Scan result of Farbar Recovery Scan Tool (FRST written by farbar) Version: 27-02-2012 Ran by SYSTEM at 28-02-2012 20:22:17 Running from E:\ (X86) OS Language: English(US) The current controlset is ControlSet001 ========================== Registry (Whitelisted) ============= HKU\Administrator\...\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [15360 2008-04-14] (Microsoft Corporation) HKU\Administrator\...\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray [2127296 2008-03-20] (Gadu-Gadu S.A.) HKU\Administrator\...\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2010-09-07] (Google Inc.) HKU\Administrator\...\Run: [ECOM_USBPHONE_API] "c:\UsbPhoneAPI\UsbPhoneAPI.exe" [528384 2007-08-08] (E-COM Technology Corp.) HKU\Administrator\...\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized [13351304 2010-09-02] (Skype Technologies S.A.) HKU\Administrator\...\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background [1695232 2008-04-14] (Microsoft Corporation) HKU\Administrator\...\Run: [Facebook Update] "C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [137536 2011-11-29] (Facebook Inc.) HKU\Default User\...\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE [15360 2008-04-14] (Microsoft Corporation) HKU\LocalService\...\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE [15360 2008-04-14] (Microsoft Corporation) HKU\NetworkService\...\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE [15360 2008-04-14] (Microsoft Corporation) HKLM\...\Winlogon: [Userinit] [x] HKLM\...\Winlogon: [Shell] Tcpip\Parameters: [DhcpNameServer] 212.2.96.53 212.2.96.51 ================================ Services (Whitelisted) ================== 3 EhttpSrv; "C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe" [20680 2009-11-16] (ESET) 2 ekrn; "C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe" [735960 2009-11-16] (ESET) 2 Eventlog; C:\Windows\System32\services.exe [111104 2009-02-09] (Microsoft Corporation) 2 gupdate; "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc [135664 2010-09-07] (Google Inc.) 3 gupdatem; "C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc [135664 2010-09-07] (Google Inc.) 2 UMWdf; C:\WINDOWS\system32\wdfmgr.exe [38912 2005-01-28] (Microsoft Corporation) 2 JavaQuickStarterService; "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf" [x] ========================== Drivers (Whitelisted) ============= 3 AR5416; C:\Windows\System32\DRIVERS\athw.sys [1503840 2009-02-13] (Atheros Communications, Inc.) 3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation) 3 CRFILTER; C:\Windows\System32\DRIVERS\CRFILTER.sys [6656 2008-04-07] (Generic) 2 eamon; C:\Windows\System32\DRIVERS\eamon.sys [116520 2009-11-16] (ESET) 1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [108792 2009-11-16] (ESET) 1 epfwtdir; C:\Windows\System32\DRIVERS\epfwtdir.sys [96408 2009-11-16] (ESET) 3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [129024 2009-03-30] (ELAN Microelectronic Corp.) 3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [113280 2010-01-04] (Huawei Technologies Co., Ltd.) 3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [144384 2008-04-13] (Windows (R) Server 2003 DDK provider) 3 hwdatacard; C:\Windows\System32\DRIVERS\ewusbmdm.sys [102528 2010-01-04] (Huawei Technologies Co., Ltd.) 3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [100736 2010-01-04] (Huawei Technologies Co., Ltd.) 3 ialm; C:\Windows\System32\DRIVERS\igxpmp32.sys [6312864 2009-02-20] (Intel Corporation) 3 L1e; C:\Windows\System32\DRIVERS\l1e51x86.sys [38400 2008-12-16] (Atheros Communications, Inc.) 3 monfilt; C:\Windows\System32\drivers\monfilt.sys [1389056 2009-12-22] (Creative Technology Ltd.) 3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2009-12-23] (ATK0100) 3 NABTSFEC; C:\Windows\System32\DRIVERS\NABTSFEC.sys [85248 2008-04-13] (Microsoft Corporation) 3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation) 3 PSched; C:\Windows\System32\DRIVERS\psched.sys [69120 2008-04-13] (Microsoft Corporation) 3 Ptilink; C:\Windows\System32\DRIVERS\ptilink.sys [17792 2001-08-17] (Parallel Technologies, Inc.) 3 SLIP; C:\Windows\System32\DRIVERS\SLIP.sys [11136 2008-04-13] (Microsoft Corporation) 3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1766592 2009-06-05] () 3 SONYPVU1; C:\Windows\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation) 3 streamip; C:\Windows\System32\DRIVERS\StreamIP.sys [15232 2008-04-13] (Microsoft Corporation) 3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1057280 2009-12-22] (VIA Technologies, Inc.) 3 WSTCODEC; C:\Windows\System32\DRIVERS\WSTCODEC.SYS [19200 2008-04-13] (Microsoft Corporation) 4 Abiosdsk; [x] 4 abp480n5; [x] 4 adpu160m; [x] 4 Aha154x; [x] 4 aic78u2; [x] 4 aic78xx; [x] 4 AliIde; [x] 4 amsint; [x] 4 asc; [x] 4 asc3350p; [x] 4 asc3550; [x] 4 Atdisk; [x] 4 cd20xrnt; [x] 1 Changer; [x] 4 CmdIde; [x] 4 Cpqarray; [x] 4 dac2w2k; [x] 4 dac960nt; [x] 4 dpti2o; [x] 4 hpn; [x] 1 i2omgmt; [x] 4 i2omp; [x] 4 ini910u; [x] 4 IntelIde; [x] 1 lbrtfdc; [x] 4 Messenger; [x] 4 mraid35x; [x] 1 PCIDump; [x] 3 PDCOMP; [x] 3 PDFRAME; [x] 3 PDRELI; [x] 3 PDRFRAME; [x] 4 perc2; [x] 4 perc2hib; [x] 4 ql1080; [x] 4 Ql10wnt; [x] 4 ql12160; [x] 4 ql1240; [x] 4 ql1280; [x] 4 Simbad; [x] 4 Sparrow; [x] 4 symc810; [x] 4 symc8xx; [x] 4 sym_hi; [x] 4 sym_u3; [x] 4 TosIde; [x] 4 ultra; [x] 4 ViaIde; [x] 3 WDICA; [x] ========================== NetSvcs (Whitelisted) =========== ============ One Month Created Files and Folders ============== 2012-02-28 20:20 - 2012-02-28 20:20 - 0000000 ____D C:\FRST 2012-02-20 19:42 - 2012-02-20 19:42 - 0016247 ____A C:\Windows\KB2647516-IE8.log 2012-02-20 19:42 - 2012-02-20 19:42 - 0007678 ____A C:\Windows\KB2510531-IE8.log 2012-02-20 19:42 - 2012-02-20 19:42 - 0000000 ____D C:\Windows\ie8updates 2012-02-20 19:41 - 2012-02-20 19:42 - 0007539 ____A C:\Windows\KB2544521-IE8.log 2012-02-20 08:56 - 2011-12-17 14:41 - 0743424 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\iedvtool.dll 2012-02-20 08:56 - 2011-12-17 14:41 - 0247808 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ieproxy.dll 2012-02-20 08:56 - 2011-12-17 14:41 - 0012800 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\xpshims.dll 2012-02-20 01:51 - 2012-02-20 01:51 - 0000000 __SHD C:\Documents and Settings\Administrator\PrivacIE 2012-02-20 01:50 - 2012-02-20 01:50 - 0000000 __SHD C:\Documents and Settings\Administrator\IETldCache 2012-02-19 18:58 - 2012-02-20 01:50 - 0007481 ____A C:\Windows\spupdsvc.log 2012-02-19 18:56 - 2012-02-19 18:58 - 0081769 ____A C:\Windows\ie8.log 2012-02-19 18:56 - 2012-02-19 18:57 - 0000000 __HDC C:\Windows\ie8 2012-02-19 18:54 - 2012-02-19 18:58 - 0031557 ____A C:\Windows\ie8_main.log 2012-02-15 19:08 - 2012-02-15 19:08 - 0000000 __HDC C:\Windows\$NtUninstallKB2661637$ 2012-02-15 19:08 - 2012-02-15 19:08 - 0000000 __HDC C:\Windows\$NtUninstallKB2660465$ 2012-02-15 19:07 - 2012-02-15 19:08 - 0007425 ____A C:\Windows\KB2661637.log 2012-02-15 04:20 - 2012-02-15 19:08 - 0111736 ____A C:\Windows\KB2647516-IE7.log 2012-02-15 04:20 - 2012-02-15 19:08 - 0019351 ____A C:\Windows\KB2660465.log 2012-02-15 04:20 - 2012-01-11 14:07 - 0003072 ____N C:\Windows\System32\iacenc.dll 2012-02-15 04:20 - 2012-01-11 14:07 - 0003072 ____C C:\Windows\System32\dllcache\iacenc.dll 2012-02-13 09:11 - 2012-02-13 09:11 - 0081920 ____A C:\Windows\Minidump\Mini021312-01.dmp 2012-02-10 11:00 - 2012-02-18 06:31 - 0000000 ____D C:\Program Files\Mozilla Firefox 2012-02-08 05:04 - 2012-02-08 05:04 - 0000060 ____A C:\Windows\setupact.log 2012-02-08 05:04 - 2012-02-08 05:04 - 0000000 ____A C:\Windows\setuperr.log 2012-02-06 08:22 - 2012-02-06 08:22 - 0000000 __HDC C:\Windows\$NtUninstallKB2646524$ 2012-02-06 08:22 - 2012-02-06 08:22 - 0000000 __HDC C:\Windows\$NtUninstallKB2631813$ 2012-02-06 08:22 - 2012-02-06 08:22 - 0000000 __HDC C:\Windows\$NtUninstallKB2585542$ 2012-02-06 08:20 - 2012-02-06 08:20 - 0007413 ____A C:\Windows\KB2603381.log 2012-02-06 08:20 - 2012-02-06 08:20 - 0000000 __HDC C:\Windows\$NtUninstallKB2603381$ 2012-02-06 08:20 - 2012-02-06 08:20 - 0000000 __HDC C:\Windows\$NtUninstallKB2598479$ 2012-02-06 08:20 - 2012-02-06 08:20 - 0000000 __HDC C:\Windows\$NtUninstallKB2584146$ 2012-02-04 07:40 - 2012-02-06 08:22 - 0014791 ____A C:\Windows\KB2646524.log 2012-02-04 07:39 - 2012-02-06 08:22 - 0014402 ____A C:\Windows\KB2585542.log 2012-02-04 07:39 - 2012-02-06 08:22 - 0013133 ____A C:\Windows\KB2631813.log 2012-02-04 07:39 - 2012-02-06 08:20 - 0013717 ____A C:\Windows\KB2598479.log 2012-02-04 07:39 - 2012-02-06 08:20 - 0012519 ____A C:\Windows\KB2584146.log ============ 3 Months Modified Files and Folders =============== 2012-02-28 20:20 - 2012-02-28 20:20 - 0000000 ____D C:\FRST 2012-02-27 13:53 - 2009-12-22 14:17 - 0081920 ____A C:\Windows\DUMP9286.tmp 2012-02-27 13:50 - 2009-12-22 14:17 - 0081920 ____A C:\Windows\DUMP93bf.tmp 2012-02-27 13:48 - 2009-12-22 14:17 - 0081920 ____A C:\Windows\DUMP9238.tmp 2012-02-27 13:42 - 2009-12-22 14:17 - 0081920 ____A C:\Windows\DUMP468e.tmp 2012-02-27 13:41 - 2009-12-22 14:17 - 0081920 ____A C:\Windows\DUMP1f40.tmp 2012-02-27 13:38 - 2009-12-22 14:17 - 0081920 ____A C:\Windows\DUMP5812.tmp 2012-02-27 13:36 - 2009-12-22 14:17 - 0081920 ____A C:\Windows\DUMPa042.tmp 2012-02-27 06:07 - 2009-12-22 14:17 - 0081920 ____A C:\Windows\DUMP9e1f.tmp 2012-02-27 02:18 - 2009-12-22 14:17 - 0081920 ____A C:\Windows\DUMP8e41.tmp 2012-02-26 18:41 - 2009-12-22 14:17 - 0081920 ____A C:\Windows\DUMP9342.tmp 2012-02-26 18:39 - 2009-12-22 14:17 - 0081920 ____A C:\Windows\DUMP941d.tmp 2012-02-26 18:33 - 2009-12-22 14:17 - 0081920 ____A C:\Windows\DUMP43cf.tmp 2012-02-26 18:31 - 2009-12-22 14:17 - 0081920 ____A C:\Windows\DUMP9006.tmp 2012-02-26 18:26 - 2009-12-22 14:17 - 0081920 ____A C:\Windows\DUMP9380.tmp 2012-02-26 18:24 - 2009-12-22 14:17 - 0081920 ____A C:\Windows\DUMP8efc.tmp 2012-02-26 18:20 - 2009-12-22 14:17 - 0081920 ____A C:\Windows\DUMP93fd.tmp 2012-02-26 18:18 - 2009-12-22 14:17 - 0081920 ____A C:\Windows\DUMP9ebb.tmp 2012-02-26 18:13 - 2009-12-22 13:32 - 1976428 ____A C:\Windows\WindowsUpdate.log 2012-02-26 18:12 - 2010-02-05 08:11 - 0000438 ___AH C:\Windows\Tasks\User_Feed_Synchronization-{44BCB69D-E72F-460D-9461-65EAEF39D9D5}.job 2012-02-26 17:22 - 2010-09-07 03:23 - 0001050 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2012-02-26 16:09 - 2011-11-29 07:04 - 0001034 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-839522115-1767777339-1801674531-500UA.job 2012-02-26 13:31 - 2009-12-22 13:37 - 0000000 ____D C:\Documents and Settings\Administrator\Pulpit 2012-02-26 13:22 - 2010-09-07 03:23 - 0001046 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2012-02-26 09:22 - 2009-12-22 13:37 - 0032444 ____A C:\Windows\SchedLgU.Txt 2012-02-26 07:09 - 2011-11-29 07:04 - 0001012 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-839522115-1767777339-1801674531-500Core.job 2012-02-26 05:05 - 2011-02-23 09:17 - 0000260 ____A C:\Windows\Tasks\WGASetup.job 2012-02-26 05:05 - 2009-12-22 14:27 - 0000159 ____A C:\Windows\wiadebug.log 2012-02-26 05:05 - 2009-12-22 14:27 - 0000050 ____A C:\Windows\wiaservc.log 2012-02-26 05:05 - 2009-12-22 13:37 - 0000006 ___AH C:\Windows\Tasks\SA.DAT 2012-02-26 05:05 - 2001-07-21 11:17 - 0002206 ____A C:\Windows\System32\wpa.dbl 2012-02-25 19:02 - 2009-12-22 13:37 - 0000188 ___SH C:\Documents and Settings\Administrator\ntuser.ini 2012-02-23 13:43 - 2009-12-22 14:24 - 0764054 ____A C:\Windows\System32\PerfStringBackup.INI 2012-02-23 13:43 - 2001-10-26 05:15 - 0356068 ____A C:\Windows\System32\perfh015.dat 2012-02-23 13:43 - 2001-10-26 05:15 - 0049910 ____A C:\Windows\System32\perfc015.dat 2012-02-20 19:42 - 2012-02-20 19:42 - 0016247 ____A C:\Windows\KB2647516-IE8.log 2012-02-20 19:42 - 2012-02-20 19:42 - 0007678 ____A C:\Windows\KB2510531-IE8.log 2012-02-20 19:42 - 2012-02-20 19:42 - 0000000 ____D C:\Windows\ie8updates 2012-02-20 19:42 - 2012-02-20 19:41 - 0007539 ____A C:\Windows\KB2544521-IE8.log 2012-02-20 19:42 - 2011-12-14 20:10 - 0066721 ____A C:\Windows\updspapi.log 2012-02-20 19:42 - 2011-12-14 20:09 - 0002688 ____A C:\Windows\ocgen.log 2012-02-20 19:42 - 2009-12-22 13:33 - 0000000 ___HD C:\Windows\$hf_mig$ 2012-02-20 01:51 - 2012-02-20 01:51 - 0000000 __SHD C:\Documents and Settings\Administrator\PrivacIE 2012-02-20 01:50 - 2012-02-20 01:50 - 0000000 __SHD C:\Documents and Settings\Administrator\IETldCache 2012-02-20 01:50 - 2012-02-19 18:58 - 0007481 ____A C:\Windows\spupdsvc.log 2012-02-20 01:50 - 2009-12-22 13:37 - 0000000 ___RD C:\Documents and Settings\Administrator\Moje dokumenty 2012-02-20 01:49 - 2009-12-22 14:17 - 0000000 ____D C:\Windows\System32\pl-pl 2012-02-20 01:49 - 2009-12-22 14:17 - 0000000 ____D C:\Windows\Media 2012-02-20 01:49 - 2009-12-22 14:17 - 0000000 ____D C:\Windows\Help 2012-02-19 18:58 - 2012-02-19 18:56 - 0081769 ____A C:\Windows\ie8.log 2012-02-19 18:58 - 2012-02-19 18:54 - 0031557 ____A C:\Windows\ie8_main.log 2012-02-19 18:57 - 2012-02-19 18:56 - 0000000 __HDC C:\Windows\ie8 2012-02-18 06:31 - 2012-02-10 11:00 - 0000000 ____D C:\Program Files\Mozilla Firefox 2012-02-16 14:44 - 2009-12-22 14:22 - 0114176 ____A C:\Windows\System32\FNTCACHE.DAT 2012-02-15 19:08 - 2012-02-15 19:08 - 0000000 __HDC C:\Windows\$NtUninstallKB2661637$ 2012-02-15 19:08 - 2012-02-15 19:08 - 0000000 __HDC C:\Windows\$NtUninstallKB2660465$ 2012-02-15 19:08 - 2012-02-15 19:07 - 0007425 ____A C:\Windows\KB2661637.log 2012-02-15 19:08 - 2012-02-15 04:20 - 0111736 ____A C:\Windows\KB2647516-IE7.log 2012-02-15 19:08 - 2012-02-15 04:20 - 0019351 ____A C:\Windows\KB2660465.log 2012-02-15 19:08 - 2011-08-02 02:18 - 52550552 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe 2012-02-13 09:11 - 2012-02-13 09:11 - 0081920 ____A C:\Windows\Minidump\Mini021312-01.dmp 2012-02-12 05:07 - 2009-12-22 13:37 - 0000000 ___RD C:\Documents and Settings\Administrator\Ulubione 2012-02-10 11:00 - 2009-12-22 14:23 - 0000000 ____D C:\Documents and Settings\All Users\Pulpit 2012-02-10 11:00 - 2009-12-22 13:37 - 0000000 __RHD C:\Documents and Settings\Administrator\Dane aplikacji 2012-02-10 09:44 - 2011-12-15 13:28 - 0037051 ____A C:\Windows\setupapi.log 2012-02-08 05:04 - 2012-02-08 05:04 - 0000060 ____A C:\Windows\setupact.log 2012-02-08 05:04 - 2012-02-08 05:04 - 0000000 ____A C:\Windows\setuperr.log 2012-02-06 08:22 - 2012-02-06 08:22 - 0000000 __HDC C:\Windows\$NtUninstallKB2646524$ 2012-02-06 08:22 - 2012-02-06 08:22 - 0000000 __HDC C:\Windows\$NtUninstallKB2631813$ 2012-02-06 08:22 - 2012-02-06 08:22 - 0000000 __HDC C:\Windows\$NtUninstallKB2585542$ 2012-02-06 08:22 - 2012-02-04 07:40 - 0014791 ____A C:\Windows\KB2646524.log 2012-02-06 08:22 - 2012-02-04 07:39 - 0014402 ____A C:\Windows\KB2585542.log 2012-02-06 08:22 - 2012-02-04 07:39 - 0013133 ____A C:\Windows\KB2631813.log 2012-02-06 08:20 - 2012-02-06 08:20 - 0007413 ____A C:\Windows\KB2603381.log 2012-02-06 08:20 - 2012-02-06 08:20 - 0000000 __HDC C:\Windows\$NtUninstallKB2603381$ 2012-02-06 08:20 - 2012-02-06 08:20 - 0000000 __HDC C:\Windows\$NtUninstallKB2598479$ 2012-02-06 08:20 - 2012-02-06 08:20 - 0000000 __HDC C:\Windows\$NtUninstallKB2584146$ 2012-02-06 08:20 - 2012-02-04 07:39 - 0013717 ____A C:\Windows\KB2598479.log 2012-02-06 08:20 - 2012-02-04 07:39 - 0012519 ____A C:\Windows\KB2584146.log 2012-01-12 12:20 - 2010-12-31 09:04 - 1860224 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\win32k.sys 2012-01-12 12:20 - 2007-03-08 06:49 - 1860224 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys 2012-01-11 14:07 - 2012-02-15 04:20 - 0003072 ____N C:\Windows\System32\iacenc.dll 2012-01-11 14:07 - 2012-02-15 04:20 - 0003072 ____C C:\Windows\System32\dllcache\iacenc.dll 2011-12-26 13:12 - 2009-12-22 13:31 - 0000000 ____D C:\Windows\System32\Restore 2011-12-19 03:06 - 2010-12-20 18:06 - 0132608 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\extmgr.dll 2011-12-19 03:06 - 2008-01-17 05:11 - 0132608 ____A (Microsoft Corporation) C:\Windows\System32\extmgr.dll 2011-12-18 08:41 - 2010-12-20 18:06 - 11082240 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\ieframe.dll 2011-12-18 08:41 - 2008-01-17 05:11 - 11082240 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2011-12-17 14:41 - 2012-02-20 08:56 - 0743424 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\iedvtool.dll 2011-12-17 14:41 - 2012-02-20 08:56 - 0247808 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ieproxy.dll 2011-12-17 14:41 - 2012-02-20 08:56 - 0012800 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\xpshims.dll 2011-12-17 14:41 - 2010-12-20 18:06 - 5979136 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\mshtml.dll 2011-12-17 14:41 - 2010-12-20 18:06 - 2000384 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\iertutil.dll 2011-12-17 14:41 - 2010-12-20 18:06 - 1469440 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\inetcpl.cpl 2011-12-17 14:41 - 2010-12-20 18:06 - 1212416 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\urlmon.dll 2011-12-17 14:41 - 2010-12-20 18:06 - 0916992 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\wininet.dll 2011-12-17 14:41 - 2010-12-20 18:06 - 0611840 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\mstime.dll 2011-12-17 14:41 - 2010-12-20 18:06 - 0602112 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\msfeeds.dll 2011-12-17 14:41 - 2010-12-20 18:06 - 0387584 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\iedkcs32.dll 2011-12-17 14:41 - 2010-12-20 18:06 - 0206848 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\occache.dll 2011-12-17 14:41 - 2010-12-20 18:06 - 0184320 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\iepeers.dll 2011-12-17 14:41 - 2010-12-20 18:06 - 0105984 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\url.dll 2011-12-17 14:41 - 2010-12-20 18:06 - 0066560 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\mshtmled.dll 2011-12-17 14:41 - 2010-12-20 18:06 - 0055296 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\msfeedsbs.dll 2011-12-17 14:41 - 2010-12-20 18:06 - 0025600 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\jsproxy.dll 2011-12-17 14:41 - 2009-03-07 22:34 - 0043520 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\licmgr10.dll 2011-12-17 14:41 - 2008-01-17 05:12 - 5979136 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2011-12-17 14:41 - 2008-01-17 05:12 - 1469440 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2011-12-17 14:41 - 2008-01-17 05:12 - 1212416 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2011-12-17 14:41 - 2008-01-17 05:12 - 0916992 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2011-12-17 14:41 - 2008-01-17 05:12 - 0611840 ____A (Microsoft Corporation) C:\Windows\System32\mstime.dll 2011-12-17 14:41 - 2008-01-17 05:12 - 0602112 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2011-12-17 14:41 - 2008-01-17 05:12 - 0206848 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll 2011-12-17 14:41 - 2008-01-17 05:12 - 0105984 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2011-12-17 14:41 - 2008-01-17 05:12 - 0066560 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2011-12-17 14:41 - 2008-01-17 05:12 - 0055296 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll 2011-12-17 14:41 - 2008-01-17 05:12 - 0025600 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2011-12-17 14:41 - 2008-01-17 05:11 - 2000384 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2011-12-17 14:41 - 2008-01-17 05:11 - 0387584 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll 2011-12-17 14:41 - 2008-01-14 12:18 - 0184320 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll 2011-12-17 14:41 - 2008-01-14 12:18 - 0043520 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll 2011-12-16 07:33 - 2010-12-20 07:55 - 0013824 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ieudinit.exe 2011-12-16 07:23 - 2010-12-20 07:55 - 0174080 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\ie4uinit.exe 2011-12-16 07:23 - 2008-01-17 05:11 - 0174080 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe 2011-12-16 07:23 - 2008-01-14 12:18 - 0385024 ____A (Microsoft Corporation) C:\Windows\System32\html.iec 2011-12-14 20:11 - 2011-12-14 20:11 - 0000000 __HDC C:\Windows\$NtUninstallKB2639417$ 2011-12-14 20:11 - 2011-12-14 06:21 - 0113041 ____A C:\Windows\KB2618444-IE7.log 2011-12-14 20:11 - 2011-12-14 06:21 - 0014485 ____A C:\Windows\KB2639417.log 2011-12-14 20:10 - 2011-12-14 20:10 - 0000000 __HDC C:\Windows\$NtUninstallKB2624667$ 2011-12-14 20:10 - 2011-12-14 06:21 - 0013517 ____A C:\Windows\KB2624667.log 2011-12-14 20:09 - 2011-12-14 20:09 - 0007504 ____A C:\Windows\KB2618451.log 2011-12-14 20:09 - 2011-12-14 20:09 - 0004143 ____A C:\Windows\KB2633952.log 2011-12-14 20:09 - 2011-12-14 20:09 - 0000000 __HDC C:\Windows\$NtUninstallKB2633952$ 2011-12-14 20:09 - 2011-12-14 20:09 - 0000000 __HDC C:\Windows\$NtUninstallKB2633171$ 2011-12-14 20:09 - 2011-12-14 20:09 - 0000000 __HDC C:\Windows\$NtUninstallKB2620712$ 2011-12-14 20:09 - 2011-12-14 20:09 - 0000000 __HDC C:\Windows\$NtUninstallKB2619339$ 2011-12-14 20:09 - 2011-12-14 20:09 - 0000000 __HDC C:\Windows\$NtUninstallKB2618451$ 2011-12-14 20:09 - 2011-12-14 06:21 - 0012767 ____A C:\Windows\KB2620712.log 2011-12-14 20:09 - 2011-12-14 06:21 - 0012688 ____A C:\Windows\KB2619339.log 2011-12-14 20:09 - 2011-12-14 06:20 - 0015586 ____A C:\Windows\KB2633171.log 2011-12-14 20:09 - 2011-02-23 09:15 - 0014142 ____A C:\Windows\System32\TZLog.log 2011-12-13 07:20 - 2010-01-19 19:43 - 0000000 ____D C:\Windows\Minidump 2011-12-13 07:18 - 2011-12-13 07:18 - 0000000 ____D C:\Program Files\CCleaner 2011-12-08 18:22 - 2009-12-22 13:32 - 0000000 __SHD C:\Documents and Settings\All Users\DRM 2011-12-08 17:04 - 2009-12-22 14:17 - 0000000 ____D C:\Windows\security ========================= Known DLLs (Whitelisted) ============ ========================= Bamital & volsnap Check ============ C:\Windows\explorer.exe [2007-06-13 02:12] - [2008-04-14 16:51] - 1035264 ____A (Microsoft Corporation) c791ed9eac5e76d9525e157b1d7a599a C:\Windows\System32\winlogon.exe [2004-08-03 11:44] - [2008-04-14 16:51] - 0510464 ____A (Microsoft Corporation) 51fd2e13d723857b9ca239ae77150f48 C:\Windows\System32\svchost.exe [2004-08-03 11:44] - [2008-04-14 16:51] - 0014336 ____A (Microsoft Corporation) 8607d35d92528e2df386f19a960d23ce C:\Windows\System32\User32.dll [2007-03-08 06:51] - [2008-04-14 16:50] - 0580096 ____A (Microsoft Corporation) a435c5c069afd901751ac323ad238793 C:\Windows\System32\Drivers\volsnap.sys [2004-08-03 11:36] - [2008-04-14 15:31] - 0052864 ____A (Microsoft Corporation) 56b191ac5fc0df219949c95a6c87afe7 ==================== Restore Points (XP) ===================== RP: -> 2012-02-26 11:37 - 024576 _restore{09522453-1BC4-4A96-8DF1-C8BD39DAD4D6}\RP507 RP: -> 2012-02-25 10:27 - 024576 _restore{09522453-1BC4-4A96-8DF1-C8BD39DAD4D6}\RP506 RP: -> 2012-02-24 09:46 - 024576 _restore{09522453-1BC4-4A96-8DF1-C8BD39DAD4D6}\RP505 RP: -> 2012-02-23 08:50 - 024576 _restore{09522453-1BC4-4A96-8DF1-C8BD39DAD4D6}\RP504 RP: -> 2012-02-21 20:21 - 024576 _restore{09522453-1BC4-4A96-8DF1-C8BD39DAD4D6}\RP503 RP: -> 2012-02-20 19:41 - 024576 _restore{09522453-1BC4-4A96-8DF1-C8BD39DAD4D6}\RP502 RP: -> 2012-02-19 18:54 - 024576 _restore{09522453-1BC4-4A96-8DF1-C8BD39DAD4D6}\RP501 RP: -> 2012-02-19 11:22 - 024576 _restore{09522453-1BC4-4A96-8DF1-C8BD39DAD4D6}\RP500 RP: -> 2012-02-18 09:59 - 024576 _restore{09522453-1BC4-4A96-8DF1-C8BD39DAD4D6}\RP499 RP: -> 2012-02-17 07:06 - 024576 _restore{09522453-1BC4-4A96-8DF1-C8BD39DAD4D6}\RP498 RP: -> 2012-02-15 19:07 - 024576 _restore{09522453-1BC4-4A96-8DF1-C8BD39DAD4D6}\RP497 RP: -> 2012-02-15 15:44 - 024576 _restore{09522453-1BC4-4A96-8DF1-C8BD39DAD4D6}\RP496 RP: -> 2012-02-14 14:31 - 024576 _restore{09522453-1BC4-4A96-8DF1-C8BD39DAD4D6}\RP495 RP: -> 2012-02-13 14:17 - 024576 _restore{09522453-1BC4-4A96-8DF1-C8BD39DAD4D6}\RP494 RP: -> 2012-02-12 12:32 - 024576 _restore{09522453-1BC4-4A96-8DF1-C8BD39DAD4D6}\RP493 RP: -> 2012-02-11 12:03 - 024576 _restore{09522453-1BC4-4A96-8DF1-C8BD39DAD4D6}\RP492 RP: -> 2012-02-10 10:18 - 024576 _restore{09522453-1BC4-4A96-8DF1-C8BD39DAD4D6}\RP491 RP: -> 2012-02-09 09:24 - 024576 _restore{09522453-1BC4-4A96-8DF1-C8BD39DAD4D6}\RP490 ========================= Memory info ====================== Percentage of memory in use: 10% Total physical RAM: 2013.02 MB Available physical RAM: 1796 MB Total Pagefile: 1843.85 MB Available Pagefile: 1786.23 MB Total Virtual: 2047.88 MB Available Virtual: 2002.17 MB ======================= Partitions ========================= 1 Drive b: (RAMDisk) (Fixed) (Total:0.06 GB) (Free:0.06 GB) NTFS 2 Drive c: () (Fixed) (Total:128.16 GB) (Free:117.72 GB) NTFS ==>[Drive with boot components (Windows XP)] 3 Drive d: (KASIA) (Fixed) (Total:104.73 GB) (Free:1.08 GB) NTFS 4 Drive e: (AZBACK# 001) (Removable) (Total:0.96 GB) (Free:0.21 GB) FAT32 5 Drive x: (ReatogoPE) (CDROM) (Total:0.27 GB) (Free:0 GB) CDFS Disk ### Status Size Free Dyn Gpt -------- ---------- ------- ------- --- --- Disk 0 Online 233 GB 0 B Partitions of Disk 0: =============== Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 128 GB 32 KB Partition 2 Extended 105 GB 128 GB Partition 3 Logical 105 GB 128 GB Disk: 0 Partition 1 Type : 07 Hidden: No Active: Yes Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 1 C NTFS Partition 128 GB Healthy Disk: 0 Partition 3 Type : 07 Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 2 D KASIA NTFS Partition 105 GB Healthy ======================= End Of Log ==========================