system długo wstaje, przeskanowane mbm, w zalaczniku logi z otl i frst
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014 01 ([color=red]ATTENTION: ==== & gt; FRST version is 125 days old and could be outdated[/color])
Ran by Piotr (administrator) on PIOTR-909833F00 on 16-07-2014 11:41:49
Running from C:\Documents and Settings\Piotr\Pulpit
Microsoft Windows XP Home Edition Dodatek Service Pack 3 (X86) OS Language: Polish
Internet Explorer Version 8
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(LSoft Technologies Inc) C:\Program Files\LSoft Technologies Inc\Active@ Hard Disk Monitor\DiskMonitorService.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Brother Industries, Ltd.) C:\Program Files\ControlCenter4\BrCtrlCntr.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Brother Industries, Ltd.) C:\Program Files\ControlCenter4\BrCcUxSys.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [ControlCenter4] - C:\Program Files\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM\...\Run: [BrStsMon00] - C:\Program Files\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [RTHDCPL] - C:\WINDOWS\RTHDCPL.EXE [20065936 2012-06-06] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-07-15] (AVAST Software)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://rts.dsrlte.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie & ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl/0,0.html?p=180 & d=20140610
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
SearchScopes: HKCU - {B12EC5D2-4300-49AD-BE21-E8A924EE79FF} URL = http://rts.dsrlte.com/?q={searchTerms} & r=601
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - & Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - & Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/products/plugin/autodl/jinstall-170-windows-i586.cab
DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Piotr\Dane aplikacji\Mozilla\Firefox\Profiles\611v7wqd.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppluginrichmediaplayer.dll ()
FF SearchPlugin: C:\Documents and Settings\Piotr\Dane aplikacji\Mozilla\Firefox\Profiles\611v7wqd.default\searchplugins\keepmysearch.xml
FF SearchPlugin: C:\Documents and Settings\Piotr\Dane aplikacji\Mozilla\Firefox\Profiles\611v7wqd.default\searchplugins\safeguard-secure-search.xml
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-04-08]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
Chrome:
=======
CHR Extension: (Dokumenty Google) - C:\Documents and Settings\Piotr\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-15]
CHR Extension: (Dysk Google) - C:\Documents and Settings\Piotr\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-15]
CHR Extension: (YouTube) - C:\Documents and Settings\Piotr\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-15]
CHR Extension: (Szukaj w Google) - C:\Documents and Settings\Piotr\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-15]
CHR Extension: (avast! Online Security) - C:\Documents and Settings\Piotr\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-07-15]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Piotr\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-15]
CHR Extension: (Gmail) - C:\Documents and Settings\Piotr\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-15]
CHR HKLM\...\Chrome\Extension: [aaaajcpbcbckoiafnblkdhnldokclbhi] - C:\Documents and Settings\Asia.PIOTR-909833F00\Ustawienia lokalne\Dane aplikacji\jzipmusictoolbar181\GC\toolbar.crx [2014-07-15]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-15]
CHR HKLM\...\Chrome\Extension: [ijblflkdjdopkpdgllkmlbgcffjbnfda] - C:\Documents and Settings\Asia\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\newtab.crx [2014-07-15]
CHR HKLM\...\Chrome\Extension: [obilhkhfmlggcoildcnoeknaghkiiclj] - C:\Documents and Settings\Asia.PIOTR-909833F00\Ustawienia lokalne\Dane aplikacji\CRE\obilhkhfmlggcoildcnoeknaghkiiclj.crx [2014-07-15]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction & lt; ======= ATTENTION
========================== Services (Whitelisted) =================
R2 Active@ Disk Monitor; C:\Program Files\LSoft Technologies Inc\Active@ Hard Disk Monitor\DiskMonitorService.exe [237792 2012-10-23] (LSoft Technologies Inc)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-15] (AVAST Software)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-12-18] (Oracle Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
==================== Drivers (Whitelisted) ====================
S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-07-15] ()
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-07-15] (AVAST Software)
R1 AswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55112 2014-07-15] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-07-15] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [779536 2014-07-15] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [414520 2014-07-15] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57800 2014-07-15] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [192352 2014-07-15] ()
S3 BrScnUsb; C:\WINDOWS\System32\DRIVERS\BrScnUsb.sys [15295 2004-10-15] (Brother Industries Ltd.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [110296 2014-07-16] (Malwarebytes Corporation)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
S3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [70912 2010-03-04] (NVIDIA Corporation)
R0 nvgts; C:\WINDOWS\System32\DRIVERS\nvgts.sys [168040 2010-04-08] (NVIDIA Corporation)
S3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [13824 2010-03-04] (NVIDIA Corporation)
S3 PortTalk; C:\WINDOWS\System32\Drivers\PortTalk.sys [3567 2002-01-12] (Beyond Logic http://www.beyondlogic.org)
R3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2008-04-13] (Realtek Semiconductor Corporation)
R3 Sftfs; C:\WINDOWS\System32\DRIVERS\Sftfsxp.sys [587944 2013-06-26] (Microsoft Corporation)
R3 Sftplay; C:\WINDOWS\System32\DRIVERS\Sftplayxp.sys [213288 2013-06-26] (Microsoft Corporation)
R3 Sftredir; C:\WINDOWS\System32\DRIVERS\Sftredirxp.sys [23208 2013-06-26] (Microsoft Corporation)
R3 Sftvol; C:\WINDOWS\System32\DRIVERS\Sftvolxp.sys [19112 2013-06-26] (Microsoft Corporation)
S3 SG760_XP; C:\WINDOWS\System32\DRIVERS\WlanUZXP.sys [261632 2006-01-09] (ZyDAS Technology Corporation)
S3 SG762_XP; C:\WINDOWS\System32\DRIVERS\WlanBZXP.sys [402432 2006-01-19] (ZyDAS Technology Corporation)
R1 {2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gt; C:\WINDOWS\System32\drivers\{2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gt.sys [55232 2014-05-12] (StdLib)
S3 catchme; \??\C:\DOCUME~1\Piotr\USTAWI~1\Temp\catchme.sys [X]
S3 EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys [X]
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U3 TlntSvr;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-16 11:41 - 2014-07-16 11:41 - 00013950 _____ () C:\Documents and Settings\Piotr\Pulpit\FRST.txt
2014-07-16 11:41 - 2014-07-16 11:41 - 00000000 ____D () C:\FRST
2014-07-16 11:31 - 2014-07-16 11:31 - 00036978 _____ () C:\Documents and Settings\Piotr\Pulpit\Extras.Txt
2014-07-16 11:30 - 2014-07-16 11:30 - 00368798 _____ () C:\Documents and Settings\Piotr\Pulpit\OTL.Txt
2014-07-16 11:18 - 2014-03-19 19:58 - 01145856 _____ (Farbar) C:\Documents and Settings\Piotr\Pulpit\FRST.exe
2014-07-16 11:18 - 2013-12-27 20:59 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Piotr\Pulpit\OTL.exe
2014-07-15 21:13 - 2014-07-15 21:13 - 00000000 ____D () C:\WINDOWS\jumpshot.com
2014-07-15 21:13 - 2014-07-15 21:13 - 00000000 ____D () C:\Documents and Settings\Piotr\Dane aplikacji\AVAST Software
2014-07-15 21:12 - 2014-07-15 21:12 - 00000000 ____D () C:\WINDOWS\pss
2014-07-15 21:08 - 2014-07-15 21:08 - 00017464 _____ () C:\ComboFix.txt
2014-07-15 20:57 - 2014-07-15 20:57 - 00000000 _RSHD () C:\cmdcons
2014-07-15 20:57 - 2013-01-29 19:31 - 00000211 _____ () C:\Boot.bak
2014-07-15 20:57 - 2004-08-03 23:00 - 00262400 __RSH () C:\cmldr
2014-07-15 20:55 - 2014-07-15 21:08 - 00000000 ____D () C:\ComboFix
2014-07-15 20:55 - 2011-06-26 08:45 - 00256000 _____ () C:\WINDOWS\PEV.exe
2014-07-15 20:55 - 2010-11-07 19:20 - 00208896 _____ () C:\WINDOWS\MBR.exe
2014-07-15 20:55 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2014-07-15 20:55 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2014-07-15 20:55 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2014-07-15 20:55 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2014-07-15 20:55 - 2000-08-31 02:00 - 00098816 _____ () C:\WINDOWS\sed.exe
2014-07-15 20:55 - 2000-08-31 02:00 - 00080412 _____ () C:\WINDOWS\grep.exe
2014-07-15 20:55 - 2000-08-31 02:00 - 00068096 _____ () C:\WINDOWS\zip.exe
2014-07-15 20:49 - 2014-07-15 20:49 - 00001819 _____ () C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk
2014-07-15 20:49 - 2014-07-15 20:49 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Google Chrome
2014-07-15 20:48 - 2014-07-16 11:14 - 00001034 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-15 20:48 - 2014-07-16 11:14 - 00001030 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-15 20:48 - 2014-07-15 20:48 - 00000000 ____D () C:\Documents and Settings\Piotr\Moje dokumenty\Pobrane
2014-07-15 20:24 - 2014-07-15 20:24 - 00001733 _____ () C:\Documents and Settings\All Users\Pulpit\avast! Free Antivirus.lnk
2014-07-15 20:24 - 2014-07-15 20:23 - 00024184 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-07-15 20:23 - 2014-07-15 20:23 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-07-15 20:05 - 2014-07-15 20:14 - 00002347 _____ () C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Reader XI.lnk
2014-07-15 20:05 - 2014-07-15 20:05 - 00001734 _____ () C:\Documents and Settings\All Users\Pulpit\Adobe Reader XI.lnk
2014-07-15 20:02 - 2014-07-15 20:13 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-07-15 19:54 - 2008-04-13 22:05 - 00020992 ____C (Realtek Semiconductor Corporation) C:\WINDOWS\system32\dllcache\rtl8139.sys
2014-07-15 19:54 - 2008-04-13 22:05 - 00020992 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\Drivers\RTL8139.sys
2014-07-12 18:11 - 2014-07-12 18:11 - 00090112 _____ () C:\WINDOWS\Minidump\Mini071214-01.dmp
2014-07-12 17:09 - 2014-07-15 21:08 - 00000000 ____D () C:\Qoobox
2014-07-12 17:09 - 2014-07-15 21:07 - 00000000 ____D () C:\WINDOWS\erdnt
2014-07-12 17:09 - 2014-07-12 17:09 - 00000000 ___RD () C:\Documents and Settings\Piotr\Menu Start\Programy\Narzędzia administracyjne
2014-07-12 16:46 - 2014-07-12 16:46 - 00000000 __SHD () C:\Documents and Settings\Administrator\IETldCache
2014-07-12 16:45 - 2014-07-15 21:08 - 00000000 ___HD () C:\Documents and Settings\Administrator\Ustawienia lokalne
2014-07-12 16:45 - 2014-07-12 18:07 - 00000188 ___SH () C:\Documents and Settings\Administrator\ntuser.ini
2014-07-12 16:45 - 2014-07-12 16:46 - 00000000 ____D () C:\Documents and Settings\Administrator
2014-07-12 16:45 - 2013-05-06 14:35 - 00000000 ___HD () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji
2014-07-12 16:45 - 2013-05-06 14:35 - 00000000 ____D () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacjiGoogle
2014-07-12 16:45 - 2013-05-06 14:35 - 00000000 ____D () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google
2014-07-12 16:45 - 2013-01-29 20:27 - 00000000 __SHD () C:\Documents and Settings\Administrator\Ustawienia lokalne\Historia
2014-07-12 16:45 - 2013-01-29 20:27 - 00000000 __RHD () C:\Documents and Settings\Administrator\Dane aplikacji
2014-07-12 16:45 - 2013-01-29 20:27 - 00000000 ___RD () C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart
2014-07-12 16:45 - 2013-01-29 20:27 - 00000000 ___RD () C:\Documents and Settings\Administrator\Menu Start
2014-07-12 16:45 - 2013-01-29 20:27 - 00000000 ____D () C:\Documents and Settings\Administrator\Ulubione
2014-07-12 16:45 - 2013-01-29 20:27 - 00000000 ____D () C:\Documents and Settings\Administrator\Pulpit
2014-07-12 16:45 - 2013-01-29 20:27 - 00000000 ____D () C:\Documents and Settings\Administrator\Moje dokumenty
2014-07-12 16:45 - 2013-01-29 19:35 - 00001599 _____ () C:\Documents and Settings\Administrator\Menu Start\Programy\Pomoc zdalna.lnk
2014-07-12 16:45 - 2013-01-29 19:35 - 00000792 _____ () C:\Documents and Settings\Administrator\Menu Start\Programy\Windows Media Player.lnk
2014-07-12 16:45 - 2013-01-29 19:35 - 00000000 ___RD () C:\Documents and Settings\Administrator\Menu Start\Programy\Akcesoria
2014-07-12 16:45 - 2013-01-29 19:35 - 00000000 ___RD () C:\Documents and Settings\Administrator\Menu Start\Programy
2014-07-12 16:45 - 2013-01-29 19:32 - 00000000 ___HD () C:\Documents and Settings\Administrator\Szablony
2014-07-12 16:08 - 2014-07-12 16:08 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes Anti-Malware
2014-07-12 15:51 - 2014-07-12 15:51 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-07-12 15:23 - 2014-07-16 11:15 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-12 15:22 - 2014-07-12 16:08 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-07-12 15:22 - 2014-07-12 15:22 - 00000777 _____ () C:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk
2014-07-12 15:22 - 2014-07-12 15:22 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
2014-07-12 15:22 - 2014-05-12 07:26 - 00053208 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-07-12 15:22 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-07-07 17:18 - 2014-07-04 06:26 - 00055232 _____ (StdLib) C:\WINDOWS\system32\Drivers\{2c976a7f-dbdc-4756-870f-f6d183fe7a7e}t.sys
2014-07-04 19:42 - 2014-07-04 19:42 - 00000000 ____D () C:\Documents and Settings\Piotr\Dane aplikacji\Pay-By-Ads
2014-06-27 17:40 - 2014-06-29 01:51 - 00000000 ___RD () C:\Program Files\Skype
2014-06-27 17:40 - 2014-06-27 17:40 - 00002417 _____ () C:\Documents and Settings\All Users\Pulpit\Skype.lnk
2014-06-27 17:40 - 2014-06-27 17:40 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-06-27 17:40 - 2014-06-27 17:40 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Skype
2014-06-25 12:17 - 2014-06-25 12:17 - 00001830 _____ () C:\Documents and Settings\All Users\Menu Start\Programy\Apple Software Update.lnk
2014-06-25 12:17 - 2014-06-25 12:17 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-06-25 12:17 - 2014-06-25 12:17 - 00000000 ____D () C:\Program Files\Apple Software Update
2014-06-25 12:17 - 2014-06-25 12:17 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Apple
2014-06-25 12:08 - 2014-06-25 12:08 - 00054156 ____H () C:\WINDOWS\QTFont.qfn
2014-06-25 12:08 - 2014-06-25 12:08 - 00001409 _____ () C:\WINDOWS\QTFont.for
2014-06-17 11:59 - 2014-06-17 11:59 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Ares
2014-06-17 11:51 - 2014-06-17 11:58 - 00000000 ____D () C:\Program Files\eMule
==================== One Month Modified Files and Folders =======
2014-07-16 11:41 - 2014-07-16 11:41 - 00013950 _____ () C:\Documents and Settings\Piotr\Pulpit\FRST.txt
2014-07-16 11:41 - 2014-07-16 11:41 - 00000000 ____D () C:\FRST
2014-07-16 11:41 - 2013-01-29 19:38 - 00000000 ____D () C:\Documents and Settings\Piotr\Pulpit
2014-07-16 11:31 - 2014-07-16 11:31 - 00036978 _____ () C:\Documents and Settings\Piotr\Pulpit\Extras.Txt
2014-07-16 11:30 - 2014-07-16 11:30 - 00368798 _____ () C:\Documents and Settings\Piotr\Pulpit\OTL.Txt
2014-07-16 11:16 - 2013-04-08 20:46 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-07-16 11:16 - 2013-01-29 19:34 - 01723823 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-16 11:15 - 2014-07-12 15:23 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-16 11:14 - 2014-07-15 20:48 - 00001034 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-16 11:14 - 2014-07-15 20:48 - 00001030 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-16 11:14 - 2014-03-16 10:38 - 00000220 _____ () C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job
2014-07-16 11:14 - 2013-01-29 20:30 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-07-16 11:14 - 2013-01-29 20:30 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2014-07-16 11:14 - 2013-01-29 19:38 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-15 21:53 - 2013-06-27 09:13 - 00000000 ____D () C:\Documents and Settings\All Users\Dokumenty\SoftGrid Client
2014-07-15 21:53 - 2013-01-29 19:38 - 00032530 _____ () C:\WINDOWS\SchedLgU.Txt
2014-07-15 21:52 - 2013-06-09 21:30 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2829361$
2014-07-15 21:51 - 2013-02-02 12:14 - 00000000 ___HD () C:\Documents and Settings\Asia\Ustawienia lokalne\Dane aplikacji
2014-07-15 21:51 - 2013-01-29 19:38 - 00000188 ___SH () C:\Documents and Settings\Piotr\ntuser.ini
2014-07-15 21:14 - 2013-04-08 20:46 - 00414520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-07-15 21:14 - 2013-01-29 20:52 - 00000930 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-07-15 21:13 - 2014-07-15 21:13 - 00000000 ____D () C:\WINDOWS\jumpshot.com
2014-07-15 21:13 - 2014-07-15 21:13 - 00000000 ____D () C:\Documents and Settings\Piotr\Dane aplikacji\AVAST Software
2014-07-15 21:13 - 2013-01-29 19:38 - 00000000 __RHD () C:\Documents and Settings\Piotr\Dane aplikacji
2014-07-15 21:12 - 2014-07-15 21:12 - 00000000 ____D () C:\WINDOWS\pss
2014-07-15 21:12 - 2013-01-29 19:38 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2014-07-15 21:08 - 2014-07-15 21:08 - 00017464 _____ () C:\ComboFix.txt
2014-07-15 21:08 - 2014-07-15 20:55 - 00000000 ____D () C:\ComboFix
2014-07-15 21:08 - 2014-07-12 17:09 - 00000000 ____D () C:\Qoobox
2014-07-15 21:08 - 2014-07-12 16:45 - 00000000 ___HD () C:\Documents and Settings\Administrator\Ustawienia lokalne
2014-07-15 21:08 - 2013-01-29 20:27 - 00000000 __RHD () C:\Documents and Settings\Default User\Ustawienia lokalne
2014-07-15 21:08 - 2013-01-29 19:38 - 00000000 ___HD () C:\Documents and Settings\Piotr\Ustawienia lokalne
2014-07-15 21:08 - 2013-01-29 19:38 - 00000000 ___HD () C:\Documents and Settings\NetworkService\Ustawienia lokalne
2014-07-15 21:08 - 2013-01-29 19:38 - 00000000 ___HD () C:\Documents and Settings\LocalService\Ustawienia lokalne
2014-07-15 21:07 - 2014-07-12 17:09 - 00000000 ____D () C:\WINDOWS\erdnt
2014-07-15 21:06 - 2013-02-02 12:14 - 00000000 ____D () C:\Documents and Settings\Asia
2014-07-15 21:06 - 2013-01-29 20:25 - 00000000 __RHD () C:\Documents and Settings\All Users\Dane aplikacji
2014-07-15 21:06 - 2006-03-02 14:00 - 00000227 _____ () C:\WINDOWS\system.ini
2014-07-15 20:59 - 2013-02-02 12:14 - 00000000 __RHD () C:\Documents and Settings\Asia\Dane aplikacji
2014-07-15 20:57 - 2014-07-15 20:57 - 00000000 _RSHD () C:\cmdcons
2014-07-15 20:57 - 2013-01-29 20:24 - 00000327 __RSH () C:\boot.ini
2014-07-15 20:53 - 2013-01-29 19:38 - 00000000 ___HD () C:\Documents and Settings\Piotr\Ustawienia lokalne\Dane aplikacji
2014-07-15 20:49 - 2014-07-15 20:49 - 00001819 _____ () C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk
2014-07-15 20:49 - 2014-07-15 20:49 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Google Chrome
2014-07-15 20:49 - 2013-02-17 23:09 - 00000000 ____D () C:\Documents and Settings\Piotr\Ustawienia lokalne\Dane aplikacji\Google
2014-07-15 20:49 - 2013-01-29 20:27 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit
2014-07-15 20:49 - 2013-01-29 20:27 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy
2014-07-15 20:48 - 2014-07-15 20:48 - 00000000 ____D () C:\Documents and Settings\Piotr\Moje dokumenty\Pobrane
2014-07-15 20:48 - 2013-02-06 15:49 - 00000000 ____D () C:\Program Files\Google
2014-07-15 20:48 - 2013-01-29 19:38 - 00000000 ___RD () C:\Documents and Settings\Piotr\Moje dokumenty
2014-07-15 20:39 - 2013-03-14 17:53 - 00000000 ____D () C:\Documents and Settings\Piotr\Moje dokumenty\Pobieranie
2014-07-15 20:24 - 2014-07-15 20:24 - 00001733 _____ () C:\Documents and Settings\All Users\Pulpit\avast! Free Antivirus.lnk
2014-07-15 20:23 - 2014-07-15 20:24 - 00024184 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-07-15 20:23 - 2014-07-15 20:23 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-07-15 20:23 - 2013-04-08 20:46 - 00779536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-07-15 20:23 - 2013-04-08 20:46 - 00192352 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-07-15 20:23 - 2013-04-08 20:46 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-07-15 20:23 - 2013-04-08 20:46 - 00057800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2014-07-15 20:23 - 2013-04-08 20:46 - 00055112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2014-07-15 20:23 - 2013-04-08 20:46 - 00049944 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-07-15 20:23 - 2013-03-06 15:28 - 00276432 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-07-15 20:21 - 2013-01-29 19:33 - 00000000 ____D () C:\WINDOWS\system32\Restore
2014-07-15 20:18 - 2013-02-02 12:29 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software
2014-07-15 20:15 - 2013-01-29 20:52 - 00699056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-07-15 20:15 - 2013-01-29 20:52 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-07-15 20:14 - 2014-07-15 20:05 - 00002347 _____ () C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Reader XI.lnk
2014-07-15 20:14 - 2013-08-14 11:34 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-07-15 20:14 - 2013-01-29 19:35 - 00002596 _____ () C:\WINDOWS\system32\CONFIG.NT
2014-07-15 20:13 - 2014-07-15 20:02 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-07-15 20:05 - 2014-07-15 20:05 - 00001734 _____ () C:\Documents and Settings\All Users\Pulpit\Adobe Reader XI.lnk
2014-07-15 20:03 - 2013-01-29 20:55 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Adobe
2014-07-15 20:02 - 2013-01-29 20:54 - 00000000 ____D () C:\Program Files\Adobe
2014-07-15 20:00 - 2013-03-04 18:44 - 93585272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-07-15 20:00 - 2013-02-17 10:31 - 00000000 ____D () C:\Documents and Settings\Piotr\Ustawienia lokalne\Dane aplikacji\Adobe
2014-07-15 19:55 - 2006-03-02 14:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl
2014-07-15 19:54 - 2013-01-29 20:25 - 01054968 _____ () C:\WINDOWS\setupapi.log
2014-07-12 18:18 - 2013-01-29 20:38 - 00000000 ____D () C:\WINDOWS\system32\RTCOM
2014-07-12 18:18 - 2013-01-29 20:35 - 00000000 ____D () C:\WINDOWS\system32\ReinstallBackups
2014-07-12 18:16 - 2013-04-13 22:29 - 01072544 _____ () C:\WINDOWS\system32\nvdrsdb1.bin
2014-07-12 18:16 - 2013-04-13 22:29 - 01072544 _____ () C:\WINDOWS\system32\nvdrsdb0.bin
2014-07-12 18:16 - 2013-04-13 22:29 - 00000001 _____ () C:\WINDOWS\system32\nvdrssel.bin
2014-07-12 18:11 - 2014-07-12 18:11 - 00090112 _____ () C:\WINDOWS\Minidump\Mini071214-01.dmp
2014-07-12 18:11 - 2013-02-17 10:36 - 00000000 ____D () C:\WINDOWS\Minidump
2014-07-12 18:07 - 2014-07-12 16:45 - 00000188 ___SH () C:\Documents and Settings\Administrator\ntuser.ini
2014-07-12 17:53 - 2013-01-29 19:38 - 00000000 ____D () C:\Documents and Settings\Piotr
2014-07-12 17:12 - 2013-01-29 20:19 - 00000000 ____D () C:\WINDOWS\Help
2014-07-12 17:09 - 2014-07-12 17:09 - 00000000 ___RD () C:\Documents and Settings\Piotr\Menu Start\Programy\Narzędzia administracyjne
2014-07-12 17:09 - 2013-01-29 19:38 - 00000000 ___RD () C:\Documents and Settings\Piotr\Menu Start\Programy
2014-07-12 16:51 - 2013-01-29 20:25 - 00185136 _____ () C:\WINDOWS\setupact.log
2014-07-12 16:46 - 2014-07-12 16:46 - 00000000 __SHD () C:\Documents and Settings\Administrator\IETldCache
2014-07-12 16:46 - 2014-07-12 16:45 - 00000000 ____D () C:\Documents and Settings\Administrator
2014-07-12 16:26 - 2013-01-29 19:33 - 00000000 ____D () C:\WINDOWS\Registration
2014-07-12 16:09 - 2014-04-25 17:57 - 00000000 ____D () C:\Program Files\WiseEnhance
2014-07-12 16:08 - 2014-07-12 16:08 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes Anti-Malware
2014-07-12 16:08 - 2014-07-12 15:22 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-07-12 16:08 - 2014-03-30 15:15 - 00000000 ____D () C:\Program Files\Music Toolbar
2014-07-12 16:08 - 2014-03-30 15:15 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Wincert
2014-07-12 16:08 - 2014-01-01 14:21 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\ExxstraSaviNNgS
2014-07-12 16:08 - 2013-10-22 14:17 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Downoloado keEpeRi
2014-07-12 16:08 - 2013-10-01 17:56 - 00000000 ____D () C:\Program Files\SqueakyChocolate
2014-07-12 16:05 - 2014-01-01 14:21 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\TakeTheCoupon
2014-07-12 15:51 - 2014-07-12 15:51 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-07-12 15:46 - 2013-11-14 23:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2900986$
2014-07-12 15:22 - 2014-07-12 15:22 - 00000777 _____ () C:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk
2014-07-12 15:22 - 2014-07-12 15:22 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
2014-07-11 20:59 - 2014-03-16 10:38 - 00000214 _____ () C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — co miesiąc.job
2014-07-07 19:20 - 2006-03-02 14:00 - 00000770 _____ () C:\WINDOWS\win.ini
2014-07-04 19:42 - 2014-07-04 19:42 - 00000000 ____D () C:\Documents and Settings\Piotr\Dane aplikacji\Pay-By-Ads
2014-07-04 06:26 - 2014-07-07 17:18 - 00055232 _____ (StdLib) C:\WINDOWS\system32\Drivers\{2c976a7f-dbdc-4756-870f-f6d183fe7a7e}t.sys
2014-06-29 01:51 - 2014-06-27 17:40 - 00000000 ___RD () C:\Program Files\Skype
2014-06-29 01:51 - 2013-02-02 12:37 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Skype
2014-06-27 21:01 - 2014-01-01 19:51 - 00000000 ____D () C:\Documents and Settings\Piotr\Dane aplikacji\Apple Computer
2014-06-27 17:40 - 2014-06-27 17:40 - 00002417 _____ () C:\Documents and Settings\All Users\Pulpit\Skype.lnk
2014-06-27 17:40 - 2014-06-27 17:40 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-06-27 17:40 - 2014-06-27 17:40 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Skype
2014-06-25 12:23 - 2014-01-01 19:39 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Apple Computer
2014-06-25 12:17 - 2014-06-25 12:17 - 00001830 _____ () C:\Documents and Settings\All Users\Menu Start\Programy\Apple Software Update.lnk
2014-06-25 12:17 - 2014-06-25 12:17 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-06-25 12:17 - 2014-06-25 12:17 - 00000000 ____D () C:\Program Files\Apple Software Update
2014-06-25 12:17 - 2014-06-25 12:17 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Apple
2014-06-25 12:08 - 2014-06-25 12:08 - 00054156 ____H () C:\WINDOWS\QTFont.qfn
2014-06-25 12:08 - 2014-06-25 12:08 - 00001409 _____ () C:\WINDOWS\QTFont.for
2014-06-17 22:34 - 2013-05-07 14:33 - 00000000 ____D () C:\Documents and Settings\Asia.PIOTR-909833F00
2014-06-17 11:59 - 2014-06-17 11:59 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Ares
2014-06-17 11:59 - 2013-06-16 16:54 - 00000000 ____D () C:\Program Files\Ares
2014-06-17 11:58 - 2014-06-17 11:51 - 00000000 ____D () C:\Program Files\eMule
==================== Bamital & volsnap Check =================
C:\WINDOWS\explorer.exe
[2006-03-02 14:00] - [2008-04-14 23:51] - 1035264 ____A (Microsoft Corporation) c791ed9eac5e76d9525e157b1d7a599a
C:\WINDOWS\system32\winlogon.exe
[2006-03-02 14:00] - [2008-04-14 23:51] - 0510464 ____A (Microsoft Corporation) 51fd2e13d723857b9ca239ae77150f48
C:\WINDOWS\system32\svchost.exe
[2006-03-02 14:00] - [2008-04-14 23:51] - 0014336 ____A (Microsoft Corporation) 8607d35d92528e2df386f19a960d23ce
C:\WINDOWS\system32\services.exe
[2006-03-02 14:00] - [2009-02-09 13:25] - 0111104 ____A (Microsoft Corporation) 02a467e27af55f7064c5b251e587315f
C:\WINDOWS\system32\User32.dll
[2006-03-02 14:00] - [2008-04-14 23:50] - 0580096 ____A (Microsoft Corporation) a435c5c069afd901751ac323ad238793
C:\WINDOWS\system32\userinit.exe
[2006-03-02 14:00] - [2008-04-14 23:51] - 0026624 ____A (Microsoft Corporation) 2a5b37d520508be6570a3ea79695f5b5
C:\WINDOWS\system32\rpcss.dll
[2006-03-02 14:00] - [2009-02-09 12:53] - 0401408 ____A (Microsoft Corporation) a37311d9d628c1042a2836731787f0f3
ATTENTION ====== & gt; If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\WINDOWS\system32\Drivers\volsnap.sys
[2006-03-02 14:00] - [2008-04-14 22:31] - 0052864 ____A (Microsoft Corporation) 56b191ac5fc0df219949c95a6c87afe7
==================== End Of Log ============================