Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015 Ran by Dom (administrator) on MAX on 09-04-2015 20:59:49 Running from C:\Documents and Settings\Dom\Moje dokumenty\Downloads\naprawa Loaded Profiles: Dom (Available profiles: Dom) Platform: Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polski Internet Explorer Version 8 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Atheros) C:\WINDOWS\system32\acs.exe () C:\Documents and Settings\All Users\Dane aplikacji\MobileBrServ\mbbService.exe (Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe (Nero AG) D:\programy\nero\Nero 8\Nero BackItUp\NBService.exe (Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe (Akamai Technologies, Inc.) C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Akamai\netsession_win.exe (Akamai Technologies, Inc.) C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Akamai\netsession_win.exe (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe () C:\WINDOWS\system32\PnkBstrA.exe () C:\WINDOWS\system32\PnkBstrB.exe (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe (Google Inc.) C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe () C:\Documents and Settings\All Users\Dane aplikacji\MobileBrServ\tray.exe (Google Inc.) C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe (Farbar) C:\Documents and Settings\Dom\Moje dokumenty\Downloads\naprawa\FRST (1).exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16380416 2007-07-05] (Realtek Semiconductor Corp.) HKLM\...\Run: [SkyTel] => C:\WINDOWS\SkyTel.EXE [1826816 2007-06-15] (Realtek Semiconductor Corp.) HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.) HKLM\...\Run: [PAC7302_Monitor] => C:\WINDOWS\PixArt\PAC7302\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation) HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM\...\Run: [MSConfig] => C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe [171520 2008-04-15] (Microsoft Corporation) HKU\S-1-5-19\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32 HKU\S-1-5-20\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32 HKU\S-1-5-21-1547161642-1004336348-682003330-1003\...\Run: [Google Update] => C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [107912 2014-10-24] (Google Inc.) HKU\S-1-5-21-1547161642-1004336348-682003330-1003\...\Run: [Akamai NetSession Interface] => C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.) HKU\S-1-5-21-1547161642-1004336348-682003330-1003\...\MountPoints2: {083ca622-9770-11e4-b9ac-001fd0400a21} - L:\AutoRun.exe HKU\S-1-5-18\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32 HKU\S-1-5-18\...\RunOnce: [tscuninstall] => %systemroot%\system32\tscupgrd.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.interia.pl/#utm_source=instalki&utm_medium=installer&utm_campaign=instalki HKU\S-1-5-21-1547161642-1004336348-682003330-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.interia.pl/#utm_source=instalki&utm_medium=installer&utm_campaign=instalki HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "http://www.interia.pl/#utm_source=instalki&utm_medium=installer&utm_campaign=instalki" <======= ATTENTION SearchScopes: HKU\S-1-5-21-1547161642-1004336348-682003330-1003 -> DefaultScope {563F15F8-B00F-4504-BC29-5D437AE54313} URL = http://www.google.pl/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} SearchScopes: HKU\S-1-5-21-1547161642-1004336348-682003330-1003 -> {563F15F8-B00F-4504-BC29-5D437AE54313} URL = http://www.google.pl/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} SearchScopes: HKU\S-1-5-21-1547161642-1004336348-682003330-1003 -> {szukaj.gazeta.pl} URL = http://szukaj.gazeta.pl/internet/0,0.html?slowo={searchTerms} BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-01-20] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-01-20] (Oracle Corporation) BHO: Between Lines 1.0.0.7 -> {ed66005b-3c60-469c-a11b-211b53e83d9e} -> C:\Program Files\Between Lines\BetweenLinesbho.dll [2015-03-22] (Between Lines) DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1305660637771 DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2011-11-03] (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{B5B9E223-1E74-4463-B861-8C6E9E401CF1}: [NameServer] 194.204.159.1,194.204.152.34 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll [2013-05-29] () FF Plugin: @java.com/DTPlugin,version=10.11.2 -> C:\WINDOWS\system32\npDeployJava1.dll [2013-01-20] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.11.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-01-20] (Oracle Corporation) FF Plugin: @ngm.nexoneu.com/NxGame -> C:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\npnxgameEU.dll [2013-11-18] (Nexon) FF Plugin: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc.) FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1547161642-1004336348-682003330-1003: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.) FF Plugin HKU\S-1-5-21-1547161642-1004336348-682003330-1003: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.) Chrome: ======= CHR HomePage: Default -> hxxp://www.google.com/ CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\41.0.2272.118\gcswf32.dll No File CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.)) CHR Plugin: (Remoting Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\41.0.2272.118\ppGoogleNaClPluginChrome.dll No File CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\41.0.2272.118\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation) CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation) CHR Plugin: (Facebook Video Calling Plugin) - C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Facebook\Video\Skype\npFacebookVideoCalling.dll No File CHR Plugin: (Google Update) - C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File CHR Plugin: (Default Plug-in) - default_plugin No File CHR Profile: C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default CHR Extension: (Google Wallet) - C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-24] StartMenuInternet: chrome.exe - C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 ACS; C:\WINDOWS\system32\acs.exe [364629 2007-02-12] (Atheros) [File not signed] R2 Huawei E3372; C:\Documents and Settings\All Users\Dane aplikacji\MobileBrServ\mbbservice.exe [240720 2014-03-07] () R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [170912 2013-01-20] (Oracle Corporation) R2 Nero BackItUp Scheduler 3; D:\programy\nero\Nero 8\Nero BackItUp\NBService.exe [853288 2007-09-20] (Nero AG) R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76888 2014-02-13] () R2 PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [214520 2015-02-01] () ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [43520 2006-06-18] (Advanced Micro Devices) S3 AR5211; C:\WINDOWS\System32\DRIVERS\ar5211.sys [543712 2007-03-27] (Atheros Communications, Inc.) [File not signed] R1 ASPI32; C:\WINDOWS\system32\Drivers\ASPI32.sys [25244 1999-09-10] (Adaptec) [File not signed] R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [271360 2012-05-03] () [File not signed] S3 Cardex; C:\WINDOWS\system32\drivers\TBPANEL.SYS [12256 2007-03-16] (Windows (R) 2000 DDK provider) S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation) R2 eamon; C:\WINDOWS\System32\DRIVERS\eamon.sys [140752 2010-08-04] (ESET) R1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [115008 2010-07-29] (ESET) R1 epfwtdir; C:\WINDOWS\System32\DRIVERS\epfwtdir.sys [95896 2010-08-03] (ESET) S3 gdrv; C:\WINDOWS\gdrv.sys [15600 2011-05-19] (Windows (R) 2000 DDK provider) S3 hamachi; C:\WINDOWS\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.) R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [18048 2012-05-03] () [File not signed] S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-15] (Microsoft Corporation) R0 nvata; C:\WINDOWS\System32\DRIVERS\nvata.sys [105472 2006-10-18] (NVIDIA Corporation) R3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [58368 2006-11-27] (NVIDIA Corporation) R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [19968 2006-11-27] (NVIDIA Corporation) R2 TBPanel; C:\WINDOWS\system32\Drivers\TBPanel.sys [12256 2007-03-16] (Windows (R) 2000 DDK provider) R3 WSIMD; C:\WINDOWS\System32\DRIVERS\wsimd.sys [55840 2006-11-15] (Atheros Communications, Inc.) [File not signed] S3 ALSysIO; \??\C:\DOCUME~1\Dom\USTAWI~1\Temp\ALSysIO.sys [X] S3 EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys [X] S4 IntelIde; No ImagePath S4 sptd; System32\Drivers\sptd.sys [X] U1 WS2IFSL; No ImagePath ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-07 17:28 - 2015-04-07 17:28 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Mozilla 2015-04-04 18:27 - 2015-04-04 18:27 - 00000799 _____ () C:\Documents and Settings\Dom\Pulpit\Skrót do Core Temp.lnk 2015-04-02 20:47 - 2015-04-02 20:47 - 00000947 _____ () C:\Documents and Settings\Dom\Pulpit\Kontynuuj instalację Core Temp 1.0 RC6.lnk 2015-03-23 14:06 - 2015-03-23 14:07 - 00002497 _____ () C:\WINDOWS\ie8Uninst.log 2015-03-22 14:10 - 2015-03-22 14:10 - 00000000 ____D () C:\Program Files\CPUID 2015-03-22 14:10 - 2015-03-22 14:10 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\CPUID 2015-03-22 14:05 - 2015-03-22 14:05 - 00000000 ____D () C:\Program Files\Between Lines 2015-03-22 14:05 - 2015-03-22 14:05 - 00000000 ____D () C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\WorldofTanks 2015-03-22 14:05 - 2015-03-22 14:05 - 00000000 ____D () C:\Documents and Settings\Dom\Dane aplikacji\WorldofTanks 2015-03-15 15:55 - 2015-03-15 15:55 - 00005458 _____ () C:\Documents and Settings\Dom\.recently-used.xbel ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-09 21:00 - 2011-05-17 20:30 - 00000000 ____D () C:\Documents and Settings\Dom\Ustawienia lokalne\Temp 2015-04-09 20:59 - 2015-02-22 01:06 - 00000000 ____D () C:\FRST 2015-04-09 20:48 - 2011-05-17 21:25 - 00000458 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{2AE9BA8D-54A0-481A-8795-87D247F73DA3}.job 2015-04-09 20:29 - 2011-05-17 19:25 - 01146809 _____ () C:\WINDOWS\WindowsUpdate.log 2015-04-09 20:28 - 2014-08-21 22:07 - 00000392 _____ () C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1408651642.job 2015-04-09 20:27 - 2011-05-17 21:20 - 00000157 _____ () C:\WINDOWS\wiadebug.log 2015-04-09 20:27 - 2011-05-17 21:20 - 00000050 _____ () C:\WINDOWS\wiaservc.log 2015-04-09 20:27 - 2011-05-17 20:51 - 00000104 _____ () C:\WINDOWS\system32\nvapps.xml 2015-04-09 20:27 - 2011-05-17 20:29 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2015-04-09 19:31 - 2011-05-17 20:29 - 00032588 _____ () C:\WINDOWS\SchedLgU.Txt 2015-04-09 19:10 - 2011-10-17 20:20 - 00001124 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1547161642-1004336348-682003330-1003UA.job 2015-04-09 16:49 - 2011-06-13 21:31 - 00000000 ____D () C:\Documents and Settings\Dom\Dane aplikacji\TS3Client 2015-04-09 08:59 - 2011-05-28 10:57 - 00000000 ____D () C:\Program Files\Opera 2015-04-09 08:58 - 2011-05-17 20:30 - 00000188 ___SH () C:\Documents and Settings\Dom\ntuser.ini 2015-04-08 20:10 - 2011-10-17 20:20 - 00001072 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1547161642-1004336348-682003330-1003Core.job 2015-04-08 19:23 - 2011-05-18 19:23 - 00000472 _____ () C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job 2015-04-08 14:36 - 2011-05-17 21:17 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy 2015-04-07 17:30 - 2011-05-17 21:17 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start 2015-04-07 17:29 - 2012-12-12 17:00 - 00000000 ____D () C:\Program Files\Ubisoft 2015-04-07 17:29 - 2011-05-18 19:16 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware 2015-04-07 17:28 - 2013-11-16 16:35 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2015-04-07 17:28 - 2011-05-18 19:09 - 00000000 ____D () C:\Documents and Settings\Dom\Dane aplikacji\Mozilla 2015-04-07 17:28 - 2011-05-17 21:17 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit 2015-04-07 17:28 - 2011-05-17 20:30 - 00000000 ____D () C:\Documents and Settings\Dom\Pulpit 2015-04-07 17:18 - 2011-05-17 20:30 - 00000000 ___RD () C:\Documents and Settings\Dom\Moje dokumenty\Moje obrazy 2015-04-07 17:10 - 2011-05-17 20:30 - 00000000 ___RD () C:\Documents and Settings\Dom\Moje dokumenty 2015-04-07 17:05 - 2011-10-29 21:21 - 00000069 _____ () C:\WINDOWS\NeroDigital.ini 2015-04-07 17:05 - 2011-05-17 21:44 - 00150528 _____ () C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-04-07 16:46 - 2011-05-18 17:43 - 00000000 ____D () C:\Documents and Settings\Dom\.gimp-2.6 2015-04-07 14:39 - 2014-02-24 19:43 - 00536012 _____ () C:\WINDOWS\setupapi.log 2015-04-06 11:23 - 2011-05-17 19:23 - 00093215 _____ () C:\WINDOWS\wmsetup.log 2015-04-05 22:13 - 2013-11-24 17:36 - 00002292 _____ () C:\Documents and Settings\Dom\Pulpit\Google Chrome.lnk 2015-04-04 20:18 - 2013-11-05 15:58 - 00000000 ____D () C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Akamai 2015-03-30 16:07 - 2011-05-17 21:18 - 00764054 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2015-03-30 16:07 - 2001-10-26 22:15 - 00355830 _____ () C:\WINDOWS\system32\perfh015.dat 2015-03-30 16:07 - 2001-10-26 22:15 - 00049712 _____ () C:\WINDOWS\system32\perfc015.dat 2015-03-24 00:10 - 2011-05-17 21:14 - 00000223 ___SH () C:\boot.ini 2015-03-24 00:10 - 2001-07-22 04:16 - 00000890 _____ () C:\WINDOWS\win.ini 2015-03-24 00:10 - 2001-07-22 04:15 - 00000227 _____ () C:\WINDOWS\system.ini 2015-03-23 14:07 - 2011-05-17 21:18 - 01872291 _____ () C:\WINDOWS\iis6.log 2015-03-23 14:07 - 2011-05-17 21:18 - 00760640 _____ () C:\WINDOWS\tsoc.log 2015-03-23 14:07 - 2011-05-17 21:18 - 00568189 _____ () C:\WINDOWS\comsetup.log 2015-03-23 14:07 - 2011-05-17 21:18 - 00340257 _____ () C:\WINDOWS\ntdtcsetup.log 2015-03-23 14:07 - 2011-05-17 21:18 - 00102243 _____ () C:\WINDOWS\ocmsn.log 2015-03-23 14:07 - 2011-05-17 21:18 - 00085141 _____ () C:\WINDOWS\tabletoc.log 2015-03-23 14:07 - 2011-05-17 21:18 - 00001374 _____ () C:\WINDOWS\imsins.log 2015-03-23 14:06 - 2011-05-17 21:18 - 01629252 _____ () C:\WINDOWS\FaxSetup.log 2015-03-23 14:06 - 2011-05-17 21:18 - 00915599 _____ () C:\WINDOWS\ocgen.log 2015-03-23 14:06 - 2011-05-17 21:18 - 00526056 _____ () C:\WINDOWS\msmqinst.log 2015-03-23 14:06 - 2011-05-17 21:18 - 00287155 _____ () C:\WINDOWS\netfxocm.log 2015-03-23 14:06 - 2011-05-17 21:18 - 00113979 _____ () C:\WINDOWS\MedCtrOC.log 2015-03-23 14:06 - 2011-05-17 21:18 - 00082348 _____ () C:\WINDOWS\msgsocm.log 2015-03-22 14:07 - 2011-05-17 20:30 - 00000000 ___RD () C:\Documents and Settings\Dom\Menu Start\Programy 2015-03-22 14:05 - 2011-05-17 20:30 - 00000000 __RHD () C:\Documents and Settings\Dom\Dane aplikacji 2015-03-22 14:05 - 2011-05-17 20:30 - 00000000 ___HD () C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji 2015-03-16 16:10 - 2001-07-22 04:17 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl 2015-03-15 15:55 - 2011-05-17 20:30 - 00000000 ____D () C:\Documents and Settings\Dom ==================== Files in the root of some directories ======= 2014-02-12 13:31 - 2014-02-12 13:31 - 0138056 _____ () C:\Documents and Settings\Dom\Dane aplikacji\PnkBstrK.sys 2011-05-17 21:44 - 2015-04-07 17:05 - 0150528 _____ () C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini Some content of TEMP: ==================== C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\AutoRun.exe C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\AutoRunGUI.dll C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\ComodoCleanup.exe C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\comver.dll C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\eauninstall.exe C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\firefoxjre_exe.exe C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\GUR1.exe C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\GUR2.exe C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\hp_11C.tmp.exe C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\hp_127.tmp.exe C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\hp_129.tmp.exe C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\ICReinstall_Core Temp 1.0 RC6.exe C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\InstHelp.dll C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\LOTR The Return of the King tm_uninst.exe C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\Medal of Honor_uninst.exe C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\mpegc.dll C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\NGMDll.dll C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\NGMResource.dll C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\nowegg.upgr.exe C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\Opera_NI_stable.exe C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\RecoveryToolboxForRARInstall.exe C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\unicows.dll C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\_is3A.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================