Scan result of Farbars's Recovery Tool (FRST written by farbar) Version 2.1.6 Ran by SYSTEM at 2011-07-27 10:02:49 Running from F:\ Microsoft Windows XP (X86) OS Language: Polish The current controlset is ControlSet004 ========================== Registry (Whitelisted) ============= HKLM\...\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe [155648 2004-08-20] (Intel Corporation) HKLM\...\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe [118784 2004-08-20] (Intel Corporation) HKLM\...\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe [1388544 2004-06-30] (Analog Devices, Inc.) HKLM\...\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray [847872 2004-07-07] (Analog Devices, Inc.) HKLM\...\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh) HKLM\...\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [49152 2003-05-08] (ScanSoft, Inc.) HKLM\...\Run: [HipServ Agent] C:\Program Files\HipServ Desktop Applications\HipServAgent\HipServAgent.exe [1872928 2007-09-21] (Axentra Corporation) HKLM\...\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE [81990 2003-09-29] (Network Associates, Inc.) HKLM\...\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey [135251 2003-09-10] (Network Associates, Inc.) HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" [149280 2009-07-25] (Sun Microsystems, Inc.) HKU\Biuro\...\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe [15360 2008-04-14] (Microsoft Corporation) HKU\Biuro\...\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background [1695232 2008-04-14] (Microsoft Corporation) HKU\Default User\...\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE [15360 2008-04-14] (Microsoft Corporation) HKU\LocalService\...\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE [15360 2008-04-14] (Microsoft Corporation) HKU\NetworkService\...\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE [15360 2008-04-14] (Microsoft Corporation) Winlogon\Notify\crypt32chain: crypt32.dll (Microsoft Corporation) Winlogon\Notify\cryptnet: cryptnet.dll (Microsoft Corporation) Winlogon\Notify\cscdll: cscdll.dll (Microsoft Corporation) Winlogon\Notify\dimsntfy: %SystemRoot%\System32\dimsntfy.dll (Microsoft Corporation) Winlogon\Notify\igfxcui: igfxsrvc.dll (Intel Corporation) Winlogon\Notify\ScCertProp: wlnotify.dll (Microsoft Corporation) Winlogon\Notify\Schedule: wlnotify.dll (Microsoft Corporation) Winlogon\Notify\sclgntfy: sclgntfy.dll (Microsoft Corporation) Winlogon\Notify\SensLogn: WlNotify.dll (Microsoft Corporation) Winlogon\Notify\termsrv: wlnotify.dll (Microsoft Corporation) Winlogon\Notify\WgaLogon: WgaLogon.dll (Microsoft Corporation) Winlogon\Notify\wlballoon: wlnotify.dll (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 10.15.4.8 ================================ Services (Whitelisted) ================== 4 Alerter; C:\Windows\System32\alrsvc.dll [17408 2008-04-14] (Microsoft Corporation) 3 aspnet_state; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [34312 2008-07-25] (Microsoft Corporation) 2 Canon Driver Information Assist Service; "C:\Program Files\Canon\DIAS\CnxDIAS.exe" [2564456 2008-03-26] (CANON INC.) 3 CiSvc; C:\Windows\System32\cisvc.exe [5632 2008-04-14] (Microsoft Corporation) 4 ClipSrv; C:\Windows\System32\clipsrv.exe [33280 2008-04-14] (Microsoft Corporation) 3 dmadmin; C:\Windows\System32\dmadmin.exe /com [225280 2008-04-14] (Microsoft Corp., Veritas Software) 2 dmserver; C:\Windows\System32\dmserver.dll [24064 2008-04-14] (Microsoft Corp.) 2 ERSvc; C:\Windows\System32\ersvc.dll [23040 2008-04-14] (Microsoft Corporation) 2 Eventlog; C:\Windows\System32\services.exe [111104 2009-02-09] (Microsoft Corporation) 3 FastUserSwitchingCompatibility; C:\Windows\System32\shsvcs.dll [135680 2009-07-28] (Microsoft Corporation) 2 gupdate1ca2c8db6dac262; C:\Program Files\Google\Update\GoogleUpdate.exe /svc [133104 2009-09-03] (Google Inc.) 2 helpsvc; C:\Windows\PCHealth\HelpCtr\Binaries\pchsvc.dll [38400 2008-04-14] (Microsoft Corporation) 3 HTTPFilter; C:\Windows\System32\w3ssl.dll [15872 2008-04-14] (Microsoft Corporation) 3 ImapiService; C:\WINDOWS\system32\imapi.exe [150528 2008-04-14] (Microsoft Corporation) 2 McAfeeFramework; C:\Program Files\Network Associates\Common Framework\FrameworkService.exe /ServiceStart [106586 2003-09-10] (Network Associates, Inc.) 2 McShield; "C:\Program Files\Network Associates\VirusScan\mcshield.exe" [237657 2003-09-29] (Network Associates, Inc.) 2 McTaskManager; "C:\Program Files\Network Associates\VirusScan\vstskmgr.exe" [69706 2003-09-29] (Network Associates, Inc.) 2 MDM; "C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE" [322120 2003-06-19] (Microsoft Corporation) 4 Messenger; C:\Windows\System32\msgsvc.dll [33792 2008-04-14] (Microsoft Corporation) 3 mnmsrvc; C:\WINDOWS\system32\mnmsrvc.exe [32768 2008-04-14] (Microsoft Corporation) 4 NetDDE; C:\Windows\System32\netdde.exe [114688 2008-04-14] (Microsoft Corporation) 4 NetDDEdsdm; C:\Windows\System32\netdde.exe [114688 2008-04-14] (Microsoft Corporation) 3 Nla; C:\Windows\System32\mswsock.dll [246784 2008-06-20] (Microsoft Corporation) 3 NtLmSsp; C:\Windows\System32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) 3 NtmsSvc; C:\Windows\System32\ntmssvc.dll [435712 2008-04-14] (Microsoft Corporation) 2 PlugPlay; C:\Windows\System32\services.exe [111104 2009-02-09] (Microsoft Corporation) 2 PolicyAgent; C:\Windows\System32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) 3 RDSessMgr; C:\WINDOWS\system32\sessmgr.exe [142336 2008-04-14] (Microsoft Corporation) 3 RSVP; C:\Windows\System32\rsvp.exe [132608 2004-08-04] (Microsoft Corporation) 3 SCardSvr; C:\Windows\System32\SCardSvr.exe [98304 2008-04-14] (Microsoft Corporation) 2 SoundMAX Agent Service (default); C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [45056 2002-09-20] (Analog Devices, Inc.) 2 srservice; C:\WINDOWS\system32\srsvc.dll [171520 2008-04-14] (Microsoft Corporation) 3 SwPrv; C:\WINDOWS\system32\dllhost.exe /Processid:{65359FDA-AB13-48B7-A0CB-8F70B9AB3863} [5120 2008-04-14] (Microsoft Corporation) 3 SysmonLog; C:\Windows\System32\smlogsvc.exe [91136 2008-04-14] (Microsoft Corporation) 4 TlntSvr; C:\WINDOWS\system32\tlntsvr.exe [75264 2008-04-14] (Microsoft Corporation) 3 UPS; C:\Windows\System32\ups.exe [18432 2008-04-14] (Microsoft Corporation) 3 WmdmPmSN; C:\WINDOWS\system32\MsPMSNSv.dll [27136 2006-10-18] (Microsoft Corporation) 3 Wmi; C:\Windows\System32\advapi32.dll [686592 2009-02-09] (Microsoft Corporation) 4 wscsvc; C:\Windows\System32\wscsvc.dll [80896 2008-04-14] (Microsoft Corporation) 2 wuauserv; C:\WINDOWS\system32\wuauserv.dll [6656 2008-04-14] (Microsoft Corporation) 2 WZCSVC; C:\Windows\System32\wzcsvc.dll [483840 2008-04-14] (Microsoft Corporation) 3 xmlprov; C:\Windows\System32\xmlprov.dll [129024 2008-04-14] (Microsoft Corporation) 3 clr_optimization_v2.0.50727_32; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [x] 3 FontCache3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [x] 4 HidServ; C:\Windows\System32\hidserv.dll [x] 3 idsvc; "c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe" [x] 2 JavaQuickStarterService; "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf" [x] 4 NetTcpPortSharing; "c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe" [x] 3 WMPNetworkSvc; "C:\Program Files\Windows Media Player\WMPNetwk.exe" [x] ========================== Drivers (Whitelisted) ============= 0 80394919; C:\Windows\System32\DRIVERS\80394919.sys [133208 2011-07-25] (Kaspersky Lab ZAO) 4 ACPIEC; C:\Windows\System32\Drivers\ACPIEC.sys [12032 2004-08-04] (Microsoft Corporation) 3 aec; C:\Windows\System32\drivers\aec.sys [142592 2008-04-13] (Microsoft Corporation) 3 Atmarpc; C:\Windows\System32\DRIVERS\atmarpc.sys [59904 2008-04-13] (Microsoft Corporation) 3 audstub; C:\Windows\System32\DRIVERS\audstub.sys [3072 2001-08-17] (Microsoft Corporation) 3 b57w2k; C:\Windows\System32\DRIVERS\b57xp32.sys [121472 2004-08-23] (Broadcom Corporation) 4 cbidf2k; C:\Windows\System32\Drivers\cbidf2k.sys [13952 2004-08-04] (Microsoft Corporation) 1 Cdaudio; C:\Windows\System32\Drivers\Cdaudio.sys [18688 2004-08-04] (Microsoft Corporation) 4 dmboot; C:\Windows\System32\drivers\dmboot.sys [800000 2008-04-14] (Microsoft Corp., Veritas Software) 0 dmio; C:\Windows\System32\drivers\dmio.sys [153856 2008-04-14] (Microsoft Corp., Veritas Software) 0 dmload; C:\Windows\System32\drivers\dmload.sys [5888 2004-08-04] (Microsoft Corp., Veritas Software.) 3 DMusic; C:\Windows\System32\drivers\DMusic.sys [52864 2008-04-13] (Microsoft Corporation) 4 Fastfat; C:\Windows\System32\Drivers\Fastfat.sys [143744 2008-04-13] (Microsoft Corporation) 1 Fips; C:\Windows\System32\Drivers\Fips.sys [44672 2008-04-14] (Microsoft Corporation) 0 Ftdisk; C:\Windows\System32\DRIVERS\ftdisk.sys [125568 2004-08-04] (Microsoft Corporation) 3 Gpc; C:\Windows\System32\DRIVERS\msgpc.sys [35072 2008-04-13] (Microsoft Corporation) 3 ialm; C:\Windows\System32\DRIVERS\ialmnt5.sys [737874 2004-08-20] (Intel Corporation) 1 Imapi; C:\Windows\System32\DRIVERS\imapi.sys [42112 2008-04-13] (Microsoft Corporation) 3 Ip6Fw; C:\Windows\System32\drivers\ip6fw.sys [36608 2008-04-13] (Microsoft Corporation) 3 IpInIp; C:\Windows\System32\DRIVERS\ipinip.sys [20864 2008-04-13] (Microsoft Corporation) 1 IPSec; C:\Windows\System32\DRIVERS\ipsec.sys [75264 2008-04-13] (Microsoft Corporation) 3 kmixer; C:\Windows\System32\drivers\kmixer.sys [172416 2008-04-13] (Microsoft Corporation) 3 MidiSyn; C:\Windows\System32\drivers\MidiSyn.sys [235100 2002-09-20] (Analog Devices Inc) 1 mnmdd; C:\Windows\System32\Drivers\mnmdd.sys [4224 2004-08-04] (Microsoft Corporation) 3 NaiAvFilter1; C:\Windows\System32\drivers\naiavf5x.sys [83008 2003-09-29] (Network Associates, Inc.) 4 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [574976 2008-04-13] (Microsoft Corporation) 3 NwlnkFlt; C:\Windows\System32\DRIVERS\nwlnkflt.sys [12416 2004-08-04] (Microsoft Corporation) 3 NwlnkFwd; C:\Windows\System32\DRIVERS\nwlnkfwd.sys [32512 2004-08-04] (Microsoft Corporation) 4 Pcmcia; C:\Windows\System32\Drivers\Pcmcia.sys [120320 2008-04-14] (Microsoft Corporation) 3 PSched; C:\Windows\System32\DRIVERS\psched.sys [69120 2008-04-13] (Microsoft Corporation) 3 Ptilink; C:\Windows\System32\DRIVERS\ptilink.sys [17792 2004-08-04] (Parallel Technologies, Inc.) 3 Raspti; C:\Windows\System32\DRIVERS\raspti.sys [16512 2004-08-04] (Microsoft Corporation) 1 redbook; C:\Windows\System32\DRIVERS\redbook.sys [58880 2008-04-14] (Microsoft Corporation) 3 senfilt; C:\Windows\System32\drivers\senfilt.sys [381056 2004-04-26] (Sensaura) 3 smwdm; C:\Windows\System32\drivers\smwdm.sys [267392 2004-07-08] (Analog Devices, Inc.) 3 splitter; C:\Windows\System32\drivers\splitter.sys [6272 2008-04-13] (Microsoft Corporation) 0 sr; C:\Windows\System32\DRIVERS\sr.sys [73472 2008-04-14] (Microsoft Corporation) 3 swmidi; C:\Windows\System32\drivers\swmidi.sys [56576 2008-04-13] (Microsoft Corporation) 3 sysaudio; C:\Windows\System32\drivers\sysaudio.sys [60800 2008-04-13] (Microsoft Corporation) 3 Update; C:\Windows\System32\DRIVERS\update.sys [384768 2008-04-13] (Microsoft Corporation) 3 wdmaud; C:\Windows\System32\drivers\wdmaud.sys [83072 2008-04-13] (Microsoft Corporation) 0 WudfPf; C:\Windows\System32\DRIVERS\WudfPf.sys [77568 2006-09-28] (Microsoft Corporation) 0 97425443; C:\Windows\System32\DRIVERS\97425443.sys [x] 4 Abiosdsk; [x] 4 abp480n5; [x] 4 adpu160m; [x] 4 Aha154x; [x] 4 aic78u2; [x] 4 aic78xx; [x] 4 AliIde; [x] 4 amsint; [x] 4 asc; [x] 4 asc3350p; [x] 4 asc3550; [x] 4 Atdisk; [x] 4 cd20xrnt; [x] 1 Changer; [x] 4 CmdIde; [x] 4 Cpqarray; [x] 4 dac2w2k; [x] 4 dac960nt; [x] 3 dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [x] 4 dpti2o; [x] 4 hpn; [x] 1 i2omgmt; [x] 4 i2omp; [x] 4 ini910u; [x] 1 lbrtfdc; [x] 3 Micorsoft Windows Service; \??\C:\DOCUME~1\Biuro\USTAWI~1\Temp\wlpyddho.sys [x] 4 mraid35x; [x] 1 PCIDump; [x] 3 PDCOMP; [x] 3 PDFRAME; [x] 3 PDRELI; [x] 3 PDRFRAME; [x] 4 perc2; [x] 4 perc2hib; [x] 4 ql1080; [x] 4 Ql10wnt; [x] 4 ql12160; [x] 4 ql1240; [x] 4 ql1280; [x] 4 Simbad; [x] 4 Sparrow; [x] 4 symc810; [x] 4 symc8xx; [x] 4 sym_hi; [x] 4 sym_u3; [x] 4 TosIde; [x] 4 ultra; [x] 4 ViaIde; [x] 3 WDICA; [x] ========================== NetSvcs ======================== ============ One Month Created Files and Folders ============== 2011-07-27 10:02 - 2011-07-27 10:02 - 0000000 __ASH C:\Windows\System32\config\System.LOG2 2011-07-27 10:02 - 2011-07-27 10:02 - 0000000 __ASH C:\Windows\System32\config\System.LOG1 2011-07-27 10:02 - 2011-07-27 10:02 - 0000000 __ASH C:\Windows\System32\config\software.LOG2 2011-07-27 10:02 - 2011-07-27 10:02 - 0000000 __ASH C:\Windows\System32\config\software.LOG1 2011-07-27 10:02 - 2011-07-27 10:02 - 0000000 ____D C:\FRST 2011-07-27 08:04 - 2011-07-27 08:09 - 0000000 ____D C:\quarantine 2011-07-27 07:56 - 2011-07-27 08:40 - 0001284 __ASH C:\Windows\2145913drv.spi 2011-07-27 07:30 - 2011-07-27 07:30 - 0000000 ____D C:\Windows\LastGood.Tmp 2011-07-27 07:22 - 2011-07-27 07:22 - 0000075 ____A C:\Windows\setupact.log 2011-07-27 07:22 - 2011-07-27 07:22 - 0000000 ____A C:\Windows\setuperr.log 2011-07-27 07:22 - 2008-04-13 19:45 - 0010368 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidusb.sys 2011-07-27 07:22 - 2001-10-26 15:57 - 0012160 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mouhid.sys 2011-07-27 01:57 - 2011-07-27 08:55 - 0000000 ____D C:\Program Files\htwfsdcl 2011-07-27 01:48 - 2011-07-27 01:48 - 0008192 __ASH C:\Windows\Thumbs.db 2011-07-27 00:48 - 2011-07-25 00:21 - 0133208 ____A (Kaspersky Lab ZAO) C:\Windows\System32\Drivers\80394919.sys 2011-07-26 23:27 - 2011-07-26 23:27 - 0000000 ____D C:\Program Files\Malwarebytes' Anti-Malware 2011-07-26 23:27 - 2010-03-29 14:24 - 0038224 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamswissarmy.sys 2011-07-26 23:27 - 2010-03-29 14:24 - 0020824 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys 2011-07-26 22:20 - 2011-07-26 22:20 - 0000000 ___HD C:\Windows\PIF 2011-07-25 00:13 - 2011-07-27 07:27 - 0000000 ____A C:\Windows\0.log 2011-07-24 23:44 - 2011-07-24 23:44 - 0000000 ____D C:\Documents and Settings\Biuro\DoctorWeb 2011-07-24 23:40 - 2011-07-27 07:30 - 0040353 ____A C:\Windows\setupapi.log 2011-07-24 22:54 - 2011-07-24 22:54 - 0000258 ____A C:\Windows\is-0CFTB.lst 2011-07-24 22:54 - 2004-06-01 01:00 - 0033280 ____A C:\Windows\is-0CFTB.exe 2011-07-21 15:21 - 2011-07-26 06:24 - 0000000 ____D C:\Program Files\ESET 2011-07-21 15:04 - 2011-07-27 07:58 - 0000282 ___AH C:\Windows\Tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job 2011-07-21 14:53 - 2011-07-27 08:42 - 0000282 ___AH C:\Windows\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job 2011-07-21 14:52 - 2011-07-27 07:27 - 0000310 __ASH C:\Windows\Tasks\fedtng.job 2011-07-21 14:52 - 2011-07-21 14:52 - 0064512 _RASH C:\Windows\System32\rcimlbys.dll 2011-07-21 11:50 - 2011-07-21 11:55 - 0063480 ____A C:\mksbasel.cpp.log 2011-07-21 11:49 - 2011-07-22 16:26 - 0000000 ____D C:\Program Files\SkanerOnline 2011-07-14 02:04 - 2011-07-14 02:04 - 0000000 __HDC C:\Windows\$NtUninstallKB2507938$ 2011-07-14 02:01 - 2011-07-14 02:01 - 0000000 __HDC C:\Windows\$NtUninstallKB2555917$ 2011-06-30 02:00 - 2011-06-30 02:00 - 0000000 __HDC C:\Windows\$NtUninstallKB2541763$ ============ 3 Months Modified Files and Folders =============== 2011-07-27 10:02 - 2011-07-27 10:02 - 0000000 __ASH C:\Windows\System32\config\System.LOG2 2011-07-27 10:02 - 2011-07-27 10:02 - 0000000 __ASH C:\Windows\System32\config\System.LOG1 2011-07-27 10:02 - 2011-07-27 10:02 - 0000000 __ASH C:\Windows\System32\config\software.LOG2 2011-07-27 10:02 - 2011-07-27 10:02 - 0000000 __ASH C:\Windows\System32\config\software.LOG1 2011-07-27 10:02 - 2011-07-27 10:02 - 0000000 ____D C:\FRST 2011-07-27 08:55 - 2011-07-27 01:57 - 0000000 ____D C:\Program Files\htwfsdcl 2011-07-27 08:45 - 2009-04-22 10:38 - 1633969 ____A C:\Windows\WindowsUpdate.log 2011-07-27 08:44 - 2009-04-22 12:11 - 0000214 ____A C:\Windows\wiadebug.log 2011-07-27 08:44 - 2009-04-22 12:11 - 0000050 ____A C:\Windows\wiaservc.log 2011-07-27 08:44 - 2009-04-22 10:52 - 0000292 __ASH C:\Documents and Settings\Biuro\ntuser.ini 2011-07-27 08:44 - 2009-04-22 10:51 - 0032470 ____A C:\Windows\SchedLgU.Txt 2011-07-27 08:44 - 2009-04-22 10:51 - 0000006 ___AH C:\Windows\Tasks\SA.DAT 2011-07-27 08:42 - 2011-07-21 14:53 - 0000282 ___AH C:\Windows\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job 2011-07-27 08:40 - 2011-07-27 07:56 - 0001284 __ASH C:\Windows\2145913drv.spi 2011-07-27 08:09 - 2011-07-27 08:04 - 0000000 ____D C:\quarantine 2011-07-27 07:58 - 2011-07-21 15:04 - 0000282 ___AH C:\Windows\Tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job 2011-07-27 07:47 - 2009-09-03 13:05 - 0001036 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2011-07-27 07:30 - 2011-07-27 07:30 - 0000000 ____D C:\Windows\LastGood.Tmp 2011-07-27 07:30 - 2011-07-24 23:40 - 0040353 ____A C:\Windows\setupapi.log 2011-07-27 07:27 - 2011-07-25 00:13 - 0000000 ____A C:\Windows\0.log 2011-07-27 07:27 - 2011-07-21 14:52 - 0000310 __ASH C:\Windows\Tasks\fedtng.job 2011-07-27 07:27 - 2009-09-03 13:05 - 0001032 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2011-07-27 07:27 - 2004-08-04 13:00 - 0002206 ____A C:\Windows\System32\wpa.dbl 2011-07-27 07:26 - 2009-05-28 09:58 - 0000000 ____D C:\Windows\pss 2011-07-27 07:26 - 2009-04-22 12:06 - 0000211 ___SH C:\boot.ini 2011-07-27 07:26 - 2004-08-04 13:00 - 0000603 ____A C:\Windows\win.ini 2011-07-27 07:26 - 2004-08-04 13:00 - 0000227 ____A C:\Windows\system.ini 2011-07-27 07:22 - 2011-07-27 07:22 - 0000075 ____A C:\Windows\setupact.log 2011-07-27 07:22 - 2011-07-27 07:22 - 0000000 ____A C:\Windows\setuperr.log 2011-07-27 02:10 - 2009-04-22 10:52 - 0000000 ____D C:\Documents and Settings\Biuro\Pulpit 2011-07-27 01:54 - 2009-11-30 10:56 - 0000000 ____D C:\Faktury 2011-07-27 01:48 - 2011-07-27 01:48 - 0008192 __ASH C:\Windows\Thumbs.db 2011-07-26 23:48 - 2011-06-21 02:05 - 0000000 __HDC C:\Windows\$NtUninstallKB2476490$ 2011-07-26 23:28 - 2009-04-22 10:52 - 0000000 __RHD C:\Documents and Settings\Biuro\Dane aplikacji 2011-07-26 23:27 - 2011-07-26 23:27 - 0000000 ____D C:\Program Files\Malwarebytes' Anti-Malware 2011-07-26 23:27 - 2009-04-22 12:08 - 0000000 __RHD C:\Documents and Settings\All Users\Dane aplikacji 2011-07-26 22:46 - 2009-04-22 19:29 - 0000000 ____D C:\Program Files\Common Files\Adobe 2011-07-26 22:45 - 2010-10-08 12:27 - 0000000 ____D C:\Config.Msi 2011-07-26 22:45 - 2009-04-22 12:07 - 0265416 ____A C:\Windows\System32\FNTCACHE.DAT 2011-07-26 22:42 - 2009-04-22 12:08 - 0000000 ____D C:\Documents and Settings\All Users\Pulpit 2011-07-26 22:20 - 2011-07-26 22:20 - 0000000 ___HD C:\Windows\PIF 2011-07-26 21:53 - 2009-04-22 10:35 - 0000000 ____D C:\Program Files\Movie Maker 2011-07-26 21:53 - 2009-04-22 10:34 - 0000000 ____D C:\Program Files\Outlook Express 2011-07-26 21:03 - 2009-04-22 10:52 - 0000000 ___HD C:\Documents and Settings\Biuro\Ustawienia lokalne 2011-07-26 06:24 - 2011-07-21 15:21 - 0000000 ____D C:\Program Files\ESET 2011-07-25 23:30 - 2010-05-05 11:38 - 0000000 ____D C:\Program Files\Mozilla Firefox 2011-07-25 00:21 - 2011-07-27 00:48 - 0133208 ____A (Kaspersky Lab ZAO) C:\Windows\System32\Drivers\80394919.sys 2011-07-24 23:44 - 2011-07-24 23:44 - 0000000 ____D C:\Documents and Settings\Biuro\DoctorWeb 2011-07-24 22:54 - 2011-07-24 22:54 - 0000258 ____A C:\Windows\is-0CFTB.lst 2011-07-22 16:26 - 2011-07-21 11:49 - 0000000 ____D C:\Program Files\SkanerOnline 2011-07-22 14:01 - 2009-04-22 10:34 - 0000000 ____D C:\Program Files\NetMeeting 2011-07-22 11:49 - 2004-08-04 13:00 - 0000000 ___HD C:\Recycle.Bin 2011-07-22 11:11 - 2009-04-22 10:52 - 0000000 ___RD C:\Documents and Settings\Biuro\Moje dokumenty 2011-07-22 10:48 - 2009-04-22 11:51 - 0000000 ____D C:\Windows\Debug 2011-07-22 10:04 - 2009-04-22 11:51 - 0000000 ___RD C:\Windows\Web 2011-07-22 09:19 - 2009-04-22 16:38 - 0000000 ____D C:\Program Files\Windows Media Connect 2 2011-07-22 09:08 - 2009-04-23 08:01 - 0000000 ____D C:\Program Files\Nowe Gadu-Gadu 2011-07-22 09:05 - 2009-04-22 19:15 - 0000000 ____D C:\Program Files\Microsoft Works 2011-07-22 08:51 - 2010-10-01 07:06 - 0000000 ____D C:\Program Files\Gadu-Gadu 10 2011-07-22 08:49 - 2009-04-22 18:37 - 0000000 ____D C:\Program Files\Common Files\ScanSoft Shared 2011-07-22 08:47 - 2009-04-22 19:15 - 0000000 ____D C:\Program Files\Common Files\DESIGNER 2011-07-22 07:29 - 2009-04-22 10:34 - 0000000 ____D C:\Windows\System32\Restore 2011-07-21 14:52 - 2011-07-21 14:52 - 0064512 _RASH C:\Windows\System32\rcimlbys.dll 2011-07-21 11:55 - 2011-07-21 11:50 - 0063480 ____A C:\mksbasel.cpp.log 2011-07-21 11:49 - 2009-04-22 10:38 - 0000000 ___SD C:\Windows\Downloaded Program Files 2011-07-21 11:37 - 2009-04-22 20:03 - 0000000 ____D C:\Program Files\IrfanView 2011-07-19 08:19 - 2011-01-17 11:08 - 0000000 ____D C:\Moje dokumenty 2011-07-18 07:11 - 2009-04-22 20:52 - 0000512 ____A C:\Windows\randseed.rnd 2011-07-14 02:04 - 2011-07-14 02:04 - 0000000 __HDC C:\Windows\$NtUninstallKB2507938$ 2011-07-14 02:02 - 2009-04-22 14:34 - 49089992 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe 2011-07-14 02:01 - 2011-07-14 02:01 - 0000000 __HDC C:\Windows\$NtUninstallKB2555917$ 2011-07-13 05:27 - 2009-04-22 10:39 - 0000000 ___HD C:\Windows\$hf_mig$ 2011-07-01 11:33 - 2009-04-22 19:12 - 0000000 ____D C:\Program Files\Microsoft Office 2011-06-30 02:00 - 2011-06-30 02:00 - 0000000 __HDC C:\Windows\$NtUninstallKB2541763$ 2011-06-28 08:06 - 2009-04-22 10:41 - 0000000 ____D C:\Windows\Microsoft.NET 2011-06-28 07:56 - 2009-04-22 12:09 - 1165050 ____A C:\Windows\System32\PerfStringBackup.INI 2011-06-28 07:56 - 2004-08-04 13:00 - 0533438 ____A C:\Windows\System32\perfh015.dat 2011-06-28 07:56 - 2004-08-04 13:00 - 0471622 ____A C:\Windows\System32\perfh009.dat 2011-06-28 07:56 - 2004-08-04 13:00 - 0105836 ____A C:\Windows\System32\perfc015.dat 2011-06-28 07:56 - 2004-08-04 13:00 - 0083686 ____A C:\Windows\System32\perfc009.dat 2011-06-21 14:17 - 2009-05-05 07:22 - 0036363 ____A C:\Windows\CSTBox.INI 2011-06-21 02:24 - 2011-06-21 02:01 - 0000000 ____D C:\Windows\SxsCaPendDel 2011-06-21 02:08 - 2009-04-22 11:27 - 0000000 ____D C:\Windows\System32\pl-pl 2011-06-21 02:07 - 2009-04-22 14:36 - 0000000 ____D C:\Windows\ie7updates 2011-06-21 02:05 - 2011-06-21 02:05 - 0000000 __HDC C:\Windows\$NtUninstallKB2503665$ 2011-06-21 02:03 - 2011-06-21 02:03 - 0000000 __HDC C:\Windows\$NtUninstallKB2535512$ 2011-06-21 02:02 - 2011-06-21 02:02 - 0000000 __HDC C:\Windows\$NtUninstallKB2544893$ 2011-06-21 02:02 - 2011-06-21 02:02 - 0000000 __HDC C:\Windows\$NtUninstallKB2536276$ 2011-06-21 02:02 - 2009-04-22 12:09 - 0000000 ____D C:\Program Files\Common Files\Microsoft Shared 2011-06-09 08:51 - 2009-05-04 10:53 - 0000069 ____A C:\Windows\NeroDigital.ini 2011-06-06 12:35 - 2009-02-09 15:07 - 1859200 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\win32k.sys 2011-06-06 12:35 - 2004-08-04 13:00 - 1859200 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys 2011-05-27 09:50 - 2011-05-27 09:50 - 0000000 ____D C:\Windows\Land Grabbers 2011-05-25 09:03 - 2011-05-25 09:01 - 0000000 ____D C:\Program Files\Samsung 2011-05-25 09:02 - 2011-05-25 09:02 - 0000000 ____D C:\Program Files\MarkAny 2011-05-25 09:02 - 2009-04-22 10:56 - 0000000 ___HD C:\Program Files\InstallShield Installation Information 2011-05-13 10:03 - 2009-04-22 11:51 - 0000000 ____D C:\Windows\Help 2011-05-02 16:32 - 2009-04-22 14:30 - 0692736 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\inetcomm.dll 2011-05-02 16:32 - 2009-04-22 10:34 - 0692736 ____A (Microsoft Corporation) C:\Windows\System32\inetcomm.dll 2011-04-30 09:50 - 2007-08-13 17:54 - 0766464 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\vgx.dll 2011-04-29 18:25 - 2008-12-05 07:57 - 0151552 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\schannel.dll 2011-04-29 18:25 - 2004-08-04 13:00 - 0151552 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll 2011-04-29 17:19 - 2009-04-22 14:30 - 0456320 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\mrxsmb.sys 2011-04-29 17:19 - 2004-10-28 02:14 - 0456320 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys 2011-04-27 13:20 - 2011-05-25 09:02 - 4659712 ____A (Dmitry Streblechenko) C:\Windows\System32\Redemption.dll 2011-04-27 13:19 - 2011-04-27 13:19 - 0974848 ____A C:\Windows\System32\cis-2.4.dll 2011-04-27 13:19 - 2011-04-27 13:19 - 0569344 ____A ((c) MusicCity) C:\Windows\System32\muzdecode.ax 2011-04-27 13:19 - 2011-04-27 13:19 - 0491520 ____A (Musiccity Co.Ltd.) C:\Windows\System32\muzapp.dll 2011-04-27 13:19 - 2011-04-27 13:19 - 0352256 ____A (Sample Corporation) C:\Windows\System32\MSLUR71.dll 2011-04-27 13:19 - 2011-04-27 13:19 - 0258048 ____A ((c) PeeringPortal) C:\Windows\System32\muzoggsp.ax 2011-04-27 13:19 - 2011-04-27 13:19 - 0245760 ____A (Teruten Inc.) C:\Windows\System32\MSCLib.dll 2011-04-27 13:19 - 2011-04-27 13:19 - 0200704 ____A ( (c) MusicCity) C:\Windows\System32\muzwmts.dll 2011-04-27 13:19 - 2011-04-27 13:19 - 0172032 ____A (Musiccity Co.Ltd.) C:\Windows\System32\muzapp.exe 2011-04-27 13:19 - 2011-04-27 13:19 - 0155648 ____A (Teruten Inc.) C:\Windows\System32\MSFLib.dll 2011-04-27 13:19 - 2011-04-27 13:19 - 0143360 ____A C:\Windows\System32\3DAudio.ax 2011-04-27 13:19 - 2011-04-27 13:19 - 0135168 ____A (Musiccity Co.Ltd.) C:\Windows\System32\muzaf1.dll 2011-04-27 13:19 - 2011-04-27 13:19 - 0131072 ____A ((c) MusicCity) C:\Windows\System32\muzmpgsp.ax 2011-04-27 13:19 - 2011-04-27 13:19 - 0122880 ____A ((c) MUSICCITY) C:\Windows\System32\muzeffect.ax 2011-04-27 13:19 - 2011-04-27 13:19 - 0118784 ____A ((?)????) C:\Windows\System32\MaDRM.dll 2011-04-27 13:19 - 2011-04-27 13:19 - 0110592 ____A ((c) MusicCity) C:\Windows\System32\muzmp4sp.ax 2011-04-27 13:19 - 2011-04-27 13:19 - 0081920 ____A C:\Windows\System32\issacapi_bs-2.3.dll 2011-04-27 13:19 - 2011-04-27 13:19 - 0065536 ____A C:\Windows\System32\issacapi_pe-2.3.dll 2011-04-27 13:19 - 2011-04-27 13:19 - 0057344 ____A C:\Windows\System32\issacapi_se-2.3.dll 2011-04-27 13:19 - 2011-04-27 13:19 - 0057344 ____A (Marktek) C:\Windows\System32\MK_Lyric.dll 2011-04-27 13:19 - 2011-04-27 13:19 - 0057344 ____A (Marktek Inc.) C:\Windows\System32\MTXSYNCICON.dll 2011-04-27 13:19 - 2011-04-27 13:19 - 0049152 ____A ((?) ????) C:\Windows\System32\MaJGUILib.dll 2011-04-27 13:19 - 2011-04-27 13:19 - 0045056 ____A ((?) ????) C:\Windows\System32\MaXMLProto.dll 2011-04-27 13:19 - 2011-04-27 13:19 - 0045056 ____A ((?) ????) C:\Windows\System32\MACXMLProto.dll 2011-04-27 13:19 - 2011-04-27 13:19 - 0040960 ____A (Telechips Inc.,) C:\Windows\System32\MTTELECHIP.dll 2011-04-27 13:19 - 2011-04-27 13:19 - 0040960 ____A (???????) C:\Windows\System32\MAMACExtract.dll 2011-04-27 13:19 - 2011-04-27 13:19 - 0024576 ____A ((?)????) C:\Windows\System32\MASetupCleaner.exe ========================= Known DLLs (Whitelisted) ============ ========================= Bamital & volsnap Check ============ C:\Windows\explorer.exe [2004-08-04 13:00] - [2008-04-14 18:21] - 1035264 ____A (Microsoft Corporation) c791ed9eac5e76d9525e157b1d7a599a C:\Windows\System32\winlogon.exe [2004-08-04 13:00] - [2008-04-14 18:21] - 0510464 ____A (Microsoft Corporation) 51fd2e13d723857b9ca239ae77150f48 C:\Windows\System32\Drivers\volsnap.sys [2004-08-04 13:00] - [2008-04-14 17:01] - 0052864 ____A (Microsoft Corporation) 56b191ac5fc0df219949c95a6c87afe7 RP: -> 2011-07-26 22:41 - 028672 _restore{1DD1DC7B-1158-493A-A966-409D56373E4C}\RP6 RP: -> 2011-07-26 06:23 - 028672 _restore{1DD1DC7B-1158-493A-A966-409D56373E4C}\RP5 RP: -> 2011-07-25 22:17 - 028672 _restore{1DD1DC7B-1158-493A-A966-409D56373E4C}\RP4 RP: -> 2011-07-22 10:53 - 028672 _restore{1DD1DC7B-1158-493A-A966-409D56373E4C}\RP3 RP: -> 2011-07-22 10:27 - 028672 _restore{1DD1DC7B-1158-493A-A966-409D56373E4C}\RP2 RP: -> 2011-07-22 07:29 - 028672 _restore{1DD1DC7B-1158-493A-A966-409D56373E4C}\RP1 ========================= Memory info ====================== Percentage of memory in use: 68% Total physical RAM: 502.55 MB Available physical RAM: 157.07 MB Total Pagefile: 502.55 MB Available Pagefile: 158.37 MB Total Virtual: 2047.88 MB Available Virtual: 1966.62 MB ======================= Partitions ========================= 2 Drive c: () (Fixed) (Total:195.41 GB) (Free:149.68 GB) NTFS 3 Drive d: () (Fixed) (Total:102.67 GB) (Free:102.11 GB) NTFS 4 Drive e: (GRMCPRFRER_PL_DVD) (CDROM) (Total:2.23 GB) (Free:0 GB) UDF 5 Drive f: (I-DISK) (Removable) (Total:0.24 GB) (Free:0.24 GB) FAT32 6 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS