Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015 Ran by n (administrator) on OLA on 17-03-2015 12:35:56 Running from C:\Documents and Settings\n\Moje dokumenty\pobrane Loaded Profiles: n (Available profiles: n) Platform: Microsoft Windows XP Home Edition Dodatek Service Pack 3 (X86) OS Language: Polski Internet Explorer Version 6 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (SysTool PasSame LIMITED) C:\Documents and Settings\All Users\Dane aplikacji\WindowsMangerProtect\ProtectWindowsManager.exe (Teruten) C:\WINDOWS\system32\FsUsbExService.Exe (XTab system) C:\Program Files\XTab\ProtectService.exe (Microsoft Corp.) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (SearchProtect) C:\Program Files\XTab\CmdShell.exe (XTab system) C:\Program Files\XTab\HPNotify.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe (Intel Corporation) C:\WINDOWS\system32\igfxpers.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (ASUSTeK Computer Inc.) C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe (Intel Corporation) C:\WINDOWS\system32\igfxext.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe (Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31072 2008-10-25] (Microsoft Corporation) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-03-16] (Avast Software s.r.o.) HKU\S-1-5-21-1661413818-2498473542-1586077186-1006\...\Run: [ccleaner] => C:\Program Files\CCleaner\CCleaner.exe [5503768 2015-02-19] (Piriform Ltd) HKU\S-1-5-21-1661413818-2498473542-1586077186-1006\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5503768 2015-02-19] (Piriform Ltd) HKU\S-1-5-21-1661413818-2498473542-1586077186-1006\...\MountPoints2: {13f17bbe-032e-11e3-ae14-0026185b1c8c} - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Współczesne_uzbrojenie_WO_PL_ANG.avi Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\BTTray.lnk ShortcutTarget: BTTray.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\SuperHybridEngine.lnk ShortcutTarget: SuperHybridEngine.lnk -> C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe (ASUSTeK Computer Inc.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (Avast Software s.r.o.) ShellIconOverlayIdentifiers: [OverlayIconExtension1] -> {fe25455d-b4c2-4e32-97d2-92632ec1c224} => C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: [OverlayIconExtension2] -> {1fae2d88-a78e-4f03-909f-be818a3c1ce6} => C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://do-search.com/?type=hppp&ts=1426525249&from=cor&uid=ST9160310AS_5SV8216CXXXX5SV8216C HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://do-search.com/web/?type=dspp&ts=1426525249&from=cor&uid=ST9160310AS_5SV8216CXXXX5SV8216C&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://do-search.com/?type=hppp&ts=1426525249&from=cor&uid=ST9160310AS_5SV8216CXXXX5SV8216C HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://do-search.com/web/?type=dspp&ts=1426525249&from=cor&uid=ST9160310AS_5SV8216CXXXX5SV8216C&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm HKU\S-1-5-21-1661413818-2498473542-1586077186-1006\Software\Microsoft\Internet Explorer\Main,Start Page = http://do-search.com/?type=hppp&ts=1426525249&from=cor&uid=ST9160310AS_5SV8216CXXXX5SV8216C HKU\S-1-5-21-1661413818-2498473542-1586077186-1006\Software\Microsoft\Internet Explorer\Main,Search Page = http://do-search.com/web/?type=dspp&ts=1426525249&from=cor&uid=ST9160310AS_5SV8216CXXXX5SV8216C&q={searchTerms} HKU\S-1-5-21-1661413818-2498473542-1586077186-1006\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://do-search.com/?type=hppp&ts=1426525249&from=cor&uid=ST9160310AS_5SV8216CXXXX5SV8216C HKU\S-1-5-21-1661413818-2498473542-1586077186-1006\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://do-search.com/web/?type=dspp&ts=1426525249&from=cor&uid=ST9160310AS_5SV8216CXXXX5SV8216C&q={searchTerms} URLSearchHook: HKU\S-1-5-21-1661413818-2498473542-1586077186-1006 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "" <======= ATTENTION SearchScopes: HKLM -> DefaultScope value is missing. SearchScopes: HKU\S-1-5-21-1661413818-2498473542-1586077186-1006 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://do-search.com/web/?type=dspp&ts=1426525249&from=cor&uid=ST9160310AS_5SV8216CXXXX5SV8216C&q={searchTerms} SearchScopes: HKU\S-1-5-21-1661413818-2498473542-1586077186-1006 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://do-search.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=ST9160310AS_5SV8216CXXXX5SV8216C&ts=1426525285&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-1661413818-2498473542-1586077186-1006 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://do-search.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=ST9160310AS_5SV8216CXXXX5SV8216C&ts=1426525285&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-1661413818-2498473542-1586077186-1006 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://do-search.com/web/?type=dspp&ts=1426525249&from=cor&uid=ST9160310AS_5SV8216CXXXX5SV8216C&q={searchTerms} SearchScopes: HKU\S-1-5-21-1661413818-2498473542-1586077186-1006 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://do-search.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=ST9160310AS_5SV8216CXXXX5SV8216C&ts=1426525285&type=default&q={searchTerms} BHO: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files\XTab\SupTab.dll [2015-03-10] (Thinknice Co. Limited) BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14] (Microsoft Corp.) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-13] (Oracle Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-16] (Avast Software s.r.o.) BHO: Pomocnik rejestracji usługi Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-13] (Oracle Corporation) BHO: Windows Live Toolbar Helper -> {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} -> C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06] (Microsoft Corporation) Toolbar: HKLM - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06] (Microsoft Corporation) Toolbar: HKU\S-1-5-21-1661413818-2498473542-1586077186-1006 -> &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06] (Microsoft Corporation) Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-12] (Microsoft Corporation) Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll [2009-02-06] (Microsoft Corporation) Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation) Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll [2009-02-06] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Documents and Settings\n\Dane aplikacji\Mozilla\Firefox\Profiles\e43pkovn.default-1426232573691 FF DefaultSearchEngine: do-search FF Homepage: https://www.google.pl/ FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-03-13] () FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-13] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-13] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=14.0.8064.0206 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2009-02-06] (Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-08-05] (Adobe Systems Inc.) FF SearchPlugin: C:\Documents and Settings\n\Dane aplikacji\Mozilla\Firefox\Profiles\e43pkovn.default-1426232573691\searchplugins\do-search.xml [2015-03-16] FF Extension: FF Toolbar - C:\Documents and Settings\n\Dane aplikacji\Mozilla\Firefox\Profiles\e43pkovn.default-1426232573691\Extensions\fftoolbar2014@etech.com [2015-03-16] FF Extension: Search Enginer - C:\Documents and Settings\n\Dane aplikacji\Mozilla\Firefox\Profiles\e43pkovn.default-1426232573691\Extensions\searchengine@gmail.com [2015-03-16] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-11-09] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-03-16] FF HKLM\...\Firefox\Extensions: [searchengine@gmail.com] - C:\Documents and Settings\n\Dane aplikacji\Mozilla\Firefox\Profiles\e43pkovn.default-1426232573691\extensions\searchengine@gmail.com FF HKLM\...\Firefox\Extensions: [fftoolbar2014@etech.com] - C:\Documents and Settings\n\Dane aplikacji\Mozilla\Firefox\Profiles\e43pkovn.default-1426232573691\extensions\fftoolbar2014@etech.com Chrome: ======= CHR Profile: C:\Documents and Settings\n\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Documents and Settings\n\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-05-03] CHR Extension: (Google Drive) - C:\Documents and Settings\n\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-03] CHR Extension: (YouTube) - C:\Documents and Settings\n\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-05-03] CHR Extension: (Google Search) - C:\Documents and Settings\n\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-05-03] CHR Extension: (Gmail) - C:\Documents and Settings\n\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-05-03] CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-16] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-03-16] (Avast Software s.r.o.) R2 FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [217088 2009-12-22] (Teruten) [File not signed] R2 IHProtect Service; C:\Program Files\XTab\ProtectService.exe [158816 2015-03-10] (XTab system) R2 WindowsMangerProtect; C:\Documents and Settings\All Users\Dane aplikacji\WindowsMangerProtect\ProtectWindowsManager.exe [493712 2015-03-16] (SysTool PasSame LIMITED) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 AR5416; C:\WINDOWS\System32\DRIVERS\athw.sys [1326528 2008-09-18] (Atheros Communications, Inc.) R3 AsusACPI; C:\WINDOWS\System32\DRIVERS\ASUSACPI.sys [10752 2008-04-08] (ASUSTeK Computer Inc.) R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24144 2015-03-16] () R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [73440 2015-03-16] (Avast Software s.r.o.) R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55200 2015-03-16] (Avast Software s.r.o.) R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49904 2015-03-16] () R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [788272 2015-03-16] (Avast Software s.r.o.) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [427480 2015-03-16] (Avast Software s.r.o.) R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57888 2015-03-16] (Avast Software s.r.o.) R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [206976 2015-03-16] () R3 btaudio; C:\WINDOWS\System32\drivers\btaudio.sys [534568 2008-05-30] (Broadcom Corporation.) R3 BTDriver; C:\WINDOWS\System32\DRIVERS\btport.sys [37160 2008-02-04] (Broadcom Corporation.) R3 BTKRNL; C:\WINDOWS\System32\DRIVERS\btkrnl.sys [991656 2008-08-19] (Broadcom Corporation.) R3 BTWDNDIS; C:\WINDOWS\System32\DRIVERS\btwdndis.sys [156816 2008-07-24] (Broadcom Corporation.) R3 btwhid; C:\WINDOWS\System32\DRIVERS\btwhid.sys [57384 2008-03-10] (Broadcom Corporation.) R3 btwmodem; C:\WINDOWS\System32\DRIVERS\btwmodem.sys [37032 2008-02-04] (Broadcom Corporation.) R3 BTWUSB; C:\WINDOWS\System32\Drivers\btwusb.sys [47272 2008-08-19] (Broadcom Corporation.) S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation) R2 fssfltr; C:\WINDOWS\System32\DRIVERS\fssfltr_tdi.sys [55152 2009-02-06] (Microsoft Corporation) R3 FsUsbExDisk; C:\WINDOWS\system32\FsUsbExDisk.SYS [36640 2009-12-22] () [File not signed] S3 Ktp; C:\WINDOWS\System32\DRIVERS\ETD.sys [93696 2009-02-12] (ELANTECH Devices Corp.) R3 L1e; C:\WINDOWS\System32\DRIVERS\l1e51x86.sys [38400 2008-09-23] (Atheros Communications, Inc.) S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation) S3 PCAMPR5; C:\WINDOWS\system32\PCAMPR5.SYS [34688 2003-09-23] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed] S3 PCANDIS5; C:\WINDOWS\system32\PCANDIS5.SYS [32128 2006-03-01] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed] R3 RT80x86; C:\WINDOWS\System32\DRIVERS\RT2860.sys [933504 2009-01-19] (Ralink Technology, Corp.) R3 SNP2UVC; C:\WINDOWS\System32\DRIVERS\snp2uvc.sys [1752704 2008-08-11] () ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-17 12:26 - 2015-03-17 12:27 - 00004118 _____ () C:\WINDOWS\KB2936068.log 2015-03-17 12:26 - 2015-03-17 12:26 - 00000000 ____D () C:\WINDOWS\LastGood 2015-03-16 18:02 - 2015-03-16 18:02 - 00000741 _____ () C:\Documents and Settings\n\Pulpit\7capture.lnk 2015-03-16 18:02 - 2015-03-16 18:02 - 00000000 ____D () C:\Program Files\IBE Software 2015-03-16 18:02 - 2015-03-16 18:02 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\7capture 2015-03-16 18:01 - 2015-03-16 18:03 - 00000000 ____D () C:\Documents and Settings\n\Ustawienia lokalne\Dane aplikacji\Opera Software 2015-03-16 18:01 - 2015-03-16 18:03 - 00000000 ____D () C:\Documents and Settings\n\Dane aplikacji\Opera Software 2015-03-16 18:01 - 2015-03-16 18:01 - 00000000 ____D () C:\Program Files\XTab 2015-03-16 18:01 - 2015-03-16 18:01 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\IHProtectUpDate 2015-03-16 18:00 - 2015-03-16 18:01 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\WindowsMangerProtect 2015-03-16 17:59 - 2015-03-16 18:03 - 00000000 ____D () C:\Program Files\Opera 2015-03-16 17:59 - 2015-03-16 17:59 - 01459408 _____ (IBE Software ) C:\Documents and Settings\n\Moje dokumenty\7capture-setup.exe 2015-03-16 12:29 - 2015-03-16 12:29 - 00000000 ____D () C:\WINDOWS\jumpshot.com 2015-03-16 12:29 - 2015-03-16 12:29 - 00000000 ____D () C:\Documents and Settings\n\Dane aplikacji\AVAST Software 2015-03-16 12:28 - 2015-03-17 12:28 - 00000354 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job 2015-03-16 12:28 - 2015-03-16 12:28 - 00001689 _____ () C:\Documents and Settings\All Users\Pulpit\Avast Free Antivirus.lnk 2015-03-16 12:28 - 2015-03-16 12:28 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\AVAST Software 2015-03-16 12:27 - 2015-03-16 12:26 - 00788272 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSnx.sys 2015-03-16 12:27 - 2015-03-16 12:26 - 00427480 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSP.sys 2015-03-16 12:27 - 2015-03-16 12:26 - 00206976 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys 2015-03-16 12:27 - 2015-03-16 12:26 - 00073440 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2015-03-16 12:27 - 2015-03-16 12:26 - 00057888 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswTdi.sys 2015-03-16 12:27 - 2015-03-16 12:26 - 00055200 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswRdr.sys 2015-03-16 12:27 - 2015-03-16 12:26 - 00049904 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys 2015-03-16 12:27 - 2015-03-16 12:26 - 00024144 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys 2015-03-16 12:26 - 2015-03-16 12:26 - 00291312 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\aswBoot.exe 2015-03-16 12:26 - 2015-03-16 12:26 - 00043112 _____ (Avast Software s.r.o.) C:\WINDOWS\avastSS.scr 2015-03-16 12:20 - 2015-03-16 12:20 - 00000000 ____D () C:\Program Files\AVAST Software 2015-03-16 12:19 - 2015-03-16 12:20 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software 2015-03-16 12:10 - 2015-03-16 12:10 - 00087569 _____ () C:\Documents and Settings\n\Pulpit\AutoRuns.rar 2015-03-14 09:47 - 2015-03-14 09:47 - 00000000 ____D () C:\Program Files\ALLPlayer Remote 2015-03-14 09:47 - 2015-03-14 09:47 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Silverlight 2015-03-14 09:47 - 2015-03-14 09:47 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\ALLPlayer Pilot 2015-03-14 09:47 - 2015-03-14 09:47 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\ALLPlayerRemote 2015-03-14 09:45 - 2015-03-14 09:45 - 00000694 _____ () C:\Documents and Settings\n\Pulpit\ALLPlayer.lnk 2015-03-14 09:45 - 2015-03-14 09:45 - 00000000 ____D () C:\Program Files\Napisy24 2015-03-14 09:45 - 2015-03-14 09:45 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2015-03-14 09:45 - 2015-03-14 09:45 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Napisy24 2015-03-14 09:45 - 2015-03-14 09:45 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\ALLPlayer 2015-03-14 09:45 - 2015-03-14 09:45 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Napisy24 2015-03-14 09:44 - 2015-03-14 09:45 - 00000000 ____D () C:\Program Files\ALLPlayer 2015-03-14 09:44 - 2015-03-14 09:44 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\ALLPlayer 2015-03-14 09:44 - 2013-04-05 20:26 - 02106368 _____ () C:\WINDOWS\system32\ac3filter.ax 2015-03-14 09:44 - 2013-04-05 20:26 - 00276992 _____ (IntelleSoft) C:\WINDOWS\system32\BugTrap.dll 2015-03-14 09:44 - 2011-06-02 01:10 - 00644608 _____ () C:\WINDOWS\system32\xvidcore.dll 2015-03-14 09:44 - 2007-10-07 14:36 - 00258048 _____ () C:\WINDOWS\system32\libFLAC.dll 2015-03-14 09:13 - 2015-03-14 09:45 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2015-03-14 06:22 - 2015-03-17 12:36 - 00000000 ____D () C:\FRST 2015-03-14 06:14 - 2015-03-14 06:14 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr71.dll 2015-03-13 09:56 - 2015-03-13 09:52 - 00096680 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll 2015-03-13 09:54 - 2015-03-13 09:54 - 00000000 ____D () C:\Program Files\Common Files\Java 2015-03-13 09:52 - 2015-03-13 09:58 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Oracle 2015-03-13 09:49 - 2015-03-13 09:49 - 00000000 ___RD () C:\Documents and Settings\n\Menu Start\Programy\Narzędzia administracyjne 2015-03-13 08:47 - 2015-03-13 08:47 - 00000682 _____ () C:\Documents and Settings\All Users\Pulpit\CCleaner.lnk 2015-03-13 08:46 - 2015-03-13 08:46 - 00506264 _____ () C:\WINDOWS\system32\prfh0415.dat 2015-03-13 08:46 - 2015-03-13 08:46 - 00092200 _____ () C:\WINDOWS\system32\prfc0415.dat ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-17 12:36 - 2010-02-02 14:58 - 00000000 ____D () C:\Documents and Settings\n\Ustawienia lokalne\Temp 2015-03-17 12:35 - 2013-08-25 20:24 - 00000000 ____D () C:\Documents and Settings\n\Moje dokumenty\pobrane 2015-03-17 12:32 - 2009-02-04 15:32 - 01209947 _____ () C:\WINDOWS\WindowsUpdate.log 2015-03-17 12:30 - 2010-02-02 14:58 - 00000000 ____D () C:\Documents and Settings\n\Pulpit 2015-03-17 12:27 - 2009-02-04 16:25 - 01125974 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2015-03-17 12:27 - 2009-02-04 16:18 - 00504724 _____ () C:\WINDOWS\system32\perfh015.dat 2015-03-17 12:27 - 2009-02-04 16:18 - 00091144 _____ () C:\WINDOWS\system32\perfc015.dat 2015-03-17 12:22 - 2009-02-04 16:28 - 00000159 ____N () C:\WINDOWS\wiadebug.log 2015-03-17 12:22 - 2009-02-04 16:28 - 00000050 ____N () C:\WINDOWS\wiaservc.log 2015-03-17 12:22 - 2009-02-04 15:37 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2015-03-16 21:34 - 2010-02-02 14:58 - 00000188 ___SH () C:\Documents and Settings\n\ntuser.ini 2015-03-16 21:34 - 2009-02-04 15:37 - 00032604 ____N () C:\WINDOWS\SchedLgU.Txt 2015-03-16 20:57 - 2010-11-09 15:43 - 00000000 ____D () C:\Documents and Settings\n\Ustawienia lokalne\Dane aplikacji\Temp 2015-03-16 20:52 - 2013-08-25 10:53 - 00000930 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-03-16 20:48 - 2010-02-02 14:58 - 00000000 ____D () C:\Documents and Settings\n 2015-03-16 18:48 - 2010-05-05 20:41 - 00000000 ____D () C:\Program Files\pwn.pl 2015-03-16 18:19 - 2010-02-02 14:58 - 00000000 ___HD () C:\Documents and Settings\n\Ustawienia lokalne\Dane aplikacji 2015-03-16 18:18 - 2010-02-02 14:58 - 00000803 _____ () C:\Documents and Settings\n\Menu Start\Programy\Internet Explorer.lnk 2015-03-16 18:18 - 2010-02-02 14:56 - 00000803 _____ () C:\Documents and Settings\Default User\Menu Start\Programy\Internet Explorer.lnk 2015-03-16 18:18 - 2009-02-04 15:37 - 00000000 ___SD () C:\Documents and Settings\NetworkService\Ustawienia lokalne\Historia 2015-03-16 18:18 - 2009-02-04 15:37 - 00000000 ____D () C:\Documents and Settings\LocalService\Ustawienia lokalne\Temp 2015-03-16 18:17 - 2010-02-02 14:58 - 00000000 __RHD () C:\Documents and Settings\n\Dane aplikacji 2015-03-16 18:17 - 2009-02-04 16:19 - 00000000 ____D () C:\WINDOWS\system32\pl-pl 2015-03-16 18:17 - 2009-02-04 16:19 - 00000000 ____D () C:\WINDOWS\Help 2015-03-16 18:16 - 2009-03-12 14:09 - 00000000 ____D () C:\WINDOWS\ie7updates 2015-03-16 18:14 - 2009-02-04 16:19 - 00000000 ____D () C:\WINDOWS\Media 2015-03-16 18:03 - 2009-02-04 16:25 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy 2015-03-16 18:03 - 2009-02-04 16:25 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit 2015-03-16 18:01 - 2009-02-04 16:25 - 00000000 __RHD () C:\Documents and Settings\All Users\Dane aplikacji 2015-03-16 17:59 - 2010-02-02 14:58 - 00000000 ___RD () C:\Documents and Settings\n\Moje dokumenty 2015-03-16 13:28 - 2010-02-08 15:49 - 00023040 _____ () C:\Documents and Settings\n\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-03-15 22:02 - 2014-07-04 10:02 - 00000000 ____D () C:\Documents and Settings\n\Ustawienia lokalne\Dane aplikacji\Mirillis 2015-03-15 13:37 - 2009-02-04 15:37 - 00000000 ___SD () C:\Documents and Settings\LocalService\Ustawienia lokalne\Historia 2015-03-15 13:35 - 2010-02-02 14:58 - 00000000 ___SD () C:\Documents and Settings\n\Ustawienia lokalne\Historia 2015-03-15 13:16 - 2009-02-04 16:18 - 00001158 _____ () C:\WINDOWS\system32\wpa.dbl 2015-03-14 09:48 - 2009-02-04 16:25 - 00000000 __SHD () C:\Documents and Settings\Default User\Ustawienia lokalne\Historia 2015-03-14 09:05 - 2010-02-24 17:06 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Codec Pack 2015-03-13 09:52 - 2014-08-18 07:48 - 00146432 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl 2015-03-13 09:52 - 2011-01-11 17:50 - 00000000 ____D () C:\Program Files\Java 2015-03-13 09:49 - 2010-02-02 14:58 - 00000000 ___RD () C:\Documents and Settings\n\Menu Start\Programy 2015-03-13 08:52 - 2013-08-25 10:53 - 00701616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2015-03-13 08:52 - 2013-08-20 15:27 - 00000000 ____D () C:\WINDOWS\system32\MRT 2015-03-13 08:52 - 2011-11-10 15:32 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2015-03-13 08:48 - 2014-06-16 09:03 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\CCleaner 2015-03-13 08:47 - 2010-11-09 15:44 - 00000000 ____D () C:\Program Files\CCleaner 2015-02-26 21:20 - 2011-01-11 18:08 - 119837696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe ==================== Files in the root of some directories ======= 2010-11-09 16:42 - 2010-11-09 16:42 - 0002528 _____ () C:\Documents and Settings\n\Dane aplikacji\$_hpcst$.hpc 2010-02-08 15:49 - 2015-03-16 13:28 - 0023040 _____ () C:\Documents and Settings\n\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2010-02-02 14:58 - 2009-03-12 13:23 - 0000135 _____ () C:\Documents and Settings\n\Ustawienia lokalne\Dane aplikacji\fusioncache.dat ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================