Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-12-2012
Ran by SYSTEM at 09-12-2012 13:47:42
Running from D:\
Microsoft Windows XP   (X86) OS Language: English(US) 
The current controlset is ControlSet004

==================== Registry (Whitelisted) ===================

HKU\Default User\...\Run: [VisualTaskTips] D:\Program Files\Utilities\VisualTaskTips\VisualTaskTips.exe [x]
HKU\Default User\...\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 [x]
HKU\Default User\...\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N [x]
HKU\JA\...\Run: [LClock] D:\Documents and Settings\JA\Moje dokumenty\LClock\lclock.exe [65536 2004-09-19] ()
HKU\JA\...\Run: [SecdrvUpdate] "D:\Documents and Settings\JA\Dane aplikacji\vmjef.exe" [x]
HKLM\...\Winlogon: [UIHost] %windir%\XP ARENA.exe [x ] ()
Tcpip\Parameters: [DhcpNameServer] 8.8.4.4 213.134.134.134

==================== Services (Whitelisted) ===================

2 Eventlog; C:\Windows\System32\services.exe [108544 2004-08-03] (Microsoft Corporation)
2 helpsvc; C:\Windows\System32\svchost.exe -k netsvcs [14336 2004-08-03] (Microsoft Corporation)
4 HidServ; C:\Windows\System32\hidserv.dll [x]
3 NtmsSvc; C:\Windows\System32\ntmssvc.dll [x]

==================== Drivers (Whitelisted) ====================

3 alcan5wn; C:\Windows\System32\DRIVERS\alcan5wn.sys [53600 2003-12-08] (THOMSON)
3 alcaudsl; C:\Windows\System32\DRIVERS\alcaudsl.sys [70688 2003-12-08] (THOMSON)
3 AR5211; C:\Windows\System32\DRIVERS\ar5211.sys [546112 2007-07-05] (Atheros Communications, Inc.)
2 Aspi32; C:\Windows\System32\Drivers\Aspi32.sys [16877 2006-02-25] (Adaptec)
3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [138752 2006-02-26] (Windows (R) Server 2003 DDK provider)
0x01000000 papycpu2; C:\Windows\System32\DRIVERS\papycpu2.sys [1984 2003-01-16] ()
0x01000000 papyjoy; C:\Windows\System32\DRIVERS\papyjoy.sys [1856 2003-01-16] ()
0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-12-25] (Duplex Secure Ltd.)
4 Abiosdsk;  [x]
4 AliIde;  [x]
4 Atdisk;  [x]
1 Changer;  [x]
4 CmdIde;  [x]
4 IntelIde;  [x]
1 lbrtfdc;  [x]
4 NetDDE;  [x]
4 NetDDEdsdm;  [x]
3 PCANDIS5; \??\D:\WINDOWS\system32\PCANDIS5.SYS [x]
1 PCIDump;  [x]
3 PDCOMP;  [x]
3 PDFRAME;  [x]
3 PDRELI;  [x]
3 PDRFRAME;  [x]
4 Simbad;  [x]
3 TlntSvr;  [x]
4 TosIde;  [x]
4 ViaIde;  [x]
3 VSS;  [x]
3 WDICA;  [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2012-12-09 13:47 - 2012-12-09 13:47 - 00000000 ____D C:\New Folder
2012-12-09 10:20 - 2012-12-09 10:20 - 00000000 ____D C:\FRST
2012-12-09 04:04 - 2012-12-09 04:04 - 00907986 ____A (Farbar) C:\FRST.exe
2012-12-09 03:29 - 2011-06-01 08:16 - 38849339 ____A C:\smieszne_dzwonki.rar
2012-12-09 03:19 - 2012-12-09 03:19 - 00000000 ___RD C:\nagrane ( na gmail )
2012-12-08 10:19 - 2012-12-08 10:25 - 00000000 ___SD C:\32788R22FWJFW
2012-12-08 07:00 - 2012-12-08 07:01 - 47994522 ____A C:\Rejestr3.reg
2012-12-06 08:40 - 2012-12-06 08:40 - 00957010 ____A C:\Windows\System32\instcat.sql.block
2012-12-06 08:24 - 2012-12-06 08:40 - 00002687 ____A C:\Windows\System32\WARNING.txt
2012-12-06 08:24 - 2012-12-06 08:24 - 00231550 ____A C:\Windows\ntbtlog.txt.block
2012-12-06 08:24 - 2012-12-06 08:24 - 00157422 ____A C:\Windows\System32\eula.rtf.block
2012-12-06 08:24 - 2012-12-06 08:24 - 00032642 ____A C:\Windows\SchedLgU.Txt.block
2012-12-06 08:24 - 2012-12-06 08:24 - 00029358 ____A C:\Windows\System32\eula.txt.block
2012-12-06 08:24 - 2012-12-06 08:24 - 00012013 ____A C:\Windows\System32\cpuz.txt.block
2012-12-06 08:24 - 2012-12-06 08:24 - 00002687 ____A C:\Windows\WARNING.txt
2012-12-06 08:24 - 2012-12-06 08:24 - 00002687 ____A C:\Windows\System32\Drivers\WARNING.txt
2012-12-06 08:24 - 2012-12-06 08:24 - 00002687 ____A C:\Documents and Settings\JA\WARNING.txt
2012-12-06 08:24 - 2012-12-06 08:24 - 00000666 ____A C:\Windows\System32\Drivers\gmreadme.txt.block
2012-12-06 08:24 - 2012-12-06 08:24 - 00000233 ____A C:\Documents and Settings\JA\ABC....txt.block
2012-12-01 04:15 - 2012-12-01 04:15 - 00000000 ____D C:\Windows\erdnt

==================== One Month Modified Files and Folders ========

2012-12-09 13:47 - 2012-12-09 13:47 - 00000000 ____D C:\New Folder
2012-12-09 13:45 - 2010-08-19 09:47 - 00000000 __RHD C:\Documents and Settings\JA\Dane aplikacji
2012-12-09 10:20 - 2012-12-09 10:20 - 00000000 ____D C:\FRST
2012-12-09 07:30 - 2012-04-07 11:45 - 00146484 ____A C:\Windows\WindowsUpdate.log
2012-12-09 07:30 - 2010-08-19 09:48 - 00000188 __ASH C:\Documents and Settings\JA\ntuser.ini
2012-12-09 06:47 - 2010-08-19 09:47 - 00000000 ____D C:\Documents and Settings\JA\Pulpit
2012-12-09 06:44 - 2010-08-19 09:47 - 00000000 ___RD C:\Documents and Settings\JA\Moje dokumenty
2012-12-09 06:43 - 2010-08-19 09:47 - 00032622 ____A C:\Windows\SchedLgU.Txt
2012-12-09 06:43 - 2010-08-19 09:47 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-12-09 04:53 - 2012-11-06 15:17 - 00001324 ____A C:\Windows\System32\d3d9caps.dat
2012-12-09 04:04 - 2012-12-09 04:04 - 00907986 ____A (Farbar) C:\FRST.exe
2012-12-09 03:19 - 2012-12-09 03:19 - 00000000 ___RD C:\nagrane ( na gmail )
2012-12-08 15:24 - 2011-05-03 08:21 - 00000000 ___RD C:\Torrenty
2012-12-08 14:22 - 2012-04-24 09:56 - 00029699 ____A C:\Windows\setupapi.log
2012-12-08 10:25 - 2012-12-08 10:19 - 00000000 ___SD C:\32788R22FWJFW
2012-12-08 07:01 - 2012-12-08 07:00 - 47994522 ____A C:\Rejestr3.reg
2012-12-07 11:52 - 2010-08-19 11:08 - 00707192 ____A C:\Windows\System32\PerfStringBackup.INI
2012-12-07 11:52 - 2001-10-26 11:15 - 00335926 ____A C:\Windows\System32\perfh015.dat
2012-12-07 11:52 - 2001-10-26 11:15 - 00041818 ____A C:\Windows\System32\perfc015.dat
2012-12-06 08:40 - 2012-12-06 08:40 - 00957010 ____A C:\Windows\System32\instcat.sql.block
2012-12-06 08:40 - 2012-12-06 08:24 - 00002687 ____A C:\Windows\System32\WARNING.txt
2012-12-06 08:29 - 2012-08-14 10:14 - 00000000 ____D C:\Program Files\DeepBurner1.9_Portable
2012-12-06 08:29 - 2010-08-19 10:54 - 00000000 ____D C:\Windows\Web
2012-12-06 08:29 - 2010-08-19 10:54 - 00000000 ____D C:\Windows\Help
2012-12-06 08:28 - 2010-08-19 10:51 - 00000000 ____D C:\Program Files\foobar2000
2012-12-06 08:24 - 2012-12-06 08:24 - 00231550 ____A C:\Windows\ntbtlog.txt.block
2012-12-06 08:24 - 2012-12-06 08:24 - 00157422 ____A C:\Windows\System32\eula.rtf.block
2012-12-06 08:24 - 2012-12-06 08:24 - 00032642 ____A C:\Windows\SchedLgU.Txt.block
2012-12-06 08:24 - 2012-12-06 08:24 - 00029358 ____A C:\Windows\System32\eula.txt.block
2012-12-06 08:24 - 2012-12-06 08:24 - 00012013 ____A C:\Windows\System32\cpuz.txt.block
2012-12-06 08:24 - 2012-12-06 08:24 - 00002687 ____A C:\Windows\WARNING.txt
2012-12-06 08:24 - 2012-12-06 08:24 - 00002687 ____A C:\Windows\System32\Drivers\WARNING.txt
2012-12-06 08:24 - 2012-12-06 08:24 - 00002687 ____A C:\Documents and Settings\JA\WARNING.txt
2012-12-06 08:24 - 2012-12-06 08:24 - 00000666 ____A C:\Windows\System32\Drivers\gmreadme.txt.block
2012-12-06 08:24 - 2012-12-06 08:24 - 00000233 ____A C:\Documents and Settings\JA\ABC....txt.block
2012-12-06 08:24 - 2012-07-26 06:35 - 00000000 ____D C:\Program Files\Avidemux
2012-12-03 09:24 - 2010-08-19 10:54 - 00000000 ____D C:\Windows\security
2012-12-01 04:15 - 2012-12-01 04:15 - 00000000 ____D C:\Windows\erdnt
2012-11-18 03:37 - 2001-07-21 17:17 - 00002184 ____A C:\Windows\System32\wpa.dbl

ZeroAccess:
C:\Windows\assembly\GAC\Desktop.ini

==================== Known DLLs (Whitelisted) =================


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2008-01-28 18:09] - [2008-01-28 18:09] - 1502720 ____A (Microsoft Corporation) 43fa4144a1459f4acad155347d39be4b 

C:\Windows\System32\winlogon.exe
[2004-08-03 16:44] - [2004-08-03 16:44] - 0504832 ____A (Microsoft Corporation) 0344407089b08548d4feba62bb0f32d0 

C:\Windows\System32\svchost.exe
[2004-08-03 16:44] - [2004-08-03 16:44] - 0014336 ____A (Microsoft Corporation) ba98327e90022dbd6ee76490e0622e2e 

C:\Windows\System32\services.exe
[2004-08-03 16:44] - [2004-08-03 16:44] - 0108544 ____A (Microsoft Corporation) 3da8d964d2cc12ef8e8c342471a37917 

C:\Windows\System32\User32.dll
[2008-01-28 18:17] - [2008-01-28 18:17] - 0486912 ____A (Microsoft Corporation) 84e2e68559d201e3d660309b35ee4abf 

C:\Windows\System32\userinit.exe
[2004-08-03 16:44] - [2004-08-03 16:44] - 0025088 ____A (Microsoft Corporation) bd768099b4c44aa631728cb74eb54396 

C:\Windows\System32\Drivers\volsnap.sys IS MISSING <==== ATTENTION!.

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points (XP) =====================


==================== Memory info =========================== 

Percentage of memory in use: 34%
Total physical RAM: 502.05 MB
Available physical RAM: 328.9 MB
Total Pagefile: 453.79 MB
Available Pagefile: 331.71 MB
Total Virtual: 2047.88 MB
Available Virtual: 2003.18 MB

==================== Partitions =============================

1 Drive b: (RAMDisk) (Fixed) (Total:0.06 GB) (Free:0.06 GB) NTFS
2 Drive c: (Dysk lokalny) (Fixed) (Total:53.21 GB) (Free:1.05 GB) NTFS
3 Drive d: (Dysk lokalny) (Fixed) (Total:53.21 GB) (Free:1.05 GB) NTFS
4 Drive x: (ReatogoPE) (CDROM) (Total:0.28 GB) (Free:0 GB) CDFS
5 Drive y: (MULTIMEDIA) (Fixed) (Total:53.69 GB) (Free:1.52 GB) FAT32 ==>[Drive with boot components (Windows XP)]

  Disk ###  Status      Size     Free     Dyn  Gpt
  --------  ----------  -------  -------  ---  ---
  Disk 0    Online       112 GB      0 B         

Partitions of Disk 0:
===============

  Partition ###  Type              Size     Offset
  -------------  ----------------  -------  -------
  Partition 1    OEM               4997 MB    32 KB
  Partition 2    Extended            53 GB  4997 MB
  Partition 3    Logical             53 GB  4997 MB
  Partition 4    Primary             54 GB    58 GB
=========================================================

Disk: 0
Partition 1
Type  : 12
Hidden: Yes
Active: No

  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 1         PQSERVICE    FAT32  Partition   4997 MB  Healthy            
=========================================================

Disk: 0
Partition 3
Type  : 07
Hidden: No
Active: No

  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 2     C   Dysk lokaln  NTFS   Partition     53 GB  Healthy            
=========================================================

Disk: 0
Partition 4
Type  : 0C
Hidden: No
Active: Yes

  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 3     Y   MULTIMEDIA   FAT32  Partition     54 GB  Healthy            
=========================================================
==================== End Of Log ============================