Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015 Ran by EPS (administrator) on ACER3000 on 22-03-2015 18:59:19 Running from C:\Documents and Settings\EPS\Moje dokumenty\sos Loaded Profiles: EPS (Available profiles: EPS) Platform: Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polski Internet Explorer Version 8 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) () C:\WINDOWS\system32\WLTRYSVC.EXE (Broadcom Corporation) C:\WINDOWS\system32\BCMWLTRY.EXE (Realtek Semiconductor Corp.) C:\WINDOWS\SOUNDMAN.EXE (Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe (Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe (Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe (Visicom Media Inc.) C:\Documents and Settings\All Users\Dane aplikacji\Panda Security URL Filtering\Panda_URL_Filtering.exe (Microsoft Corporation) C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation) C:\PROGRA~1\MI3AA1~1\rapimgr.exe () C:\Documents and Settings\All Users\Dane aplikacji\MobileBrServ\mbbService.exe (Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe (Panda Security, S.L.) C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe (Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SoundMan] => C:\WINDOWS\SOUNDMAN.EXE [77824 2005-02-23] (Realtek Semiconductor Corp.) HKLM\...\Run: [SiSPower] => Rundll32.exe SiSPower.dll,ModeAgent HKLM\...\Run: [BluetoothAuthenticationAgent] => rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent HKLM\...\Run: [PSUAMain] => C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe [40184 2015-02-27] (Panda Security, S.L.) HKLM\...\Run: [Panda Security URL Filtering] => C:\Documents and Settings\All Users\Dane aplikacji\Panda Security URL Filtering\Panda_URL_Filtering.exe [304952 2014-09-19] (Visicom Media Inc.) HKLM\...\Winlogon: [Shell] C:\WINDOWS\Explorer.exe [1035264 2008-04-14] (Microsoft Corporation) HKU\S-1-5-21-682003330-484763869-839522115-1003\...\Run: [H/PC Connection Agent] => C:\Program Files\Microsoft ActiveSync\Wcescomm.exe [1289000 2006-11-13] (Microsoft Corporation) HKU\S-1-5-21-682003330-484763869-839522115-1003\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 Startup: C:\Documents and Settings\EPS\Menu Start\Programy\Autostart\WTW.lnk ShortcutTarget: WTW.lnk -> C:\Program Files\K2T\WTW\wtw.exe (K2T.eu, Kaworu) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-682003330-484763869-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://pl.yahoo.com?fr=fp-comodo HKU\S-1-5-21-682003330-484763869-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-682003330-484763869-839522115-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.myhoome.com/ SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-682003330-484763869-839522115-1003 -> {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = http://pl.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1376168012714 DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1376327943890 Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Documents and Settings\EPS\Dane aplikacji\Mozilla\Firefox\Profiles\ne9lduhd.default FF Homepage: hxxp://pl.yahoo.com?fr=fp-comodo FF DefaultSearchEngine: Yahoo FF SelectedSearchEngine: Yahoo FF Keyword.URL: hxxp://pl.search.yahoo.com/search?fr=ytff-comodo&p= FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q= FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation) FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2013-10-02] ( ) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll [2014-06-21] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll [2014-06-21] (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-682003330-484763869-839522115-1003: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll [2014-01-08] (Unity Technologies ApS) FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\pandasecuritytb.xml [2015-03-21] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-06-10] FF Extension: No Name - C:\Documents and Settings\EPS\Dane aplikacji\Mozilla\Firefox\Profiles\ne9lduhd.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} [Not Found] FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found] Chrome: ======= CHR DefaultSuggestURL: Profile 1 -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter} CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\39.0.2171.99\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\39.0.2171.99\ppGoogleNaClPluginChrome.dll No File CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\39.0.2171.99\pdf.dll () CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation) CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.)) CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation) CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File CHR Profile: C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default CHR Extension: (Free Windows Apps) - C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aiebpfofbjccilocdcobkkkkecciknlo [2015-02-19] CHR Extension: (Google Docs) - C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-10] CHR Extension: (Google Drive) - C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-10] CHR Extension: (Brushed) - C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\bfjgbcjfpbbfepcccpaffkjofcmglifg [2014-01-17] CHR Extension: (YouTube) - C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-10] CHR Extension: (Adblock Plus) - C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-08-15] CHR Extension: (Google Search) - C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-10] CHR Extension: (Eliminator Slajdów) - C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\eplekpmdodlgejgogbojajncdlapamff [2013-08-15] CHR Extension: (Weather) - C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\fapbbpdnlcmiolkdfjnnjhabmcndadad [2014-01-16] CHR Extension: (Office Editing for Docs, Sheets & Slides) - C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj [2015-02-18] CHR Extension: (Tokonda Messenger) - C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ghonobjagekcnpkhcpjekbbejnjdlomg [2015-02-17] CHR Extension: (SearchPreview) - C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\hcjdanpjacpeeppdjkppebobilhaglfo [2014-01-15] CHR Extension: (New Tab Page by Speed Dial Team) - C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\idgeoanibcknhniccgaoaiolihidecjn [2014-01-15] CHR Extension: (Instant Translate) - C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ihmgiclibbndffejedjimfjmfoabpcke [2013-08-15] CHR Extension: (Poczta o2) - C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\kdhkhehdcicfckijbllglgdkegdnhplm [2014-10-22] CHR Extension: (Image Properties Context Menu) - C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\khagclindddokccfbmfmckaflngbmpon [2013-08-15] CHR Extension: (Forecastfox Lite) - C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\miooijfbinpacpdpfpgpjigoajajelpo [2015-02-19] CHR Extension: (Google Wallet) - C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-26] CHR Extension: (Hover Zoom) - C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2013-08-15] CHR Extension: (Scientific Calculator) - C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\npoipmeppdioagbkigdlnpmjphnolaog [2014-01-15] CHR Extension: (Google Quick Scroll) - C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc [2013-08-15] CHR Extension: (My IP Address) - C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pinipodgkaoigpmhmmchojdmleccamce [2014-01-15] CHR Extension: (iReader) - C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ppelffpjgkifjfgnbaaldcehkpajlmbc [2014-01-15] CHR Profile: C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 1 CHR Extension: (Google Docs) - C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-10] CHR Extension: (Google Drive) - C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-10] CHR Extension: (Weather (extension)) - C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 1\Extensions\beapnbfmjmjhhfpaoajfhjbbfnnlfpnc [2015-02-17] CHR Extension: (YouTube) - C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-10] CHR Extension: (Google Search) - C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-10] CHR Extension: (Search by Image (by Google)) - C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 1\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2013-08-15] CHR Extension: (Eliminator Slajdów) - C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 1\Extensions\eplekpmdodlgejgogbojajncdlapamff [2014-11-19] CHR Extension: (AdBlock) - C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-08-15] CHR Extension: (Instant Translate) - C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 1\Extensions\ihmgiclibbndffejedjimfjmfoabpcke [2013-08-15] CHR Extension: (Poczta o2) - C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 1\Extensions\kdhkhehdcicfckijbllglgdkegdnhplm [2014-11-19] CHR Extension: (Advanced start page) - C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 1\Extensions\lhlflcpjmbmnhfehipheboagibdjgmog [2015-02-17] CHR Extension: (Google Wallet) - C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23] CHR Extension: (Google Quick Scroll) - C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 1\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc [2013-08-15] CHR Extension: (Gmail) - C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-10] CHR HKLM\...\Chrome\Extension: [fdhbkaahephniejapepaiggngjnedpci] - https://clients2.google.com/service/update2/crx ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 Mobile Broadband HL Service; C:\Documents and Settings\All Users\Dane aplikacji\MobileBrServ\mbbservice.exe [232288 2012-03-12] () R2 NanoServiceMain; C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe [142584 2015-02-27] (Panda Security, S.L.) R2 PandaAgent; C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe [66808 2014-10-09] (Panda Security, S.L.) R2 PSUAService; C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe [38136 2015-02-27] (Panda Security, S.L.) R2 wltrysvc; C:\WINDOWS\System32\bcmwltry.exe [827499 2004-12-22] (Broadcom Corporation) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [17801 2013-08-10] (Meetinghouse Data Communications) [File not signed] R3 ALCXWDM; C:\WINDOWS\System32\drivers\ALCXWDM.SYS [2311680 2005-02-24] (Realtek Semiconductor Corp.) [File not signed] R3 BCM43XX; C:\WINDOWS\System32\DRIVERS\bcmwl5.sys [369024 2004-12-22] (Broadcom Corporation) S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation) R1 CFRMD; C:\WINDOWS\System32\DRIVERS\CFRMD.sys [36112 2013-05-07] (Windows (R) Win 7 DDK provider) R3 DKbFltr; C:\WINDOWS\System32\Drivers\DKbFltr.sys [16896 2004-12-08] (Dritek System Inc.) [File not signed] R1 HMD; C:\WINDOWS\System32\DRIVERS\hmd.sys [14272 2013-10-04] () S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation) S3 nmwcd; C:\WINDOWS\System32\drivers\ccdcmb.sys [18560 2013-01-23] (Nokia) [File not signed] S3 nmwcdc; C:\WINDOWS\System32\drivers\ccdcmbo.sys [23168 2013-01-23] (Nokia) [File not signed] R1 NNSALPC; C:\WINDOWS\System32\DRIVERS\NNSAlpc.sys [86800 2015-02-09] (Panda Security, S.L.) R1 NNSHTTP; C:\WINDOWS\System32\DRIVERS\NNSHttp.sys [202128 2015-02-09] (Panda Security, S.L.) R1 NNSHTTPS; C:\WINDOWS\System32\DRIVERS\NNSHttps.sys [109584 2015-02-09] (Panda Security, S.L.) R1 NNSIDS; C:\WINDOWS\System32\DRIVERS\NNSIds.sys [126480 2015-02-09] (Panda Security, S.L.) R3 NNSNAHS; C:\WINDOWS\System32\DRIVERS\NNSNAHS.sys [46480 2014-10-21] (Panda Security, S.L.) R1 NNSPICC; C:\WINDOWS\System32\DRIVERS\NNSPicc.sys [99856 2015-02-09] (Panda Security, S.L.) R1 NNSPIHS; C:\WINDOWS\System32\DRIVERS\NNSPihs.sys [52112 2015-02-09] (Panda Security, S.L.) R1 NNSPOP3; C:\WINDOWS\System32\DRIVERS\NNSPop3.sys [120592 2015-02-09] (Panda Security, S.L.) R1 NNSPROT; C:\WINDOWS\System32\DRIVERS\NNSProt.sys [281232 2015-02-09] (Panda Security, S.L.) R1 NNSPRV; C:\WINDOWS\System32\DRIVERS\NNSPrv.sys [205456 2015-02-09] (Panda Security, S.L.) R1 NNSSMTP; C:\WINDOWS\System32\DRIVERS\NNSSmtp.sys [108432 2015-02-09] (Panda Security, S.L.) R1 NNSSTRM; C:\WINDOWS\System32\DRIVERS\NNSStrm.sys [239888 2015-02-09] (Panda Security, S.L.) R1 NNSTLSC; C:\WINDOWS\System32\DRIVERS\NNSTlsc.sys [94864 2015-02-09] (Panda Security, S.L.) S3 pccsmcfd; C:\WINDOWS\System32\DRIVERS\pccsmcfd.sys [19072 2012-10-17] (Nokia) [File not signed] R2 PSINAflt; C:\WINDOWS\System32\DRIVERS\PSINAflt.sys [140816 2015-02-25] (Panda Security, S.L.) R2 PSINFile; C:\WINDOWS\System32\DRIVERS\PSINFile.sys [103312 2015-02-25] (Panda Security, S.L.) R1 PSINKNC; C:\WINDOWS\System32\DRIVERS\psinknc.sys [172432 2015-02-25] (Panda Security, S.L.) R2 PSINProc; C:\WINDOWS\System32\DRIVERS\PSINProc.sys [114704 2015-02-25] (Panda Security, S.L.) R2 PSINProt; C:\WINDOWS\System32\DRIVERS\PSINProt.sys [124944 2015-02-25] (Panda Security, S.L.) R2 PSINReg; C:\WINDOWS\System32\DRIVERS\PSINReg.sys [100624 2015-02-25] (Panda Security, S.L.) R3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [50320 2015-01-29] (Panda Security, S.L.) R3 SiS315; C:\WINDOWS\System32\DRIVERS\sisgrp.sys [240640 2005-03-01] (Silicon Integrated Systems Corporation) R1 SiSkp; C:\WINDOWS\System32\DRIVERS\srvkp.sys [13312 2005-02-25] (Silicon Integrated Systems Corporation) S3 SISNIC; C:\WINDOWS\System32\DRIVERS\sisnic.sys [32768 2004-08-03] (SiS Corporation) R3 SISNICXP; C:\WINDOWS\System32\DRIVERS\sisnicxp.sys [32768 2004-11-05] (SiS Corporation) S3 SNP325; C:\WINDOWS\System32\DRIVERS\snp325.sys [10260864 2007-03-07] (Sonix Co. Ltd.) [File not signed] R1 StarOpen; C:\WINDOWS\system32\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed] R3 SynTP; C:\WINDOWS\System32\DRIVERS\SynTP.sys [185824 2004-10-08] (Synaptics, Inc.) [File not signed] S3 upperdev; C:\WINDOWS\System32\DRIVERS\usbser_lowerflt.sys [8192 2013-01-23] (Nokia) [File not signed] S3 UsbserFilt; C:\WINDOWS\System32\DRIVERS\usbser_lowerfltj.sys [8192 2013-01-23] (Nokia) [File not signed] S3 wceusbsh; C:\WINDOWS\System32\DRIVERS\wceusbsh.sys [28672 2006-11-06] (Microsoft Corporation) S2 ASPI32; No ImagePath S4 IntelIde; No ImagePath U5 NwlnkIpx; C:\Windows\System32\Drivers\NwlnkIpx.sys [88320 2008-04-13] (Microsoft Corporation) U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-22 18:51 - 2015-03-22 18:52 - 00006790 _____ () C:\WINDOWS\FaxSetup.log 2015-03-22 18:51 - 2015-03-22 18:52 - 00006652 _____ () C:\WINDOWS\iis6.log 2015-03-22 18:51 - 2015-03-22 18:52 - 00005684 _____ () C:\WINDOWS\ocgen.log 2015-03-22 18:51 - 2015-03-22 18:52 - 00004598 _____ () C:\WINDOWS\tsoc.log 2015-03-22 18:51 - 2015-03-22 18:52 - 00002493 _____ () C:\WINDOWS\comsetup.log 2015-03-22 18:51 - 2015-03-22 18:52 - 00001917 _____ () C:\WINDOWS\imsins.log 2015-03-22 18:51 - 2015-03-22 18:52 - 00001804 _____ () C:\WINDOWS\ntdtcsetup.log 2015-03-22 18:51 - 2015-03-22 18:52 - 00001592 _____ () C:\WINDOWS\netfxocm.log 2015-03-22 18:51 - 2015-03-22 18:52 - 00000719 _____ () C:\WINDOWS\MedCtrOC.log 2015-03-22 18:51 - 2015-03-22 18:52 - 00000469 _____ () C:\WINDOWS\ocmsn.log 2015-03-22 18:51 - 2015-03-22 18:52 - 00000430 _____ () C:\WINDOWS\msgsocm.log 2015-03-22 18:51 - 2015-03-22 18:52 - 00000319 _____ () C:\WINDOWS\tabletoc.log 2015-03-22 18:51 - 2015-03-22 18:51 - 00001918 _____ () C:\WINDOWS\msmqinst.log 2015-03-22 18:51 - 2015-03-22 18:51 - 00000000 _____ () C:\WINDOWS\setuperr.log 2015-03-22 18:51 - 2015-03-22 18:51 - 00000000 _____ () C:\WINDOWS\setupact.log 2015-03-21 18:13 - 2015-03-21 18:13 - 00090112 _____ () C:\WINDOWS\Minidump\Mini032115-01.dmp 2015-03-21 13:51 - 2015-03-22 18:59 - 00000000 ____D () C:\FRST 2015-03-21 13:38 - 2015-03-22 18:59 - 00000000 ____D () C:\Documents and Settings\EPS\Moje dokumenty\sos 2015-03-21 12:38 - 2015-03-21 18:47 - 00000429 _____ () C:\WINDOWS\nsw.log 2015-03-21 09:49 - 2015-03-21 09:49 - 00000000 ____D () C:\Documents and Settings\EPS\Dane aplikacji\Panda Security 2015-03-21 09:48 - 2015-01-29 18:21 - 00050320 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys 2015-03-21 09:47 - 2015-03-22 12:50 - 00000000 ____D () C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji\panda 2015-03-21 09:47 - 2015-03-21 09:47 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Panda Security URL Filtering 2015-03-21 09:44 - 2015-03-22 18:57 - 00196608 _____ () C:\WINDOWS\system32\config\Nano.evt 2015-03-21 09:44 - 2015-03-21 09:44 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Panda Free Antivirus 2015-03-21 09:32 - 2015-03-21 09:46 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Panda Security 2015-03-19 18:51 - 2015-03-22 09:13 - 00032625 _____ () C:\WINDOWS\setupapi.log 2015-03-15 22:54 - 2015-03-15 22:54 - 00090112 _____ () C:\WINDOWS\Minidump\Mini031515-01.dmp 2015-03-11 11:22 - 2015-03-11 11:22 - 00000000 ____H () C:\WINDOWS\system32\config\sam.new.LOG 2015-03-11 11:22 - 2015-03-11 11:22 - 00000000 ____H () C:\WINDOWS\system32\config\default.new.LOG 2015-03-10 10:58 - 2015-03-10 11:03 - 00011494 _____ () C:\Documents and Settings\EPS\Pulpit\Fv ORANGE do PIT'ów.xlsx 2015-02-26 19:42 - 2015-02-26 19:42 - 00003584 _____ () C:\Documents and Settings\All Users\Dane aplikacji\wtwLicensing.db 2015-02-26 19:41 - 2015-02-26 19:41 - 00000000 ____D () C:\Documents and Settings\EPS\Dane aplikacji\.wtw 2015-02-26 19:40 - 2015-02-26 19:40 - 00000000 ____D () C:\Documents and Settings\EPS\Menu Start\Programy\K2T 2015-02-26 19:36 - 2015-02-26 19:36 - 00000000 ____D () C:\Program Files\K2T 2015-02-25 20:03 - 2015-02-25 20:03 - 00172432 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINKNC.sys 2015-02-25 20:03 - 2015-02-25 20:03 - 00140816 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINAflt.sys 2015-02-25 20:03 - 2015-02-25 20:03 - 00124944 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINProt.sys 2015-02-25 20:03 - 2015-02-25 20:03 - 00114704 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINProc.sys 2015-02-25 20:03 - 2015-02-25 20:03 - 00103312 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINFile.sys 2015-02-25 20:03 - 2015-02-25 20:03 - 00100624 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINReg.sys ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-22 19:00 - 2014-05-04 17:36 - 01216316 _____ () C:\WINDOWS\WindowsUpdate.log 2015-03-22 19:00 - 2013-08-10 17:52 - 00000000 ____D () C:\Documents and Settings\EPS\Ustawienia lokalne\Temp 2015-03-22 18:58 - 2014-06-09 20:50 - 00000260 _____ () C:\WINDOWS\Tasks\WGASetup.job 2015-03-22 18:58 - 2014-05-04 17:36 - 00000159 _____ () C:\WINDOWS\wiadebug.log 2015-03-22 18:58 - 2014-05-04 17:36 - 00000050 _____ () C:\WINDOWS\wiaservc.log 2015-03-22 18:58 - 2013-08-10 17:52 - 00000000 __SHD () C:\Documents and Settings\EPS\Ustawienia lokalne\Historia 2015-03-22 18:58 - 2013-08-10 17:50 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2015-03-22 18:58 - 2013-08-10 17:50 - 00000000 __SHD () C:\Documents and Settings\LocalService\Ustawienia lokalne\Historia 2015-03-22 18:57 - 2013-08-10 17:52 - 00000188 ___SH () C:\Documents and Settings\EPS\ntuser.ini 2015-03-22 18:57 - 2013-08-10 17:50 - 00032620 _____ () C:\WINDOWS\SchedLgU.Txt 2015-03-22 18:56 - 2013-08-10 19:31 - 00000000 __SHD () C:\Documents and Settings\Default User\Ustawienia lokalne\Historia 2015-03-22 18:56 - 2013-08-10 17:50 - 00000000 ___HD () C:\Documents and Settings\NetworkService\Ustawienia lokalne\Historia 2015-03-22 18:56 - 2013-08-10 17:50 - 00000000 ____D () C:\Documents and Settings\LocalService\Ustawienia lokalne\Temp 2015-03-22 18:49 - 2013-08-10 19:31 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy 2015-03-22 18:46 - 2013-08-10 20:38 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2015-03-22 18:46 - 2013-08-10 17:52 - 00000000 ___RD () C:\Documents and Settings\EPS\Menu Start\Programy 2015-03-22 18:46 - 2013-08-10 17:52 - 00000000 ____D () C:\Documents and Settings\EPS\Pulpit 2015-03-22 18:45 - 2013-08-10 19:31 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit 2015-03-22 18:42 - 2013-08-11 09:56 - 00002315 _____ () C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Reader XI.lnk 2015-03-22 18:31 - 2013-08-11 20:03 - 00000223 _____ () C:\WINDOWS\hpbafd.ini 2015-03-21 18:13 - 2013-08-10 19:31 - 00000000 __RHD () C:\Documents and Settings\All Users\Dane aplikacji 2015-03-21 13:38 - 2013-08-10 17:52 - 00000000 ___RD () C:\Documents and Settings\EPS\Moje dokumenty 2015-03-21 13:37 - 2013-09-14 08:30 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\COMODO 2015-03-21 13:37 - 2013-09-14 08:29 - 00000000 ____D () C:\Program Files\Comodo 2015-03-21 13:36 - 2013-08-10 17:52 - 00000000 ____D () C:\Documents and Settings\EPS 2015-03-21 13:34 - 2014-04-10 08:55 - 00000000 ____D () C:\AdwCleaner 2015-03-21 13:11 - 2013-08-10 17:52 - 00000000 __RHD () C:\Documents and Settings\EPS\Dane aplikacji 2015-03-21 13:06 - 2013-08-20 16:28 - 00000000 ____D () C:\Program Files\Winamp 2015-03-21 13:05 - 2013-09-01 08:02 - 00000000 ____D () C:\Documents and Settings\EPS\Dane aplikacji\Samsung 2015-03-21 13:05 - 2013-08-10 17:54 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information 2015-03-21 13:01 - 2013-08-18 10:20 - 00000000 ____D () C:\Documents and Settings\EPS\Menu Start\Programy\HTC Home 2015-03-21 12:59 - 2013-09-27 21:46 - 00000000 ____D () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\COMODO 2015-03-21 12:59 - 2013-09-14 08:30 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Comodo 2015-03-21 12:59 - 2013-08-10 17:52 - 00000000 ___HD () C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji 2015-03-21 12:59 - 2013-08-10 17:50 - 00000000 ___HD () C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji 2015-03-21 12:49 - 2013-08-10 19:30 - 00281336 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2015-03-21 12:38 - 2014-10-26 14:45 - 00000433 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.ics 2015-03-21 09:49 - 2013-08-10 18:22 - 00069704 _____ () C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT 2015-03-21 09:46 - 2013-08-18 08:51 - 00000000 ____D () C:\Program Files\Panda Security 2015-03-19 18:06 - 2001-07-22 01:17 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl 2015-03-11 18:50 - 2013-12-26 14:24 - 00000000 ____D () C:\Documents and Settings\EPS\Moje dokumenty\Biblioteka calibre 2015-03-11 11:31 - 2015-01-09 18:59 - 04194304 _____ () C:\Documents and Settings\EPS\ntuser.bak 2015-03-11 11:31 - 2013-08-10 19:30 - 00262144 _____ () C:\WINDOWS\system32\config\SECURITY.bak 2015-03-11 11:31 - 2013-08-10 19:30 - 00024576 _____ () C:\WINDOWS\system32\config\SAM.bak 2015-03-11 11:31 - 2013-08-10 19:26 - 32243712 _____ () C:\WINDOWS\system32\config\software.bak 2015-03-11 11:31 - 2013-08-10 19:26 - 00270336 _____ () C:\WINDOWS\system32\config\default.bak 2015-03-11 11:31 - 2013-08-10 17:50 - 00233472 _____ () C:\Documents and Settings\LocalService\NTUSER.bak 2015-03-11 11:31 - 2013-08-10 17:50 - 00229376 _____ () C:\Documents and Settings\NetworkService\NTUSER.bak 2015-03-11 11:30 - 2013-08-10 17:50 - 00000000 __SHD () C:\Documents and Settings\NetworkService 2015-03-11 11:30 - 2013-08-10 17:50 - 00000000 __SHD () C:\Documents and Settings\LocalService 2015-03-10 22:50 - 2013-08-14 16:24 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help 2015-03-10 22:47 - 2014-06-14 19:18 - 00000000 ____D () C:\WINDOWS\system32\MRT 2015-03-10 22:27 - 2013-08-12 18:46 - 119837696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-03-02 11:56 - 2014-11-29 12:31 - 00014790 _____ () C:\Documents and Settings\EPS\Pulpit\zestawienie opłat.xlsx 2015-02-26 19:44 - 2013-08-10 17:52 - 00000000 ___RD () C:\Documents and Settings\EPS\Menu Start\Programy\Autostart 2015-02-23 09:01 - 2013-08-10 19:31 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy\Autostart 2015-02-23 08:54 - 2014-06-08 21:33 - 00000000 ____D () C:\Documents and Settings\EPS\Dane aplikacji\Skype ==================== Files in the root of some directories ======= 2015-02-10 06:56 - 2015-02-10 06:56 - 0000030 _____ () C:\Program Files\Exiferupdate.ini 2013-10-01 18:08 - 2013-10-01 18:08 - 0002528 _____ () C:\Documents and Settings\EPS\Dane aplikacji\$_hpcst$.hpc 2013-09-11 17:33 - 2013-09-11 17:33 - 0005120 _____ () C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-08-20 16:00 - 2013-08-20 15:58 - 0333348 _____ () C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji\searchya-speeddial.crx ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================