Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-01-2024 01 Ran by Maestro (ATTENTION: The user is not administrator) on ST491-13580 (INTEL_ D946GZIS) (01-02-2024 11:25:29) Running from C:\Documents and Settings\Maestro\Pulpit\FRST.exe Loaded Profiles: Maestro Platform: Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) Language: Polski -> Polski Default browser not detected! Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\WINDOWS\system32\igfxpers.exe (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\WINDOWS\system32\igfxtray.exe (SigmaTel, Inc.) [File not signed] C:\WINDOWS\sttray.exe Failed to access process -> alg.exe Failed to access process -> csrss.exe Failed to access process -> IMFsrv.exe Failed to access process -> IMFSrvWsc.exe Failed to access process -> lsass.exe Failed to access process -> services.exe Failed to access process -> smss.exe Failed to access process -> spoolsv.exe Failed to access process -> stacsv.exe Failed to access process -> svchost.exe Failed to access process -> svchost.exe Failed to access process -> svchost.exe Failed to access process -> svchost.exe Failed to access process -> svchost.exe Failed to access process -> svchost.exe Failed to access process -> svchost.exe Failed to access process -> winlogon.exe Failed to access process -> wmiprvse.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SigmatelSysTrayApp] => C:\WINDOWS\sttray.exe [282624 2006-05-26] (SigmaTel, Inc.) [File not signed] HKLM\...\Run: [IgfxTray] => C:\WINDOWS\system32\igfxtray.exe [98304 2006-06-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) HKLM\...\Run: [Persistence] => C:\WINDOWS\system32\igfxpers.exe [81920 2006-06-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) HKLM\...\Run: [IObit Malware Fighter] => C:\Program Files\IObit\IObit Malware Fighter\IMF.exe [7002432 2023-12-01] (IObit CO., LTD -> IObit) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1160408 2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) HKU\S-1-5-21-1220945662-1659004503-839522115-1004\...\Run: [EXPLORER.EXE] => C:\WINDOWS\EXPLORER.EXE [1035264 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) <==== ATTENTION HKU\S-1-5-21-1220945662-1659004503-839522115-1004\...\CurrentVersion\Windows: [Load] "C:\Documents and Settings\Maestro\Dane aplikacji\msztt.exe" <==== ATTENTION HKU\S-1-5-21-1220945662-1659004503-839522115-1004\...\MountPoints2: {03056044-c0e5-11dc-811f-001676e2749c} - E:\EXPLORER.EXE HKU\S-1-5-21-1220945662-1659004503-839522115-1004\...\MountPoints2: {09c116c4-a630-11dc-8114-001676e2749c} - E:\EXPLORER.EXE HKU\S-1-5-21-1220945662-1659004503-839522115-1004\...\MountPoints2: {6318319d-baeb-11dd-8147-001676e2749c} - E:\EXPLORER.EXE HKU\S-1-5-21-1220945662-1659004503-839522115-1004\...\MountPoints2: {680f4990-fc80-11df-815a-001676e2749c} - E:\EXPLORER.EXE HKU\S-1-5-21-1220945662-1659004503-839522115-1004\...\MountPoints2: {6b76f258-7fa4-11dc-80ff-001676e2749c} - E:\EXPLORER.EXE HKU\S-1-5-21-1220945662-1659004503-839522115-1004\...\MountPoints2: {6e5c58f2-aa5c-11dc-8115-001676e2749c} - E:\EXPLORER.EXE HKU\S-1-5-21-1220945662-1659004503-839522115-1004\...\MountPoints2: {7c73312c-5ea4-11dc-80ea-001676e2749c} - E:\EXPLORER.EXE HKU\S-1-5-21-1220945662-1659004503-839522115-1004\...\MountPoints2: {862f0fc6-937f-11dd-813d-001676e2749c} - E:\EXPLORER.EXE HKU\S-1-5-21-1220945662-1659004503-839522115-1004\...\MountPoints2: {8f319ad7-b56c-11dd-8145-001676e2749c} - E:\EXPLORER.EXE HKU\S-1-5-21-1220945662-1659004503-839522115-1004\...\MountPoints2: {8f59ffc4-d702-11dc-812d-001676e2749c} - E:\EXPLORER.EXE HKU\S-1-5-21-1220945662-1659004503-839522115-1004\...\MountPoints2: {91919c8a-6d01-11dc-80f3-001676e2749c} - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe HKU\S-1-5-21-1220945662-1659004503-839522115-1004\...\MountPoints2: {93e46e52-52ac-11e4-816f-001676e2749c} - E:\EXPLORER.EXE HKU\S-1-5-21-1220945662-1659004503-839522115-1004\...\MountPoints2: {99a2598f-9e84-11dd-813f-001676e2749c} - E:\EXPLORER.EXE HKU\S-1-5-21-1220945662-1659004503-839522115-1004\...\MountPoints2: {99a25993-9e84-11dd-813f-001676e2749c} - E:\EXPLORER.EXE HKU\S-1-5-21-1220945662-1659004503-839522115-1004\...\MountPoints2: {c23ba631-6dcb-11dc-80f4-001676e2749c} - E:\EXPLORER.EXE HKU\S-1-5-21-1220945662-1659004503-839522115-1004\...\MountPoints2: {c4f7b35d-dbed-11dd-814d-001676e2749c} - E:\EXPLORER.EXE HKU\S-1-5-21-1220945662-1659004503-839522115-1004\...\MountPoints2: {ce04c168-583d-11e4-8175-001676e2749c} - E:\EXPLORER.EXE HKU\S-1-5-21-1220945662-1659004503-839522115-1004\...\MountPoints2: {ce5c8bdc-e16a-11dd-814e-001676e2749c} - E:\EXPLORER.EXE HKU\S-1-5-21-1220945662-1659004503-839522115-1004\...\MountPoints2: {e21dc580-9f68-11dd-8140-001676e2749c} - E:\EXPLORER.EXE HKU\S-1-5-21-1220945662-1659004503-839522115-1004\...\MountPoints2: {ecc4319f-5dd6-11dc-80e9-001676e2749c} - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe HKU\S-1-5-21-1220945662-1659004503-839522115-1004\...\MountPoints2: {ecc431a0-5dd6-11dc-80e9-001676e2749c} - E:\LaunchU3.exe -a HKU\S-1-5-21-1220945662-1659004503-839522115-1004\...\MountPoints2: {ecc431a2-5dd6-11dc-80e9-001676e2749c} - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe HKU\S-1-5-21-1220945662-1659004503-839522115-1004\...\MountPoints2: {ecc431a3-5dd6-11dc-80e9-001676e2749c} - E:\EXPLORER.EXE HKU\S-1-5-21-1220945662-1659004503-839522115-1004\...\MountPoints2: {fe599f15-c074-11dd-8149-001676e2749c} - E:\EXPLORER.EXE HKU\S-1-5-21-1220945662-1659004503-839522115-1004\...\MountPoints2: {fea10920-bf8e-11dc-811c-001676e2749c} - E:\EXPLORER.EXE HKLM\...\Windows NT x86\Print Processors\ModiPrint: C:\Windows\System32\spool\prtprocs\W32X86\mdippr.dll [18944 2003-06-19] (Microsoft Corporation) [File not signed] HKLM\...\Windows NT x86\Print Processors\MS_XPS: C:\Windows\System32\spool\prtprocs\W32X86\filterpipelineprintproc.dll [89088 2008-07-06] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\...\Print\Monitors\BJ Language Monitor: C:\WINDOWS\system32\cnbjmon.dll [49152 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\...\Print\Monitors\Microsoft Document Imaging Writer Monitor: C:\WINDOWS\system32\mdimon.dll [17920 2003-06-19] (Microsoft Corporation) [File not signed] HKLM\...\Print\Monitors\PJL Language Monitor: C:\WINDOWS\system32\pjlmon.dll [15360 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> C:\WINDOWS\INF\unregmp2.exe [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [>{26923b43-4d38-484f-9b9e-de460746276c}] -> C:\WINDOWS\system32\shmgrate.exe [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] -> RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP HKLM\Software\Microsoft\Active Setup\Installed Components: [>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] -> C:\WINDOWS\system32\shmgrate.exe [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}] -> HKLM\Software\Microsoft\Active Setup\Installed Components: [{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> HKLM\Software\Microsoft\Active Setup\Installed Components: [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] -> C:\Program Files\Outlook Express\setup50.exe [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] -> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT HKLM\Software\Microsoft\Active Setup\Installed Components: [{5945c046-1e7d-11d1-bc44-00c04fd912be}] -> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser HKLM\Software\Microsoft\Active Setup\Installed Components: [{6BF52A52-394A-11d3-B153-00C04F79FAA6}] -> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub HKLM\Software\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] -> HKLM\Software\Microsoft\Active Setup\Installed Components: [{7790769C-0471-11d2-AF11-00C04FA35D02}] -> C:\Program Files\Outlook Express\setup50.exe [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{C631DF4C-088F-4156-B058-4375F0853CD8}] -> C:\WINDOWS\System32\cscui.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) ==================== Scheduled Tasks============================= (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\CCleaner Update.job => ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) FireFox: ======== FF ProfilePath: C:\Documents and Settings\Maestro\Dane aplikacji\Mozilla\Firefox\Profiles\amnsf0xd.default [2024-02-01] FF DownloadDir: C:\Documents and Settings\Maestro\Pulpit FF Extension: (Microsoft .NET Framework Assistant) - C:\Documents and Settings\Maestro\Dane aplikacji\Mozilla\Firefox\Profiles\amnsf0xd.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2014-10-21] [Legacy] [not signed] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: (Microsoft .NET Framework Assistant) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-12-13] [Legacy] [not signed] FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems Inc.) [File not signed] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) "TlntSvr" => service could not be unlocked. <==== ATTENTION "WmiApRpl" => service could not be unlocked. <==== ATTENTION R2 IMFservice; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [2634560 2023-12-01] (IObit CO., LTD -> IObit) R2 STacSV; C:\WINDOWS\system32\STacSV.exe [86016 2006-05-26] (SigmaTel, Inc.) [File not signed] S3 SwPrv; C:\WINDOWS\system32\dllhost.exe /Processid:{F9F72144-33B3-43C0-9C21-4B1B57059557} [5120 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 HDAudBus; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [144384 2008-04-13] (Microsoft Windows Component Publisher -> Windows (R) Server 2003 DDK provider) R3 Imf8HpRegFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\ImfHpRegFilter.sys [23640 2023-11-03] (IObit CO., LTD -> IObit) [File not signed] R1 IMFCameraProtect; C:\WINDOWS\system32\drivers\IMFCameraProtect.sys [22352 2023-11-03] (IObit CO., LTD -> IObit) R3 IMFDownProtect; C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\IMFDownProtect.sys [38888 2023-11-03] (IObit CO., LTD -> IObit) [File not signed] R3 IMFEFSFileControl; C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\IMFEFSFileControl.sys [19824 2023-11-03] (IObit CO., LTD -> IObit) S3 IMFForceDelete123; C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\IMFForceDelete.sys [19832 2023-11-03] (IObit CO., LTD -> IObit) [File not signed] R3 ImfHpFileFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\ImfHpFileFilter.sys [23640 2023-11-03] (IObit CO., LTD -> IObit) [File not signed] S1 IMFMBRProtect; C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\IMFMBRProtect.sys [20880 2023-11-03] (IObit Information Technology -> IObit) R3 ImfRealScanner; C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\ImfRealScanner.sys [26800 2023-11-03] (IObit CO., LTD -> IObit) [File not signed] R3 ImfRegistryFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\ImfRegistryFilter.sys [23128 2023-11-03] (IObit CO., LTD -> IObit) [File not signed] R3 Ptilink; C:\WINDOWS\System32\DRIVERS\ptilink.sys [17792 2004-08-04] (Microsoft Windows Component Publisher -> Parallel Technologies, Inc.) U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 Secdrv; C:\WINDOWS\System32\DRIVERS\secdrv.sys [20480 2008-04-13] (Microsoft Windows Component Publisher -> Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) S3 sfng32; C:\WINDOWS\System32\drivers\sfng32.sys [41728 2005-12-03] (Microsoft Windows Hardware Compatibility Publisher -> Sonic Focus, Inc) R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [685816 2007-08-23] () [File not signed] [File is in use] R3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1177032 2006-05-26] (Microsoft Windows Hardware Compatibility Publisher -> SigmaTel, Inc.) S4 IntelIde; no ImagePath S5 TlntSvr; <==== ATTENTION: Locked Service U5 WmiApRpl; <==== ATTENTION: Locked Service U1 WS2IFSL; no ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2024-02-01 11:25 - 2024-02-01 11:25 - 000014705 _____ C:\Documents and Settings\Maestro\Pulpit\FRST.txt 2024-02-01 11:23 - 2024-01-31 14:47 - 002088448 _____ (Farbar) C:\Documents and Settings\Maestro\Pulpit\FRST.exe 2024-02-01 11:20 - 2024-02-01 11:25 - 000000000 ____D C:\FRST 2024-02-01 11:19 - 2024-02-01 11:13 - 000000015 _____ C:\Documents and Settings\Maestro\Pulpit\Nowy Dokument tekstowy.txt 2024-02-01 08:54 - 2024-02-01 08:54 - 000000000 ____D C:\Documents and Settings\Maestro\AppData\LocalLow\IObit 2024-01-31 15:06 - 2024-01-31 15:06 - 000000777 _____ C:\Documents and Settings\Maestro\Menu Start\Programy\Internet Explorer.lnk 2024-01-31 15:06 - 2024-01-31 15:06 - 000000000 ___RD C:\Documents and Settings\Maestro\Moje dokumenty\Moja muzyka 2024-01-31 14:48 - 2024-01-31 14:47 - 002088448 _____ (Farbar) C:\FRST.exe 2024-01-30 13:02 - 2024-01-30 13:02 - 000002347 _____ C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Reader XI.lnk 2024-01-30 13:02 - 2024-01-30 13:02 - 000001734 _____ C:\Documents and Settings\All Users\Pulpit\Adobe Reader XI.lnk 2024-01-30 13:01 - 2024-01-30 13:02 - 000000000 ____D C:\Program Files\Common Files\Adobe 2024-01-30 13:01 - 2024-01-30 13:01 - 000000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Adobe 2024-01-30 12:51 - 2024-01-30 12:51 - 000000730 _____ C:\Documents and Settings\All Users\Menu Start\Programy\Mozilla Firefox.lnk 2024-01-30 12:51 - 2024-01-30 12:51 - 000000724 _____ C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk 2024-01-30 12:28 - 2024-02-01 10:13 - 000000328 ____H C:\WINDOWS\Tasks\CCleaner Update.job 2024-01-30 12:28 - 2024-01-30 12:28 - 000000000 ____D C:\Program Files\CCleaner 2024-01-30 12:28 - 2024-01-30 12:28 - 000000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\CCleaner 2024-01-30 12:19 - 2024-01-31 15:08 - 000000000 ____D C:\Documents and Settings\Maestro\Dane aplikacji\IObit 2024-01-30 12:02 - 2024-01-30 12:02 - 000000000 ____D C:\WINDOWS\system32\pl 2024-01-30 12:02 - 2024-01-30 12:02 - 000000000 ____D C:\WINDOWS\system32\bits 2024-01-30 12:02 - 2024-01-30 12:02 - 000000000 ____D C:\WINDOWS\l2schemas 2024-01-30 11:56 - 2024-01-30 12:02 - 000000000 ____D C:\WINDOWS\network diagnostic 2024-01-30 11:52 - 2024-01-30 11:52 - 000000000 ____D C:\Program Files\CPUID 2024-01-30 11:52 - 2024-01-30 11:52 - 000000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\CPUID 2024-01-30 11:49 - 2024-01-30 11:49 - 000000000 ____D C:\Program Files\7-Zip 2024-01-30 11:49 - 2024-01-30 11:49 - 000000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\7-Zip 2024-01-30 09:13 - 2024-01-30 09:13 - 000000000 ____D C:\WINDOWS\Tasks\ImCleanDisabled 2024-01-30 09:06 - 2024-01-30 09:06 - 023162880 _____ C:\WINDOWS\system32\config\software.iobit 2024-01-30 09:06 - 2024-01-30 09:06 - 000249856 _____ C:\WINDOWS\system32\config\default.iobit 2024-01-30 09:06 - 2024-01-30 09:06 - 000053248 _____ C:\WINDOWS\system32\config\SECURITY.iobit 2024-01-30 09:06 - 2024-01-30 09:06 - 000028672 _____ C:\WINDOWS\system32\config\SAM.iobit 2024-01-30 08:53 - 2024-01-30 08:54 - 000000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\ProductData 2024-01-30 08:53 - 2024-01-30 08:53 - 000000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\{7D4F950D-61ED-482D-A05D-43620B49B610} 2024-01-30 08:51 - 2024-01-30 09:13 - 000000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\ProductData3 2024-01-30 08:51 - 2024-01-30 08:51 - 000000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\IObit Malware Fighter 2024-01-30 08:51 - 2023-11-03 15:08 - 000022352 _____ (IObit) C:\WINDOWS\system32\Drivers\IMFCameraProtect.sys 2024-01-30 08:50 - 2024-01-30 09:13 - 000000000 ____D C:\Program Files\Common Files\IObit 2024-01-30 08:50 - 2024-01-30 08:53 - 000000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\IObit 2024-01-30 08:50 - 2024-01-30 08:52 - 000000000 ____D C:\Program Files\IObit 2024-01-30 07:45 - 2024-01-30 07:55 - 000001300 _____ C:\WINDOWS\GA_OF.dat 2024-01-29 16:33 - 2015-09-14 13:03 - 000038520 _____ C:\WINDOWS\system32\Drivers\DasPtct.SYS 2024-01-29 16:33 - 2015-01-29 18:21 - 000050320 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys 2024-01-29 16:30 - 2024-01-29 16:32 - 000000000 ____D C:\WINDOWS\system32\NtmsData 2024-01-29 16:25 - 2024-01-29 16:29 - 000000000 ____D C:\WINDOWS\system32\MRT 2024-01-24 12:47 - 2021-01-22 13:27 - 007607296 _____ C:\Documents and Settings\Maestro\Pulpit\lawendakom2.qgd 2024-01-24 12:47 - 2021-01-19 23:03 - 007670784 _____ C:\Documents and Settings\Maestro\Pulpit\mietakom.qgd 2024-01-24 12:46 - 2021-01-20 16:37 - 007354368 _____ C:\Documents and Settings\Maestro\Pulpit\orange2.qgd ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2024-02-01 11:25 - 2007-02-07 15:32 - 000000000 ____D C:\Documents and Settings\Maestro\Pulpit 2024-02-01 11:18 - 2018-01-15 14:45 - 000000000 ___RD C:\Documents and Settings\Maestro\Moje dokumenty\Moje obrazy 2024-02-01 11:18 - 2007-02-07 14:52 - 000000000 ____D C:\Documents and Settings\admin 2024-02-01 11:16 - 2007-02-07 15:37 - 000000000 ___RD C:\Documents and Settings\All Users\Menu Start\Programy 2024-02-01 10:18 - 2007-02-07 15:32 - 000000188 ___SH C:\Documents and Settings\Maestro\ntuser.ini 2024-02-01 10:18 - 2007-02-07 15:32 - 000000000 ____D C:\Documents and Settings\Maestro 2024-02-01 09:40 - 2007-08-23 11:35 - 000000000 ____D C:\WINDOWS\Downloaded Installations 2024-02-01 09:40 - 2007-02-07 15:09 - 000000000 ___HD C:\WINDOWS\$hf_mig$ 2024-02-01 09:32 - 2014-12-02 13:19 - 000000000 ____D C:\Program Files\Mozilla Firefox 2024-02-01 09:17 - 2007-02-07 15:32 - 000000000 ___RD C:\Documents and Settings\Maestro\Ulubione 2024-02-01 09:16 - 2007-02-07 15:32 - 000000000 __RHD C:\Documents and Settings\Maestro\Dane aplikacji 2024-02-01 09:15 - 2007-02-07 15:32 - 000000000 ___RD C:\Documents and Settings\Maestro\Menu Start\Programy 2024-02-01 09:14 - 2007-02-07 15:32 - 000000000 ___RD C:\Documents and Settings\Maestro\Moje dokumenty 2024-02-01 09:12 - 2007-02-07 14:52 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2024-02-01 09:11 - 2007-02-07 14:52 - 000010496 ____N C:\WINDOWS\SchedLgU.Txt 2024-02-01 09:08 - 2007-06-26 11:15 - 000052576 _____ C:\Documents and Settings\Maestro\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT 2024-02-01 09:07 - 2007-02-07 15:32 - 000000000 ___RD C:\Documents and Settings\Maestro\Menu Start\Programy\Autostart 2024-02-01 08:46 - 2004-08-04 13:00 - 000002206 _____ C:\WINDOWS\system32\wpa.dbl 2024-01-31 15:06 - 2007-02-07 15:32 - 000000802 _____ C:\Documents and Settings\Maestro\Menu Start\Programy\Windows Media Player.lnk 2024-01-31 14:27 - 2007-02-07 15:30 - 000000000 ___HD C:\WINDOWS\inf 2024-01-30 13:41 - 2007-02-07 15:38 - 001089402 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2024-01-30 13:41 - 2007-02-07 14:47 - 000316640 _____ C:\WINDOWS\WMSysPr9.prx 2024-01-30 13:41 - 2004-08-04 13:00 - 000491306 _____ C:\WINDOWS\system32\perfh015.dat 2024-01-30 13:41 - 2004-08-04 13:00 - 000084216 _____ C:\WINDOWS\system32\perfc015.dat 2024-01-30 13:39 - 2007-02-07 15:37 - 000241536 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2024-01-30 13:39 - 2007-02-07 15:30 - 000000000 ____D C:\WINDOWS\system32\Setup 2024-01-30 13:39 - 2007-02-07 15:30 - 000000000 ____D C:\WINDOWS\security 2024-01-30 13:38 - 2007-02-07 15:30 - 000000000 RSHDC C:\WINDOWS\system32\dllcache 2024-01-30 13:37 - 2007-02-07 14:45 - 000000000 ____D C:\Program Files\Outlook Express 2024-01-30 13:37 - 2007-02-07 14:45 - 000000000 ____D C:\Program Files\Movie Maker 2024-01-30 13:34 - 2007-02-07 14:44 - 000000000 ____D C:\Program Files\Messenger 2024-01-30 13:32 - 2007-02-07 15:37 - 000000000 ___RD C:\Documents and Settings\All Users\Menu Start 2024-01-30 13:32 - 2007-02-07 15:30 - 000000000 ____D C:\WINDOWS\Help 2024-01-30 13:32 - 2007-02-07 14:48 - 000001573 _____ C:\Documents and Settings\All Users\Menu Start\Określ dostęp do programów i ich ustawienia domyślne.lnk 2024-01-30 13:32 - 2007-02-07 14:43 - 000000000 ___RD C:\Documents and Settings\All Users\Menu Start\Programy\Akcesoria 2024-01-30 13:30 - 2007-02-07 14:54 - 000000000 ____D C:\WINDOWS\system32\ReinstallBackups 2024-01-30 13:02 - 2007-02-07 15:37 - 000000000 ____D C:\Documents and Settings\All Users\Pulpit 2024-01-30 13:01 - 2007-03-08 15:21 - 000000000 ____D C:\Program Files\Adobe 2024-01-30 13:01 - 2007-02-07 15:37 - 000000000 __RHD C:\Documents and Settings\All Users\Dane aplikacji 2024-01-30 12:41 - 2007-02-07 14:46 - 000000000 ____D C:\WINDOWS\system32\DirectX 2024-01-30 12:02 - 2007-02-07 15:30 - 000000000 ____D C:\WINDOWS\system32\usmt 2024-01-30 12:02 - 2007-02-07 15:30 - 000000000 ____D C:\WINDOWS\system32\inetsrv 2024-01-30 12:02 - 2007-02-07 15:30 - 000000000 ____D C:\WINDOWS\PeerNet 2024-01-30 12:02 - 2007-02-07 15:30 - 000000000 ____D C:\WINDOWS\ime 2024-01-30 11:58 - 2011-10-24 11:38 - 000000000 ____D C:\WINDOWS\ServicePackFiles 2024-01-30 11:58 - 2007-02-07 15:30 - 000000000 ____D C:\WINDOWS\system32\npp 2024-01-30 11:58 - 2007-02-07 15:30 - 000000000 ____D C:\WINDOWS\msagent 2024-01-30 11:58 - 2007-02-07 14:45 - 000000000 ____D C:\WINDOWS\srchasst 2024-01-30 11:58 - 2007-02-07 14:45 - 000000000 ____D C:\Program Files\NetMeeting 2024-01-30 11:58 - 2007-02-07 14:45 - 000000000 ____D C:\Program Files\Common Files\System 2024-01-30 11:58 - 2007-02-07 14:43 - 000000000 ____D C:\WINDOWS\system32\Com 2024-01-30 11:58 - 2007-02-07 14:43 - 000000000 ____D C:\Program Files\Windows NT 2024-01-30 11:57 - 2007-02-07 15:30 - 000000000 ____D C:\WINDOWS\system32\oobe 2024-01-30 11:57 - 2007-02-07 15:30 - 000000000 ____D C:\WINDOWS\system 2024-01-30 11:56 - 2004-08-04 13:00 - 000251152 __RSH C:\ntldr 2024-01-30 09:11 - 2019-01-07 13:19 - 000000000 ____D C:\WINDOWS\Minidump 2024-01-30 09:11 - 2008-04-18 11:18 - 000000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\ACDLABS 10.0 2024-01-30 09:11 - 2007-03-08 15:21 - 000000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Mozilla Firefox 2024-01-30 08:48 - 2007-02-07 14:48 - 000001507 _____ C:\Documents and Settings\All Users\Menu Start\Windows Update.lnk 2024-01-30 08:46 - 2014-10-28 13:00 - 000000000 ____D C:\Program Files\Common Files\PC Tools 2024-01-29 16:37 - 2014-10-28 13:00 - 000982372 _____ C:\WINDOWS\system32\Drivers\Cat.DB 2024-01-29 16:30 - 2014-10-28 12:59 - 000000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\TEMP 2024-01-29 16:30 - 2014-10-28 12:59 - 000000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\PC Tools 2024-01-29 16:19 - 2007-02-07 15:37 - 001229838 _____ C:\WINDOWS\setupapi.log.0.old 2024-01-23 10:46 - 2021-12-14 13:35 - 000000000 ____D C:\Documents and Settings\Maestro\Pulpit\Zapachy 202021 ==================== Files in the root of some directories ======== 2004-08-04 13:00 - 2005-05-04 14:45 - 092556416 ___SH () C:\Documents and Settings\Maestro\Dane aplikacji\msztt.exe 2007-06-10 11:22 - 2007-11-10 11:53 - 000000600 _____ () C:\Documents and Settings\Maestro\Ustawienia lokalne\Dane aplikacji\PUTTY.RND ==================== FLock ============================== 2007-02-07 14:42 C:\boot.ini 2011-11-29 08:17 C:\e016d0bbe805ad5186 2007-02-15 07:32 C:\MSOCache 2004-08-04 13:00 C:\NTDETECT.COM 2024-01-30 11:56 C:\ntldr 2024-01-30 13:38 C:\WINDOWS\system32\dllcache 2007-02-07 14:47 C:\WINDOWS\system32\ias 2007-02-07 14:44 C:\WINDOWS\system32\MsDtc 2024-01-29 16:32 C:\WINDOWS\system32\NtmsData 2024-01-30 13:39 C:\WINDOWS\system32\Setup 2007-02-07 14:46 C:\Program Files\WindowsUpdate 2024-02-01 09:40 C:\WINDOWS\$hf_mig$ 2024-02-01 09:44 C:\WINDOWS\Prefetch 2024-02-01 09:11 C:\WINDOWS\system32\config\AppEvent.Evt 2024-02-01 09:11 C:\WINDOWS\system32\config\default 2024-01-30 09:06 C:\WINDOWS\system32\config\default.iobit 2024-02-01 10:13 C:\WINDOWS\system32\config\default.LOG 2007-02-07 15:36 C:\WINDOWS\system32\config\default.sav 2024-02-01 09:11 C:\WINDOWS\system32\config\SAM 2024-01-30 09:06 C:\WINDOWS\system32\config\SAM.iobit 2024-02-01 11:18 C:\WINDOWS\system32\config\SAM.LOG 2007-02-07 15:37 C:\WINDOWS\system32\config\SecEvent.Evt 2024-02-01 09:11 C:\WINDOWS\system32\config\SECURITY 2024-01-30 09:06 C:\WINDOWS\system32\config\SECURITY.iobit 2024-02-01 09:12 C:\WINDOWS\system32\config\SECURITY.LOG 2024-02-01 09:11 C:\WINDOWS\system32\config\software 2024-01-30 09:06 C:\WINDOWS\system32\config\software.iobit 2024-02-01 11:25 C:\WINDOWS\system32\config\software.LOG 2007-02-07 15:36 C:\WINDOWS\system32\config\software.sav 2024-02-01 09:11 C:\WINDOWS\system32\config\SysEvent.Evt 2024-02-01 09:12 C:\WINDOWS\system32\config\system 2024-02-01 11:18 C:\WINDOWS\system32\config\system.LOG 2024-01-30 07:55 C:\WINDOWS\system32\config\SYSTEM.LOG1 2024-01-30 07:55 C:\WINDOWS\system32\config\SYSTEM.LOG2 2007-02-07 15:36 C:\WINDOWS\system32\config\system.sav 2007-02-07 15:26 C:\WINDOWS\system32\config\systemprofile 2007-02-07 15:36 C:\WINDOWS\system32\config\TempKey.LOG 2007-02-07 15:36 C:\WINDOWS\system32\config\userdiff 2007-02-07 15:36 C:\WINDOWS\system32\config\userdiff.LOG 2024-02-01 10:13 C:\WINDOWS\Tasks\CCleaner Update.job 2024-01-30 09:13 C:\WINDOWS\Tasks\ImCleanDisabled 2024-02-01 11:18 C:\Documents and Settings\admin 2007-03-08 15:19 C:\Documents and Settings\Administrator 2014-11-12 14:45 C:\Documents and Settings\LocalService 2007-02-07 14:51 C:\Documents and Settings\NetworkService ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\wininit.exe IS MISSING <==== ATTENTION ==================== End of FRST.txt ========================