Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 19-01-2014 01 Ran by Administrator (administrator) on BIURO on 19-01-2014 15:43:59 Running from C:\Documents and Settings\Administrator\Pulpit Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polish Internet Explorer Version 8 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) =================== (AVAST Software) D:\Program Files\AVAST Software\Avast\AvastSvc.exe () D:\Program Files\CDBurnerXP\NMSAccessU.exe (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\spool\drivers\w32x86\3\NetFaxServer.exe (AVAST Software) D:\Program Files\AVAST Software\Avast\AvastUI.exe (Safer-Networking Ltd.) D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\spool\drivers\w32x86\3\NetFaxTray.exe (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe (Mozilla Corporation) D:\Program Files\Mozilla Firefox\firefox.exe (Ghisler Software GmbH) D:\Program Files\totalcmd\TOTALCMD.EXE ==================== Registry (Whitelisted) ================== HKLM\...\Run: [AvastUI.exe] - d:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2014-01-18] (AVAST Software) HKCU\...\Run: [SpybotSD TeaTimer] - D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.) MountPoints2: {328ceb34-cd1f-11e2-84db-0014a5495ef1} - F:\AutoRun.exe MountPoints2: {5833506c-c152-11e1-84aa-0014a5495ef1} - F:\Launcher.exe Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Samsung Network PC Fax.lnk ShortcutTarget: Samsung Network PC Fax.lnk -> C:\WINDOWS\system32\spool\drivers\w32x86\3\NetFaxTray.exe (Samsung Electronics Co., Ltd.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - d:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - d:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) Toolbar: HKCU - &Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation) Toolbar: HKCU - &Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4 FireFox: ======== FF ProfilePath: C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\yjmseb3u.default FF user.js: detected! => C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\yjmseb3u.default\user.js FF Homepage: https://www.google.pl/ FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_43.dll () FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.) FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - d:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - d:\Program Files\AVAST Software\Avast\WebRep\FF [2014-01-18] FF StartMenuInternet: FIREFOX.EXE - D:\Program Files\Mozilla Firefox\firefox.exe Chrome: ======= CHR Extension: (Docs) - C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-18] CHR Extension: (Gmail) - C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-18] CHR Extension: (Dysk Google) - C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-18] CHR Extension: (Szukaj w Google) - C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-18] CHR Extension: (Google Wallet) - C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-18] CHR Extension: (YouTube) - C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-18] CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - d:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-01-18] ========================== Services (Whitelisted) ================= R2 avast! Antivirus; d:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-18] (AVAST Software) S4 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [181664 2013-05-18] (Oracle Corporation) R2 NMSAccessU; D:\Program Files\CDBurnerXP\NMSAccessU.exe [71096 2009-11-12] () R2 Samsung Network Fax Server; C:\WINDOWS\system32\spool\drivers\w32x86\3\NetFaxServer.exe [180224 2012-04-26] (Samsung Electronics Co., Ltd.) S2 clr_optimization_v4.0.30319_32; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [x] ==================== Drivers (Whitelisted) ==================== R3 ALCXWDM; C:\Windows\System32\drivers\ALCXWDM.SYS [3797632 2005-10-04] (Realtek Semiconductor Corp.) R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-01-18] (AVAST Software) R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [54832 2014-01-18] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2014-01-18] () R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [775952 2014-01-18] (AVAST Software) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [410528 2014-01-18] (AVAST Software) R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57672 2014-01-18] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [180248 2014-01-18] () R3 BCM43XX; C:\Windows\System32\DRIVERS\bcmwl5.sys [371712 2005-02-11] (Broadcom Corporation) R3 FETND5BV; C:\Windows\System32\DRIVERS\fetnd5bv.sys [42496 2005-03-18] (VIA Technologies, Inc. ) R0 Si3112; C:\Windows\System32\Drivers\Si3112.sys [69168 2011-01-15] (Silicon Image, Inc.) S0 Si3114r5; C:\Windows\System32\Drivers\Si3114r5.sys [211496 2011-01-15] (Silicon Image, Inc) R0 Si3124; C:\Windows\System32\Drivers\Si3124.sys [69248 2011-01-15] (Silicon Image, Inc.) R0 Si3132; C:\Windows\System32\Drivers\Si3132.sys [80424 2011-01-15] (Silicon Image, Inc) R0 Si3132r5; C:\Windows\System32\Drivers\Si3132r5.sys [217128 2011-01-15] (Silicon Image, Inc) R0 Si3531; C:\Windows\System32\Drivers\Si3531.sys [210736 2011-01-15] (Silicon Image, Inc) R2 StarOpen; C:\Windows\System32\Drivers\StarOpen.sys [5504 2009-11-12] () R0 viaagp1; C:\Windows\System32\DRIVERS\viaagp1.sys [27904 2003-07-01] (VIA Technologies, Inc.) R3 viagfx; C:\Windows\System32\DRIVERS\vtmini.sys [247040 2005-12-27] (Copyright (C) VIA/S3 Graphics Co, Ltd.) S3 adusbnet; system32\DRIVERS\adusbnet.sys [x] S3 adusbser; system32\DRIVERS\adusbser.sys [x] S3 FETNDIS; System32\DRIVERS\fetnd5.sys [x] S4 IntelIde; No ImagePath U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2011-01-15] (Microsoft Corporation) U1 WS2IFSL; ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-01-19 15:43 - 2014-01-19 15:44 - 00009023 _____ C:\Documents and Settings\Administrator\Pulpit\FRST.txt 2014-01-19 15:43 - 2014-01-19 15:43 - 00000000 ____D C:\FRST 2014-01-19 15:42 - 2014-01-19 15:42 - 01221120 _____ (Farbar) C:\Documents and Settings\Administrator\Pulpit\FRST.exe 2014-01-19 13:42 - 2014-01-18 21:45 - 00010409 _____ C:\Documents and Settings\Administrator\Pulpit\gmer.txt 2014-01-19 13:24 - 2014-01-19 13:24 - 00003725 _____ C:\Documents and Settings\Administrator\Pulpit\FSS.txt 2014-01-19 13:23 - 2014-01-19 13:23 - 00361185 _____ (Farbar) C:\Documents and Settings\Administrator\Pulpit\FSS.exe 2014-01-19 12:29 - 2014-01-19 12:29 - 00030588 _____ C:\Documents and Settings\Administrator\Pulpit\Extras.Txt 2014-01-19 12:28 - 2014-01-19 12:28 - 00060922 _____ C:\Documents and Settings\Administrator\Pulpit\OTL.Txt 2014-01-19 12:19 - 2014-01-18 21:02 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Administrator\Pulpit\OTL.exe 2014-01-18 21:35 - 2014-01-18 21:45 - 00010409 _____ C:\Documents and Settings\Administrator\Pulpit\gmer.log 2014-01-18 21:25 - 2014-01-18 21:25 - 00379904 _____ C:\Documents and Settings\Administrator\Pulpit\gmer.exe 2014-01-18 20:50 - 2014-01-18 20:50 - 00065536 _____ C:\WINDOWS\Minidump\Mini011814-01.dmp 2014-01-18 20:49 - 2014-01-18 20:49 - 00000000 __SHD C:\FOUND.006 2014-01-18 20:36 - 2014-01-18 20:36 - 00000000 ____D C:\Documents and Settings\Administrator\Dane aplikacji\AVAST Software 2014-01-18 20:35 - 2014-01-18 20:35 - 00000825 _____ C:\Documents and Settings\All Users\Pulpit\avast! Free Antivirus.lnk 2014-01-18 20:35 - 2014-01-18 20:35 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Avast 2014-01-18 20:34 - 2014-01-18 20:34 - 00001723 _____ C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk 2014-01-18 20:34 - 2014-01-18 20:34 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Google Chrome 2014-01-18 20:31 - 2014-01-18 20:31 - 00775952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys 2014-01-18 20:31 - 2014-01-18 20:31 - 00410528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2014-01-18 20:31 - 2014-01-18 20:31 - 00270240 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2014-01-18 20:31 - 2014-01-18 20:31 - 00180248 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys 2014-01-18 20:31 - 2014-01-18 20:31 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2014-01-18 20:31 - 2014-01-18 20:31 - 00057672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys 2014-01-18 20:31 - 2014-01-18 20:31 - 00054832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys 2014-01-18 20:31 - 2014-01-18 20:31 - 00049944 _____ C:\WINDOWS\system32\Drivers\aswRvrt.sys 2014-01-18 20:31 - 2014-01-18 20:31 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr 2014-01-18 20:28 - 2014-01-18 20:28 - 00410528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\rhntbukx.sys 2014-01-18 16:15 - 2014-01-18 16:15 - 00000658 _____ C:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk 2014-01-18 16:15 - 2014-01-18 16:15 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes' Anti-Malware 2014-01-18 16:15 - 2014-01-18 16:15 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes 2014-01-18 16:15 - 2014-01-18 16:15 - 00000000 ____D C:\Documents and Settings\Administrator\Dane aplikacji\Malwarebytes 2014-01-18 16:15 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2014-01-18 15:51 - 2014-01-18 15:51 - 00017056 _____ C:\WINDOWS\KB2834886.log 2014-01-18 15:51 - 2014-01-18 15:51 - 00016842 _____ C:\WINDOWS\KB2900986.log 2014-01-18 15:51 - 2014-01-18 15:51 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2900986$ 2014-01-18 15:51 - 2014-01-18 15:51 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2868626$ 2014-01-18 15:51 - 2014-01-18 15:51 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2847311$ 2014-01-18 15:51 - 2014-01-18 15:51 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2834886$ 2014-01-18 15:48 - 2014-01-18 15:49 - 00019916 _____ C:\WINDOWS\KB2898785-IE8.log 2014-01-18 15:48 - 2014-01-18 15:48 - 00012207 _____ C:\WINDOWS\KB2862335.log 2014-01-18 15:48 - 2014-01-18 15:48 - 00011451 _____ C:\WINDOWS\KB2904266.log 2014-01-18 15:48 - 2014-01-18 15:48 - 00008791 _____ C:\WINDOWS\KB2834904-v2.log 2014-01-18 15:48 - 2014-01-18 15:48 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2904266$ 2014-01-18 15:48 - 2014-01-18 15:48 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2898715$ 2014-01-18 15:48 - 2014-01-18 15:48 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2876217$ 2014-01-18 15:48 - 2014-01-18 15:48 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2864063$ 2014-01-18 15:48 - 2014-01-18 15:48 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2862335$ 2014-01-18 15:48 - 2014-01-18 15:48 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2845187$ 2014-01-18 15:48 - 2014-01-18 15:48 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$ 2014-01-18 15:47 - 2014-01-18 15:51 - 00006429 _____ C:\WINDOWS\updspapi.log 2014-01-18 15:47 - 2014-01-18 15:47 - 00010274 _____ C:\WINDOWS\KB2868038.log 2014-01-18 15:47 - 2014-01-18 15:47 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2893294$ 2014-01-18 15:47 - 2014-01-18 15:47 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2876331$ 2014-01-18 15:47 - 2014-01-18 15:47 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2868038$ 2014-01-18 15:47 - 2014-01-18 15:47 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2862152$ 2014-01-18 15:47 - 2014-01-18 15:47 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2859537$ 2014-01-18 15:47 - 2014-01-18 15:47 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2850869$ 2014-01-18 15:46 - 2014-01-18 15:46 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2893984$ 2014-01-18 15:46 - 2014-01-18 15:46 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2892075$ 2014-01-18 15:46 - 2014-01-18 15:46 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2862330$ 2014-01-18 15:43 - 2014-01-18 15:43 - 00000000 ____D C:\WINDOWS\system32\MRT 2014-01-18 15:42 - 2014-01-18 15:42 - 00009162 _____ C:\WINDOWS\KB2914368.log 2014-01-18 15:42 - 2014-01-18 15:42 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2914368$ 2014-01-18 15:42 - 2014-01-18 15:42 - 00000000 _____ C:\WINDOWS\setuperr.log 2014-01-18 09:51 - 2014-01-18 15:51 - 00024921 _____ C:\WINDOWS\KB2868626.log 2014-01-18 09:50 - 2014-01-18 15:51 - 00024031 _____ C:\WINDOWS\KB2847311.log 2014-01-18 09:48 - 2014-01-18 15:48 - 00019464 _____ C:\WINDOWS\KB2898715.log 2014-01-18 09:47 - 2014-01-18 15:48 - 00018451 _____ C:\WINDOWS\KB2876217.log 2014-01-18 09:47 - 2014-01-18 15:48 - 00018130 _____ C:\WINDOWS\KB2845187.log 2014-01-18 09:47 - 2014-01-18 15:48 - 00017927 _____ C:\WINDOWS\KB2864063.log 2014-01-18 09:47 - 2013-07-03 03:12 - 00025088 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidparse.sys 2014-01-18 09:46 - 2014-01-18 15:47 - 00017404 _____ C:\WINDOWS\KB2862152.log 2014-01-18 09:45 - 2014-01-18 15:47 - 00017877 _____ C:\WINDOWS\KB2859537.log 2014-01-18 09:45 - 2014-01-18 15:47 - 00016879 _____ C:\WINDOWS\KB2876331.log 2014-01-18 09:45 - 2014-01-18 15:47 - 00016574 _____ C:\WINDOWS\KB2850869.log 2014-01-18 09:45 - 2014-01-18 15:47 - 00016193 _____ C:\WINDOWS\KB2893294.log 2014-01-18 09:45 - 2013-07-17 01:58 - 00123008 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbvideo.sys 2014-01-18 09:45 - 2013-07-17 01:58 - 00060160 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbaudio.sys 2014-01-18 09:45 - 2013-07-17 01:58 - 00046848 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\irbus.sys 2014-01-18 09:44 - 2014-01-18 15:47 - 00016616 _____ C:\WINDOWS\KB2893984.log 2014-01-18 09:44 - 2014-01-18 15:46 - 00015409 _____ C:\WINDOWS\KB2892075.log 2014-01-18 09:44 - 2013-08-09 01:55 - 00144128 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbport.sys 2014-01-18 09:44 - 2013-08-09 01:55 - 00032384 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbccgp.sys 2014-01-18 09:44 - 2013-08-09 01:55 - 00005376 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbd.sys 2014-01-18 09:44 - 2009-03-18 12:02 - 00030336 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbehci.sys 2014-01-17 22:33 - 2014-01-17 22:33 - 00000000 ____D C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Adobe 2014-01-17 22:11 - 2014-01-17 22:11 - 00410528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\gdonfqrj.sys 2014-01-17 21:53 - 2014-01-17 21:53 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\MFAData 2014-01-17 21:53 - 2014-01-17 21:53 - 00000000 ____D C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\MFAData 2014-01-17 21:53 - 2014-01-17 21:53 - 00000000 ____D C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Avg2014 ==================== One Month Modified Files and Folders ======= 2014-01-19 15:44 - 2014-01-19 15:43 - 00009023 _____ C:\Documents and Settings\Administrator\Pulpit\FRST.txt 2014-01-19 15:43 - 2014-01-19 15:43 - 00000000 ____D C:\FRST 2014-01-19 15:42 - 2014-01-19 15:42 - 01221120 _____ (Farbar) C:\Documents and Settings\Administrator\Pulpit\FRST.exe 2014-01-19 15:32 - 2013-07-02 16:01 - 00001050 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-01-19 15:20 - 2013-05-24 18:30 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-01-19 14:40 - 2012-07-14 23:02 - 00000378 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job 2014-01-19 14:38 - 2013-07-02 16:01 - 00001046 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-01-19 14:38 - 2013-05-24 10:18 - 00000159 _____ C:\WINDOWS\wiadebug.log 2014-01-19 14:38 - 2011-10-31 11:24 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2014-01-19 14:37 - 2013-05-24 10:18 - 00000050 _____ C:\WINDOWS\wiaservc.log 2014-01-19 14:37 - 2011-10-31 15:56 - 01981926 _____ C:\WINDOWS\WindowsUpdate.log 2014-01-19 14:37 - 2011-10-31 11:28 - 00032316 _____ C:\WINDOWS\SchedLgU.Txt 2014-01-19 14:36 - 2011-10-31 11:28 - 00000292 ___SH C:\Documents and Settings\Administrator\ntuser.ini 2014-01-19 14:35 - 2013-05-27 20:45 - 00101716 _____ C:\WINDOWS\setupapi.log 2014-01-19 14:35 - 2013-05-24 15:05 - 00000547 _____ C:\WINDOWS\setupact.log 2014-01-19 13:24 - 2014-01-19 13:24 - 00003725 _____ C:\Documents and Settings\Administrator\Pulpit\FSS.txt 2014-01-19 13:23 - 2014-01-19 13:23 - 00361185 _____ (Farbar) C:\Documents and Settings\Administrator\Pulpit\FSS.exe 2014-01-19 12:29 - 2014-01-19 12:29 - 00030588 _____ C:\Documents and Settings\Administrator\Pulpit\Extras.Txt 2014-01-19 12:28 - 2014-01-19 12:28 - 00060922 _____ C:\Documents and Settings\Administrator\Pulpit\OTL.Txt 2014-01-19 12:20 - 2013-08-02 09:44 - 00002171 _____ C:\WINDOWS\wmsetup.log 2014-01-19 12:10 - 2013-05-19 23:38 - 00027187 _____ C:\WINDOWS\KB2481109.log 2014-01-18 21:45 - 2014-01-19 13:42 - 00010409 _____ C:\Documents and Settings\Administrator\Pulpit\gmer.txt 2014-01-18 21:45 - 2014-01-18 21:35 - 00010409 _____ C:\Documents and Settings\Administrator\Pulpit\gmer.log 2014-01-18 21:25 - 2014-01-18 21:25 - 00379904 _____ C:\Documents and Settings\Administrator\Pulpit\gmer.exe 2014-01-18 21:02 - 2014-01-19 12:19 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Administrator\Pulpit\OTL.exe 2014-01-18 20:50 - 2014-01-18 20:50 - 00065536 _____ C:\WINDOWS\Minidump\Mini011814-01.dmp 2014-01-18 20:49 - 2014-01-18 20:49 - 00000000 __SHD C:\FOUND.006 2014-01-18 20:36 - 2014-01-18 20:36 - 00000000 ____D C:\Documents and Settings\Administrator\Dane aplikacji\AVAST Software 2014-01-18 20:35 - 2014-01-18 20:35 - 00000825 _____ C:\Documents and Settings\All Users\Pulpit\avast! Free Antivirus.lnk 2014-01-18 20:35 - 2014-01-18 20:35 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Avast 2014-01-18 20:34 - 2014-01-18 20:34 - 00001723 _____ C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk 2014-01-18 20:34 - 2014-01-18 20:34 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Google Chrome 2014-01-18 20:31 - 2014-01-18 20:31 - 00775952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys 2014-01-18 20:31 - 2014-01-18 20:31 - 00410528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2014-01-18 20:31 - 2014-01-18 20:31 - 00270240 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2014-01-18 20:31 - 2014-01-18 20:31 - 00180248 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys 2014-01-18 20:31 - 2014-01-18 20:31 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2014-01-18 20:31 - 2014-01-18 20:31 - 00057672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys 2014-01-18 20:31 - 2014-01-18 20:31 - 00054832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys 2014-01-18 20:31 - 2014-01-18 20:31 - 00049944 _____ C:\WINDOWS\system32\Drivers\aswRvrt.sys 2014-01-18 20:31 - 2014-01-18 20:31 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr 2014-01-18 20:28 - 2014-01-18 20:28 - 00410528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\rhntbukx.sys 2014-01-18 20:22 - 2012-07-14 18:15 - 704643072 _____ C:\WINDOWS\MEMORY.DMP 2014-01-18 19:05 - 2011-10-31 17:57 - 00002439 _____ C:\Documents and Settings\Administrator\Pulpit\Excel.lnk 2014-01-18 19:05 - 2011-10-31 17:56 - 00002417 _____ C:\Documents and Settings\Administrator\Pulpit\Word.lnk 2014-01-18 16:15 - 2014-01-18 16:15 - 00000658 _____ C:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk 2014-01-18 16:15 - 2014-01-18 16:15 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes' Anti-Malware 2014-01-18 16:15 - 2014-01-18 16:15 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes 2014-01-18 16:15 - 2014-01-18 16:15 - 00000000 ____D C:\Documents and Settings\Administrator\Dane aplikacji\Malwarebytes 2014-01-18 15:52 - 2011-10-31 11:14 - 00115768 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2014-01-18 15:51 - 2014-01-18 15:51 - 00017056 _____ C:\WINDOWS\KB2834886.log 2014-01-18 15:51 - 2014-01-18 15:51 - 00016842 _____ C:\WINDOWS\KB2900986.log 2014-01-18 15:51 - 2014-01-18 15:51 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2900986$ 2014-01-18 15:51 - 2014-01-18 15:51 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2868626$ 2014-01-18 15:51 - 2014-01-18 15:51 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2847311$ 2014-01-18 15:51 - 2014-01-18 15:51 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2834886$ 2014-01-18 15:51 - 2014-01-18 15:47 - 00006429 _____ C:\WINDOWS\updspapi.log 2014-01-18 15:51 - 2014-01-18 09:51 - 00024921 _____ C:\WINDOWS\KB2868626.log 2014-01-18 15:51 - 2014-01-18 09:50 - 00024031 _____ C:\WINDOWS\KB2847311.log 2014-01-18 15:51 - 2013-05-24 15:05 - 00189135 _____ C:\WINDOWS\iis6.log 2014-01-18 15:51 - 2013-05-24 15:05 - 00147040 _____ C:\WINDOWS\FaxSetup.log 2014-01-18 15:51 - 2013-05-24 15:05 - 00100715 _____ C:\WINDOWS\ocgen.log 2014-01-18 15:51 - 2013-05-24 15:05 - 00070387 _____ C:\WINDOWS\tsoc.log 2014-01-18 15:51 - 2013-05-24 15:05 - 00051834 _____ C:\WINDOWS\msmqinst.log 2014-01-18 15:51 - 2013-05-24 15:05 - 00049184 _____ C:\WINDOWS\comsetup.log 2014-01-18 15:51 - 2013-05-24 15:05 - 00030844 _____ C:\WINDOWS\ntdtcsetup.log 2014-01-18 15:51 - 2013-05-24 15:05 - 00025987 _____ C:\WINDOWS\netfxocm.log 2014-01-18 15:51 - 2013-05-24 15:05 - 00010557 _____ C:\WINDOWS\MedCtrOC.log 2014-01-18 15:51 - 2013-05-24 15:05 - 00010389 _____ C:\WINDOWS\ocmsn.log 2014-01-18 15:51 - 2013-05-24 15:05 - 00007675 _____ C:\WINDOWS\msgsocm.log 2014-01-18 15:51 - 2013-05-24 15:05 - 00007337 _____ C:\WINDOWS\tabletoc.log 2014-01-18 15:51 - 2013-05-24 15:05 - 00001374 _____ C:\WINDOWS\imsins.log 2014-01-18 15:51 - 2013-05-24 15:05 - 00001374 _____ C:\WINDOWS\imsins.BAK 2014-01-18 15:49 - 2014-01-18 15:48 - 00019916 _____ C:\WINDOWS\KB2898785-IE8.log 2014-01-18 15:48 - 2014-01-18 15:48 - 00012207 _____ C:\WINDOWS\KB2862335.log 2014-01-18 15:48 - 2014-01-18 15:48 - 00011451 _____ C:\WINDOWS\KB2904266.log 2014-01-18 15:48 - 2014-01-18 15:48 - 00008791 _____ C:\WINDOWS\KB2834904-v2.log 2014-01-18 15:48 - 2014-01-18 15:48 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2904266$ 2014-01-18 15:48 - 2014-01-18 15:48 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2898715$ 2014-01-18 15:48 - 2014-01-18 15:48 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2876217$ 2014-01-18 15:48 - 2014-01-18 15:48 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2864063$ 2014-01-18 15:48 - 2014-01-18 15:48 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2862335$ 2014-01-18 15:48 - 2014-01-18 15:48 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2845187$ 2014-01-18 15:48 - 2014-01-18 15:48 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$ 2014-01-18 15:48 - 2014-01-18 09:48 - 00019464 _____ C:\WINDOWS\KB2898715.log 2014-01-18 15:48 - 2014-01-18 09:47 - 00018451 _____ C:\WINDOWS\KB2876217.log 2014-01-18 15:48 - 2014-01-18 09:47 - 00018130 _____ C:\WINDOWS\KB2845187.log 2014-01-18 15:48 - 2014-01-18 09:47 - 00017927 _____ C:\WINDOWS\KB2864063.log 2014-01-18 15:48 - 2011-10-31 17:21 - 00027396 _____ C:\WINDOWS\system32\TZLog.log 2014-01-18 15:47 - 2014-01-18 15:47 - 00010274 _____ C:\WINDOWS\KB2868038.log 2014-01-18 15:47 - 2014-01-18 15:47 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2893294$ 2014-01-18 15:47 - 2014-01-18 15:47 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2876331$ 2014-01-18 15:47 - 2014-01-18 15:47 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2868038$ 2014-01-18 15:47 - 2014-01-18 15:47 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2862152$ 2014-01-18 15:47 - 2014-01-18 15:47 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2859537$ 2014-01-18 15:47 - 2014-01-18 15:47 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2850869$ 2014-01-18 15:47 - 2014-01-18 09:46 - 00017404 _____ C:\WINDOWS\KB2862152.log 2014-01-18 15:47 - 2014-01-18 09:45 - 00017877 _____ C:\WINDOWS\KB2859537.log 2014-01-18 15:47 - 2014-01-18 09:45 - 00016879 _____ C:\WINDOWS\KB2876331.log 2014-01-18 15:47 - 2014-01-18 09:45 - 00016574 _____ C:\WINDOWS\KB2850869.log 2014-01-18 15:47 - 2014-01-18 09:45 - 00016193 _____ C:\WINDOWS\KB2893294.log 2014-01-18 15:47 - 2014-01-18 09:44 - 00016616 _____ C:\WINDOWS\KB2893984.log 2014-01-18 15:46 - 2014-01-18 15:46 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2893984$ 2014-01-18 15:46 - 2014-01-18 15:46 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2892075$ 2014-01-18 15:46 - 2014-01-18 15:46 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2862330$ 2014-01-18 15:46 - 2014-01-18 09:44 - 00015409 _____ C:\WINDOWS\KB2892075.log 2014-01-18 15:43 - 2014-01-18 15:43 - 00000000 ____D C:\WINDOWS\system32\MRT 2014-01-18 15:42 - 2014-01-18 15:42 - 00009162 _____ C:\WINDOWS\KB2914368.log 2014-01-18 15:42 - 2014-01-18 15:42 - 00000000 ___HD C:\WINDOWS\$NtUninstallKB2914368$ 2014-01-18 15:42 - 2014-01-18 15:42 - 00000000 _____ C:\WINDOWS\setuperr.log 2014-01-18 09:23 - 2011-10-31 11:24 - 00002596 _____ C:\WINDOWS\system32\CONFIG.NT 2014-01-18 09:23 - 2011-10-31 11:13 - 00000211 ___SH C:\boot.ini 2014-01-17 22:38 - 2012-07-14 23:12 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2014-01-17 22:38 - 2011-10-31 17:37 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2014-01-17 22:33 - 2014-01-17 22:33 - 00000000 ____D C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Adobe 2014-01-17 22:11 - 2014-01-17 22:11 - 00410528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\gdonfqrj.sys 2014-01-17 21:53 - 2014-01-17 21:53 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\MFAData 2014-01-17 21:53 - 2014-01-17 21:53 - 00000000 ____D C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\MFAData 2014-01-17 21:53 - 2014-01-17 21:53 - 00000000 ____D C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Avg2014 2014-01-17 19:23 - 2013-05-24 18:42 - 00000614 _____ C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk 2014-01-17 19:23 - 2011-10-31 16:16 - 00000614 _____ C:\Documents and Settings\All Users\Menu Start\Programy\Mozilla Firefox.lnk 2014-01-17 19:06 - 2001-07-21 22:17 - 00002228 _____ C:\WINDOWS\system32\wpa.dbl 2014-01-06 16:20 - 2011-10-31 16:42 - 83425928 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe Some content of TEMP: ==================== C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\install_flashplayer12x32_mssd_aaa_aih.exe C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\ResetDevice.exe C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\DataCard_Setup.exe ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe [2011-01-15 07:15] - [2011-01-15 07:15] - 1035264 ____A (Microsoft Corporation) c791ed9eac5e76d9525e157b1d7a599a C:\Windows\System32\winlogon.exe [2011-01-15 07:15] - [2011-01-15 07:15] - 0510464 ____A (Microsoft Corporation) 51fd2e13d723857b9ca239ae77150f48 C:\Windows\System32\svchost.exe [2011-01-15 07:15] - [2011-01-15 07:15] - 0014336 ____A (Microsoft Corporation) 8607d35d92528e2df386f19a960d23ce C:\Windows\System32\services.exe [2011-01-15 07:15] - [2011-01-15 07:15] - 0111104 ____A (Microsoft Corporation) 8816e60bf654353e8e0d35ed98875445 C:\Windows\System32\User32.dll [2011-01-15 07:15] - [2011-01-15 07:15] - 0580096 ____A (Microsoft Corporation) a435c5c069afd901751ac323ad238793 C:\Windows\System32\userinit.exe [2011-01-15 07:15] - [2011-01-15 07:15] - 0026624 ____A (Microsoft Corporation) 2a5b37d520508be6570a3ea79695f5b5 C:\Windows\System32\rpcss.dll [2011-01-15 07:15] - [2011-01-15 07:15] - 0401408 ____A (Microsoft Corporation) c9e5ac78d9a00b1de8ce2ad1bdde7e42 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected. C:\Windows\System32\Drivers\volsnap.sys [2011-01-15 07:15] - [2011-01-15 07:15] - 0052864 ____A (Microsoft Corporation) 56b191ac5fc0df219949c95a6c87afe7 ==================== End Of Log ============================