Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 31-12-2012 Ran by SYSTEM at 01-01-2013 20:13:03 Running from H:\ Windows 7 Ultimate (X86) OS Language: Polish The current controlset is ControlSet001 ==================== Registry (Whitelisted) =================== HKLM\...\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice [3080264 2011-09-22] (ESET) HKLM\...\Run: [StartCCC] "c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [98304 2009-08-04] (Advanced Micro Devices, Inc.) HKLM\...\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe [495708 2010-03-23] (IDT, Inc.) HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [1549608 2009-08-14] (Synaptics Incorporated) HKLM\...\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [499768 2009-09-01] (Hewlett-Packard) HKLM\...\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe" [997320 2012-11-09] () HKLM\...\Run: [ROC_roc_ssl_v12] "C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12 [1020512 2012-09-03] () HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.20 Startup: C:\Users\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.) ==================== Services (Whitelisted) =================== 2 ekrn; "C:\Program Files\ESET\ESET Smart Security\ekrn.exe" [974944 2011-09-22] (ESET) 3 McComponentHostService; "C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe" [227232 2010-01-15] (McAfee, Inc.) 2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_1f4e5527ca660a3d\STacSV.exe [229458 2010-03-23] (IDT, Inc.) 2 vToolbarUpdater13.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [711112 2012-11-09] () 2 Winmgmt; C:\Users\Arek\wgsdgsdgdsgsd.dll [204712 2012-12-28] (?????????? ??????????) 2 McAfee SiteAdvisor Service; c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe [x] ==================== Drivers (Whitelisted) ==================== 1 avgtp; \??\C:\Windows\system32\drivers\avgtpx86.sys [26984 2012-11-09] (AVG Technologies) 2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [163424 2011-08-09] (ESET) 1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [118104 2011-08-04] (ESET) 2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [147480 2011-08-04] (ESET) 1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [33656 2011-08-04] (ESET) 0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [50624 2011-08-04] (ESET) 3 RSUSBSTOR; C:\Windows\System32\Drivers\RtsUStor.sys [x] 3 RtsUIR; C:\Windows\System32\DRIVERS\Rts516xIR.sys [x] 3 USBCCID; C:\Windows\System32\DRIVERS\RtsUCcid.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-01-01 20:12 - 2013-01-01 20:12 - 00000000 ____D C:\FRST 2012-12-28 12:51 - 2012-12-28 12:51 - 00002865 ____A C:\Users\All Users\dsgsdgdsgdsgw.js 2012-12-28 12:50 - 2012-12-31 22:22 - 95023320 ___AT C:\Users\All Users\dsgsdgdsgdsgw.pad 2012-12-28 12:50 - 2012-12-28 12:50 - 00204712 ____A (?????????? ??????????) C:\Users\Arek\wgsdgsdgdsgsd.dll 2012-12-28 12:28 - 2012-12-28 12:28 - 00000000 ____D C:\Windows\System32\EventProviders 2012-12-28 12:26 - 2012-11-28 15:19 - 65087872 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe 2012-12-21 12:50 - 2012-12-16 15:25 - 00295424 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll 2012-12-21 12:50 - 2012-12-16 15:25 - 00034304 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll 2012-12-20 09:17 - 2012-12-20 09:17 - 00000000 ____D C:\Users\Arek\Desktop\Nowy folder 2012-12-14 21:48 - 2012-12-14 21:50 - 00013327 ____A C:\Users\Arek\Desktop\SPARING APN.odt 2012-12-14 18:33 - 2012-12-14 18:39 - 00023956 ____A C:\Users\Arek\Desktop\do wydr 3.odt 2012-12-13 16:15 - 2012-11-14 03:14 - 09738240 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2012-12-13 16:15 - 2012-11-14 03:09 - 01800704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2012-12-13 16:15 - 2012-11-14 02:58 - 01427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2012-12-13 16:15 - 2012-11-14 02:57 - 01129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2012-12-13 16:15 - 2012-11-14 02:57 - 01103872 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2012-12-13 16:15 - 2012-11-14 02:55 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2012-12-13 16:15 - 2012-11-14 02:51 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2012-12-13 16:15 - 2012-11-14 02:49 - 00717824 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2012-12-13 16:15 - 2012-11-14 02:49 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2012-12-13 16:15 - 2012-11-14 02:48 - 00420864 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2012-12-13 16:15 - 2012-11-14 02:47 - 00607744 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2012-12-13 16:15 - 2012-11-14 02:46 - 01793024 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2012-12-13 16:15 - 2012-11-14 02:45 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2012-12-13 16:15 - 2012-11-14 02:44 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2012-12-13 16:15 - 2012-11-14 02:41 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2012-12-13 16:14 - 2012-11-14 03:48 - 12320256 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2012-12-13 10:46 - 2012-12-13 13:43 - 00000000 ____D C:\Users\Arek\Dokumenty 2012-12-13 10:45 - 2012-12-13 10:55 - 00000000 ____D C:\Users\Arek\.spss 2012-12-13 10:45 - 2012-12-13 10:45 - 00000000 ____D C:\Users\Arek\Documents\SafeNet Sentinel 2012-12-13 10:43 - 2012-12-13 10:43 - 00001024 ____A C:\Windows\System32\grcauth2.dll 2012-12-13 10:43 - 2012-12-13 10:43 - 00001024 ____A C:\Windows\System32\grcauth1.dll 2012-12-13 10:43 - 2012-12-13 10:43 - 00001024 ____A C:\Windows\System32\clauth2.dll 2012-12-13 10:43 - 2012-12-13 10:43 - 00001024 ____A C:\Windows\System32\clauth1.dll 2012-12-13 10:43 - 2012-12-13 10:43 - 00000114 ____A C:\Windows\System32\prsgrc.tgz 2012-12-13 10:43 - 2012-12-13 10:43 - 00000100 ____A C:\Windows\System32\prsgrc.dll 2012-12-13 10:43 - 2012-12-13 10:43 - 00000014 ____A C:\Windows\System32\ssprs.tgz 2012-12-13 10:43 - 2012-12-13 10:43 - 00000000 ____A C:\Windows\System32\ssprs.dll 2012-12-13 10:43 - 2012-12-13 10:43 - 00000000 ____A C:\Windows\System32\serauth2.dll 2012-12-13 10:43 - 2012-12-13 10:43 - 00000000 ____A C:\Windows\System32\serauth1.dll 2012-12-13 10:43 - 2012-12-13 10:43 - 00000000 ____A C:\Windows\System32\nsprs.tgz 2012-12-13 10:43 - 2012-12-13 10:43 - 00000000 ____A C:\Windows\System32\nsprs.dll 2012-12-13 10:37 - 2012-12-13 10:37 - 00000000 ____D C:\Users\All Users\SafeNet Sentinel 2012-12-13 10:37 - 2012-12-13 10:37 - 00000000 ____A C:\law.sp 2012-12-13 10:35 - 2012-12-13 10:42 - 00000000 ____D C:\Program Files\SPSSInc 2012-12-13 10:35 - 2012-12-13 10:35 - 00000000 ____D C:\Users\All Users\SPSS 2012-12-13 10:35 - 2012-12-13 10:35 - 00000000 ____D C:\Program Files\Common Files\SPSSInc 2012-12-13 10:35 - 2012-12-13 10:35 - 00000000 ____D C:\Program Files\Common Files\SPSS 2012-12-13 10:34 - 2012-12-13 10:41 - 00000219 ____A C:\Windows\System32\lsprst7.tgz 2012-12-13 10:34 - 2012-12-13 10:41 - 00000205 ____A C:\Windows\System32\lsprst7.dll 2012-12-13 10:34 - 2012-12-13 10:41 - 00000016 ___AH C:\Windows\System32\servdat.slm 2012-12-13 10:34 - 2012-12-13 10:34 - 00001025 ____A C:\Windows\System32\sysprs7.tgz 2012-12-13 10:34 - 2012-12-13 10:34 - 00001025 ____A C:\Windows\System32\sysprs7.dll 2012-12-13 10:01 - 2012-11-22 08:43 - 02344960 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys 2012-12-13 10:01 - 2012-10-04 17:53 - 00169984 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll 2012-12-13 10:01 - 2012-10-04 17:49 - 00868352 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll 2012-12-13 10:01 - 2012-10-04 17:49 - 00293376 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll 2012-12-13 10:01 - 2012-10-04 17:45 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll 2012-12-13 10:01 - 2012-10-04 17:45 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll 2012-12-13 10:01 - 2012-10-04 17:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll 2012-12-13 10:01 - 2012-10-04 17:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll 2012-12-13 10:01 - 2012-10-04 17:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll 2012-12-13 10:01 - 2012-10-04 17:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll 2012-12-13 10:01 - 2012-10-04 17:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll 2012-12-13 10:01 - 2012-10-04 17:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll 2012-12-13 10:01 - 2012-10-04 17:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll 2012-12-13 10:01 - 2012-10-04 17:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll 2012-12-13 10:01 - 2012-10-04 17:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll 2012-12-13 10:01 - 2012-10-04 17:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll 2012-12-13 10:01 - 2012-10-04 17:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll 2012-12-13 10:01 - 2012-10-04 17:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll 2012-12-13 10:01 - 2012-10-04 17:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll 2012-12-13 10:01 - 2012-10-04 17:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll 2012-12-13 10:01 - 2012-10-04 17:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll 2012-12-13 10:01 - 2012-10-04 17:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll 2012-12-13 10:01 - 2012-10-04 17:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll 2012-12-13 10:01 - 2012-10-04 17:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll 2012-12-13 10:01 - 2012-10-04 17:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll 2012-12-13 10:01 - 2012-10-04 17:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll 2012-12-13 10:01 - 2012-10-04 17:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll 2012-12-13 10:01 - 2012-10-04 17:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll 2012-12-13 10:01 - 2012-10-04 16:00 - 00271360 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe 2012-12-13 10:01 - 2012-10-04 15:44 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll 2012-12-13 10:01 - 2012-10-04 15:44 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll 2012-12-13 10:01 - 2012-10-04 15:44 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll 2012-12-13 10:01 - 2012-10-04 15:44 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll 2012-12-13 10:00 - 2012-11-09 05:49 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll 2012-12-13 10:00 - 2012-11-02 05:48 - 00376832 ____A (Microsoft Corporation) C:\Windows\System32\dpnet.dll 2012-12-13 10:00 - 2012-09-06 17:48 - 00245616 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\volsnap.sys 2012-12-12 07:10 - 2012-12-12 07:11 - 00000000 ____D C:\Users\Arek\Desktop\muzyka sylwester2010 2012-12-12 07:08 - 2011-12-14 12:02 - 00022407 ____A C:\Users\Arek\Desktop\zarzadzenie wojta.odt 2012-12-04 04:53 - 2012-12-12 06:48 - 00000000 ____D C:\Users\Arek\Desktop\FOTO SPORT 2012-12-04 04:23 - 2012-12-04 04:40 - 00015864 ____A C:\Users\Arek\Desktop\GRAFIK PRACY I TYDZIEN GRUDNIA 2012.odt ==================== One Month Modified Files and Folders ======== 2013-01-01 20:12 - 2013-01-01 20:12 - 00000000 ____D C:\FRST 2013-01-01 19:23 - 2009-07-14 05:39 - 00205344 ____A C:\Windows\setupact.log 2012-12-31 22:22 - 2012-12-28 12:50 - 95023320 ___AT C:\Users\All Users\dsgsdgdsgdsgw.pad 2012-12-31 22:22 - 2012-07-31 22:09 - 00000000 ____D C:\Users\Arek\AppData\Roaming\BrowserCompanion 2012-12-31 22:22 - 2009-07-14 05:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT 2012-12-31 20:06 - 2012-04-05 19:21 - 00000930 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job 2012-12-28 13:00 - 2009-07-14 05:34 - 00010240 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2012-12-28 13:00 - 2009-07-14 05:34 - 00010240 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2012-12-28 12:51 - 2012-12-28 12:51 - 00002865 ____A C:\Users\All Users\dsgsdgdsgdsgw.js 2012-12-28 12:50 - 2012-12-28 12:50 - 00204712 ____A (?????????? ??????????) C:\Users\Arek\wgsdgsdgdsgsd.dll 2012-12-28 12:50 - 2012-04-05 11:38 - 00000000 ____D C:\users\Arek 2012-12-28 12:47 - 2012-04-05 09:32 - 01182200 ____A C:\Windows\WindowsUpdate.log 2012-12-28 12:28 - 2012-12-28 12:28 - 00000000 ____D C:\Windows\System32\EventProviders 2012-12-24 14:44 - 2012-11-27 12:56 - 00000000 ____D C:\Users\Arek\Desktop\UKS PISMA 2012-12-24 14:29 - 2012-04-14 17:05 - 00000000 ____D C:\Program Files\McAfee 2012-12-24 14:29 - 2012-04-05 12:36 - 00096958 ____A C:\Windows\PFRO.log 2012-12-21 20:16 - 2009-07-14 05:33 - 00300200 ____A C:\Windows\System32\FNTCACHE.DAT 2012-12-21 12:34 - 2012-04-05 11:42 - 00005194 ____A C:\Windows\System32\PerfStringBackup.INI 2012-12-21 12:34 - 2009-07-14 09:07 - 03261916 ____A C:\Windows\System32\perfh015.dat 2012-12-21 12:34 - 2009-07-14 09:07 - 01028710 ____A C:\Windows\System32\perfc015.dat 2012-12-20 12:03 - 2012-11-29 21:02 - 00000000 ____D C:\Users\Arek\Desktop\fotki maluchy 2012-12-20 09:17 - 2012-12-20 09:17 - 00000000 ____D C:\Users\Arek\Desktop\Nowy folder 2012-12-16 15:25 - 2012-12-21 12:50 - 00295424 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll 2012-12-16 15:25 - 2012-12-21 12:50 - 00034304 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll 2012-12-14 21:50 - 2012-12-14 21:48 - 00013327 ____A C:\Users\Arek\Desktop\SPARING APN.odt 2012-12-14 18:39 - 2012-12-14 18:33 - 00023956 ____A C:\Users\Arek\Desktop\do wydr 3.odt 2012-12-13 22:20 - 2012-04-05 18:29 - 00066296 ____A C:\Users\Arek\AppData\Local\GDIPFONTCACHEV1.DAT 2012-12-13 22:17 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\pl-PL 2012-12-13 22:17 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\DriverStore 2012-12-13 13:43 - 2012-12-13 10:46 - 00000000 ____D C:\Users\Arek\Dokumenty 2012-12-13 11:40 - 2012-09-03 20:34 - 00000000 ____D C:\Users\Arek\Desktop\nat 2012-12-13 10:55 - 2012-12-13 10:45 - 00000000 ____D C:\Users\Arek\.spss 2012-12-13 10:45 - 2012-12-13 10:45 - 00000000 ____D C:\Users\Arek\Documents\SafeNet Sentinel 2012-12-13 10:43 - 2012-12-13 10:43 - 00001024 ____A C:\Windows\System32\grcauth2.dll 2012-12-13 10:43 - 2012-12-13 10:43 - 00001024 ____A C:\Windows\System32\grcauth1.dll 2012-12-13 10:43 - 2012-12-13 10:43 - 00001024 ____A C:\Windows\System32\clauth2.dll 2012-12-13 10:43 - 2012-12-13 10:43 - 00001024 ____A C:\Windows\System32\clauth1.dll 2012-12-13 10:43 - 2012-12-13 10:43 - 00000114 ____A C:\Windows\System32\prsgrc.tgz 2012-12-13 10:43 - 2012-12-13 10:43 - 00000100 ____A C:\Windows\System32\prsgrc.dll 2012-12-13 10:43 - 2012-12-13 10:43 - 00000014 ____A C:\Windows\System32\ssprs.tgz 2012-12-13 10:43 - 2012-12-13 10:43 - 00000000 ____A C:\Windows\System32\ssprs.dll 2012-12-13 10:43 - 2012-12-13 10:43 - 00000000 ____A C:\Windows\System32\serauth2.dll 2012-12-13 10:43 - 2012-12-13 10:43 - 00000000 ____A C:\Windows\System32\serauth1.dll 2012-12-13 10:43 - 2012-12-13 10:43 - 00000000 ____A C:\Windows\System32\nsprs.tgz 2012-12-13 10:43 - 2012-12-13 10:43 - 00000000 ____A C:\Windows\System32\nsprs.dll 2012-12-13 10:43 - 2009-07-14 03:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2012-12-13 10:42 - 2012-12-13 10:35 - 00000000 ____D C:\Program Files\SPSSInc 2012-12-13 10:41 - 2012-12-13 10:34 - 00000219 ____A C:\Windows\System32\lsprst7.tgz 2012-12-13 10:41 - 2012-12-13 10:34 - 00000205 ____A C:\Windows\System32\lsprst7.dll 2012-12-13 10:41 - 2012-12-13 10:34 - 00000016 ___AH C:\Windows\System32\servdat.slm 2012-12-13 10:37 - 2012-12-13 10:37 - 00000000 ____D C:\Users\All Users\SafeNet Sentinel 2012-12-13 10:37 - 2012-12-13 10:37 - 00000000 ____A C:\law.sp 2012-12-13 10:35 - 2012-12-13 10:35 - 00000000 ____D C:\Users\All Users\SPSS 2012-12-13 10:35 - 2012-12-13 10:35 - 00000000 ____D C:\Program Files\Common Files\SPSSInc 2012-12-13 10:35 - 2012-12-13 10:35 - 00000000 ____D C:\Program Files\Common Files\SPSS 2012-12-13 10:34 - 2012-12-13 10:34 - 00001025 ____A C:\Windows\System32\sysprs7.tgz 2012-12-13 10:34 - 2012-12-13 10:34 - 00001025 ____A C:\Windows\System32\sysprs7.dll 2012-12-12 07:11 - 2012-12-12 07:10 - 00000000 ____D C:\Users\Arek\Desktop\muzyka sylwester2010 2012-12-12 06:48 - 2012-12-04 04:53 - 00000000 ____D C:\Users\Arek\Desktop\FOTO SPORT 2012-12-11 23:06 - 2012-04-05 19:21 - 00697272 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe 2012-12-11 23:06 - 2012-04-05 19:21 - 00073656 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl 2012-12-10 21:04 - 2012-05-08 19:13 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2012-12-09 11:45 - 2012-10-20 17:03 - 00000000 ____D C:\Program Files\Mozilla Firefox 2012-12-07 21:55 - 2012-04-05 17:46 - 00006144 ____A C:\Users\Arek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2012-12-07 21:43 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\NDF 2012-12-04 04:51 - 2012-11-27 12:46 - 00000000 ____D C:\Users\Arek\Desktop\zdjecia itp 2012-12-04 04:50 - 2012-10-16 19:07 - 00000000 ____D C:\Users\Arek\Desktop\PI£KA NO¯NA 2012-12-04 04:40 - 2012-12-04 04:23 - 00015864 ____A C:\Users\Arek\Desktop\GRAFIK PRACY I TYDZIEN GRUDNIA 2012.odt ==================== Known DLLs (Whitelisted) ================= ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys [2012-12-13 10:00] - [2012-09-06 17:48] - 0245616 ____A (Microsoft Corporation) 59F06B4968E58BC83DFC56CA4517960E ==================== EXE ASSOCIATION ===================== HKLM\...\.exe: exefile => OK HKLM\...\exefile\DefaultIcon: %1 => OK HKLM\...\exefile\open\command: "%1" %* => OK ==================== Restore Points ========================= Restore point made on: 2012-12-28 12:26:25 ==================== Memory info =========================== Percentage of memory in use: 11% Total physical RAM: 4092.2 MB Available physical RAM: 3635.04 MB Total Pagefile: 4090.48 MB Available Pagefile: 3643.2 MB Total Virtual: 2047.88 MB Available Virtual: 1960.73 MB ==================== Partitions ============================= 1 Drive c: () (Fixed) (Total:39.88 GB) (Free:2.58 GB) NTFS ==>[Drive with boot components (obtained from BCD)] 2 Drive d: () (Fixed) (Total:245.12 GB) (Free:244.97 GB) NTFS 3 Drive e: (RECOVERY) (Fixed) (Total:12.79 GB) (Free:2.14 GB) NTFS ==>[System with boot components (obtained from reading drive)] 4 Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32 5 Drive g: (ReatogoPE) (CDROM) (Total:0.43 GB) (Free:0 GB) CDFS 6 Drive h: () (Removable) (Total:7.33 GB) (Free:7.33 GB) FAT32 7 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS Nr dysku Stan Rozmiar Wolne Dyn GPT -------- ------------- ------- ------- --- --- Dysk 0 Online 298 GB 0 B Dysk 1 Online 7520 MB 0 B Partitions of Disk 0: =============== Partycja ### Typ Rozmiar Przesuni©cie ------------- ---------------- ------- ------------ Partycja 1 Podstawowy 39 GB 200 MB Partycja 2 Podstawowy 245 GB 40 GB Partycja 3 Podstawowy 12 GB 285 GB Partycja 4 Podstawowy 103 MB 297 GB ========================================================= Disk: 0 Partycja 1 Typ : 07 Ukryta : Nie Aktywna : Tak Przesuni©cie w bajtach: 209715200 Wolumin ### Lit Etykieta Fs Typ Rozmiar Stan Info ----------- --- ----------- ----- ---------- ------- --------- -------- * Wolumin 1 C NTFS Partycja 39 GB Zdrowy ========================================================= Disk: 0 Partycja 2 Typ : 07 Ukryta : Nie Aktywna : Nie Przesuni©cie w bajtach: 43035656192 Wolumin ### Lit Etykieta Fs Typ Rozmiar Stan Info ----------- --- ----------- ----- ---------- ------- --------- -------- * Wolumin 2 D NTFS Partycja 245 GB Zdrowy ========================================================= Disk: 0 Partycja 3 Typ : 07 Ukryta : Nie Aktywna : Nie Przesuni©cie w bajtach: 306228232192 Wolumin ### Lit Etykieta Fs Typ Rozmiar Stan Info ----------- --- ----------- ----- ---------- ------- --------- -------- * Wolumin 3 E RECOVERY NTFS Partycja 12 GB Zdrowy ========================================================= Disk: 0 Partycja 4 Typ : 0C Ukryta : Nie Aktywna : Nie Przesuni©cie w bajtach: 319963529216 Wolumin ### Lit Etykieta Fs Typ Rozmiar Stan Info ----------- --- ----------- ----- ---------- ------- --------- -------- * Wolumin 4 F HP_TOOLS FAT32 Partycja 103 MB Zdrowy ========================================================= Partitions of Disk 1: =============== Partycja ### Typ Rozmiar Przesuni©cie ------------- ---------------- ------- ------------ Partycja 1 Podstawowy 7519 MB 31 KB ========================================================= Disk: 1 Partycja 1 Typ : 0B Ukryta : Nie Aktywna : Tak Przesuni©cie w bajtach: 32256 Wolumin ### Lit Etykieta Fs Typ Rozmiar Stan Info ----------- --- ----------- ----- ---------- ------- --------- -------- * Wolumin 5 H FAT32 Wymienny 7519 MB Zdrowy ========================================================= Last Boot: 2012-11-17 08:12 ==================== End Of Log ============================