Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015 Ran by cp24 (administrator) on CP24-FA76188762 on 28-03-2015 13:13:42 Running from C:\Documents and Settings\cp24\Pulpit\Toolkit Loaded Profiles: cp24 (Available profiles: cp24 & Administrator) Platform: Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polski Internet Explorer Version 8 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Lenovo.) C:\WINDOWS\system32\ibmpmsvc.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\S24EvMon.exe (Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Intel Corporation) C:\WINDOWS\system32\igfxtray.exe (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe (Intel Corporation) C:\WINDOWS\system32\igfxpers.exe (Lenovo Group Limited) C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe (Avanquest Software ) C:\Program Files\Digital Line Detect\DLG.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Atheros) C:\WINDOWS\system32\acs.exe (Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Lenovo Group Limited) C:\Program Files\Lenovo\System Update\SUService.exe (Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe (Lenovo Group Limited) C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited) C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [925696 2005-05-20] (Analog Devices, Inc.) HKLM\...\Run: [SoundMAX] => C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [716800 2005-05-06] (Analog Devices, Inc.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2200872 2011-02-17] (Synaptics Incorporated) HKLM\...\Run: [PSQLLauncher] => C:\Program Files\ThinkVantage Fingerprint Software\launcher.exe [55120 2010-12-07] (UPEK Inc.) HKLM\...\Run: [TVT Scheduler Proxy] => C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe [487424 2008-03-04] (Lenovo Group Limited) HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM\...\Run: [AvastUI.exe] => "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (UPEK Inc.) HKU\S-1-5-21-1214440339-329068152-1417001333-1003\...\Run: [ALLUpdate] => "C:\Program Files\ALLPlayer\ALLUpdate.exe" "sleep" HKU\S-1-5-21-1214440339-329068152-1417001333-1003\...\Run: [ALLPlayer WiFi Remote] => C:\Program Files\ALLPlayer Remote\ALLPlayerRemoteControl.exe HKU\S-1-5-21-1214440339-329068152-1417001333-1003\...\Run: [Yahoo! Search] => C:\Documents and Settings\cp24\Dane aplikacji\Pay-By-Ads\Yahoo! Search\1.3.19.2\dsrlte.exe Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Digital Line Detect.lnk ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files\Digital Line Detect\DLG.exe (Avanquest Software ) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll No File GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-1214440339-329068152-1417001333-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://rts.dsrlte.com?affID=na HKU\S-1-5-21-1214440339-329068152-1417001333-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "http://rts.dsrlte.com/?m=tab&affID=na" <======= ATTENTION SearchScopes: HKU\S-1-5-21-1214440339-329068152-1417001333-1003 -> DefaultScope {6EB14D45-6D03-4B6D-875C-388543F81C20} URL = http://www.google.com/search?hl=pl&q={searchTerms} SearchScopes: HKU\S-1-5-21-1214440339-329068152-1417001333-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1214440339-329068152-1417001333-1003 -> {6EB14D45-6D03-4B6D-875C-388543F81C20} URL = http://www.google.com/search?hl=pl&q={searchTerms} SearchScopes: HKU\S-1-5-21-1214440339-329068152-1417001333-1003 -> {FAEA3444-D484-47AC-8322-AA1A2CBBD21C} URL = http://rts.dsrlte.com/?affID=na&q={searchTerms}&r=774 BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll No File BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll No File Toolbar: HKLM - Alexa Toolbar - {EA582743-9076-4178-9AA6-7393FDF4D5CE} - C:\Program Files\Alexa Toolbar\AlexaToolbar.10.0.dll No File Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4 FireFox: ======== FF ProfilePath: C:\Documents and Settings\cp24\Dane aplikacji\Mozilla\Firefox\Profiles\t6tk30z5.default FF NewTab: hxxp://search.yahoo.com/?fr=hp-ddc-bd-tab&type=616_pr__alt__ddc_dsssyctab_bd_com FF DefaultSearchEngine: Yahoo! Search FF SelectedSearchEngine: Yahoo! Search FF Homepage: hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=616_pr__alt__ddc_dsssyc_bd_com FF Keyword.URL: hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=616_pr__alt__ddc_dss_bd_com&p= FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll No File FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll No File FF SearchPlugin: C:\Documents and Settings\cp24\Dane aplikacji\Mozilla\Firefox\Profiles\t6tk30z5.default\searchplugins\dsrlte.xml [2015-02-03] FF SearchPlugin: C:\Documents and Settings\cp24\Dane aplikacji\Mozilla\Firefox\Profiles\t6tk30z5.default\searchplugins\search-simple.xml [2015-03-20] FF SearchPlugin: C:\Documents and Settings\cp24\Dane aplikacji\Mozilla\Firefox\Profiles\t6tk30z5.default\searchplugins\web-search-powered-by-google.xml [2014-10-04] FF Extension: Adblock Plus Pop-up Addon - C:\Documents and Settings\cp24\Dane aplikacji\Mozilla\Firefox\Profiles\t6tk30z5.default\Extensions\adblockpopups@jessehakanen.net.xpi [2015-03-25] FF Extension: Adblock Plus - C:\Documents and Settings\cp24\Dane aplikacji\Mozilla\Firefox\Profiles\t6tk30z5.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-20] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-11-02] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF HKU\S-1-5-21-1214440339-329068152-1417001333-1003\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\Documents and Settings\All Users\Dane aplikacji\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi Chrome: ======= CHR HKLM\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [Not Found] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 acs; C:\WINDOWS\system32\acs.exe [475220 2009-09-24] (Atheros) [File not signed] R2 S24EventMonitor; C:\Program Files\Intel\WiFi\bin\S24EvMon.exe [915728 2010-12-23] (Intel(R) Corporation) R2 SUService; C:\Program Files\Lenovo\System Update\SUService.exe [28672 2011-07-25] (Lenovo Group Limited) [File not signed] R2 TVT Scheduler; C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe [1122304 2008-03-04] (Lenovo Group Limited) [File not signed] S2 avast! Antivirus; "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" [X] S2 gupdate; "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc [X] S3 gupdatem; "C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc [X] S3 McComponentHostService; "C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe" [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 AEAudioService; C:\WINDOWS\System32\drivers\AEAudio.sys [93952 2006-08-07] (Andrea Electronics Corporation) S3 AR5416; C:\WINDOWS\System32\DRIVERS\athw.sys [1347168 2009-04-03] (Atheros Communications, Inc.) R3 atmeltpm; C:\WINDOWS\System32\DRIVERS\atmeltpm.sys [15872 2005-05-17] (Atmel, Inc.) S3 EverestDriver; C:\Documents and Settings\cp24\Ustawienia lokalne\Temp\EverestDriver.sys [26224 2009-02-05] () R3 HSFHWAZL; C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys [217016 2010-06-02] (Conexant Systems, Inc.) R3 HSF_DPV; C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys [993464 2010-06-02] (Conexant Systems, Inc.) S3 NAL; C:\WINDOWS\system32\Drivers\iqvw32.sys [28632 2009-09-21] (Intel Corporation ) [File not signed] R3 NETwLx32; C:\WINDOWS\System32\DRIVERS\NETwLx32.sys [6609920 2010-10-07] (Intel Corporation) R3 Rasirda; C:\WINDOWS\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation) R2 s24trans; C:\WINDOWS\System32\DRIVERS\s24trans.sys [13952 2010-05-19] (Intel Corporation) [File not signed] R2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [12560 2009-03-13] (UPEK Inc.) R3 WSIMD; C:\WINDOWS\System32\DRIVERS\wsimd.sys [57408 2008-02-08] (Atheros Communications, Inc.) [File not signed] R1 {1d7d694e-604c-4da2-9100-b2601d3a1c57}t; C:\WINDOWS\System32\drivers\{1d7d694e-604c-4da2-9100-b2601d3a1c57}t.sys [55832 2015-01-25] (StdLib) R1 {371bcf01-e691-44bf-9345-60788e5d16a5}t; C:\WINDOWS\System32\drivers\{371bcf01-e691-44bf-9345-60788e5d16a5}t.sys [55832 2015-01-29] (StdLib) R1 {4cff408a-d9e7-47c3-a711-95133fcf7f45}t; C:\WINDOWS\System32\drivers\{4cff408a-d9e7-47c3-a711-95133fcf7f45}t.sys [55832 2015-01-19] (StdLib) R1 {6e9af5d3-a8f9-4461-ad38-1433888f55dc}t; C:\WINDOWS\System32\drivers\{6e9af5d3-a8f9-4461-ad38-1433888f55dc}t.sys [55832 2015-01-16] (StdLib) R1 {a5c25b9e-3974-4e91-9864-34f9aca33ff3}Gt; C:\WINDOWS\System32\drivers\{a5c25b9e-3974-4e91-9864-34f9aca33ff3}Gt.sys [55832 2014-12-29] (StdLib) R1 {df8eec40-f909-439c-9ffe-3fee212f71b9}t; C:\WINDOWS\System32\drivers\{df8eec40-f909-439c-9ffe-3fee212f71b9}t.sys [55824 2015-02-02] (StdLib) S2 aswHwid; \SystemRoot\system32\drivers\aswHwid.sys [X] S2 aswMonFlt; \SystemRoot\system32\drivers\aswMonFlt.sys [X] S1 aswRdr; \SystemRoot\system32\drivers\aswRdr.sys [X] S0 aswRvrt; No ImagePath S1 aswSnx; \SystemRoot\system32\drivers\aswSnx.sys [X] S1 aswSP; \SystemRoot\system32\drivers\aswSP.sys [X] S1 aswTdi; \SystemRoot\system32\drivers\aswTdi.sys [X] S0 aswVmm; No ImagePath S3 btaudio; system32\drivers\btaudio.sys [X] S3 BTDriver; system32\DRIVERS\btport.sys [X] S3 BTWDNDIS; system32\DRIVERS\btwdndis.sys [X] S3 BTWUSB; System32\Drivers\btwusb.sys [X] S4 IntelIde; No ImagePath U1 WS2IFSL; No ImagePath S1 {31c21995-b861-4864-ab50-4a53fbca73d4}t; system32\drivers\{31c21995-b861-4864-ab50-4a53fbca73d4}t.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-28 13:11 - 2015-03-28 13:13 - 00000000 ____D () C:\FRST 2015-03-28 13:10 - 2015-03-28 13:13 - 00000000 ____D () C:\Documents and Settings\cp24\Pulpit\Toolkit 2015-03-28 12:02 - 2015-03-28 12:04 - 00048675 _____ () C:\Report 2015-03-28 12.02.56.txt 2015-03-28 12:01 - 2015-03-28 12:01 - 00000000 ____D () C:\Documents and Settings\cp24\Dane aplikacji\QuickScan 2015-03-28 11:21 - 2015-03-28 11:22 - 00000000 ____D () C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla 2015-03-28 11:21 - 2015-03-28 11:21 - 00000000 ____D () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Mozilla 2015-03-28 11:20 - 2015-03-28 11:53 - 00000188 ___SH () C:\Documents and Settings\Administrator\ntuser.ini 2015-03-28 11:20 - 2015-03-28 11:41 - 00000000 ____D () C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp 2015-03-28 11:20 - 2015-03-28 11:21 - 00000000 __RHD () C:\Documents and Settings\Administrator\Dane aplikacji 2015-03-28 11:20 - 2015-03-28 11:21 - 00000000 ___HD () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji 2015-03-28 11:20 - 2015-03-28 11:20 - 00000000 ____D () C:\Documents and Settings\Administrator 2015-03-28 11:20 - 2014-07-24 11:06 - 00000000 ____D () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft Help 2015-03-28 11:20 - 2014-07-24 09:44 - 00000000 __SHD () C:\Documents and Settings\Administrator\IETldCache 2015-03-28 11:20 - 2011-04-04 13:59 - 00000000 ____D () C:\Documents and Settings\Administrator\Dane aplikacji\Intel 2015-03-28 11:20 - 2011-04-04 08:39 - 00000000 __SHD () C:\Documents and Settings\Administrator\Ustawienia lokalne\Historia 2015-03-28 11:20 - 2011-04-04 08:39 - 00000000 ___RD () C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart 2015-03-28 11:20 - 2011-04-04 08:39 - 00000000 ___RD () C:\Documents and Settings\Administrator\Menu Start 2015-03-28 11:20 - 2011-04-04 08:39 - 00000000 ___HD () C:\Documents and Settings\Administrator\Ustawienia lokalne 2015-03-28 11:20 - 2011-04-04 08:39 - 00000000 ____D () C:\Documents and Settings\Administrator\Ulubione 2015-03-28 11:20 - 2011-04-04 08:39 - 00000000 ____D () C:\Documents and Settings\Administrator\Pulpit 2015-03-28 11:20 - 2011-04-04 08:39 - 00000000 ____D () C:\Documents and Settings\Administrator\Moje dokumenty 2015-03-28 11:20 - 2011-04-04 07:49 - 00001599 _____ () C:\Documents and Settings\Administrator\Menu Start\Programy\Pomoc zdalna.lnk 2015-03-28 11:20 - 2011-04-04 07:49 - 00000792 _____ () C:\Documents and Settings\Administrator\Menu Start\Programy\Windows Media Player.lnk 2015-03-28 11:20 - 2011-04-04 07:49 - 00000000 ___RD () C:\Documents and Settings\Administrator\Menu Start\Programy\Akcesoria 2015-03-28 11:20 - 2011-04-04 07:49 - 00000000 ___RD () C:\Documents and Settings\Administrator\Menu Start\Programy 2015-03-28 11:20 - 2011-04-04 07:45 - 00000000 ___HD () C:\Documents and Settings\Administrator\Szablony 2015-03-28 11:19 - 2015-03-28 11:19 - 00000000 ____D () C:\WINDOWS\CSC 2015-03-27 21:11 - 2015-03-27 21:11 - 02347384 _____ (ESET) C:\Documents and Settings\cp24\Pulpit\esetsmartinstaller_plk.exe 2015-03-27 21:11 - 2015-03-27 21:11 - 00000000 ____D () C:\Program Files\ESET 2015-03-27 19:15 - 2015-03-27 19:16 - 00000013 _____ () C:\Documents and Settings\cp24\Pulpit\Nowy Dokument tekstowy.txt 2015-03-24 14:47 - 2015-03-25 14:45 - 00000000 ____D () C:\Documents and Settings\cp24\Dane aplikacji\AVAST Software(2) 2015-03-24 14:46 - 2015-03-28 11:54 - 00000360 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job 2015-03-24 14:42 - 2015-03-25 14:45 - 00000000 ____D () C:\Program Files\AVAST Software(2) 2015-03-24 14:26 - 2015-03-24 14:39 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\MFAData 2015-03-24 14:26 - 2015-03-24 14:26 - 00000000 ____D () C:\Documents and Settings\cp24\Ustawienia lokalne\Dane aplikacji\MFAData 2015-03-24 14:22 - 2015-03-24 14:25 - 168343664 _____ (AVG Technologies) C:\Program Files\avg_free_x86_all_2015_ltst_222.exe 2015-03-24 14:13 - 2015-03-24 14:13 - 00000803 _____ () C:\Documents and Settings\cp24\Pulpit\Internet Explorer.lnk 2015-03-24 14:12 - 2015-03-24 14:12 - 00000803 _____ () C:\Documents and Settings\cp24\Menu Start\Programy\Internet Explorer (2).lnk 2015-03-23 14:36 - 2015-03-23 14:37 - 00000000 ____D () C:\Program Files\Mozilla Firefox ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-28 13:14 - 2011-04-04 07:55 - 00000000 ____D () C:\Documents and Settings\cp24\Ustawienia lokalne\Temp 2015-03-28 13:10 - 2011-04-04 07:55 - 00000000 ____D () C:\Documents and Settings\cp24\Pulpit 2015-03-28 12:22 - 2014-07-24 09:58 - 00000930 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-03-28 12:01 - 2011-04-04 07:55 - 00000000 __RHD () C:\Documents and Settings\cp24\Dane aplikacji 2015-03-28 11:55 - 2011-04-04 07:48 - 01054854 _____ () C:\WINDOWS\WindowsUpdate.log 2015-03-28 11:54 - 2014-07-04 11:26 - 00000220 _____ () C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job 2015-03-28 11:54 - 2011-04-04 07:53 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2015-03-28 11:54 - 2008-04-15 13:00 - 00011936 _____ () C:\WINDOWS\system32\wpa.dbl 2015-03-28 11:18 - 2011-04-04 14:08 - 00131072 _____ () C:\WINDOWS\system32\config\ACS.evt 2015-03-28 11:18 - 2011-04-04 07:55 - 00000188 ___SH () C:\Documents and Settings\cp24\ntuser.ini 2015-03-28 11:18 - 2011-04-04 07:53 - 00032346 _____ () C:\WINDOWS\SchedLgU.Txt 2015-03-28 09:51 - 2011-04-04 08:38 - 00079690 _____ () C:\WINDOWS\setupapi.log 2015-03-27 19:38 - 2011-04-04 07:55 - 00000000 ___HD () C:\Documents and Settings\cp24\Ustawienia lokalne 2015-03-27 19:30 - 2008-04-15 13:00 - 00000654 _____ () C:\WINDOWS\win.ini 2015-03-27 19:11 - 2011-04-04 08:38 - 00184919 _____ () C:\WINDOWS\setupact.log 2015-03-25 15:07 - 2014-07-14 13:56 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help 2015-03-25 14:46 - 2011-04-04 07:55 - 00000000 ____D () C:\Documents and Settings\cp24 2015-03-25 14:46 - 2011-04-04 07:53 - 00000000 __SHD () C:\Documents and Settings\NetworkService 2015-03-25 14:46 - 2011-04-04 07:53 - 00000000 __SHD () C:\Documents and Settings\LocalService 2015-03-25 14:45 - 2011-04-04 08:39 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit 2015-03-25 14:45 - 2011-04-04 07:46 - 00000000 ____D () C:\WINDOWS\Registration 2015-03-25 14:43 - 2011-04-04 07:47 - 00000000 ____D () C:\WINDOWS\system32\Restore 2015-03-24 14:47 - 2011-04-04 08:39 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy 2015-03-24 14:41 - 2014-07-14 14:10 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software 2015-03-24 14:39 - 2011-04-04 07:55 - 00000000 ___HD () C:\Documents and Settings\cp24\Ustawienia lokalne\Dane aplikacji 2015-03-24 14:36 - 2014-07-14 14:10 - 05481352 _____ (Avast Software s.r.o.) C:\Program Files\avast_free_antivirus_setup_online.exe 2015-03-24 14:31 - 2011-04-04 08:38 - 00000000 __RHD () C:\Documents and Settings\All Users\Dane aplikacji 2015-03-24 14:12 - 2011-04-04 07:55 - 00000000 ___RD () C:\Documents and Settings\cp24\Menu Start\Programy 2015-03-24 14:05 - 2011-04-04 08:39 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy\Autostart 2015-03-24 14:01 - 2013-09-24 08:45 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2015-03-20 14:53 - 2014-07-14 14:17 - 00000000 ____D () C:\Program Files\Google 2015-03-20 14:52 - 2014-07-14 14:17 - 00000000 ____D () C:\Documents and Settings\cp24\Ustawienia lokalne\Dane aplikacji\Google 2015-03-16 14:07 - 2011-04-04 08:38 - 01033493 _____ () C:\WINDOWS\setupapi.log.1.old 2015-03-13 14:09 - 2011-04-04 10:45 - 00000000 ____D () C:\WINDOWS\Microsoft.NET 2015-03-11 15:06 - 2013-09-24 09:14 - 00000000 ____D () C:\WINDOWS\system32\MRT 2015-03-11 15:03 - 2011-11-02 12:33 - 119837696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe ==================== Files in the root of some directories ======= 2014-07-14 14:10 - 2015-03-24 14:36 - 5481352 _____ (Avast Software s.r.o.) C:\Program Files\avast_free_antivirus_setup_online.exe 2015-03-24 14:22 - 2015-03-24 14:25 - 168343664 _____ (AVG Technologies) C:\Program Files\avg_free_x86_all_2015_ltst_222.exe 2012-01-25 17:09 - 2012-01-25 17:09 - 0004608 _____ () C:\Documents and Settings\cp24\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2008-02-05 12:28 - 2008-02-05 12:28 - 0000051 _____ () C:\Documents and Settings\cp24\Ustawienia lokalne\Dane aplikacji\setup.txt Some content of TEMP: ==================== C:\Documents and Settings\cp24\Ustawienia lokalne\Temp\AtiCimUn.exe C:\Documents and Settings\cp24\Ustawienia lokalne\Temp\fp_pl_pfs_installer.exe C:\Documents and Settings\cp24\Ustawienia lokalne\Temp\ose00000.exe C:\Documents and Settings\cp24\Ustawienia lokalne\Temp\res.dll C:\Documents and Settings\cp24\Ustawienia lokalne\Temp\{B99A87FA-1EC8-4B6F-9690-C16A2FCFD02A}-37.0.2062.120_chrome_installer.exe C:\Documents and Settings\cp24\Ustawienia lokalne\Temp\{D5755568-67BE-44F1-87BC-17029708C9A9}-GoogleUpdateSetup.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================