Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:14-05-2014 Ran by aig (administrator) on LAPTOP on 15-05-2014 15:38:41 Running from C:\Documents and Settings\aig\Pulpit Platform: Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polish Internet Explorer Version 8 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [DAEMON Tools-1033] => C:\Program Files\D-Tools\daemon.exe [81920 2004-08-22] (DAEMON'S HOME) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704 2014-05-05] (AVAST Software) HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k HKU\S-1-5-21-515967899-884357618-1801674531-1003\...\MountPoints2: {c6811caa-4c43-11e2-9aa4-806d6172696f} - H:\Setup.exe ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si=41460&tid=2938&ts=1365702774843&tguid=41460-2938-1365702752828-699181&st=chrome&q= HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.search.ask.com/?tpid=SGT-V7&o=APN11004&pf=V7&trgb=FF&p2=%5EB3Q%5EYYYYYY%5EYY%5EPL&gct=hp&apn_ptnrs=%5EB3Q&apn_dtid=%5EYYYYYY%5EYY%5EPL&apn_dbr=ff_26.0&apn_uid=37266DA6-22D0-4A9C-958F-0754EAE0FC28&itbv=12.9.1.2923&doi=2013-12-18&psv= HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=Hitachi_HTS543232L9A300_091220FB2406CEJT23ECX&ts=1356181653 HKCU\Software\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certified-toolbar.com?si=41460&st=home&tid=2938&ts=1365702774843&tguid=41460-2938-1365702752828-699181 HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si=41460&tid=2938&ts=1365702774843&tguid=41460-2938-1365702752828-699181&st=chrome&q= HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si=41460&tid=2938&ts=1365702774843&tguid=41460-2938-1365702752828-699181&st=chrome&q= HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=Hitachi_HTS543232L9A300_091220FB2406CEJT23ECX&ts=1356181653 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si=41460&tid=2938&ts=1365702774843&tguid=41460-2938-1365702752828-699181&st=chrome&q= HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si=41460&tid=2938&ts=1365702774843&tguid=41460-2938-1365702752828-699181&st=chrome&q= HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.certified-toolbar.com?si=41460&st=home&tid=2938&ts=1365702774843&tguid=41460-2938-1365702752828-699181 HKLM\Software\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certified-toolbar.com?si=41460&st=home&tid=2938&ts=1365702774843&tguid=41460-2938-1365702752828-699181 HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si=41460&tid=2938&ts=1365702774843&tguid=41460-2938-1365702752828-699181&st=chrome&q= URLSearchHook: HKCU - (No Name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - No File SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.certified-toolbar.com?si=41460&st=bs&tid=2938&ts=1365702774843&tguid=41460-2938-1365702752828-699181&q={searchTerms} SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.certified-toolbar.com?si=41460&st=bs&tid=2938&ts=1365702774843&tguid=41460-2938-1365702752828-699181&q={searchTerms} SearchScopes: HKLM - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = http://startsear.ch/?aff=1&src=sp&cf=0b2bf066-8bcc-11e1-a4c7-1c4bd6586396&q={searchTerms} SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.certified-toolbar.com?si=41460&st=bs&tid=2938&ts=1365702774843&tguid=41460-2938-1365702752828-699181&q={searchTerms} SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.v9.com/web/?q={searchTerms} SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.delta-search.com/?q={searchTerms}&affID=122139&tt=gc_&babsrc=SP_ss&mntrId=246A1C4BD6586396 SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=crm&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=FD1B2BF4-0E36-419C-BE48-8D7EF66DF674&apn_sauid=2E0EEC71-13EF-4FFB-AF6A-14581FA3449C SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.certified-toolbar.com?si=41460&st=bs&tid=2938&ts=1365702774843&tguid=41460-2938-1365702752828-699181&q={searchTerms} SearchScopes: HKCU - {3CD03829-85F3-4008-A5BA-6469020CA1EE} URL = http://mystart.incredibar.com/mb119/?search={searchTerms}&loc=IB_DS&a=6PQtiBwmMa&i=26 SearchScopes: HKCU - {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = http://www.daemon-search.com/search/web?q={searchTerms} SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.v9.com/web/?q={searchTerms} SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = http://startsear.ch/?aff=1&src=sp&cf=0b2bf066-8bcc-11e1-a4c7-1c4bd6586396&q={searchTerms} BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File Toolbar: HKCU - No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Documents and Settings\aig\Dane aplikacji\Mozilla\Firefox\Profiles\fxn63xjp.default FF user.js: detected! => C:\Documents and Settings\aig\Dane aplikacji\Mozilla\Firefox\Profiles\fxn63xjp.default\user.js FF SearchEngineOrder.1: Ask Search FF Homepage: hxxp://www.wp.pl/ FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll () FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Documents and Settings\aig\Ustawienia lokalne\Dane aplikacji\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Documents and Settings\aig\Dane aplikacji\Mozilla\Firefox\Profiles\fxn63xjp.default\searchplugins\ask-search.xml FF SearchPlugin: C:\Documents and Settings\aig\Dane aplikacji\Mozilla\Firefox\Profiles\fxn63xjp.default\searchplugins\askcom.xml FF SearchPlugin: C:\Documents and Settings\aig\Dane aplikacji\Mozilla\Firefox\Profiles\fxn63xjp.default\searchplugins\babylon.xml FF SearchPlugin: C:\Documents and Settings\aig\Dane aplikacji\Mozilla\Firefox\Profiles\fxn63xjp.default\searchplugins\BrowserProtect.xml FF SearchPlugin: C:\Documents and Settings\aig\Dane aplikacji\Mozilla\Firefox\Profiles\fxn63xjp.default\searchplugins\conduit.xml FF SearchPlugin: C:\Documents and Settings\aig\Dane aplikacji\Mozilla\Firefox\Profiles\fxn63xjp.default\searchplugins\daemon-search.xml FF SearchPlugin: C:\Documents and Settings\aig\Dane aplikacji\Mozilla\Firefox\Profiles\fxn63xjp.default\searchplugins\delta.xml FF SearchPlugin: C:\Documents and Settings\aig\Dane aplikacji\Mozilla\Firefox\Profiles\fxn63xjp.default\searchplugins\Funmoods.xml FF SearchPlugin: C:\Documents and Settings\aig\Dane aplikacji\Mozilla\Firefox\Profiles\fxn63xjp.default\searchplugins\MyStart Search.xml FF SearchPlugin: C:\Documents and Settings\aig\Dane aplikacji\Mozilla\Firefox\Profiles\fxn63xjp.default\searchplugins\startsear.xml FF SearchPlugin: C:\Documents and Settings\aig\Dane aplikacji\Mozilla\Firefox\Profiles\fxn63xjp.default\searchplugins\SweetIM Search.xml FF SearchPlugin: C:\Documents and Settings\aig\Dane aplikacji\Mozilla\Firefox\Profiles\fxn63xjp.default\searchplugins\Web Search.xml FF SearchPlugin: C:\Documents and Settings\aig\Dane aplikacji\Mozilla\Firefox\Profiles\fxn63xjp.default\searchplugins\web-search.xml FF Extension: Conduit Engine - C:\Documents and Settings\aig\Dane aplikacji\Mozilla\Firefox\Profiles\fxn63xjp.default\Extensions\engine@conduit.com [2011-07-23] FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\aig\Dane aplikacji\Mozilla\Firefox\Profiles\fxn63xjp.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011-09-10] FF Extension: FTdownloader 2 - C:\Documents and Settings\aig\Dane aplikacji\Mozilla\Firefox\Profiles\fxn63xjp.default\Extensions\ftdownloader2@ftdownloader.com.xpi [2013-02-11] FF Extension: FTdownloader V3.0 - C:\Documents and Settings\aig\Dane aplikacji\Mozilla\Firefox\Profiles\fxn63xjp.default\Extensions\ftdownloader3@ftdownloader.com.xpi [2013-04-11] FF Extension: DealPly - C:\Documents and Settings\aig\Dane aplikacji\Mozilla\Firefox\Profiles\fxn63xjp.default\Extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}.xpi [2012-04-22] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-06-28] Chrome: ======= CHR HomePage: hxxp://www.google.com/ CHR StartupUrls: "hxxp://www.google.com/", "hxxp://poczta.wp.pl/d692/indexgwt.html#start" CHR Plugin: (Widevine Content Decryption Module) - C:\Documents and Settings\aig\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\WidevineCDM\1.4.2.464\_platform_specific\win_x86\widevinecdmadapter.dll () CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\34.0.1847.131\pdf.dll () CHR Plugin: (Microsoft Office 2003) - C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL (Microsoft Corporation) CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation) CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.)) CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation) CHR Plugin: (Facebook Video Calling Plugin) - C:\Documents and Settings\aig\Ustawienia lokalne\Dane aplikacji\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll No File CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) CHR Plugin: (Java(TM) Platform SE 7 U45) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) CHR Plugin: (VLC Web Plugin) - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) CHR Plugin: (Windows Presentation Foundation) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) CHR Plugin: (Shockwave for Director) - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_206.dll No File CHR Extension: (Angry Birds) - C:\Documents and Settings\aig\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-04-30] CHR Extension: (Dysk Google) - C:\Documents and Settings\aig\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-22] CHR Extension: (YouTube) - C:\Documents and Settings\aig\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-22] CHR Extension: (Szukaj w Google) - C:\Documents and Settings\aig\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-22] CHR Extension: (Google Wallet) - C:\Documents and Settings\aig\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-22] CHR Extension: (Picasa) - C:\Documents and Settings\aig\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2014-04-30] CHR Extension: (Weather Underground) - C:\Documents and Settings\aig\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjejbgheonogbpfkkjigbmahaljipoej [2014-04-30] CHR Extension: (Gmail) - C:\Documents and Settings\aig\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-22] CHR HKLM\...\Chrome\Extension: [bbffdhejhaoiflnpooogkckfdcmmjppn] - C:\Program Files\FTDownloader.com\FTDownloader10.crx [2014-04-22] CHR HKLM\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - C:\DOCUME~1\aig\USTAWI~1\Temp\crxF5.tmp [2011-07-23] CHR HKLM\...\Chrome\Extension: [bpeeepmahhfjiediknjejcmcfmjcjdck] - C:\Documents and Settings\aig\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\serach.crx [2011-07-23] CHR HKLM\...\Chrome\Extension: [dkdkpmmkgdbglmfmmmmehbkmnkopingb] - C:\Documents and Settings\aig\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\v9-toolbar.crx [2011-07-23] CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-05-05] CHR HKLM\...\Chrome\Extension: [hjakmojkcnhgipgkkbiempkfdndcnlah] - C:\Documents and Settings\All Users\Dane aplikacji\TheBflix\hjakmojkcnhgipgkkbiempkfdndcnlah.crx [2012-04-03] CHR HKLM\...\Chrome\Extension: [mbcjjdjanpccmehilicphhmeobiljcpk] - C:\Program Files\FTDownloader.com\FTDownloader10.crx [2012-04-03] CHR HKLM\...\Chrome\Extension: [nbmafkdmkkckhggblphicnnhlgljnoje] - C:\Program Files\TornTV.com\torn2_10.crx [2012-04-03] ========================== Services (Whitelisted) ================= R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-05] (AVAST Software) S4 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [86016 2013-12-28] (Dassault Systèmes) S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1044816 2014-04-21] (Flexera Software, Inc.) R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-12-31] (Oracle Corporation) ==================== Drivers (Whitelisted) ==================== S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative) S3 AmUStor; C:\WINDOWS\System32\drivers\AmUStor.SYS [27136 2009-08-21] (Alcor Micro, Corp.) R3 AR5416; C:\WINDOWS\System32\DRIVERS\athw.sys [1570240 2009-06-03] (Atheros Communications, Inc.) R2 Aspi32; C:\WINDOWS\system32\Drivers\Aspi32.sys [23936 1997-12-22] (Adaptec) R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-05-05] () R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-05-05] (AVAST Software) R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [54832 2014-05-15] (AVAST Software) R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-05-05] () R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [777488 2014-05-15] (AVAST Software) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [411680 2014-05-15] (AVAST Software) R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57672 2014-05-05] (AVAST Software) R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [180632 2014-05-05] () S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation) S4 d347bus; C:\WINDOWS\System32\DRIVERS\d347bus.sys [155136 2004-08-22] ( ) S4 d347prt; C:\WINDOWS\System32\Drivers\d347prt.sys [5248 2004-08-22] ( ) S3 hamachi; C:\WINDOWS\System32\DRIVERS\hamachi.sys [26176 2010-02-03] (LogMeIn, Inc.) S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.) S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15232 2008-04-13] (Microsoft Corporation) R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] () S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation) R3 NVHDA; C:\WINDOWS\System32\drivers\nvhda32.sys [55840 2009-05-01] (NVIDIA Corporation) R3 SNP2UVC; C:\WINDOWS\System32\DRIVERS\snp2uvc.sys [1759872 2009-07-17] () R1 tStLibG; C:\WINDOWS\System32\drivers\tStLibG.sys [55232 2014-04-21] (StdLib) S4 TTUSB2BDA; C:\WINDOWS\System32\DRIVERS\ttusb2bda.sys [478464 2007-08-09] (TechnoTrend AG) S4 IntelIde; No ImagePath S3 IRENUM; system32\DRIVERS\irenum.sys [X] S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys [X] U1 WS2IFSL; ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-05-15 15:38 - 2014-05-15 15:39 - 00021335 _____ () C:\Documents and Settings\aig\Pulpit\FRST.txt 2014-05-15 15:38 - 2014-05-15 15:38 - 01056256 _____ (Farbar) C:\Documents and Settings\aig\Pulpit\FRST.exe 2014-05-15 15:38 - 2014-05-15 15:38 - 00000000 ____D () C:\FRST 2014-05-15 15:22 - 2014-05-15 15:22 - 00000000 ____D () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google 2014-05-15 15:21 - 2014-05-15 15:30 - 00000188 ___SH () C:\Documents and Settings\Administrator\ntuser.ini 2014-05-15 15:21 - 2014-05-15 15:22 - 00000000 ___HD () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji 2014-05-15 15:21 - 2014-05-15 15:21 - 00001116 __RSH () C:\Documents and Settings\Administrator\ntuser.pol 2014-05-15 15:21 - 2014-05-15 15:21 - 00000000 ____D () C:\WINDOWS\CSC 2014-05-15 15:21 - 2014-05-15 15:21 - 00000000 ____D () C:\Documents and Settings\Administrator 2014-05-15 15:21 - 2013-12-17 20:56 - 00000000 __RHD () C:\Documents and Settings\Administrator\Dane aplikacji 2014-05-15 15:21 - 2013-05-29 07:21 - 00000000 ___RD () C:\Documents and Settings\Administrator\Menu Start\Programy 2014-05-15 15:21 - 2012-12-30 13:14 - 00000000 ____D () C:\Documents and Settings\Administrator\Pulpit 2014-05-15 15:21 - 2010-03-03 17:13 - 00000000 ___RD () C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart 2014-05-15 15:21 - 2010-03-03 17:13 - 00000000 ___RD () C:\Documents and Settings\Administrator\Menu Start 2014-05-15 15:21 - 2010-03-03 17:13 - 00000000 ___HD () C:\Documents and Settings\Administrator\Ustawienia lokalne 2014-05-15 15:21 - 2010-03-03 17:13 - 00000000 ____D () C:\Documents and Settings\Administrator\Ulubione 2014-05-15 15:21 - 2010-03-03 17:13 - 00000000 ____D () C:\Documents and Settings\Administrator\Moje dokumenty 2014-05-15 15:21 - 2010-03-03 16:24 - 00001599 _____ () C:\Documents and Settings\Administrator\Menu Start\Programy\Pomoc zdalna.lnk 2014-05-15 15:21 - 2010-03-03 16:24 - 00000000 __SHD () C:\Documents and Settings\Administrator\Ustawienia lokalne\Historia 2014-05-15 15:21 - 2010-03-03 16:24 - 00000000 __SHD () C:\Documents and Settings\Administrator\IETldCache 2014-05-15 15:21 - 2010-03-03 16:24 - 00000000 ___RD () C:\Documents and Settings\Administrator\Menu Start\Programy\Akcesoria 2014-05-15 15:21 - 2010-03-03 16:23 - 00000788 _____ () C:\Documents and Settings\Administrator\Menu Start\Programy\Windows Media Player.lnk 2014-05-15 15:21 - 2010-03-03 16:20 - 00000000 ___HD () C:\Documents and Settings\Administrator\Szablony 2014-05-15 07:58 - 2014-05-15 07:58 - 01500734 _____ () C:\Documents and Settings\aig\Pulpit\OTL.Txt 2014-05-15 07:58 - 2014-05-15 07:58 - 00045676 _____ () C:\Documents and Settings\aig\Pulpit\Extras.Txt 2014-05-15 04:59 - 2014-05-15 04:59 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\aig\Pulpit\OTL.exe 2014-05-15 04:57 - 2014-05-15 04:57 - 00090112 _____ () C:\WINDOWS\Minidump\Mini051514-01.dmp 2014-05-14 16:11 - 2014-05-14 16:11 - 00090112 _____ () C:\WINDOWS\Minidump\Mini051414-01.dmp 2014-05-14 01:19 - 2014-05-14 01:19 - 00000851 _____ () C:\Documents and Settings\All Users\Menu Start\Programy\CWK.lnk 2014-05-14 01:19 - 2014-05-14 01:19 - 00000845 _____ () C:\Documents and Settings\All Users\Pulpit\CWK.lnk 2014-05-14 01:19 - 2014-05-14 01:19 - 00000000 ____D () C:\Program Files\Damian Pasternak 2014-05-13 15:04 - 2014-05-13 15:04 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-05-13 13:43 - 2014-05-13 13:43 - 27686071 _____ ( ) C:\Documents and Settings\aig\Downloads\k-lite_codec_pack_1045_full.exe 2014-05-13 13:43 - 2014-05-13 13:43 - 00000366 _____ () C:\WINDOWS\Tasks\WOT WWED1.job 2014-05-13 13:43 - 2014-05-13 13:43 - 00000366 _____ () C:\WINDOWS\Tasks\WOT WW2.job 2014-05-13 13:43 - 2014-05-13 13:43 - 00000366 _____ () C:\WINDOWS\Tasks\WOT WW1.job 2014-05-13 13:43 - 2014-05-13 13:43 - 00000366 _____ () C:\WINDOWS\Tasks\WOT WTUE1.job 2014-05-13 13:43 - 2014-05-13 13:43 - 00000366 _____ () C:\WINDOWS\Tasks\WOT WTHUR1.job 2014-05-13 13:43 - 2014-05-13 13:43 - 00000366 _____ () C:\WINDOWS\Tasks\WOT WMON1.job 2014-05-13 13:43 - 2014-05-13 13:43 - 00000366 _____ () C:\WINDOWS\Tasks\WOT WFRI1.job 2014-05-13 13:43 - 2014-05-13 13:43 - 00000366 _____ () C:\WINDOWS\Tasks\WOT W2.job 2014-05-13 13:43 - 2014-05-13 13:43 - 00000366 _____ () C:\WINDOWS\Tasks\WOT W1.job 2014-05-13 13:43 - 2014-05-13 13:43 - 00000000 ____D () C:\Documents and Settings\aig\Dane aplikacji\WorldofTanks 2014-05-13 13:39 - 2014-05-13 13:39 - 00090112 _____ () C:\WINDOWS\Minidump\Mini051314-02.dmp 2014-05-13 11:01 - 2014-05-13 14:13 - 00000000 ____D () C:\Documents and Settings\aig\Ustawienia lokalne\Dane aplikacji\OpenFM 2014-05-13 11:01 - 2014-05-13 11:01 - 00001130 _____ () C:\Documents and Settings\aig\Menu Start\Programy\GG.lnk 2014-05-13 11:01 - 2014-05-13 11:01 - 00001124 _____ () C:\Documents and Settings\aig\Pulpit\GG.lnk 2014-05-13 08:28 - 2014-05-13 08:28 - 00090112 _____ () C:\WINDOWS\Minidump\Mini051314-01.dmp 2014-05-08 15:32 - 2014-05-08 15:32 - 00090112 _____ () C:\WINDOWS\Minidump\Mini050814-01.dmp 2014-05-06 22:10 - 2014-05-06 22:10 - 00090112 _____ () C:\WINDOWS\Minidump\Mini050614-01.dmp 2014-05-05 18:59 - 2014-05-05 18:59 - 00000759 _____ () C:\Documents and Settings\All Users\Pulpit\Picasa 3.lnk 2014-05-05 18:55 - 2014-05-05 18:55 - 00007008 _____ () C:\WINDOWS\KB952011.log 2014-05-05 18:55 - 2014-05-05 18:55 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB952011$ 2014-05-05 18:55 - 2014-05-05 18:55 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Picasa 3 2014-05-05 18:37 - 2014-05-05 19:49 - 00000000 ____D () C:\Documents and Settings\aig\Pulpit\na bloga 2014-05-05 09:29 - 2014-05-05 09:29 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr 2014-05-05 09:29 - 2014-05-05 09:29 - 00024184 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys 2014-05-05 09:29 - 2014-05-05 09:29 - 00001733 _____ () C:\Documents and Settings\All Users\Pulpit\avast! Free Antivirus.lnk 2014-05-05 03:00 - 2014-05-05 03:00 - 00009199 _____ () C:\WINDOWS\KB2964358-IE8.log 2014-04-30 08:53 - 2014-04-30 08:53 - 00001819 _____ () C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk 2014-04-30 08:53 - 2014-04-30 08:53 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Google Chrome 2014-04-30 08:52 - 2014-05-15 15:31 - 00001026 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-04-30 08:52 - 2014-05-15 15:02 - 00001030 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-04-30 08:06 - 2014-04-30 08:06 - 00000724 _____ () C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk 2014-04-26 21:53 - 2014-04-26 21:53 - 00023292 ____N () C:\Documents and Settings\aig\Moje dokumenty\E--dok. powykonawcz RED PARK-18-21 PPW_D_M_elewacje_04.tif 2014-04-26 21:45 - 2014-04-26 21:45 - 00000706 _____ () C:\Documents and Settings\All Users\Pulpit\PDFCreator.lnk 2014-04-26 21:45 - 2014-04-26 21:45 - 00000000 ____D () C:\Program Files\PDFCreator 2014-04-26 21:45 - 2014-04-26 21:45 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\PDFCreator 2014-04-26 21:45 - 2014-04-26 21:45 - 00000000 ____D () C:\Documents and Settings\aig\Dane aplikacji\pdfforge 2014-04-26 21:45 - 2014-04-25 17:44 - 00662288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSCOMCT2.OCX 2014-04-26 21:45 - 2014-04-25 17:44 - 00137000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMAPI32.OCX 2014-04-26 21:45 - 2014-04-25 17:44 - 00095416 _____ (pdfforge GmbH) C:\WINDOWS\system32\pdfcmon.dll 2014-04-26 21:45 - 2014-04-25 17:44 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPIDE.DLL 2014-04-24 21:12 - 2014-04-24 23:04 - 00000000 ____D () C:\Program Files\Aide PDF to DWG Converter 2014-04-24 13:54 - 2014-04-24 13:54 - 00000202 _____ () C:\Documents and Settings\aig\Moje dokumenty\acad.err 2014-04-23 00:07 - 2014-04-23 00:07 - 00090112 _____ () C:\WINDOWS\Minidump\Mini042314-01.dmp 2014-04-22 08:23 - 2014-05-11 13:46 - 00008371 _____ () C:\Documents and Settings\aig\Moje dokumenty\plot.log 2014-04-22 07:38 - 2014-04-29 02:47 - 00000000 ____D () C:\Documents and Settings\aig\Pulpit\zdjęcia telefon sluzbowy 2014-04-21 21:28 - 2014-04-21 21:28 - 00000000 ____D () C:\Documents and Settings\aig\Ustawienia lokalne\Dane aplikacji\CrashRpt 2014-04-21 21:19 - 2014-04-24 21:58 - 00002531 _____ () C:\Documents and Settings\All Users\Pulpit\DraftSight.lnk 2014-04-21 21:19 - 2014-04-21 21:19 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Dassault Systemes 2014-04-21 21:19 - 2014-04-21 21:19 - 00000000 ____D () C:\Documents and Settings\aig\Moje dokumenty\My Drawings 2014-04-21 21:18 - 2014-04-21 21:19 - 00000000 ____D () C:\Documents and Settings\aig\Dane aplikacji\DraftSight 2014-04-21 21:18 - 2014-04-21 21:18 - 00000000 ____D () C:\Program Files\Dassault Systemes 2014-04-21 21:18 - 2014-04-21 21:18 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Dassault Systemes 2014-04-21 21:13 - 2014-04-21 21:13 - 148932448 _____ (Microsoft Corporation) C:\Documents and Settings\aig\Downloads\DraftSight32.exe 2014-04-21 08:41 - 2014-05-11 17:29 - 00668120 _____ () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat 2014-04-21 08:04 - 2014-04-21 08:04 - 00055232 _____ (StdLib) C:\WINDOWS\system32\Drivers\tStLibG.sys 2014-04-21 08:04 - 2014-04-21 08:04 - 00000000 ___RD () C:\Documents and Settings\LocalService\Ulubione 2014-04-21 01:19 - 2014-04-21 01:22 - 00000000 ____D () C:\Documents and Settings\aig\Ustawienia lokalne\Dane aplikacji\Opera Software 2014-04-21 01:19 - 2014-04-21 01:22 - 00000000 ____D () C:\Documents and Settings\aig\Dane aplikacji\Opera Software 2014-04-21 01:16 - 2014-04-21 01:16 - 00090112 _____ () C:\WINDOWS\Minidump\Mini042114-01.dmp 2014-04-21 01:15 - 2014-04-21 01:22 - 00000000 ____D () C:\Program Files\Opera 2014-04-21 01:08 - 2014-04-21 01:30 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\FLEXnet 2014-04-21 00:43 - 2014-04-21 00:43 - 00000000 ____D () C:\Program Files\Common Files\Macrovision Shared 2014-04-21 00:42 - 2014-04-21 00:42 - 00001692 _____ () C:\Documents and Settings\All Users\Pulpit\AutoCAD 2010 - Polski.lnk 2014-04-21 00:42 - 2014-04-21 00:42 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Autodesk 2014-04-21 00:40 - 2014-04-24 08:52 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Autodesk 2014-04-21 00:40 - 2014-04-24 08:52 - 00000000 ____D () C:\Documents and Settings\aig\Dane aplikacji\Autodesk 2014-04-21 00:40 - 2014-04-21 21:03 - 00000000 ____D () C:\Program Files\AutoCAD 2010 2014-04-21 00:40 - 2014-04-21 00:46 - 00000000 ____D () C:\Program Files\Common Files\Autodesk Shared 2014-04-21 00:40 - 2014-04-21 00:40 - 00000000 ____D () C:\Documents and Settings\aig\Ustawienia lokalne\Dane aplikacji\Autodesk 2014-04-21 00:35 - 2014-04-21 00:35 - 00017674 _____ () C:\WINDOWS\KB942288-v3.log 2014-04-21 00:35 - 2014-04-21 00:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB942288-v3$ 2014-04-20 22:26 - 2014-04-20 22:26 - 00090112 _____ () C:\WINDOWS\Minidump\Mini042014-01.dmp 2014-04-19 21:10 - 2014-04-19 21:10 - 00173184 _____ () C:\Documents and Settings\aig\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat 2014-04-19 21:07 - 2014-04-19 21:08 - 00000000 ____D () C:\WINDOWS\XSxS 2014-04-19 21:07 - 2014-04-19 21:07 - 00000000 ____D () C:\Program Files\Xenocode 2014-04-19 21:07 - 2014-04-19 21:07 - 00000000 ____D () C:\Documents and Settings\aig\Ustawienia lokalne\Dane aplikacji\Xenocode 2014-04-19 19:10 - 2014-04-19 19:21 - 00000000 ____D () C:\Documents and Settings\aig\Pulpit\PULPIT ASI I GRZESIA 2014-04-15 16:21 - 2014-04-15 16:21 - 00090112 _____ () C:\WINDOWS\Minidump\Mini041514-01.dmp ==================== One Month Modified Files and Folders ======= 2014-05-15 15:39 - 2014-05-15 15:38 - 00021335 _____ () C:\Documents and Settings\aig\Pulpit\FRST.txt 2014-05-15 15:38 - 2014-05-15 15:38 - 01056256 _____ (Farbar) C:\Documents and Settings\aig\Pulpit\FRST.exe 2014-05-15 15:38 - 2014-05-15 15:38 - 00000000 ____D () C:\FRST 2014-05-15 15:38 - 2010-03-03 16:26 - 00000000 ____D () C:\Documents and Settings\aig\Pulpit 2014-05-15 15:36 - 2012-07-15 09:18 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job 2014-05-15 15:33 - 2010-03-03 16:22 - 01871279 _____ () C:\WINDOWS\WindowsUpdate.log 2014-05-15 15:32 - 2011-10-29 20:01 - 00000431 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.ics 2014-05-15 15:31 - 2014-04-30 08:52 - 00001026 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-05-15 15:31 - 2014-03-25 17:03 - 00000218 _____ () C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job 2014-05-15 15:31 - 2013-05-28 22:11 - 00000290 _____ () C:\WINDOWS\Tasks\Express FilesUpdate.job 2014-05-15 15:31 - 2010-03-03 17:16 - 00000159 _____ () C:\WINDOWS\wiadebug.log 2014-05-15 15:31 - 2010-03-03 17:16 - 00000050 _____ () C:\WINDOWS\wiaservc.log 2014-05-15 15:31 - 2010-03-03 16:25 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-05-15 15:30 - 2014-05-15 15:21 - 00000188 ___SH () C:\Documents and Settings\Administrator\ntuser.ini 2014-05-15 15:22 - 2014-05-15 15:22 - 00000000 ____D () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google 2014-05-15 15:22 - 2014-05-15 15:21 - 00000000 ___HD () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji 2014-05-15 15:21 - 2014-05-15 15:21 - 00001116 __RSH () C:\Documents and Settings\Administrator\ntuser.pol 2014-05-15 15:21 - 2014-05-15 15:21 - 00000000 ____D () C:\WINDOWS\CSC 2014-05-15 15:21 - 2014-05-15 15:21 - 00000000 ____D () C:\Documents and Settings\Administrator 2014-05-15 15:18 - 2010-03-03 16:26 - 00000188 ___SH () C:\Documents and Settings\aig\ntuser.ini 2014-05-15 15:18 - 2010-03-03 16:25 - 00032458 _____ () C:\WINDOWS\SchedLgU.Txt 2014-05-15 15:02 - 2014-04-30 08:52 - 00001030 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-05-15 14:30 - 2013-01-18 18:55 - 00000000 ____D () C:\Documents and Settings\aig\Dane aplikacji\GG 2014-05-15 14:26 - 2011-06-28 21:16 - 00777488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys 2014-05-15 14:26 - 2011-06-28 21:16 - 00411680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys 2014-05-15 14:26 - 2011-06-28 21:16 - 00054832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswrdr.sys 2014-05-15 14:24 - 2011-02-06 05:54 - 00646181 _____ () C:\WINDOWS\setupapi.log 2014-05-15 14:23 - 2012-10-13 13:28 - 00000930 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-05-15 07:58 - 2014-05-15 07:58 - 01500734 _____ () C:\Documents and Settings\aig\Pulpit\OTL.Txt 2014-05-15 07:58 - 2014-05-15 07:58 - 00045676 _____ () C:\Documents and Settings\aig\Pulpit\Extras.Txt 2014-05-15 04:59 - 2014-05-15 04:59 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\aig\Pulpit\OTL.exe 2014-05-15 04:57 - 2014-05-15 04:57 - 00090112 _____ () C:\WINDOWS\Minidump\Mini051514-01.dmp 2014-05-15 04:57 - 2010-06-25 17:35 - 00000000 ____D () C:\WINDOWS\Minidump 2014-05-15 04:35 - 2010-07-08 09:57 - 00001324 _____ () C:\WINDOWS\system32\d3d9caps.dat 2014-05-15 04:29 - 2013-12-13 00:13 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-05-15 04:28 - 2011-07-02 10:46 - 90547776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-05-15 00:18 - 2010-05-01 18:18 - 00124416 _____ () C:\Documents and Settings\aig\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-05-15 00:18 - 2010-04-03 16:15 - 00000000 ____D () C:\Program Files\SubEdit-Player 2014-05-15 00:18 - 2010-03-03 17:13 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit 2014-05-14 20:23 - 2012-08-17 12:02 - 00692400 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2014-05-14 20:23 - 2012-02-17 15:45 - 00070832 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2014-05-14 17:46 - 2009-08-15 08:38 - 00243584 _____ () C:\WINDOWS\system32\NvApps.xml 2014-05-14 16:11 - 2014-05-14 16:11 - 00090112 _____ () C:\WINDOWS\Minidump\Mini051414-01.dmp 2014-05-14 11:31 - 2010-03-03 16:26 - 00000000 ___RD () C:\Documents and Settings\aig\Moje dokumenty\Moja muzyka 2014-05-14 01:19 - 2014-05-14 01:19 - 00000851 _____ () C:\Documents and Settings\All Users\Menu Start\Programy\CWK.lnk 2014-05-14 01:19 - 2014-05-14 01:19 - 00000845 _____ () C:\Documents and Settings\All Users\Pulpit\CWK.lnk 2014-05-14 01:19 - 2014-05-14 01:19 - 00000000 ____D () C:\Program Files\Damian Pasternak 2014-05-14 01:19 - 2010-03-03 17:13 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy 2014-05-13 20:38 - 2012-05-29 06:53 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-05-13 15:04 - 2014-05-13 15:04 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-05-13 14:13 - 2014-05-13 11:01 - 00000000 ____D () C:\Documents and Settings\aig\Ustawienia lokalne\Dane aplikacji\OpenFM 2014-05-13 14:13 - 2010-03-03 16:26 - 00000000 ___RD () C:\Documents and Settings\aig\Menu Start\Programy 2014-05-13 13:44 - 2010-04-03 16:34 - 00000000 ____D () C:\Program Files\K-Lite Codec Pack 2014-05-13 13:43 - 2014-05-13 13:43 - 27686071 _____ ( ) C:\Documents and Settings\aig\Downloads\k-lite_codec_pack_1045_full.exe 2014-05-13 13:43 - 2014-05-13 13:43 - 00000366 _____ () C:\WINDOWS\Tasks\WOT WWED1.job 2014-05-13 13:43 - 2014-05-13 13:43 - 00000366 _____ () C:\WINDOWS\Tasks\WOT WW2.job 2014-05-13 13:43 - 2014-05-13 13:43 - 00000366 _____ () C:\WINDOWS\Tasks\WOT WW1.job 2014-05-13 13:43 - 2014-05-13 13:43 - 00000366 _____ () C:\WINDOWS\Tasks\WOT WTUE1.job 2014-05-13 13:43 - 2014-05-13 13:43 - 00000366 _____ () C:\WINDOWS\Tasks\WOT WTHUR1.job 2014-05-13 13:43 - 2014-05-13 13:43 - 00000366 _____ () C:\WINDOWS\Tasks\WOT WMON1.job 2014-05-13 13:43 - 2014-05-13 13:43 - 00000366 _____ () C:\WINDOWS\Tasks\WOT WFRI1.job 2014-05-13 13:43 - 2014-05-13 13:43 - 00000366 _____ () C:\WINDOWS\Tasks\WOT W2.job 2014-05-13 13:43 - 2014-05-13 13:43 - 00000366 _____ () C:\WINDOWS\Tasks\WOT W1.job 2014-05-13 13:43 - 2014-05-13 13:43 - 00000000 ____D () C:\Documents and Settings\aig\Dane aplikacji\WorldofTanks 2014-05-13 13:43 - 2010-03-03 16:26 - 00000000 __RHD () C:\Documents and Settings\aig\Dane aplikacji 2014-05-13 13:39 - 2014-05-13 13:39 - 00090112 _____ () C:\WINDOWS\Minidump\Mini051314-02.dmp 2014-05-13 11:05 - 2013-01-18 18:54 - 00000000 ____D () C:\Documents and Settings\aig\Ustawienia lokalne\Dane aplikacji\GG 2014-05-13 11:01 - 2014-05-13 11:01 - 00001130 _____ () C:\Documents and Settings\aig\Menu Start\Programy\GG.lnk 2014-05-13 11:01 - 2014-05-13 11:01 - 00001124 _____ () C:\Documents and Settings\aig\Pulpit\GG.lnk 2014-05-13 11:01 - 2010-03-03 16:26 - 00000000 ___HD () C:\Documents and Settings\aig\Ustawienia lokalne\Dane aplikacji 2014-05-13 08:28 - 2014-05-13 08:28 - 00090112 _____ () C:\WINDOWS\Minidump\Mini051314-01.dmp 2014-05-13 08:08 - 2008-04-15 14:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl 2014-05-12 23:31 - 2012-11-01 15:50 - 00000000 ____D () C:\Documents and Settings\aig\Dane aplikacji\vlc 2014-05-11 17:29 - 2014-04-21 08:41 - 00668120 _____ () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat 2014-05-11 17:29 - 2010-03-03 16:25 - 00000000 ___HD () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji 2014-05-11 13:46 - 2014-04-22 08:23 - 00008371 _____ () C:\Documents and Settings\aig\Moje dokumenty\plot.log 2014-05-11 13:27 - 2010-03-03 16:26 - 00000000 ___RD () C:\Documents and Settings\aig\Moje dokumenty 2014-05-08 15:32 - 2014-05-08 15:32 - 00090112 _____ () C:\WINDOWS\Minidump\Mini050814-01.dmp 2014-05-08 15:00 - 2014-03-25 17:03 - 00000212 _____ () C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — co miesiąc.job 2014-05-06 22:10 - 2014-05-06 22:10 - 00090112 _____ () C:\WINDOWS\Minidump\Mini050614-01.dmp 2014-05-05 19:49 - 2014-05-05 18:37 - 00000000 ____D () C:\Documents and Settings\aig\Pulpit\na bloga 2014-05-05 18:59 - 2014-05-05 18:59 - 00000759 _____ () C:\Documents and Settings\All Users\Pulpit\Picasa 3.lnk 2014-05-05 18:59 - 2012-02-17 15:12 - 00000000 ____D () C:\Documents and Settings\aig\Ustawienia lokalne\Dane aplikacji\Google 2014-05-05 18:55 - 2014-05-05 18:55 - 00007008 _____ () C:\WINDOWS\KB952011.log 2014-05-05 18:55 - 2014-05-05 18:55 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB952011$ 2014-05-05 18:55 - 2014-05-05 18:55 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Picasa 3 2014-05-05 18:55 - 2011-06-29 22:36 - 01225680 _____ () C:\WINDOWS\iis6.log 2014-05-05 18:55 - 2011-06-29 22:36 - 01131455 _____ () C:\WINDOWS\FaxSetup.log 2014-05-05 18:55 - 2011-06-29 22:36 - 00615063 _____ () C:\WINDOWS\ocgen.log 2014-05-05 18:55 - 2011-06-29 22:36 - 00517723 _____ () C:\WINDOWS\tsoc.log 2014-05-05 18:55 - 2011-06-29 22:36 - 00380178 _____ () C:\WINDOWS\comsetup.log 2014-05-05 18:55 - 2011-06-29 22:36 - 00353620 _____ () C:\WINDOWS\msmqinst.log 2014-05-05 18:55 - 2011-06-29 22:36 - 00230012 _____ () C:\WINDOWS\ntdtcsetup.log 2014-05-05 18:55 - 2011-06-29 22:36 - 00198189 _____ () C:\WINDOWS\netfxocm.log 2014-05-05 18:55 - 2011-06-29 22:36 - 00077775 _____ () C:\WINDOWS\MedCtrOC.log 2014-05-05 18:55 - 2011-06-29 22:36 - 00070638 _____ () C:\WINDOWS\ocmsn.log 2014-05-05 18:55 - 2011-06-29 22:36 - 00058377 _____ () C:\WINDOWS\tabletoc.log 2014-05-05 18:55 - 2011-06-29 22:36 - 00055449 _____ () C:\WINDOWS\msgsocm.log 2014-05-05 18:55 - 2011-06-29 22:36 - 00001355 _____ () C:\WINDOWS\imsins.log 2014-05-05 18:54 - 2013-04-20 15:45 - 00000000 ____D () C:\Program Files\Google 2014-05-05 09:29 - 2014-05-05 09:29 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr 2014-05-05 09:29 - 2014-05-05 09:29 - 00024184 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys 2014-05-05 09:29 - 2014-05-05 09:29 - 00001733 _____ () C:\Documents and Settings\All Users\Pulpit\avast! Free Antivirus.lnk 2014-05-05 09:29 - 2013-04-20 15:45 - 00180632 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys 2014-05-05 09:29 - 2013-04-20 15:45 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2014-05-05 09:29 - 2013-04-20 15:45 - 00049944 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys 2014-05-05 09:29 - 2011-06-28 21:16 - 00776976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys.1400156783953 2014-05-05 09:29 - 2011-06-28 21:16 - 00057672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys 2014-05-05 09:29 - 2011-06-28 21:16 - 00054832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswrdr.sys.1400156783953 2014-05-05 09:29 - 2011-06-28 21:15 - 00271264 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2014-05-05 03:00 - 2014-05-05 03:00 - 00009199 _____ () C:\WINDOWS\KB2964358-IE8.log 2014-05-05 03:00 - 2011-06-30 23:35 - 00000000 ____D () C:\WINDOWS\ie8updates 2014-05-05 03:00 - 2011-06-30 23:34 - 00055413 _____ () C:\WINDOWS\updspapi.log 2014-05-05 03:00 - 2011-06-29 22:36 - 00001355 _____ () C:\WINDOWS\imsins.BAK 2014-04-30 10:12 - 2011-06-30 10:57 - 06022144 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtml.dll 2014-04-30 10:12 - 2009-06-30 21:54 - 06022144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-04-30 08:53 - 2014-04-30 08:53 - 00001819 _____ () C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk 2014-04-30 08:53 - 2014-04-30 08:53 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Google Chrome 2014-04-30 08:06 - 2014-04-30 08:06 - 00000724 _____ () C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk 2014-04-29 02:47 - 2014-04-22 07:38 - 00000000 ____D () C:\Documents and Settings\aig\Pulpit\zdjęcia telefon sluzbowy 2014-04-28 08:50 - 2013-02-26 20:28 - 00000000 ____D () C:\Program Files\MSECache 2014-04-27 01:05 - 2010-03-03 16:26 - 00000000 ____D () C:\Documents and Settings\aig 2014-04-26 21:53 - 2014-04-26 21:53 - 00023292 ____N () C:\Documents and Settings\aig\Moje dokumenty\E--dok. powykonawcz RED PARK-18-21 PPW_D_M_elewacje_04.tif 2014-04-26 21:45 - 2014-04-26 21:45 - 00000706 _____ () C:\Documents and Settings\All Users\Pulpit\PDFCreator.lnk 2014-04-26 21:45 - 2014-04-26 21:45 - 00000000 ____D () C:\Program Files\PDFCreator 2014-04-26 21:45 - 2014-04-26 21:45 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\PDFCreator 2014-04-26 21:45 - 2014-04-26 21:45 - 00000000 ____D () C:\Documents and Settings\aig\Dane aplikacji\pdfforge 2014-04-25 17:44 - 2014-04-26 21:45 - 00662288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSCOMCT2.OCX 2014-04-25 17:44 - 2014-04-26 21:45 - 00137000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMAPI32.OCX 2014-04-25 17:44 - 2014-04-26 21:45 - 00095416 _____ (pdfforge GmbH) C:\WINDOWS\system32\pdfcmon.dll 2014-04-25 17:44 - 2014-04-26 21:45 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPIDE.DLL 2014-04-24 23:04 - 2014-04-24 21:12 - 00000000 ____D () C:\Program Files\Aide PDF to DWG Converter 2014-04-24 21:58 - 2014-04-21 21:19 - 00002531 _____ () C:\Documents and Settings\All Users\Pulpit\DraftSight.lnk 2014-04-24 13:54 - 2014-04-24 13:54 - 00000202 _____ () C:\Documents and Settings\aig\Moje dokumenty\acad.err 2014-04-24 08:52 - 2014-04-21 00:40 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Autodesk 2014-04-24 08:52 - 2014-04-21 00:40 - 00000000 ____D () C:\Documents and Settings\aig\Dane aplikacji\Autodesk 2014-04-23 12:43 - 2013-12-11 21:56 - 00001116 __RSH () C:\Documents and Settings\aig\ntuser.pol 2014-04-23 10:15 - 2011-01-30 16:24 - 00002438 _____ () C:\WINDOWS\setupact.log 2014-04-23 09:23 - 2008-04-15 14:00 - 00000705 _____ () C:\WINDOWS\win.ini 2014-04-23 00:07 - 2014-04-23 00:07 - 00090112 _____ () C:\WINDOWS\Minidump\Mini042314-01.dmp 2014-04-22 23:35 - 2010-03-03 17:12 - 00000211 ___SH () C:\boot.ini 2014-04-22 23:35 - 2008-04-15 14:00 - 00000227 _____ () C:\WINDOWS\system.ini 2014-04-22 23:29 - 2012-11-18 20:56 - 00000000 ____D () C:\Documents and Settings\aig\Dane aplikacji\Skype 2014-04-21 21:28 - 2014-04-21 21:28 - 00000000 ____D () C:\Documents and Settings\aig\Ustawienia lokalne\Dane aplikacji\CrashRpt 2014-04-21 21:19 - 2014-04-21 21:19 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Dassault Systemes 2014-04-21 21:19 - 2014-04-21 21:19 - 00000000 ____D () C:\Documents and Settings\aig\Moje dokumenty\My Drawings 2014-04-21 21:19 - 2014-04-21 21:18 - 00000000 ____D () C:\Documents and Settings\aig\Dane aplikacji\DraftSight 2014-04-21 21:18 - 2014-04-21 21:18 - 00000000 ____D () C:\Program Files\Dassault Systemes 2014-04-21 21:18 - 2014-04-21 21:18 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Dassault Systemes 2014-04-21 21:18 - 2010-03-03 17:13 - 00000000 __RHD () C:\Documents and Settings\All Users\Dane aplikacji 2014-04-21 21:13 - 2014-04-21 21:13 - 148932448 _____ (Microsoft Corporation) C:\Documents and Settings\aig\Downloads\DraftSight32.exe 2014-04-21 21:03 - 2014-04-21 00:40 - 00000000 ____D () C:\Program Files\AutoCAD 2010 2014-04-21 08:04 - 2014-04-21 08:04 - 00055232 _____ (StdLib) C:\WINDOWS\system32\Drivers\tStLibG.sys 2014-04-21 08:04 - 2014-04-21 08:04 - 00000000 ___RD () C:\Documents and Settings\LocalService\Ulubione 2014-04-21 08:04 - 2010-03-03 16:25 - 00000000 __SHD () C:\Documents and Settings\LocalService 2014-04-21 01:40 - 2010-03-03 16:26 - 00000000 ___RD () C:\Documents and Settings\aig\Moje dokumenty\Moje obrazy 2014-04-21 01:30 - 2014-04-21 01:08 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\FLEXnet 2014-04-21 01:22 - 2014-04-21 01:19 - 00000000 ____D () C:\Documents and Settings\aig\Ustawienia lokalne\Dane aplikacji\Opera Software 2014-04-21 01:22 - 2014-04-21 01:19 - 00000000 ____D () C:\Documents and Settings\aig\Dane aplikacji\Opera Software 2014-04-21 01:22 - 2014-04-21 01:15 - 00000000 ____D () C:\Program Files\Opera 2014-04-21 01:16 - 2014-04-21 01:16 - 00090112 _____ () C:\WINDOWS\Minidump\Mini042114-01.dmp 2014-04-21 01:16 - 2010-03-03 17:13 - 00325112 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-04-21 01:15 - 2011-07-23 14:25 - 00000000 ____D () C:\Documents and Settings\aig\Dane aplikacji\uTorrent 2014-04-21 01:07 - 2010-03-03 16:42 - 00081568 _____ () C:\Documents and Settings\aig\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT 2014-04-21 00:46 - 2014-04-21 00:40 - 00000000 ____D () C:\Program Files\Common Files\Autodesk Shared 2014-04-21 00:46 - 2010-04-04 11:56 - 00000000 ____D () C:\WINDOWS\Microsoft.NET 2014-04-21 00:43 - 2014-04-21 00:43 - 00000000 ____D () C:\Program Files\Common Files\Macrovision Shared 2014-04-21 00:43 - 2010-05-02 19:15 - 00000116 _____ () C:\WINDOWS\NeroDigital.ini 2014-04-21 00:42 - 2014-04-21 00:42 - 00001692 _____ () C:\Documents and Settings\All Users\Pulpit\AutoCAD 2010 - Polski.lnk 2014-04-21 00:42 - 2014-04-21 00:42 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Autodesk 2014-04-21 00:40 - 2014-04-21 00:40 - 00000000 ____D () C:\Documents and Settings\aig\Ustawienia lokalne\Dane aplikacji\Autodesk 2014-04-21 00:40 - 2010-03-03 16:22 - 00000000 ____D () C:\WINDOWS\system32\DirectX 2014-04-21 00:35 - 2014-04-21 00:35 - 00017674 _____ () C:\WINDOWS\KB942288-v3.log 2014-04-21 00:35 - 2014-04-21 00:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB942288-v3$ 2014-04-21 00:35 - 2010-03-03 17:08 - 00000000 ____D () C:\WINDOWS\system32\mui 2014-04-20 22:26 - 2014-04-20 22:26 - 00090112 _____ () C:\WINDOWS\Minidump\Mini042014-01.dmp 2014-04-19 21:10 - 2014-04-19 21:10 - 00173184 _____ () C:\Documents and Settings\aig\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat 2014-04-19 21:08 - 2014-04-19 21:07 - 00000000 ____D () C:\WINDOWS\XSxS 2014-04-19 21:07 - 2014-04-19 21:07 - 00000000 ____D () C:\Program Files\Xenocode 2014-04-19 21:07 - 2014-04-19 21:07 - 00000000 ____D () C:\Documents and Settings\aig\Ustawienia lokalne\Dane aplikacji\Xenocode 2014-04-19 19:21 - 2014-04-19 19:10 - 00000000 ____D () C:\Documents and Settings\aig\Pulpit\PULPIT ASI I GRZESIA 2014-04-19 11:41 - 2010-05-01 09:51 - 00000000 ___RD () C:\Documents and Settings\aig\Moje dokumenty\Moje wideo 2014-04-18 22:03 - 2010-10-13 09:00 - 00000000 ____D () C:\Documents and Settings\aig\Moje dokumenty\Pobieranie 2014-04-15 16:21 - 2014-04-15 16:21 - 00090112 _____ () C:\WINDOWS\Minidump\Mini041514-01.dmp Some content of TEMP: ==================== C:\Documents and Settings\aig\Ustawienia lokalne\Temp\9435uninstall.exe C:\Documents and Settings\aig\Ustawienia lokalne\Temp\AcDeltree.exe C:\Documents and Settings\aig\Ustawienia lokalne\Temp\AdbeRdr1012_en_US.exe C:\Documents and Settings\aig\Ustawienia lokalne\Temp\ApnStub.exe C:\Documents and Settings\aig\Ustawienia lokalne\Temp\app.exe C:\Documents and Settings\aig\Ustawienia lokalne\Temp\arh.exe C:\Documents and Settings\aig\Ustawienia lokalne\Temp\AVGInstaller.exe C:\Documents and Settings\aig\Ustawienia lokalne\Temp\chutil.dll C:\Documents and Settings\aig\Ustawienia lokalne\Temp\DefaultTabSetup2.exe C:\Documents and Settings\aig\Ustawienia lokalne\Temp\drm_dyndata_7400005.dll C:\Documents and Settings\aig\Ustawienia lokalne\Temp\eauninstall.exe C:\Documents and Settings\aig\Ustawienia lokalne\Temp\FP_PL_PFS_INSTALLER_32bit.exe C:\Documents and Settings\aig\Ustawienia lokalne\Temp\GenericUninstall.exe C:\Documents and Settings\aig\Ustawienia lokalne\Temp\GenericWndApi.dll C:\Documents and Settings\aig\Ustawienia lokalne\Temp\ggdrive-menu.exe C:\Documents and Settings\aig\Ustawienia lokalne\Temp\ggdrive-overlay.exe C:\Documents and Settings\aig\Ustawienia lokalne\Temp\htmlayout.dll C:\Documents and Settings\aig\Ustawienia lokalne\Temp\ICReinstall_keygen.exe C:\Documents and Settings\aig\Ustawienia lokalne\Temp\installstats.exe C:\Documents and Settings\aig\Ustawienia lokalne\Temp\install_reader10_en_air_mssa_aih.exe C:\Documents and Settings\aig\Ustawienia lokalne\Temp\install_reader10_en_air_mssa_aih_1.exe C:\Documents and Settings\aig\Ustawienia lokalne\Temp\jre-6u39-windows-i586-iftw.exe C:\Documents and Settings\aig\Ustawienia lokalne\Temp\jre-7u21-windows-i586-iftw.exe C:\Documents and Settings\aig\Ustawienia lokalne\Temp\jre-7u45-windows-i586-iftw.exe C:\Documents and Settings\aig\Ustawienia lokalne\Temp\mgsqlite3.dll C:\Documents and Settings\aig\Ustawienia lokalne\Temp\oi_{77EC0A51-0D22-48E1-BF01-4555D1E96C12}.exe C:\Documents and Settings\aig\Ustawienia lokalne\Temp\ose00000.exe C:\Documents and Settings\aig\Ustawienia lokalne\Temp\SecurityScan_Release.exe C:\Documents and Settings\aig\Ustawienia lokalne\Temp\SimCity 4 Deluxe_uninst.exe C:\Documents and Settings\aig\Ustawienia lokalne\Temp\sqlite3.dll C:\Documents and Settings\aig\Ustawienia lokalne\Temp\SSUPDATE.EXE C:\Documents and Settings\aig\Ustawienia lokalne\Temp\tbuTo0.dll C:\Documents and Settings\aig\Ustawienia lokalne\Temp\toolbar1102109.exe C:\Documents and Settings\aig\Ustawienia lokalne\Temp\toolbar1113875.exe C:\Documents and Settings\aig\Ustawienia lokalne\Temp\uninst1.exe C:\Documents and Settings\aig\Ustawienia lokalne\Temp\UNINSTALL.EXE C:\Documents and Settings\aig\Ustawienia lokalne\Temp\uninstall498875.exe C:\Documents and Settings\aig\Ustawienia lokalne\Temp\uninstaller.exe C:\Documents and Settings\aig\Ustawienia lokalne\Temp\vlc-2.0.5-win32.exe C:\Documents and Settings\aig\Ustawienia lokalne\Temp\vlc-2.0.6-win32.exe C:\Documents and Settings\aig\Ustawienia lokalne\Temp\vlc-2.1.2-win32.exe C:\Documents and Settings\aig\Ustawienia lokalne\Temp\WSSetup.exe C:\Documents and Settings\aig\Ustawienia lokalne\Temp\YontooSetup-S.exe ==================== Bamital & volsnap Check ================= C:\WINDOWS\explorer.exe [2008-04-15 14:00] - [2008-04-15 14:00] - 1035264 ____A (Microsoft Corporation) c791ed9eac5e76d9525e157b1d7a599a C:\WINDOWS\system32\winlogon.exe [2008-04-15 14:00] - [2008-04-15 14:00] - 0510464 ____A (Microsoft Corporation) 51fd2e13d723857b9ca239ae77150f48 C:\WINDOWS\system32\svchost.exe [2008-04-15 14:00] - [2008-04-15 14:00] - 0014336 ____A (Microsoft Corporation) 8607d35d92528e2df386f19a960d23ce C:\WINDOWS\system32\services.exe [2008-04-15 14:00] - [2009-02-09 13:25] - 0111104 ____A (Microsoft Corporation) 02a467e27af55f7064c5b251e587315f C:\WINDOWS\system32\User32.dll [2008-04-15 14:00] - [2008-04-15 14:00] - 0580096 ____A (Microsoft Corporation) a435c5c069afd901751ac323ad238793 C:\WINDOWS\system32\userinit.exe [2008-04-15 14:00] - [2008-04-15 14:00] - 0026624 ____A (Microsoft Corporation) 2a5b37d520508be6570a3ea79695f5b5 C:\WINDOWS\system32\rpcss.dll [2008-04-15 14:00] - [2009-02-09 12:53] - 0401408 ____A (Microsoft Corporation) a37311d9d628c1042a2836731787f0f3 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected. C:\WINDOWS\system32\Drivers\volsnap.sys [2008-04-15 14:00] - [2008-04-15 14:00] - 0052864 ____A (Microsoft Corporation) 56b191ac5fc0df219949c95a6c87afe7 ==================== End Of Log ============================