Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-01-2014 01 Ran by Katarzyna (administrator) on Z96S on 03-02-2014 00:20:22 Running from D:\Moje dokumenty\Pobieranie Microsoft Windows XP Home Edition Dodatek Service Pack 3 (X86) OS Language: Polish Internet Explorer Version 8 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) =================== (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe (Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe (Skype Technologies) C:\Program Files\Skype\Updater\Updater.exe (Microsoft Corporation) C:\Program Files\Zune\ZuneBusEnum.exe (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE () C:\WINDOWS\ATK0100\HControl.exe (Motorola Inc.) C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Brother Industries, Ltd.) C:\Program Files\ControlCenter4\BrCcBoot.exe (Brother Industries, Ltd.) C:\Program Files\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.) C:\Program Files\Browny02\BrYNSvc.exe () C:\WINDOWS\ATK0100\ATKOSD.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [NvCplDaemon] - C:\WINDOWS\system32\NvCpl.dll [15517472 2013-01-31] (NVIDIA Corporation) HKLM\...\Run: [NvMediaCenter] - C:\WINDOWS\system32\NvMcTray.dll [108832 2013-01-31] (NVIDIA Corporation) HKLM\...\Run: [RTHDCPL] - C:\WINDOWS\RTHDCPL.EXE [20065936 2012-06-06] (Realtek Semiconductor Corp.) HKLM\...\Run: [HControl] - C:\WINDOWS\ATK0100\HControl.exe [110592 2006-10-14] () HKLM\...\Run: [SMSERIAL] - C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [638976 2007-01-29] (Motorola Inc.) HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation) HKLM\...\Run: [BluetoothAuthenticationAgent] - rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent HKLM\...\Run: [NeroFilterCheck] - C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG) HKLM\...\Run: [Zune Launcher] - C:\Program Files\Zune\ZuneLauncher.exe [159456 2011-08-05] (Microsoft Corporation) HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM\...\Run: [ControlCenter4] - C:\Program Files\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.) HKLM\...\Run: [BrStsMon00] - C:\Program Files\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie SearchScopes: HKLM - DefaultScope value is missing. BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKCU - &Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) Toolbar: HKCU - &Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1363124629406 DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1363124681140 DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Documents and Settings\Katarzyna\Dane aplikacji\Mozilla\Firefox\Profiles\2lypv8d5.default FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_43.dll () FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [] Chrome: ======= CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\32.0.1700.102\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\32.0.1700.102\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\32.0.1700.102\pdf.dll () CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation) CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.)) CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation) CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) CHR Plugin: (Java Deployment Toolkit 7.0.510.13) - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) CHR Plugin: (Java(TM) Platform SE 7 U51) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (Windows Presentation Foundation) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_43.dll () CHR Extension: (Google Wallet) - C:\Documents and Settings\Katarzyna\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-15] ========================== Services (Whitelisted) ================= R3 BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-12-18] (Oracle Corporation) R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation) R2 ZuneBusEnum; C:\Program Files\Zune\ZuneBusEnum.exe [57056 2011-08-05] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative) R3 ASNDIS5; C:\WINDOWS\ATK0100\ASNDIS5.SYS [16269 2004-05-28] (Printing Communications Assoc., Inc. (PCAUSA)) R3 BCM43XX; C:\WINDOWS\System32\DRIVERS\bcmwl5.sys [604928 2006-10-12] (Broadcom Corporation) S3 BrScnUsb; C:\WINDOWS\System32\DRIVERS\BrScnUsb.sys [15295 2004-10-15] (Brother Industries Ltd.) S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation) S3 massfilter; C:\WINDOWS\System32\drivers\massfilter.sys [9216 2012-05-11] (MBB Incorporated) S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.) R0 MpFilter; C:\WINDOWS\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation) R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ATKACPI.sys [5760 2007-08-28] () S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation) R3 SynMini; C:\WINDOWS\System32\Drivers\SynMini.sys [1208064 2006-11-27] () R3 SynScan; C:\WINDOWS\System32\Drivers\SynScan.sys [8064 2006-10-04] () S3 ZTEusbnet; C:\WINDOWS\System32\DRIVERS\ZTEusbnet.sys [134144 2012-05-11] (ZTE Corporation) R2 zumbus; C:\WINDOWS\System32\DRIVERS\zumbus.sys [41472 2011-08-05] (Microsoft Corporation) S4 IntelIde; No ImagePath U1 WS2IFSL; ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-02-03 00:11 - 2014-02-03 00:12 - 00000000 ____D C:\AdwCleaner 2014-02-03 00:06 - 2014-02-03 00:06 - 00000000 ____D C:\Documents and Settings\Katarzyna\Dane aplikacji\newnext.me 2014-01-30 21:35 - 2014-01-30 21:35 - 00000000 ____D C:\Documents and Settings\Katarzyna\Dane aplikacji\vlc 2014-01-30 21:35 - 2014-01-30 21:35 - 00000000 ____D C:\Documents and Settings\Katarzyna\Dane aplikacji\MPC-HC 2014-01-30 21:24 - 2014-01-30 21:27 - 00000000 ____D C:\Documents and Settings\Katarzyna\Ustawienia lokalne\Dane aplikacji\Adobe 2014-01-30 21:21 - 2014-01-30 21:21 - 00000840 _____ C:\Documents and Settings\Katarzyna\Menu Start\µTorrent.lnk 2014-01-30 21:17 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe 2014-01-30 21:17 - 2013-12-18 20:46 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl 2014-01-30 21:16 - 2014-01-30 21:16 - 00005269 _____ C:\WINDOWS\system32\jupdate-1.7.0_51-b13.log 2014-01-30 21:16 - 2014-01-30 21:16 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Java 2014-01-30 21:16 - 2013-12-18 21:10 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll 2014-01-30 21:16 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe 2014-01-30 21:16 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe 2014-01-30 20:59 - 2014-02-03 00:20 - 00000000 ____D C:\FRST 2014-01-30 20:55 - 2014-01-30 20:55 - 00000000 ____D C:\Documents and Settings\Katarzyna\Pulpit 2014-01-29 13:40 - 2014-01-29 13:40 - 00019461 _____ C:\Documents and Settings\Katarzyna\Ustawienia lokalne\Dane aplikacji\recently-used.xbel 2014-01-22 09:57 - 2014-01-22 09:58 - 00000000 ____D C:\Documents and Settings\Katarzyna\Dane aplikacji\Mozilla 2014-01-22 09:57 - 2014-01-22 09:57 - 00000736 _____ C:\Documents and Settings\All Users\Menu Start\Programy\Mozilla Firefox.lnk 2014-01-22 09:57 - 2014-01-22 09:57 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2014-01-22 09:57 - 2014-01-22 09:57 - 00000000 ____D C:\Program Files\Mozilla Firefox 2014-01-22 09:57 - 2014-01-22 09:57 - 00000000 ____D C:\Documents and Settings\Katarzyna\Ustawienia lokalne\Dane aplikacji\Mozilla 2014-01-22 09:57 - 2014-01-22 09:57 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Mozilla 2014-01-19 13:50 - 2014-01-24 12:21 - 00000000 ____D C:\Documents and Settings\Katarzyna\Ustawienia lokalne\Dane aplikacji\gtk-2.0 2014-01-19 09:40 - 2014-01-29 13:42 - 00000000 ____D C:\Documents and Settings\Katarzyna\.gimp-2.8 2014-01-19 09:37 - 2014-01-19 09:37 - 00000742 _____ C:\Documents and Settings\All Users\Menu Start\Programy\GIMP 2.lnk 2014-01-19 09:34 - 2014-01-19 09:37 - 00000000 ____D C:\Program Files\GIMP 2 2014-01-15 15:25 - 2014-01-15 15:25 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2914368$ 2014-01-15 15:24 - 2014-01-15 15:25 - 00005311 _____ C:\WINDOWS\KB2914368.log 2014-01-11 11:03 - 2014-02-03 00:11 - 00000406 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job 2014-01-11 09:26 - 2014-01-11 09:26 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868626$ 2014-01-11 09:23 - 2014-01-11 09:23 - 00014119 _____ C:\WINDOWS\KB2898785-IE8.log 2014-01-11 09:23 - 2014-01-11 09:23 - 00011448 _____ C:\WINDOWS\KB2900986.log 2014-01-11 09:23 - 2014-01-11 09:23 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2900986$ 2014-01-11 09:23 - 2014-01-11 09:23 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2898715$ 2014-01-11 09:23 - 2014-01-11 09:23 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2847311$ 2014-01-11 09:22 - 2014-01-11 09:23 - 00006790 _____ C:\WINDOWS\KB2862335.log 2014-01-11 09:22 - 2014-01-11 09:22 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862335$ 2014-01-11 09:19 - 2014-01-11 09:19 - 00006151 _____ C:\WINDOWS\KB2904266.log 2014-01-11 09:19 - 2014-01-11 09:19 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2904266$ 2014-01-11 09:19 - 2014-01-11 09:19 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876331$ 2014-01-11 09:19 - 2014-01-11 09:19 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862152$ 2014-01-11 09:16 - 2014-01-11 09:16 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893294$ 2014-01-11 09:15 - 2014-01-11 09:15 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893984$ 2014-01-11 09:15 - 2014-01-11 09:15 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2892075$ 2014-01-11 09:13 - 2014-01-11 09:13 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862330$ 2014-01-10 23:01 - 2014-01-11 09:26 - 00016721 _____ C:\WINDOWS\KB2868626.log 2014-01-10 23:01 - 2014-01-11 09:23 - 00016076 _____ C:\WINDOWS\KB2847311.log 2014-01-10 23:00 - 2014-01-11 09:23 - 00011348 _____ C:\WINDOWS\KB2898715.log 2014-01-10 23:00 - 2014-01-11 09:19 - 00010335 _____ C:\WINDOWS\KB2862152.log 2014-01-10 23:00 - 2014-01-11 09:19 - 00009814 _____ C:\WINDOWS\KB2876331.log 2014-01-10 23:00 - 2013-07-03 03:12 - 00025088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidparse.sys 2014-01-10 23:00 - 2013-07-03 02:59 - 00014976 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbscan.sys 2014-01-10 22:59 - 2014-01-11 09:16 - 00009139 _____ C:\WINDOWS\KB2893294.log 2014-01-10 22:59 - 2014-01-11 09:15 - 00009563 _____ C:\WINDOWS\KB2893984.log 2014-01-10 22:59 - 2014-01-11 09:15 - 00008294 _____ C:\WINDOWS\KB2892075.log 2014-01-10 22:59 - 2013-08-09 01:55 - 00005376 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbd.sys 2014-01-09 19:20 - 2014-01-09 19:20 - 00012652 _____ C:\Documents and Settings\Katarzyna\Ustawienia lokalne\Dane aplikacji\recently-used.xbel.5JWX8W 2014-01-06 20:23 - 2014-01-06 20:23 - 04558848 _____ (Google Inc.) C:\WINDOWS\system32\GPhotos.scr ==================== One Month Modified Files and Folders ======= 2014-02-03 00:20 - 2014-01-30 20:59 - 00000000 ____D C:\FRST 2014-02-03 00:20 - 2013-03-12 18:35 - 01792473 _____ C:\WINDOWS\WindowsUpdate.log 2014-02-03 00:18 - 2013-03-13 00:58 - 00001038 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-02-03 00:18 - 2013-03-12 19:27 - 00000159 _____ C:\WINDOWS\wiadebug.log 2014-02-03 00:18 - 2013-03-12 19:27 - 00000050 _____ C:\WINDOWS\wiaservc.log 2014-02-03 00:18 - 2013-03-12 18:39 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2014-02-03 00:17 - 2013-03-12 18:40 - 00000188 ___SH C:\Documents and Settings\Katarzyna\ntuser.ini 2014-02-03 00:17 - 2013-03-12 18:39 - 00032474 _____ C:\WINDOWS\SchedLgU.Txt 2014-02-03 00:13 - 2008-04-15 13:00 - 00012598 _____ C:\WINDOWS\system32\wpa.dbl 2014-02-03 00:12 - 2014-02-03 00:11 - 00000000 ____D C:\AdwCleaner 2014-02-03 00:12 - 2013-03-12 19:24 - 00000000 __RHD C:\Documents and Settings\All Users\Dane aplikacji 2014-02-03 00:12 - 2013-03-12 18:40 - 00000000 __RHD C:\Documents and Settings\Katarzyna\Dane aplikacji 2014-02-03 00:12 - 2013-03-12 18:40 - 00000000 ___HD C:\Documents and Settings\Katarzyna\Ustawienia lokalne\Dane aplikacji 2014-02-03 00:11 - 2014-01-11 11:03 - 00000406 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job 2014-02-03 00:06 - 2014-02-03 00:06 - 00000000 ____D C:\Documents and Settings\Katarzyna\Dane aplikacji\newnext.me 2014-02-03 00:06 - 2013-03-12 18:40 - 00000000 ____D C:\Documents and Settings\Katarzyna 2014-02-03 00:05 - 2013-03-12 19:25 - 01219402 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2014-02-03 00:05 - 2008-04-15 13:00 - 00542510 _____ C:\WINDOWS\system32\perfh015.dat 2014-02-03 00:05 - 2008-04-15 13:00 - 00099706 _____ C:\WINDOWS\system32\perfc015.dat 2014-02-03 00:04 - 2013-03-14 21:15 - 00204577 _____ C:\WINDOWS\setupapi.log 2014-02-03 00:04 - 2013-03-14 21:15 - 00003851 _____ C:\WINDOWS\setupact.log 2014-01-30 21:46 - 2013-03-13 10:24 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-01-30 21:40 - 2013-03-13 13:52 - 00000000 ____D C:\Documents and Settings\Katarzyna\Dane aplikacji\uTorrent 2014-01-30 21:35 - 2014-01-30 21:35 - 00000000 ____D C:\Documents and Settings\Katarzyna\Dane aplikacji\vlc 2014-01-30 21:35 - 2014-01-30 21:35 - 00000000 ____D C:\Documents and Settings\Katarzyna\Dane aplikacji\MPC-HC 2014-01-30 21:35 - 2013-03-13 13:26 - 00000000 ____D C:\Program Files\MPC-HC 2014-01-30 21:35 - 2013-03-13 13:26 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\MPC-HC 2014-01-30 21:34 - 2013-08-19 17:32 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\VideoLAN 2014-01-30 21:34 - 2013-03-13 00:58 - 00001042 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-01-30 21:32 - 2013-03-13 01:23 - 00000000 ____D C:\Program Files\SpywareBlaster 2014-01-30 21:29 - 2013-03-13 01:57 - 00000000 ____D C:\Program Files\Defraggler 2014-01-30 21:28 - 2013-03-13 01:56 - 00000000 ____D C:\Program Files\CCleaner 2014-01-30 21:27 - 2014-01-30 21:24 - 00000000 ____D C:\Documents and Settings\Katarzyna\Ustawienia lokalne\Dane aplikacji\Adobe 2014-01-30 21:27 - 2013-03-13 10:24 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2014-01-30 21:27 - 2013-03-13 10:24 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2014-01-30 21:21 - 2014-01-30 21:21 - 00000840 _____ C:\Documents and Settings\Katarzyna\Menu Start\µTorrent.lnk 2014-01-30 21:21 - 2013-03-12 19:24 - 00000000 ____D C:\Documents and Settings\All Users\Pulpit 2014-01-30 21:21 - 2013-03-12 18:40 - 00000000 ___RD C:\Documents and Settings\Katarzyna\Menu Start 2014-01-30 21:20 - 2013-03-13 11:38 - 00000000 ____D C:\Documents and Settings\Katarzyna\Dane aplikacji\Skype 2014-01-30 21:18 - 2013-03-12 18:40 - 00000000 ___RD C:\Documents and Settings\Katarzyna\Menu Start\Programy 2014-01-30 21:16 - 2014-01-30 21:16 - 00005269 _____ C:\WINDOWS\system32\jupdate-1.7.0_51-b13.log 2014-01-30 21:16 - 2014-01-30 21:16 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Java 2014-01-30 21:16 - 2013-09-15 18:37 - 00000000 ____D C:\Program Files\Java 2014-01-30 21:16 - 2013-03-12 19:24 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Start\Programy 2014-01-30 21:12 - 2013-03-13 00:58 - 00000000 ____D C:\Program Files\Google 2014-01-30 20:55 - 2014-01-30 20:55 - 00000000 ____D C:\Documents and Settings\Katarzyna\Pulpit 2014-01-29 13:42 - 2014-01-19 09:40 - 00000000 ____D C:\Documents and Settings\Katarzyna\.gimp-2.8 2014-01-29 13:40 - 2014-01-29 13:40 - 00019461 _____ C:\Documents and Settings\Katarzyna\Ustawienia lokalne\Dane aplikacji\recently-used.xbel 2014-01-29 12:39 - 2013-03-13 13:30 - 00000069 _____ C:\WINDOWS\NeroDigital.ini 2014-01-27 13:54 - 2013-03-12 18:40 - 00000000 ___RD C:\Documents and Settings\Katarzyna\Ulubione 2014-01-24 12:54 - 2013-03-13 13:30 - 00125952 _____ C:\Documents and Settings\Katarzyna\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-01-24 12:21 - 2014-01-19 13:50 - 00000000 ____D C:\Documents and Settings\Katarzyna\Ustawienia lokalne\Dane aplikacji\gtk-2.0 2014-01-22 09:58 - 2014-01-22 09:57 - 00000000 ____D C:\Documents and Settings\Katarzyna\Dane aplikacji\Mozilla 2014-01-22 09:57 - 2014-01-22 09:57 - 00000736 _____ C:\Documents and Settings\All Users\Menu Start\Programy\Mozilla Firefox.lnk 2014-01-22 09:57 - 2014-01-22 09:57 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2014-01-22 09:57 - 2014-01-22 09:57 - 00000000 ____D C:\Program Files\Mozilla Firefox 2014-01-22 09:57 - 2014-01-22 09:57 - 00000000 ____D C:\Documents and Settings\Katarzyna\Ustawienia lokalne\Dane aplikacji\Mozilla 2014-01-22 09:57 - 2014-01-22 09:57 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Mozilla 2014-01-21 12:06 - 2013-03-13 11:38 - 00000000 ___RD C:\Program Files\Skype 2014-01-21 12:06 - 2013-03-13 11:37 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Skype 2014-01-19 09:37 - 2014-01-19 09:37 - 00000742 _____ C:\Documents and Settings\All Users\Menu Start\Programy\GIMP 2.lnk 2014-01-19 09:37 - 2014-01-19 09:34 - 00000000 ____D C:\Program Files\GIMP 2 2014-01-19 08:32 - 2013-03-12 22:30 - 00231584 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2014-01-15 15:27 - 2013-09-15 18:26 - 00000000 ____D C:\WINDOWS\system32\MRT 2014-01-15 15:25 - 2014-01-15 15:25 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2914368$ 2014-01-15 15:25 - 2014-01-15 15:24 - 00005311 _____ C:\WINDOWS\KB2914368.log 2014-01-15 15:25 - 2013-08-20 23:07 - 00216404 _____ C:\WINDOWS\FaxSetup.log 2014-01-15 15:25 - 2013-08-20 23:07 - 00103460 _____ C:\WINDOWS\ocgen.log 2014-01-15 15:25 - 2013-08-20 23:07 - 00082849 _____ C:\WINDOWS\tsoc.log 2014-01-15 15:25 - 2013-08-20 23:07 - 00071407 _____ C:\WINDOWS\comsetup.log 2014-01-15 15:25 - 2013-08-20 23:07 - 00043303 _____ C:\WINDOWS\ntdtcsetup.log 2014-01-15 15:25 - 2013-08-20 23:07 - 00034249 _____ C:\WINDOWS\iis6.log 2014-01-15 15:25 - 2013-08-20 23:07 - 00013510 _____ C:\WINDOWS\ocmsn.log 2014-01-15 15:25 - 2013-08-20 23:07 - 00010605 _____ C:\WINDOWS\msgsocm.log 2014-01-15 15:25 - 2013-08-20 23:07 - 00001374 _____ C:\WINDOWS\imsins.log 2014-01-15 15:25 - 2013-03-13 00:44 - 83425928 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-01-15 12:39 - 2013-03-12 18:36 - 00001613 _____ C:\Documents and Settings\All Users\Menu Start\Określ dostęp do programów i ich ustawienia domyślne.lnk 2014-01-11 20:52 - 2013-03-13 12:57 - 00000000 ____D C:\WINDOWS\Microsoft.NET 2014-01-11 09:50 - 2013-03-14 21:10 - 00158752 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2014-01-11 09:26 - 2014-01-11 09:26 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868626$ 2014-01-11 09:26 - 2014-01-10 23:01 - 00016721 _____ C:\WINDOWS\KB2868626.log 2014-01-11 09:26 - 2013-09-16 06:12 - 00002944 _____ C:\WINDOWS\COM+.log 2014-01-11 09:26 - 2013-08-20 23:07 - 00015294 _____ C:\WINDOWS\updspapi.log 2014-01-11 09:26 - 2013-08-20 23:07 - 00001374 _____ C:\WINDOWS\imsins.BAK 2014-01-11 09:23 - 2014-01-11 09:23 - 00014119 _____ C:\WINDOWS\KB2898785-IE8.log 2014-01-11 09:23 - 2014-01-11 09:23 - 00011448 _____ C:\WINDOWS\KB2900986.log 2014-01-11 09:23 - 2014-01-11 09:23 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2900986$ 2014-01-11 09:23 - 2014-01-11 09:23 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2898715$ 2014-01-11 09:23 - 2014-01-11 09:23 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2847311$ 2014-01-11 09:23 - 2014-01-11 09:22 - 00006790 _____ C:\WINDOWS\KB2862335.log 2014-01-11 09:23 - 2014-01-10 23:01 - 00016076 _____ C:\WINDOWS\KB2847311.log 2014-01-11 09:23 - 2014-01-10 23:00 - 00011348 _____ C:\WINDOWS\KB2898715.log 2014-01-11 09:22 - 2014-01-11 09:22 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862335$ 2014-01-11 09:22 - 2013-03-12 22:05 - 00001912 _____ C:\WINDOWS\epplauncher.mif 2014-01-11 09:22 - 2013-03-12 22:05 - 00001704 _____ C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Security Essentials.lnk 2014-01-11 09:22 - 2013-03-12 22:05 - 00000000 ____D C:\Program Files\Microsoft Security Client 2014-01-11 09:19 - 2014-01-11 09:19 - 00006151 _____ C:\WINDOWS\KB2904266.log 2014-01-11 09:19 - 2014-01-11 09:19 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2904266$ 2014-01-11 09:19 - 2014-01-11 09:19 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876331$ 2014-01-11 09:19 - 2014-01-11 09:19 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862152$ 2014-01-11 09:19 - 2014-01-10 23:00 - 00010335 _____ C:\WINDOWS\KB2862152.log 2014-01-11 09:19 - 2014-01-10 23:00 - 00009814 _____ C:\WINDOWS\KB2876331.log 2014-01-11 09:19 - 2013-03-13 00:43 - 00019304 _____ C:\WINDOWS\system32\TZLog.log 2014-01-11 09:16 - 2014-01-11 09:16 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893294$ 2014-01-11 09:16 - 2014-01-10 22:59 - 00009139 _____ C:\WINDOWS\KB2893294.log 2014-01-11 09:15 - 2014-01-11 09:15 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893984$ 2014-01-11 09:15 - 2014-01-11 09:15 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2892075$ 2014-01-11 09:15 - 2014-01-10 22:59 - 00009563 _____ C:\WINDOWS\KB2893984.log 2014-01-11 09:15 - 2014-01-10 22:59 - 00008294 _____ C:\WINDOWS\KB2892075.log 2014-01-11 09:15 - 2013-03-12 18:34 - 00000000 ____D C:\WINDOWS\Registration 2014-01-11 09:13 - 2014-01-11 09:13 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862330$ 2014-01-09 19:20 - 2014-01-09 19:20 - 00012652 _____ C:\Documents and Settings\Katarzyna\Ustawienia lokalne\Dane aplikacji\recently-used.xbel.5JWX8W 2014-01-06 20:23 - 2014-01-06 20:23 - 04558848 _____ (Google Inc.) C:\WINDOWS\system32\GPhotos.scr ==================== Bamital & volsnap Check ================= C:\WINDOWS\explorer.exe [2008-04-15 13:00] - [2008-04-15 13:00] - 1035264 ____A (Microsoft Corporation) c791ed9eac5e76d9525e157b1d7a599a C:\WINDOWS\system32\winlogon.exe [2008-04-15 13:00] - [2008-04-15 13:00] - 0510464 ____A (Microsoft Corporation) 51fd2e13d723857b9ca239ae77150f48 C:\WINDOWS\system32\svchost.exe [2008-04-15 13:00] - [2008-04-15 13:00] - 0014336 ____A (Microsoft Corporation) 8607d35d92528e2df386f19a960d23ce C:\WINDOWS\system32\services.exe [2008-04-15 13:00] - [2009-02-09 12:25] - 0111104 ____A (Microsoft Corporation) 02a467e27af55f7064c5b251e587315f C:\WINDOWS\system32\User32.dll [2008-04-15 13:00] - [2008-04-15 13:00] - 0580096 ____A (Microsoft Corporation) a435c5c069afd901751ac323ad238793 C:\WINDOWS\system32\userinit.exe [2008-04-15 13:00] - [2008-04-15 13:00] - 0026624 ____A (Microsoft Corporation) 2a5b37d520508be6570a3ea79695f5b5 C:\WINDOWS\system32\rpcss.dll [2008-04-15 13:00] - [2009-02-09 11:53] - 0401408 ____A (Microsoft Corporation) a37311d9d628c1042a2836731787f0f3 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected. C:\WINDOWS\system32\Drivers\volsnap.sys [2008-04-15 13:00] - [2008-04-15 13:00] - 0052864 ____A (Microsoft Corporation) 56b191ac5fc0df219949c95a6c87afe7 ==================== End Of Log ============================