ADVERTISEMENT

FRST.txt

Internet zwolnił - jak sprawdzić przyczynę na starym komputerze?

hej. mbam nic nie znalazł poza instalką clonecd na pulpicie. Usunąłem tą instalke. W załączniku logi. Pozdrawiam.


Download file - link to post

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:15-07-2014 01
Ran by Tomasz (administrator) on TOMEK on 17-07-2014 22:23:47
Running from C:\Documents and Settings\Administrator\Pulpit
Platform: Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polski
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Sunbelt Software) C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
() C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
(Sunbelt Software) C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
(Sunbelt Software) C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
() C:\WINDOWS\ATK0100\HControl.exe
(ATI Technologies, Inc.) C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
() C:\Program Files\RocketDock\RocketDock.exe
() C:\Program Files\LClock\LClock.exe
(IntelliBreeze Software) C:\Program Files\Gmail Notifier Pro\GmailNotifierPro.exe
(DT Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTLite.exe
() C:\WINDOWS\ATK0100\ATKOSD.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HControl] = & gt; C:\WINDOWS\ATK0100\HControl.exe [102400 2005-07-28] ()
HKLM\...\Run: [ATIPTA] = & gt; C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [344064 2005-05-31] (ATI Technologies, Inc.)
HKLM\...\Run: [egui] = & gt; C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2054360 2009-09-29] (ESET)
HKLM\...\Run: [Control Center] = & gt; C:\Program Files\ASUS\WLAN Card Utilities\Center.exe [1668096 2005-09-13] (ASUSTeK COMPUTER INC.)
HKLM\...\Run: [SoundMAXPnP] = & gt; C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe [1388544 2004-10-14] (Analog Devices, Inc.)
HKLM\...\Run: [QuickTime Task] = & gt; C:\Program Files\QT Lite\qttask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [CloneCDTray] = & gt; C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [57344 2009-01-30] (SlySoft, Inc.)
HKLM\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] - " C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe " " C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes\Malwarebytes Anti-Malware " [54072 2014-05-12] (Malwarebytes Corporation)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
HKU\S-1-5-21-1482476501-796845957-839522115-500\...\Run: [RocketDock] = & gt; C:\Program Files\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-1482476501-796845957-839522115-500\...\Run: [LClock] = & gt; C:\Program Files\LClock\lclock.exe [65536 2004-09-19] ()
HKU\S-1-5-21-1482476501-796845957-839522115-500\...\Run: [GmailNotifierPro] = & gt; C:\Program Files\Gmail Notifier Pro\GmailNotifierPro.exe [2827072 2014-01-18] (IntelliBreeze Software)
HKU\S-1-5-21-1482476501-796845957-839522115-500\...\Run: [DAEMON Tools Lite] = & gt; C:\Program Files\DAEMON Tools Lite\DTLite.exe [4910912 2011-08-02] (DT Soft Ltd)
HKU\S-1-5-21-1482476501-796845957-839522115-500\...\MountPoints2: {4a84e285-fcb0-11e0-9fe1-0015f21f4191} - F:\setup.exe
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay - & gt; {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} = & gt; C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay - & gt; {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} = & gt; C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedOverlay - & gt; {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} = & gt; C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay - & gt; {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} = & gt; C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay - & gt; {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} = & gt; C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay - & gt; {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} = & gt; C:\Program Files\Google\Drive\googledrivesync32.dll (Google)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie & pver=6 & ar=msnhome
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie & ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Groove GFS Browser Helper - & gt; {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - & gt; C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - & gt; {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - & gt; C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - & gt; {DBC80044-A445-435b-BC74-9C25C1C588A9} - & gt; C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - & Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - & Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {92ECE6FA-AC2E-4042-BFAE-0C8608E52A43} https://www.bph.pl/sezam/components/SignActivX.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 217.172.224.160 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\de0wmt3o.default-13726227794531
FF Homepage: hxxp://www.google.pl/ig
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin: @cuminas.jp/DjVuPlugin - C:\Program Files\Cuminas\Document Express DjVu Plug-in\npdjvu.dll (Cuminas Corporation)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.12.450 - C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 - C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @thrixxx.com/WebLaunch - C:\Program Files\thriXXX\WebLaunch\Binaries\npWebLaunch.dll ( )
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @thrixxx.com/WebLaunch - C:\Program Files\thriXXX\WebLaunch\Binaries\npWebLaunch.dll ( )
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npWebLaunch.dll ( )
FF Extension: Noia 4 Theme Manager - C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\de0wmt3o.default-1372622779453\Extensions\Noia4Options@ArisT2.xpi [2013-06-30]
FF Extension: Noia 4 - C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\de0wmt3o.default-1372622779453\Extensions\{faf13420-5e24-11e0-80e3-0800200c9a66}.xpi [2013-06-30]
FF Extension: BPH Sign Plugin - C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\de0wmt3o.default-13726227794531\Extensions\SignPlugin@bph.pl [2014-04-01]
FF Extension: Noia 4 Theme Manager - C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\de0wmt3o.default-13726227794531\Extensions\firegestures@xuldev.org.xpi [2014-04-01]
FF Extension: Noia 4 - C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\de0wmt3o.default-13726227794531\Extensions\jid0-GaZOxvWNYcafEsmayJDIG3XXVi8@jetpack.xpi [2014-04-01]
FF Extension: Noia 4 Theme Manager - C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\de0wmt3o.default-13726227794531\Extensions\Noia4Options@ArisT2.xpi [2014-04-01]
FF Extension: Ask Toolbar - C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\de0wmt3o.default-13726227794531\Extensions\toolbar_ARS3-V7@apn.ask.com.xpi [2014-04-01]
FF Extension: Noia Fox - C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\de0wmt3o.default-13726227794531\Extensions\{7b90e860-5d61-11e0-80e3-0800200c9a66}.xpi [2014-05-20]
FF Extension: Adblock Plus - C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\de0wmt3o.default-13726227794531\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-20]
FF Extension: Noia 4 - C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\de0wmt3o.default-13726227794531\Extensions\{faf13420-5e24-11e0-80e3-0800200c9a66}.xpi [2014-04-01]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-06-19]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-01-11]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: Eset Plugin - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011-10-20]

========================== Services (Whitelisted) =================

S3 EhttpSrv; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [20680 2009-09-29] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [735960 2009-09-29] (ESET)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-10-08] (Oracle Corporation)
R2 KPF4; C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe [1368064 2005-12-19] (Sunbelt Software) [File not signed]
S2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S4 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [584488 2011-03-04] (Nero AG)
R2 SoundMAX Agent Service (default); C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [45056 2002-09-20] (Analog Devices, Inc.) [File not signed]
R2 spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [118784 2005-04-20] () [File not signed]
S3 WiselinkPro; D:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe [4136960 2009-01-08] () [File not signed]

==================== Drivers (Whitelisted) ====================

R3 ASNDIS5; C:\WINDOWS\system32\ASNDIS5.SYS [16269 2002-09-09] (Printing Communications Assoc., Inc. (PCAUSA))
R3 BCM43XX; C:\WINDOWS\System32\DRIVERS\bcmwl5.sys [371712 2005-02-11] (Broadcom Corporation)
R3 Cam5603D; C:\WINDOWS\System32\Drivers\BisonCam.sys [666496 2005-06-28] (Bison Electronics. Inc. )
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 DCamUSBIntel; C:\WINDOWS\System32\DRIVERS\mltcap.sys [150240 2003-02-10] () [File not signed]
R1 dtsoftbus01; C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [232512 2011-10-22] (DT Soft Ltd)
R2 eamon; C:\WINDOWS\System32\DRIVERS\eamon.sys [116008 2009-09-29] (ESET)
R1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [108792 2009-09-29] (ESET)
R3 ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [34760 2007-02-16] (SlySoft, Inc.)
R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [24232 2009-02-17] (Elaborate Bytes AG)
R1 epfwtdir; C:\WINDOWS\System32\DRIVERS\epfwtdir.sys [96408 2009-09-29] (ESET)
S3 FTDIBUS; C:\WINDOWS\System32\drivers\ftdibus.sys [65896 2013-07-12] (FTDI Ltd.)
R1 fwdrv; C:\WINDOWS\system32\drivers\fwdrv.sys [274432 2005-12-15] (Sunbelt Software) [File not signed]
R2 ghaio; C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [14220 2003-08-20] () [File not signed]
R3 irsir; C:\WINDOWS\System32\DRIVERS\irsir.sys [18688 2001-08-17] (Microsoft Corporation)
R1 khips; C:\WINDOWS\system32\drivers\khips.sys [81920 2005-12-15] () [File not signed]
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
R2 MDC8021X; C:\WINDOWS\System32\DRIVERS\mdc8021x.sys [15781 2011-10-20] (Meetinghouse Data Communications) [File not signed]
S3 MidiSyn; C:\WINDOWS\System32\drivers\MidiSyn.sys [88960 2004-09-14] (Analog Devices, Inc.)
S3 MSIRCOMM; C:\WINDOWS\System32\DRIVERS\MSIRCOMM.sys [22016 2008-04-13] (Microsoft Corporation)
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ATKACPI.sys [5632 2005-02-17] ()
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
U0 qgnqgb; C:\WINDOWS\System32\drivers\rrfdqdu.sys [52440 2014-07-17] (Malwarebytes Corporation)
R3 Rasirda; C:\WINDOWS\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
R3 RTL8023xp; C:\WINDOWS\System32\DRIVERS\Rtlnicxp.sys [70144 2004-08-09] (Realtek Semiconductor Corporation )
S3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2004-08-04] (Realtek Semiconductor Corporation)
R3 senfilt; C:\WINDOWS\System32\drivers\senfilt.sys [392704 2005-03-01] (Sensaura)
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U1 WS2IFSL;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-17 22:23 - 2014-07-17 22:24 - 00017448 _____ () C:\Documents and Settings\Administrator\Pulpit\FRST.txt
2014-07-17 22:23 - 2014-07-17 22:24 - 00000000 ____D () C:\FRST
2014-07-17 22:22 - 2014-07-17 22:22 - 01077248 _____ (Farbar) C:\Documents and Settings\Administrator\Pulpit\FRST.exe
2014-07-17 22:18 - 2014-07-17 22:18 - 00052440 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\rrfdqdu.sys
2014-07-17 21:28 - 2014-07-17 21:29 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-17 21:26 - 2014-07-17 21:26 - 00000777 _____ () C:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk
2014-07-17 21:26 - 2014-07-17 21:26 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-07-17 21:26 - 2014-07-17 21:26 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes Anti-Malware
2014-07-17 21:26 - 2014-05-12 07:26 - 00053208 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-07-17 21:17 - 2014-07-17 21:19 - 10284816 _____ (Malwarebytes Corporation ) C:\Documents and Settings\Administrator\Pulpit\mbam-setup-1.75.0.1300.exe
2014-07-17 21:14 - 2014-07-17 21:14 - 00000000 ____D () C:\Documents and Settings\Administrator\Pulpit\logi
2014-07-17 21:02 - 2014-07-17 21:09 - 00000000 ____D () C:\AdwCleaner
2014-07-17 21:01 - 2014-07-17 21:02 - 01354223 _____ () C:\Documents and Settings\Administrator\Pulpit\adwcleaner_3.216.exe
2014-07-17 18:15 - 2014-07-17 18:19 - 00055626 _____ () C:\Documents and Settings\Administrator\Pulpit\Extras.Txt
2014-07-17 18:15 - 2014-07-17 18:16 - 00075726 _____ () C:\Documents and Settings\Administrator\Pulpit\OTL.Txt
2014-07-17 17:58 - 2014-07-17 17:58 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Administrator\Pulpit\OTL.exe
2014-07-17 17:45 - 2014-07-17 17:45 - 00001996 _____ () C:\Documents and Settings\Administrator\Pulpit\HiJackThis.lnk
2014-07-17 17:45 - 2014-07-17 17:45 - 00000000 ____D () C:\Program Files\Trend Micro
2014-07-17 17:45 - 2014-07-17 17:45 - 00000000 ____D () C:\Documents and Settings\Administrator\Menu Start\Programy\HiJackThis
2014-07-17 17:44 - 2014-07-17 17:44 - 01402880 _____ () C:\Documents and Settings\Administrator\Pulpit\HijackThis.msi
2014-07-17 17:40 - 2014-07-17 17:40 - 00000538 _____ () C:\Documents and Settings\Administrator\Pulpit\Kontynuuj instalację HijackThis 2.0.4.lnk
2014-07-17 17:38 - 2014-07-17 17:39 - 00683784 _____ ( ) C:\Documents and Settings\Administrator\Pulpit\HijackThis 2.0.4.exe
2014-07-14 19:15 - 2014-07-14 19:15 - 00013785 _____ () C:\Documents and Settings\Administrator\Pulpit\[www.tnt24.info] AutoMapa_6.16_1406_EU Patcher 3.4.2 instrukcja patchowania [maniek8902].torrent
2014-07-13 01:01 - 2014-07-13 01:01 - 00017911 _____ () C:\Documents and Settings\Administrator\Pulpit\[www.tnt24.info] W Witrynach Odbicia - Masz I Pomyśl - MT.torrent
2014-07-01 20:54 - 2014-07-01 20:54 - 00054649 _____ () C:\Documents and Settings\Administrator\Pulpit\[www.tnt24.info] Wkręceni _2014_ [DVDrip] [XviD-CiNEMAET-SAVED] [Film PL].torrent
2014-06-29 17:42 - 2014-06-29 17:42 - 00000000 ____D () C:\Documents and Settings\Administrator\Pulpit\Nowy folder
2014-06-23 20:08 - 2014-06-23 20:08 - 04412733 _____ () C:\Documents and Settings\Administrator\Pulpit\Odcinek A1 - 37 docelowa org.ruchu.dwg
2014-06-21 12:53 - 2014-06-21 12:54 - 00017555 _____ () C:\Documents and Settings\Administrator\Pulpit\[www.tnt24.info] Eldo - Chi _2014_ [mp3@320] [MhzStyle!].torrent
2014-06-19 21:58 - 2014-06-19 22:00 - 00000000 ____D () C:\Program Files\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2014-07-20 20:06 - 2013-10-12 16:05 - 00000464 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{768D7B46-4239-46C3-A28C-AF5B92A1B385}.job
2014-07-20 17:33 - 2012-04-28 23:40 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Google Drive
2014-07-20 17:30 - 2014-02-12 21:05 - 00000000 ____D () C:\Documents and Settings\Administrator\Dane aplikacji\GmailNotifierPro
2014-07-17 22:24 - 2014-07-17 22:23 - 00017448 _____ () C:\Documents and Settings\Administrator\Pulpit\FRST.txt
2014-07-17 22:24 - 2014-07-17 22:23 - 00000000 ____D () C:\FRST
2014-07-17 22:24 - 2011-10-21 16:00 - 00000000 ____D () C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp
2014-07-17 22:23 - 2011-10-21 16:00 - 00000000 ____D () C:\Documents and Settings\Administrator\Pulpit
2014-07-17 22:22 - 2014-07-17 22:22 - 01077248 _____ (Farbar) C:\Documents and Settings\Administrator\Pulpit\FRST.exe
2014-07-17 22:18 - 2014-07-17 22:18 - 00052440 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\rrfdqdu.sys
2014-07-17 22:18 - 2014-04-26 00:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$
2014-07-17 22:12 - 2011-10-20 21:18 - 01379882 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-17 22:07 - 2012-10-26 23:39 - 00000930 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-07-17 21:40 - 2011-11-05 20:48 - 00001036 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-17 21:29 - 2014-07-17 21:28 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-17 21:26 - 2014-07-17 21:26 - 00000777 _____ () C:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk
2014-07-17 21:26 - 2014-07-17 21:26 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-07-17 21:26 - 2014-07-17 21:26 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes Anti-Malware
2014-07-17 21:26 - 2012-03-11 20:15 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
2014-07-17 21:26 - 2012-03-11 20:15 - 00000000 ____D () C:\Documents and Settings\Administrator\Dane aplikacji\Malwarebytes
2014-07-17 21:26 - 2011-10-20 23:06 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy
2014-07-17 21:26 - 2011-10-20 23:06 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit
2014-07-17 21:25 - 2012-03-11 20:15 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-07-17 21:19 - 2014-07-17 21:17 - 10284816 _____ (Malwarebytes Corporation ) C:\Documents and Settings\Administrator\Pulpit\mbam-setup-1.75.0.1300.exe
2014-07-17 21:14 - 2014-07-17 21:14 - 00000000 ____D () C:\Documents and Settings\Administrator\Pulpit\logi
2014-07-17 21:14 - 2011-10-20 21:41 - 00000197 _____ () C:\ASWL2K.ini
2014-07-17 21:12 - 2014-02-12 21:05 - 00000000 ____D () C:\Program Files\Gmail Notifier Pro
2014-07-17 21:11 - 2014-04-26 13:10 - 00000224 _____ () C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job
2014-07-17 21:11 - 2011-11-05 20:48 - 00001032 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-17 21:11 - 2011-10-20 23:10 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-07-17 21:11 - 2011-10-20 23:10 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2014-07-17 21:11 - 2011-10-20 21:25 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-17 21:10 - 2011-10-21 16:00 - 00000188 ___SH () C:\Documents and Settings\Administrator\ntuser.ini
2014-07-17 21:10 - 2011-10-20 21:25 - 00032636 _____ () C:\WINDOWS\SchedLgU.Txt
2014-07-17 21:09 - 2014-07-17 21:02 - 00000000 ____D () C:\AdwCleaner
2014-07-17 21:08 - 2011-10-21 16:00 - 00000000 ___HD () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji
2014-07-17 21:07 - 2011-10-20 23:06 - 00000000 __RHD () C:\Documents and Settings\All Users\Dane aplikacji
2014-07-17 21:02 - 2014-07-17 21:01 - 01354223 _____ () C:\Documents and Settings\Administrator\Pulpit\adwcleaner_3.216.exe
2014-07-17 18:56 - 2014-04-07 20:25 - 00056468 _____ () C:\Documents and Settings\Administrator\Pulpit\słówka.xlsx
2014-07-17 18:19 - 2014-07-17 18:15 - 00055626 _____ () C:\Documents and Settings\Administrator\Pulpit\Extras.Txt
2014-07-17 18:16 - 2014-07-17 18:15 - 00075726 _____ () C:\Documents and Settings\Administrator\Pulpit\OTL.Txt
2014-07-17 17:58 - 2014-07-17 17:58 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Administrator\Pulpit\OTL.exe
2014-07-17 17:45 - 2014-07-17 17:45 - 00001996 _____ () C:\Documents and Settings\Administrator\Pulpit\HiJackThis.lnk
2014-07-17 17:45 - 2014-07-17 17:45 - 00000000 ____D () C:\Program Files\Trend Micro
2014-07-17 17:45 - 2014-07-17 17:45 - 00000000 ____D () C:\Documents and Settings\Administrator\Menu Start\Programy\HiJackThis
2014-07-17 17:45 - 2011-10-21 16:00 - 00000000 ___RD () C:\Documents and Settings\Administrator\Menu Start\Programy
2014-07-17 17:44 - 2014-07-17 17:44 - 01402880 _____ () C:\Documents and Settings\Administrator\Pulpit\HijackThis.msi
2014-07-17 17:40 - 2014-07-17 17:40 - 00000538 _____ () C:\Documents and Settings\Administrator\Pulpit\Kontynuuj instalację HijackThis 2.0.4.lnk
2014-07-17 17:39 - 2014-07-17 17:38 - 00683784 _____ ( ) C:\Documents and Settings\Administrator\Pulpit\HijackThis 2.0.4.exe
2014-07-17 16:25 - 2013-03-22 20:20 - 00001020 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1482476501-796845957-839522115-500UA.job
2014-07-17 16:22 - 2001-07-21 22:17 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-07-15 16:42 - 2011-11-21 20:27 - 00000000 ____D () C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent
2014-07-14 19:25 - 2013-03-22 20:20 - 00000998 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1482476501-796845957-839522115-500Core.job
2014-07-14 19:21 - 2014-01-24 21:43 - 00000846 _____ () C:\Documents and Settings\Administrator\Pulpit\µTorrent.lnk
2014-07-14 19:21 - 2014-01-24 21:43 - 00000846 _____ () C:\Documents and Settings\Administrator\Menu Start\µTorrent.lnk
2014-07-14 19:20 - 2014-02-16 23:11 - 00000880 _____ () C:\Documents and Settings\All Users\Pulpit\µTorrent.lnk
2014-07-14 19:15 - 2014-07-14 19:15 - 00013785 _____ () C:\Documents and Settings\Administrator\Pulpit\[www.tnt24.info] AutoMapa_6.16_1406_EU Patcher 3.4.2 instrukcja patchowania [maniek8902].torrent
2014-07-13 14:49 - 2011-10-25 19:58 - 01181388 _____ () C:\Documents and Settings\Administrator\Pulpit\necik.xlsx
2014-07-13 01:01 - 2014-07-13 01:01 - 00017911 _____ () C:\Documents and Settings\Administrator\Pulpit\[www.tnt24.info] W Witrynach Odbicia - Masz I Pomyśl - MT.torrent
2014-07-10 22:42 - 2014-06-14 18:34 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-07-10 22:37 - 2011-10-21 19:03 - 93585272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-07-10 22:36 - 2011-10-21 22:29 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help
2014-07-03 20:30 - 2011-10-21 21:45 - 00000000 ____D () C:\Documents and Settings\Administrator\Pulpit\Ania
2014-07-01 20:54 - 2014-07-01 20:54 - 00054649 _____ () C:\Documents and Settings\Administrator\Pulpit\[www.tnt24.info] Wkręceni _2014_ [DVDrip] [XviD-CiNEMAET-SAVED] [Film PL].torrent
2014-06-29 17:42 - 2014-06-29 17:42 - 00000000 ____D () C:\Documents and Settings\Administrator\Pulpit\Nowy folder
2014-06-23 20:08 - 2014-06-23 20:08 - 04412733 _____ () C:\Documents and Settings\Administrator\Pulpit\Odcinek A1 - 37 docelowa org.ruchu.dwg
2014-06-22 01:44 - 2011-10-23 00:52 - 03234858 _____ () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-S-1-5-21-1482476501-796845957-839522115-500-0.dat
2014-06-22 01:44 - 2011-10-23 00:52 - 00285150 _____ () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat
2014-06-21 12:54 - 2014-06-21 12:53 - 00017555 _____ () C:\Documents and Settings\Administrator\Pulpit\[www.tnt24.info] Eldo - Chi _2014_ [mp3@320] [MhzStyle!].torrent
2014-06-20 10:37 - 2012-05-06 21:42 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-06-19 22:00 - 2014-06-19 21:58 - 00000000 ____D () C:\Program Files\Mozilla Firefox

Some content of TEMP:
====================
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\Quarantine.exe
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\utt8AC.tmp.exe
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\uttA4A.tmp.exe
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\uttB07.tmp.exe
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\uttE93.tmp.exe


==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe = & gt; File is digitally signed
C:\WINDOWS\system32\winlogon.exe = & gt; File is digitally signed
C:\WINDOWS\system32\svchost.exe = & gt; File is digitally signed
C:\WINDOWS\system32\services.exe = & gt; File is digitally signed
C:\WINDOWS\system32\User32.dll = & gt; File is digitally signed
C:\WINDOWS\system32\userinit.exe = & gt; File is digitally signed
C:\WINDOWS\system32\rpcss.dll = & gt; File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys = & gt; File is digitally signed

==================== End Of Log ============================