Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:01-05-2014 Ran by Dom (administrator) on AGA on 03-04-2014 20:59:34 Running from C:\Documents and Settings\Dom\Moje dokumenty\Pobieranie Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polish Internet Explorer Version 6 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe (Cherished Technololgy LIMITED) C:\Documents and Settings\All Users\Dane aplikacji\WPM\wprotectmanager.exe (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe (Google Inc.) C:\Program Files\Google\Update\1.3.23.9\GoogleCrashHandler.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe () C:\Program Files\WebcamMax\wcmmon.exe () C:\WINDOWS\system32\godouqui.exe (Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe () C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\Dyow\neoh.exe (Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe () C:\DOCUME~1\Dom\USTAWI~1\Temp\gmpjfa53FEC2FE.tmp (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe (OldTimer Tools) C:\Documents and Settings\Dom\Moje dokumenty\Pobieranie\OTL(1).exe (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [SkyTel] => C:\WINDOWS\SkyTel.EXE [1826816 2007-06-15] (Realtek Semiconductor Corp.) HKLM\...\Run: [NvCplDaemon] => C:\WINDOWS\system32\NvCpl.dll [8429568 2007-05-11] (NVIDIA Corporation) HKLM\...\Run: [nwiz] => nwiz.exe /install HKLM\...\Run: [NvMediaCenter] => C:\WINDOWS\system32\NvMcTray.dll [81920 2007-05-11] (NVIDIA Corporation) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [1447168 2008-08-18] (ESET) HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16380416 2007-07-05] (Realtek Semiconductor Corp.) HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.) HKLM\...\Run: [fejom] => C:\WINDOWS\system32\godouqui.exe [323584 2014-04-24] () HKLM\...\Run: [Regedit32] => C:\WINDOWS\system32\regedit.exe Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.) HKU\.DEFAULT\...\RunOnce: [Del1545421] - cmd.exe /Q /D /c del "C:\WINDOWS\system32\config\SYSTEM~1\USTAWI~1\Temp\0.del" HKU\S-1-5-19\...\RunOnce: [nlpo_01] - cmd.exe /c md "%USERPROFILE%\Ustawienia lokalne\Temp" HKU\S-1-5-19\...\RunOnce: [nlpo_02] - rundll32 advpack.dll,DelNodeRunDLL32 "%SystemRoot%\System32\dllcache" HKU\S-1-5-19\...\RunOnce: [nlpo_03] - cmd.exe /c md "%SystemRoot%\System32\dllcache" HKU\S-1-5-19\...\RunOnce: [nlpo_04] - cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" HKU\S-1-5-19\...\RunOnce: [nlpo_05] - rundll32 advpack.dll,LaunchINFSection nlite.inf,nLiteReg HKU\S-1-5-19\...\RunOnce: [nlpo_06] - rundll32 advpack.dll,LaunchINFSection nlite.inf,S HKU\S-1-5-20\...\RunOnce: [nlpo_01] - cmd.exe /c md "%USERPROFILE%\Ustawienia lokalne\Temp" HKU\S-1-5-20\...\RunOnce: [nlpo_02] - rundll32 advpack.dll,DelNodeRunDLL32 "%SystemRoot%\System32\dllcache" HKU\S-1-5-20\...\RunOnce: [nlpo_03] - cmd.exe /c md "%SystemRoot%\System32\dllcache" HKU\S-1-5-20\...\RunOnce: [nlpo_04] - cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" HKU\S-1-5-20\...\RunOnce: [nlpo_05] - rundll32 advpack.dll,LaunchINFSection nlite.inf,nLiteReg HKU\S-1-5-20\...\RunOnce: [nlpo_06] - rundll32 advpack.dll,LaunchINFSection nlite.inf,S HKU\S-1-5-21-1644491937-1844823847-725345543-1003\...\Run: [WebcamMaxAutoRun] => C:\Program Files\WebcamMax\wcmmon.exe [1038848 2011-07-17] () HKU\S-1-5-21-1644491937-1844823847-725345543-1003\...\Run: [GG] => C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\GG\Application\gghub.exe [4023360 2014-03-31] (GG Network S.A.) HKU\S-1-5-21-1644491937-1844823847-725345543-1003\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation) HKU\S-1-5-21-1644491937-1844823847-725345543-1003\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.) HKU\S-1-5-21-1644491937-1844823847-725345543-1003\...\Run: [Neoh] => C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\Dyow\neoh.exe [500224 2013-11-22] () <===== ATTENTION HKU\S-1-5-21-1644491937-1844823847-725345543-1003\...\Run: [patgeasukump] => C:\Documents and Settings\Dom\patgeasukump.exe [68608 2014-04-30] () HKU\S-1-5-21-1644491937-1844823847-725345543-1003\...\Policies\Explorer\Run: [Bonanza] => C:\Documents and Settings\Dom\Dane aplikacji\dssvjgdu\dtgbscww.exe [31936 2008-04-14] (Microsoft Corporation) HKU\S-1-5-21-1644491937-1844823847-725345543-1003\...\MountPoints2: {59ae6ce4-52a1-11e3-8844-886ea4ac45d5} - I:\setupSNK.exe HKU\S-1-5-21-1644491937-1844823847-725345543-1003\...\MountPoints2: {b4fc45b7-8f34-11e3-88b3-001fd0308521} - I:\LGAutoRun.exe HKU\S-1-5-21-1644491937-1844823847-725345543-1003\...\Winlogon: [Shell] explorer.exe,C:\Documents and Settings\Dom\Dane aplikacji\Other.res [39936 2008-04-14] () <==== ATTENTION IFEO\bitguard.exe: [Debugger] tasklist.exe IFEO\bprotect.exe: [Debugger] tasklist.exe IFEO\bpsvc.exe: [Debugger] tasklist.exe IFEO\browserdefender.exe: [Debugger] tasklist.exe IFEO\browserprotect.exe: [Debugger] tasklist.exe IFEO\browsersafeguard.exe: [Debugger] tasklist.exe IFEO\dprotectsvc.exe: [Debugger] tasklist.exe IFEO\protectedsearch.exe: [Debugger] tasklist.exe IFEO\searchprotection.exe: [Debugger] tasklist.exe IFEO\searchprotector.exe: [Debugger] tasklist.exe IFEO\snapdo.exe: [Debugger] tasklist.exe IFEO\stinst32.exe: [Debugger] tasklist.exe IFEO\stinst64.exe: [Debugger] tasklist.exe IFEO\utiljumpflip.exe: [Debugger] tasklist.exe HKLM\...\AppCertDlls: [x86] -> C:\Program Files\Movies Toolbar\Datamngr\apcrtldr.dll <===== ATTENTION HKLM\...\AppCertDlls: [x64] -> c:\program files\movies toolbar\datamngr\x64\apcrtldr.dll <===== ATTENTION ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.aartemis.com/web/?type=ds&ts=1387824641&from=cor&uid=SAMSUNGXHD252HJ_S17HJDWQ902519&q={searchTerms} HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.pl/ HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.aartemis.com/web/?type=ds&ts=1387824641&from=cor&uid=SAMSUNGXHD252HJ_S17HJDWQ902519&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.aartemis.com/web/?type=ds&ts=1387824641&from=cor&uid=SAMSUNGXHD252HJ_S17HJDWQ902519&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.aartemis.com/web/?type=ds&ts=1387824641&from=cor&uid=SAMSUNGXHD252HJ_S17HJDWQ902519&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = Toolbar: HKCU - &Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) Toolbar: HKCU - &Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.1.20 FireFox: ======== FF ProfilePath: C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\5l6pta32.default FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_206.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\Ask.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\delta-homes.xml FF HKLM\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\b0q0djk7.default\extensions\quick_start@gmail.com Chrome: ======= CHR StartupUrls: "hxxp://pl.msn.com/?pc=UP97&ocid=UP97DHP", "hxxp://www.search.ask.com/?tpid=SGTV7-SAT&o=APN11005&pf=V7&trgb=CR&p2=%5EB3R%5EYYYYYY%5EYY%5EPL&gct=hp&apn_ptnrs=%5EB3R&apn_dtid=%5EYYYYYY%5EYY%5EPL&apn_dbr=ff_28.0&apn_uid=94B09125-29B6-4D2A-896D-5D79F74F9DDA&itbv=12.10.6.5115&doi=2014-04-24&psv=" CHR DefaultSearchKeyword: bing.com CHR DefaultSearchProvider: Bing CHR DefaultSearchURL: http://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms} CHR DefaultNewTabURL: CHR Extension: (Movies Toolbar) - C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob [2014-03-15] CHR Extension: (Dokumenty Google) - C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-06] CHR Extension: (Dysk Google) - C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-06] CHR Extension: (YouTube) - C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-06] CHR Extension: (Szukaj w Google) - C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-06] CHR Extension: (Google Wallet) - C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-06] CHR Extension: (Extended Protection) - C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo [2014-02-26] CHR Extension: (Gmail) - C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-06] CHR HKLM\...\Chrome\Extension: [aaaaabcbmongicmdegkmmfgdickgnnob] - C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\ilividmoviestoolbar181\GC\toolbar.crx [2013-12-11] CHR HKLM\...\Chrome\Extension: [ogfjmhfnldnajmfaofeiaepghjenbgjo] - C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ep.crx [2014-02-26] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ========================== Services (Whitelisted) ================= Locked "33bfcc078e2084d8" service could not be unlocked. <===== ATTENTION S3 EhttpSrv; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [19200 2008-08-18] (ESET) R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [468224 2008-08-18] (ESET) R2 Wpm; C:\Documents and Settings\All Users\Dane aplikacji\WPM\wprotectmanager.exe [501904 2014-02-26] (Cherished Technololgy LIMITED) ==================== Drivers (Whitelisted) ==================== R0 ACPI; C:\WINDOWS\System32\DRIVERS\ACPI.sys [188544 2008-04-14] () S4 ACPIEC; C:\WINDOWS\system32\Drivers\ACPIEC.sys [12032 2001-10-26] () S3 aec; C:\WINDOWS\System32\drivers\aec.sys [142592 2008-04-13] () R1 AFD; C:\WINDOWS\System32\drivers\afd.sys [138112 2008-04-14] () R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [43520 2006-06-19] () S3 AndNetDiag; C:\WINDOWS\System32\DRIVERS\lgandnetdiag.sys [23040 2012-07-03] () S3 ANDNetModem; C:\WINDOWS\System32\DRIVERS\lgandnetmodem.sys [27776 2012-07-03] () S3 AsyncMac; C:\WINDOWS\System32\DRIVERS\asyncmac.sys [14336 2008-04-14] () R0 atapi; C:\WINDOWS\System32\DRIVERS\atapi.sys [96512 2008-04-14] () R3 ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2870784 2008-03-13] () S3 Atmarpc; C:\WINDOWS\System32\DRIVERS\atmarpc.sys [59904 2008-04-14] () R3 audstub; C:\WINDOWS\System32\DRIVERS\audstub.sys [3072 2001-08-17] () R1 Beep; C:\WINDOWS\system32\Drivers\Beep.sys [4224 2001-08-18] () S4 cbidf2k; C:\WINDOWS\system32\Drivers\cbidf2k.sys [13952 2001-08-18] () S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] () S1 Cdaudio; C:\WINDOWS\system32\Drivers\Cdaudio.sys [18688 2006-08-10] () R4 Cdfs; C:\WINDOWS\system32\Drivers\Cdfs.sys [63744 2008-04-14] () R1 Cdrom; C:\WINDOWS\System32\DRIVERS\cdrom.sys [62976 2008-05-02] () R0 Disk; C:\WINDOWS\System32\DRIVERS\disk.sys [36352 2008-04-14] () S4 dmboot; C:\WINDOWS\System32\drivers\dmboot.sys [800000 2008-04-14] () R0 dmio; C:\WINDOWS\System32\drivers\dmio.sys [153856 2008-04-14] () R0 dmload; C:\WINDOWS\System32\drivers\dmload.sys [5888 2001-08-18] () S3 DMusic; C:\WINDOWS\System32\drivers\DMusic.sys [52864 2008-04-14] () S3 drmkaud; C:\WINDOWS\System32\drivers\drmkaud.sys [2944 2008-04-14] () S2 eamon; C:\WINDOWS\System32\DRIVERS\eamon.sys [39944 2008-08-18] (ESET) S1 easdrv; C:\WINDOWS\System32\DRIVERS\easdrv.sys [53256 2008-08-18] (ESET) S1 epfwtdir; C:\WINDOWS\System32\DRIVERS\epfwtdir.sys [34312 2008-08-18] () S4 Fastfat; C:\WINDOWS\system32\Drivers\Fastfat.sys [143744 2008-04-14] () S1 Fdc; C:\WINDOWS\system32\Drivers\Fdc.sys [27392 2008-04-14] () R1 Fips; C:\WINDOWS\system32\Drivers\Fips.sys [44672 2008-04-14] () S1 Flpydisk; C:\WINDOWS\system32\Drivers\Flpydisk.sys [20480 2008-04-14] () R0 FltMgr; C:\WINDOWS\System32\drivers\fltmgr.sys [129792 2008-04-14] () U1 Fs_Rec; C:\WINDOWS\system32\Drivers\Fs_Rec.sys [7936 2001-08-18] () R0 Ftdisk; C:\WINDOWS\System32\DRIVERS\ftdisk.sys [125568 2001-10-26] () S3 gdrv; C:\WINDOWS\gdrv.sys [15600 2014-04-17] () R3 Gpc; C:\WINDOWS\System32\DRIVERS\msgpc.sys [35072 2008-04-14] () R3 HDAudBus; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [144384 2008-04-13] () R3 hidusb; C:\WINDOWS\System32\DRIVERS\hidusb.sys [10368 2008-04-14] () R3 HTTP; C:\WINDOWS\System32\Drivers\HTTP.sys [264832 2008-04-14] () S1 i8042prt; C:\WINDOWS\System32\DRIVERS\i8042prt.sys [53248 2008-04-14] () R1 Imapi; C:\WINDOWS\System32\DRIVERS\imapi.sys [42112 2008-04-14] () R3 IntcAzAudAddService; C:\WINDOWS\System32\drivers\RtkHDAud.sys [4547584 2007-07-18] () S3 Ip6Fw; C:\WINDOWS\System32\drivers\ip6fw.sys [36608 2008-04-14] () S3 IpFilterDriver; C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys [32896 2001-08-18] () S3 IpInIp; C:\WINDOWS\System32\DRIVERS\ipinip.sys [20864 2008-04-14] () R3 IpNat; C:\WINDOWS\System32\DRIVERS\ipnat.sys [152832 2008-04-14] () R1 IPSec; C:\WINDOWS\System32\DRIVERS\ipsec.sys [75264 2008-04-14] () S3 IRENUM; C:\WINDOWS\System32\DRIVERS\irenum.sys [11264 2008-04-14] () R0 isapnp; C:\WINDOWS\System32\DRIVERS\isapnp.sys [37632 2008-04-14] () S2 jtps; C:\WINDOWS\SYSTEM32\DRIVERS\jtps.sys [484352 2014-04-26] () R1 Kbdclass; C:\WINDOWS\System32\DRIVERS\kbdclass.sys [24960 2008-04-14] () R1 kbdhid; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [14720 2008-04-14] () S3 kmixer; C:\WINDOWS\System32\drivers\kmixer.sys [172416 2008-04-14] () R0 KSecDD; C:\WINDOWS\system32\Drivers\KSecDD.sys [92288 2008-04-14] () S3 ManyCam; C:\WINDOWS\System32\DRIVERS\mcvidrv.sys [40736 2013-11-27] () S3 mcaudrv_simple; C:\WINDOWS\System32\drivers\mcaudrv.sys [29728 2013-12-06] () R1 mnmdd; C:\WINDOWS\system32\Drivers\mnmdd.sys [4224 2001-08-18] () S3 Modem; C:\WINDOWS\system32\Drivers\Modem.sys [30208 2008-04-14] () R1 Mouclass; C:\WINDOWS\System32\DRIVERS\mouclass.sys [23296 2008-04-14] () R3 mouhid; C:\WINDOWS\System32\DRIVERS\mouhid.sys [12160 2006-08-10] () R0 MountMgr; C:\WINDOWS\system32\Drivers\MountMgr.sys [42368 2008-04-14] () R3 MRxDAV; C:\WINDOWS\System32\DRIVERS\mrxdav.sys [180608 2008-04-14] () R1 MRxSmb; C:\WINDOWS\System32\DRIVERS\mrxsmb.sys [456576 2008-04-14] () R1 Msfs; C:\WINDOWS\system32\Drivers\Msfs.sys [19072 2008-04-14] () S3 MSKSSRV; C:\WINDOWS\System32\drivers\MSKSSRV.sys [7552 2008-04-14] () S3 MSPCLOCK; C:\WINDOWS\System32\drivers\MSPCLOCK.sys [5376 2008-04-14] () S3 MSPQM; C:\WINDOWS\System32\drivers\MSPQM.sys [4992 2008-04-14] () R3 mssmbios; C:\WINDOWS\System32\DRIVERS\mssmbios.sys [15488 2008-04-14] () S3 MSTEE; C:\WINDOWS\System32\drivers\MSTEE.sys [5504 2008-04-14] () R0 Mup; C:\WINDOWS\system32\Drivers\Mup.sys [105344 2008-04-14] () S3 NABTSFEC; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [85248 2008-04-14] () R0 NDIS; C:\WINDOWS\system32\Drivers\NDIS.sys [182656 2008-04-14] () S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] () R3 NdisTapi; C:\WINDOWS\System32\DRIVERS\ndistapi.sys [10112 2008-04-14] () R3 Ndisuio; C:\WINDOWS\System32\DRIVERS\ndisuio.sys [14592 2008-04-14] () R3 NdisWan; C:\WINDOWS\System32\DRIVERS\ndiswan.sys [91520 2008-04-14] () R3 NDProxy; C:\WINDOWS\system32\Drivers\NDProxy.sys [40576 2008-04-14] () R1 NetBIOS; C:\WINDOWS\System32\DRIVERS\netbios.sys [34688 2008-04-14] () R1 NetBT; C:\WINDOWS\System32\DRIVERS\netbt.sys [162816 2008-04-14] () R1 Npfs; C:\WINDOWS\system32\Drivers\Npfs.sys [30848 2008-04-14] () R4 Ntfs; C:\WINDOWS\system32\Drivers\Ntfs.sys [574976 2008-04-14] () R1 Null; C:\WINDOWS\system32\Drivers\Null.sys [2944 2001-08-18] () S3 nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [6738432 2007-05-11] () R0 nvata; C:\WINDOWS\System32\DRIVERS\nvata.sys [105472 2006-10-18] () R3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [58368 2006-11-27] () R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [19968 2006-11-27] () S3 NwlnkFlt; C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys [12416 2001-08-18] () S3 NwlnkFwd; C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys [32512 2001-08-18] () R3 Parport; C:\WINDOWS\System32\DRIVERS\parport.sys [80256 2008-04-14] () R0 PartMgr; C:\WINDOWS\system32\Drivers\PartMgr.sys [19712 2008-04-14] () R2 ParVdm; C:\WINDOWS\system32\Drivers\ParVdm.sys [6912 2001-10-26] () R0 PCI; C:\WINDOWS\System32\DRIVERS\pci.sys [68608 2008-04-14] () R0 PCIIde; C:\WINDOWS\System32\DRIVERS\pciide.sys [3456 2001-10-26] () S4 Pcmcia; C:\WINDOWS\system32\Drivers\Pcmcia.sys [120320 2008-04-14] () R3 PptpMiniport; C:\WINDOWS\System32\DRIVERS\raspptp.sys [48384 2008-04-14] () S1 Processor; C:\WINDOWS\System32\DRIVERS\processr.sys [39936 2008-04-14] () R3 PSched; C:\WINDOWS\System32\DRIVERS\psched.sys [69120 2008-04-14] () R3 Ptilink; C:\WINDOWS\System32\DRIVERS\ptilink.sys [17792 2001-08-18] () R1 RasAcd; C:\WINDOWS\System32\DRIVERS\rasacd.sys [8832 2001-08-18] () R3 Rasl2tp; C:\WINDOWS\System32\DRIVERS\rasl2tp.sys [51328 2008-04-14] () R3 RasPppoe; C:\WINDOWS\System32\DRIVERS\raspppoe.sys [41472 2008-04-14] () R3 Raspti; C:\WINDOWS\System32\DRIVERS\raspti.sys [16512 2001-08-18] () R1 Rdbss; C:\WINDOWS\System32\DRIVERS\rdbss.sys [175744 2008-04-14] () R1 RDPCDD; C:\WINDOWS\System32\DRIVERS\RDPCDD.sys [4224 2001-08-18] () R3 rdpdr; C:\WINDOWS\System32\DRIVERS\rdpdr.sys [196224 2008-04-14] () S3 RDPWD; C:\WINDOWS\system32\Drivers\RDPWD.sys [139656 2008-04-14] () R1 redbook; C:\WINDOWS\System32\DRIVERS\redbook.sys [58880 2008-04-14] () S3 Secdrv; C:\WINDOWS\System32\DRIVERS\secdrv.sys [20480 2008-04-13] () R3 serenum; C:\WINDOWS\System32\DRIVERS\serenum.sys [15744 2008-04-14] () R1 Serial; C:\WINDOWS\System32\DRIVERS\serial.sys [65280 2008-04-14] () S1 Sfloppy; C:\WINDOWS\system32\Drivers\Sfloppy.sys [11392 2008-04-14] () S3 SLIP; C:\WINDOWS\System32\DRIVERS\SLIP.sys [11136 2008-04-14] () S3 splitter; C:\WINDOWS\System32\drivers\splitter.sys [6272 2008-04-14] () R0 sr; C:\WINDOWS\System32\DRIVERS\sr.sys [73472 2008-04-14] () R3 Srv; C:\WINDOWS\System32\DRIVERS\srv.sys [334848 2008-04-14] () S3 streamip; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [15232 2008-04-14] () R3 swenum; C:\WINDOWS\System32\DRIVERS\swenum.sys [4352 2008-04-14] () S3 swmidi; C:\WINDOWS\System32\drivers\swmidi.sys [56576 2008-04-14] () R3 sysaudio; C:\WINDOWS\System32\drivers\sysaudio.sys [60800 2008-04-14] () R1 Tcpip; C:\WINDOWS\System32\DRIVERS\tcpip.sys [361344 2008-04-14] () S3 TDPIPE; C:\WINDOWS\system32\Drivers\TDPIPE.sys [12040 2008-04-14] () S3 TDTCP; C:\WINDOWS\system32\Drivers\TDTCP.sys [21896 2008-04-14] () R1 TermDD; C:\WINDOWS\System32\DRIVERS\termdd.sys [40840 2008-04-14] () S4 Udfs; C:\WINDOWS\system32\Drivers\Udfs.sys [66048 2008-04-14] () R3 Update; C:\WINDOWS\System32\DRIVERS\update.sys [384768 2008-04-14] () S3 usbaudio; C:\WINDOWS\System32\drivers\usbaudio.sys [60032 2008-04-14] () R3 usbccgp; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [32128 2008-04-14] () R3 usbehci; C:\WINDOWS\System32\DRIVERS\usbehci.sys [30208 2008-04-14] () R3 usbhub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [59520 2008-04-14] () R3 usbohci; C:\WINDOWS\System32\DRIVERS\usbohci.sys [17152 2008-04-14] () S3 usbscan; C:\WINDOWS\System32\DRIVERS\usbscan.sys [15104 2008-04-14] () R3 usbstor; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [26368 2008-04-14] () R3 usbvideo; C:\WINDOWS\System32\Drivers\usbvideo.sys [121984 2008-04-14] () R1 VgaSave; C:\WINDOWS\System32\drivers\vga.sys [20992 2008-04-14] () R0 VolSnap; C:\WINDOWS\system32\Drivers\VolSnap.sys [52864 2008-04-14] () R3 Wanarp; C:\WINDOWS\System32\DRIVERS\wanarp.sys [34560 2008-04-14] () R2 WCMVCAM; C:\WINDOWS\System32\DRIVERS\wcmvcam.sys [1068216 2012-04-15] () S3 Wdf01000; C:\WINDOWS\System32\Drivers\wdf01000.sys [444136 2009-07-14] () R3 wdmaud; C:\WINDOWS\System32\drivers\wdmaud.sys [83072 2008-04-14] () S3 WpdUsb; C:\WINDOWS\System32\DRIVERS\wpdusb.sys [38528 2006-10-18] () S3 WSTCODEC; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [19200 2008-04-14] () R0 WudfPf; C:\WINDOWS\System32\DRIVERS\WudfPf.sys [77568 2006-09-28] () S3 WudfRd; C:\WINDOWS\System32\DRIVERS\wudfrd.sys [82944 2006-09-28] () S2 zumbus; C:\WINDOWS\System32\DRIVERS\zumbus.sys [41472 2011-08-05] () S1 {7f2b4ad0-671a-477b-bcd4-79d041f50d27}t; C:\WINDOWS\System32\drivers\{7f2b4ad0-671a-477b-bcd4-79d041f50d27}t.sys [55232 2014-04-24] (StdLib) U5 33bfcc078e2084d8; C:\Windows\System32\Drivers\33bfcc078e2084d8.sys [55552 2014-04-24] () <===== ATTENTION Necurs Rootkit? S4 IntelIde; No ImagePath U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] () U1 WS2IFSL; ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-05-01 21:32 - 2014-05-01 21:32 - 00000000 ____D () C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\XulTest 2014-04-30 19:04 - 2014-04-30 19:04 - 00068608 _____ () C:\Documents and Settings\Dom\patgeasukump.exe 2014-04-27 18:15 - 2014-04-27 19:34 - 00000000 ____D () C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Company 2014-04-26 13:43 - 2014-04-26 13:43 - 00484352 _____ () C:\WINDOWS\system32\Drivers\jtps.sys 2014-04-25 18:37 - 2014-04-24 12:21 - 00055232 _____ (StdLib) C:\WINDOWS\system32\Drivers\{7f2b4ad0-671a-477b-bcd4-79d041f50d27}t.sys 2014-04-24 21:15 - 2014-04-24 21:15 - 00323584 _____ () C:\WINDOWS\system32\godouqui.exe 2014-04-24 19:47 - 2014-04-03 16:55 - 00000000 ____D () C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\VNT 2014-04-24 19:46 - 2014-04-24 19:46 - 00000000 ____D () C:\Program Files\GreenTree Applications 2014-04-24 19:46 - 2014-04-24 19:46 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\YTD Video Downloader 2014-04-24 19:46 - 2014-04-24 19:46 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\YTD Video Downloader 2014-04-24 19:13 - 2014-04-24 19:13 - 00055552 _____ () C:\WINDOWS\system32\Drivers\33bfcc078e2084d8.sys 2014-04-17 09:09 - 2005-05-03 12:43 - 00069632 ____R (Realtek Semiconductor Corp.) C:\WINDOWS\Alcmtr.exe 2014-04-17 09:04 - 2014-04-17 09:04 - 00000000 ____D () C:\Program Files\ESET 2014-04-17 09:04 - 2014-04-17 09:04 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\ESET 2014-04-17 09:04 - 2014-04-17 09:04 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\ESET 2014-04-17 09:00 - 2014-04-17 09:00 - 00000000 ____D () C:\Program Files\VS Revo Group 2014-04-17 08:55 - 2014-04-17 08:55 - 00000000 _____ () C:\WINDOWS\ativpsrm.bin 2014-04-17 08:55 - 2008-03-12 23:18 - 00307200 ____R (ATI Technologies Inc.) C:\WINDOWS\system32\atiiiexx.dll 2014-04-17 08:55 - 2008-03-12 23:17 - 00372736 ____R (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIDEMGX.dll 2014-04-17 08:55 - 2008-03-12 22:47 - 03107788 ____R () C:\WINDOWS\system32\ativvaxx.dat 2014-04-17 08:55 - 2008-03-12 22:47 - 03107788 ____R () C:\WINDOWS\system32\ativva5x.dat 2014-04-17 08:55 - 2008-03-12 22:47 - 00887724 ____R () C:\WINDOWS\system32\ativva6x.dat 2014-04-17 08:55 - 2008-03-06 16:40 - 00168883 ____R () C:\WINDOWS\system32\atiicdxx.dat 2014-04-17 08:55 - 2008-01-21 15:48 - 00012477 ____R () C:\WINDOWS\atiogl.xml 2014-04-17 08:55 - 2007-08-31 15:20 - 00007167 ____R () C:\WINDOWS\system32\atifglpf.xml 2014-04-17 08:54 - 2006-12-28 18:45 - 00128000 ____R (ATI Research Inc.) C:\WINDOWS\system32\Drivers\AtiHdAud.sys 2014-04-15 15:46 - 2014-04-17 08:52 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.dat 2014-04-03 20:58 - 2014-04-03 20:59 - 00000000 ____D () C:\FRST 2014-04-03 20:55 - 2014-04-03 20:55 - 00141356 _____ () C:\Documents and Settings\Dom\Pulpit\OTL.Txt 2014-04-03 20:55 - 2014-04-03 20:55 - 00141356 _____ () C:\Documents and Settings\Dom\Pulpit\dgdfg.Txt 2014-04-03 20:55 - 2014-04-03 20:55 - 00024168 _____ () C:\Documents and Settings\Dom\Pulpit\Extras.Txt 2014-04-03 20:45 - 2014-04-03 20:45 - 03148854 _____ () C:\Documents and Settings\Dom\Pulpit\face.bmp 2014-04-03 20:28 - 2014-04-03 20:28 - 00000000 ____D () C:\Documents and Settings\Dom\Dane aplikacji\XulTest 2014-04-03 20:19 - 2014-04-03 20:19 - 00000730 _____ () C:\Documents and Settings\All Users\Menu Start\Programy\Mozilla Firefox.lnk 2014-04-03 20:19 - 2014-04-03 20:19 - 00000724 _____ () C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk 2014-04-03 20:19 - 2014-04-03 20:19 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-04-03 20:17 - 2014-04-03 20:19 - 29772880 _____ (Mozilla) C:\Documents and Settings\Dom\Pulpit\Firefox-Setup-29-0_PL.exe 2014-04-03 20:15 - 2014-04-03 20:26 - 00000161 _____ () C:\WINDOWS\WindowsUpdate.log 2014-04-03 20:11 - 2014-04-03 20:11 - 00049576 _____ () C:\Documents and Settings\Dom\Pulpit\Kopia rejestr3.reg 2014-04-03 20:11 - 2014-04-03 20:11 - 00000322 _____ () C:\Documents and Settings\Dom\Pulpit\Kopia rejestr4.reg 2014-04-03 20:06 - 2014-04-03 20:20 - 00000000 ____D () C:\Documents and Settings\Dom\Dane aplikacji\Mozilla 2014-04-03 19:58 - 2014-04-03 19:58 - 00000000 ____D () C:\WINDOWS\system32\appmgmt 2014-04-03 19:47 - 2014-04-03 19:47 - 00001376 _____ () C:\Documents and Settings\Dom\Pulpit\Kopia rejestr2.reg 2014-04-03 19:46 - 2014-04-03 19:46 - 00036114 _____ () C:\Documents and Settings\Dom\Pulpit\Kopia rejestr.reg 2014-04-03 19:43 - 2014-04-03 19:43 - 00000682 _____ () C:\Documents and Settings\All Users\Pulpit\CCleaner.lnk 2014-04-03 19:43 - 2014-04-03 19:43 - 00000000 ____D () C:\Program Files\CCleaner 2014-04-03 19:43 - 2014-04-03 19:43 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\CCleaner 2014-04-03 16:49 - 2014-04-03 16:49 - 00000000 ____D () C:\Documents and Settings\Gość\Dane aplikacji\WinZipper 2014-04-03 16:45 - 2014-04-03 16:45 - 00000000 ____D () C:\Documents and Settings\Gość\Ustawienia lokalne\Dane aplikacji\Google 2014-04-03 16:43 - 2014-04-03 16:43 - 00000000 ____D () C:\Documents and Settings\Gość\Ustawienia lokalne\Dane aplikacji\Opera Software 2014-04-03 16:42 - 2014-04-03 16:55 - 00000000 ___HD () C:\Documents and Settings\Gość\Ustawienia lokalne\Dane aplikacji 2014-04-03 16:42 - 2014-04-03 16:49 - 00000000 __RHD () C:\Documents and Settings\Gość\Dane aplikacji 2014-04-03 16:42 - 2014-04-03 16:42 - 00000792 _____ () C:\Documents and Settings\Gość\Menu Start\Programy\Windows Media Player.lnk 2014-04-03 16:42 - 2014-04-03 16:42 - 00000767 _____ () C:\Documents and Settings\Gość\Menu Start\Programy\Internet Explorer.lnk 2014-04-03 16:42 - 2014-04-03 16:42 - 00000738 _____ () C:\Documents and Settings\Gość\Menu Start\Programy\Outlook Express.lnk 2014-04-03 16:42 - 2014-04-03 16:42 - 00000020 ___SH () C:\Documents and Settings\Gość\ntuser.ini 2014-04-03 16:42 - 2014-04-03 16:42 - 00000000 ___SD () C:\Documents and Settings\Gość\Ustawienia lokalne\Historia 2014-04-03 16:42 - 2014-04-03 16:42 - 00000000 ___RD () C:\Documents and Settings\Gość\Ulubione 2014-04-03 16:42 - 2014-04-03 16:42 - 00000000 ___RD () C:\Documents and Settings\Gość\Moje dokumenty\Moje obrazy 2014-04-03 16:42 - 2014-04-03 16:42 - 00000000 ___RD () C:\Documents and Settings\Gość\Moje dokumenty\Moja muzyka 2014-04-03 16:42 - 2014-04-03 16:42 - 00000000 ___RD () C:\Documents and Settings\Gość\Moje dokumenty 2014-04-03 16:42 - 2014-04-03 16:42 - 00000000 ___RD () C:\Documents and Settings\Gość\Menu Start\Programy\Akcesoria 2014-04-03 16:42 - 2014-04-03 16:42 - 00000000 ___RD () C:\Documents and Settings\Gość\Menu Start\Programy 2014-04-03 16:42 - 2014-04-03 16:42 - 00000000 ____D () C:\Documents and Settings\Gość\Dane aplikacji\Opera Software 2014-04-03 16:42 - 2014-04-03 16:42 - 00000000 ____D () C:\Documents and Settings\Gość 2014-04-03 16:42 - 2013-11-21 13:45 - 00000000 ___RD () C:\Documents and Settings\Gość\Menu Start\Programy\Autostart 2014-04-03 16:42 - 2013-11-21 13:45 - 00000000 ___RD () C:\Documents and Settings\Gość\Menu Start 2014-04-03 16:42 - 2013-11-21 13:45 - 00000000 ___HD () C:\Documents and Settings\Gość\Ustawienia lokalne 2014-04-03 16:42 - 2013-11-21 13:45 - 00000000 ____D () C:\Documents and Settings\Gość\Pulpit 2014-04-03 16:42 - 2013-11-21 12:55 - 00001599 _____ () C:\Documents and Settings\Gość\Menu Start\Programy\Pomoc zdalna.lnk 2014-04-03 16:42 - 2013-11-21 12:52 - 00000000 ___HD () C:\Documents and Settings\Gość\Szablony 2014-03-31 21:32 - 2014-04-03 20:19 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-03-27 15:57 - 2014-03-27 16:01 - 00055296 ____H () C:\Documents and Settings\Dom\Pulpit\photothumb.db 2014-03-27 15:48 - 2014-03-27 16:34 - 00000000 ____D () C:\Program Files\PhotoScape 2014-03-27 15:48 - 2014-03-27 16:01 - 00005120 ____H () C:\Documents and Settings\Dom\Moje dokumenty\photothumb.db 2014-03-27 15:48 - 2014-03-27 15:48 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\PhotoScape 2014-03-27 11:47 - 2014-04-17 09:03 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software 2014-03-22 12:38 - 2014-03-22 12:38 - 00055232 _____ () C:\WINDOWS\system32\Drivers\tStLib.sys 2014-03-20 22:24 - 2014-04-23 16:11 - 00000000 ____D () C:\Documents and Settings\Dom\Moje dokumenty\Bandicam 2014-03-20 22:24 - 2014-04-03 17:00 - 00000000 ____D () C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Opera Software 2014-03-20 22:24 - 2014-04-03 17:00 - 00000000 ____D () C:\Documents and Settings\Dom\Dane aplikacji\Opera Software 2014-03-20 22:24 - 2014-03-20 22:24 - 00000000 ____D () C:\Program Files\Bandicam 2014-03-20 22:24 - 2014-03-20 22:24 - 00000000 ____D () C:\Documents and Settings\Dom\Dane aplikacji\BANDISOFT 2014-03-20 22:24 - 2014-03-20 22:24 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Bandicam 2014-03-20 22:23 - 2014-04-03 17:00 - 00000000 ____D () C:\Program Files\Opera 2014-03-20 18:25 - 2014-03-20 18:31 - 00000000 ____D () C:\293354ca68fd86f71cc3 2014-03-17 18:47 - 2014-03-17 18:47 - 00000000 __SHD () C:\found.000 2014-03-16 20:46 - 2014-03-16 20:46 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-03-16 20:46 - 2014-03-16 20:46 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Silverlight 2014-03-15 13:43 - 2014-03-27 11:59 - 00000000 ____D () C:\Program Files\Movies Toolbar 2014-03-15 13:43 - 2014-03-27 11:55 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Datamngr 2014-03-15 13:43 - 2014-03-15 13:43 - 00000000 ____D () C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\ilividmoviestoolbar181 2014-03-15 13:43 - 2014-03-15 13:43 - 00000000 ____D () C:\Documents and Settings\Dom\Dane aplikacji\ilividmoviestoolbar181 2014-03-15 13:43 - 2014-03-15 13:43 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Wincert 2014-03-15 13:42 - 2014-03-15 13:42 - 00000000 ____D () C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\iLivid 2014-03-09 12:59 - 2014-03-09 12:59 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\GG ==================== One Month Modified Files and Folders ======= 2014-05-03 12:20 - 2013-12-19 20:32 - 00000000 ____D () C:\Documents and Settings\Dom\Dane aplikacji\Skype 2014-05-01 21:32 - 2014-05-01 21:32 - 00000000 ____D () C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\XulTest 2014-04-30 22:26 - 2013-12-30 13:39 - 00000000 ____D () C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\GG 2014-04-30 19:04 - 2014-04-30 19:04 - 00068608 _____ () C:\Documents and Settings\Dom\patgeasukump.exe 2014-04-29 21:55 - 2013-12-19 20:31 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Skype 2014-04-27 19:34 - 2014-04-27 18:15 - 00000000 ____D () C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Company 2014-04-26 13:43 - 2014-04-26 13:43 - 00484352 _____ () C:\WINDOWS\system32\Drivers\jtps.sys 2014-04-25 18:05 - 2013-11-21 12:58 - 00000000 ___RD () C:\Documents and Settings\Dom\Moje dokumenty 2014-04-24 21:15 - 2014-04-24 21:15 - 00323584 _____ () C:\WINDOWS\system32\godouqui.exe 2014-04-24 19:46 - 2014-04-24 19:46 - 00000000 ____D () C:\Program Files\GreenTree Applications 2014-04-24 19:46 - 2014-04-24 19:46 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\YTD Video Downloader 2014-04-24 19:46 - 2014-04-24 19:46 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\YTD Video Downloader 2014-04-24 19:13 - 2014-04-24 19:13 - 00055552 _____ () C:\WINDOWS\system32\Drivers\33bfcc078e2084d8.sys 2014-04-24 12:21 - 2014-04-25 18:37 - 00055232 _____ (StdLib) C:\WINDOWS\system32\Drivers\{7f2b4ad0-671a-477b-bcd4-79d041f50d27}t.sys 2014-04-23 16:11 - 2014-03-20 22:24 - 00000000 ____D () C:\Documents and Settings\Dom\Moje dokumenty\Bandicam 2014-04-22 18:42 - 2013-12-19 17:30 - 00201216 ___SH () C:\Documents and Settings\Dom\Pulpit\Thumbs.db 2014-04-17 09:10 - 2013-11-21 13:13 - 00000000 ____D () C:\WINDOWS\system32\RTCOM 2014-04-17 09:09 - 2013-11-21 13:14 - 00000000 ____D () C:\WINDOWS\system32\ReinstallBackups 2014-04-17 09:09 - 2013-11-21 13:12 - 00000000 ____D () C:\Program Files\Realtek 2014-04-17 09:08 - 2013-11-21 12:59 - 00015600 _____ () C:\WINDOWS\gdrv.sys 2014-04-17 09:04 - 2014-04-17 09:04 - 00000000 ____D () C:\Program Files\ESET 2014-04-17 09:04 - 2014-04-17 09:04 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\ESET 2014-04-17 09:04 - 2014-04-17 09:04 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\ESET 2014-04-17 09:03 - 2014-03-27 11:47 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software 2014-04-17 09:00 - 2014-04-17 09:00 - 00000000 ____D () C:\Program Files\VS Revo Group 2014-04-17 08:55 - 2014-04-17 08:55 - 00000000 _____ () C:\WINDOWS\ativpsrm.bin 2014-04-17 08:52 - 2014-04-15 15:46 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.dat 2014-04-15 15:49 - 2013-11-21 13:39 - 00000000 ____D () C:\WINDOWS\Help 2014-04-03 20:59 - 2014-04-03 20:58 - 00000000 ____D () C:\FRST 2014-04-03 20:59 - 2013-11-21 13:58 - 00000000 ____D () C:\Documents and Settings\Dom\Moje dokumenty\Pobieranie 2014-04-03 20:56 - 2014-02-06 19:40 - 00001030 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-04-03 20:56 - 2013-11-21 12:58 - 00000000 ____D () C:\Documents and Settings\Dom\Pulpit 2014-04-03 20:55 - 2014-04-03 20:55 - 00141356 _____ () C:\Documents and Settings\Dom\Pulpit\OTL.Txt 2014-04-03 20:55 - 2014-04-03 20:55 - 00141356 _____ () C:\Documents and Settings\Dom\Pulpit\dgdfg.Txt 2014-04-03 20:55 - 2014-04-03 20:55 - 00024168 _____ () C:\Documents and Settings\Dom\Pulpit\Extras.Txt 2014-04-03 20:45 - 2014-04-03 20:45 - 03148854 _____ () C:\Documents and Settings\Dom\Pulpit\face.bmp 2014-04-03 20:44 - 2013-12-30 13:39 - 00000000 ____D () C:\Documents and Settings\Dom\Dane aplikacji\GG 2014-04-03 20:43 - 2014-02-06 19:40 - 00001026 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-04-03 20:43 - 2013-11-21 13:47 - 00000159 _____ () C:\WINDOWS\wiadebug.log 2014-04-03 20:43 - 2013-11-21 13:47 - 00000050 _____ () C:\WINDOWS\wiaservc.log 2014-04-03 20:43 - 2013-11-21 12:57 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-04-03 20:28 - 2014-04-03 20:28 - 00000000 ____D () C:\Documents and Settings\Dom\Dane aplikacji\XulTest 2014-04-03 20:28 - 2013-11-21 12:58 - 00000000 __RHD () C:\Documents and Settings\Dom\Dane aplikacji 2014-04-03 20:27 - 2013-11-21 13:44 - 00103032 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-04-03 20:27 - 2013-11-21 12:57 - 00032446 _____ () C:\WINDOWS\SchedLgU.Txt 2014-04-03 20:26 - 2014-04-03 20:15 - 00000161 _____ () C:\WINDOWS\WindowsUpdate.log 2014-04-03 20:26 - 2013-11-21 12:58 - 00000188 ___SH () C:\Documents and Settings\Dom\ntuser.ini 2014-04-03 20:25 - 2013-11-21 14:01 - 00692104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2014-04-03 20:25 - 2013-11-21 14:01 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2014-04-03 20:20 - 2014-04-03 20:06 - 00000000 ____D () C:\Documents and Settings\Dom\Dane aplikacji\Mozilla 2014-04-03 20:19 - 2014-04-03 20:19 - 00000730 _____ () C:\Documents and Settings\All Users\Menu Start\Programy\Mozilla Firefox.lnk 2014-04-03 20:19 - 2014-04-03 20:19 - 00000724 _____ () C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk 2014-04-03 20:19 - 2014-04-03 20:19 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-04-03 20:19 - 2014-04-03 20:17 - 29772880 _____ (Mozilla) C:\Documents and Settings\Dom\Pulpit\Firefox-Setup-29-0_PL.exe 2014-04-03 20:19 - 2014-03-31 21:32 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-04-03 20:19 - 2013-11-21 13:45 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy 2014-04-03 20:19 - 2013-11-21 13:45 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit 2014-04-03 20:14 - 2013-11-21 13:57 - 00015456 _____ () C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT 2014-04-03 20:11 - 2014-04-03 20:11 - 00049576 _____ () C:\Documents and Settings\Dom\Pulpit\Kopia rejestr3.reg 2014-04-03 20:11 - 2014-04-03 20:11 - 00000322 _____ () C:\Documents and Settings\Dom\Pulpit\Kopia rejestr4.reg 2014-04-03 20:10 - 2013-11-21 12:58 - 00000000 ____D () C:\Documents and Settings\Dom 2014-04-03 20:09 - 2014-02-04 20:09 - 00000432 _____ () C:\WINDOWS\Tasks\At2.job 2014-04-03 20:08 - 2014-02-26 14:17 - 00000000 ____D () C:\Program Files\WinZipper 2014-04-03 20:08 - 2013-11-21 12:52 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy\Gry 2014-04-03 20:04 - 2013-11-21 14:01 - 00000930 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-04-03 20:03 - 2013-12-30 13:27 - 00000000 ____D () C:\Program Files\BonanzaDeals 2014-04-03 20:03 - 2013-11-21 13:40 - 00000000 ____D () C:\Documents and Settings\Dom\Dane aplikacji\ESTsoft 2014-04-03 20:03 - 2013-11-21 13:40 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\ESTsoft 2014-04-03 20:03 - 2013-11-21 12:58 - 00000000 ___RD () C:\Documents and Settings\Dom\Menu Start\Programy 2014-04-03 20:00 - 2014-02-26 14:17 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\IePluginService 2014-04-03 19:59 - 2013-12-23 20:51 - 00000000 ____D () C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Mobogenie 2014-04-03 19:59 - 2013-12-23 20:50 - 00000000 ____D () C:\Documents and Settings\Dom\Menu Start\Programy\Mobogenie 2014-04-03 19:59 - 2013-11-21 12:58 - 00000000 ___HD () C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji 2014-04-03 19:58 - 2014-04-03 19:58 - 00000000 ____D () C:\WINDOWS\system32\appmgmt 2014-04-03 19:58 - 2014-02-26 14:17 - 00000000 ____D () C:\Program Files\SupTab 2014-04-03 19:58 - 2013-12-23 21:15 - 00000000 ____D () C:\Documents and Settings\Dom\Menu Start\Programy\Steam 2014-04-03 19:56 - 2013-12-23 12:24 - 00000000 ____D () C:\Program Files\ToonCar Demo 2014-04-03 19:53 - 2001-07-22 02:16 - 00000677 _____ () C:\WINDOWS\win.ini 2014-04-03 19:49 - 2013-12-23 20:50 - 00000000 ____D () C:\Documents and Settings\Dom\Dane aplikacji\aartemis 2014-04-03 19:47 - 2014-04-03 19:47 - 00001376 _____ () C:\Documents and Settings\Dom\Pulpit\Kopia rejestr2.reg 2014-04-03 19:46 - 2014-04-03 19:46 - 00036114 _____ () C:\Documents and Settings\Dom\Pulpit\Kopia rejestr.reg 2014-04-03 19:46 - 2014-02-06 19:44 - 00001819 _____ () C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk 2014-04-03 19:46 - 2013-11-21 12:58 - 00000767 _____ () C:\Documents and Settings\Dom\Menu Start\Programy\Internet Explorer.lnk 2014-04-03 19:43 - 2014-04-03 19:43 - 00000682 _____ () C:\Documents and Settings\All Users\Pulpit\CCleaner.lnk 2014-04-03 19:43 - 2014-04-03 19:43 - 00000000 ____D () C:\Program Files\CCleaner 2014-04-03 19:43 - 2014-04-03 19:43 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\CCleaner 2014-04-03 19:37 - 2014-02-06 17:37 - 00000000 ____D () C:\Documents and Settings\Dom\.gimp-2.8 2014-04-03 19:29 - 2013-12-14 23:36 - 00000000 ____D () C:\Documents and Settings\Dom\Pulpit\Klaudia 2014-04-03 19:28 - 2013-12-30 15:12 - 00000000 ___SD () C:\Documents and Settings\Dom\GG dysk 2014-04-03 19:26 - 2013-11-27 22:39 - 00015872 _____ () C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-04-03 17:46 - 2014-03-01 11:07 - 00002267 _____ () C:\Documents and Settings\All Users\Pulpit\Skype.lnk 2014-04-03 17:00 - 2014-03-20 22:24 - 00000000 ____D () C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Opera Software 2014-04-03 17:00 - 2014-03-20 22:24 - 00000000 ____D () C:\Documents and Settings\Dom\Dane aplikacji\Opera Software 2014-04-03 17:00 - 2014-03-20 22:23 - 00000000 ____D () C:\Program Files\Opera 2014-04-03 16:56 - 2013-12-24 12:55 - 00000000 ____D () C:\Counter-Strike Source 2014-04-03 16:55 - 2014-04-24 19:47 - 00000000 ____D () C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\VNT 2014-04-03 16:55 - 2014-04-03 16:42 - 00000000 ___HD () C:\Documents and Settings\Gość\Ustawienia lokalne\Dane aplikacji 2014-04-03 16:55 - 2013-11-21 13:44 - 00000000 __RHD () C:\Documents and Settings\All Users\Dane aplikacji 2014-04-03 16:49 - 2014-04-03 16:49 - 00000000 ____D () C:\Documents and Settings\Gość\Dane aplikacji\WinZipper 2014-04-03 16:49 - 2014-04-03 16:42 - 00000000 __RHD () C:\Documents and Settings\Gość\Dane aplikacji 2014-04-03 16:45 - 2014-04-03 16:45 - 00000000 ____D () C:\Documents and Settings\Gość\Ustawienia lokalne\Dane aplikacji\Google 2014-04-03 16:43 - 2014-04-03 16:43 - 00000000 ____D () C:\Documents and Settings\Gość\Ustawienia lokalne\Dane aplikacji\Opera Software 2014-04-03 16:42 - 2014-04-03 16:42 - 00000792 _____ () C:\Documents and Settings\Gość\Menu Start\Programy\Windows Media Player.lnk 2014-04-03 16:42 - 2014-04-03 16:42 - 00000767 _____ () C:\Documents and Settings\Gość\Menu Start\Programy\Internet Explorer.lnk 2014-04-03 16:42 - 2014-04-03 16:42 - 00000738 _____ () C:\Documents and Settings\Gość\Menu Start\Programy\Outlook Express.lnk 2014-04-03 16:42 - 2014-04-03 16:42 - 00000020 ___SH () C:\Documents and Settings\Gość\ntuser.ini 2014-04-03 16:42 - 2014-04-03 16:42 - 00000000 ___SD () C:\Documents and Settings\Gość\Ustawienia lokalne\Historia 2014-04-03 16:42 - 2014-04-03 16:42 - 00000000 ___RD () C:\Documents and Settings\Gość\Ulubione 2014-04-03 16:42 - 2014-04-03 16:42 - 00000000 ___RD () C:\Documents and Settings\Gość\Moje dokumenty\Moje obrazy 2014-04-03 16:42 - 2014-04-03 16:42 - 00000000 ___RD () C:\Documents and Settings\Gość\Moje dokumenty\Moja muzyka 2014-04-03 16:42 - 2014-04-03 16:42 - 00000000 ___RD () C:\Documents and Settings\Gość\Moje dokumenty 2014-04-03 16:42 - 2014-04-03 16:42 - 00000000 ___RD () C:\Documents and Settings\Gość\Menu Start\Programy\Akcesoria 2014-04-03 16:42 - 2014-04-03 16:42 - 00000000 ___RD () C:\Documents and Settings\Gość\Menu Start\Programy 2014-04-03 16:42 - 2014-04-03 16:42 - 00000000 ____D () C:\Documents and Settings\Gość\Dane aplikacji\Opera Software 2014-04-03 16:42 - 2014-04-03 16:42 - 00000000 ____D () C:\Documents and Settings\Gość 2014-04-03 13:39 - 2001-07-22 02:17 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl 2014-03-31 17:36 - 2013-11-21 12:58 - 00000000 ___RD () C:\Documents and Settings\Dom\Moje dokumenty\Moje obrazy 2014-03-30 10:37 - 2013-11-21 13:45 - 00984778 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2014-03-30 10:37 - 2001-10-26 20:15 - 00448348 _____ () C:\WINDOWS\system32\perfh015.dat 2014-03-30 10:37 - 2001-10-26 20:15 - 00074450 _____ () C:\WINDOWS\system32\perfc015.dat 2014-03-27 16:34 - 2014-03-27 15:48 - 00000000 ____D () C:\Program Files\PhotoScape 2014-03-27 16:01 - 2014-03-27 15:57 - 00055296 ____H () C:\Documents and Settings\Dom\Pulpit\photothumb.db 2014-03-27 16:01 - 2014-03-27 15:48 - 00005120 ____H () C:\Documents and Settings\Dom\Moje dokumenty\photothumb.db 2014-03-27 15:48 - 2014-03-27 15:48 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\PhotoScape 2014-03-27 12:00 - 2013-12-23 20:51 - 00000000 ____D () C:\Documents and Settings\Dom\Dane aplikacji\newnext.me 2014-03-27 11:59 - 2014-03-15 13:43 - 00000000 ____D () C:\Program Files\Movies Toolbar 2014-03-27 11:55 - 2014-03-15 13:43 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Datamngr 2014-03-26 12:09 - 2014-01-08 19:09 - 00000174 _____ () C:\Documents and Settings\NetworkService\Dane aplikacji\WB.CFG 2014-03-22 12:38 - 2014-03-22 12:38 - 00055232 _____ () C:\WINDOWS\system32\Drivers\tStLib.sys 2014-03-21 20:12 - 2014-01-30 23:38 - 00000000 ____D () C:\Documents and Settings\Dom\Dane aplikacji\Audacity 2014-03-20 22:24 - 2014-03-20 22:24 - 00000000 ____D () C:\Program Files\Bandicam 2014-03-20 22:24 - 2014-03-20 22:24 - 00000000 ____D () C:\Documents and Settings\Dom\Dane aplikacji\BANDISOFT 2014-03-20 22:24 - 2014-03-20 22:24 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Bandicam 2014-03-20 18:31 - 2014-03-20 18:25 - 00000000 ____D () C:\293354ca68fd86f71cc3 2014-03-20 17:59 - 2013-12-23 20:51 - 00000000 ____D () C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\cache 2014-03-17 18:47 - 2014-03-17 18:47 - 00000000 __SHD () C:\found.000 2014-03-16 20:46 - 2014-03-16 20:46 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-03-16 20:46 - 2014-03-16 20:46 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Silverlight 2014-03-15 13:43 - 2014-03-15 13:43 - 00000000 ____D () C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\ilividmoviestoolbar181 2014-03-15 13:43 - 2014-03-15 13:43 - 00000000 ____D () C:\Documents and Settings\Dom\Dane aplikacji\ilividmoviestoolbar181 2014-03-15 13:43 - 2014-03-15 13:43 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Wincert 2014-03-15 13:42 - 2014-03-15 13:42 - 00000000 ____D () C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\iLivid 2014-03-09 12:59 - 2014-03-09 12:59 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\GG Files to move or delete: ==================== C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\Dyow\neoh.exe C:\Documents and Settings\Dom\patgeasukump.exe C:\Windows\Tasks\At2.job Some content of TEMP: ==================== C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\45.tmp.exe C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\4E.tmp.exe C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\AB.tmp.exe C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\bdfilters.dll C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\DefaultTabSetup2.exe C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpntchv9.dll C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\ggdrive-menu.exe C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\ggdrive-overlay.exe C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\ICReinstall_FreeYouTubeDownloaderInstallerIC.exe C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\ICReinstall_gadu-gadu-10.exe C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\ICReinstall_Tux Paint 0.9.21c_isdmgr.exe C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\installstats.exe C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\setup_wm.exe ==================== Bamital & volsnap Check ================= C:\WINDOWS\explorer.exe [2004-08-04 02:44] - [2008-04-14 23:51] - 1035264 ____A (Microsoft Corporation) c791ed9eac5e76d9525e157b1d7a599a C:\WINDOWS\system32\winlogon.exe [2004-08-04 02:44] - [2008-04-14 23:51] - 0510464 ____A (Microsoft Corporation) 51fd2e13d723857b9ca239ae77150f48 C:\WINDOWS\system32\svchost.exe [2004-08-04 02:44] - [2008-04-14 23:51] - 0014336 ____A (Microsoft Corporation) 8607d35d92528e2df386f19a960d23ce C:\WINDOWS\system32\services.exe [2004-08-04 02:44] - [2008-04-14 23:51] - 0109056 ____A (Microsoft Corporation) 3e3ae424e27c4cefe4cab368c7b570ea C:\WINDOWS\system32\User32.dll [2006-08-10 15:50] - [2008-04-14 23:50] - 0580096 ____A (Microsoft Corporation) a435c5c069afd901751ac323ad238793 C:\WINDOWS\system32\userinit.exe [2004-08-04 02:44] - [2008-04-14 23:51] - 0026624 ____A (Microsoft Corporation) 2a5b37d520508be6570a3ea79695f5b5 C:\WINDOWS\system32\rpcss.dll [2006-08-10 15:54] - [2008-04-14 23:50] - 0399360 ____A (Microsoft Corporation) 02396dab9dd407b06539981f477f3fec ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected. C:\WINDOWS\system32\Drivers\volsnap.sys [2004-08-04 02:36] - [2008-04-14 22:31] - 0052864 ____A () C:\WINDOWS\system32\Drivers\volsnap.sys No Company Name <===== ATTENTION! ==================== End Of Log ============================