Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-10-2012 Ran by SYSTEM at 15-10-2012 12:26:46 Running from G:\ Windows Vista (TM) Home Premium Service Pack 1 (X86) OS Language: Polish The current controlset is ControlSet001 ==================== Registry (Whitelisted) =================== HKLM\...\Run: [PVR Agent] C:\Program Files\V-Stream Multimedia\PVR Plus\TVR\Scheduled.exe [733696 2004-09-13] () HKLM\...\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [947176 2012-09-12] (Microsoft Corporation) HKU\Anita\...\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation) HKLM\...\InprocServer32: [Default-wbemess] ATTENTION! ====> ZeroAccess HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] ATTENTION! ====> ZeroAccess Tcpip\Parameters: [DhcpNameServer] 194.204.159.1 194.204.152.34 Startup: C:\Users\All Users\Start Menu\Programs\Startup\TV Remote Control.lnk ShortcutTarget: TV Remote Control.lnk -> C:\Program Files\V-Stream Multimedia\TV88X Utilities\C8XRCtl.exe (Kworld Computer Co., Ltd.) ==================== Services (Whitelisted) =================== 3 MozillaMaintenance; "C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe" [113120 2012-07-14] (Mozilla Foundation) 2 MsMpSvc; "C:\Program Files\Microsoft Security Client\MsMpEng.exe" [20472 2012-09-12] (Microsoft Corporation) 3 NisSrv; "C:\Program Files\Microsoft Security Client\NisSrv.exe" [287824 2012-09-12] (Microsoft Corporation) 2 nvUpdatusService; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2214504 2011-05-21] (NVIDIA Corporation) 2 PCToolsSSDMonitorSvc; C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [583640 2010-08-05] (PC Tools) ==================== Drivers (Whitelisted) ==================== 2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [278984 2010-11-01] () 2 CX23880; C:\Windows\System32\drivers\cx88vid.sys [188671 2004-01-07] (Conexant Systems, Inc.) 2 CX88XBAR; C:\Windows\System32\drivers\CX88XBAR.sys [9728 2010-07-26] (Conexant Systems, Inc.) 2 CXTUNE; C:\Windows\System32\drivers\CX88TUNE.sys [37504 2010-07-26] (Conexant Systems, Inc.) 2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25416 2010-11-01] () 3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25752 2009-10-07] () 0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [193552 2012-08-30] (Microsoft Corporation) 1 MpKsl007e57b0; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FF9476B8-D30D-4A1C-8B98-896083EBA883}\MpKsl007e57b0.sys [29904 2012-10-03] () 1 MpKsl11905000; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FF9476B8-D30D-4A1C-8B98-896083EBA883}\MpKsl11905000.sys [29904 2012-10-03] () 1 MpKsl18a5ed34; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FF9476B8-D30D-4A1C-8B98-896083EBA883}\MpKsl18a5ed34.sys [29904 2012-10-03] () 1 MpKsl242acc62; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FF9476B8-D30D-4A1C-8B98-896083EBA883}\MpKsl242acc62.sys [29904 2012-10-03] () 1 MpKsl245b8811; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FF9476B8-D30D-4A1C-8B98-896083EBA883}\MpKsl245b8811.sys [29904 2012-10-02] () 1 MpKsl3930c8e8; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FF9476B8-D30D-4A1C-8B98-896083EBA883}\MpKsl3930c8e8.sys [29904 2012-10-04] () 1 MpKsl3a5b309e; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FF9476B8-D30D-4A1C-8B98-896083EBA883}\MpKsl3a5b309e.sys [29904 2012-10-03] () 1 MpKsl46d3df26; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FF9476B8-D30D-4A1C-8B98-896083EBA883}\MpKsl46d3df26.sys [29904 2012-10-04] () 1 MpKsl4812a3f7; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FF9476B8-D30D-4A1C-8B98-896083EBA883}\MpKsl4812a3f7.sys [29904 2012-10-01] () 1 MpKsl4c470d88; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FF9476B8-D30D-4A1C-8B98-896083EBA883}\MpKsl4c470d88.sys [29904 2012-10-03] () 1 MpKsl5bbc3ef0; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FF9476B8-D30D-4A1C-8B98-896083EBA883}\MpKsl5bbc3ef0.sys [29904 2012-10-03] () 1 MpKsl7a8fbfb2; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FF9476B8-D30D-4A1C-8B98-896083EBA883}\MpKsl7a8fbfb2.sys [29904 2012-10-02] () 1 MpKsl8d0f99f7; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FF9476B8-D30D-4A1C-8B98-896083EBA883}\MpKsl8d0f99f7.sys [29904 2012-10-01] () 1 MpKsl8eb877bb; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FF9476B8-D30D-4A1C-8B98-896083EBA883}\MpKsl8eb877bb.sys [29904 2012-10-01] () 1 MpKsla24f3baf; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FF9476B8-D30D-4A1C-8B98-896083EBA883}\MpKsla24f3baf.sys [29904 2012-10-05] () 1 MpKsla3c3a826; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FF9476B8-D30D-4A1C-8B98-896083EBA883}\MpKsla3c3a826.sys [29904 2012-10-01] () 1 MpKsla7b68e9b; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FF9476B8-D30D-4A1C-8B98-896083EBA883}\MpKsla7b68e9b.sys [29904 2012-10-11] () 1 MpKslb4d1e105; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FF9476B8-D30D-4A1C-8B98-896083EBA883}\MpKslb4d1e105.sys [29904 2012-10-03] () 1 MpKslb6443570; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FF9476B8-D30D-4A1C-8B98-896083EBA883}\MpKslb6443570.sys [29904 2012-10-03] () 1 MpKslb744e2f4; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FF9476B8-D30D-4A1C-8B98-896083EBA883}\MpKslb744e2f4.sys [29904 2012-10-15] () 1 MpKslcb258781; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FF9476B8-D30D-4A1C-8B98-896083EBA883}\MpKslcb258781.sys [29904 2012-10-03] () 1 MpKsle6491a20; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FF9476B8-D30D-4A1C-8B98-896083EBA883}\MpKsle6491a20.sys [29904 2012-10-01] () 1 MpKslf0cbc1b0; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FF9476B8-D30D-4A1C-8B98-896083EBA883}\MpKslf0cbc1b0.sys [29904 2012-10-01] () 1 MpKslf96d6fc1; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FF9476B8-D30D-4A1C-8B98-896083EBA883}\MpKslf96d6fc1.sys [29904 2012-10-03] () 1 MpKslfec9827e; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FF9476B8-D30D-4A1C-8B98-896083EBA883}\MpKslfec9827e.sys [29904 2012-10-01] () 3 pepifilter; C:\Windows\System32\DRIVERS\lv302af.sys [13976 2009-04-30] (Logitech Inc.) 3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [2687512 2009-04-30] (Logitech Inc.) 3 upperdev; C:\Windows\System32\DRIVERS\usbser_lowerflt.sys [8064 2008-05-02] (Windows (R) Codename Longhorn DDK provider) 3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltj.sys [8064 2008-05-02] (Windows (R) Codename Longhorn DDK provider) 3 IpInIp; C:\Windows\System32\DRIVERS\ipinip.sys [x] 3 NwlnkFlt; C:\Windows\System32\DRIVERS\nwlnkflt.sys [x] 3 NwlnkFwd; C:\Windows\System32\DRIVERS\nwlnkfwd.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2012-10-15 12:23 - 2012-10-15 12:23 - 00000000 ____D C:\FRST 2012-10-12 23:00 - 2012-10-12 23:00 - 00066130 ____A C:\OTL.Txt 2012-10-03 16:57 - 2011-05-21 05:01 - 00615528 ____A (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe 2012-10-03 13:15 - 2012-10-03 14:14 - 00000000 ____D C:\Windows\LastGood 2012-10-03 11:13 - 2012-10-03 11:13 - 00000000 ____D C:\Windows\LastGood.Tmp 2012-10-03 10:23 - 2012-10-03 10:23 - 00000000 ____D C:\_OTL 2012-10-03 09:15 - 2012-10-04 10:54 - 00010586 ____A C:\Extras.Txt 2012-10-03 09:07 - 2012-10-03 09:07 - 00600064 ____A (OldTimer Tools) C:\OTL.exe 2012-10-03 09:06 - 2012-10-03 09:04 - 00444520 ____A C:\OTL(19450).exe 2012-10-03 08:51 - 2012-10-03 08:51 - 00000000 ____D C:\Users\Anita\AppData\Roaming\OpenFM 2012-10-03 08:51 - 2012-10-03 08:51 - 00000000 ____D C:\Users\All Users\OpenFM 2012-10-02 08:48 - 2012-10-02 08:48 - 00010545 ____A C:\ComboFix.txt 2012-10-02 08:44 - 2012-10-02 08:44 - 00002243 ____A C:\Windows\epplauncher.mif 2012-10-02 08:44 - 2011-06-26 07:45 - 00256000 ____A C:\Windows\PEV.exe 2012-10-02 08:44 - 2010-11-07 18:20 - 00208896 ____A C:\Windows\MBR.exe 2012-10-02 08:44 - 2009-04-20 05:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe 2012-10-02 08:44 - 2000-08-31 01:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe 2012-10-02 08:44 - 2000-08-31 01:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe 2012-10-02 08:44 - 2000-08-31 01:00 - 00098816 ____A C:\Windows\sed.exe 2012-10-02 08:44 - 2000-08-31 01:00 - 00080412 ____A C:\Windows\grep.exe 2012-10-02 08:44 - 2000-08-31 01:00 - 00068096 ____A C:\Windows\zip.exe 2012-10-02 08:43 - 2012-10-02 08:48 - 00000000 ____D C:\Qoobox 2012-10-02 08:43 - 2012-10-02 08:47 - 00000000 ____D C:\Windows\erdnt 2012-10-02 08:43 - 2012-09-27 12:39 - 04769305 ____R (Swearware) C:\ComboFix.exe 2012-10-01 15:07 - 2012-10-03 10:55 - 00004374 ____A C:\Windows\PFRO.log 2012-10-01 14:41 - 2012-10-01 14:41 - 00000000 ____D C:\Windows\pss 2012-10-01 14:17 - 2012-10-01 14:17 - 00000000 ____A C:\Windows\setuperr.log 2012-10-01 14:17 - 2012-10-01 14:17 - 00000000 ____A C:\Windows\setupact.log 2012-10-01 10:31 - 2012-10-15 10:29 - 00274225 ____A C:\Windows\WindowsUpdate.log 2012-09-23 08:23 - 2012-08-24 08:27 - 12319744 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2012-09-23 08:23 - 2012-08-24 08:03 - 09738240 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2012-09-23 08:23 - 2012-08-24 07:59 - 01800704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2012-09-23 08:23 - 2012-08-24 07:51 - 01427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2012-09-23 08:23 - 2012-08-24 07:51 - 01129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2012-09-23 08:23 - 2012-08-24 07:51 - 01103872 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2012-09-23 08:23 - 2012-08-24 07:49 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2012-09-23 08:23 - 2012-08-24 07:48 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2012-09-23 08:23 - 2012-08-24 07:47 - 00717824 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2012-09-23 08:23 - 2012-08-24 07:47 - 00420864 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2012-09-23 08:23 - 2012-08-24 07:47 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2012-09-23 08:23 - 2012-08-24 07:45 - 00607744 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2012-09-23 08:23 - 2012-08-24 07:44 - 01793024 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2012-09-23 08:23 - 2012-08-24 07:44 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2012-09-23 08:23 - 2012-08-24 07:43 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2012-09-23 08:23 - 2012-08-24 07:40 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2012-09-22 14:21 - 2012-09-22 14:20 - 00138240 ____A C:\Users\Anita\Desktop\Windykacja SDSM 08.2012-wykres.xls 2012-09-22 14:21 - 2012-09-22 13:42 - 00034304 ____A C:\Users\Anita\Desktop\zbiorówka stan na 31 08 2012r..xls 2012-09-22 14:21 - 2012-09-22 13:35 - 00034816 ____A C:\Users\Anita\Desktop\zbior stan na 31 08 2012r. KWK.xls 2012-09-22 14:21 - 2012-09-22 13:09 - 00044544 ____A C:\Users\Anita\Desktop\Zbior przeterm stan na 31 08 2012r.xls ==================== 3 Months Modified Files ================== 2012-10-15 10:29 - 2012-10-01 10:31 - 00274225 ____A C:\Windows\WindowsUpdate.log 2012-10-15 10:19 - 2006-11-02 14:01 - 00000006 ___AH C:\Windows\Tasks\SA.DAT 2012-10-15 10:19 - 2006-11-02 13:47 - 00004112 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2012-10-15 10:19 - 2006-11-02 13:47 - 00004112 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2012-10-12 23:00 - 2012-10-12 23:00 - 00066130 ____A C:\OTL.Txt 2012-10-05 14:17 - 2010-09-18 10:57 - 00001034 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2012-10-04 10:54 - 2012-10-03 09:15 - 00010586 ____A C:\Extras.Txt 2012-10-03 16:03 - 2006-11-02 14:01 - 00032532 ____A C:\Windows\Tasks\SCHEDLGU.TXT 2012-10-03 10:55 - 2012-10-01 15:07 - 00004374 ____A C:\Windows\PFRO.log 2012-10-03 09:24 - 2008-01-21 07:24 - 12011470 ____A C:\Windows\System32\perfh015.dat 2012-10-03 09:24 - 2008-01-21 07:24 - 04133376 ____A C:\Windows\System32\perfc015.dat 2012-10-03 09:24 - 2008-01-21 07:24 - 00005736 ____A C:\Windows\System32\PerfStringBackup.INI 2012-10-03 09:07 - 2012-10-03 09:07 - 00600064 ____A (OldTimer Tools) C:\OTL.exe 2012-10-03 09:04 - 2012-10-03 09:06 - 00444520 ____A C:\OTL(19450).exe 2012-10-02 08:53 - 2010-09-18 10:57 - 00001030 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2012-10-02 08:48 - 2012-10-02 08:48 - 00010545 ____A C:\ComboFix.txt 2012-10-02 08:44 - 2012-10-02 08:44 - 00002243 ____A C:\Windows\epplauncher.mif 2012-10-01 16:00 - 2011-01-20 09:33 - 00001356 ____A C:\Users\Anita\AppData\Local\d3d9caps.dat 2012-10-01 14:17 - 2012-10-01 14:17 - 00000000 ____A C:\Windows\setuperr.log 2012-10-01 14:17 - 2012-10-01 14:17 - 00000000 ____A C:\Windows\setupact.log 2012-10-01 10:16 - 2010-07-26 14:09 - 00071680 ____A C:\Users\Anita\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2012-09-30 18:15 - 2011-06-30 14:59 - 00000254 ____A C:\Windows\Tasks\RMSchedule.job 2012-09-28 18:19 - 2010-12-19 21:52 - 00001971 ____A C:\Users\Public\Desktop\Google Chrome.lnk 2012-09-27 12:39 - 2012-10-02 08:43 - 04769305 ____R (Swearware) C:\ComboFix.exe 2012-09-22 14:20 - 2012-09-22 14:21 - 00138240 ____A C:\Users\Anita\Desktop\Windykacja SDSM 08.2012-wykres.xls 2012-09-22 13:42 - 2012-09-22 14:21 - 00034304 ____A C:\Users\Anita\Desktop\zbiorówka stan na 31 08 2012r..xls 2012-09-22 13:35 - 2012-09-22 14:21 - 00034816 ____A C:\Users\Anita\Desktop\zbior stan na 31 08 2012r. KWK.xls 2012-09-22 13:09 - 2012-09-22 14:21 - 00044544 ____A C:\Users\Anita\Desktop\Zbior przeterm stan na 31 08 2012r.xls 2012-09-14 05:32 - 2012-09-14 05:32 - 00001880 ____A C:\Users\Public\Desktop\Skype.lnk 2012-09-13 16:17 - 2006-11-02 11:24 - 62164608 ____A (Microsoft Corporation) C:\Windows\System32\mrt.exe 2012-08-30 21:03 - 2012-08-30 21:03 - 00193552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\MpFilter.sys 2012-08-30 21:03 - 2011-04-27 14:25 - 00099272 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\NisDrvWFP.sys 2012-08-24 08:27 - 2012-09-23 08:23 - 12319744 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2012-08-24 08:03 - 2012-09-23 08:23 - 09738240 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2012-08-24 07:59 - 2012-09-23 08:23 - 01800704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2012-08-24 07:51 - 2012-09-23 08:23 - 01427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2012-08-24 07:51 - 2012-09-23 08:23 - 01129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2012-08-24 07:51 - 2012-09-23 08:23 - 01103872 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2012-08-24 07:49 - 2012-09-23 08:23 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2012-08-24 07:48 - 2012-09-23 08:23 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2012-08-24 07:47 - 2012-09-23 08:23 - 00717824 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2012-08-24 07:47 - 2012-09-23 08:23 - 00420864 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2012-08-24 07:47 - 2012-09-23 08:23 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2012-08-24 07:45 - 2012-09-23 08:23 - 00607744 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2012-08-24 07:44 - 2012-09-23 08:23 - 01793024 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2012-08-24 07:44 - 2012-09-23 08:23 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2012-08-24 07:43 - 2012-09-23 08:23 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2012-08-24 07:40 - 2012-09-23 08:23 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2012-08-15 23:20 - 2006-11-02 13:47 - 00310000 ____A C:\Windows\System32\FNTCACHE.DAT 2012-08-14 10:26 - 2010-07-26 16:17 - 00002625 ____A C:\Users\Anita\Desktop\Microsoft Office Word 2007.lnk 2012-07-22 09:23 - 2012-07-22 09:23 - 00000846 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk ==================== Known DLLs (Whitelisted) ================= ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== EXE ASSOCIATION ===================== HKLM\...\.exe: exefile => OK HKLM\...\exefile\DefaultIcon: %1 => OK HKLM\...\exefile\open\command: "%1" %* => OK ==================== Restore Points ========================= ==================== Memory info =========================== Percentage of memory in use: 18% Total physical RAM: 2046.83 MB Available physical RAM: 1661.91 MB Total Pagefile: 1854.77 MB Available Pagefile: 1711.22 MB Total Virtual: 2047.88 MB Available Virtual: 1973.8 MB ==================== Partitions ============================= 2 Drive c: () (Fixed) (Total:39.06 GB) (Free:7.25 GB) NTFS ==>[Drive with boot components (obtained from BCD)] 3 Drive d: (Anita) (Fixed) (Total:53.71 GB) (Free:47.27 GB) NTFS 4 Drive e: (Martynka) (Fixed) (Total:60.6 GB) (Free:36.52 GB) NTFS 5 Drive f: (FRMCFRE_PL_DVD) (CDROM) (Total:2.79 GB) (Free:0 GB) UDF 6 Drive g: (THINSTATE) (Removable) (Total:7.5 GB) (Free:1.94 GB) FAT32 7 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS Dysk ### Stan Rozmiar Wolne Dyn Gpt -------- ---------- ------- ------- --- --- Dysk 0 Online 153 GB 6144 KB Dysk 1 Online 7702 MB 0 B Partitions of Disk 0: =============== Partycja ### Typ Rozmiar Przesuni©cie ------------- ---------------- ------- ------------ Partycja 1 Podstawowy 39 GB 32 KB Partycja 0 Rozszerzony 114 GB 39 GB Partycja 2 Logiczny 54 GB 39 GB Partycja 3 Logiczny 61 GB 93 GB ========================================================= Disk: 0 Partycja 1 Typ : 07 Ukryta: Nie Aktywna: Tak Wolumin ### Lit Etykieta Fs Typ Rozmiar Stan Info ----------- --- ----------- ----- ---------- ------- --------- -------- * Wolumin 1 C NTFS Partycja 39 GB Zdrowy ========================================================= Disk: 0 Partycja 2 Typ : 07 Ukryta: Nie Aktywna: Nie Wolumin ### Lit Etykieta Fs Typ Rozmiar Stan Info ----------- --- ----------- ----- ---------- ------- --------- -------- * Wolumin 2 D Anita NTFS Partycja 54 GB Zdrowy ========================================================= Disk: 0 Partycja 3 Typ : 07 Ukryta: Nie Aktywna: Nie Wolumin ### Lit Etykieta Fs Typ Rozmiar Stan Info ----------- --- ----------- ----- ---------- ------- --------- -------- * Wolumin 3 E Martynka NTFS Partycja 61 GB Zdrowy ========================================================= Partitions of Disk 1: =============== Partycja ### Typ Rozmiar Przesuni©cie ------------- ---------------- ------- ------------ Partycja 1 Podstawowy 7701 MB 1024 KB ========================================================= Disk: 1 Partycja 1 Typ : 0B Ukryta: Nie Aktywna: Tak Wolumin ### Lit Etykieta Fs Typ Rozmiar Stan Info ----------- --- ----------- ----- ---------- ------- --------- -------- * Wolumin 4 G THINSTATE FAT32 Wymienny 7701 MB Zdrowy ========================================================= Last Boot: 2012-10-11 14:06 ==================== End Of Log ============================