Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 16-09-2013 03 Ran by jan (administrator) on HP550 on 17-09-2013 17:44:23 Running from E:\do laptopa Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polish Internet Explorer Version 6 Boot Mode: Normal ==================== Processes (Whitelisted) =================== (Microsoft Corporation) C:\WINDOWS\system32\savedump.exe (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe (Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe (Intel Corporation) C:\WINDOWS\system32\igfxpers.exe (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe (Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe (Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office\WINWORD.EXE (Microsoft Corporation) C:\WINDOWS\msagent\AgentSvr.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [HotKeysCmds] - C:\WINDOWS\system32\hkcmd.exe [ ] () HKLM\...\Run: [SoundMAXPnP] - C:\Program Files\Analog Devices\Core\smax4pnp.exe [872448 2013-09-17] (Analog Devices, Inc.) HKLM\...\Run: [SoundMAX] - C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [729088 2013-09-17] (Analog Devices, Inc.) HKLM\...\Run: [NeroFilterCheck] - C:\WINDOWS\system32\NeroCheck.exe [155648 2013-09-17] (Nero AG) HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2013-09-17] (Adobe Systems Incorporated) HKCU\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [1695232 2013-09-17] (Microsoft Corporation) HKCU\...\Policies\Explorer: [ForceClassicControlPanel] 1 HKCU\...\Policies\Explorer: [NoSMMyPictures] 1 HKCU\...\Policies\Explorer: [NoSMHelp] 1 HKU\Administrator\...\RunOnce: [_nltide_3] - rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N HKU\Administrator\...\RunOnce: [tscuninstall] - C:\Windows\system32\tscupgrd.exe [ 2002-09-28] (Microsoft Corporation) HKU\Default User\...\RunOnce: [_nltide_3] - rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N HKU\Default User\...\RunOnce: [tscuninstall] - C:\Windows\system32\tscupgrd.exe [ 2002-09-28] (Microsoft Corporation) Lsa: [Authentication Packages] msv1_0 nwprovau Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com/?SearchSource=10&ctid=CT2417076 HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home URLSearchHook: gry Toolbar - {8532a8b7-c06a-41bb-936a-8ce73e4711ed} - C:\Program Files\gry\tbgry.dll (Conduit Ltd.) SearchScopes: HKLM - DefaultScope value is missing. BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO: gry Toolbar - {8532a8b7-c06a-41bb-936a-8ce73e4711ed} - C:\Program Files\gry\tbgry.dll (Conduit Ltd.) Toolbar: HKLM - gry Toolbar - {8532a8b7-c06a-41bb-936a-8ce73e4711ed} - C:\Program Files\gry\tbgry.dll (Conduit Ltd.) Toolbar: HKCU -&Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation) Toolbar: HKCU -&Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation) Toolbar: HKCU -gry Toolbar - {8532A8B7-C06A-41BB-936A-8CE73E4711ED} - C:\Program Files\gry\tbgry.dll (Conduit Ltd.) DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab Handler: vnd.ms.radio - {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINDOWS\System32\msdxm.ocx (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Documents and Settings\jan\Dane aplikacji\Mozilla\Firefox\Profiles\lhhh2ecf.default FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF Plugin: @real.com/nppl3260;version=6.0.11.2852 - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF Plugin: @real.com/nppl3260;version=6.0.12.46 - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprpjplug;version=6.0.12.1662 - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprpjplug;version=6.0.12.46 - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) ========================== Services (Whitelisted) ================= R2 NWCWorkstation; C:\Windows\System32\nwwks.dll [65536 2008-04-14] (Microsoft Corporation) S3 SCardDrv; C:\Windows\System32\SCardSvr.exe [98304 2008-04-14] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== S3 Axtmvflt; C:\Windows\System32\DRIVERS\Axtmvflt.sys [6144 2009-02-25] (Axesstel) S3 Axtmvmdm; C:\Windows\System32\DRIVERS\Axtmvmdm.sys [40064 2009-02-25] (Axesstel) S3 BCM43XX; C:\Windows\System32\DRIVERS\bcmwl5.sys [1287552 2009-01-23] (Broadcom Corporation) R0 ftsata2; C:\Windows\System32\Drivers\ftsata2.sys [172032 2008-11-20] (Promise Technology, Inc.) R2 NwlnkIpx; C:\Windows\System32\DRIVERS\nwlnkipx.sys [88320 2008-04-14] (Microsoft Corporation) R2 NwlnkNb; C:\Windows\System32\DRIVERS\nwlnknb.sys [63232 2002-09-28] (Microsoft Corporation) R2 NwlnkSpx; C:\Windows\System32\DRIVERS\nwlnkspx.sys [55936 2002-09-28] (Microsoft Corporation) R3 NWRDR; C:\Windows\System32\DRIVERS\nwrdr.sys [163584 2008-04-14] (Microsoft Corporation) S3 PCAMPR5; C:\WINDOWS\system32\PCAMPR5.SYS [34688 2008-10-14] (Printing Communications Assoc., Inc. (PCAUSA)) S3 PCANDIS5; C:\WINDOWS\system32\PCANDIS5.SYS [32128 2008-06-16] (Printing Communications Assoc., Inc. (PCAUSA)) S3 ZTEusbnmeaext; C:\Windows\System32\DRIVERS\ZTEusbnmeaext.sys [103936 2008-10-14] (ZTE Incorporated) S4 IntelIde; No ImagePath U1 WS2IFSL; ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-09-17 17:42 - 2013-09-17 17:42 - 00000000 ____D C:\FRST 2013-09-14 17:07 - 2013-09-14 17:07 - 00000000 ____D C:\Documents and Settings\jan\Pulpit\Stare dane programu Firefox 2013-09-14 16:23 - 2013-09-14 16:27 - 00006191 _____ C:\WINDOWS\KB2712808.log 2013-09-14 16:23 - 2013-09-14 16:27 - 00006093 _____ C:\WINDOWS\KB2758857.log 2013-09-14 16:23 - 2013-09-14 16:26 - 00006809 _____ C:\WINDOWS\KB2876315.log 2013-09-14 16:23 - 2013-09-14 16:26 - 00006290 _____ C:\WINDOWS\KB2864063.log 2013-09-14 16:22 - 2013-09-14 16:27 - 00006610 _____ C:\WINDOWS\KB2850851.log 2013-09-14 16:17 - 2013-09-14 16:24 - 00006308 _____ C:\WINDOWS\KB2862772.log 2013-09-14 16:17 - 2013-09-14 16:23 - 00005823 _____ C:\WINDOWS\KB2780091.log 2013-09-14 16:16 - 2013-09-14 16:23 - 00006219 _____ C:\WINDOWS\KB2859537.log 2013-09-14 16:16 - 2013-09-14 16:23 - 00005822 _____ C:\WINDOWS\KB2845187.log 2013-09-14 16:15 - 2013-09-14 16:23 - 00005720 _____ C:\WINDOWS\KB2820917.log 2013-09-14 16:15 - 2013-09-14 16:23 - 00005626 _____ C:\WINDOWS\KB2757638.log 2013-09-14 16:15 - 2013-09-14 16:15 - 00004359 _____ C:\WINDOWS\KB2705219-v2.log 2013-09-14 16:14 - 2013-09-14 16:23 - 00005367 _____ C:\WINDOWS\KB2661254-v2.log 2013-09-14 16:14 - 2013-09-14 16:14 - 00004204 _____ C:\WINDOWS\KB2727528.log 2013-09-14 16:13 - 2013-09-14 16:14 - 00004462 _____ C:\WINDOWS\KB2813345.log 2013-08-23 18:56 - 2013-08-29 21:18 - 00000000 ____D C:\Program Files\Mozilla Firefox ==================== One Month Modified Files and Folders ======= 2013-09-17 17:42 - 2013-09-17 17:42 - 00000000 ____D C:\FRST 2013-09-17 17:40 - 2008-11-20 15:26 - 01861257 _____ C:\WINDOWS\WindowsUpdate.log 2013-09-17 17:40 - 2008-11-20 14:55 - 00000159 _____ C:\WINDOWS\wiadebug.log 2013-09-17 17:40 - 2008-11-20 14:55 - 00000050 _____ C:\WINDOWS\wiaservc.log 2013-09-17 17:39 - 2012-11-11 14:28 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2013-09-17 17:39 - 2008-11-20 15:01 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2013-09-17 17:39 - 2002-09-28 23:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl 2013-09-17 17:38 - 2008-11-20 15:08 - 00000188 ___SH C:\Documents and Settings\jan\ntuser.ini 2013-09-17 17:38 - 2008-11-20 15:06 - 00032518 _____ C:\WINDOWS\SchedLgU.Txt 2013-09-17 17:24 - 2002-09-28 23:00 - 00000260 _____ C:\WINDOWS\system.ini 2013-09-17 17:21 - 2010-01-10 15:51 - 00155648 _____ (Nero AG) C:\WINDOWS\system32\NeroCheck.exe 2013-09-17 17:21 - 2008-11-21 11:04 - 00539160 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcfg.exe 2013-09-17 17:21 - 2008-11-21 11:04 - 00141848 _____ (Intel Corporation) C:\WINDOWS\system32\igfxtray.exe 2013-09-17 17:16 - 2009-11-28 10:07 - 00118784 ____R () C:\Program Files\MSP_Uninstall.exe 2013-09-17 17:11 - 2013-03-31 21:35 - 01646288 _____ (Irfan Skiljan) C:\Documents and Settings\jan\Moje dokumenty\iview435_setup(dobreprogramy.pl).exe 2013-09-17 17:11 - 2008-11-21 11:04 - 00166424 _____ (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe 2013-09-17 17:11 - 2008-11-21 11:04 - 00137752 _____ (Intel Corporation) C:\WINDOWS\system32\igfxpers.exe 2013-09-14 17:11 - 2010-04-10 09:42 - 00000000 ____D C:\Documents and Settings\jan\Moje dokumenty\Pobieranie 2013-09-14 17:07 - 2013-09-14 17:07 - 00000000 ____D C:\Documents and Settings\jan\Pulpit\Stare dane programu Firefox 2013-09-14 17:07 - 2008-11-20 15:08 - 00000000 ____D C:\Documents and Settings\jan\Pulpit 2013-09-14 16:34 - 2008-11-20 15:20 - 00971182 _____ C:\WINDOWS\setupapi.log 2013-09-14 16:27 - 2013-09-14 16:23 - 00006191 _____ C:\WINDOWS\KB2712808.log 2013-09-14 16:27 - 2013-09-14 16:23 - 00006093 _____ C:\WINDOWS\KB2758857.log 2013-09-14 16:27 - 2013-09-14 16:22 - 00006610 _____ C:\WINDOWS\KB2850851.log 2013-09-14 16:26 - 2013-09-14 16:23 - 00006809 _____ C:\WINDOWS\KB2876315.log 2013-09-14 16:26 - 2013-09-14 16:23 - 00006290 _____ C:\WINDOWS\KB2864063.log 2013-09-14 16:26 - 2009-11-28 10:00 - 00000000 ____D C:\Program Files\Axesstel 2013-09-14 16:26 - 2008-11-20 14:54 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Start\Programy 2013-09-14 16:26 - 2008-11-20 14:54 - 00000000 ____D C:\Documents and Settings\All Users\Pulpit 2013-09-14 16:25 - 2008-11-20 15:08 - 00000000 ___RD C:\Documents and Settings\jan\Menu Start\Programy 2013-09-14 16:24 - 2013-09-14 16:17 - 00006308 _____ C:\WINDOWS\KB2862772.log 2013-09-14 16:23 - 2013-09-14 16:17 - 00005823 _____ C:\WINDOWS\KB2780091.log 2013-09-14 16:23 - 2013-09-14 16:16 - 00006219 _____ C:\WINDOWS\KB2859537.log 2013-09-14 16:23 - 2013-09-14 16:16 - 00005822 _____ C:\WINDOWS\KB2845187.log 2013-09-14 16:23 - 2013-09-14 16:15 - 00005720 _____ C:\WINDOWS\KB2820917.log 2013-09-14 16:23 - 2013-09-14 16:15 - 00005626 _____ C:\WINDOWS\KB2757638.log 2013-09-14 16:23 - 2013-09-14 16:14 - 00005367 _____ C:\WINDOWS\KB2661254-v2.log 2013-09-14 16:23 - 2009-01-23 21:56 - 00000000 ___HD C:\WINDOWS\$hf_mig$ 2013-09-14 16:17 - 2008-11-20 15:08 - 00000000 ____D C:\Documents and Settings\jan 2013-09-14 16:15 - 2013-09-14 16:15 - 00004359 _____ C:\WINDOWS\KB2705219-v2.log 2013-09-14 16:14 - 2013-09-14 16:14 - 00004204 _____ C:\WINDOWS\KB2727528.log 2013-09-14 16:14 - 2013-09-14 16:13 - 00004462 _____ C:\WINDOWS\KB2813345.log 2013-08-29 21:18 - 2013-08-23 18:56 - 00000000 ____D C:\Program Files\Mozilla Firefox ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe [2008-04-14 22:51] - [2008-04-14 22:51] - 1035264 ____A (Microsoft Corporation) c791ed9eac5e76d9525e157b1d7a599a C:\Windows\System32\winlogon.exe [2008-04-14 22:51] - [2008-04-14 22:51] - 0510464 ____A (Microsoft Corporation) 51fd2e13d723857b9ca239ae77150f48 C:\Windows\System32\svchost.exe [2008-04-14 22:51] - [2008-04-14 22:51] - 0014336 ____A (Microsoft Corporation) 8607d35d92528e2df386f19a960d23ce C:\Windows\System32\services.exe [2008-04-14 22:51] - [2009-02-09 13:25] - 0111104 ____A (Microsoft Corporation) 02a467e27af55f7064c5b251e587315f C:\Windows\System32\User32.dll [2008-04-14 22:50] - [2008-04-14 22:50] - 0580096 ____A (Microsoft Corporation) a435c5c069afd901751ac323ad238793 C:\Windows\System32\userinit.exe [2008-04-14 22:51] - [2008-04-14 22:51] - 0026624 ____A (Microsoft Corporation) 2a5b37d520508be6570a3ea79695f5b5 C:\Windows\System32\Drivers\volsnap.sys [2008-04-14 21:31] - [2008-04-14 21:31] - 0052864 ____A (Microsoft Corporation) 56b191ac5fc0df219949c95a6c87afe7 ==================== End Of Log ============================