Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 31-10-2013 Ran by PA (administrator) on PA-KOMPUTER on 05-11-2013 12:35:23 Running from C:\Users\PA\Downloads Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: Polish Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) =================== (ActivIdentity) C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe (ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\acevents.exe (Firebird Project) C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe (Symantec Corporation) C:\Program Files\Norton AntiVirus\Engine\21.1.0.18\NAV.exe (Symantec Corporation) C:\Program Files\Norton Identity Safe\Engine\2013.3.0.26\ccSvcHst.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Firebird Project) C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe (Symantec Corporation) C:\Program Files\Norton AntiVirus\Engine\21.1.0.18\NAV.exe (Symantec Corporation) C:\Program Files\Norton Identity Safe\Engine\2013.3.0.26\ccSvcHst.exe (Realtek Semiconductor Corp.) C:\Windows\SOUNDMAN.EXE (S3 Graphics, Inc.) C:\Windows\System32\VTTimer.exe (ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\acevents.exe (ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe (ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\acsagent.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [SoundMan] - C:\Windows\SOUNDMAN.EXE [604704 2009-04-14] (Realtek Semiconductor Corp.) HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM\...\Run: [VTTimer] - C:\Windows\System32\VTTimer.exe [53248 2005-03-08] (S3 Graphics, Inc.) HKLM\...\Run: [VTTrayp] - C:\Windows\System32\VTTrayp.exe [163840 2005-11-01] (S3 Graphics Co., Ltd.) HKLM\...\Run: [acevents] - C:\Program Files\ActivIdentity\ActivClient\acevents.exe [153640 2010-03-04] (ActivIdentity) HKLM\...\Run: [] - [x] HKLM\...\Run: [accrdsub] - C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [402984 2010-03-04] (ActivIdentity) HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [248040 2010-02-18] (Sun Microsystems, Inc.) MountPoints2: {30acedcb-bb76-11e1-be9b-806e6f6e6963} - F:\bankmillennium.exe ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\21.1.0.18\ips\ipsbho.dll (Symantec Corporation) BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files\Norton Identity Safe\Engine\2013.3.0.26\CoIEPlg.dll (Symantec Corporation) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files\Norton Identity Safe\Engine\2013.3.0.26\CoIEPlg.dll (Symantec Corporation) DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab Tcpip\..\Interfaces\{EA4C58DC-E3F4-4CA4-AABF-F945E5D46FAD}: [NameServer]192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\PA\AppData\Roaming\Mozilla\Firefox\Profiles\181opx6n.default FF Homepage: www.google.pl FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll () FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Extension: abhere2 - C:\Users\PA\AppData\Roaming\Mozilla\Firefox\Profiles\181opx6n.default\Extensions\abhere2@moztw.org.xpi FF Extension: savedpasswordeditor - C:\Users\PA\AppData\Roaming\Mozilla\Firefox\Profiles\181opx6n.default\Extensions\savedpasswordeditor@daniel.dawson.xpi FF Extension: defaults - C:\Users\PA\AppData\Roaming\Mozilla\Firefox\Profiles\181opx6n.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi FF HKLM\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2013.3.0.26\coFFPlgn\ FF Extension: Norton Identity Safe Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2013.3.0.26\coFFPlgn\ FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.0.2.1\IPSFF FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.0.2.1\IPSFF ========================== Services (Whitelisted) ================= R2 ac.sharedstore; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [207400 2009-06-03] (ActivIdentity) R2 FirebirdGuardianDefaultInstance; C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe [98304 2011-10-03] (Firebird Project) R3 FirebirdServerDefaultInstance; C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe [3764224 2011-10-03] (Firebird Project) R2 NAV; C:\Program Files\Norton AntiVirus\Engine\21.1.0.18\diMaster.dll [567600 2013-10-08] (Symantec Corporation) R2 NCO; C:\Program Files\Norton Identity Safe\Engine\2013.3.0.26\diMaster.dll [551728 2013-02-06] (Symantec Corporation) ==================== Drivers (Whitelisted) ==================== R3 ALCXWDM; C:\Windows\System32\drivers\RTKVAC.SYS [4172832 2009-06-18] (Realtek Semiconductor Corp.) R1 BHDrvx86; C:\Program Files\Norton AntiVirus\NortonData\21.0.2.1\Definitions\BASHDefs\20131022.001\BHDrvx86.sys [1096280 2013-10-23] (Symantec Corporation) R1 ccSet_NAV; C:\Windows\system32\drivers\NAV\1501000.012\ccSetx86.sys [127064 2013-09-26] (Symantec Corporation) R1 ccSet_NST; C:\Windows\system32\drivers\NST\7DD03000.01A\ccSetx86.sys [134304 2012-11-16] (Symantec Corporation) R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376920 2013-09-02] (Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [108120 2013-09-02] (Symantec Corporation) S3 EZUSB; C:\Windows\System32\DRIVERS\ezusb.sys [58108 2009-09-28] (Castles Technology Co.,Ltd) R3 FETND6V; C:\Windows\System32\DRIVERS\fetnd6v.sys [43520 2008-09-22] (VIA Technologies, Inc. ) S3 FETNDIS; C:\Windows\System32\DRIVERS\fetnd6.sys [44032 2009-07-13] (VIA Technologies, Inc. ) R1 IDSVix86; C:\Program Files\Norton AntiVirus\NortonData\21.0.2.1\Definitions\IPSDefs\20131101.001\IDSvix86.sys [393816 2013-10-29] (Symantec Corporation) R3 NAVENG; C:\Program Files\Norton AntiVirus\NortonData\21.0.2.1\Definitions\VirusDefs\20131104.024\NAVENG.SYS [93272 2013-11-01] (Symantec Corporation) R3 NAVEX15; C:\Program Files\Norton AntiVirus\NortonData\21.0.2.1\Definitions\VirusDefs\20131104.024\NAVEX15.SYS [1612376 2013-11-01] (Symantec Corporation) R3 SRTSP; C:\Windows\System32\Drivers\NAV\1501000.012\SRTSP.SYS [651352 2013-09-27] (Symantec Corporation) R1 SRTSPX; C:\Windows\system32\drivers\NAV\1501000.012\SRTSPX.SYS [32344 2013-07-31] (Symantec Corporation) R0 SymDS; C:\Windows\System32\drivers\NAV\1501000.012\SYMDS.SYS [367704 2013-08-01] (Symantec Corporation) R0 SymEFA; C:\Windows\System32\drivers\NAV\1501000.012\SYMEFA.SYS [935512 2013-09-27] (Symantec Corporation) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [142936 2013-10-01] (Symantec Corporation) R1 SymIRON; C:\Windows\system32\drivers\NAV\1501000.012\Ironx86.SYS [206936 2013-07-31] (Symantec Corporation) R1 SymNetS; C:\Windows\System32\Drivers\NAV\1501000.012\SYMNETS.SYS [446552 2013-09-26] (Symantec Corporation) S3 viagfx; C:\Windows\System32\DRIVERS\vtmini.sys [244352 2006-02-08] (Copyright (C) VIA/S3 Graphics Co, Ltd.) R0 vidsflt58; C:\Windows\System32\DRIVERS\vsflt58.sys [84512 2012-09-24] (Acronis) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-11-05 12:35 - 2013-11-05 12:35 - 00000000 ____D C:\FRST 2013-11-05 12:32 - 2013-11-05 12:32 - 00040806 _____ C:\Users\PA\Downloads\Extras.Txt 2013-11-05 12:30 - 2013-11-05 12:30 - 00055116 _____ C:\Users\PA\Downloads\OTL.Txt 2013-11-05 12:09 - 2013-11-05 12:09 - 00377856 _____ C:\Users\PA\Downloads\6lfxnckj.exe 2013-11-05 12:08 - 2013-11-05 12:07 - 01089445 _____ (Farbar) C:\Users\PA\Downloads\FRST.exe 2013-11-05 12:05 - 2013-11-05 12:05 - 00602112 _____ (OldTimer Tools) C:\Users\PA\Downloads\OTL.exe 2013-11-04 18:31 - 2013-11-04 18:31 - 00131072 ____N C:\Windows\Minidump\110413-88468-01.dmp 2013-11-04 17:35 - 2013-11-04 17:35 - 00131072 ____N C:\Windows\Minidump\110413-22843-01.dmp 2013-11-04 08:40 - 2013-11-04 08:40 - 00000000 ____D C:\Program Files\DLLSuite 2013-10-16 07:07 - 2013-10-16 07:08 - 00000000 ____D C:\Users\PA\AppData\Local\{C8D5995C-69C2-4715-840A-1476783599AF} 2013-10-10 13:33 - 2013-09-23 00:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-10-10 13:33 - 2013-09-23 00:28 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-10-10 13:33 - 2013-09-23 00:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-10-10 13:33 - 2013-09-23 00:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-10-10 13:33 - 2013-09-23 00:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-10-10 13:33 - 2013-09-23 00:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-10-10 13:33 - 2013-09-23 00:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-10-10 13:33 - 2013-09-23 00:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-10-10 13:33 - 2013-09-23 00:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-10-10 13:33 - 2013-09-23 00:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-10-10 13:33 - 2013-09-23 00:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-10-10 13:33 - 2013-09-21 04:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-10-10 13:33 - 2013-09-21 03:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-10-10 13:32 - 2013-09-23 00:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-10-10 13:32 - 2013-09-23 00:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-10-10 13:32 - 2013-09-23 00:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-10-10 06:42 - 2013-09-14 01:48 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2013-10-10 06:42 - 2013-09-08 03:07 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2013-10-10 06:42 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll 2013-10-10 06:42 - 2013-08-29 02:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2013-10-10 06:42 - 2013-08-29 02:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2013-10-10 06:42 - 2013-08-29 02:50 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2013-10-10 06:42 - 2013-08-29 02:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2013-10-10 06:42 - 2013-08-29 02:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2013-10-10 06:42 - 2013-08-28 02:04 - 02348544 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2013-10-10 06:42 - 2013-08-28 01:57 - 00434688 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll 2013-10-10 06:42 - 2013-08-01 12:03 - 00729024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2013-10-10 06:42 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2013-10-10 06:42 - 2013-07-12 11:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys 2013-10-10 06:42 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll 2013-10-10 06:42 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll 2013-10-10 06:42 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll 2013-10-10 06:42 - 2013-07-04 10:48 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2013-10-10 06:42 - 2013-07-03 04:36 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys 2013-10-10 06:42 - 2013-07-03 04:36 - 00025728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys 2013-10-10 06:42 - 2013-06-06 05:52 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2013-10-10 06:42 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2013-10-10 06:42 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2013-10-10 06:42 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2013-10-10 06:42 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2013-10-10 06:41 - 2013-06-25 23:56 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys 2013-10-09 15:03 - 2013-10-09 15:03 - 00000000 ____D C:\Users\PA\AppData\Local\{9CA60F78-49AD-4E6F-9D68-9D0670D70245} ==================== One Month Modified Files and Folders ======= 2013-11-05 12:35 - 2013-11-05 12:35 - 00000000 ____D C:\FRST 2013-11-05 12:32 - 2013-11-05 12:32 - 00040806 _____ C:\Users\PA\Downloads\Extras.Txt 2013-11-05 12:30 - 2013-11-05 12:30 - 00055116 _____ C:\Users\PA\Downloads\OTL.Txt 2013-11-05 12:09 - 2013-11-05 12:09 - 00377856 _____ C:\Users\PA\Downloads\6lfxnckj.exe 2013-11-05 12:08 - 2009-07-14 05:34 - 00014976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-11-05 12:08 - 2009-07-14 05:34 - 00014976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-11-05 12:07 - 2013-11-05 12:08 - 01089445 _____ (Farbar) C:\Users\PA\Downloads\FRST.exe 2013-11-05 12:05 - 2013-11-05 12:05 - 00602112 _____ (OldTimer Tools) C:\Users\PA\Downloads\OTL.exe 2013-11-05 11:51 - 2012-06-04 16:28 - 01549696 _____ C:\Windows\system32\PerfStringBackup.INI 2013-11-05 11:51 - 2009-07-14 09:07 - 00697674 _____ C:\Windows\system32\perfh015.dat 2013-11-05 11:51 - 2009-07-14 09:07 - 00134784 _____ C:\Windows\system32\perfc015.dat 2013-11-05 11:49 - 2013-04-22 06:01 - 00012936 _____ C:\Windows\setupact.log 2013-11-05 11:49 - 2012-06-04 16:13 - 01596056 _____ C:\Windows\WindowsUpdate.log 2013-11-05 11:46 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-11-04 18:32 - 2012-06-25 13:47 - 00000000 ____D C:\Windows\Minidump 2013-11-04 18:31 - 2013-11-04 18:31 - 00131072 ____N C:\Windows\Minidump\110413-88468-01.dmp 2013-11-04 17:35 - 2013-11-04 17:35 - 00131072 ____N C:\Windows\Minidump\110413-22843-01.dmp 2013-11-04 08:40 - 2013-11-04 08:40 - 00000000 ____D C:\Program Files\DLLSuite 2013-11-03 16:16 - 2012-06-05 05:54 - 00749004 _____ C:\Windows\PFRO.log 2013-11-02 09:24 - 2012-08-27 10:47 - 00000000 ____D C:\Users\PA\exsell 2013-10-31 07:46 - 2012-08-29 10:54 - 00000000 ____D C:\ProgramData\firebird 2013-10-28 08:59 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF 2013-10-18 10:17 - 2013-09-02 07:57 - 00000000 ____D C:\Windows\system32\Drivers\NAV 2013-10-16 13:05 - 2013-08-16 14:00 - 00000000 ____D C:\Windows\system32\MRT 2013-10-16 13:02 - 2012-06-14 08:06 - 78106760 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-10-16 07:08 - 2013-10-16 07:07 - 00000000 ____D C:\Users\PA\AppData\Local\{C8D5995C-69C2-4715-840A-1476783599AF} 2013-10-14 08:23 - 2012-10-12 08:29 - 00000000 ____D C:\Windows\rescache 2013-10-11 08:27 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Microsoft.NET 2013-10-11 05:55 - 2009-07-14 05:33 - 00408504 _____ C:\Windows\system32\FNTCACHE.DAT 2013-10-11 05:54 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\pl-PL 2013-10-09 15:03 - 2013-10-09 15:03 - 00000000 ____D C:\Users\PA\AppData\Local\{9CA60F78-49AD-4E6F-9D68-9D0670D70245} Some content of TEMP: ==================== C:\Users\Nauczyciele\AppData\Local\Temp\ICReinstall_VuuPC_Setup.exe C:\Users\PA\AppData\Local\Temp\ose00000.exe C:\Users\PA\AppData\Local\Temp\ose00001.exe ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-10-31 00:00 ==================== End Of Log ============================