Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 17-01-2014 03 Ran by Uzytkownik (administrator) on PC-CCF71BE1B323 on 18-01-2014 19:59:28 Running from D:\pobrane Microsoft Windows XP Home Edition Dodatek Service Pack 3 (X86) OS Language: Polish Internet Explorer Version 8 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) =================== (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgrsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Spotify Ltd) C:\Documents and Settings\Uzytkownik\Dane aplikacji\Spotify\Data\SpotifyWebHelper.exe (ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgfws.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe (ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe (Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe () C:\WINDOWS\system32\PnkBstrA.exe (Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgemcx.exe (Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe (Opera Software) C:\Program Files\Opera\18.0.1284.68\opera.exe () C:\Program Files\Opera\18.0.1284.68\opera_crashreporter.exe (Opera Software) C:\Program Files\Opera\18.0.1284.68\opera.exe (Opera Software) C:\Program Files\Opera\18.0.1284.68\opera.exe (AQQ Sp. z o.o.) C:\Program Files\WapSter\WapSter AQQ\AQQ.exe (Microsoft Corporation) C:\WINDOWS\system32\taskmgr.exe (Opera Software) C:\Program Files\Opera\18.0.1284.68\opera.exe (Opera Software) C:\Program Files\Opera\18.0.1284.68\opera.exe (Opera Software) C:\Program Files\Opera\18.0.1284.68\opera.exe (Opera Software) C:\Program Files\Opera\18.0.1284.68\opera.exe (Opera Software) C:\Program Files\Opera\18.0.1284.68\opera.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [AVG_UI] - C:\Program Files\AVG\AVG2014\avgui.exe [4956176 2013-11-07] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2010-02-10] (Advanced Micro Devices, Inc.) HKLM\...\RunOnce: [Malwarebytes Anti-Malware] - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation) Winlogon\Notify\AtiExtEvent: C:\Windows\system32\Ati2evxx.dll (ATI Technologies Inc.) HKCU\...\Run: [Spotify Web Helper] - C:\Documents and Settings\Uzytkownik\Dane aplikacji\Spotify\Data\SpotifyWebHelper.exe [1168896 2013-12-08] (Spotify Ltd) AppInit_DLLs: [ ] () ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://pl.msn.com HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://pl.msn.com HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.bing.com/ HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.bing.com/ SearchScopes: HKLM - DefaultScope value is missing. BHO: IDMIEHlprObj Class - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Documents and Settings\Uzytkownik\Pulpit\Inne\IDM Crack\crack\IDMIECC.dll (Tonec Inc.) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKCU - &Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation) Toolbar: HKCU - &Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Winsock: Catalog9 01 C:\WINDOWS\system32\idmmbc.dll [210352] (Tonec Inc.) Winsock: Catalog9 02 C:\WINDOWS\system32\idmmbc.dll [210352] (Tonec Inc.) Winsock: Catalog9 03 C:\WINDOWS\system32\idmmbc.dll [210352] (Tonec Inc.) Winsock: Catalog9 04 C:\WINDOWS\system32\idmmbc.dll [210352] (Tonec Inc.) Winsock: Catalog9 05 C:\WINDOWS\system32\idmmbc.dll [210352] (Tonec Inc.) Winsock: Catalog9 11 C:\WINDOWS\system32\idmmbc.dll [210352] (Tonec Inc.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 FireFox: ======== FF ProfilePath: C:\Documents and Settings\Uzytkownik\Dane aplikacji\Mozilla\Firefox\Profiles\r1gcmsug.default FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll () FF Plugin: @idsoftware.com/QuakeLive - C:\Documents and Settings\All Users\Dane aplikacji\id Software\QuakeLive\npquakezero.dll (id Software Inc.) FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Documents and Settings\Uzytkownik\Ustawienia lokalne\Dane aplikacji\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Extension: anonymoX - C:\Documents and Settings\Uzytkownik\Dane aplikacji\Mozilla\Firefox\Profiles\r1gcmsug.default\Extensions\client@anonymox.net.xpi [2013-12-13] FF Extension: FastestFox - C:\Documents and Settings\Uzytkownik\Dane aplikacji\Mozilla\Firefox\Profiles\r1gcmsug.default\Extensions\smarterwiki@wikiatic.com.xpi [2013-12-13] FF Extension: Adblock Plus - C:\Documents and Settings\Uzytkownik\Dane aplikacji\Mozilla\Firefox\Profiles\r1gcmsug.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-13] FF HKCU\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Documents and Settings\Uzytkownik\Dane aplikacji\IDM\idmmzcc3 FF Extension: IDM CC - C:\Documents and Settings\Uzytkownik\Dane aplikacji\IDM\idmmzcc3 [2013-11-20] FF HKCU\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Documents and Settings\Uzytkownik\Dane aplikacji\IDM\idmmzcc5 FF Extension: IDM CC - C:\Documents and Settings\Uzytkownik\Dane aplikacji\IDM\idmmzcc5 [2013-08-22] Chrome: ======= CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\32.0.1700.76\pdf.dll () CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation) CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.)) CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation) CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File CHR Extension: (Battlefield Heroes) - C:\Documents and Settings\Uzytkownik\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh [2013-12-17] CHR Extension: (IDM Integration Module) - C:\Documents and Settings\Uzytkownik\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn [2013-08-22] CHR Extension: (Google Wallet) - C:\Documents and Settings\Uzytkownik\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-08] CHR Extension: (Battlefield Play4Free) - C:\Documents and Settings\Uzytkownik\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh [2014-01-08] CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2013-08-17] ========================== Services (Whitelisted) ================= R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2010-02-10] () R2 avgfws; C:\Program Files\AVG\AVG2014\avgfws.exe [1358944 2013-09-24] (AVG Technologies CZ, s.r.o.) R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3478544 2013-11-11] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.) R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-12-18] (Oracle Corporation) S3 npggsvc; C:\WINDOWS\system32\GameMon.des [5284208 2013-10-30] (INCA Internet Co., Ltd.) R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [75136 2014-01-08] () R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2004-12-13] (Ulead Systems, Inc.) ==================== Drivers (Whitelisted) ==================== R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [120600 2013-11-05] (AVG Technologies CZ, s.r.o.) R3 Avgfwdx; C:\Windows\System32\DRIVERS\avgfwdx.sys [30944 2012-01-12] (AVG Technologies CZ, s.r.o.) S3 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwdx.sys [30944 2012-01-12] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [209176 2013-11-04] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147768 2013-10-24] (AVG Technologies CZ, s.r.o.) R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [22840 2013-09-17] (AVG Technologies CZ, s.r.o.) R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [176952 2013-10-31] (AVG Technologies CZ, s.r.o.) R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [222520 2013-10-31] (AVG Technologies CZ, s.r.o.) R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [102712 2013-10-01] (AVG Technologies CZ, s.r.o.) R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27448 2013-09-10] (AVG Technologies CZ, s.r.o.) R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [193848 2013-08-01] (AVG Technologies CZ, s.r.o.) R3 cmuda; C:\Windows\System32\drivers\cmuda.sys [754560 2003-10-17] (C-Media Inc) R3 gameenum; C:\Windows\System32\DRIVERS\gameenum.sys [10624 2008-04-14] (Microsoft Corporation) S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.) R3 HSFHWBS2; C:\Windows\System32\DRIVERS\HSFBS2S2.sys [220032 2008-04-14] (Conexant Systems, Inc.) R3 HSF_DP; C:\Windows\System32\DRIVERS\HSFDPSP2.sys [1041536 2008-04-14] (Conexant Systems, Inc.) R1 IDMTDI; C:\Windows\System32\DRIVERS\idmtdi.sys [118344 2013-06-27] (Tonec Inc.) R1 SCDEmu; C:\Windows\System32\Drivers\SCDEmu.sys [114376 2013-10-23] (Power Software Ltd) R0 SiSide; C:\Windows\System32\DRIVERS\siside.sys [4096 2003-03-25] (Silicon Integrated Systems Corp.) R0 sisidex; C:\Windows\System32\drivers\sisidex.sys [49024 2002-10-17] (Windows (R) 2000 DDK provider) R3 SISNIC; C:\Windows\System32\DRIVERS\sisnic.sys [32768 2008-04-13] (SiS Corporation) R0 sisperf; C:\Windows\System32\drivers\sisperf.sys [9472 2002-08-20] (Silicon Integrated Systems Corp.) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [324096 2013-10-16] (Duplex Secure Ltd.) R3 winachsf; C:\Windows\System32\DRIVERS\HSFCXTS2.sys [685056 2008-04-14] (Conexant Systems, Inc.) S3 WinRing0_1_2_0; C:\Program Files\Razer\Razer Game Booster\Driver\WinRing0.sys [14416 2012-08-01] (OpenLibSys.org) S4 IntelIde; No ImagePath U3 TlntSvr; S3 vtany; \??\C:\WINDOWS\vtany.sys [x] S3 xhunter1; \??\C:\WINDOWS\xhunter1.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-01-18 19:58 - 2014-01-18 19:58 - 00000000 ____D C:\FRST 2014-01-18 19:23 - 2014-01-18 19:23 - 00000623 _____ C:\Documents and Settings\Uzytkownik\Pulpit\szczym.txt 2014-01-18 18:19 - 2014-01-18 18:19 - 00000784 _____ C:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk 2014-01-18 18:19 - 2014-01-18 18:19 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Dane aplikacji\Malwarebytes 2014-01-18 18:18 - 2014-01-18 18:19 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware 2014-01-18 18:18 - 2014-01-18 18:18 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes 2014-01-18 18:18 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2014-01-18 17:19 - 2014-01-18 17:19 - 00126232 _____ C:\Documents and Settings\Uzytkownik\Pulpit\OTL.Txt 2014-01-18 17:19 - 2014-01-18 17:19 - 00048458 _____ C:\Documents and Settings\Uzytkownik\Pulpit\Extras.Txt 2014-01-18 15:43 - 2014-01-18 15:43 - 00000218 _____ C:\Documents and Settings\Uzytkownik\Ustawienia lokalne\Dane aplikacji\recently-used.xbel 2014-01-18 15:29 - 2014-01-18 15:50 - 00000000 ____D C:\Documents and Settings\Uzytkownik\.gimp-2.8 2014-01-18 15:29 - 2014-01-18 15:29 - 00000736 _____ C:\Documents and Settings\All Users\Menu Start\Programy\GIMP 2.lnk 2014-01-18 15:29 - 2014-01-18 15:29 - 00000730 _____ C:\Documents and Settings\All Users\Pulpit\GIMP 2.lnk 2014-01-18 15:29 - 2014-01-18 15:29 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Ustawienia lokalne\Dane aplikacji\gegl-0.2 2014-01-18 15:25 - 2014-01-18 15:28 - 00000000 ____D C:\Program Files\GIMP 2 2014-01-18 13:46 - 2014-01-18 13:48 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Dane aplikacji\Notepad++ 2014-01-18 13:46 - 2014-01-18 13:47 - 00000000 ____D C:\Program Files\Notepad++ 2014-01-18 13:46 - 2014-01-18 13:46 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Menu Start\Programy\Notepad++ 2014-01-18 13:46 - 2014-01-18 13:46 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Notepad++ 2014-01-16 14:29 - 2014-01-16 14:35 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Dane aplikacji\mIRC 2014-01-16 14:29 - 2014-01-16 14:29 - 00000626 _____ C:\Documents and Settings\All Users\Pulpit\mIRC.lnk 2014-01-16 14:29 - 2014-01-16 14:29 - 00000000 ____D C:\Program Files\mIRC 2014-01-16 11:35 - 2014-01-16 11:35 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Pulpit\Nowy folder (2) 2014-01-15 20:49 - 2014-01-18 13:49 - 00001567 _____ C:\Documents and Settings\Uzytkownik\Pulpit\test.html 2014-01-15 12:15 - 2014-01-15 13:45 - 00000000 _____ C:\dfu.log 2014-01-15 12:08 - 2014-01-15 12:08 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Moje dokumenty\Gameforge Live 2014-01-15 12:07 - 2014-01-15 12:07 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Gameforge Live 2014-01-15 08:32 - 2014-01-15 08:32 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Dane aplikacji\AVG2014 2014-01-15 08:26 - 2014-01-15 08:26 - 00000732 _____ C:\Documents and Settings\All Users\Pulpit\AVG 2014.lnk 2014-01-15 08:26 - 2014-01-15 08:26 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Dane aplikacji\TuneUp Software 2014-01-15 08:22 - 2014-01-15 08:29 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\AVG2014 2014-01-14 22:26 - 2014-01-14 22:26 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Java 2014-01-14 22:26 - 2013-12-18 21:10 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll 2014-01-14 22:26 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe 2014-01-14 22:26 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe 2014-01-14 22:26 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe 2014-01-14 22:26 - 2013-12-18 20:46 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl 2014-01-14 22:25 - 2014-01-14 22:26 - 00005134 _____ C:\WINDOWS\system32\jupdate-1.7.0_51-b13.log 2014-01-14 06:59 - 2014-01-14 07:01 - 00000000 ____D C:\AdwCleaner 2014-01-11 09:16 - 2014-01-11 09:16 - 00004096 _____ C:\WINDOWS\d3dx.dat 2014-01-11 09:16 - 2014-01-11 09:16 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Gothic 2014-01-11 09:11 - 1998-10-07 12:54 - 00327168 _____ (InstallShield Software Corporation) C:\WINDOWS\IsUn0415.exe 2014-01-11 09:03 - 2014-01-11 09:03 - 00000000 ____D C:\Program Files\PowerISO 2014-01-11 09:03 - 2014-01-11 09:03 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\PowerISO 2014-01-09 10:30 - 2014-01-09 10:38 - 00000000 ____D C:\Documents and Settings\Uzytkownik\.cmflauncher 2014-01-08 10:13 - 2014-01-08 10:22 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Moje dokumenty\Battlefield Play4Free 2014-01-06 10:33 - 2014-01-06 10:33 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Moje dokumenty\Moje dzieła SPORE 2014-01-06 10:32 - 2014-01-06 10:33 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Dane aplikacji\SPORE 2014-01-06 10:30 - 2014-01-06 10:30 - 00107888 _____ (Sony DADC Austria AG.) C:\WINDOWS\system32\CmdLineExt.dll 2014-01-06 10:30 - 2014-01-06 10:30 - 00000000 __RHD C:\Documents and Settings\Uzytkownik\Dane aplikacji\SecuROM 2014-01-06 10:30 - 2014-01-06 10:30 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Electronic Arts 2014-01-06 02:45 - 2014-01-06 02:45 - 00000000 ____D C:\Games 2014-01-05 12:02 - 2014-01-06 02:45 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Menu Start\Programy\Robocraft 2014-01-04 21:49 - 2014-01-04 21:49 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Ustawienia lokalne\Dane aplikacji\TVOnline 2014-01-04 21:46 - 2014-01-05 09:32 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Rom_mci 2014-01-03 03:24 - 2014-01-03 03:24 - 00332602 _____ C:\Documents and Settings\Uzytkownik\Pulpit\FeTu0FMK.jpeg 2014-01-02 08:39 - 2014-01-02 08:39 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Dane aplikacji\PowerISO 2014-01-02 07:40 - 2014-01-02 07:43 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Moje dokumenty\Stronghold 2 2014-01-02 07:40 - 2014-01-02 07:40 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Firefly Studios 2014-01-02 07:23 - 2014-01-02 07:23 - 00000000 _____ C:\Documents and Settings\All Users\1f25bed819dd 2014-01-02 07:17 - 2014-01-02 08:51 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Firefly Studios 2013-12-30 05:51 - 2013-11-24 17:56 - 00427800 _____ C:\Documents and Settings\Uzytkownik\Pulpit\NotEnoughItems 1.6.1.5.jar 2013-12-27 19:32 - 2013-12-27 19:32 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Dane aplikacji\Wargaming.net 2013-12-27 16:20 - 2013-12-27 16:20 - 00000837 _____ C:\Documents and Settings\Uzytkownik\Pulpit\µTorrent.lnk 2013-12-27 16:19 - 2014-01-16 14:20 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Dane aplikacji\uTorrent 2013-12-27 16:09 - 2013-12-27 18:52 - 00000000 ___HD C:\WINDOWS\msdownld.tmp 2013-12-27 01:58 - 2013-12-27 01:58 - 00001194 _____ C:\Documents and Settings\Uzytkownik\Pulpit\pobrane.lnk 2013-12-26 16:35 - 2013-12-26 16:35 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Dane aplikacji\Soldat 2013-12-21 22:42 - 2013-12-24 02:04 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Dane aplikacji\Skype 2013-12-21 22:41 - 2013-12-21 22:42 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Skype 2013-12-21 22:41 - 2013-12-21 22:42 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Skype 2013-12-21 22:41 - 2013-12-21 22:41 - 00000000 ___RD C:\Program Files\Skype 2013-12-21 22:41 - 2013-12-21 22:41 - 00000000 ____D C:\Program Files\Common Files\Skype 2013-12-21 11:17 - 2014-01-18 19:58 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2013-12-21 03:20 - 2013-12-27 15:08 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Pulpit\Nowy folder 2013-12-19 16:12 - 2013-12-19 16:13 - 00000295 _____ C:\Documents and Settings\Uzytkownik\Pulpit\szablon.txt 2013-12-19 15:39 - 2014-01-02 19:07 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Pulpit\plemiona ==================== One Month Modified Files and Folders ======= 2014-01-18 19:58 - 2014-01-18 19:58 - 00000000 ____D C:\FRST 2014-01-18 19:58 - 2013-12-21 11:17 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-01-18 19:44 - 2013-08-19 15:50 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\MFAData 2014-01-18 19:24 - 2013-08-19 11:45 - 00001044 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-01-18 19:23 - 2014-01-18 19:23 - 00000623 _____ C:\Documents and Settings\Uzytkownik\Pulpit\szczym.txt 2014-01-18 19:23 - 2013-08-19 11:44 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Pulpit 2014-01-18 19:22 - 2013-08-20 22:16 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Ustawienia lokalne\Dane aplikacji\screenSHU 2014-01-18 18:19 - 2014-01-18 18:19 - 00000784 _____ C:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk 2014-01-18 18:19 - 2014-01-18 18:19 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Dane aplikacji\Malwarebytes 2014-01-18 18:19 - 2014-01-18 18:18 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware 2014-01-18 18:19 - 2013-08-19 13:24 - 00000000 ____D C:\Documents and Settings\All Users\Pulpit 2014-01-18 18:19 - 2013-08-19 11:44 - 00000000 __RHD C:\Documents and Settings\Uzytkownik\Dane aplikacji 2014-01-18 18:18 - 2014-01-18 18:18 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes 2014-01-18 18:18 - 2013-08-19 13:24 - 00000000 __RHD C:\Documents and Settings\All Users\Dane aplikacji 2014-01-18 17:19 - 2014-01-18 17:19 - 00126232 _____ C:\Documents and Settings\Uzytkownik\Pulpit\OTL.Txt 2014-01-18 17:19 - 2014-01-18 17:19 - 00048458 _____ C:\Documents and Settings\Uzytkownik\Pulpit\Extras.Txt 2014-01-18 17:00 - 2013-08-22 16:48 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Dane aplikacji\DMCache 2014-01-18 16:07 - 2013-08-22 16:48 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Dane aplikacji\IDM 2014-01-18 15:50 - 2014-01-18 15:29 - 00000000 ____D C:\Documents and Settings\Uzytkownik\.gimp-2.8 2014-01-18 15:43 - 2014-01-18 15:43 - 00000218 _____ C:\Documents and Settings\Uzytkownik\Ustawienia lokalne\Dane aplikacji\recently-used.xbel 2014-01-18 15:43 - 2013-08-19 11:44 - 00000000 ___HD C:\Documents and Settings\Uzytkownik\Ustawienia lokalne\Dane aplikacji 2014-01-18 15:29 - 2014-01-18 15:29 - 00000736 _____ C:\Documents and Settings\All Users\Menu Start\Programy\GIMP 2.lnk 2014-01-18 15:29 - 2014-01-18 15:29 - 00000730 _____ C:\Documents and Settings\All Users\Pulpit\GIMP 2.lnk 2014-01-18 15:29 - 2014-01-18 15:29 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Ustawienia lokalne\Dane aplikacji\gegl-0.2 2014-01-18 15:29 - 2013-08-19 13:24 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Start\Programy 2014-01-18 15:29 - 2013-08-19 11:44 - 00000000 ____D C:\Documents and Settings\Uzytkownik 2014-01-18 15:28 - 2014-01-18 15:25 - 00000000 ____D C:\Program Files\GIMP 2 2014-01-18 13:49 - 2014-01-15 20:49 - 00001567 _____ C:\Documents and Settings\Uzytkownik\Pulpit\test.html 2014-01-18 13:48 - 2014-01-18 13:46 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Dane aplikacji\Notepad++ 2014-01-18 13:47 - 2014-01-18 13:46 - 00000000 ____D C:\Program Files\Notepad++ 2014-01-18 13:46 - 2014-01-18 13:46 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Menu Start\Programy\Notepad++ 2014-01-18 13:46 - 2014-01-18 13:46 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Notepad++ 2014-01-18 13:46 - 2013-08-19 11:44 - 00000000 ___RD C:\Documents and Settings\Uzytkownik\Menu Start\Programy 2014-01-18 10:49 - 2013-08-19 11:38 - 01613562 _____ C:\WINDOWS\WindowsUpdate.log 2014-01-18 10:47 - 2013-08-19 18:13 - 00000288 _____ C:\WINDOWS\Tasks\Game_Booster_AutoUpdate.job 2014-01-18 10:47 - 2013-08-19 11:45 - 00001040 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-01-18 10:47 - 2013-08-19 11:43 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2014-01-18 02:15 - 2013-12-07 20:33 - 00524288 _____ C:\WINDOWS\system32\config\ACEEvent.evt 2014-01-18 02:15 - 2013-08-20 10:23 - 00032616 _____ C:\WINDOWS\SchedLgU.Txt 2014-01-18 02:15 - 2013-08-19 11:44 - 00000188 ___SH C:\Documents and Settings\Uzytkownik\ntuser.ini 2014-01-17 11:00 - 2008-04-15 13:00 - 00013646 _____ C:\WINDOWS\system32\wpa.dbl 2014-01-16 14:35 - 2014-01-16 14:29 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Dane aplikacji\mIRC 2014-01-16 14:29 - 2014-01-16 14:29 - 00000626 _____ C:\Documents and Settings\All Users\Pulpit\mIRC.lnk 2014-01-16 14:29 - 2014-01-16 14:29 - 00000000 ____D C:\Program Files\mIRC 2014-01-16 14:20 - 2013-12-27 16:19 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Dane aplikacji\uTorrent 2014-01-16 14:20 - 2013-08-19 11:56 - 00000000 __SHD C:\Documents and Settings\Uzytkownik\UserData 2014-01-16 11:43 - 2013-11-16 15:39 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Dane aplikacji\.minecraft 2014-01-16 11:35 - 2014-01-16 11:35 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Pulpit\Nowy folder (2) 2014-01-16 08:36 - 2013-11-16 02:29 - 00000000 ___RD C:\Documents and Settings\Uzytkownik\Pulpit\Gry 2014-01-15 20:36 - 2013-08-22 15:26 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Dane aplikacji\Spotify 2014-01-15 20:06 - 2013-08-22 15:26 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Ustawienia lokalne\Dane aplikacji\Spotify 2014-01-15 13:45 - 2014-01-15 12:15 - 00000000 _____ C:\dfu.log 2014-01-15 12:08 - 2014-01-15 12:08 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Moje dokumenty\Gameforge Live 2014-01-15 12:08 - 2013-08-19 11:44 - 00000000 ___RD C:\Documents and Settings\Uzytkownik\Moje dokumenty 2014-01-15 12:07 - 2014-01-15 12:07 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Gameforge Live 2014-01-15 10:14 - 2013-11-15 17:17 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Ustawienia lokalne\Dane aplikacji\Avg2014 2014-01-15 08:32 - 2014-01-15 08:32 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Dane aplikacji\AVG2014 2014-01-15 08:31 - 2013-10-24 14:06 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\AVG 2014-01-15 08:31 - 2013-08-19 18:34 - 00000000 ___HD C:\$AVG 2014-01-15 08:31 - 2013-08-19 18:33 - 00000000 ____D C:\Program Files\AVG 2014-01-15 08:29 - 2014-01-15 08:22 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\AVG2014 2014-01-15 08:26 - 2014-01-15 08:26 - 00000732 _____ C:\Documents and Settings\All Users\Pulpit\AVG 2014.lnk 2014-01-15 08:26 - 2014-01-15 08:26 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Dane aplikacji\TuneUp Software 2014-01-14 22:26 - 2014-01-14 22:26 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Java 2014-01-14 22:26 - 2014-01-14 22:25 - 00005134 _____ C:\WINDOWS\system32\jupdate-1.7.0_51-b13.log 2014-01-14 22:26 - 2013-08-19 18:07 - 00000000 ____D C:\Program Files\Java 2014-01-14 07:02 - 2013-10-14 10:36 - 00011521 _____ C:\autoupdate.log 2014-01-14 07:01 - 2014-01-14 06:59 - 00000000 ____D C:\AdwCleaner 2014-01-11 09:36 - 2013-11-16 02:30 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Pulpit\Inne 2014-01-11 09:16 - 2014-01-11 09:16 - 00004096 _____ C:\WINDOWS\d3dx.dat 2014-01-11 09:16 - 2014-01-11 09:16 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Gothic 2014-01-11 09:03 - 2014-01-11 09:03 - 00000000 ____D C:\Program Files\PowerISO 2014-01-11 09:03 - 2014-01-11 09:03 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\PowerISO 2014-01-10 05:21 - 2013-08-19 13:24 - 00101440 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2014-01-09 14:23 - 2013-08-19 11:45 - 00014312 _____ C:\Documents and Settings\Uzytkownik\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT 2014-01-09 10:38 - 2014-01-09 10:30 - 00000000 ____D C:\Documents and Settings\Uzytkownik\.cmflauncher 2014-01-08 10:38 - 2013-08-19 11:49 - 00000000 ___HD C:\Program Files\InstallShield Installation Information 2014-01-08 10:22 - 2014-01-08 10:13 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Moje dokumenty\Battlefield Play4Free 2014-01-08 10:17 - 2013-12-17 20:33 - 00234768 _____ C:\WINDOWS\system32\PnkBstrB.xtr 2014-01-08 10:17 - 2013-11-28 15:23 - 00234768 _____ C:\WINDOWS\system32\PnkBstrB.exe 2014-01-08 10:17 - 2013-11-28 15:23 - 00138264 _____ C:\WINDOWS\system32\Drivers\PnkBstrK.sys 2014-01-08 10:16 - 2013-12-17 20:31 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Ustawienia lokalne\Dane aplikacji\PunkBuster 2014-01-08 10:13 - 2013-11-28 15:23 - 00138056 _____ C:\Documents and Settings\Uzytkownik\Dane aplikacji\PnkBstrK.sys 2014-01-08 10:12 - 2013-12-17 20:26 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Menu Start\Programy\EA Games 2014-01-08 10:12 - 2013-11-28 15:23 - 00075136 _____ C:\WINDOWS\system32\PnkBstrA.exe 2014-01-08 09:38 - 2013-12-17 20:03 - 00000000 ____D C:\Program Files\EA Games 2014-01-06 10:33 - 2014-01-06 10:33 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Moje dokumenty\Moje dzieła SPORE 2014-01-06 10:33 - 2014-01-06 10:32 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Dane aplikacji\SPORE 2014-01-06 10:30 - 2014-01-06 10:30 - 00107888 _____ (Sony DADC Austria AG.) C:\WINDOWS\system32\CmdLineExt.dll 2014-01-06 10:30 - 2014-01-06 10:30 - 00000000 __RHD C:\Documents and Settings\Uzytkownik\Dane aplikacji\SecuROM 2014-01-06 10:30 - 2014-01-06 10:30 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Electronic Arts 2014-01-06 02:46 - 2013-08-19 11:43 - 00000188 ___SH C:\Documents and Settings\LocalService\ntuser.ini 2014-01-06 02:45 - 2014-01-06 02:45 - 00000000 ____D C:\Games 2014-01-06 02:45 - 2014-01-05 12:02 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Menu Start\Programy\Robocraft 2014-01-05 09:32 - 2014-01-04 21:46 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Rom_mci 2014-01-04 21:49 - 2014-01-04 21:49 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Ustawienia lokalne\Dane aplikacji\TVOnline 2014-01-03 03:24 - 2014-01-03 03:24 - 00332602 _____ C:\Documents and Settings\Uzytkownik\Pulpit\FeTu0FMK.jpeg 2014-01-02 19:07 - 2013-12-19 15:39 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Pulpit\plemiona 2014-01-02 08:51 - 2014-01-02 07:17 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Firefly Studios 2014-01-02 08:39 - 2014-01-02 08:39 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Dane aplikacji\PowerISO 2014-01-02 07:43 - 2014-01-02 07:40 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Moje dokumenty\Stronghold 2 2014-01-02 07:40 - 2014-01-02 07:40 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Firefly Studios 2014-01-02 07:23 - 2014-01-02 07:23 - 00000000 _____ C:\Documents and Settings\All Users\1f25bed819dd 2014-01-01 04:28 - 2013-09-09 14:50 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Dane aplikacji\TS3Client 2013-12-30 05:54 - 2013-11-16 02:30 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Pulpit\Mody 2013-12-27 19:32 - 2013-12-27 19:32 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Dane aplikacji\Wargaming.net 2013-12-27 18:52 - 2013-12-27 16:09 - 00000000 ___HD C:\WINDOWS\msdownld.tmp 2013-12-27 18:52 - 2013-08-19 11:38 - 00000000 ____D C:\WINDOWS\system32\DirectX 2013-12-27 16:20 - 2013-12-27 16:20 - 00000837 _____ C:\Documents and Settings\Uzytkownik\Pulpit\µTorrent.lnk 2013-12-27 15:08 - 2013-12-21 03:20 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Pulpit\Nowy folder 2013-12-27 01:58 - 2013-12-27 01:58 - 00001194 _____ C:\Documents and Settings\Uzytkownik\Pulpit\pobrane.lnk 2013-12-26 16:35 - 2013-12-26 16:35 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Dane aplikacji\Soldat 2013-12-26 16:06 - 2013-11-30 14:56 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Moje dokumenty\My Games 2013-12-24 02:04 - 2013-12-21 22:42 - 00000000 ____D C:\Documents and Settings\Uzytkownik\Dane aplikacji\Skype 2013-12-21 22:42 - 2013-12-21 22:41 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Skype 2013-12-21 22:42 - 2013-12-21 22:41 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Skype 2013-12-21 22:41 - 2013-12-21 22:41 - 00000000 ___RD C:\Program Files\Skype 2013-12-21 22:41 - 2013-12-21 22:41 - 00000000 ____D C:\Program Files\Common Files\Skype 2013-12-21 11:17 - 2013-08-19 18:09 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2013-12-21 11:17 - 2013-08-19 18:09 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2013-12-19 16:13 - 2013-12-19 16:12 - 00000295 _____ C:\Documents and Settings\Uzytkownik\Pulpit\szablon.txt Files to move or delete: ==================== C:\Documents and Settings\Uzytkownik\jagex_cl_runescape_LIVE.dat C:\Documents and Settings\Uzytkownik\random.dat Some content of TEMP: ==================== C:\Documents and Settings\Uzytkownik\Ustawienia lokalne\temp\mirc732.exe C:\Documents and Settings\Uzytkownik\Ustawienia lokalne\temp\xmlUpdater.exe ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe [2008-04-15 13:00] - [2008-04-15 13:00] - 1035264 ____A (Microsoft Corporation) c791ed9eac5e76d9525e157b1d7a599a C:\Windows\System32\winlogon.exe [2008-04-15 13:00] - [2008-04-15 13:00] - 0510464 ____A (Microsoft Corporation) 51fd2e13d723857b9ca239ae77150f48 C:\Windows\System32\svchost.exe [2008-04-15 13:00] - [2008-04-15 13:00] - 0014336 ____A (Microsoft Corporation) 8607d35d92528e2df386f19a960d23ce C:\Windows\System32\services.exe [2008-04-15 13:00] - [2009-02-09 12:25] - 0111104 ____A (Microsoft Corporation) 02a467e27af55f7064c5b251e587315f C:\Windows\System32\User32.dll [2008-04-15 13:00] - [2008-04-15 13:00] - 0580096 ____A (Microsoft Corporation) a435c5c069afd901751ac323ad238793 C:\Windows\System32\userinit.exe [2008-04-15 13:00] - [2008-04-15 13:00] - 0026624 ____A (Microsoft Corporation) 2a5b37d520508be6570a3ea79695f5b5 C:\Windows\System32\rpcss.dll [2008-04-15 13:00] - [2009-02-09 11:53] - 0401408 ____A (Microsoft Corporation) a37311d9d628c1042a2836731787f0f3 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected. C:\Windows\System32\Drivers\volsnap.sys [2008-04-15 13:00] - [2008-04-15 13:00] - 0052864 ____A (Microsoft Corporation) 56b191ac5fc0df219949c95a6c87afe7 ==================== End Of Log ============================