Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2014 Ran by Właściciel (administrator) on AREK-C193AC5A6B on 12-03-2014 17:31:09 Running from C:\fixitpc\frst Microsoft Windows XP Home Edition Dodatek Service Pack 3 (X86) OS Language: Polish Internet Explorer Version 8 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE (Nuance Communications, Inc.) C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Panda Security, S.L.) C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAMain.exe (Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe (IGN Entertainment Inc.) C:\Program Files\GameSpy\Comrade\Comrade.exe (Brother Industries, Ltd.) C:\Program Files\Brother\ControlCenter3\brccMCtl.exe (Silicon Motion) C:\Program Files\USB2.0 UVC WebCam\USB2.0 UVC WebCam\STIMON.exe (ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft, Inc.) C:\Program Files\ArcSoft\TotalMedia 3.5\TMMonitor.exe (Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe (Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe (Panda Security, S.L.) C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe (PC Tools) C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe (Panda Security, S.L.) C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAService.exe (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDCPL] - C:\WINDOWS\RTHDCPL.EXE [16857600 2008-02-13] (Realtek Semiconductor Corp.) HKLM\...\Run: [Alcmtr] - C:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.) HKLM\...\Run: [SSBkgdUpdate] - C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.) HKLM\...\Run: [PaperPort PTD] - C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [29984 2007-10-11] (Nuance Communications, Inc.) HKLM\...\Run: [IndexSearch] - C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [46368 2007-10-11] (Nuance Communications, Inc.) HKLM\...\Run: [PPort11reminder] - C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe [328992 2007-08-31] (Nuance Communications, Inc.) HKLM\...\Run: [BrMfcWnd] - C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [1089536 2008-02-19] (Brother Industries, Ltd.) HKLM\...\Run: [Sony Ericsson PC Suite] - C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [487424 2006-11-24] () HKLM\...\Run: [ControlCenter3] - C:\Program Files\Brother\ControlCenter3\brctrcen.exe [86016 2007-12-21] (Brother Industries, Ltd.) HKLM\...\Run: [ArcSoft Connection Service] - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.) HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM\...\Run: [PSUAMain] - C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAMain.exe [32736 2013-10-19] (Panda Security, S.L.) Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.) HKU\S-1-5-21-1390067357-1202660629-1177238915-1003\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\daemon.exe [490952 2008-07-24] (DT Soft Ltd) HKU\S-1-5-21-1390067357-1202660629-1177238915-1003\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation) HKU\S-1-5-21-1390067357-1202660629-1177238915-1003\...\Run: [Comrade.exe] - C:\Program Files\GameSpy\Comrade\Comrade.exe [36864 2007-06-08] (IGN Entertainment Inc.) Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\STIMON.lnk ShortcutTarget: STIMON.lnk -> C:\Program Files\USB2.0 UVC WebCam\USB2.0 UVC WebCam\STIMON.exe (Silicon Motion) Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\TMMonitor.lnk ShortcutTarget: TMMonitor.lnk -> C:\Program Files\ArcSoft\TotalMedia 3.5\TMMonitor.exe (ArcSoft, Inc.) Startup: C:\Documents and Settings\Właściciel\Menu Start\Programy\Autostart\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk ShortcutTarget: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKLM - DefaultScope value is missing. BHO: BitComet Helper - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.1.10.dll (BitComet) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKCU - &Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) Toolbar: HKCU - &Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Chrome: ======= ========================== Services (Whitelisted) ================= R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-03-08] (Oracle Corporation) R2 NanoServiceMain; C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe [140768 2013-10-03] (Panda Security, S.L.) R2 PCToolsSSDMonitorSvc; C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [793048 2012-04-26] (PC Tools) R2 PSUAService; C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAService.exe [37344 2013-10-19] (Panda Security, S.L.) ==================== Drivers (Whitelisted) ==================== R3 Afc; C:\WINDOWS\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.) R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [278984 2009-01-10] () S3 BrScnUsb; C:\WINDOWS\System32\DRIVERS\BrScnUsb.sys [15295 2004-10-15] (Brother Industries Ltd.) S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [16384 2004-07-09] (Microsoft Corporation) S3 gdrv; C:\WINDOWS\gdrv.sys [16608 2008-12-03] (Windows (R) 2000 DDK provider) R3 HdAudAddService; C:\WINDOWS\System32\drivers\AtiHdAud.sys [84992 2006-12-28] (ATI Research Inc.) S3 k510bus; C:\WINDOWS\System32\DRIVERS\k510bus.sys [58288 2006-02-17] (MCCI) S3 k510mdfl; C:\WINDOWS\System32\DRIVERS\k510mdfl.sys [8336 2006-02-17] (MCCI) S3 k510mdm; C:\WINDOWS\System32\DRIVERS\k510mdm.sys [94064 2006-02-17] (MCCI) S3 k510mgmt; C:\WINDOWS\System32\DRIVERS\k510mgmt.sys [85408 2006-02-17] (MCCI) S3 k510obex; C:\WINDOWS\System32\DRIVERS\k510obex.sys [83344 2006-02-17] (MCCI) R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [18048 2008-12-20] () S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10112 2004-07-09] (Microsoft Corporation) R1 NNSALPC; C:\WINDOWS\System32\DRIVERS\NNSAlpc.sys [84200 2013-05-29] (Panda Security, S.L.) R1 NNSHTTP; C:\WINDOWS\System32\DRIVERS\NNSHttp.sys [126184 2013-05-29] (Panda Security, S.L.) R1 NNSHTTPS; C:\WINDOWS\System32\DRIVERS\NNSHttps.sys [107752 2013-05-29] (Panda Security, S.L.) R1 NNSIDS; C:\WINDOWS\System32\DRIVERS\NNSIds.sys [124648 2013-05-29] (Panda Security, S.L.) R3 NNSNAHS; C:\WINDOWS\System32\DRIVERS\NNSNAHS.sys [39520 2013-03-26] (Panda Security, S.L.) R1 NNSPICC; C:\WINDOWS\System32\DRIVERS\NNSPicc.sys [95464 2013-05-29] (Panda Security, S.L.) R1 NNSPIHS; C:\WINDOWS\System32\DRIVERS\NNSPihs.sys [52328 2013-05-29] (Panda Security, S.L.) R1 NNSPOP3; C:\WINDOWS\System32\DRIVERS\NNSPop3.sys [106344 2013-05-29] (Panda Security, S.L.) R1 NNSPROT; C:\WINDOWS\System32\DRIVERS\NNSProt.sys [287336 2013-05-29] (Panda Security, S.L.) R1 NNSPRV; C:\WINDOWS\System32\DRIVERS\NNSPrv.sys [161384 2013-05-29] (Panda Security, S.L.) R1 NNSSMTP; C:\WINDOWS\System32\DRIVERS\NNSSmtp.sys [108904 2013-05-29] (Panda Security, S.L.) R1 NNSSTRM; C:\WINDOWS\System32\DRIVERS\NNSStrm.sys [230376 2013-05-29] (Panda Security, S.L.) R1 NNSTLSC; C:\WINDOWS\System32\DRIVERS\NNSTlsc.sys [93928 2013-05-29] (Panda Security, S.L.) R2 PSINAflt; C:\WINDOWS\System32\DRIVERS\PSINAflt.sys [145640 2013-10-17] (Panda Security, S.L.) R2 PSINFile; C:\WINDOWS\System32\DRIVERS\PSINFile.sys [103528 2013-10-11] (Panda Security, S.L.) R1 PSINKNC; C:\WINDOWS\System32\DRIVERS\psinknc.sys [179944 2013-10-11] (Panda Security, S.L.) R2 PSINProc; C:\WINDOWS\System32\DRIVERS\PSINProc.sys [115048 2013-10-11] (Panda Security, S.L.) R2 PSINProt; C:\WINDOWS\System32\DRIVERS\PSINProt.sys [128232 2013-10-11] (Panda Security, S.L.) S3 PSINReg; C:\WINDOWS\System32\DRIVERS\PSINReg.sys [97896 2013-10-11] (Panda Security, S.L.) U3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [47632 2013-04-29] (Panda Security, S.L.) S3 SE27bus; C:\WINDOWS\System32\DRIVERS\SE27bus.sys [61600 2006-09-18] (MCCI) S3 SE27mdfl; C:\WINDOWS\System32\DRIVERS\SE27mdfl.sys [9360 2006-09-18] (MCCI) S3 SE27mdm; C:\WINDOWS\System32\DRIVERS\SE27mdm.sys [97184 2006-09-18] (MCCI) S3 SE27mgmt; C:\WINDOWS\System32\DRIVERS\SE27mgmt.sys [88688 2006-09-18] (MCCI) S3 se27nd5; C:\WINDOWS\System32\DRIVERS\se27nd5.sys [18704 2006-09-18] (MCCI) S3 SE27obex; C:\WINDOWS\System32\DRIVERS\SE27obex.sys [86560 2006-09-18] (MCCI) S3 se27unic; C:\WINDOWS\System32\DRIVERS\se27unic.sys [90800 2006-09-18] (MCCI) S3 se46bus; C:\WINDOWS\System32\DRIVERS\se46bus.sys [61536 2006-11-30] (MCCI) S3 se46mdfl; C:\WINDOWS\System32\DRIVERS\se46mdfl.sys [9360 2006-11-30] (MCCI) S3 se46mdm; C:\WINDOWS\System32\DRIVERS\se46mdm.sys [97088 2006-11-30] (MCCI) S3 se46mgmt; C:\WINDOWS\System32\DRIVERS\se46mgmt.sys [88624 2006-11-30] (MCCI) S3 se46nd5; C:\WINDOWS\System32\DRIVERS\se46nd5.sys [18704 2006-11-30] (MCCI) S3 se46obex; C:\WINDOWS\System32\DRIVERS\se46obex.sys [86432 2006-11-30] (MCCI) S3 se46unic; C:\WINDOWS\System32\DRIVERS\se46unic.sys [90800 2006-11-30] (MCCI) R0 sfsync04; C:\WINDOWS\System32\drivers\sfsync04.sys [49664 2005-12-12] (Protection Technology) S1 wceusbsh; C:\WINDOWS\System32\DRIVERS\wceusbsh.sys [31872 2008-04-14] (Microsoft Corporation) S4 IntelIde; No ImagePath S4 sptd; System32\Drivers\sptd.sys [X] U1 WS2IFSL; ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-03-12 17:29 - 2013-04-29 08:17 - 00047632 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys 2014-03-12 17:18 - 2014-03-12 17:22 - 00000000 ____D () C:\AdwCleaner 2014-03-11 11:56 - 2014-03-11 11:56 - 00000000 ____D () C:\Documents and Settings\Właściciel\Moje dokumenty\KONAMI 2014-03-10 11:07 - 2014-03-10 11:07 - 00000000 ____D () C:\fixitpc 2014-03-10 11:00 - 2014-03-10 11:00 - 00020792 _____ () C:\Documents and Settings\Właściciel\gmer.txt 2014-03-10 10:15 - 2014-03-12 17:11 - 00000000 ____D () C:\FRST 2014-03-08 11:14 - 2014-03-12 17:27 - 00393216 _____ () C:\WINDOWS\system32\config\Nano.evt 2014-03-08 11:14 - 2014-03-08 11:14 - 00000000 ____D () C:\Program Files\Panda Security 2014-03-08 11:14 - 2014-03-08 11:14 - 00000000 ____D () C:\Documents and Settings\Właściciel\Dane aplikacji\Panda Security 2014-03-08 11:14 - 2014-03-08 11:14 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Panda Cloud Antivirus 2014-03-08 11:14 - 2014-03-08 11:14 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Panda Security 2014-03-08 11:00 - 2014-03-08 11:00 - 00000000 ____D () C:\Program Files\Common Files\Java 2014-03-08 11:00 - 2014-03-08 11:00 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Java 2014-03-08 11:00 - 2014-03-08 10:59 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe 2014-03-08 11:00 - 2014-03-08 10:59 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe 2014-03-08 11:00 - 2014-03-08 10:59 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe 2014-03-08 11:00 - 2014-03-08 10:59 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll 2014-02-14 15:44 - 2014-02-14 15:44 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$ 2014-02-14 15:36 - 2014-02-14 15:37 - 00011773 _____ () C:\WINDOWS\KB2909921-IE8.log 2014-02-14 15:36 - 2014-02-14 15:36 - 00004761 _____ () C:\WINDOWS\KB2909210-IE8.log 2014-02-14 09:43 - 2014-02-14 15:44 - 00013599 _____ () C:\WINDOWS\KB2916036.log ==================== One Month Modified Files and Folders ======= 2014-03-12 17:31 - 2014-03-10 10:15 - 00000000 ____D () C:\FRST 2014-03-12 17:30 - 2008-12-03 19:16 - 02005787 _____ () C:\WINDOWS\WindowsUpdate.log 2014-03-12 17:29 - 2008-12-03 20:11 - 00000259 _____ () C:\WINDOWS\wiadebug.log 2014-03-12 17:29 - 2008-12-03 20:11 - 00000050 _____ () C:\WINDOWS\wiaservc.log 2014-03-12 17:28 - 2008-12-03 19:19 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-03-12 17:27 - 2014-03-08 11:14 - 00393216 _____ () C:\WINDOWS\system32\config\Nano.evt 2014-03-12 17:27 - 2008-12-03 19:19 - 00032606 _____ () C:\WINDOWS\SchedLgU.Txt 2014-03-12 17:27 - 2008-12-03 19:19 - 00000188 ___SH () C:\Documents and Settings\Właściciel\ntuser.ini 2014-03-12 17:22 - 2014-03-12 17:18 - 00000000 ____D () C:\AdwCleaner 2014-03-12 17:19 - 2008-12-03 20:09 - 00000000 __RHD () C:\Documents and Settings\All Users\Dane aplikacji 2014-03-12 17:19 - 2008-12-03 19:19 - 00000000 __RHD () C:\Documents and Settings\Właściciel\Dane aplikacji 2014-03-12 17:15 - 2013-02-26 07:04 - 00000930 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-03-12 14:15 - 2013-02-26 07:04 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2014-03-12 14:15 - 2013-02-26 07:04 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2014-03-11 11:56 - 2014-03-11 11:56 - 00000000 ____D () C:\Documents and Settings\Właściciel\Moje dokumenty\KONAMI 2014-03-11 11:56 - 2008-12-03 19:19 - 00000000 ___RD () C:\Documents and Settings\Właściciel\Moje dokumenty 2014-03-10 11:07 - 2014-03-10 11:07 - 00000000 ____D () C:\fixitpc 2014-03-10 11:00 - 2014-03-10 11:00 - 00020792 _____ () C:\Documents and Settings\Właściciel\gmer.txt 2014-03-10 11:00 - 2008-12-03 19:19 - 00000000 ____D () C:\Documents and Settings\Właściciel 2014-03-10 10:34 - 2008-04-15 13:00 - 00002422 _____ () C:\WINDOWS\system32\wpa.dbl 2014-03-09 09:18 - 2008-12-03 20:08 - 00165912 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-03-08 11:26 - 2010-07-15 20:51 - 00825921 _____ () C:\WINDOWS\setupapi.log 2014-03-08 11:17 - 2008-12-03 19:19 - 00000000 ____D () C:\Documents and Settings\LocalService\Dane aplikacji 2014-03-08 11:14 - 2014-03-08 11:14 - 00000000 ____D () C:\Program Files\Panda Security 2014-03-08 11:14 - 2014-03-08 11:14 - 00000000 ____D () C:\Documents and Settings\Właściciel\Dane aplikacji\Panda Security 2014-03-08 11:14 - 2014-03-08 11:14 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Panda Cloud Antivirus 2014-03-08 11:14 - 2014-03-08 11:14 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Panda Security 2014-03-08 11:14 - 2008-12-03 20:09 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy 2014-03-08 11:14 - 2008-12-03 19:29 - 00031392 _____ () C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT 2014-03-08 11:00 - 2014-03-08 11:00 - 00000000 ____D () C:\Program Files\Common Files\Java 2014-03-08 11:00 - 2014-03-08 11:00 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Java 2014-03-08 10:59 - 2014-03-08 11:00 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe 2014-03-08 10:59 - 2014-03-08 11:00 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe 2014-03-08 10:59 - 2014-03-08 11:00 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe 2014-03-08 10:59 - 2014-03-08 11:00 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll 2014-03-08 10:59 - 2010-02-08 11:30 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl 2014-03-08 10:59 - 2010-02-08 11:30 - 00000000 ____D () C:\Program Files\Java 2014-03-08 10:50 - 2012-06-14 04:16 - 00000000 ____D () C:\Program Files\PC Tools Registry Mechanic 2014-03-07 18:34 - 2008-12-03 20:10 - 00000091 _____ () C:\Documents and Settings\Właściciel\default.pls 2014-03-07 18:34 - 2008-12-03 20:09 - 00000069 _____ () C:\WINDOWS\NeroDigital.ini 2014-03-07 10:03 - 2008-12-03 20:09 - 01117350 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2014-03-07 10:03 - 2008-04-15 13:00 - 00500480 _____ () C:\WINDOWS\system32\perfh015.dat 2014-03-07 10:03 - 2008-04-15 13:00 - 00089662 _____ () C:\WINDOWS\system32\perfc015.dat 2014-03-04 19:10 - 2008-12-03 19:19 - 00000000 __SHD () C:\Documents and Settings\Właściciel\Ustawienia lokalne\Historia 2014-03-04 19:01 - 2012-06-14 18:00 - 00006432 _____ () C:\WINDOWS\system32\AppLog.log 2014-03-03 18:00 - 2008-12-03 19:14 - 00099788 ____C () C:\WINDOWS\wmsetup.log 2014-02-22 15:53 - 2010-06-07 11:52 - 00001324 _____ () C:\WINDOWS\system32\d3d9caps.dat 2014-02-21 11:27 - 2013-06-28 10:05 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Google Drive 2014-02-15 09:29 - 2008-12-03 19:23 - 00000000 ____D () C:\WINDOWS\Microsoft.NET 2014-02-14 15:44 - 2014-02-14 15:44 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$ 2014-02-14 15:44 - 2014-02-14 09:43 - 00013599 _____ () C:\WINDOWS\KB2916036.log 2014-02-14 15:44 - 2008-12-29 21:05 - 00232231 _____ () C:\WINDOWS\updspapi.log 2014-02-14 15:44 - 2008-12-03 20:09 - 02033226 _____ () C:\WINDOWS\FaxSetup.log 2014-02-14 15:44 - 2008-12-03 20:09 - 00995382 _____ () C:\WINDOWS\ocgen.log 2014-02-14 15:44 - 2008-12-03 20:09 - 00787679 _____ () C:\WINDOWS\tsoc.log 2014-02-14 15:44 - 2008-12-03 20:09 - 00682201 _____ () C:\WINDOWS\comsetup.log 2014-02-14 15:44 - 2008-12-03 20:09 - 00413586 _____ () C:\WINDOWS\ntdtcsetup.log 2014-02-14 15:44 - 2008-12-03 20:09 - 00321500 _____ () C:\WINDOWS\iis6.log 2014-02-14 15:44 - 2008-12-03 20:09 - 00127386 _____ () C:\WINDOWS\ocmsn.log 2014-02-14 15:44 - 2008-12-03 20:09 - 00102513 _____ () C:\WINDOWS\msgsocm.log 2014-02-14 15:44 - 2008-12-03 20:09 - 00001374 _____ () C:\WINDOWS\imsins.log 2014-02-14 15:40 - 2013-08-27 07:29 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-02-14 15:37 - 2014-02-14 15:36 - 00011773 _____ () C:\WINDOWS\KB2909921-IE8.log 2014-02-14 15:37 - 2010-02-08 16:42 - 00000000 ____D () C:\WINDOWS\ie8updates 2014-02-14 15:37 - 2008-12-29 21:57 - 85946576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-02-14 15:37 - 2008-12-03 20:09 - 00001374 _____ () C:\WINDOWS\imsins.BAK 2014-02-14 15:36 - 2014-02-14 15:36 - 00004761 _____ () C:\WINDOWS\KB2909210-IE8.log 2014-02-14 12:07 - 2010-12-08 05:36 - 00000000 ____D () C:\Documents and Settings\Właściciel\Moje dokumenty\Moje obrazy ==================== Bamital & volsnap Check ================= C:\WINDOWS\explorer.exe [2008-04-15 13:00] - [2008-04-15 13:00] - 1035264 ____A (Microsoft Corporation) c791ed9eac5e76d9525e157b1d7a599a C:\WINDOWS\system32\winlogon.exe [2008-04-15 13:00] - [2008-04-15 13:00] - 0510464 ____A (Microsoft Corporation) 51fd2e13d723857b9ca239ae77150f48 C:\WINDOWS\system32\svchost.exe [2008-04-15 13:00] - [2008-04-15 13:00] - 0014336 ____A (Microsoft Corporation) 8607d35d92528e2df386f19a960d23ce C:\WINDOWS\system32\services.exe [2008-04-15 13:00] - [2009-02-09 12:25] - 0111104 ____A (Microsoft Corporation) 02a467e27af55f7064c5b251e587315f C:\WINDOWS\system32\User32.dll [2008-04-15 13:00] - [2008-04-15 13:00] - 0580096 ____A (Microsoft Corporation) a435c5c069afd901751ac323ad238793 C:\WINDOWS\system32\userinit.exe [2008-04-15 13:00] - [2008-04-15 13:00] - 0026624 ____A (Microsoft Corporation) 2a5b37d520508be6570a3ea79695f5b5 C:\WINDOWS\system32\rpcss.dll [2008-04-15 13:00] - [2009-02-09 11:53] - 0401408 ____A (Microsoft Corporation) a37311d9d628c1042a2836731787f0f3 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected. C:\WINDOWS\system32\Drivers\volsnap.sys [2008-04-15 13:00] - [2008-04-15 13:00] - 0052864 ____A (Microsoft Corporation) 56b191ac5fc0df219949c95a6c87afe7 ==================== End Of Log ============================