Dodam jeszcze raz nowe skany z otl i frst
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:15-07-2014 01
Ran by Administrator (administrator) on XP on 18-07-2014 17:11:17
Running from C:\Pobierane\Skany
Platform: Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polski
Internet Explorer Version 7
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(Realtek Semiconductor Corp.) D:\WINDOWS\RTHDCPL.exe
(Microsoft Corporation) D:\WINDOWS\system32\taskmgr.exe
(Apache Software Foundation) D:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe
(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
(NVIDIA Corporation) D:\WINDOWS\system32\nvsvc32.exe
(Apache Software Foundation) D:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe
(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
(OldTimer Tools) C:\Pobierane\Skany\OTL.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDCPL] = & gt; D:\WINDOWS\RTHDCPL.EXE [16049664 2006-08-01] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SkyTel] = & gt; D:\WINDOWS\SkyTel.EXE [2879488 2006-05-16] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] = & gt; D:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [NvCplDaemon] = & gt; D:\WINDOWS\system32\NvCpl.dll [7634944 2006-10-31] (NVIDIA Corporation)
HKLM\...\Run: [nwiz] = & gt; nwiz.exe /install
HKLM\...\Run: [NvMediaCenter] = & gt; D:\WINDOWS\system32\NvMcTray.dll [86016 2006-10-31] (NVIDIA Corporation)
HKLM\...\Run: [Adobe ARM] = & gt; D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
==================== Internet (Whitelisted) ====================
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
Tcpip\Parameters: [DhcpNameServer] 195.177.196.14 8.8.8.8
FireFox:
========
FF ProfilePath: D:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\4fevobto.default
FF Homepage: Google.pl
FF Plugin: @adobe.com/FlashPlayer - D:\WINDOWS\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin: Adobe Reader - D:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
========================== Services (Whitelisted) =================
ATTENTION: = & gt; Could not perform signature verification. Cryptographic Service is not running.
R2 ForcewareWebInterface; D:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe [20543 2006-04-03] (Apache Software Foundation)
S2 hwlgfpm; D:\WINDOWS\system32\kddwczs.dll [168509 2008-04-14] ()
S2 ifrpuzf; D:\WINDOWS\system32\svchost.exe [14336 2008-04-14] (Microsoft Corporation)
R2 nSvcIp; D:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe [131131 2006-07-13] (NVIDIA Corporation)
R2 nSvcLog; D:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe [65599 2006-07-13] (NVIDIA Corporation)
S2 Update Norpalla; " D:\Program Files\Norpalla\updateNorpalla.exe " [X]
==================== Drivers (Whitelisted) ====================
R1 AmdK8; D:\WINDOWS\System32\DRIVERS\AmdK8.sys [43520 2006-06-18] (Advanced Micro Devices)
S3 CCDECODE; D:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R3 gameenum; D:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-14] (Microsoft Corporation)
S3 NdisIP; D:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
S3 npkcrypt; C:\Gry(2)\L2\live\system\npkcrypt.sys [23217 2007-08-15] (INCA Internet Co., Ltd.)
R0 nvata; D:\WINDOWS\System32\DRIVERS\nvata.sys [105088 2006-06-28] (NVIDIA Corporation)
R3 NVENETFD; D:\WINDOWS\System32\DRIVERS\NVENETFD.sys [57856 2006-07-11] (NVIDIA Corporation)
R3 nvnetbus; D:\WINDOWS\System32\DRIVERS\nvnetbus.sys [20480 2006-07-11] (NVIDIA Corporation)
S4 IntelIde; No ImagePath
U1 WS2IFSL;
========================== Drivers MD5 =======================
D:\WINDOWS\System32\DRIVERS\ACPI.sys 05118282F5D039595A2B92B4A4AFE197
D:\WINDOWS\system32\Drivers\ACPIEC.sys 66A42B7DB194E24B973BBCCE840A0F3F
D:\WINDOWS\System32\drivers\aec.sys 8BED39E3C35D6A489438B8141717A557
D:\WINDOWS\System32\drivers\afd.sys 322D0E36693D6E24A2398BEE62A268CD
D:\WINDOWS\System32\DRIVERS\AmdK8.sys B3F7F3D37713293663CE4EAA0F1E4CEE
D:\WINDOWS\System32\DRIVERS\asyncmac.sys B153AFFAC761E7F5FCFA822B9C4E97BC
D:\WINDOWS\System32\DRIVERS\atapi.sys 9F3A2F5AA6875C72BF062C712CFA2674
D:\WINDOWS\System32\DRIVERS\atmarpc.sys 9916C1225104BA14794209CFA8012159
D:\WINDOWS\System32\DRIVERS\audstub.sys D9F724AA26C010A217C97606B160ED68
D:\WINDOWS\system32\Drivers\Beep.sys DA1F27D85E0D1525F6621372E7B685E9
D:\WINDOWS\system32\Drivers\cbidf2k.sys 90A673FC8E12A79AFBED2576F6A7AAF9
D:\WINDOWS\System32\DRIVERS\CCDECODE.sys 0BE5AEF125BE881C4F854C554F2B025C
D:\WINDOWS\system32\Drivers\Cdaudio.sys C1B486A7658353D33A10CC15211A873B
D:\WINDOWS\system32\Drivers\Cdfs.sys C885B02847F5D2FD45A24E219ED93B32
D:\WINDOWS\System32\DRIVERS\cdrom.sys 1F4260CC5B42272D71F79E570A27A4FE
D:\WINDOWS\System32\DRIVERS\disk.sys 044452051F3E02E7963599FC8F4F3E25
D:\WINDOWS\System32\drivers\dmboot.sys BC9219ABC5696942E6F9AC8A9B28670F
D:\WINDOWS\System32\drivers\dmio.sys 5FA232E3BA6E1346F9F5A7E519320CB0
D:\WINDOWS\System32\drivers\dmload.sys E9317282A63CA4D188C0DF5E09C6AC5F
D:\WINDOWS\System32\drivers\DMusic.sys 8A208DFCF89792A484E76C40E5F50B45
D:\WINDOWS\System32\drivers\drmkaud.sys 8F5FCFF8E8848AFAC920905FBD9D33C8
D:\WINDOWS\system32\Drivers\Fastfat.sys 38D332A6D56AF32635675F132548343E
D:\WINDOWS\System32\DRIVERS\fdc.sys 92CDD60B6730B9F50F6A1A0C1F8CDC81
D:\WINDOWS\system32\Drivers\Fips.sys 09E2A4D33F81A06A8AAB2BA0A0B5D235
D:\WINDOWS\System32\DRIVERS\flpydisk.sys 9D27E7B80BFCDF1CDD9B555862D5E7F0
D:\WINDOWS\System32\DRIVERS\fltMgr.sys B2CF4B0786F8212CB92ED2B50C6DB6B0
D:\WINDOWS\system32\Drivers\Fs_Rec.sys 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A
D:\WINDOWS\System32\DRIVERS\ftdisk.sys ED6D921D8AB423138FB35BEEE6D6A6CB
D:\WINDOWS\System32\DRIVERS\gameenum.sys 065639773D8B03F33577F6CDAEA21063
D:\WINDOWS\System32\DRIVERS\msgpc.sys 0A02C63C8B144BD8C86B103DEE7C86A2
D:\WINDOWS\System32\DRIVERS\HDAudBus.sys 573C7D0A32852B48F3058CFD8026F511
D:\WINDOWS\System32\DRIVERS\hidusb.sys CCF82C5EC8A7326C3066DE870C06DAF1
D:\WINDOWS\System32\Drivers\HTTP.sys F6AACF5BCE2893E0C1754AFEB672E5C9
D:\WINDOWS\System32\DRIVERS\i8042prt.sys 177B372AF55C4460D0968B5F1D02AA1C
D:\WINDOWS\System32\DRIVERS\imapi.sys 083A052659F5310DD8B6A6CB05EDCF8E
D:\WINDOWS\System32\drivers\RtkHDAud.sys A7D3A1B2CABDAB81EAD07C204ADB7CE1
D:\WINDOWS\System32\DRIVERS\Ip6Fw.sys 3BB22519A194418D5FEC05D800A19AD0
D:\WINDOWS\System32\DRIVERS\ipfltdrv.sys 731F22BA402EE4B62748ADAF6363C182
D:\WINDOWS\System32\DRIVERS\ipinip.sys B87AB476DCF76E72010632B5550955F5
D:\WINDOWS\System32\DRIVERS\ipnat.sys CC748EA12C6EFFDE940EE98098BF96BB
D:\WINDOWS\System32\DRIVERS\ipsec.sys 23C74D75E36E7158768DD63D92789A91
D:\WINDOWS\System32\DRIVERS\irenum.sys C93C9FF7B04D772627A3646D89F7BF89
D:\WINDOWS\System32\DRIVERS\isapnp.sys C8EEF2E93835B81BD335DE2123121283
D:\WINDOWS\System32\DRIVERS\kbdclass.sys 2AECA45D4AEAACBDCB77AD11184E4601
D:\WINDOWS\System32\drivers\kmixer.sys 692BCF44383D056AED41B045A323D378
D:\WINDOWS\system32\Drivers\KSecDD.sys 1705745D900DABF2D89F90EBADDC7517
D:\WINDOWS\system32\Drivers\mnmdd.sys 4AE068242760A1FB6E1A44BF4E16AFA6
D:\WINDOWS\system32\Drivers\Modem.sys 4A068DB7DC37D5AFEDB6512D2931D7B3
D:\WINDOWS\System32\DRIVERS\mouclass.sys FBED3DF6B884F8CF00447B73507F2C48
D:\WINDOWS\System32\DRIVERS\mouhid.sys ECEC1E6CD558AB80F944F31326E9D3B5
D:\WINDOWS\system32\Drivers\MountMgr.sys A80B9A0BAD1B73637DBCBBA7DF72D3FD
D:\WINDOWS\System32\DRIVERS\mrxdav.sys 11D42BB6206F33FBB3BA0288D3EF81BD
D:\WINDOWS\System32\DRIVERS\mrxsmb.sys 68755F0FF16070178B54674FE5B847B0
D:\WINDOWS\system32\Drivers\Msfs.sys C941EA2454BA8350021D774DAF0F1027
D:\WINDOWS\System32\drivers\MSKSSRV.sys D1575E71568F4D9E14CA56B7B0453BF1
D:\WINDOWS\System32\drivers\MSPCLOCK.sys 325BB26842FC7CCC1FCCE2C457317F3E
D:\WINDOWS\System32\drivers\MSPQM.sys BAD59648BA099DA4A17680B39730CB3D
D:\WINDOWS\System32\DRIVERS\mssmbios.sys AF5F4F3F14A8EA2C26DE30F7A1E17136
D:\WINDOWS\System32\drivers\MSTEE.sys E53736A9E30C45FA9E7B5EAC55056D1D
D:\WINDOWS\system32\Drivers\Mup.sys 2F625D11385B1A94360BFC70AAEFDEE1
D:\WINDOWS\System32\DRIVERS\NABTSFEC.sys 5B50F1B2A2ED47D560577B221DA734DB
D:\WINDOWS\system32\Drivers\NDIS.sys 1DF7F42665C94B825322FAE71721130D
D:\WINDOWS\System32\DRIVERS\NdisIP.sys 7FF1F1FD8609C149AA432F95A8163D97
D:\WINDOWS\System32\DRIVERS\ndistapi.sys 1AB3D00C991AB086E69DB84B6C0ED78F
D:\WINDOWS\System32\DRIVERS\ndisuio.sys F927A4434C5028758A842943EF1A3849
D:\WINDOWS\System32\DRIVERS\ndiswan.sys EDC1531A49C80614B2CFDA43CA8659AB
D:\WINDOWS\system32\Drivers\NDProxy.sys 6215023940CFD3702B46ABC304E1D45A
D:\WINDOWS\System32\DRIVERS\netbios.sys 5D81CF9A2F1A3A756B66CF684911CDF0
D:\WINDOWS\System32\DRIVERS\netbt.sys 74B2B2F5BEA5E9A3DC021D685551BD3D
D:\WINDOWS\system32\Drivers\Npfs.sys 3182D64AE053D6FB034F44B6DEF8034A
C:\Gry(2)\L2\live\system\npkcrypt.sys FD9666A8EB88E713C18E2E90F6E746D0
D:\WINDOWS\system32\Drivers\Ntfs.sys 78A08DD6A8D65E697C18E1DB01C5CDCA
D:\WINDOWS\system32\Drivers\Null.sys 73C1E1F395918BC2C6DD67AF7591A3AD
D:\WINDOWS\System32\DRIVERS\nv4_mini.sys EB2858F920B8135B807B5CCAA3ED73DC
D:\WINDOWS\System32\DRIVERS\nvata.sys 9ECCD189A9554C30A0D18A429778C7BA
D:\WINDOWS\System32\DRIVERS\NVENETFD.sys 4D6F0D3FB17C1BA64942F415C73ADCDB
D:\WINDOWS\System32\DRIVERS\nvnetbus.sys 921E63AA1E1A20302223D016ACAFB52B
D:\WINDOWS\System32\DRIVERS\nwlnkflt.sys B305F3FAD35083837EF46A0BBCE2FC57
D:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys C99B3415198D1AAB7227F2C88FD664B9
D:\WINDOWS\System32\DRIVERS\parport.sys 2D4CDAEBCED17743AA9E25D3016DC229
D:\WINDOWS\system32\Drivers\PartMgr.sys BEB3BA25197665D82EC7065B724171C6
D:\WINDOWS\system32\Drivers\ParVdm.sys 453EC2C2A20A1382F564541918520EEB
D:\WINDOWS\System32\DRIVERS\pci.sys 6862C69168D787B85A7D95CCD33C694E
D:\WINDOWS\System32\DRIVERS\pciide.sys 548CF2D6369EAE441A4C6BAA75BC4F0A
D:\WINDOWS\system32\Drivers\Pcmcia.sys 8DB27F1AE9593C94095485305A583862
D:\WINDOWS\System32\DRIVERS\raspptp.sys EFEEC01B1D3CF84F16DDD24D9D9D8F99
D:\WINDOWS\System32\DRIVERS\processr.sys 7A1367D250502C6416A4D3A19EF155F5
D:\WINDOWS\System32\DRIVERS\psched.sys 09298EC810B07E5D582CB3A3F9255424
D:\WINDOWS\System32\DRIVERS\ptilink.sys 80D317BD1C3DBC5D4FE7B1678C60CADD
D:\WINDOWS\System32\DRIVERS\rasacd.sys FE0D99D6F31E4FAD8159F690D68DED9C
D:\WINDOWS\System32\DRIVERS\rasl2tp.sys 11B4A627BC9614B885C4969BFA5FF8A6
D:\WINDOWS\System32\DRIVERS\raspppoe.sys 5BC962F2654137C9909C3D4603587DEE
D:\WINDOWS\System32\DRIVERS\raspti.sys FDBB1D60066FCFBB7452FD8F9829B242
D:\WINDOWS\System32\DRIVERS\rdbss.sys 7AD224AD1A1437FE28D89CF22B17780A
D:\WINDOWS\System32\DRIVERS\RDPCDD.sys 4912D5B403614CE99C28420F75353332
D:\WINDOWS\System32\DRIVERS\rdpdr.sys 15CABD0F7C00C47C70124907916AF3F1
D:\WINDOWS\system32\Drivers\RDPWD.sys 6728E45B66F93C08F11DE2E316FC70DD
D:\WINDOWS\System32\DRIVERS\redbook.sys E0C7BBD18040B58651BAC700C804861D
D:\WINDOWS\System32\DRIVERS\secdrv.sys == & gt; MD5 is legit
D:\WINDOWS\System32\DRIVERS\serenum.sys 0F29512CCD6BEAD730039FB4BD2C85CE
D:\WINDOWS\System32\DRIVERS\serial.sys D07B02F88165E69B9F17162CF592C8A6
D:\WINDOWS\system32\Drivers\Sfloppy.sys 8E6B8C671615D126FDC553D1E2DE5562
D:\WINDOWS\System32\DRIVERS\SLIP.sys 866D538EBE33709A5C9F5C62B73B7D14
D:\WINDOWS\System32\drivers\splitter.sys AB8B92451ECB048A4D1DE7C3FFCB4A9F
D:\WINDOWS\system32\DRIVERS\sr.sys EB032822BE406EF220D546DDFFCF0002
D:\WINDOWS\System32\DRIVERS\srv.sys 5252605079810904E31C332E241CD59B
D:\WINDOWS\System32\DRIVERS\StreamIP.sys 77813007BA6265C4B6098187E6ED79D2
D:\WINDOWS\System32\DRIVERS\swenum.sys 3941D127AEF12E93ADDF6FE6EE027E0F
D:\WINDOWS\System32\drivers\swmidi.sys 8CE882BCC6CF8A62F2B2323D95CB3D01
D:\WINDOWS\System32\drivers\sysaudio.sys 8B83F3ED0F1688B4958F77CD6D2BF290
D:\WINDOWS\System32\DRIVERS\tcpip.sys ACCF5A9A1FFAA490F33DBA1C632B95E1
D:\WINDOWS\system32\Drivers\TDPIPE.sys 6471A66807F5E104E4885F5B67349397
D:\WINDOWS\system32\Drivers\TDTCP.sys C56B6D0402371CF3700EB322EF3AAF61
D:\WINDOWS\System32\DRIVERS\termdd.sys 88155247177638048422893737429D9E
D:\WINDOWS\system32\Drivers\Udfs.sys 5787B80C2E3C5E2F56C2A233D91FA2C9
D:\WINDOWS\System32\DRIVERS\update.sys 402DDC88356B1BAC0EE3DD1580C76A31
D:\WINDOWS\System32\drivers\usbaudio.sys E919708DB44ED8543A7C017953148330
D:\WINDOWS\System32\DRIVERS\usbccgp.sys 173F317CE0DB8E21322E71B7E60A27E8
D:\WINDOWS\System32\DRIVERS\usbehci.sys 65DCF09D0E37D4C6B11B5B0B76D470A7
D:\WINDOWS\System32\DRIVERS\usbhub.sys 1AB3CDDE553B6E064D2E754EFE20285C
D:\WINDOWS\System32\DRIVERS\usbohci.sys 0DAECCE65366EA32B162F85F07C6753B
D:\WINDOWS\System32\DRIVERS\USBSTOR.SYS A32426D9B14A089EAA1D922E0C5801A9
D:\WINDOWS\System32\Drivers\usbvideo.sys 63BBFCA7F390F4C49ED4B96BFB1633E0
D:\WINDOWS\System32\drivers\vga.sys 0D3A8FAFCEACD8B7625CD549757A7DF1
D:\WINDOWS\system32\Drivers\VolSnap.sys 56B191AC5FC0DF219949C95A6C87AFE7
D:\WINDOWS\System32\DRIVERS\wanarp.sys E20B95BAEDB550F32DD489265C1DA1F6
D:\WINDOWS\System32\drivers\wdmaud.sys 6768ACF64B18196494413695F0C3A00F
D:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS C98B39829C2BBD34E454150633C62C78
D:\WINDOWS\System32\DRIVERS\WudfPf.sys F15FEAFFFBB3644CCC80C5DA584E6311
D:\WINDOWS\System32\DRIVERS\wudfrd.sys 28B524262BCE6DE1F7EF9F510BA3985B
==================== NetSvcs (Whitelisted) ===================
NETSVC: hwlgfpm - & gt; D:\WINDOWS\system32\kddwczs.dll ()
==================== One Month Created Files and Folders ========
2014-07-18 16:26 - 2014-07-18 16:26 - 00003312 _____ () D:\Documents and Settings\Administrator\Pulpit\asasas.wpl
2014-07-17 23:02 - 2014-07-17 23:03 - 00000574 _____ () D:\Documents and Settings\Administrator\Pulpit\glowny_64.m3u.lnk
2014-07-17 23:02 - 2014-07-17 23:02 - 00000625 _____ () D:\Documents and Settings\Administrator\Pulpit\L2.exe.lnk
2014-07-17 22:53 - 2014-07-18 16:54 - 00000008 __RSH () D:\Documents and Settings\All Users\ntuser.pol
2014-07-17 22:53 - 2014-07-18 16:53 - 00000000 ___HD () D:\WINDOWS\system32\GroupPolicy
2014-07-17 22:53 - 2014-07-18 16:53 - 00000000 ____D () D:\Documents and Settings\Pomocnik
2014-07-17 22:53 - 2014-07-18 16:53 - 00000000 ____D () D:\Documents and Settings\Gość
2014-07-17 22:52 - 2006-02-04 03:50 - 00005174 _____ () D:\WINDOWS\system32\nppt9x.vxd
2014-07-17 22:52 - 2006-02-04 03:50 - 00004682 _____ (INCA Internet Co., Ltd.) D:\WINDOWS\system32\npptNT2.sys
2014-07-17 22:33 - 2014-07-17 22:33 - 00000000 ____D () D:\Documents and Settings\All Users\Menu Start\Programy\Lineage II
2014-07-17 22:32 - 2014-07-17 22:32 - 00000000 ____D () D:\Documents and Settings\Administrator\Dane aplikacji\InstallShield
2014-07-17 21:47 - 2014-07-17 21:47 - 00001272 _____ () D:\Documents and Settings\Administrator\Pulpit\TeamSpeak 3 Client.lnk
2014-07-17 21:47 - 2014-07-17 21:47 - 00000000 ____D () D:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\TeamSpeak 3 Client
2014-07-14 18:05 - 2008-04-14 22:51 - 00016384 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\ipsink.ax
2014-07-14 18:05 - 2008-04-14 22:51 - 00016384 _____ (Microsoft Corporation) D:\WINDOWS\system32\ipsink.ax
2014-07-14 18:05 - 2008-04-14 00:16 - 00085248 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\nabtsfec.sys
2014-07-14 18:05 - 2008-04-14 00:16 - 00085248 _____ (Microsoft Corporation) D:\WINDOWS\system32\Drivers\NABTSFEC.sys
2014-07-14 18:05 - 2008-04-14 00:16 - 00019200 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\wstcodec.sys
2014-07-14 18:05 - 2008-04-14 00:16 - 00019200 _____ (Microsoft Corporation) D:\WINDOWS\system32\Drivers\WSTCODEC.SYS
2014-07-14 18:05 - 2008-04-14 00:16 - 00017024 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\ccdecode.sys
2014-07-14 18:05 - 2008-04-14 00:16 - 00017024 _____ (Microsoft Corporation) D:\WINDOWS\system32\Drivers\CCDECODE.sys
2014-07-14 18:05 - 2008-04-14 00:16 - 00015232 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\streamip.sys
2014-07-14 18:05 - 2008-04-14 00:16 - 00015232 _____ (Microsoft Corporation) D:\WINDOWS\system32\Drivers\StreamIP.sys
2014-07-14 18:05 - 2008-04-14 00:16 - 00011136 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\slip.sys
2014-07-14 18:05 - 2008-04-14 00:16 - 00011136 _____ (Microsoft Corporation) D:\WINDOWS\system32\Drivers\SLIP.sys
2014-07-14 18:05 - 2008-04-14 00:16 - 00010880 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\ndisip.sys
2014-07-14 18:05 - 2008-04-14 00:16 - 00010880 _____ (Microsoft Corporation) D:\WINDOWS\system32\Drivers\NdisIP.sys
2014-07-14 18:05 - 2008-04-14 00:09 - 00005504 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\mstee.sys
2014-07-14 18:05 - 2008-04-14 00:09 - 00005504 _____ (Microsoft Corporation) D:\WINDOWS\system32\Drivers\MSTEE.sys
2014-07-14 18:04 - 2008-04-14 22:51 - 00091648 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kswdmcap.ax
2014-07-14 18:04 - 2008-04-14 22:51 - 00091648 _____ (Microsoft Corporation) D:\WINDOWS\system32\kswdmcap.ax
2014-07-14 18:04 - 2008-04-14 22:51 - 00061952 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kstvtune.ax
2014-07-14 18:04 - 2008-04-14 22:51 - 00061952 _____ (Microsoft Corporation) D:\WINDOWS\system32\kstvtune.ax
2014-07-14 18:04 - 2008-04-14 22:51 - 00043008 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\ksxbar.ax
2014-07-14 18:04 - 2008-04-14 22:51 - 00043008 _____ (Microsoft Corporation) D:\WINDOWS\system32\ksxbar.ax
2014-07-14 18:04 - 2008-04-14 22:51 - 00028672 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\vidcap.ax
2014-07-14 18:04 - 2008-04-14 22:51 - 00028672 _____ (Microsoft Corporation) D:\WINDOWS\system32\vidcap.ax
2014-07-14 18:04 - 2008-04-14 22:51 - 00020992 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\dshowext.ax
2014-07-14 18:04 - 2008-04-14 22:51 - 00020992 _____ (Microsoft Corporation) D:\WINDOWS\system32\dshowext.ax
2014-07-14 18:04 - 2008-04-14 22:50 - 00054784 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\vfwwdm32.dll
2014-07-14 18:04 - 2008-04-14 22:50 - 00054784 _____ (Microsoft Corporation) D:\WINDOWS\system32\vfwwdm32.dll
2014-07-14 18:04 - 2008-04-14 00:16 - 00121984 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\usbvideo.sys
2014-07-14 18:04 - 2008-04-14 00:16 - 00121984 _____ (Microsoft Corporation) D:\WINDOWS\system32\Drivers\usbvideo.sys
2014-07-14 18:04 - 2008-04-14 00:15 - 00060032 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\usbaudio.sys
2014-07-14 18:04 - 2008-04-14 00:15 - 00060032 _____ (Microsoft Corporation) D:\WINDOWS\system32\Drivers\USBAUDIO.sys
2014-07-14 14:15 - 2014-07-14 14:15 - 00000000 ____D () D:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Skype
2014-07-14 14:14 - 2014-07-16 23:24 - 00000000 ____D () D:\Documents and Settings\Administrator\Dane aplikacji\Skype
2014-07-14 14:14 - 2014-07-16 18:42 - 00002267 _____ () D:\Documents and Settings\All Users\Pulpit\Skype.lnk
2014-07-14 14:14 - 2014-07-14 14:14 - 00000000 ___RD () D:\Program Files\Skype
2014-07-14 14:14 - 2014-07-14 14:14 - 00000000 ____D () D:\Program Files\Common Files\Skype
2014-07-14 14:14 - 2014-07-14 14:14 - 00000000 ____D () D:\Documents and Settings\All Users\Menu Start\Programy\Skype
2014-07-14 14:13 - 2014-07-14 14:14 - 00000000 ____D () D:\Documents and Settings\All Users\Dane aplikacji\Skype
2014-07-06 16:34 - 2014-07-06 21:41 - 00000000 ____D () D:\WINDOWS\SxsCaPendDel
2014-07-06 15:22 - 2014-07-06 15:22 - 00000000 ____D () D:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Aeria Games
2014-07-06 15:16 - 2014-07-06 16:33 - 00000000 __SHD () D:\WINDOWS\system32\AI_RecycleBin
2014-07-06 15:09 - 2014-07-06 15:09 - 00000000 ____D () D:\Program Files\Reference Assemblies
2014-07-06 15:06 - 2014-07-06 15:06 - 00000000 __RHD () D:\AHCache
2014-07-06 15:06 - 2014-07-06 15:06 - 00000000 ____D () D:\WINDOWS\Microsoft.NET
2014-07-06 15:05 - 2014-07-06 15:05 - 00000000 ____D () D:\Documents and Settings\Administrator\Dane aplikacji\Aeria Games & Entertainment
2014-07-06 14:57 - 2014-07-06 14:57 - 00000000 ____D () D:\AeriaGames
2014-07-03 03:43 - 2008-04-14 00:15 - 00032128 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\usbccgp.sys
2014-07-03 03:43 - 2008-04-14 00:15 - 00032128 _____ (Microsoft Corporation) D:\WINDOWS\system32\Drivers\usbccgp.sys
2014-06-27 13:05 - 2014-06-27 13:05 - 00000000 ____D () D:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Adobe
2014-06-27 13:03 - 2014-07-11 01:51 - 00002315 _____ () D:\Documents and Settings\All Users\Menu Start\Programy\Adobe Reader XI.lnk
2014-06-27 13:03 - 2014-06-27 13:03 - 00000000 ____D () D:\Program Files\Common Files\Adobe
2014-06-27 13:03 - 2014-06-27 13:03 - 00000000 ____D () D:\Program Files\Adobe
2014-06-27 13:02 - 2014-06-27 13:06 - 00000000 ____D () D:\Documents and Settings\All Users\Dane aplikacji\Adobe
2014-06-27 01:01 - 2014-07-14 09:23 - 00011264 _____ () D:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-06-21 14:59 - 2014-07-18 13:30 - 00065536 _____ () D:\WINDOWS\system32\config\Doctor Web.evt
2014-06-21 14:59 - 2014-06-21 16:50 - 00000000 ____D () D:\Documents and Settings\Administrator\Doctor Web
2014-06-21 14:54 - 2014-06-21 14:36 - 151190872 _____ () D:\Documents and Settings\Administrator\Pulpit\drweb-cureit.exe
2014-06-21 12:45 - 2014-06-21 12:49 - 00033734 _____ () D:\Documents and Settings\Administrator\Pulpit\bez tytułu.bmp
2014-06-21 11:31 - 2014-06-21 16:51 - 02408296 _____ () D:\Documents and Settings\Administrator\Pulpit\CureIt.txt
2014-06-21 11:04 - 2014-06-21 11:04 - 00000000 ____D () D:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
2014-06-21 11:03 - 2014-06-21 11:03 - 17292760 _____ (Malwarebytes Corporation ) D:\Documents and Settings\Administrator\Moje dokumenty\mbam-setup-2.0.2.1012.exe
2014-06-21 11:00 - 2014-07-18 17:11 - 00000000 ____D () D:\FRST
2014-06-21 10:12 - 2014-06-21 10:12 - 65372511 _____ () D:\Documents and Settings\Administrator\Moje dokumenty\svchost.dmp
2014-06-18 20:44 - 2014-06-18 20:44 - 00000000 ____D () D:\Documents and Settings\Administrator\Moje dokumenty\ProcessExplorer
2014-06-18 20:43 - 2014-06-18 20:43 - 01243655 _____ () D:\Documents and Settings\Administrator\Moje dokumenty\ProcessExplorer.zip
==================== One Month Modified Files and Folders =======
2014-07-18 17:11 - 2014-06-21 11:00 - 00000000 ____D () D:\FRST
2014-07-18 17:11 - 2014-06-14 17:25 - 00000000 ____D () D:\Documents and Settings\Administrator\Ustawienia lokalne\Temp
2014-07-18 17:00 - 2014-06-14 17:25 - 00000000 ____D () D:\Documents and Settings\Administrator\Pulpit
2014-07-18 16:59 - 2014-06-14 18:26 - 00000159 _____ () D:\WINDOWS\wiadebug.log
2014-07-18 16:59 - 2014-06-14 18:26 - 00000050 _____ () D:\WINDOWS\wiaservc.log
2014-07-18 16:59 - 2014-06-14 17:36 - 00000000 _____ () D:\WINDOWS\system32\nmp.log
2014-07-18 16:59 - 2014-06-14 17:31 - 00081496 _____ () D:\WINDOWS\system32\nvapps.xml
2014-07-18 16:58 - 2014-06-14 17:25 - 00000188 ___SH () D:\Documents and Settings\Administrator\ntuser.ini
2014-07-18 16:58 - 2014-06-14 16:30 - 00020200 _____ () D:\WINDOWS\WindowsUpdate.log
2014-07-18 16:54 - 2014-07-17 22:53 - 00000008 __RSH () D:\Documents and Settings\All Users\ntuser.pol
2014-07-18 16:53 - 2014-07-17 22:53 - 00000000 ___HD () D:\WINDOWS\system32\GroupPolicy
2014-07-18 16:53 - 2014-07-17 22:53 - 00000000 ____D () D:\Documents and Settings\Pomocnik
2014-07-18 16:53 - 2014-07-17 22:53 - 00000000 ____D () D:\Documents and Settings\Gość
2014-07-18 16:53 - 2014-06-14 18:21 - 00000000 __RHD () D:\Documents and Settings\All Users\Dane aplikacji
2014-07-18 16:53 - 2014-06-14 17:25 - 00000000 ___HD () D:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji
2014-07-18 16:48 - 2014-06-14 17:25 - 00000000 ___RD () D:\Documents and Settings\Administrator\Menu Start\Programy\Autostart
2014-07-18 16:43 - 2014-06-14 17:25 - 00000000 ___RD () D:\Documents and Settings\Administrator\Moje dokumenty
2014-07-18 16:26 - 2014-07-18 16:26 - 00003312 _____ () D:\Documents and Settings\Administrator\Pulpit\asasas.wpl
2014-07-18 15:26 - 2014-06-14 18:21 - 00440981 _____ () D:\WINDOWS\setupapi.log
2014-07-18 13:36 - 2014-06-14 18:24 - 00814884 _____ () D:\WINDOWS\system32\PerfStringBackup.INI
2014-07-18 13:36 - 2001-10-26 18:15 - 00389412 _____ () D:\WINDOWS\system32\perfh015.dat
2014-07-18 13:36 - 2001-10-26 18:15 - 00066836 _____ () D:\WINDOWS\system32\perfc015.dat
2014-07-18 13:35 - 2014-06-14 18:24 - 00000000 ____D () D:\Program Files\Common Files\Microsoft Shared
2014-07-18 13:35 - 2014-06-14 18:17 - 00000000 ____D () D:\WINDOWS\system32\mui
2014-07-18 13:35 - 2014-06-14 18:17 - 00000000 ____D () D:\WINDOWS\pchealth
2014-07-18 13:30 - 2014-06-21 14:59 - 00065536 _____ () D:\WINDOWS\system32\config\Doctor Web.evt
2014-07-18 10:43 - 2014-06-14 18:21 - 00094272 _____ () D:\WINDOWS\system32\FNTCACHE.DAT
2014-07-17 23:06 - 2014-06-14 16:28 - 00012628 _____ () D:\WINDOWS\wmsetup.log
2014-07-17 23:03 - 2014-07-17 23:02 - 00000574 _____ () D:\Documents and Settings\Administrator\Pulpit\glowny_64.m3u.lnk
2014-07-17 23:02 - 2014-07-17 23:02 - 00000625 _____ () D:\Documents and Settings\Administrator\Pulpit\L2.exe.lnk
2014-07-17 22:53 - 2014-06-14 17:25 - 00000000 ____D () D:\Documents and Settings\Administrator
2014-07-17 22:33 - 2014-07-17 22:33 - 00000000 ____D () D:\Documents and Settings\All Users\Menu Start\Programy\Lineage II
2014-07-17 22:33 - 2014-06-14 18:23 - 00000000 ___RD () D:\Documents and Settings\All Users\Menu Start\Programy
2014-07-17 22:33 - 2014-06-14 17:28 - 00000000 ___HD () D:\Program Files\InstallShield Installation Information
2014-07-17 22:32 - 2014-07-17 22:32 - 00000000 ____D () D:\Documents and Settings\Administrator\Dane aplikacji\InstallShield
2014-07-17 21:47 - 2014-07-17 21:47 - 00001272 _____ () D:\Documents and Settings\Administrator\Pulpit\TeamSpeak 3 Client.lnk
2014-07-17 21:47 - 2014-07-17 21:47 - 00000000 ____D () D:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\TeamSpeak 3 Client
2014-07-16 23:24 - 2014-07-14 14:14 - 00000000 ____D () D:\Documents and Settings\Administrator\Dane aplikacji\Skype
2014-07-16 18:42 - 2014-07-14 14:14 - 00002267 _____ () D:\Documents and Settings\All Users\Pulpit\Skype.lnk
2014-07-14 18:04 - 2014-06-14 16:26 - 00000000 ___RD () D:\Documents and Settings\All Users\Menu Start\Programy\Akcesoria
2014-07-14 14:15 - 2014-07-14 14:15 - 00000000 ____D () D:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Skype
2014-07-14 14:14 - 2014-07-14 14:14 - 00000000 ___RD () D:\Program Files\Skype
2014-07-14 14:14 - 2014-07-14 14:14 - 00000000 ____D () D:\Program Files\Common Files\Skype
2014-07-14 14:14 - 2014-07-14 14:14 - 00000000 ____D () D:\Documents and Settings\All Users\Menu Start\Programy\Skype
2014-07-14 14:14 - 2014-07-14 14:13 - 00000000 ____D () D:\Documents and Settings\All Users\Dane aplikacji\Skype
2014-07-14 14:14 - 2014-06-14 18:23 - 00000000 ____D () D:\Documents and Settings\All Users\Pulpit
2014-07-14 14:14 - 2014-06-14 17:25 - 00000000 __RHD () D:\Documents and Settings\Administrator\Dane aplikacji
2014-07-14 09:23 - 2014-06-27 01:01 - 00011264 _____ () D:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-11 01:51 - 2014-06-27 13:03 - 00002315 _____ () D:\Documents and Settings\All Users\Menu Start\Programy\Adobe Reader XI.lnk
2014-07-06 21:41 - 2014-07-06 16:34 - 00000000 ____D () D:\WINDOWS\SxsCaPendDel
2014-07-06 16:33 - 2014-07-06 15:16 - 00000000 __SHD () D:\WINDOWS\system32\AI_RecycleBin
2014-07-06 15:22 - 2014-07-06 15:22 - 00000000 ____D () D:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Aeria Games
2014-07-06 15:22 - 2014-06-14 17:37 - 00012328 _____ () D:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
2014-07-06 15:09 - 2014-07-06 15:09 - 00000000 ____D () D:\Program Files\Reference Assemblies
2014-07-06 15:09 - 2014-06-14 17:25 - 00000000 ___HD () D:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji
2014-07-06 15:06 - 2014-07-06 15:06 - 00000000 __RHD () D:\AHCache
2014-07-06 15:06 - 2014-07-06 15:06 - 00000000 ____D () D:\WINDOWS\Microsoft.NET
2014-07-06 15:05 - 2014-07-06 15:05 - 00000000 ____D () D:\Documents and Settings\Administrator\Dane aplikacji\Aeria Games & Entertainment
2014-07-06 14:57 - 2014-07-06 14:57 - 00000000 ____D () D:\AeriaGames
2014-07-06 09:14 - 2001-07-22 00:17 - 00002206 _____ () D:\WINDOWS\system32\wpa.dbl
2014-06-27 13:06 - 2014-06-27 13:02 - 00000000 ____D () D:\Documents and Settings\All Users\Dane aplikacji\Adobe
2014-06-27 13:05 - 2014-06-27 13:05 - 00000000 ____D () D:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Adobe
2014-06-27 13:05 - 2014-06-14 18:05 - 00000000 ____D () D:\Documents and Settings\Administrator\Dane aplikacji\Adobe
2014-06-27 13:03 - 2014-06-27 13:03 - 00000000 ____D () D:\Program Files\Common Files\Adobe
2014-06-27 13:03 - 2014-06-27 13:03 - 00000000 ____D () D:\Program Files\Adobe
2014-06-21 16:51 - 2014-06-21 11:31 - 02408296 _____ () D:\Documents and Settings\Administrator\Pulpit\CureIt.txt
2014-06-21 16:50 - 2014-06-21 14:59 - 00000000 ____D () D:\Documents and Settings\Administrator\Doctor Web
2014-06-21 16:50 - 2014-06-14 17:57 - 00000000 ____D () D:\Documents and Settings\Administrator\Moje dokumenty\Pobrane
2014-06-21 14:36 - 2014-06-21 14:54 - 151190872 _____ () D:\Documents and Settings\Administrator\Pulpit\drweb-cureit.exe
2014-06-21 12:49 - 2014-06-21 12:45 - 00033734 _____ () D:\Documents and Settings\Administrator\Pulpit\bez tytułu.bmp
2014-06-21 11:04 - 2014-06-21 11:04 - 00000000 ____D () D:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
2014-06-21 11:03 - 2014-06-21 11:03 - 17292760 _____ (Malwarebytes Corporation ) D:\Documents and Settings\Administrator\Moje dokumenty\mbam-setup-2.0.2.1012.exe
2014-06-21 10:12 - 2014-06-21 10:12 - 65372511 _____ () D:\Documents and Settings\Administrator\Moje dokumenty\svchost.dmp
2014-06-18 20:44 - 2014-06-18 20:44 - 00000000 ____D () D:\Documents and Settings\Administrator\Moje dokumenty\ProcessExplorer
2014-06-18 20:43 - 2014-06-18 20:43 - 01243655 _____ () D:\Documents and Settings\Administrator\Moje dokumenty\ProcessExplorer.zip
2014-06-18 19:38 - 2014-06-14 17:25 - 00006226 _____ () D:\WINDOWS\SchedLgU.Txt
2014-06-18 19:38 - 2014-06-14 17:25 - 00000006 ____H () D:\WINDOWS\Tasks\SA.DAT
2014-06-18 18:03 - 2014-06-14 16:29 - 00000000 ____D () D:\WINDOWS\system32\Restore
==================== Bamital & volsnap Check =================
D:\WINDOWS\explorer.exe
[2008-04-14 22:51] - [2008-04-14 22:51] - 1035264 ____A (Microsoft Corporation) c791ed9eac5e76d9525e157b1d7a599a � ��
D:\WINDOWS\system32\winlogon.exe
[2008-04-14 22:51] - [2008-04-14 22:51] - 0510464 ____A (Microsoft Corporation) 51fd2e13d723857b9ca239ae77150f48 � ��
D:\WINDOWS\system32\svchost.exe
[2008-04-14 22:51] - [2008-04-14 22:51] - 0014336 ____A (Microsoft Corporation) 8607d35d92528e2df386f19a960d23ce � ��
D:\WINDOWS\system32\services.exe
[2008-04-14 22:51] - [2008-04-14 22:51] - 0109056 ____A (Microsoft Corporation) 3e3ae424e27c4cefe4cab368c7b570ea � ��
D:\WINDOWS\system32\User32.dll
[2008-04-14 22:50] - [2008-04-14 22:50] - 0580096 ____A (Microsoft Corporation) a435c5c069afd901751ac323ad238793 � ��
D:\WINDOWS\system32\userinit.exe
[2008-04-14 22:51] - [2008-04-14 22:51] - 0026624 ____A (Microsoft Corporation) 2a5b37d520508be6570a3ea79695f5b5 � ��
D:\WINDOWS\system32\rpcss.dll
[2008-04-14 22:50] - [2008-04-14 22:50] - 0399360 ____A (Microsoft Corporation) 02396dab9dd407b06539981f477f3fec � ��
ATTENTION ====== & gt; If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
D:\WINDOWS\system32\Drivers\volsnap.sys
[2008-04-14 21:31] - [2008-04-14 21:31] - 0052864 ____A (Microsoft Corporation) 56b191ac5fc0df219949c95a6c87afe7 � ��
==================== End Of Log ============================