Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:16-08-2015 Ran by Greg (administrator) on M-G (17-08-2015 19:19:07) Running from C:\LOGI\Dla picasso Loaded Profiles: Greg (Available Profiles: Greg & Administrator) Platform: Microsoft Windows XP Home Edition Dodatek Service Pack 3 (X86) Language: Polski Internet Explorer Version 8 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (G Data Software AG) C:\Program Files\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG) D:\Ochrona\G Data\InternetSecurity\AVK\AVKWCtl.exe (G Data Software AG) C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG) D:\Ochrona\G Data\InternetSecurity\AVK\AVKService.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe (G Data Software AG) D:\Ochrona\G Data\InternetSecurity\AVKTray\AVKTray.exe (Microsoft Corporation) C:\WINDOWS\system32\tcpsvcs.exe (G Data Software AG) C:\Program Files\Common Files\G Data\AVKProxy\GDKBFltExe32.exe (G Data Software AG) D:\Ochrona\G Data\InternetSecurity\Firewall\GDFwSvc.exe (G DATA Software AG) D:\Ochrona\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (Mozilla Corporation) D:\Internet\Firefox\firefox.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [] => [X] HKLM\...\Run: [G Data ASM] => D:\Ochrona\G Data\InternetSecurity\DelayLoader\AutorunDelayLoader.exe [434296 2015-02-20] (G Data Software AG) HKLM\...\Run: [GDFirewallTray] => D:\Ochrona\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1864312 2015-06-16] (G DATA Software AG) HKLM\...\Winlogon: [Userinit] C:\WINDOWS\system32\userinit.exe,D:\Ochrona\G Data\InternetSecurity\AVKTray\AVKTray.exe HKLM\...\Policies\Explorer: [NoRemoteRecursiveEvents] 1 HKLM\...\Policies\Explorer: [NoSaveSettings] 0 HKU\S-1-5-21-299502267-1060284298-682003330-1004\...\Run: [AVKTray] => D:\Ochrona\G Data\InternetSecurity\AVKTray\AVKTray.exe [2300536 2015-07-15] (G Data Software AG) HKU\S-1-5-21-299502267-1060284298-682003330-1004\...\Policies\system: [NoDispCPL] 0 HKU\S-1-5-21-299502267-1060284298-682003330-1004\...\Policies\system: [NoDispBackgroundPage] 0 HKU\S-1-5-21-299502267-1060284298-682003330-1004\...\Policies\system: [NoDispScrSavPage] 0 HKU\S-1-5-21-299502267-1060284298-682003330-1004\...\Policies\system: [NoDispAppearancePage] 0 HKU\S-1-5-21-299502267-1060284298-682003330-1004\...\Policies\system: [NoDispSettingsPage] 0 HKU\S-1-5-21-299502267-1060284298-682003330-1004\...\Policies\Explorer: [NoSaveSettings] 0x01000000 HKU\S-1-5-21-299502267-1060284298-682003330-1004\...\Policies\Explorer: [NoRecentDocsHistory] 1 HKU\S-1-5-21-299502267-1060284298-682003330-1004\...\Policies\Explorer: [NoRecentDocsMenu] 1 HKU\S-1-5-21-299502267-1060284298-682003330-1004\...\Policies\Explorer: [NoControlPanel] 0 HKU\S-1-5-21-299502267-1060284298-682003330-1004\...\Policies\Explorer: [NoViewContextMenu] 0 HKU\S-1-5-21-299502267-1060284298-682003330-1004\...\Policies\Explorer: [NoThumbnailCache] 1 HKU\S-1-5-21-299502267-1060284298-682003330-1004\...\Policies\Explorer: [NoResolveSearch] 1 HKU\S-1-5-21-299502267-1060284298-682003330-1004\...\Policies\Explorer: [NoRecentDocsNetHood] 1 HKU\S-1-5-21-299502267-1060284298-682003330-1004\...\Policies\Explorer: [NoActiveDesktop] 0x00000000 HKU\S-1-5-21-299502267-1060284298-682003330-1004\...\MountPoints2: {6b4a0e14-94cd-11e3-8b9e-f3ee2f54bd5e} - F:\Startme.exe BootExecute: autocheck autochk * BootDefrag.exesdnclean.exe GroupPolicyScripts: Group Policy detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-299502267-1060284298-682003330-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-299502267-1060284298-682003330-1004\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-299502267-1060284298-682003330-1004 -> DefaultScope {4D326ED2-AD07-4647-8EC7-D970D1DC478D} URL = hxxp://www.google.com/search?hl=pl&q={searchTerms} SearchScopes: HKU\S-1-5-21-299502267-1060284298-682003330-1004 -> {4D326ED2-AD07-4647-8EC7-D970D1DC478D} URL = hxxp://www.google.com/search?hl=pl&q={searchTerms} DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1389812240765 Handler: AutorunsDisabled\mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL [2009-07-20] (Microsoft Corporation) Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.3.1 Tcpip\..\Interfaces\{35D8C2E6-173A-4900-A403-3874C202067D}: [DhcpNameServer] 192.168.3.1 FireFox: ======== FF ProfilePath: C:\Documents and Settings\Greg\Dane aplikacji\Mozilla\Firefox\Profiles\abk1z3v6.default-1429391400765 FF Homepage: about:blank FF NetworkProxy: "type", 4 FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-13] () FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1219159.dll [2015-06-26] (Adobe Systems, Inc.) FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> D:\Multimedia\Kodeki\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.) FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-18] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-18] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40620.0\npctrl.dll [2015-06-19] ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation) FF Plugin: @real.com/nppl3260;version=6.0.12.450 -> D:\Multimedia\Kodeki\Real Alternative\browser\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc.) FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> D:\Multimedia\Kodeki\Real Alternative\browser\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.) FF Plugin: Adobe Reader -> D:\Narzędzia\Adobe Reader\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.) FF Extension: GoogleSharing - C:\Documents and Settings\Greg\Dane aplikacji\Mozilla\Firefox\Profiles\abk1z3v6.default-1429391400765\Extensions\googlesharing@extension.thoughtcrime.org [2015-05-29] FF Extension: Flashblock - C:\Documents and Settings\Greg\Dane aplikacji\Mozilla\Firefox\Profiles\abk1z3v6.default-1429391400765\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2015-05-29] FF Extension: All-in-One Sidebar - C:\Documents and Settings\Greg\Dane aplikacji\Mozilla\Firefox\Profiles\abk1z3v6.default-1429391400765\Extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi [2015-04-18] FF Extension: Adblock Plus - C:\Documents and Settings\Greg\Dane aplikacji\Mozilla\Firefox\Profiles\abk1z3v6.default-1429391400765\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-18] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-12-06] ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AVKProxy; C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe [2558072 2015-06-19] (G Data Software AG) R2 AVKService; D:\Ochrona\G Data\InternetSecurity\AVK\AVKService.exe [966776 2015-06-16] (G Data Software AG) R2 AVKWCtl; D:\Ochrona\G Data\InternetSecurity\AVK\AVKWCtl.exe [2907776 2015-06-16] (G Data Software AG) R3 GDFwSvc; D:\Ochrona\G Data\InternetSecurity\Firewall\GDFwSvc.exe [2550896 2015-06-19] (G Data Software AG) R3 GDScan; C:\Program Files\Common Files\G Data\GDScan\GDScan.exe [789624 2015-06-16] (G Data Software AG) S4 GEST Service; C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe [68136 2009-12-02] () S4 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed] S4 JavaQuickStarterService; D:\Narzędzia\Java\bin\jqs.exe [182696 2014-04-16] (Oracle Corporation) S4 MBAMService; D:\Ochrona\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) S4 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [41760 2015-07-14] (Microsoft) S4 SDScannerService; D:\Ochrona\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.) S4 SDUpdateService; D:\Ochrona\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.) S4 SDWSCService; D:\Ochrona\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.) S4 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S4 abp480n5; C:\WINDOWS\system32\Drivers\abp480n5.sys [23552 2001-08-17] (Microsoft Corporation) S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative) S3 ampa; C:\WINDOWS\system32\ampa.sys [12656 2013-11-29] () R0 BootDefragDriver; C:\WINDOWS\System32\drivers\BootDefragDriver.sys [14784 2014-11-24] (Glarysoft Ltd) S4 Changer; C:\WINDOWS\system32\Drivers\Changer.sys [8192 2008-04-14] (Microsoft Corporation) S3 ET5Drv; C:\WINDOWS\system32\Drivers\ET5Drv.sys [30008 2007-10-11] (Windows (R) 2000 DDK provider) R0 GDBehave; C:\WINDOWS\System32\drivers\GDBehave.sys [112128 2015-08-17] (G Data Software AG) R3 GDKBB; C:\WINDOWS\system32\drivers\GDKBB32.sys [24192 2015-08-17] (G Data Software AG) R3 GDKBFlt; C:\WINDOWS\system32\drivers\GDKBFlt32.sys [20352 2015-08-17] (G Data Software AG) R1 GDMnIcpt; C:\WINDOWS\system32\drivers\MiniIcpt.sys [162048 2015-08-17] (G Data Software AG) R0 GDNdisIc; C:\WINDOWS\System32\drivers\GDNdisIc.sys [30048 2015-08-17] (G Data Software AG) S3 gdrv; C:\WINDOWS\gdrv.sys [17488 2014-09-19] (Windows (R) 2000 DDK provider) R2 GDTdiInterceptor; C:\WINDOWS\system32\drivers\GDTdiIcpt.sys [53248 2015-08-17] (G Data Software AG) R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [File not signed] R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [17472 2015-04-27] (Glarysoft Ltd) R1 HookCentre; C:\WINDOWS\system32\drivers\HookCentre.sys [84736 2015-08-17] (G Data Software AG) S4 lbrtfdc; C:\WINDOWS\system32\Drivers\lbrtfdc.sys [34688 2008-04-14] (Toshiba Corp.) S4 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation) S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.) S3 RivaTuner32; D:\Grafika\RivaTuner\RivaTuner32.sys [9088 2009-08-22] () [File not signed] R0 speedfan; C:\WINDOWS\System32\speedfan.sys [24184 2012-12-29] (Almico Software) S3 TBPanel; C:\WINDOWS\system32\Drivers\TBPanel.sys [12256 2007-03-16] (Windows (R) 2000 DDK provider) S1 wceusbsh; C:\WINDOWS\System32\DRIVERS\wceusbsh.sys [28672 2006-11-06] (Microsoft Corporation) U5 Inport; C:\Windows\System32\Drivers\Inport.sys [13312 2001-10-26] (Microsoft Corporation) S4 RTLVLANMP; system32\DRIVERS\RTLVLAN.SYS [X] U1 WS2IFSL; no ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-08-17 19:17 - 2015-08-17 19:19 - 00000000 ____D C:\FRST 2015-08-17 19:07 - 2015-08-17 19:10 - 00000000 ____D C:\LOGI 2015-08-17 18:47 - 2015-08-17 18:47 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\G DATA INTERNET SECURITY 2015-08-17 00:50 - 2015-08-17 17:17 - 00000864 _____ C:\WINDOWS\setupapi.log 2015-08-17 00:23 - 2015-08-17 18:47 - 00053248 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDTdiIcpt.sys 2015-08-17 00:23 - 2015-08-17 18:47 - 00000733 _____ C:\Documents and Settings\All Users\Pulpit\G DATA INTERNET SECURITY.lnk 2015-08-17 00:23 - 2015-08-17 18:46 - 00001232 _____ C:\WINDOWS\KB918997.log 2015-08-17 00:23 - 2015-08-17 00:23 - 00030048 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDNdisIc.sys 2015-08-17 00:23 - 2015-08-17 00:23 - 00024192 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDKBB32.sys 2015-08-17 00:23 - 2015-08-17 00:23 - 00020352 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDKBFlt32.sys 2015-08-17 00:23 - 2015-08-17 00:23 - 00001400 _____ C:\WINDOWS\setupact.log 2015-08-17 00:23 - 2015-08-17 00:23 - 00000000 _____ C:\WINDOWS\setuperr.log 2015-08-17 00:22 - 2015-08-17 18:46 - 00162048 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\MiniIcpt.sys 2015-08-17 00:22 - 2015-08-17 18:46 - 00112128 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDBehave.sys 2015-08-17 00:22 - 2015-08-17 18:46 - 00084736 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\HookCentre.sys 2015-08-17 00:22 - 2015-08-17 18:46 - 00004522 _____ C:\WINDOWS\DPINST.LOG 2015-08-17 00:19 - 2015-08-17 00:19 - 00150792 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-08-16 23:39 - 2015-08-16 23:39 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\doPDF 8 2015-08-16 23:36 - 2015-08-16 23:37 - 00000000 ____D C:\WINDOWS\LastGood 2015-08-16 23:26 - 2015-08-16 23:15 - 00000850 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20150816-232659.backup 2015-08-16 23:15 - 2015-08-16 20:29 - 00450621 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20150816-231506.backup 2015-08-16 20:29 - 2008-04-15 14:00 - 00000742 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20150816-202930.backup 2015-08-16 17:41 - 2015-08-16 23:13 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Spybot - Search & Destroy 2 2015-08-16 17:41 - 2015-08-16 20:27 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Spybot - Search & Destroy 2015-08-16 17:41 - 2015-08-16 17:41 - 00065536 _____ C:\WINDOWS\system32\config\SpybotSD.evt 2015-08-16 17:41 - 2015-08-16 17:41 - 00000866 _____ C:\Documents and Settings\All Users\Pulpit\Spybot-S&D Start Center.lnk 2015-08-16 17:41 - 2013-09-20 10:49 - 00018968 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean.exe 2015-08-16 15:37 - 2015-08-16 15:37 - 00000000 ____D C:\Documents and Settings\Greg\Dane aplikacji\ArcaVirMicroScan 2015-08-16 15:25 - 2015-08-16 15:28 - 00000000 ____D C:\Program Files\stinger 2015-08-16 14:17 - 2008-04-14 22:46 - 00005504 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\intelide.sys 2015-08-16 14:17 - 2008-04-14 22:46 - 00005504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelide.sys 2015-08-16 14:17 - 2008-04-14 01:11 - 00018560 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\i2omp.sys 2015-08-16 14:17 - 2008-04-14 01:11 - 00018560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i2omp.sys 2015-08-16 14:17 - 2008-04-14 01:11 - 00008576 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\i2omgmt.sys 2015-08-16 14:17 - 2008-04-14 01:11 - 00008576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i2omgmt.sys 2015-08-16 14:17 - 2008-04-14 01:11 - 00008192 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\changer.sys 2015-08-16 14:17 - 2008-04-14 01:11 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\changer.sys 2015-08-16 14:17 - 2008-04-14 01:10 - 00034688 ____C (Toshiba Corp.) C:\WINDOWS\system32\dllcache\lbrtfdc.sys 2015-08-16 14:17 - 2008-04-14 01:10 - 00034688 _____ (Toshiba Corp.) C:\WINDOWS\system32\Drivers\lbrtfdc.sys 2015-08-16 14:17 - 2008-04-14 01:10 - 00005376 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\viaide.sys 2015-08-16 14:17 - 2008-04-14 01:10 - 00005376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\viaide.sys 2015-08-16 14:17 - 2008-04-14 01:06 - 00014208 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\battc.sys 2015-08-16 14:17 - 2008-04-14 01:06 - 00014208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\battc.sys 2015-08-16 14:17 - 2001-10-26 17:58 - 00006656 ____C (CMD Technology, Inc.) C:\WINDOWS\system32\dllcache\cmdide.sys 2015-08-16 14:17 - 2001-10-26 17:58 - 00006656 _____ (CMD Technology, Inc.) C:\WINDOWS\system32\Drivers\cmdide.sys 2015-08-16 14:17 - 2001-10-26 17:52 - 00004992 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\toside.sys 2015-08-16 14:17 - 2001-10-26 17:52 - 00004992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\toside.sys 2015-08-16 14:17 - 2001-10-26 17:46 - 00013312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\inport.sys 2015-08-16 14:17 - 2001-10-26 17:46 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\inport.sys 2015-08-16 14:17 - 2001-08-17 23:07 - 00101888 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\adpu160m.sys 2015-08-16 14:17 - 2001-08-17 23:07 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\adpu160m.sys 2015-08-16 14:17 - 2001-08-17 23:07 - 00056960 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\aic78xx.sys 2015-08-16 14:17 - 2001-08-17 23:07 - 00056960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\aic78xx.sys 2015-08-16 14:17 - 2001-08-17 23:07 - 00055168 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\aic78u2.sys 2015-08-16 14:17 - 2001-08-17 23:07 - 00055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\aic78u2.sys 2015-08-16 14:17 - 2001-08-17 23:07 - 00032640 ____C (LSI Logic) C:\WINDOWS\system32\dllcache\symc8xx.sys 2015-08-16 14:17 - 2001-08-17 23:07 - 00032640 _____ (LSI Logic) C:\WINDOWS\system32\Drivers\symc8xx.sys 2015-08-16 14:17 - 2001-08-17 23:07 - 00030688 ____C (LSI Logic) C:\WINDOWS\system32\dllcache\sym_u3.sys 2015-08-16 14:17 - 2001-08-17 23:07 - 00030688 _____ (LSI Logic) C:\WINDOWS\system32\Drivers\sym_u3.sys 2015-08-16 14:17 - 2001-08-17 23:07 - 00028384 ____C (LSI Logic) C:\WINDOWS\system32\dllcache\sym_hi.sys 2015-08-16 14:17 - 2001-08-17 23:07 - 00028384 _____ (LSI Logic) C:\WINDOWS\system32\Drivers\sym_hi.sys 2015-08-16 14:17 - 2001-08-17 23:07 - 00027296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\perc2.sys 2015-08-16 14:17 - 2001-08-17 23:07 - 00027296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\perc2.sys 2015-08-16 14:17 - 2001-08-17 23:07 - 00025952 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hpn.sys 2015-08-16 14:17 - 2001-08-17 23:07 - 00025952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hpn.sys 2015-08-16 14:17 - 2001-08-17 23:07 - 00020192 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dpti2o.sys 2015-08-16 14:17 - 2001-08-17 23:07 - 00020192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dpti2o.sys 2015-08-16 14:17 - 2001-08-17 23:07 - 00019072 ____C (Adaptec, Inc.) C:\WINDOWS\system32\dllcache\sparrow.sys 2015-08-16 14:17 - 2001-08-17 23:07 - 00019072 _____ (Adaptec, Inc.) C:\WINDOWS\system32\Drivers\sparrow.sys 2015-08-16 14:17 - 2001-08-17 23:07 - 00016256 ____C (Symbios Logic Inc.) C:\WINDOWS\system32\dllcache\symc810.sys 2015-08-16 14:17 - 2001-08-17 23:07 - 00016256 _____ (Symbios Logic Inc.) C:\WINDOWS\system32\Drivers\symc810.sys 2015-08-16 14:17 - 2001-08-17 23:07 - 00005504 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\perc2hib.sys 2015-08-16 14:17 - 2001-08-17 23:07 - 00005504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\perc2hib.sys 2015-08-16 14:17 - 2001-08-17 22:52 - 00179584 ____C (Mylex Corporation) C:\WINDOWS\system32\dllcache\dac2w2k.sys 2015-08-16 14:17 - 2001-08-17 22:52 - 00179584 _____ (Mylex Corporation) C:\WINDOWS\system32\Drivers\dac2w2k.sys 2015-08-16 14:17 - 2001-08-17 22:52 - 00049024 ____C (QLogic Corporation) C:\WINDOWS\system32\dllcache\ql1280.sys 2015-08-16 14:17 - 2001-08-17 22:52 - 00049024 _____ (QLogic Corporation) C:\WINDOWS\system32\Drivers\ql1280.sys 2015-08-16 14:17 - 2001-08-17 22:52 - 00045312 ____C (QLogic Corporation) C:\WINDOWS\system32\dllcache\ql12160.sys 2015-08-16 14:17 - 2001-08-17 22:52 - 00045312 _____ (QLogic Corporation) C:\WINDOWS\system32\Drivers\ql12160.sys 2015-08-16 14:17 - 2001-08-17 22:52 - 00040448 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ql1240.sys 2015-08-16 14:17 - 2001-08-17 22:52 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ql1240.sys 2015-08-16 14:17 - 2001-08-17 22:52 - 00040320 ____C (QLogic Corporation) C:\WINDOWS\system32\dllcache\ql1080.sys 2015-08-16 14:17 - 2001-08-17 22:52 - 00040320 _____ (QLogic Corporation) C:\WINDOWS\system32\Drivers\ql1080.sys 2015-08-16 14:17 - 2001-08-17 22:52 - 00036736 ____C (Promise Technology, Inc.) C:\WINDOWS\system32\dllcache\ultra.sys 2015-08-16 14:17 - 2001-08-17 22:52 - 00036736 _____ (Promise Technology, Inc.) C:\WINDOWS\system32\Drivers\ultra.sys 2015-08-16 14:17 - 2001-08-17 22:52 - 00033152 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ql10wnt.sys 2015-08-16 14:17 - 2001-08-17 22:52 - 00033152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ql10wnt.sys 2015-08-16 14:17 - 2001-08-17 22:52 - 00026496 ____C (Advanced System Products, Inc.) C:\WINDOWS\system32\dllcache\asc.sys 2015-08-16 14:17 - 2001-08-17 22:52 - 00026496 _____ (Advanced System Products, Inc.) C:\WINDOWS\system32\Drivers\asc.sys 2015-08-16 14:17 - 2001-08-17 22:52 - 00023552 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\abp480n5.sys 2015-08-16 14:17 - 2001-08-17 22:52 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\abp480n5.sys 2015-08-16 14:17 - 2001-08-17 22:52 - 00022400 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\asc3350p.sys 2015-08-16 14:17 - 2001-08-17 22:52 - 00022400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\asc3350p.sys 2015-08-16 14:17 - 2001-08-17 22:52 - 00017280 ____C (American Megatrends Inc.) C:\WINDOWS\system32\dllcache\mraid35x.sys 2015-08-16 14:17 - 2001-08-17 22:52 - 00017280 _____ (American Megatrends Inc.) C:\WINDOWS\system32\Drivers\mraid35x.sys 2015-08-16 14:17 - 2001-08-17 22:52 - 00016000 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ini910u.sys 2015-08-16 14:17 - 2001-08-17 22:52 - 00016000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ini910u.sys 2015-08-16 14:17 - 2001-08-17 22:52 - 00014976 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cpqarray.sys 2015-08-16 14:17 - 2001-08-17 22:52 - 00014976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cpqarray.sys 2015-08-16 14:17 - 2001-08-17 22:52 - 00014720 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dac960nt.sys 2015-08-16 14:17 - 2001-08-17 22:52 - 00014720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dac960nt.sys 2015-08-16 14:17 - 2001-08-17 22:52 - 00012800 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\aha154x.sys 2015-08-16 14:17 - 2001-08-17 22:52 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\aha154x.sys 2015-08-16 14:17 - 2001-08-17 22:52 - 00012032 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\amsint.sys 2015-08-16 14:17 - 2001-08-17 22:52 - 00012032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amsint.sys 2015-08-16 14:17 - 2001-08-17 22:52 - 00007680 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cd20xrnt.sys 2015-08-16 14:17 - 2001-08-17 22:52 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cd20xrnt.sys 2015-08-16 14:17 - 2001-08-17 22:51 - 00014848 ____C (Advanced System Products, Inc.) C:\WINDOWS\system32\dllcache\asc3550.sys 2015-08-16 14:17 - 2001-08-17 22:51 - 00014848 _____ (Advanced System Products, Inc.) C:\WINDOWS\system32\Drivers\asc3550.sys 2015-08-16 14:17 - 2001-08-17 22:51 - 00005248 ____C (Acer Laboratories Inc.) C:\WINDOWS\system32\dllcache\aliide.sys 2015-08-16 14:17 - 2001-08-17 22:51 - 00005248 _____ (Acer Laboratories Inc.) C:\WINDOWS\system32\Drivers\aliide.sys 2015-08-16 09:57 - 2015-08-16 09:57 - 00182331 _____ C:\Documents and Settings\Greg\Pulpit\bookmarks-2015-08-16.json 2015-08-16 00:25 - 2008-04-15 00:51 - 00510464 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2015-08-16 00:24 - 2008-04-15 00:51 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\userinit.exe 2015-08-15 18:41 - 2015-08-15 18:41 - 00000050 _____ C:\WINDOWS\system32\dllcache\.directory 2015-08-15 17:36 - 2015-08-15 17:36 - 00000049 _____ C:\WINDOWS\system32\config\.directory 2015-08-15 01:54 - 2015-08-15 01:54 - 00000050 _____ C:\WINDOWS\system32\.directory 2015-08-15 01:52 - 2015-08-15 01:52 - 00000050 _____ C:\WINDOWS\.directory 2015-08-13 22:38 - 2015-08-13 22:38 - 00000188 ___SH C:\Documents and Settings\Administrator\ntuser.ini 2015-08-13 22:38 - 2015-08-13 22:38 - 00000000 ____D C:\Documents and Settings\Administrator 2015-08-13 22:38 - 2013-12-08 20:03 - 00001608 _____ C:\Documents and Settings\Administrator\Menu Start\Programy\Pomoc zdalna.lnk 2015-08-13 22:38 - 2013-12-08 20:03 - 00000801 _____ C:\Documents and Settings\Administrator\Menu Start\Programy\Windows Media Player.lnk 2015-08-13 22:38 - 2013-12-08 20:03 - 00000000 ___RD C:\Documents and Settings\Administrator\Menu Start\Programy 2015-08-13 22:38 - 2013-12-08 20:02 - 00000000 ___RD C:\Documents and Settings\Administrator\Menu Start\Programy\Akcesoria 2015-08-13 22:38 - 2013-12-02 11:59 - 00000000 ___HD C:\Documents and Settings\Administrator\Szablony 2015-08-13 22:38 - 2013-12-02 11:29 - 00000000 __RHD C:\Documents and Settings\Administrator\Dane aplikacji 2015-08-13 22:38 - 2013-12-02 11:29 - 00000000 ___RD C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart 2015-08-13 22:38 - 2013-12-02 11:29 - 00000000 ___RD C:\Documents and Settings\Administrator\Menu Start 2015-08-13 22:38 - 2013-12-02 11:29 - 00000000 ___HD C:\Documents and Settings\Administrator\Ustawienia lokalne 2015-08-13 22:38 - 2013-12-02 11:29 - 00000000 ____D C:\Documents and Settings\Administrator\Ulubione 2015-08-13 22:38 - 2013-12-02 11:29 - 00000000 ____D C:\Documents and Settings\Administrator\Pulpit 2015-08-13 22:38 - 2013-12-02 11:29 - 00000000 ____D C:\Documents and Settings\Administrator\Moje dokumenty 2015-08-08 18:02 - 2015-08-09 19:42 - 00000000 ____D C:\Documents and Settings\Greg\Pulpit\18 2015-07-18 23:39 - 2015-07-18 23:39 - 00000000 ____D C:\Program Files\Common Files\Java 2015-07-18 23:37 - 2015-07-18 23:39 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Oracle ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-08-17 18:54 - 2014-09-19 23:13 - 00022782 _____ C:\WINDOWS\system32\nvAppTimestamps 2015-08-17 18:53 - 2013-12-02 13:04 - 00000000 ____D C:\Documents and Settings\Greg\Pulpit 2015-08-17 18:50 - 2013-12-10 01:23 - 01087471 _____ C:\WINDOWS\WindowsUpdate.log 2015-08-17 18:50 - 2013-12-02 13:04 - 00000000 ___HD C:\Documents and Settings\Greg\Szablony 2015-08-17 18:48 - 2013-12-15 13:56 - 00000159 _____ C:\WINDOWS\wiadebug.log 2015-08-17 18:48 - 2013-12-15 13:56 - 00000050 _____ C:\WINDOWS\wiaservc.log 2015-08-17 18:48 - 2013-12-02 12:18 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-08-17 18:48 - 2008-04-15 14:00 - 00013646 _____ C:\WINDOWS\system32\wpa.dbl 2015-08-17 18:47 - 2015-03-03 00:19 - 00032530 _____ C:\WINDOWS\SchedLgU.Txt 2015-08-17 18:47 - 2013-12-02 13:04 - 00000188 ___SH C:\Documents and Settings\Greg\ntuser.ini 2015-08-17 18:47 - 2013-12-02 13:04 - 00000000 ____D C:\Documents and Settings\Greg 2015-08-17 18:47 - 2013-12-02 11:29 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Start\Programy 2015-08-17 18:47 - 2013-12-02 11:29 - 00000000 ____D C:\Documents and Settings\All Users\Pulpit 2015-08-17 18:45 - 2014-12-17 20:56 - 00000000 ____D C:\Program Files\Common Files\G Data 2015-08-17 00:29 - 2013-12-02 19:45 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\G Data 2015-08-17 00:22 - 2015-07-06 13:14 - 00001755 _____ C:\Documents and Settings\Greg\Dane aplikacji\gdscan.log 2015-08-17 00:17 - 2014-09-11 18:33 - 00000000 __SHD C:\Documents and Settings\Greg\UserData 2015-08-17 00:16 - 2013-12-02 09:28 - 00000000 ____D C:\WINDOWS\system32\spool 2015-08-17 00:01 - 2013-12-02 11:16 - 00000239 ___RH C:\boot.ini 2015-08-17 00:01 - 2008-04-15 14:00 - 00000902 _____ C:\WINDOWS\win.ini 2015-08-17 00:01 - 2008-04-15 14:00 - 00000227 _____ C:\WINDOWS\system.ini 2015-08-16 23:39 - 2013-12-02 11:33 - 01565782 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-08-16 23:39 - 2013-12-02 11:22 - 00000000 __RHD C:\Documents and Settings\All Users\Dane aplikacji 2015-08-16 23:39 - 2008-04-15 14:00 - 00731122 _____ C:\WINDOWS\system32\perfh015.dat 2015-08-16 23:39 - 2008-04-15 14:00 - 00162578 _____ C:\WINDOWS\system32\perfc015.dat 2015-08-16 23:35 - 2015-04-19 22:15 - 00000000 ____D C:\Program Files\Softland 2015-08-16 23:35 - 2014-08-19 22:31 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Package Cache 2015-08-16 22:36 - 2013-12-02 12:18 - 00000188 ___SH C:\Documents and Settings\LocalService\ntuser.ini 2015-08-16 15:37 - 2013-12-02 13:04 - 00000000 __RHD C:\Documents and Settings\Greg\Dane aplikacji 2015-08-16 13:38 - 2013-12-02 09:28 - 00000000 ____D C:\WINDOWS\repair 2015-08-16 13:01 - 2013-12-02 12:07 - 00000000 ____D C:\WINDOWS\Registration 2015-08-16 09:48 - 2014-02-18 20:42 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2015-08-16 01:05 - 2013-12-03 19:19 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Internet 2015-08-16 01:04 - 2013-12-02 21:50 - 00000547 _____ C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk 2015-08-15 22:54 - 2013-12-04 09:18 - 00000000 ____D C:\Documents and Settings\Greg\Pulpit\Ochrona 2015-08-15 22:45 - 2014-05-07 23:08 - 00098520 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-08-15 22:34 - 2013-12-03 20:49 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\TEMP 2015-08-15 00:03 - 2013-12-02 11:14 - 09175040 _____ C:\WINDOWS\system32\config\system.old 2015-08-13 22:30 - 2014-05-13 22:14 - 00000000 ____D C:\Documents and Settings\Greg\Dane aplikacji\DiskDefrag 2015-08-13 15:39 - 2014-09-24 18:44 - 00778440 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2015-08-13 15:39 - 2014-09-24 18:44 - 00142536 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2015-08-12 22:19 - 2013-12-03 18:11 - 129304528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-08-12 21:44 - 2014-02-05 23:39 - 00000000 ____D C:\Documents and Settings\Greg\Doctor Web 2015-08-10 13:15 - 2013-12-04 20:48 - 00000000 ____D C:\WINDOWS\pss 2015-08-10 12:47 - 2013-12-02 13:04 - 00000000 ___RD C:\Documents and Settings\Greg\Menu Start\Programy 2015-08-03 21:46 - 2015-04-27 22:21 - 00000306 _____ C:\WINDOWS\Tasks\GlaryInitialize 5.job 2015-08-03 18:11 - 2013-12-03 17:18 - 00000000 ____D C:\Documents and Settings\Greg\Pulpit\Porządek 2015-08-01 10:02 - 2013-12-04 09:20 - 00000000 ____D C:\Documents and Settings\Greg\Pulpit\Multimedia 2015-07-27 22:29 - 2015-05-24 23:13 - 00000717 _____ C:\Documents and Settings\All Users\Pulpit\IncrediMail.lnk 2015-07-18 23:37 - 2014-10-15 20:44 - 00146432 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl 2015-07-18 23:37 - 2014-10-15 20:44 - 00096352 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll 2015-07-18 23:36 - 2014-09-01 21:58 - 00000000 ____D C:\Program Files\Java ==================== Files in the root of some directories ======= 2015-04-14 23:13 - 2015-04-14 23:13 - 0002528 _____ () C:\Documents and Settings\Greg\Dane aplikacji\$_hpcst$.hpc 2015-07-06 13:14 - 2015-07-06 13:14 - 0000000 _____ () C:\Documents and Settings\Greg\Dane aplikacji\gdfw.log 2015-07-06 13:14 - 2015-08-17 00:22 - 0001755 _____ () C:\Documents and Settings\Greg\Dane aplikacji\gdscan.log 2013-12-15 16:01 - 2015-05-22 22:48 - 0048640 _____ () C:\Documents and Settings\Greg\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-12-06 16:18 - 2013-12-06 16:18 - 0000129 _____ () C:\Documents and Settings\Greg\Ustawienia lokalne\Dane aplikacji\fusioncache.dat ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End of log ============================