2015-02-23 19:26 - 2015-02-23 19:26 - 00014954 _____ () C:\ComboFix.txt 2015-02-23 19:26 - 2015-02-23 19:26 - 00000000 ____D () C:\Documents and Settings\Żabczak\Ustawienia lokalne\temp 2015-02-23 19:26 - 2015-02-23 19:26 - 00000000 ____D () C:\Documents and Settings\NetworkService\Ustawienia lokalne\temp 2015-02-23 19:26 - 2015-02-23 19:26 - 00000000 ____D () C:\Documents and Settings\Default User\Ustawienia lokalne\temp 2015-02-23 18:56 - 2015-02-23 18:56 - 00000000 _RSHD () C:\cmdcons 2015-02-23 18:56 - 2015-02-11 22:13 - 00000211 _____ () C:\Boot.bak 2015-02-23 18:56 - 2004-08-03 23:00 - 00262400 __RSH () C:\cmldr 2015-02-23 18:51 - 2015-02-23 18:52 - 00000000 ____D () C:\Documents and Settings\Baśka\Pulpit\Nowy folder 2015-02-23 18:51 - 2011-06-26 07:45 - 00256000 _____ () C:\WINDOWS\PEV.exe 2015-02-23 18:51 - 2010-11-07 18:20 - 00208896 _____ () C:\WINDOWS\MBR.exe 2015-02-23 18:51 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe 2015-02-23 18:51 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe 2015-02-23 18:51 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe 2015-02-23 18:51 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe 2015-02-23 18:51 - 2000-08-31 01:00 - 00098816 _____ () C:\WINDOWS\sed.exe 2015-02-23 18:51 - 2000-08-31 01:00 - 00080412 _____ () C:\WINDOWS\grep.exe 2015-02-23 18:51 - 2000-08-31 01:00 - 00068096 _____ () C:\WINDOWS\zip.exe 2015-02-23 18:50 - 2015-02-23 19:26 - 00000000 ____D () C:\Qoobox 2015-02-23 18:50 - 2015-02-23 19:24 - 00000000 ____D () C:\WINDOWS\erdnt 2015-02-23 18:50 - 2015-02-23 18:50 - 00000000 ___RD () C:\Documents and Settings\Baśka\Menu Start\Programy\Narzędzia administracyjne 2015-02-23 18:49 - 2015-02-23 18:51 - 00089088 _____ () C:\Documents and Settings\Baśka\Pulpit\mbr.exe 2015-02-23 18:48 - 2015-02-23 18:50 - 05611903 _____ (Swearware) C:\Documents and Settings\Baśka\Pulpit\jklopuy2k.com.exe 2015-02-23 18:48 - 2015-02-23 18:50 - 05611903 _____ (Swearware) C:\Documents and Settings\Baśka\Pulpit\jklopuy1k.com.exe 2015-02-23 18:47 - 2015-02-23 18:49 - 05611903 ____R (Swearware) C:\Documents and Settings\Baśka\Pulpit\ComboFix.exe 2015-02-13 23:39 - 2015-02-13 23:39 - 00000912 _____ () C:\Documents and Settings\Baśka\Menu Start\Programy\Skrót do 3DAnalyze.lnk 2015-02-12 01:17 - 2015-02-12 01:03 - 00069584 ____H () C:\WINDOWS\Minidump\Mini021215-03.dmp 2015-02-12 00:12 - 2015-02-12 00:06 - 00069584 ____H () C:\WINDOWS\Minidump\Mini021215-02.dmp 2015-02-12 00:01 - 2015-02-11 23:58 - 00069584 ____H () C:\WINDOWS\Minidump\Mini021215-01.dmp 2015-02-11 22:51 - 2015-02-11 22:51 - 00000000 ____D () C:\Games 2015-02-11 22:18 - 2015-02-11 22:18 - 00000000 ____D () C:\Program Files\Common Files\Java 2015-02-11 22:05 - 2015-02-11 22:05 - 00000000 ___RD () C:\Documents and Settings\LocalService\Ulubione 2015-02-11 21:56 - 2015-02-11 22:33 - 00000000 ____D () C:\Program Files\SourceApp 2015-02-11 21:52 - 2015-02-11 22:42 - 00000000 ____D () C:\Program Files\Unlocker 2015-02-11 21:52 - 2015-02-11 21:52 - 00000000 ____D () C:\Documents and Settings\Baśka\Menu Start\Programy\Unlocker 2015-02-11 19:21 - 2015-02-11 19:31 - 00000000 ____D () C:\WINDOWS\system32\MRT 2015-02-06 17:58 - 2015-02-06 17:58 - 00001278 _____ () C:\Documents and Settings\Baśka\Pulpit\Skrót do Majesty.lnk 2015-02-05 13:38 - 2015-02-05 13:38 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Windows PowerShell 1.0 2015-02-05 13:37 - 2015-02-11 22:35 - 00131072 _____ () C:\WINDOWS\system32\config\WindowsPowerShell.evt 2015-02-05 13:37 - 2015-02-05 13:38 - 00044246 _____ () C:\WINDOWS\KB926139-v2.log 2015-02-05 13:37 - 2015-02-05 13:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB926139-v2$ 2015-02-05 13:37 - 2015-02-05 13:37 - 00000000 ____D () C:\WINDOWS\system32\windowspowershell 2015-01-27 18:06 - 2015-01-27 18:06 - 00000000 ____D () C:\Program Files\MicroProse 2015-01-24 15:16 - 2015-01-25 15:54 - 00000000 ____D () C:\Documents and Settings\Baśka\Menu Start\Programy\sfBot 2015-01-24 14:06 - 2015-01-26 19:08 - 00000000 ____D () C:\Documents and Settings\Baśka\Dane aplikacji\SFBot ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-23 22:49 - 2014-03-21 20:35 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job 2015-02-23 21:57 - 2014-05-16 09:12 - 00000930 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-02-23 21:56 - 2014-03-20 21:23 - 00001036 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-02-23 21:32 - 2014-03-20 22:30 - 00153007 _____ () C:\WINDOWS\setupapi.log 2015-02-23 21:32 - 2014-03-19 20:35 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy 2015-02-23 21:32 - 2014-03-19 20:35 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit 2015-02-23 21:32 - 2014-03-19 19:47 - 02014866 _____ () C:\WINDOWS\WindowsUpdate.log 2015-02-23 20:57 - 2014-03-19 19:52 - 00032558 _____ () C:\WINDOWS\SchedLgU.Txt 2015-02-23 19:56 - 2014-03-20 21:23 - 00001032 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-02-23 19:26 - 2014-12-16 23:39 - 00000000 ____D () C:\Documents and Settings\Baśka\Dane aplikacji\Mp3tag 2015-02-23 19:26 - 2014-03-22 21:30 - 00000000 ___HD () C:\Documents and Settings\Żabczak\Ustawienia lokalne 2015-02-23 19:26 - 2014-03-19 20:35 - 00000000 __RHD () C:\Documents and Settings\Default User\Ustawienia lokalne 2015-02-23 19:26 - 2014-03-19 19:55 - 00000000 ___HD () C:\Documents and Settings\Baśka\Ustawienia lokalne 2015-02-23 19:26 - 2014-03-19 19:52 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2015-02-23 19:26 - 2014-03-19 19:52 - 00000000 ___HD () C:\Documents and Settings\NetworkService\Ustawienia lokalne 2015-02-23 19:23 - 2006-03-02 13:00 - 00000227 _____ () C:\WINDOWS\system.ini 2015-02-23 19:22 - 2014-03-19 19:52 - 00000000 ____D () C:\Documents and Settings\LocalService\Ustawienia lokalne\Temp 2015-02-23 19:21 - 2014-03-19 20:35 - 00000000 __RHD () C:\Documents and Settings\All Users\Dane aplikacji 2015-02-23 19:02 - 2014-03-19 19:55 - 00000000 __RHD () C:\Documents and Settings\Baśka\Dane aplikacji 2015-02-23 18:56 - 2014-09-09 18:06 - 00000000 ____D () C:\Documents and Settings\Baśka\Dane aplikacji\uTorrent 2015-02-23 18:56 - 2014-03-19 20:33 - 00000327 __RSH () C:\boot.ini 2015-02-23 18:51 - 2014-03-19 19:55 - 00000000 ____D () C:\Documents and Settings\Baśka\Pulpit 2015-02-23 18:50 - 2014-03-19 19:55 - 00000000 ___RD () C:\Documents and Settings\Baśka\Menu Start\Programy 2015-02-23 12:54 - 2014-03-19 20:36 - 00004674 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2015-02-23 12:54 - 2006-03-02 13:00 - 00737492 _____ () C:\WINDOWS\system32\perfh015.dat 2015-02-23 12:54 - 2006-03-02 13:00 - 00197864 _____ () C:\WINDOWS\system32\perfc015.dat 2015-02-23 12:50 - 2014-03-19 20:38 - 00000157 _____ () C:\WINDOWS\wiadebug.log 2015-02-23 12:50 - 2014-03-19 20:38 - 00000050 _____ () C:\WINDOWS\wiaservc.log 2015-02-22 22:48 - 2014-03-19 19:55 - 00000188 ___SH () C:\Documents and Settings\Baśka\ntuser.ini 2015-02-22 12:18 - 2006-03-02 13:00 - 00012984 _____ () C:\WINDOWS\system32\wpa.dbl 2015-02-20 00:02 - 2014-03-20 21:26 - 00001819 _____ () C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk 2015-02-17 19:56 - 2014-03-19 19:55 - 00000000 ___HD () C:\Documents and Settings\Baśka\Ustawienia lokalne\Dane aplikacji 2015-02-16 22:09 - 2014-03-19 20:23 - 00000000 ____D () C:\WINDOWS\security 2015-02-16 19:19 - 2014-10-15 16:56 - 00003584 _____ () C:\Documents and Settings\Baśka\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-02-12 01:17 - 2014-03-20 19:21 - 00000000 ____D () C:\WINDOWS\Minidump 2015-02-12 00:08 - 2014-11-04 12:50 - 00000000 ____D () C:\Program Files\SCAR 2015-02-11 22:46 - 2014-11-22 14:32 - 00000000 ____D () C:\WINDOWS\Microsoft.NET 2015-02-11 22:46 - 2014-03-19 19:47 - 00000000 ____D () C:\WINDOWS\system32\DirectX 2015-02-11 22:37 - 2014-03-21 20:37 - 00000000 ____D () C:\Program Files\WinRAR 2015-02-11 22:33 - 2014-11-24 23:56 - 00000745 _____ () C:\Documents and Settings\Baśka\Menu Start\Programy\Internet Explorer.lnk 2015-02-11 22:33 - 2014-05-24 17:42 - 00000730 _____ () C:\Documents and Settings\All Users\Menu Start\Programy\Mozilla Firefox.lnk 2015-02-11 22:33 - 2014-05-06 10:32 - 00000000 ____D () C:\AdwCleaner 2015-02-11 22:33 - 2014-03-20 21:26 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Google Chrome 2015-02-11 22:21 - 2014-09-09 17:40 - 00000000 ____D () C:\Program Files\Java 2015-02-11 22:17 - 2014-09-09 17:41 - 00272296 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe 2015-02-11 22:17 - 2014-09-09 17:41 - 00176552 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe 2015-02-11 22:17 - 2014-09-09 17:41 - 00176552 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe 2015-02-11 22:17 - 2014-09-09 17:41 - 00146432 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl 2015-02-11 22:17 - 2014-09-09 17:41 - 00096680 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll 2015-02-11 22:13 - 2006-03-02 13:00 - 00000630 _____ () C:\WINDOWS\win.ini 2015-02-11 22:09 - 2014-03-21 20:37 - 00000000 ____D () C:\Documents and Settings\Baśka\Menu Start\Programy\WinRAR 2015-02-11 22:09 - 2014-03-21 20:37 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\WinRAR 2015-02-11 22:05 - 2014-03-19 19:52 - 00000000 __SHD () C:\Documents and Settings\LocalService 2015-02-11 21:59 - 2014-05-24 17:42 - 00000724 _____ () C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk 2015-02-11 19:20 - 2014-11-24 23:05 - 113756392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-02-11 07:29 - 2014-03-22 21:30 - 00000188 ___SH () C:\Documents and Settings\Żabczak\ntuser.ini 2015-02-10 22:19 - 2014-03-19 20:36 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information 2015-02-06 11:35 - 2014-10-16 12:02 - 00165247 _____ () C:\WINDOWS\spupdsvc.log 2015-02-05 13:38 - 2014-03-19 20:36 - 00992935 _____ () C:\WINDOWS\FaxSetup.log 2015-02-05 13:38 - 2014-03-19 20:36 - 00502024 _____ () C:\WINDOWS\ocgen.log 2015-02-05 13:38 - 2014-03-19 20:36 - 00392399 _____ () C:\WINDOWS\tsoc.log 2015-02-05 13:38 - 2014-03-19 20:36 - 00376585 _____ () C:\WINDOWS\comsetup.log 2015-02-05 13:38 - 2014-03-19 20:36 - 00223336 _____ () C:\WINDOWS\ntdtcsetup.log 2015-02-05 13:38 - 2014-03-19 20:36 - 00156040 _____ () C:\WINDOWS\iis6.log 2015-02-05 13:38 - 2014-03-19 20:36 - 00062304 _____ () C:\WINDOWS\ocmsn.log 2015-02-05 13:38 - 2014-03-19 20:36 - 00050364 _____ () C:\WINDOWS\msgsocm.log 2015-02-05 13:38 - 2014-03-19 20:36 - 00001355 _____ () C:\WINDOWS\imsins.log 2015-02-04 21:57 - 2014-05-06 10:20 - 00701616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2015-02-04 21:57 - 2014-05-06 10:20 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2015-02-03 13:28 - 2014-03-19 19:44 - 00074371 _____ () C:\WINDOWS\wmsetup.log 2015-01-27 13:26 - 2015-01-17 23:40 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2015-01-27 13:26 - 2014-05-24 17:42 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service ==================== Files in the root of some directories ======= 2014-10-15 16:56 - 2015-02-16 19:19 - 0003584 _____ () C:\Documents and Settings\Baśka\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================