Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:06-05-2014 Ran by Dom (administrator) on AGA on 06-04-2014 13:12:38 Running from C:\Documents and Settings\Dom\Moje dokumenty\Pobieranie Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polish Internet Explorer Version 6 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (Microsoft Corporation) C:\WINDOWS\system32\savedump.exe (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe (Cherished Technololgy LIMITED) C:\Documents and Settings\All Users\Dane aplikacji\WPM\wprotectmanager.exe (Google Inc.) C:\Program Files\Google\Update\1.3.23.9\GoogleCrashHandler.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe () C:\WINDOWS\system32\godouqui.exe () C:\Program Files\WebcamMax\wcmmon.exe (Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe () C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\Dyow\neoh.exe (Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (Skype Technologies) C:\Program Files\Skype\Updater\Updater.exe (Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe () C:\DOCUME~1\Dom\USTAWI~1\Temp\gmpjfa53FEC2FE.tmp (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [SkyTel] => C:\WINDOWS\SkyTel.EXE [1826816 2007-06-15] (Realtek Semiconductor Corp.) HKLM\...\Run: [NvCplDaemon] => C:\WINDOWS\system32\NvCpl.dll [8429568 2007-05-11] (NVIDIA Corporation) HKLM\...\Run: [nwiz] => nwiz.exe /install HKLM\...\Run: [NvMediaCenter] => C:\WINDOWS\system32\NvMcTray.dll [81920 2007-05-11] (NVIDIA Corporation) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [1447168 2008-08-18] (ESET) HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16380416 2007-07-05] (Realtek Semiconductor Corp.) HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.) HKLM\...\Run: [fejom] => C:\WINDOWS\system32\godouqui.exe [323584 2014-04-24] () HKLM\...\Run: [Regedit32] => C:\WINDOWS\system32\regedit.exe HKLM\...\Run: [veyknyva] => C:\WINDOWS\System32\veyknyva.exe [104960 2014-04-06] (Veracode) HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.) HKU\.DEFAULT\...\RunOnce: [Del1545421] - cmd.exe /Q /D /c del "C:\WINDOWS\system32\config\SYSTEM~1\USTAWI~1\Temp\0.del" HKU\S-1-5-19\...\RunOnce: [nlpo_01] - cmd.exe /c md "%USERPROFILE%\Ustawienia lokalne\Temp" HKU\S-1-5-19\...\RunOnce: [nlpo_02] - rundll32 advpack.dll,DelNodeRunDLL32 "%SystemRoot%\System32\dllcache" HKU\S-1-5-19\...\RunOnce: [nlpo_03] - cmd.exe /c md "%SystemRoot%\System32\dllcache" HKU\S-1-5-19\...\RunOnce: [nlpo_04] - cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" HKU\S-1-5-19\...\RunOnce: [nlpo_05] - rundll32 advpack.dll,LaunchINFSection nlite.inf,nLiteReg HKU\S-1-5-19\...\RunOnce: [nlpo_06] - rundll32 advpack.dll,LaunchINFSection nlite.inf,S HKU\S-1-5-20\...\RunOnce: [nlpo_01] - cmd.exe /c md "%USERPROFILE%\Ustawienia lokalne\Temp" HKU\S-1-5-20\...\RunOnce: [nlpo_02] - rundll32 advpack.dll,DelNodeRunDLL32 "%SystemRoot%\System32\dllcache" HKU\S-1-5-20\...\RunOnce: [nlpo_03] - cmd.exe /c md "%SystemRoot%\System32\dllcache" HKU\S-1-5-20\...\RunOnce: [nlpo_04] - cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" HKU\S-1-5-20\...\RunOnce: [nlpo_05] - rundll32 advpack.dll,LaunchINFSection nlite.inf,nLiteReg HKU\S-1-5-20\...\RunOnce: [nlpo_06] - rundll32 advpack.dll,LaunchINFSection nlite.inf,S HKU\S-1-5-21-1644491937-1844823847-725345543-1003\...\Run: [WebcamMaxAutoRun] => C:\Program Files\WebcamMax\wcmmon.exe [1038848 2011-07-17] () HKU\S-1-5-21-1644491937-1844823847-725345543-1003\...\Run: [GG] => C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\GG\Application\gghub.exe [4023360 2014-03-31] (GG Network S.A.) HKU\S-1-5-21-1644491937-1844823847-725345543-1003\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation) HKU\S-1-5-21-1644491937-1844823847-725345543-1003\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.) HKU\S-1-5-21-1644491937-1844823847-725345543-1003\...\Run: [Neoh] => C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\Dyow\neoh.exe [500224 2013-11-22] () <===== ATTENTION HKU\S-1-5-21-1644491937-1844823847-725345543-1003\...\Run: [patgeasukump] => C:\Documents and Settings\Dom\patgeasukump.exe [68608 2014-04-30] () HKU\S-1-5-21-1644491937-1844823847-725345543-1003\...\Run: [veyknyva] => C:\Documents and Settings\Dom\veyknyva.exe [104960 2014-04-06] (Veracode) HKU\S-1-5-21-1644491937-1844823847-725345543-1003\...\Policies\Explorer\Run: [Bonanza] => C:\Documents and Settings\Dom\Dane aplikacji\dssvjgdu\dtgbscww.exe [31936 2008-04-14] (Microsoft Corporation) HKU\S-1-5-21-1644491937-1844823847-725345543-1003\...\MountPoints2: {59ae6ce4-52a1-11e3-8844-886ea4ac45d5} - I:\setupSNK.exe HKU\S-1-5-21-1644491937-1844823847-725345543-1003\...\MountPoints2: {b4fc45b7-8f34-11e3-88b3-001fd0308521} - I:\LGAutoRun.exe HKU\S-1-5-21-1644491937-1844823847-725345543-1003\...\Winlogon: [Shell] C:\Documents and Settings\Dom\Dane aplikacji\Other.res [39936 2008-04-14] () <==== ATTENTION IFEO\bitguard.exe: [Debugger] tasklist.exe IFEO\bprotect.exe: [Debugger] tasklist.exe IFEO\bpsvc.exe: [Debugger] tasklist.exe IFEO\browserdefender.exe: [Debugger] tasklist.exe IFEO\browserprotect.exe: [Debugger] tasklist.exe IFEO\browsersafeguard.exe: [Debugger] tasklist.exe IFEO\dprotectsvc.exe: [Debugger] tasklist.exe IFEO\protectedsearch.exe: [Debugger] tasklist.exe IFEO\searchprotection.exe: [Debugger] tasklist.exe IFEO\searchprotector.exe: [Debugger] tasklist.exe IFEO\snapdo.exe: [Debugger] tasklist.exe IFEO\stinst32.exe: [Debugger] tasklist.exe IFEO\stinst64.exe: [Debugger] tasklist.exe IFEO\utiljumpflip.exe: [Debugger] tasklist.exe HKLM\...\AppCertDlls: [x86] -> C:\Program Files\Movies Toolbar\Datamngr\apcrtldr.dll <===== ATTENTION HKLM\...\AppCertDlls: [x64] -> c:\program files\movies toolbar\datamngr\x64\apcrtldr.dll <===== ATTENTION ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.aartemis.com/web/?type=ds&ts=1387824641&from=cor&uid=SAMSUNGXHD252HJ_S17HJDWQ902519&q={searchTerms} HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.pl/ HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.aartemis.com/web/?type=ds&ts=1387824641&from=cor&uid=SAMSUNGXHD252HJ_S17HJDWQ902519&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.aartemis.com/web/?type=ds&ts=1387824641&from=cor&uid=SAMSUNGXHD252HJ_S17HJDWQ902519&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.aartemis.com/web/?type=ds&ts=1387824641&from=cor&uid=SAMSUNGXHD252HJ_S17HJDWQ902519&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = Toolbar: HKCU - &Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) Toolbar: HKCU - &Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.1.20 FireFox: ======== FF ProfilePath: C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\5l6pta32.default FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_206.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\Ask.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\delta-homes.xml FF HKLM\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\b0q0djk7.default\extensions\quick_start@gmail.com Chrome: ======= CHR StartupUrls: "hxxp://pl.msn.com/?pc=UP97&ocid=UP97DHP", "hxxp://www.search.ask.com/?tpid=SGTV7-SAT&o=APN11005&pf=V7&trgb=CR&p2=%5EB3R%5EYYYYYY%5EYY%5EPL&gct=hp&apn_ptnrs=%5EB3R&apn_dtid=%5EYYYYYY%5EYY%5EPL&apn_dbr=ff_28.0&apn_uid=94B09125-29B6-4D2A-896D-5D79F74F9DDA&itbv=12.10.6.5115&doi=2014-04-24&psv=" CHR DefaultSearchKeyword: bing.com CHR DefaultSearchProvider: Bing CHR DefaultSearchURL: http://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms} CHR DefaultNewTabURL: CHR Extension: (Movies Toolbar) - C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob [2014-03-15] CHR Extension: (Dokumenty Google) - C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-06] CHR Extension: (Dysk Google) - C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-06] CHR Extension: (YouTube) - C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-06] CHR Extension: (Szukaj w Google) - C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-06] CHR Extension: (Google Wallet) - C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-06] CHR Extension: (Extended Protection) - C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo [2014-02-26] CHR Extension: (Gmail) - C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-06] CHR HKLM\...\Chrome\Extension: [aaaaabcbmongicmdegkmmfgdickgnnob] - C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\ilividmoviestoolbar181\GC\toolbar.crx [2013-12-11] CHR HKLM\...\Chrome\Extension: [ogfjmhfnldnajmfaofeiaepghjenbgjo] - C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ep.crx [2014-02-26] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ========================== Services (Whitelisted) ================= Locked "40906105e69db88" service could not be unlocked. <===== ATTENTION S3 EhttpSrv; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [19200 2008-08-18] (ESET) R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [468224 2008-08-18] (ESET) R2 Wpm; C:\Documents and Settings\All Users\Dane aplikacji\WPM\wprotectmanager.exe [501904 2014-02-26] (Cherished Technololgy LIMITED) ==================== Drivers (Whitelisted) ==================== R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [43520 2006-06-19] (Advanced Micro Devices) S3 AndNetDiag; C:\WINDOWS\System32\DRIVERS\lgandnetdiag.sys [23040 2012-07-03] (LG Electronics Inc.) S3 ANDNetModem; C:\WINDOWS\System32\DRIVERS\lgandnetmodem.sys [27776 2012-07-03] (LG Electronics Inc.) S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation) S2 eamon; C:\WINDOWS\System32\DRIVERS\eamon.sys [39944 2008-08-18] (ESET) S1 easdrv; C:\WINDOWS\System32\DRIVERS\easdrv.sys [53256 2008-08-18] (ESET) S1 epfwtdir; C:\WINDOWS\System32\DRIVERS\epfwtdir.sys [34312 2008-08-18] () S1 f4b0; C:\WINDOWS\system32\drivers\f4b0.sys [55552 2014-04-06] () S3 gdrv; C:\WINDOWS\gdrv.sys [15600 2014-04-17] (Windows (R) 2000 DDK provider) S3 ManyCam; C:\WINDOWS\System32\DRIVERS\mcvidrv.sys [40736 2013-11-27] (Visicom Media Inc.) S3 mcaudrv_simple; C:\WINDOWS\System32\drivers\mcaudrv.sys [29728 2013-12-06] (Visicom Media Inc.) S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation) R0 nvata; C:\WINDOWS\System32\DRIVERS\nvata.sys [105472 2006-10-18] (NVIDIA Corporation) R3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [58368 2006-11-27] (NVIDIA Corporation) R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [19968 2006-11-27] (NVIDIA Corporation) R2 WCMVCAM; C:\WINDOWS\System32\DRIVERS\wcmvcam.sys [1068216 2012-04-15] (Windows (R) Win 7 DDK provider) S2 zumbus; C:\WINDOWS\System32\DRIVERS\zumbus.sys [41472 2011-08-05] (Microsoft Corporation) R1 {7f2b4ad0-671a-477b-bcd4-79d041f50d27}t; C:\WINDOWS\System32\drivers\{7f2b4ad0-671a-477b-bcd4-79d041f50d27}t.sys [55232 2014-04-24] (StdLib) U5 40906105e69db88; C:\Windows\System32\Drivers\40906105e69db88.sys [55552 2014-04-06] () <===== ATTENTION Necurs Rootkit? S4 IntelIde; No ImagePath U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation) U1 WS2IFSL; ========================== Drivers MD5 ======================= C:\WINDOWS\System32\DRIVERS\ACPI.sys 05118282F5D039595A2B92B4A4AFE197 C:\WINDOWS\system32\Drivers\ACPIEC.sys 66A42B7DB194E24B973BBCCE840A0F3F C:\WINDOWS\System32\drivers\aec.sys 8BED39E3C35D6A489438B8141717A557 C:\WINDOWS\System32\drivers\afd.sys 322D0E36693D6E24A2398BEE62A268CD C:\WINDOWS\System32\DRIVERS\AmdK8.sys B3F7F3D37713293663CE4EAA0F1E4CEE C:\WINDOWS\System32\DRIVERS\lgandnetdiag.sys 39E58CE46F87D039994F20B4295887CC C:\WINDOWS\System32\DRIVERS\lgandnetmodem.sys 2D9231585B67DC7432D135F1EA305655 C:\WINDOWS\System32\DRIVERS\asyncmac.sys B153AFFAC761E7F5FCFA822B9C4E97BC C:\WINDOWS\System32\DRIVERS\atapi.sys 9F3A2F5AA6875C72BF062C712CFA2674 C:\WINDOWS\System32\DRIVERS\ati2mtag.sys A4D1C3CD20C8C595AF1817BB5352ECD6 C:\WINDOWS\System32\DRIVERS\atmarpc.sys 9916C1225104BA14794209CFA8012159 C:\WINDOWS\System32\DRIVERS\audstub.sys D9F724AA26C010A217C97606B160ED68 C:\WINDOWS\system32\Drivers\Beep.sys DA1F27D85E0D1525F6621372E7B685E9 C:\WINDOWS\system32\Drivers\cbidf2k.sys 90A673FC8E12A79AFBED2576F6A7AAF9 C:\WINDOWS\System32\DRIVERS\CCDECODE.sys 0BE5AEF125BE881C4F854C554F2B025C C:\WINDOWS\system32\Drivers\Cdaudio.sys C1B486A7658353D33A10CC15211A873B C:\WINDOWS\system32\Drivers\Cdfs.sys C885B02847F5D2FD45A24E219ED93B32 C:\WINDOWS\System32\DRIVERS\cdrom.sys 4B0A100EAF5C49EF3CCA8C641431EACC C:\WINDOWS\System32\DRIVERS\disk.sys 044452051F3E02E7963599FC8F4F3E25 C:\WINDOWS\System32\drivers\dmboot.sys BC9219ABC5696942E6F9AC8A9B28670F C:\WINDOWS\System32\drivers\dmio.sys 5FA232E3BA6E1346F9F5A7E519320CB0 C:\WINDOWS\System32\drivers\dmload.sys E9317282A63CA4D188C0DF5E09C6AC5F C:\WINDOWS\System32\drivers\DMusic.sys 8A208DFCF89792A484E76C40E5F50B45 C:\WINDOWS\System32\drivers\drmkaud.sys 8F5FCFF8E8848AFAC920905FBD9D33C8 C:\WINDOWS\System32\DRIVERS\eamon.sys 68556A9D5339046A85815C3826CAF412 C:\WINDOWS\System32\DRIVERS\easdrv.sys FD90EA14A6DAD9A3E380DC2B84956C0F C:\WINDOWS\System32\DRIVERS\epfwtdir.sys 561882616EB2CF58A4ED9E58D0F02EE3 C:\WINDOWS\system32\drivers\f4b0.sys 0C5FFE9D6AA399FBE82CD7B1775E23D7 C:\WINDOWS\system32\Drivers\Fastfat.sys 38D332A6D56AF32635675F132548343E C:\WINDOWS\system32\Drivers\Fdc.sys 92CDD60B6730B9F50F6A1A0C1F8CDC81 C:\WINDOWS\system32\Drivers\Fips.sys 09E2A4D33F81A06A8AAB2BA0A0B5D235 C:\WINDOWS\system32\Drivers\Flpydisk.sys 9D27E7B80BFCDF1CDD9B555862D5E7F0 C:\WINDOWS\System32\drivers\fltmgr.sys B2CF4B0786F8212CB92ED2B50C6DB6B0 C:\WINDOWS\system32\Drivers\Fs_Rec.sys 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A C:\WINDOWS\System32\DRIVERS\ftdisk.sys ED6D921D8AB423138FB35BEEE6D6A6CB C:\WINDOWS\gdrv.sys 54789F9BA0D59072CDD4E7C200E122C4 C:\WINDOWS\System32\DRIVERS\msgpc.sys 0A02C63C8B144BD8C86B103DEE7C86A2 C:\WINDOWS\System32\DRIVERS\HDAudBus.sys 573C7D0A32852B48F3058CFD8026F511 C:\WINDOWS\System32\DRIVERS\hidusb.sys CCF82C5EC8A7326C3066DE870C06DAF1 C:\WINDOWS\System32\Drivers\HTTP.sys F6AACF5BCE2893E0C1754AFEB672E5C9 C:\WINDOWS\System32\DRIVERS\i8042prt.sys 177B372AF55C4460D0968B5F1D02AA1C C:\WINDOWS\System32\DRIVERS\imapi.sys 083A052659F5310DD8B6A6CB05EDCF8E C:\WINDOWS\System32\drivers\RtkHDAud.sys C4006AF18682FCA0D8A011A0A21070F8 C:\WINDOWS\System32\drivers\ip6fw.sys 3BB22519A194418D5FEC05D800A19AD0 C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys 731F22BA402EE4B62748ADAF6363C182 C:\WINDOWS\System32\DRIVERS\ipinip.sys B87AB476DCF76E72010632B5550955F5 C:\WINDOWS\System32\DRIVERS\ipnat.sys CC748EA12C6EFFDE940EE98098BF96BB C:\WINDOWS\System32\DRIVERS\ipsec.sys 23C74D75E36E7158768DD63D92789A91 C:\WINDOWS\System32\DRIVERS\irenum.sys C93C9FF7B04D772627A3646D89F7BF89 C:\WINDOWS\System32\DRIVERS\isapnp.sys C8EEF2E93835B81BD335DE2123121283 C:\WINDOWS\System32\DRIVERS\kbdclass.sys 2AECA45D4AEAACBDCB77AD11184E4601 C:\WINDOWS\System32\DRIVERS\kbdclass.sys 2AECA45D4AEAACBDCB77AD11184E4601 C:\WINDOWS\System32\DRIVERS\kbdhid.sys F718DCDDAC2544BC693F22977D06F78B C:\WINDOWS\System32\drivers\kmixer.sys 692BCF44383D056AED41B045A323D378 C:\WINDOWS\system32\Drivers\KSecDD.sys 1705745D900DABF2D89F90EBADDC7517 C:\WINDOWS\System32\DRIVERS\mcvidrv.sys DF6560DC4F437B28E7BB9EB2D5B1230E C:\WINDOWS\System32\drivers\mcaudrv.sys 14E62055FC3C77C2672554F8DB85048A C:\WINDOWS\system32\Drivers\mnmdd.sys 4AE068242760A1FB6E1A44BF4E16AFA6 C:\WINDOWS\system32\Drivers\Modem.sys 4A068DB7DC37D5AFEDB6512D2931D7B3 C:\WINDOWS\System32\DRIVERS\mouclass.sys FBED3DF6B884F8CF00447B73507F2C48 C:\WINDOWS\System32\DRIVERS\mouhid.sys ECEC1E6CD558AB80F944F31326E9D3B5 C:\WINDOWS\system32\Drivers\MountMgr.sys A80B9A0BAD1B73637DBCBBA7DF72D3FD C:\WINDOWS\System32\DRIVERS\mrxdav.sys 11D42BB6206F33FBB3BA0288D3EF81BD C:\WINDOWS\System32\DRIVERS\mrxsmb.sys 68755F0FF16070178B54674FE5B847B0 C:\WINDOWS\system32\Drivers\Msfs.sys C941EA2454BA8350021D774DAF0F1027 C:\WINDOWS\System32\drivers\MSKSSRV.sys D1575E71568F4D9E14CA56B7B0453BF1 C:\WINDOWS\System32\drivers\MSPCLOCK.sys 325BB26842FC7CCC1FCCE2C457317F3E C:\WINDOWS\System32\drivers\MSPQM.sys BAD59648BA099DA4A17680B39730CB3D C:\WINDOWS\System32\DRIVERS\mssmbios.sys AF5F4F3F14A8EA2C26DE30F7A1E17136 C:\WINDOWS\System32\drivers\MSTEE.sys E53736A9E30C45FA9E7B5EAC55056D1D C:\WINDOWS\system32\Drivers\Mup.sys 2F625D11385B1A94360BFC70AAEFDEE1 C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys 5B50F1B2A2ED47D560577B221DA734DB C:\WINDOWS\system32\Drivers\NDIS.sys 1DF7F42665C94B825322FAE71721130D C:\WINDOWS\System32\DRIVERS\NdisIP.sys 7FF1F1FD8609C149AA432F95A8163D97 C:\WINDOWS\System32\DRIVERS\ndistapi.sys 1AB3D00C991AB086E69DB84B6C0ED78F C:\WINDOWS\System32\DRIVERS\ndisuio.sys F927A4434C5028758A842943EF1A3849 C:\WINDOWS\System32\DRIVERS\ndiswan.sys EDC1531A49C80614B2CFDA43CA8659AB C:\WINDOWS\system32\Drivers\NDProxy.sys 6215023940CFD3702B46ABC304E1D45A C:\WINDOWS\System32\DRIVERS\netbios.sys 5D81CF9A2F1A3A756B66CF684911CDF0 C:\WINDOWS\System32\DRIVERS\netbt.sys 74B2B2F5BEA5E9A3DC021D685551BD3D C:\WINDOWS\system32\Drivers\Npfs.sys 3182D64AE053D6FB034F44B6DEF8034A C:\WINDOWS\system32\Drivers\Ntfs.sys 78A08DD6A8D65E697C18E1DB01C5CDCA C:\WINDOWS\system32\Drivers\Null.sys 73C1E1F395918BC2C6DD67AF7591A3AD C:\WINDOWS\System32\DRIVERS\nv4_mini.sys CEAB17BA3E0F7DE96A4649F896B35131 C:\WINDOWS\System32\DRIVERS\nvata.sys EF9941593B2E9B436F64A87DDB570D1A C:\WINDOWS\System32\DRIVERS\NVENETFD.sys 0AE6258709D58FB53638E8D28F4480D4 C:\WINDOWS\System32\DRIVERS\nvnetbus.sys 1296B33C223A58485D5EAA779752216A C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys B305F3FAD35083837EF46A0BBCE2FC57 C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys C99B3415198D1AAB7227F2C88FD664B9 C:\WINDOWS\System32\DRIVERS\parport.sys 2D4CDAEBCED17743AA9E25D3016DC229 C:\WINDOWS\system32\Drivers\PartMgr.sys BEB3BA25197665D82EC7065B724171C6 C:\WINDOWS\system32\Drivers\ParVdm.sys 453EC2C2A20A1382F564541918520EEB C:\WINDOWS\System32\DRIVERS\pci.sys 6862C69168D787B85A7D95CCD33C694E C:\WINDOWS\System32\DRIVERS\pciide.sys 548CF2D6369EAE441A4C6BAA75BC4F0A C:\WINDOWS\system32\Drivers\Pcmcia.sys 8DB27F1AE9593C94095485305A583862 C:\WINDOWS\System32\DRIVERS\raspptp.sys EFEEC01B1D3CF84F16DDD24D9D9D8F99 C:\WINDOWS\System32\DRIVERS\processr.sys 7A1367D250502C6416A4D3A19EF155F5 C:\WINDOWS\System32\DRIVERS\psched.sys 09298EC810B07E5D582CB3A3F9255424 C:\WINDOWS\System32\DRIVERS\ptilink.sys 80D317BD1C3DBC5D4FE7B1678C60CADD C:\WINDOWS\System32\DRIVERS\rasacd.sys FE0D99D6F31E4FAD8159F690D68DED9C C:\WINDOWS\System32\DRIVERS\rasl2tp.sys 11B4A627BC9614B885C4969BFA5FF8A6 C:\WINDOWS\System32\DRIVERS\raspppoe.sys 5BC962F2654137C9909C3D4603587DEE C:\WINDOWS\System32\DRIVERS\raspti.sys FDBB1D60066FCFBB7452FD8F9829B242 C:\WINDOWS\System32\DRIVERS\rdbss.sys 7AD224AD1A1437FE28D89CF22B17780A C:\WINDOWS\System32\DRIVERS\RDPCDD.sys 4912D5B403614CE99C28420F75353332 C:\WINDOWS\System32\DRIVERS\rdpdr.sys 15CABD0F7C00C47C70124907916AF3F1 C:\WINDOWS\system32\Drivers\RDPWD.sys 6728E45B66F93C08F11DE2E316FC70DD C:\WINDOWS\System32\DRIVERS\redbook.sys E0C7BBD18040B58651BAC700C804861D C:\WINDOWS\System32\DRIVERS\secdrv.sys ==> MD5 is legit C:\WINDOWS\System32\DRIVERS\serenum.sys 0F29512CCD6BEAD730039FB4BD2C85CE C:\WINDOWS\System32\DRIVERS\serial.sys D07B02F88165E69B9F17162CF592C8A6 C:\WINDOWS\system32\Drivers\Sfloppy.sys 8E6B8C671615D126FDC553D1E2DE5562 C:\WINDOWS\System32\DRIVERS\SLIP.sys 866D538EBE33709A5C9F5C62B73B7D14 C:\WINDOWS\System32\drivers\splitter.sys AB8B92451ECB048A4D1DE7C3FFCB4A9F C:\WINDOWS\System32\DRIVERS\sr.sys EB032822BE406EF220D546DDFFCF0002 C:\WINDOWS\System32\DRIVERS\srv.sys 5252605079810904E31C332E241CD59B C:\WINDOWS\System32\DRIVERS\StreamIP.sys 77813007BA6265C4B6098187E6ED79D2 C:\WINDOWS\System32\DRIVERS\swenum.sys 3941D127AEF12E93ADDF6FE6EE027E0F C:\WINDOWS\System32\drivers\swmidi.sys 8CE882BCC6CF8A62F2B2323D95CB3D01 C:\WINDOWS\System32\drivers\sysaudio.sys 8B83F3ED0F1688B4958F77CD6D2BF290 C:\WINDOWS\System32\DRIVERS\tcpip.sys 93EA8D04EC73A85DB02EB8805988F733 C:\WINDOWS\system32\Drivers\TDPIPE.sys 6471A66807F5E104E4885F5B67349397 C:\WINDOWS\system32\Drivers\TDTCP.sys C56B6D0402371CF3700EB322EF3AAF61 C:\WINDOWS\System32\DRIVERS\termdd.sys 88155247177638048422893737429D9E C:\WINDOWS\system32\Drivers\Udfs.sys 5787B80C2E3C5E2F56C2A233D91FA2C9 C:\WINDOWS\System32\DRIVERS\update.sys 402DDC88356B1BAC0EE3DD1580C76A31 C:\WINDOWS\System32\drivers\usbaudio.sys E919708DB44ED8543A7C017953148330 C:\WINDOWS\System32\DRIVERS\usbccgp.sys 173F317CE0DB8E21322E71B7E60A27E8 C:\WINDOWS\System32\DRIVERS\usbehci.sys 65DCF09D0E37D4C6B11B5B0B76D470A7 C:\WINDOWS\System32\DRIVERS\usbhub.sys 1AB3CDDE553B6E064D2E754EFE20285C C:\WINDOWS\System32\DRIVERS\usbohci.sys 0DAECCE65366EA32B162F85F07C6753B C:\WINDOWS\System32\DRIVERS\usbscan.sys A0B8CF9DEB1184FBDD20784A58FA75D4 C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS A32426D9B14A089EAA1D922E0C5801A9 C:\WINDOWS\System32\Drivers\usbvideo.sys 63BBFCA7F390F4C49ED4B96BFB1633E0 C:\WINDOWS\System32\drivers\vga.sys 0D3A8FAFCEACD8B7625CD549757A7DF1 C:\WINDOWS\system32\Drivers\VolSnap.sys 56B191AC5FC0DF219949C95A6C87AFE7 C:\WINDOWS\System32\DRIVERS\wanarp.sys E20B95BAEDB550F32DD489265C1DA1F6 C:\WINDOWS\System32\DRIVERS\wcmvcam.sys 70FF13D0C853ACEA859737EC8A8D220F C:\WINDOWS\System32\Drivers\wdf01000.sys D918617B46457B9AC28027722E30F647 C:\WINDOWS\System32\drivers\wdmaud.sys 6768ACF64B18196494413695F0C3A00F C:\WINDOWS\System32\DRIVERS\wpdusb.sys CF4DEF1BF66F06964DC0D91844239104 C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS C98B39829C2BBD34E454150633C62C78 C:\WINDOWS\System32\DRIVERS\WudfPf.sys F15FEAFFFBB3644CCC80C5DA584E6311 C:\WINDOWS\System32\DRIVERS\wudfrd.sys 28B524262BCE6DE1F7EF9F510BA3985B C:\WINDOWS\System32\DRIVERS\zumbus.sys AE279CD76B38FC079EEC3CA6D65A5926 C:\WINDOWS\System32\drivers\{7f2b4ad0-671a-477b-bcd4-79d041f50d27}t.sys A8C8C7B8DB704A5F8A8F7247830E93D8 ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-05-01 21:32 - 2014-05-01 21:32 - 00000000 ____D () C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\XulTest 2014-04-30 19:04 - 2014-04-30 19:04 - 00068608 _____ () C:\Documents and Settings\Dom\patgeasukump.exe 2014-04-25 18:37 - 2014-04-24 12:21 - 00055232 _____ (StdLib) C:\WINDOWS\system32\Drivers\{7f2b4ad0-671a-477b-bcd4-79d041f50d27}t.sys 2014-04-24 21:15 - 2014-04-24 21:15 - 00323584 _____ () C:\WINDOWS\system32\godouqui.exe 2014-04-24 19:47 - 2014-04-05 11:55 - 00000000 ____D () C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\VNT 2014-04-24 19:46 - 2014-04-24 19:46 - 00000000 ____D () C:\Program Files\GreenTree Applications 2014-04-24 19:46 - 2014-04-24 19:46 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\YTD Video Downloader 2014-04-24 19:46 - 2014-04-05 11:55 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\YTD Video Downloader 2014-04-17 09:09 - 2005-05-03 12:43 - 00069632 ____R (Realtek Semiconductor Corp.) C:\WINDOWS\Alcmtr.exe 2014-04-17 09:04 - 2014-04-17 09:04 - 00000000 ____D () C:\Program Files\ESET 2014-04-17 09:04 - 2014-04-17 09:04 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\ESET 2014-04-17 09:04 - 2014-04-17 09:04 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\ESET 2014-04-17 09:00 - 2014-04-17 09:00 - 00000000 ____D () C:\Program Files\VS Revo Group 2014-04-17 08:55 - 2014-04-17 08:55 - 00000000 _____ () C:\WINDOWS\ativpsrm.bin 2014-04-17 08:55 - 2008-03-12 23:18 - 00307200 ____R (ATI Technologies Inc.) C:\WINDOWS\system32\atiiiexx.dll 2014-04-17 08:55 - 2008-03-12 23:17 - 00372736 ____R (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIDEMGX.dll 2014-04-17 08:55 - 2008-03-12 22:47 - 03107788 ____R () C:\WINDOWS\system32\ativvaxx.dat 2014-04-17 08:55 - 2008-03-12 22:47 - 03107788 ____R () C:\WINDOWS\system32\ativva5x.dat 2014-04-17 08:55 - 2008-03-12 22:47 - 00887724 ____R () C:\WINDOWS\system32\ativva6x.dat 2014-04-17 08:55 - 2008-03-06 16:40 - 00168883 ____R () C:\WINDOWS\system32\atiicdxx.dat 2014-04-17 08:55 - 2008-01-21 15:48 - 00012477 ____R () C:\WINDOWS\atiogl.xml 2014-04-17 08:55 - 2007-08-31 15:20 - 00007167 ____R () C:\WINDOWS\system32\atifglpf.xml 2014-04-17 08:54 - 2006-12-28 18:45 - 00128000 ____R (ATI Research Inc.) C:\WINDOWS\system32\Drivers\AtiHdAud.sys 2014-04-15 15:46 - 2014-04-17 08:52 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.dat 2014-04-06 13:10 - 2014-04-06 13:12 - 00000000 ____D () C:\WINDOWS\Minidump 2014-04-06 13:09 - 2014-04-06 13:09 - 00055552 _____ () C:\WINDOWS\system32\Drivers\f4b0.sys 2014-04-06 13:09 - 2014-04-06 13:09 - 00055552 _____ () C:\WINDOWS\system32\Drivers\40906105e69db88.sys 2014-04-06 13:07 - 2014-04-06 13:07 - 00000000 ____D () C:\TDSSKiller_Quarantine 2014-04-06 13:02 - 2014-04-06 13:02 - 00003195 _____ () C:\WINDOWS\setupapi.log 2014-04-06 13:01 - 2014-04-06 13:01 - 00000000 ____D () C:\Documents and Settings\Dom\Dane aplikacji\XulTest 2014-04-06 12:56 - 2014-04-06 12:56 - 00104960 _____ (Veracode) C:\WINDOWS\system32\veyknyva.exe 2014-04-06 12:56 - 2014-04-06 12:56 - 00104960 _____ (Veracode) C:\Documents and Settings\Dom\veyknyva.exe 2014-04-06 12:55 - 2014-04-06 13:04 - 00011236 _____ () C:\Documents and Settings\Dom\Dane aplikacji\brutedb.bin 2014-04-05 11:56 - 2014-04-05 11:56 - 00000000 ____D () C:\WINDOWS\system32\appmgmt 2014-04-05 11:56 - 2014-04-05 11:56 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-04-05 11:56 - 2014-04-05 11:56 - 00000000 ____D () C:\Documents and Settings\Gość\Dane aplikacji\Adobe 2014-04-05 11:55 - 2014-04-05 11:55 - 00000000 ___RD () C:\Documents and Settings\Gość\Moje dokumenty\Moje obrazy 2014-04-05 11:55 - 2014-04-05 11:55 - 00000000 ___RD () C:\Documents and Settings\Gość\Moje dokumenty\Moja muzyka 2014-04-05 11:55 - 2014-04-05 11:55 - 00000000 ___RD () C:\Documents and Settings\Gość\Moje dokumenty 2014-04-05 11:55 - 2014-04-05 11:55 - 00000000 ___RD () C:\Documents and Settings\Gość\Menu Start\Programy\Autostart 2014-04-05 11:55 - 2014-04-05 11:55 - 00000000 ___RD () C:\Documents and Settings\Gość\Menu Start\Programy\Akcesoria 2014-04-05 11:55 - 2014-04-05 11:55 - 00000000 ___RD () C:\Documents and Settings\Gość\Menu Start\Programy 2014-04-05 11:55 - 2014-04-05 11:55 - 00000000 ___RD () C:\Documents and Settings\Gość\Menu Start 2014-04-05 11:55 - 2014-04-05 11:55 - 00000000 ____D () C:\Program Files\CCleaner 2014-04-05 11:55 - 2014-04-05 11:55 - 00000000 ____D () C:\Documents and Settings\Gość\Pulpit 2014-04-05 11:55 - 2014-04-05 11:55 - 00000000 ____D () C:\Documents and Settings\Gość\Dane aplikacji\WinZipper 2014-04-05 11:55 - 2014-04-05 11:55 - 00000000 ____D () C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Company 2014-04-04 13:06 - 2014-04-04 13:06 - 00000069 _____ () C:\Documents and Settings\Gość\Ustawienia lokalne\Dane aplikacji\FASTWiz.log 2014-04-04 11:52 - 2014-04-05 11:53 - 00000000 ____D () C:\Documents and Settings\Gość\Dane aplikacji\Mozilla 2014-04-04 11:52 - 2014-04-04 11:52 - 00000000 ____D () C:\Documents and Settings\Gość\Ustawienia lokalne\Dane aplikacji\Mozilla 2014-04-04 11:49 - 2014-04-04 11:49 - 00000000 ____D () C:\Documents and Settings\Gość\Dane aplikacji\Macromedia 2014-04-03 21:10 - 2014-04-05 11:56 - 00000000 ____D () C:\Documents and Settings\Dom\Pulpit\logi 2014-04-03 20:58 - 2014-04-06 13:12 - 00000000 ____D () C:\FRST 2014-04-03 20:19 - 2014-04-03 20:19 - 00000730 _____ () C:\Documents and Settings\All Users\Menu Start\Programy\Mozilla Firefox.lnk 2014-04-03 20:19 - 2014-04-03 20:19 - 00000724 _____ () C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk 2014-04-03 20:15 - 2014-04-06 13:09 - 00002351 _____ () C:\WINDOWS\WindowsUpdate.log 2014-04-03 20:06 - 2014-04-05 11:56 - 00000000 ____D () C:\Documents and Settings\Dom\Dane aplikacji\Mozilla 2014-04-03 19:43 - 2014-04-05 11:54 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\CCleaner 2014-04-03 16:45 - 2014-04-03 16:45 - 00000000 ____D () C:\Documents and Settings\Gość\Ustawienia lokalne\Dane aplikacji\Google 2014-04-03 16:43 - 2014-04-03 16:43 - 00000000 ____D () C:\Documents and Settings\Gość\Ustawienia lokalne\Dane aplikacji\Opera Software 2014-04-03 16:42 - 2014-04-05 11:56 - 00000000 ___HD () C:\Documents and Settings\Gość\Ustawienia lokalne 2014-04-03 16:42 - 2014-04-05 11:55 - 00000000 ___SD () C:\Documents and Settings\Gość\Ustawienia lokalne\Historia 2014-04-03 16:42 - 2014-04-05 11:55 - 00000000 ___HD () C:\Documents and Settings\Gość\Ustawienia lokalne\Dane aplikacji 2014-04-03 16:42 - 2014-04-05 11:54 - 00000000 __RHD () C:\Documents and Settings\Gość\Dane aplikacji 2014-04-03 16:42 - 2014-04-05 11:54 - 00000000 ___RD () C:\Documents and Settings\Gość\Ulubione 2014-04-03 16:42 - 2014-04-05 11:54 - 00000000 ___HD () C:\Documents and Settings\Gość\Szablony 2014-04-03 16:42 - 2014-04-05 11:54 - 00000000 ____D () C:\Documents and Settings\Gość 2014-04-03 16:42 - 2014-04-03 16:42 - 00000792 _____ () C:\Documents and Settings\Gość\Menu Start\Programy\Windows Media Player.lnk 2014-04-03 16:42 - 2014-04-03 16:42 - 00000767 _____ () C:\Documents and Settings\Gość\Menu Start\Programy\Internet Explorer.lnk 2014-04-03 16:42 - 2014-04-03 16:42 - 00000738 _____ () C:\Documents and Settings\Gość\Menu Start\Programy\Outlook Express.lnk 2014-04-03 16:42 - 2014-04-03 16:42 - 00000020 ___SH () C:\Documents and Settings\Gość\ntuser.ini 2014-04-03 16:42 - 2014-04-03 16:42 - 00000000 ____D () C:\Documents and Settings\Gość\Dane aplikacji\Opera Software 2014-04-03 16:42 - 2013-11-21 12:55 - 00001599 _____ () C:\Documents and Settings\Gość\Menu Start\Programy\Pomoc zdalna.lnk 2014-03-31 21:32 - 2014-04-05 11:56 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-03-27 15:48 - 2014-03-27 16:34 - 00000000 ____D () C:\Program Files\PhotoScape 2014-03-27 15:48 - 2014-03-27 16:01 - 00005120 ____H () C:\Documents and Settings\Dom\Moje dokumenty\photothumb.db 2014-03-27 15:48 - 2014-03-27 15:48 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\PhotoScape 2014-03-27 11:47 - 2014-04-17 09:03 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software 2014-03-22 12:38 - 2014-03-22 12:38 - 00055232 _____ (StdLib) C:\WINDOWS\system32\Drivers\tStLib.sys 2014-03-20 22:24 - 2014-04-23 16:11 - 00000000 ____D () C:\Documents and Settings\Dom\Moje dokumenty\Bandicam 2014-03-20 22:24 - 2014-04-05 11:50 - 00000000 ____D () C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Opera Software 2014-03-20 22:24 - 2014-04-05 11:50 - 00000000 ____D () C:\Documents and Settings\Dom\Dane aplikacji\Opera Software 2014-03-20 22:24 - 2014-03-20 22:24 - 00000000 ____D () C:\Documents and Settings\Dom\Dane aplikacji\BANDISOFT 2014-03-20 22:23 - 2014-04-05 11:55 - 00000000 ____D () C:\Program Files\Opera 2014-03-20 18:25 - 2014-03-20 18:31 - 00000000 ____D () C:\293354ca68fd86f71cc3 2014-03-17 18:47 - 2014-03-17 18:47 - 00000000 __SHD () C:\found.000 2014-03-16 20:46 - 2014-03-16 20:46 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-03-16 20:46 - 2014-03-16 20:46 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Silverlight 2014-03-15 13:43 - 2014-03-27 11:59 - 00000000 ____D () C:\Program Files\Movies Toolbar 2014-03-15 13:43 - 2014-03-27 11:55 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Datamngr 2014-03-15 13:43 - 2014-03-15 13:43 - 00000000 ____D () C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\ilividmoviestoolbar181 2014-03-15 13:43 - 2014-03-15 13:43 - 00000000 ____D () C:\Documents and Settings\Dom\Dane aplikacji\ilividmoviestoolbar181 2014-03-15 13:43 - 2014-03-15 13:43 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Wincert 2014-03-15 13:42 - 2014-03-15 13:42 - 00000000 ____D () C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\iLivid 2014-03-09 12:59 - 2014-03-09 12:59 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\GG ==================== One Month Modified Files and Folders ======= 2014-05-03 12:20 - 2013-12-19 20:32 - 00000000 ____D () C:\Documents and Settings\Dom\Dane aplikacji\Skype 2014-05-01 21:32 - 2014-05-01 21:32 - 00000000 ____D () C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\XulTest 2014-04-30 19:04 - 2014-04-30 19:04 - 00068608 _____ () C:\Documents and Settings\Dom\patgeasukump.exe 2014-04-29 21:55 - 2013-12-19 20:31 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Skype 2014-04-25 18:05 - 2013-11-21 12:58 - 00000000 ___RD () C:\Documents and Settings\Dom\Moje dokumenty 2014-04-24 21:15 - 2014-04-24 21:15 - 00323584 _____ () C:\WINDOWS\system32\godouqui.exe 2014-04-24 19:46 - 2014-04-24 19:46 - 00000000 ____D () C:\Program Files\GreenTree Applications 2014-04-24 19:46 - 2014-04-24 19:46 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\YTD Video Downloader 2014-04-24 12:21 - 2014-04-25 18:37 - 00055232 _____ (StdLib) C:\WINDOWS\system32\Drivers\{7f2b4ad0-671a-477b-bcd4-79d041f50d27}t.sys 2014-04-23 16:11 - 2014-03-20 22:24 - 00000000 ____D () C:\Documents and Settings\Dom\Moje dokumenty\Bandicam 2014-04-17 09:10 - 2013-11-21 13:13 - 00000000 ____D () C:\WINDOWS\system32\RTCOM 2014-04-17 09:09 - 2013-11-21 13:14 - 00000000 ____D () C:\WINDOWS\system32\ReinstallBackups 2014-04-17 09:09 - 2013-11-21 13:12 - 00000000 ____D () C:\Program Files\Realtek 2014-04-17 09:08 - 2013-11-21 12:59 - 00015600 _____ (Windows (R) 2000 DDK provider) C:\WINDOWS\gdrv.sys 2014-04-17 09:04 - 2014-04-17 09:04 - 00000000 ____D () C:\Program Files\ESET 2014-04-17 09:04 - 2014-04-17 09:04 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\ESET 2014-04-17 09:04 - 2014-04-17 09:04 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\ESET 2014-04-17 09:03 - 2014-03-27 11:47 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software 2014-04-17 09:00 - 2014-04-17 09:00 - 00000000 ____D () C:\Program Files\VS Revo Group 2014-04-17 08:55 - 2014-04-17 08:55 - 00000000 _____ () C:\WINDOWS\ativpsrm.bin 2014-04-17 08:52 - 2014-04-15 15:46 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.dat 2014-04-15 15:49 - 2013-11-21 13:39 - 00000000 ____D () C:\WINDOWS\Help 2014-04-06 13:12 - 2014-04-06 13:10 - 00000000 ____D () C:\WINDOWS\Minidump 2014-04-06 13:12 - 2014-04-03 20:58 - 00000000 ____D () C:\FRST 2014-04-06 13:12 - 2013-11-21 13:58 - 00000000 ____D () C:\Documents and Settings\Dom\Moje dokumenty\Pobieranie 2014-04-06 13:11 - 2013-12-30 13:39 - 00000000 ____D () C:\Documents and Settings\Dom\Dane aplikacji\GG 2014-04-06 13:11 - 2013-11-21 13:47 - 00000159 _____ () C:\WINDOWS\wiadebug.log 2014-04-06 13:11 - 2013-11-21 13:47 - 00000050 _____ () C:\WINDOWS\wiaservc.log 2014-04-06 13:10 - 2014-02-06 19:40 - 00001026 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-04-06 13:10 - 2014-02-04 20:09 - 00000432 _____ () C:\WINDOWS\Tasks\At2.job 2014-04-06 13:10 - 2013-11-21 12:57 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-04-06 13:09 - 2014-04-06 13:09 - 00055552 _____ () C:\WINDOWS\system32\Drivers\f4b0.sys 2014-04-06 13:09 - 2014-04-06 13:09 - 00055552 _____ () C:\WINDOWS\system32\Drivers\40906105e69db88.sys 2014-04-06 13:09 - 2014-04-03 20:15 - 00002351 _____ () C:\WINDOWS\WindowsUpdate.log 2014-04-06 13:08 - 2013-11-21 12:58 - 00000188 ___SH () C:\Documents and Settings\Dom\ntuser.ini 2014-04-06 13:08 - 2013-11-21 12:57 - 00032446 _____ () C:\WINDOWS\SchedLgU.Txt 2014-04-06 13:07 - 2014-04-06 13:07 - 00000000 ____D () C:\TDSSKiller_Quarantine 2014-04-06 13:04 - 2014-04-06 12:55 - 00011236 _____ () C:\Documents and Settings\Dom\Dane aplikacji\brutedb.bin 2014-04-06 13:04 - 2013-11-21 14:01 - 00000930 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-04-06 13:04 - 2013-11-21 12:58 - 00000000 __RHD () C:\Documents and Settings\Dom\Dane aplikacji 2014-04-06 13:02 - 2014-04-06 13:02 - 00003195 _____ () C:\WINDOWS\setupapi.log 2014-04-06 13:02 - 2013-11-21 13:45 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy 2014-04-06 13:02 - 2013-11-21 13:40 - 00000000 ____D () C:\Documents and Settings\Dom\Dane aplikacji\ESTsoft 2014-04-06 13:01 - 2014-04-06 13:01 - 00000000 ____D () C:\Documents and Settings\Dom\Dane aplikacji\XulTest 2014-04-06 12:57 - 2014-02-06 19:40 - 00001030 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-04-06 12:56 - 2014-04-06 12:56 - 00104960 _____ (Veracode) C:\WINDOWS\system32\veyknyva.exe 2014-04-06 12:56 - 2014-04-06 12:56 - 00104960 _____ (Veracode) C:\Documents and Settings\Dom\veyknyva.exe 2014-04-06 12:56 - 2013-11-21 12:58 - 00000000 ____D () C:\Documents and Settings\Dom 2014-04-06 12:55 - 2001-07-22 02:17 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl 2014-04-05 11:56 - 2014-04-05 11:56 - 00000000 ____D () C:\WINDOWS\system32\appmgmt 2014-04-05 11:56 - 2014-04-05 11:56 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-04-05 11:56 - 2014-04-05 11:56 - 00000000 ____D () C:\Documents and Settings\Gość\Dane aplikacji\Adobe 2014-04-05 11:56 - 2014-04-03 21:10 - 00000000 ____D () C:\Documents and Settings\Dom\Pulpit\logi 2014-04-05 11:56 - 2014-04-03 20:06 - 00000000 ____D () C:\Documents and Settings\Dom\Dane aplikacji\Mozilla 2014-04-05 11:56 - 2014-04-03 16:42 - 00000000 ___HD () C:\Documents and Settings\Gość\Ustawienia lokalne 2014-04-05 11:56 - 2014-03-31 21:32 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-04-05 11:56 - 2014-02-26 14:17 - 00000000 ____D () C:\Program Files\SupTab 2014-04-05 11:56 - 2013-12-23 21:15 - 00000000 ____D () C:\Documents and Settings\Dom\Menu Start\Programy\Steam 2014-04-05 11:56 - 2013-12-23 20:50 - 00000000 ____D () C:\Documents and Settings\Dom\Menu Start\Programy\Mobogenie 2014-04-05 11:56 - 2013-12-23 12:24 - 00000000 ____D () C:\Program Files\ToonCar Demo 2014-04-05 11:56 - 2013-11-21 12:58 - 00000000 ___HD () C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji 2014-04-05 11:55 - 2014-04-24 19:47 - 00000000 ____D () C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\VNT 2014-04-05 11:55 - 2014-04-24 19:46 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\YTD Video Downloader 2014-04-05 11:55 - 2014-04-05 11:55 - 00000000 ___RD () C:\Documents and Settings\Gość\Moje dokumenty\Moje obrazy 2014-04-05 11:55 - 2014-04-05 11:55 - 00000000 ___RD () C:\Documents and Settings\Gość\Moje dokumenty\Moja muzyka 2014-04-05 11:55 - 2014-04-05 11:55 - 00000000 ___RD () C:\Documents and Settings\Gość\Moje dokumenty 2014-04-05 11:55 - 2014-04-05 11:55 - 00000000 ___RD () C:\Documents and Settings\Gość\Menu Start\Programy\Autostart 2014-04-05 11:55 - 2014-04-05 11:55 - 00000000 ___RD () C:\Documents and Settings\Gość\Menu Start\Programy\Akcesoria 2014-04-05 11:55 - 2014-04-05 11:55 - 00000000 ___RD () C:\Documents and Settings\Gość\Menu Start\Programy 2014-04-05 11:55 - 2014-04-05 11:55 - 00000000 ___RD () C:\Documents and Settings\Gość\Menu Start 2014-04-05 11:55 - 2014-04-05 11:55 - 00000000 ____D () C:\Program Files\CCleaner 2014-04-05 11:55 - 2014-04-05 11:55 - 00000000 ____D () C:\Documents and Settings\Gość\Pulpit 2014-04-05 11:55 - 2014-04-05 11:55 - 00000000 ____D () C:\Documents and Settings\Gość\Dane aplikacji\WinZipper 2014-04-05 11:55 - 2014-04-05 11:55 - 00000000 ____D () C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Company 2014-04-05 11:55 - 2014-04-03 16:42 - 00000000 ___SD () C:\Documents and Settings\Gość\Ustawienia lokalne\Historia 2014-04-05 11:55 - 2014-04-03 16:42 - 00000000 ___HD () C:\Documents and Settings\Gość\Ustawienia lokalne\Dane aplikacji 2014-04-05 11:55 - 2014-03-20 22:24 - 00000000 ____D () C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Opera Software 2014-04-05 11:55 - 2014-03-20 22:24 - 00000000 ____D () C:\Documents and Settings\Dom\Dane aplikacji\Opera Software 2014-04-05 11:55 - 2014-03-20 22:23 - 00000000 ____D () C:\Program Files\Opera 2014-04-05 11:55 - 2013-12-30 15:12 - 00000000 ___SD () C:\Documents and Settings\Dom\GG dysk 2014-04-05 11:55 - 2013-12-30 13:39 - 00000000 ____D () C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\GG 2014-04-05 11:55 - 2013-11-21 13:45 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit 2014-04-05 11:55 - 2004-08-04 02:43 - 00000000 __SHD () C:\Documents and Settings\Dom\Dane aplikacji\dssvjgdu 2014-04-05 11:54 - 2014-04-03 19:43 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\CCleaner 2014-04-05 11:54 - 2014-04-03 16:42 - 00000000 __RHD () C:\Documents and Settings\Gość\Dane aplikacji 2014-04-05 11:54 - 2014-04-03 16:42 - 00000000 ___RD () C:\Documents and Settings\Gość\Ulubione 2014-04-05 11:54 - 2014-04-03 16:42 - 00000000 ___HD () C:\Documents and Settings\Gość\Szablony 2014-04-05 11:54 - 2014-04-03 16:42 - 00000000 ____D () C:\Documents and Settings\Gość 2014-04-05 11:54 - 2013-12-24 12:55 - 00000000 ____D () C:\Counter-Strike Source 2014-04-05 11:54 - 2013-12-14 23:36 - 00000000 ____D () C:\Documents and Settings\Dom\Pulpit\Klaudia 2014-04-05 11:54 - 2013-11-21 12:58 - 00000000 ___RD () C:\Documents and Settings\Dom\Menu Start\Programy 2014-04-05 11:54 - 2013-11-21 12:58 - 00000000 ____D () C:\Documents and Settings\Dom\Pulpit 2014-04-05 11:53 - 2014-04-04 11:52 - 00000000 ____D () C:\Documents and Settings\Gość\Dane aplikacji\Mozilla 2014-04-05 11:53 - 2014-02-26 14:17 - 00000000 ____D () C:\Program Files\WinZipper 2014-04-05 11:53 - 2013-12-30 13:27 - 00000000 ____D () C:\Program Files\BonanzaDeals 2014-04-05 11:50 - 2014-02-26 14:17 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\IePluginService 2014-04-05 11:31 - 2013-11-21 12:53 - 00000000 ____D () C:\WINDOWS\system32\Restore 2014-04-04 13:06 - 2014-04-04 13:06 - 00000069 _____ () C:\Documents and Settings\Gość\Ustawienia lokalne\Dane aplikacji\FASTWiz.log 2014-04-04 12:24 - 2013-11-21 14:16 - 00000000 ____D () C:\WINDOWS\Microsoft.NET 2014-04-04 11:52 - 2014-04-04 11:52 - 00000000 ____D () C:\Documents and Settings\Gość\Ustawienia lokalne\Dane aplikacji\Mozilla 2014-04-04 11:49 - 2014-04-04 11:49 - 00000000 ____D () C:\Documents and Settings\Gość\Dane aplikacji\Macromedia 2014-04-03 20:27 - 2013-11-21 13:44 - 00103032 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-04-03 20:25 - 2013-11-21 14:01 - 00692104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2014-04-03 20:25 - 2013-11-21 14:01 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2014-04-03 20:19 - 2014-04-03 20:19 - 00000730 _____ () C:\Documents and Settings\All Users\Menu Start\Programy\Mozilla Firefox.lnk 2014-04-03 20:19 - 2014-04-03 20:19 - 00000724 _____ () C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk 2014-04-03 20:14 - 2013-11-21 13:57 - 00015456 _____ () C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT 2014-04-03 20:08 - 2013-11-21 12:52 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy\Gry 2014-04-03 19:59 - 2013-12-23 20:51 - 00000000 ____D () C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Mobogenie 2014-04-03 19:53 - 2001-07-22 02:16 - 00000677 _____ () C:\WINDOWS\win.ini 2014-04-03 19:49 - 2013-12-23 20:50 - 00000000 ____D () C:\Documents and Settings\Dom\Dane aplikacji\aartemis 2014-04-03 19:46 - 2014-02-06 19:44 - 00001819 _____ () C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk 2014-04-03 19:46 - 2013-11-21 12:58 - 00000767 _____ () C:\Documents and Settings\Dom\Menu Start\Programy\Internet Explorer.lnk 2014-04-03 19:37 - 2014-02-06 17:37 - 00000000 ____D () C:\Documents and Settings\Dom\.gimp-2.8 2014-04-03 19:26 - 2013-11-27 22:39 - 00015872 _____ () C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-04-03 17:46 - 2014-03-01 11:07 - 00002267 _____ () C:\Documents and Settings\All Users\Pulpit\Skype.lnk 2014-04-03 16:55 - 2013-11-21 13:44 - 00000000 __RHD () C:\Documents and Settings\All Users\Dane aplikacji 2014-04-03 16:45 - 2014-04-03 16:45 - 00000000 ____D () C:\Documents and Settings\Gość\Ustawienia lokalne\Dane aplikacji\Google 2014-04-03 16:43 - 2014-04-03 16:43 - 00000000 ____D () C:\Documents and Settings\Gość\Ustawienia lokalne\Dane aplikacji\Opera Software 2014-04-03 16:42 - 2014-04-03 16:42 - 00000792 _____ () C:\Documents and Settings\Gość\Menu Start\Programy\Windows Media Player.lnk 2014-04-03 16:42 - 2014-04-03 16:42 - 00000767 _____ () C:\Documents and Settings\Gość\Menu Start\Programy\Internet Explorer.lnk 2014-04-03 16:42 - 2014-04-03 16:42 - 00000738 _____ () C:\Documents and Settings\Gość\Menu Start\Programy\Outlook Express.lnk 2014-04-03 16:42 - 2014-04-03 16:42 - 00000020 ___SH () C:\Documents and Settings\Gość\ntuser.ini 2014-04-03 16:42 - 2014-04-03 16:42 - 00000000 ____D () C:\Documents and Settings\Gość\Dane aplikacji\Opera Software 2014-03-31 17:36 - 2013-11-21 12:58 - 00000000 ___RD () C:\Documents and Settings\Dom\Moje dokumenty\Moje obrazy 2014-03-30 10:37 - 2013-11-21 13:45 - 00984778 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2014-03-30 10:37 - 2001-10-26 20:15 - 00448348 _____ () C:\WINDOWS\system32\perfh015.dat 2014-03-30 10:37 - 2001-10-26 20:15 - 00074450 _____ () C:\WINDOWS\system32\perfc015.dat 2014-03-27 16:34 - 2014-03-27 15:48 - 00000000 ____D () C:\Program Files\PhotoScape 2014-03-27 16:01 - 2014-03-27 15:48 - 00005120 ____H () C:\Documents and Settings\Dom\Moje dokumenty\photothumb.db 2014-03-27 15:48 - 2014-03-27 15:48 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\PhotoScape 2014-03-27 12:00 - 2013-12-23 20:51 - 00000000 ____D () C:\Documents and Settings\Dom\Dane aplikacji\newnext.me 2014-03-27 11:59 - 2014-03-15 13:43 - 00000000 ____D () C:\Program Files\Movies Toolbar 2014-03-27 11:55 - 2014-03-15 13:43 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Datamngr 2014-03-26 12:09 - 2014-01-08 19:09 - 00000174 _____ () C:\Documents and Settings\NetworkService\Dane aplikacji\WB.CFG 2014-03-22 12:38 - 2014-03-22 12:38 - 00055232 _____ (StdLib) C:\WINDOWS\system32\Drivers\tStLib.sys 2014-03-21 20:12 - 2014-01-30 23:38 - 00000000 ____D () C:\Documents and Settings\Dom\Dane aplikacji\Audacity 2014-03-20 22:24 - 2014-03-20 22:24 - 00000000 ____D () C:\Documents and Settings\Dom\Dane aplikacji\BANDISOFT 2014-03-20 18:31 - 2014-03-20 18:25 - 00000000 ____D () C:\293354ca68fd86f71cc3 2014-03-20 17:59 - 2013-12-23 20:51 - 00000000 ____D () C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\cache 2014-03-17 18:47 - 2014-03-17 18:47 - 00000000 __SHD () C:\found.000 2014-03-16 20:46 - 2014-03-16 20:46 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-03-16 20:46 - 2014-03-16 20:46 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Silverlight 2014-03-15 13:43 - 2014-03-15 13:43 - 00000000 ____D () C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\ilividmoviestoolbar181 2014-03-15 13:43 - 2014-03-15 13:43 - 00000000 ____D () C:\Documents and Settings\Dom\Dane aplikacji\ilividmoviestoolbar181 2014-03-15 13:43 - 2014-03-15 13:43 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Wincert 2014-03-15 13:42 - 2014-03-15 13:42 - 00000000 ____D () C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\iLivid 2014-03-09 12:59 - 2014-03-09 12:59 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\GG Files to move or delete: ==================== C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\Dyow\neoh.exe C:\Documents and Settings\Dom\patgeasukump.exe C:\Documents and Settings\Dom\veyknyva.exe C:\Windows\Tasks\At2.job Some content of TEMP: ==================== C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\45.tmp.exe C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\4E.tmp.exe C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\AB.tmp.exe C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\bdfilters.dll C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\DefaultTabSetup2.exe C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpntchv9.dll C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\ggdrive-menu.exe C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\ggdrive-overlay.exe C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\ICReinstall_FreeYouTubeDownloaderInstallerIC.exe C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\ICReinstall_gadu-gadu-10.exe C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\ICReinstall_Tux Paint 0.9.21c_isdmgr.exe C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\installstats.exe C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\setup_wm.exe C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\{987184A7-B325-474D-BC00-B8E559A7181E}.exe ==================== Bamital & volsnap Check ================= C:\WINDOWS\explorer.exe [2004-08-04 02:44] - [2008-04-14 23:51] - 1035264 ____A (Microsoft Corporation) c791ed9eac5e76d9525e157b1d7a599a C:\WINDOWS\system32\winlogon.exe [2004-08-04 02:44] - [2008-04-14 23:51] - 0510464 ____A (Microsoft Corporation) 51fd2e13d723857b9ca239ae77150f48 C:\WINDOWS\system32\svchost.exe [2004-08-04 02:44] - [2008-04-14 23:51] - 0014336 ____A (Microsoft Corporation) 8607d35d92528e2df386f19a960d23ce C:\WINDOWS\system32\services.exe [2004-08-04 02:44] - [2008-04-14 23:51] - 0109056 ____A (Microsoft Corporation) 3e3ae424e27c4cefe4cab368c7b570ea C:\WINDOWS\system32\User32.dll [2006-08-10 15:50] - [2008-04-14 23:50] - 0580096 ____A (Microsoft Corporation) a435c5c069afd901751ac323ad238793 C:\WINDOWS\system32\userinit.exe [2004-08-04 02:44] - [2008-04-14 23:51] - 0026624 ____A (Microsoft Corporation) 2a5b37d520508be6570a3ea79695f5b5 C:\WINDOWS\system32\rpcss.dll [2006-08-10 15:54] - [2008-04-14 23:50] - 0399360 ____A (Microsoft Corporation) 02396dab9dd407b06539981f477f3fec ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected. C:\WINDOWS\system32\Drivers\volsnap.sys [2004-08-04 02:36] - [2008-04-14 22:31] - 0052864 ____A (Microsoft Corporation) 56b191ac5fc0df219949c95a6c87afe7 ==================== End Of Log ============================