Scan result of Farbar Recovery Scan Tool Version: 08-08-2012 02 Ran by SYSTEM at 09-08-2012 16:15:53 Running from H:\ Windows 7 Professional Service Pack 1 (X64) OS Language: Polish The current controlset is ControlSet001 ========================== Registry (Whitelisted) ============= HKLM-x32\...\Run: [VolPanel] "C:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe" /r [241789 2009-07-07] (Creative Technology Ltd) HKLM-x32\...\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml [10752 2012-02-20] () HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [641704 2012-06-11] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [CTxfiHlp] CTXFIHLP.EXE [x] HKU\Adam\...\Run: [Device Detector] DevDetect.exe -autorun [x] HKU\Adam\...\Run: [CTRegRun] C:\Windows\CTRegRun.EXE [53248 2006-10-06] (Creative Technology Ltd ) HKU\Adam\...\Run: [mmggdgfynvhwdzj] C:\ProgramData\mmggdgfy.exe [61440 2012-08-08] () Tcpip\Parameters: [DhcpNameServer] 213.241.79.37 8.8.4.4 ==================== Services (Whitelisted) ====== 2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) 2 Autodesk Content Service; "C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe" [18656 2011-02-02] () 3 Creative Dolby Digital Live Pack Licensing Service; "C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\DDLLicensing.exe" [79360 2011-09-02] (Creative Labs) 3 EhttpSrv; "C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe" [42360 2011-01-12] (ESET) 2 ekrn; "C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe" [810144 2011-01-12] (ESET) 2 NMSAccess; C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe [71096 2010-03-04] () 2 RapiMgr; C:\Windows\WindowsMobile\rapimgr.dll [225672 2007-05-31] (Microsoft Corporation) 2 tvnserver; "C:\Program Files (x86)\TightVNC\tvnserver.exe" -service [828944 2011-08-03] (GlavSoft LLC.) 2 WcesComm; C:\Windows\WindowsMobile\wcescomm.dll [443784 2007-05-31] (Microsoft Corporation) 3 CT20XUT.DLL; C:\Windows\System32\CT20XUT.DLL [x] 3 CTEXFIFX.DLL; C:\Windows\System32\CTEXFIFX.DLL [x] 3 CTHWIUT.DLL; C:\Windows\System32\CTHWIUT.DLL [x] 2 mitsijm2012; "C:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe" [x] 2 WinVNC4; "C:\Program Files (x86)\RealVNC\VNC4\WinVNC4.exe" -service [x] ========================== Drivers (Whitelisted) ============= 1 Amfilter; C:\Windows\System32\DRIVERS\Amfltx64.sys [12288 2007-10-15] ((Standard mouse types)) 3 Amusbprt; C:\Windows\System32\DRIVERS\Amusbx64.sys [17920 2008-02-13] (A4Tech Co.,Ltd.) 2 AODDriver4.01; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices) 2 AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices) 1 dtsoftbus01; C:\Windows\System32\Drivers\dtsoftbus01.sys [283200 2012-03-28] (DT Soft Ltd) 2 eamonm; C:\Windows\System32\Drivers\eamonm.sys [170640 2010-12-21] (ESET) 1 ehdrv; C:\Windows\System32\Drivers\ehdrv.sys [141264 2010-12-21] (ESET) 2 epfwwfpr; C:\Windows\System32\Drivers\epfwwfpr.sys [125296 2010-12-21] (ESET) 1 LUMDriver; C:\Windows\System32\Drivers\LUMDriver.sys [24848 2008-01-02] (IBM) 3 netr28ux; C:\Windows\System32\Drivers\netr28ux.sys [1118048 2010-06-25] (Ralink Technology Corp.) 3 StarOpen; C:\Windows\System32\Drivers\StarOpen.sys [5504 2009-11-12] () 3 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [7168 2009-11-12] () 1 VD_FileDisk; C:\Windows\System32\Drivers\VD_FileDisk.sys [30312 2011-01-26] (CaptainFlint Software) ========================== NetSvcs (Whitelisted) =========== ============ One Month Created Files and Folders ============== 2012-08-09 16:15 - 2012-08-09 16:15 - 00000000 ____D C:\FRST 2012-08-08 14:33 - 2012-08-08 14:33 - 00061440 ____A C:\Users\All Users\mmggdgfy.exe 2012-08-08 14:33 - 2012-08-08 14:33 - 00061440 ____A C:\Users\Adam\0.8374445018408425.exe 2012-08-08 14:33 - 2012-08-08 14:33 - 00000051 ____A C:\Users\All Users\yrwfasvlrbtgjga 2012-08-08 14:33 - 2012-08-08 14:33 - 00000000 ____D C:\Users\All Users\xbeiprdgnsapopw 2012-08-06 13:20 - 2012-08-06 13:20 - 21110256 ____A C:\Users\Adam\Desktop\Z Paulina 5-8-12.rar 2012-08-06 13:19 - 2012-08-06 13:19 - 00000000 ____D C:\Users\Adam\Desktop\Z Paulina 5-8-12 2012-08-05 20:48 - 2012-08-05 20:48 - 00274568 ____A C:\Windows\Minidump\080512-16578-01.dmp 2012-08-04 12:30 - 2012-08-05 20:48 - 449576651 ____A C:\Windows\MEMORY.DMP 2012-08-04 12:30 - 2012-08-04 12:30 - 00274568 ____A C:\Windows\Minidump\080412-16937-01.dmp 2012-07-26 21:19 - 2012-08-07 13:39 - 00001080 ____A C:\Windows\System32\settingsbkup.sfm 2012-07-26 21:19 - 2012-08-07 13:39 - 00001080 ____A C:\Windows\System32\settings.sfm 2012-07-26 17:47 - 2012-07-26 17:47 - 00002325 ____A C:\Users\Public\Desktop\Creative Product Registration.lnk 2012-07-26 17:47 - 2006-10-06 13:17 - 00053248 ____N (Creative Technology Ltd ) C:\Windows\Ctregrun.exe 2012-07-26 17:47 - 2000-05-22 15:58 - 00647872 ____N (Microsoft Corporation) C:\Windows\SysWOW64\Mscomct2.ocx 2012-07-26 17:27 - 2003-06-12 22:25 - 00007062 ____A C:\Windows\SysWOW64\audiopid.vxd 2012-07-26 17:26 - 2012-07-26 17:26 - 00000159 __RAH C:\Windows\ctfile.rfc 2012-07-26 17:26 - 2009-03-26 13:48 - 00190976 ____A C:\Windows\System32\APOMgr64.DLL 2012-07-26 17:26 - 2009-03-26 13:46 - 00148480 ____A C:\Windows\SysWOW64\APOMngr.DLL 2012-07-26 17:26 - 2009-02-06 17:53 - 00089088 ____A C:\Windows\System32\CmdRtr64.DLL 2012-07-26 17:26 - 2009-02-06 17:52 - 00073728 ____A C:\Windows\SysWOW64\CmdRtr.DLL 2012-07-26 17:26 - 2008-02-04 09:27 - 00102400 ____A (Creative Technology Ltd) C:\Windows\SysWOW64\cttele32.dll 2012-07-26 17:22 - 2009-07-06 12:47 - 00000285 ____A C:\Windows\System32\kill.ini 2012-07-26 17:17 - 2012-07-26 17:20 - 40329960 ____A (Creative Technology Ltd) C:\Users\Adam\Desktop\SBXF_PCDRV_WIN8_BETA_US_2_18_0015A.exe 2012-07-26 14:18 - 2012-07-26 21:21 - 00013614 ____A C:\Windows\PFRO.log 2012-07-26 14:08 - 2012-07-26 14:10 - 00000000 ____D C:\Program Files (x86)\Driver Cleaner 2012-07-26 14:08 - 2012-07-26 14:08 - 00001943 ____A C:\Users\Adam\Desktop\Driver Cleaner 3.lnk 2012-07-26 14:07 - 2012-07-26 14:07 - 01502423 ____A C:\Users\Adam\Desktop\DC3Setup_33(dobreprogramy.pl).zip 2012-07-26 14:07 - 2004-09-17 16:37 - 01520101 ____A C:\Users\Adam\Desktop\setup.exe 2012-07-26 14:07 - 2004-08-02 10:12 - 00006570 ____A C:\Users\Adam\Desktop\Readme.txt 2012-07-26 14:07 - 2004-08-02 10:12 - 00000894 ____A C:\Users\Adam\Desktop\License.txt 2012-07-26 14:03 - 2012-07-26 14:03 - 00000061 ____A C:\Windows\sbwin.ini 2012-07-26 14:01 - 2012-07-26 14:02 - 14609512 ____A (Creative Technology Ltd) C:\Users\Adam\Desktop\WAVESTD_PCAPP_LB_7_14_00.exe 2012-07-26 13:53 - 2012-08-09 12:56 - 00003407 ____A C:\Windows\setupact.log 2012-07-26 13:53 - 2012-07-26 13:53 - 00000000 ____A C:\Windows\setuperr.log 2012-07-26 13:07 - 2012-07-26 13:07 - 00000000 ____D C:\Users\All Users\Creative Labs 2012-07-26 12:51 - 2012-07-26 12:54 - 62234496 ____A (Creative Technology Ltd) C:\Users\Adam\Desktop\CSL_PCAPP_LB_2_61_09.exe 2012-07-26 12:37 - 2012-07-26 12:37 - 00000000 ____D C:\Users\Adam\Desktop\C 2012-07-25 19:50 - 2012-07-25 19:50 - 29904896 ____A C:\Users\Adam\Desktop\Z Paulin¹ 25-7-12a.rar 2012-07-25 19:49 - 2012-07-25 19:49 - 00000000 ____D C:\Users\Adam\Desktop\Z Paulin¹ 25-7-12a 2012-07-25 19:45 - 2012-07-25 19:50 - 35756412 ____A C:\Users\Adam\Desktop\Z Paulin¹ 25-7-12.rar 2012-07-25 19:37 - 2012-07-25 19:49 - 00000000 ____D C:\Users\Adam\Desktop\Z Paulin¹ 25-7-12 2012-07-25 13:58 - 2012-07-25 13:58 - 00000000 ____D C:\Users\Adam\Desktop\skin metro 2012-07-22 12:20 - 2012-07-22 12:20 - 00015627 ____A C:\Users\Adam\Desktop\Produc4.CATProduct 2012-07-19 20:40 - 2012-07-19 20:40 - 00000000 ____D C:\Windows\pss 2012-07-19 20:39 - 2012-07-19 20:39 - 00000000 ____D C:\Windows\System32\appmgmt 2012-07-19 20:35 - 2012-07-19 20:35 - 03889704 ____A (Piriform Ltd) C:\Users\Adam\Desktop\ccsetup320.exe 2012-07-19 20:35 - 2012-07-19 20:35 - 00000822 ____A C:\Users\Public\Desktop\CCleaner.lnk 2012-07-18 17:38 - 2012-07-18 17:40 - 00000000 ____D C:\Users\Adam\Desktop\F1 Challenge 2007 2012-07-16 15:12 - 2012-07-16 15:12 - 00015524 ____A C:\Users\Adam\Desktop\Product3.CATProduct 2012-07-15 12:57 - 2012-07-15 12:57 - 00015298 ____A C:\Users\Adam\Desktop\Product2.CATProduct 2012-07-12 14:10 - 2012-08-08 13:01 - 00014685 ____A C:\Users\Adam\Desktop\ogórki 2012.ods ============ 3 Months Modified Files ======================== 2012-08-09 13:07 - 2011-09-02 16:01 - 01240360 ____A C:\Windows\WindowsUpdate.log 2012-08-09 13:04 - 2009-07-14 05:45 - 00021808 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2012-08-09 13:04 - 2009-07-14 05:45 - 00021808 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2012-08-09 12:56 - 2012-07-26 13:53 - 00003407 ____A C:\Windows\setupact.log 2012-08-09 12:56 - 2011-09-03 08:53 - 00001040 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2012-08-09 12:56 - 2009-07-14 06:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT 2012-08-08 14:51 - 2011-10-23 22:31 - 00001054 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1157473635-2822438123-1391459288-1001UA.job 2012-08-08 14:33 - 2012-08-08 14:33 - 00061440 ____A C:\Users\All Users\mmggdgfy.exe 2012-08-08 14:33 - 2012-08-08 14:33 - 00061440 ____A C:\Users\Adam\0.8374445018408425.exe 2012-08-08 14:33 - 2012-08-08 14:33 - 00000051 ____A C:\Users\All Users\yrwfasvlrbtgjga 2012-08-08 14:19 - 2011-09-03 08:53 - 00001044 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2012-08-08 13:01 - 2012-07-12 14:10 - 00014685 ____A C:\Users\Adam\Desktop\ogórki 2012.ods 2012-08-07 13:39 - 2012-07-26 21:19 - 00001080 ____A C:\Windows\System32\settingsbkup.sfm 2012-08-07 13:39 - 2012-07-26 21:19 - 00001080 ____A C:\Windows\System32\settings.sfm 2012-08-06 13:20 - 2012-08-06 13:20 - 21110256 ____A C:\Users\Adam\Desktop\Z Paulina 5-8-12.rar 2012-08-06 13:20 - 2011-04-12 14:21 - 00737942 ____A C:\Windows\System32\perfh015.dat 2012-08-06 13:20 - 2011-04-12 14:21 - 00154630 ____A C:\Windows\System32\perfc015.dat 2012-08-06 13:20 - 2009-07-14 06:13 - 01663412 ____A C:\Windows\System32\PerfStringBackup.INI 2012-08-05 20:48 - 2012-08-05 20:48 - 00274568 ____A C:\Windows\Minidump\080512-16578-01.dmp 2012-08-05 20:48 - 2012-08-04 12:30 - 449576651 ____A C:\Windows\MEMORY.DMP 2012-08-05 09:51 - 2011-10-23 22:31 - 00001002 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1157473635-2822438123-1391459288-1001Core.job 2012-08-04 12:30 - 2012-08-04 12:30 - 00274568 ____A C:\Windows\Minidump\080412-16937-01.dmp 2012-07-30 19:05 - 2011-09-09 19:01 - 00016384 ____A C:\Users\Adam\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2012-07-26 21:21 - 2012-07-26 14:18 - 00013614 ____A C:\Windows\PFRO.log 2012-07-26 17:47 - 2012-07-26 17:47 - 00002325 ____A C:\Users\Public\Desktop\Creative Product Registration.lnk 2012-07-26 17:26 - 2012-07-26 17:26 - 00000159 __RAH C:\Windows\ctfile.rfc 2012-07-26 17:26 - 2011-09-02 17:02 - 00466520 ____A (Creative Labs) C:\Windows\System32\wrap_oal.dll 2012-07-26 17:26 - 2011-09-02 17:02 - 00445016 ____A (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll 2012-07-26 17:26 - 2011-09-02 17:02 - 00123480 ____A (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\System32\OpenAL32.dll 2012-07-26 17:26 - 2011-09-02 17:02 - 00109144 ____A (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll 2012-07-26 17:20 - 2012-07-26 17:17 - 40329960 ____A (Creative Technology Ltd) C:\Users\Adam\Desktop\SBXF_PCDRV_WIN8_BETA_US_2_18_0015A.exe 2012-07-26 14:08 - 2012-07-26 14:08 - 00001943 ____A C:\Users\Adam\Desktop\Driver Cleaner 3.lnk 2012-07-26 14:07 - 2012-07-26 14:07 - 01502423 ____A C:\Users\Adam\Desktop\DC3Setup_33(dobreprogramy.pl).zip 2012-07-26 14:03 - 2012-07-26 14:03 - 00000061 ____A C:\Windows\sbwin.ini 2012-07-26 14:02 - 2012-07-26 14:01 - 14609512 ____A (Creative Technology Ltd) C:\Users\Adam\Desktop\WAVESTD_PCAPP_LB_7_14_00.exe 2012-07-26 13:53 - 2012-07-26 13:53 - 00000000 ____A C:\Windows\setuperr.log 2012-07-26 12:54 - 2012-07-26 12:51 - 62234496 ____A (Creative Technology Ltd) C:\Users\Adam\Desktop\CSL_PCAPP_LB_2_61_09.exe 2012-07-25 19:50 - 2012-07-25 19:50 - 29904896 ____A C:\Users\Adam\Desktop\Z Paulin¹ 25-7-12a.rar 2012-07-25 19:50 - 2012-07-25 19:45 - 35756412 ____A C:\Users\Adam\Desktop\Z Paulin¹ 25-7-12.rar 2012-07-22 12:20 - 2012-07-22 12:20 - 00015627 ____A C:\Users\Adam\Desktop\Produc4.CATProduct 2012-07-22 12:20 - 2012-07-08 11:11 - 00220032 ____A C:\Users\Adam\Desktop\Part1.CATPart 2012-07-19 20:35 - 2012-07-19 20:35 - 03889704 ____A (Piriform Ltd) C:\Users\Adam\Desktop\ccsetup320.exe 2012-07-19 20:35 - 2012-07-19 20:35 - 00000822 ____A C:\Users\Public\Desktop\CCleaner.lnk 2012-07-16 15:12 - 2012-07-16 15:12 - 00015524 ____A C:\Users\Adam\Desktop\Product3.CATProduct 2012-07-15 12:57 - 2012-07-15 12:57 - 00015298 ____A C:\Users\Adam\Desktop\Product2.CATProduct 2012-07-14 22:40 - 2009-07-14 06:08 - 00032604 ____A C:\Windows\Tasks\SCHEDLGU.TXT 2012-07-08 09:57 - 2012-07-08 09:51 - 99831250 ____A C:\Users\Adam\Desktop\CATIA_Video_Tutorials.part4.rar 2012-07-08 09:57 - 2012-07-08 09:50 - 100300000 ____A C:\Users\Adam\Desktop\CATIA_Video_Tutorials.part3.rar 2012-07-08 09:56 - 2012-07-08 09:51 - 100300000 ____A C:\Users\Adam\Desktop\CATIA_Video_Tutorials.part1.rar 2012-07-08 09:56 - 2012-07-08 09:50 - 100300000 ____A C:\Users\Adam\Desktop\CATIA_Video_Tutorials.part2.rar 2012-07-07 11:30 - 2011-09-02 16:17 - 00115408 ____A C:\Users\Adam\AppData\Local\GDIPFONTCACHEV1.DAT 2012-07-07 11:28 - 2009-07-14 05:45 - 00420464 ____A C:\Windows\System32\FNTCACHE.DAT 2012-07-07 08:59 - 2012-07-07 08:59 - 00002481 ____A C:\Users\Public\Desktop\CATIA V5R19.lnk 2012-07-07 08:59 - 2009-07-14 03:34 - 00017708 ____A C:\Windows\System32\Drivers\etc\services 2012-07-07 08:27 - 2012-07-07 08:27 - 10179640 ____A C:\Users\Adam\Desktop\mechana.rar 2012-07-06 22:12 - 2011-09-14 15:25 - 00002516 __ASH C:\Users\All Users\KGyGaAvL.sys 2012-07-06 11:50 - 2012-07-06 11:45 - 159401976 ____A (Advanced Micro Devices, Inc.) C:\Users\Adam\Desktop\12-6_vista_win7_64_dd_ccc.exe 2012-07-04 17:03 - 2012-07-04 17:03 - 00003914 ____A C:\Users\Adam\AppData\Local\recently-used.xbel 2012-07-04 14:59 - 2012-07-04 14:58 - 76225536 ____A (The GIMP Team ) C:\Users\Adam\Desktop\gimp-2.8.0-setup.exe 2012-06-30 10:13 - 2012-06-30 10:13 - 00021488 ____A C:\Users\Adam\Desktop\Kontakty001.spb 2012-06-30 10:13 - 2012-06-30 10:13 - 00011152 ____A C:\Users\Adam\Desktop\Kontakty001.ecsv.bak 2012-06-18 18:32 - 2012-06-18 11:36 - 00025861 ____A C:\Users\Adam\Documents\asdasdasfdsadfasdfsadfas.xmcd 2012-06-15 15:57 - 2012-06-15 15:55 - 160889384 ____A (Advanced Micro Devices, Inc.) C:\Users\Adam\Downloads\12-4_vista_win7_64_dd_ccc.exe 2012-06-14 13:50 - 2012-06-14 13:50 - 00035902 ____A C:\Users\Adam\Downloads\Rozk³ad jazdy PL.htm 2012-06-11 20:25 - 2012-06-11 20:25 - 01706227 ____A C:\Users\Adam\Downloads\fwdtechnologiaiiitbmmateriayzkseranaegzamin.zip 2012-06-11 19:59 - 2012-06-11 19:59 - 10248192 ____A (Advanced Micro Devices, Inc.) C:\Windows\System32\Drivers\atikmdag.sys 2012-06-11 19:35 - 2012-06-11 19:35 - 00070144 ____A (AMD) C:\Windows\System32\coinst_8.98.dll 2012-06-11 19:29 - 2012-06-11 19:29 - 24826368 ____A (Advanced Micro Devices, Inc.) C:\Windows\System32\atio6axx.dll 2012-06-11 19:00 - 2012-06-11 19:00 - 20467712 ____A (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll 2012-06-11 18:26 - 2012-06-11 18:26 - 00263840 ____A C:\Windows\SysWOW64\atiapfxx.blb 2012-06-11 18:26 - 2012-06-11 18:26 - 00263840 ____A C:\Windows\System32\atiapfxx.blb 2012-06-11 18:25 - 2012-06-11 18:25 - 00163840 ____A (Advanced Micro Devices, Inc.) C:\Windows\System32\atiapfxx.exe 2012-06-11 18:24 - 2011-07-28 22:40 - 00924160 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll 2012-06-11 18:23 - 2011-07-28 22:39 - 01090560 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\aticfx64.dll 2012-06-11 18:20 - 2012-06-11 18:20 - 00442368 ____A (Advanced Micro Devices, Inc.) C:\Windows\System32\ATIDEMGX.dll 2012-06-11 18:19 - 2012-06-11 18:19 - 00532992 ____A (AMD) C:\Windows\System32\atieclxx.exe 2012-06-11 18:19 - 2012-06-11 18:19 - 00239616 ____A (AMD) C:\Windows\System32\atiesrxx.exe 2012-06-11 18:17 - 2012-06-11 18:17 - 00120320 ____A (AMD) C:\Windows\System32\atitmm64.dll 2012-06-11 18:17 - 2012-06-11 18:17 - 00059392 ____A (ATI Technologies, Inc.) C:\Windows\System32\atiedu64.dll 2012-06-11 18:17 - 2012-06-11 18:17 - 00043520 ____A (ATI Technologies, Inc.) C:\Windows\SysWOW64\ati2edxx.dll 2012-06-11 18:17 - 2012-06-11 18:17 - 00021504 ____A (AMD) C:\Windows\System32\atimuixx.dll 2012-06-11 18:16 - 2011-10-26 02:55 - 06301696 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll 2012-06-11 18:01 - 2011-07-28 22:20 - 06914560 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atidxx64.dll 2012-06-11 17:51 - 2012-06-11 17:51 - 04246528 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiumd6a.dll 2012-06-11 17:50 - 2012-06-11 17:50 - 02936864 ____A C:\Windows\System32\atiumd6a.cap 2012-06-11 17:45 - 2012-06-11 17:45 - 15703040 ____A (Advanced Micro Devices Inc.) C:\Windows\System32\aticaldd64.dll 2012-06-11 17:45 - 2012-06-11 17:45 - 00051200 ____A (Advanced Micro Devices Inc.) C:\Windows\System32\aticalrt64.dll 2012-06-11 17:45 - 2012-06-11 17:45 - 00046080 ____A (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll 2012-06-11 17:45 - 2012-06-11 17:45 - 00044544 ____A (Advanced Micro Devices Inc.) C:\Windows\System32\aticalcl64.dll 2012-06-11 17:45 - 2012-06-11 17:45 - 00044032 ____A (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll 2012-06-11 17:45 - 2012-04-06 02:34 - 05480448 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll 2012-06-11 17:43 - 2012-04-06 02:22 - 04729344 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll 2012-06-11 17:41 - 2012-06-11 17:41 - 02971136 ____A C:\Windows\SysWOW64\atiumdva.cap 2012-06-11 17:40 - 2012-06-11 17:40 - 13277696 ____A (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll 2012-06-11 17:36 - 2012-06-11 17:36 - 06605824 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiumd64.dll 2012-06-11 17:27 - 2012-06-11 17:27 - 00539136 ____A (Advanced Micro Devices, Inc.) C:\Windows\System32\atiadlxx.dll 2012-06-11 17:26 - 2012-06-11 17:26 - 00368640 ____A (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll 2012-06-11 17:26 - 2012-06-11 17:26 - 00367616 ____A (Advanced Micro Devices, Inc.) C:\Windows\System32\Drivers\atikmpag.sys 2012-06-11 17:26 - 2012-06-11 17:26 - 00041984 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atig6txx.dll 2012-06-11 17:26 - 2012-06-11 17:26 - 00033280 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll 2012-06-11 17:26 - 2012-06-11 17:26 - 00017920 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atig6pxx.dll 2012-06-11 17:26 - 2012-06-11 17:26 - 00014848 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll 2012-06-11 17:26 - 2012-06-11 17:26 - 00014848 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiglpxx.dll 2012-06-11 17:25 - 2012-04-06 02:09 - 00045056 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiu9p64.dll 2012-06-11 17:25 - 2011-10-26 02:21 - 00042496 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll 2012-06-11 17:25 - 2011-07-28 21:53 - 00054784 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiuxp64.dll 2012-06-11 17:24 - 2012-06-11 17:24 - 00053248 ____A (Advanced Micro Devices, Inc.) C:\Windows\System32\Drivers\ati2erec.dll 2012-06-11 17:24 - 2011-09-08 17:51 - 00032768 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll 2012-06-11 17:23 - 2012-06-11 17:23 - 00056832 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll 2012-06-11 17:23 - 2012-06-11 17:23 - 00056832 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll 2012-06-11 17:23 - 2012-06-11 17:23 - 00056320 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atimpc64.dll 2012-06-11 17:23 - 2012-06-11 17:23 - 00056320 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\amdpcom64.dll 2012-06-11 12:50 - 2012-06-11 12:50 - 16457728 ____A (Advanced Micro Devices Inc.) C:\Windows\System32\amdocl64.dll 2012-06-11 12:50 - 2012-06-11 12:50 - 00187392 ____A C:\Windows\System32\clinfo.exe 2012-06-11 12:50 - 2012-06-11 12:50 - 00075264 ____A (Advanced Micro Devices Inc.) C:\Windows\System32\OpenVideo64.dll 2012-06-11 12:50 - 2012-06-11 12:50 - 00065024 ____A (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll 2012-06-11 12:50 - 2012-06-11 12:50 - 00063488 ____A (Advanced Micro Devices Inc.) C:\Windows\System32\OVDecode64.dll 2012-06-11 12:50 - 2012-06-11 12:50 - 00056320 ____A (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll 2012-06-11 12:49 - 2012-06-11 12:49 - 13008896 ____A (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll 2012-06-10 12:56 - 2011-09-02 17:59 - 00000002 ____A C:\Windows\SysWOW64\Dvbpws.dll 2012-06-02 23:19 - 2012-06-19 08:20 - 02428952 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll 2012-06-02 23:19 - 2012-06-19 08:20 - 00701976 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll 2012-06-02 23:19 - 2012-06-19 08:20 - 00057880 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe 2012-06-02 23:19 - 2012-06-19 08:20 - 00044056 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll 2012-06-02 23:19 - 2012-06-19 08:20 - 00038424 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll 2012-06-02 23:15 - 2012-06-19 08:20 - 02622464 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll 2012-06-02 23:15 - 2012-06-19 08:20 - 00099840 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll 2012-06-02 14:19 - 2012-06-19 08:20 - 00186752 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll 2012-06-02 14:15 - 2012-06-19 08:20 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe 2012-05-16 21:15 - 2012-05-16 23:24 - 00063404 ____A C:\Users\Adam\Documents\raj07bb.xls_1.ods ========================= Known DLLs (Whitelisted) ============ ========================= Bamital & volsnap Check ============ C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== EXE ASSOCIATION ===================== HKLM\...\.exe: exefile => OK HKLM\...\exefile\DefaultIcon: %1 => OK HKLM\...\exefile\open\command: "%1" %* => OK ========================= Memory info ====================== Percentage of memory in use: 15% Total physical RAM: 4095.3 MB Available physical RAM: 3464.63 MB Total Pagefile: 4093.5 MB Available Pagefile: 3456.18 MB Total Virtual: 8192 MB Available Virtual: 8191.9 MB ======================= Partitions ========================= 1 Drive c: () (Fixed) (Total:99.9 GB) (Free:33.69 GB) NTFS 2 Drive e: () (Fixed) (Total:200 GB) (Free:0.56 GB) NTFS 3 Drive f: () (Fixed) (Total:165.76 GB) (Free:2.51 GB) NTFS 5 Drive h: (KINGSTON) (Removable) (Total:0.93 GB) (Free:0.92 GB) FAT 6 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS 7 Drive y: (Zastrze¿one przez system) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)] Nr dysku Stan Rozmiar Wolne Dyn GPT -------- ------------- ------- ------- --- --- Dysk 0 Online 465 GB 0 B Dysk 1 Online 953 MB 0 B Partitions of Disk 0: =============== Partycja ### Typ Rozmiar Przesuni©cie ------------- ---------------- ------- ------------ Partycja 1 Podstawowy 100 MB 1024 KB Partycja 2 Podstawowy 99 GB 101 MB Partycja 3 Podstawowy 200 GB 99 GB Partycja 4 Podstawowy 165 GB 300 GB ================================================================================== Disk: 0 Partycja 1 Typ : 07 Ukryta : Nie Aktywna : Tak Przesuni©cie w bajtach: 1048576 Wolumin ### Lit Etykieta Fs Typ Rozmiar Stan Info ----------- --- ----------- ----- ---------- ------- --------- -------- * Wolumin 1 Y Zastrze¾one NTFS Partycja 100 MB Zdrowy ================================================================================== Disk: 0 Partycja 2 Typ : 07 Ukryta : Nie Aktywna : Nie Przesuni©cie w bajtach: 105906176 Wolumin ### Lit Etykieta Fs Typ Rozmiar Stan Info ----------- --- ----------- ----- ---------- ------- --------- -------- * Wolumin 2 C NTFS Partycja 99 GB Zdrowy ================================================================================== Disk: 0 Partycja 3 Typ : 07 Ukryta : Nie Aktywna : Nie Przesuni©cie w bajtach: 107373690880 Wolumin ### Lit Etykieta Fs Typ Rozmiar Stan Info ----------- --- ----------- ----- ---------- ------- --------- -------- * Wolumin 3 E NTFS Partycja 200 GB Zdrowy ================================================================================== Disk: 0 Partycja 4 Typ : 07 Ukryta : Nie Aktywna : Nie Przesuni©cie w bajtach: 322123595776 Wolumin ### Lit Etykieta Fs Typ Rozmiar Stan Info ----------- --- ----------- ----- ---------- ------- --------- -------- * Wolumin 4 F NTFS Partycja 165 GB Zdrowy ================================================================================== Partitions of Disk 1: =============== Partycja ### Typ Rozmiar Przesuni©cie ------------- ---------------- ------- ------------ * Partycja 1 Podstawowy 953 MB 0 B ================================================================================== Disk: 1 Nie wybrano partycji. Nie wybrano partycji. Wybierz partycj© i spr¢buj ponownie. ================================================================================== ========================================================== Last Boot: 2012-08-06 14:26 ======================= End Of Log ==========================