Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:23-05-2014 Ran by eo07 (administrator) on WIN-B4A6E7F241F on 24-05-2014 10:54:20 Running from C:\Documents and Settings\eo07\Moje dokumenty\Pobieranie Platform: Microsoft Windows XP Home Edition Dodatek Service Pack 3 (X86) OS Language: Polish Internet Explorer Version 8 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Cherished Technololgy LIMITED) C:\Documents and Settings\All Users\Dane aplikacji\IePluginServices\PluginService.exe (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE (Cyberlink Corp.) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (THOMSON Telecom Belgium) C:\Program Files\Thomson\SpeedTouch USB\dragdiag.exe (Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe (Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (SEIKO EPSON CORPORATION) C:\Program Files\EPSON Software\Event Manager\EEventManager.exe (France Telecom SA) C:\Program Files\Livebox\Launcher\Launcher.exe (France Telecom SA) C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe (Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 11.0\Acrobat\acrotray.exe (Highresolution Enterprises) C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (ABBYY) C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (Nokia) C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIINE.EXE (France Telecom SA) C:\Program Files\Livebox\Systray\SystrayApp.exe (France Telecom SA) C:\Program Files\Livebox\Connectivity\ConnectivityManager.exe (France Telecom SA) C:\Program Files\Livebox\Connectivity\corecom\CoreCom.exe (Autodesk) C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe (WIDCOMM, Inc.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (Seiko Epson Corporation) C:\WINDOWS\system32\escsvc.exe (France Telecom SA) C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe (Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe (Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe (LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe () C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe () C:\Program Files\CyberLink\Shared Files\RichVideo.exe (LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Nokia) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe (Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe (Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe (France Telecom SA) C:\Program Files\Livebox\Connectivity\corecom\OraConfigRecover.exe (France Telecom SA) C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\WINWORD.EXE (GG Network S.A.) C:\Documents and Settings\eo07\Ustawienia lokalne\Dane aplikacji\GG\Application\gghub.exe (GG Network S.A.) C:\Documents and Settings\eo07\Ustawienia lokalne\Dane aplikacji\GG\Application\ggapp.exe (GG Network S.A.) C:\Documents and Settings\eo07\Ustawienia lokalne\Dane aplikacji\GG\Application\ggdrive\ggdrive.exe (OldTimer Tools) C:\Documents and Settings\eo07\Moje dokumenty\Pobieranie\OTL.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [18084864 2009-01-13] (Realtek Semiconductor Corp.) HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [57344 2008-06-19] (Realtek Semiconductor Corp.) HKLM\...\Run: [NvCplDaemon] => C:\WINDOWS\system32\NvCpl.dll [13680640 2009-03-08] (NVIDIA Corporation) HKLM\...\Run: [nwiz] => nwiz.exe /install HKLM\...\Run: [NvMediaCenter] => C:\WINDOWS\system32\NvMcTray.dll [86016 2009-03-08] (NVIDIA Corporation) HKLM\...\Run: [RemoteControl] => C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [56928 2006-11-23] (Cyberlink Corp.) HKLM\...\Run: [LanguageShortcut] => C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [54832 2006-12-05] () HKLM\...\Run: [ORAHSSSessionManager] => C:\Program Files\Livebox\SessionManager\SessionManager.exe [107248 2008-06-10] (France Telecom SA) HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation) HKLM\...\Run: [BluetoothAuthenticationAgent] => rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent HKLM\...\Run: [SpeedTouch USB Diagnostics] => C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe [866816 2004-01-26] (THOMSON Telecom Belgium) HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152 2007-10-14] (Hewlett-Packard) HKLM\...\Run: [hpqSRMon] => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [80896 2007-08-22] (Hewlett-Packard) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [421888 2012-04-18] (Apple Inc.) HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [1058400 2011-10-31] (SEIKO EPSON CORPORATION) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated) HKLM\...\Run: [] => [X] HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3477640 2012-09-23] (Adobe Systems Inc.) HKLM\...\Run: [XMouseButtonControl] => C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe [861840 2013-10-06] (Highresolution Enterprises) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2014-01-18] (AVAST Software) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-05-13] (LogMeIn Inc.) HKU\S-1-5-21-602162358-1409082233-1417001333-1008\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [484904 2007-04-19] (Hewlett-Packard Company) HKU\S-1-5-21-602162358-1409082233-1417001333-1008\...\Run: [PC Suite Tray] => C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [1451520 2009-11-11] (Nokia) HKU\S-1-5-21-602162358-1409082233-1417001333-1008\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIINE.EXE [246368 2011-11-02] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-602162358-1409082233-1417001333-1008\...\Run: [ABBYY Screenshot Reader Bonus] => [X] HKU\S-1-5-21-602162358-1409082233-1417001333-1008\...\Run: [Facebook Update] => C:\Documents and Settings\eo07\Ustawienia lokalne\Dane aplikacji\Facebook\Update\FacebookUpdate.exe [138096 2014-01-16] (Facebook Inc.) AppInit_DLLs: C:\PROGRA~1\SupTab\SEARCH~1.DLL => C:\PROGRA~1\SupTab\SEARCH~1.DLL File Not Found Startup: C:\Documents and Settings\WIN\Menu Start\Programy\Autostart\OpenOffice.ux.pl 2.0.2.lnk ShortcutTarget: OpenOffice.ux.pl 2.0.2.lnk -> C:\Program Files\OpenOffice.ux.pl 2.0.2\program\quickstart.exe (No File) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1400516197&from=cor&uid=SAMSUNGXHD502HI_S1VZJ9CS708421&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1400516197&from=cor&uid=SAMSUNGXHD502HI_S1VZJ9CS708421&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.sweet-page.com/?type=scpp&ts=1400516250&from=cor&uid=SAMSUNGXHD502HI_S1VZJ9CS708421 SearchScopes: HKCU - {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = http://pl.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION) BHO: Adobe Acrobat Create PDF Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) BHO: No Name - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No File BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) Toolbar: HKLM - No Name - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No File Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) Toolbar: HKCU - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.4.0/jinstall-1_4_0_03-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Documents and Settings\eo07\Dane aplikacji\Mozilla\Firefox\Profiles\5ulfomki.default FF user.js: detected! => C:\Documents and Settings\eo07\Dane aplikacji\Mozilla\Firefox\Profiles\5ulfomki.default\user.js FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", ""); FF SearchEngineOrder.user_pref("browser.search.order.1,S", "");: user_pref("browser.search.order.1,S", ""); FF Homepage: https://www.google.pl/|hxxp://eu07.pl/forum/ FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll () FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw_1211151.dll (Adobe Systems, Inc.) FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin: Adobe Acrobat - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems) FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Documents and Settings\eo07\Ustawienia lokalne\Dane aplikacji\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Documents and Settings\eo07\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.) FF SearchPlugin: C:\Documents and Settings\eo07\Dane aplikacji\Mozilla\Firefox\Profiles\5ulfomki.default\searchplugins\kolej-w-polsce.xml FF SearchPlugin: C:\Documents and Settings\eo07\Dane aplikacji\Mozilla\Firefox\Profiles\5ulfomki.default\searchplugins\nonsensopedia-pl.xml FF SearchPlugin: C:\Documents and Settings\eo07\Dane aplikacji\Mozilla\Firefox\Profiles\5ulfomki.default\searchplugins\ponseu--niemiecki--polski.xml FF SearchPlugin: C:\Documents and Settings\eo07\Dane aplikacji\Mozilla\Firefox\Profiles\5ulfomki.default\searchplugins\search-maszyna-eu07-packaging.xml FF SearchPlugin: C:\Documents and Settings\eo07\Dane aplikacji\Mozilla\Firefox\Profiles\5ulfomki.default\searchplugins\szukaj-na-jm.xml FF SearchPlugin: C:\Documents and Settings\eo07\Dane aplikacji\Mozilla\Firefox\Profiles\5ulfomki.default\searchplugins\wrzutapl.xml FF SearchPlugin: C:\Documents and Settings\eo07\Dane aplikacji\Mozilla\Firefox\Profiles\5ulfomki.default\searchplugins\wyszukiwarka-filmw-w-youtube.xml FF Extension: 20-20 3D Viewer - IKEA - C:\Documents and Settings\eo07\Dane aplikacji\Mozilla\Firefox\Profiles\5ulfomki.default\Extensions\2020Player_IKEA@2020Technologies.com [2013-09-26] FF Extension: DownloadHelper - C:\Documents and Settings\eo07\Dane aplikacji\Mozilla\Firefox\Profiles\5ulfomki.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-25] FF Extension: Classic Theme Restorer - C:\Documents and Settings\eo07\Dane aplikacji\Mozilla\Firefox\Profiles\5ulfomki.default\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-05-04] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [] FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn FF Extension: Adobe Acrobat - Create PDF - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2013-02-22] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-12-05] Chrome: ======= CHR HomePage: hxxp://pl.yahoo.com?fr=fpc-comodo CHR RestoreOnStartup: "hxxp://pl.yahoo.com?fr=fpc-comodo" CHR Extension: (BurrowsEE2siave) - C:\Documents and Settings\eo07\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\fefcellfmdjodcnnbdpgkdpecdepdkmc [2013-04-07] CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2013-04-07] ========================== Services (Whitelisted) ================= R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-18] (AVAST Software) R2 btwdins; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [135168 2003-09-19] (WIDCOMM, Inc.) R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc.exe [122000 2011-12-12] (Seiko Epson Corporation) S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1044816 2011-10-22] (Flexera Software, Inc.) R2 FTRTSVC; C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [65536 2008-06-20] (France Telecom SA) R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1682768 2014-05-13] (LogMeIn Inc.) R2 IePluginServices; C:\Documents and Settings\All Users\Dane aplikacji\IePluginServices\PluginService.exe [704112 2014-05-08] (Cherished Technololgy LIMITED) R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-04-14] (Oracle Corporation) R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [375056 2014-04-15] (LogMeIn, Inc.) R2 mi-raysat_3dsmax9_32; C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe [65536 2006-09-29] () R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [167936 2005-08-08] () S2 mi-raysat_3dsmax2012_32; "C:\Program Files\Autodesk\3ds Max Design 2012\mentalimages\satellite\raysat_3dsmax2012_32server.exe" [X] S3 NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [X] S3 NMIndexingService; "C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe" [X] S2 Update webget; "C:\Program Files\webget\updatewebget.exe" [X] S2 Util webget; "C:\Program Files\webget\bin\utilwebget.exe" [X] ==================== Drivers (Whitelisted) ==================== S3 alcan5wn; C:\WINDOWS\System32\DRIVERS\alcan5wn.sys [53600 2003-12-08] (THOMSON) S3 alcaudsl; C:\WINDOWS\System32\DRIVERS\alcaudsl.sys [70688 2003-12-08] (THOMSON) R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-01-18] (AVAST Software) R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [54832 2014-01-18] (AVAST Software) R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2013-12-05] () R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [775952 2014-01-18] (AVAST Software) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [410528 2014-01-18] (AVAST Software) R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57672 2014-01-18] (AVAST Software) R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [180248 2014-01-18] () R0 BTKRNL; C:\WINDOWS\System32\drivers\btkrnl.sys [1257418 2003-09-19] (WIDCOMM, Inc.) R2 BTSERIAL; C:\WINDOWS\system32\drivers\btserial.sys [22183 2003-09-19] () R2 BTSLBCSP; C:\WINDOWS\system32\drivers\btslbcsp.sys [222876 2003-09-19] (WIDCOMM, Inc.) S3 gdrv; C:\WINDOWS\gdrv.sys [16608 2009-08-04] (Windows (R) 2000 DDK provider) S3 GT680xNT; C:\WINDOWS\System32\drivers\gt680x.sys [17376 2003-02-26] ( ) R3 hamachi; C:\WINDOWS\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.) S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2007-10-30] (HP) S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2007-10-30] (HP) S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2007-10-30] (HP) S3 PCAMPR5; C:\WINDOWS\system32\PCAMPR5.SYS [34688 2003-09-23] (Printing Communications Assoc., Inc. (PCAUSA)) R3 PCANDIS5; C:\WINDOWS\system32\PCANDIS5.SYS [32128 2006-03-01] (Printing Communications Assoc., Inc. (PCAUSA)) S3 SG762_XP; C:\WINDOWS\System32\DRIVERS\WlanBZXP.sys [402432 2006-01-19] (ZyDAS Technology Corporation) R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [691696 2010-12-19] () S3 USB_RNDIS; C:\WINDOWS\System32\DRIVERS\usb8023.sys [12928 2013-02-12] (Microsoft Corporation) S3 dmyymtgf; No ImagePath S4 IntelIde; No ImagePath U1 WS2IFSL; S3 ZDCndis5; \??\C:\WINDOWS\system32\ZDCndis5.SYS [X] S3 ZDPSp50; System32\Drivers\ZDPSp50.sys [X] ==================== NetSvcs (Whitelisted) =================== NETSVC: SSHNAS -> No Registry Path. ==================== One Month Created Files and Folders ======== 2014-05-24 10:48 - 2014-05-24 10:54 - 00000000 ____D () C:\FRST 2014-05-24 08:38 - 2014-03-06 23:53 - 02925760 _____ (Sysinternals - www.sysinternals.com) C:\Documents and Settings\eo07\Pulpit\procexp.exe 2014-05-23 17:55 - 2014-05-23 17:55 - 00226774 _____ () C:\Documents and Settings\eo07\Pulpit\xdf.bmp 2014-05-22 09:08 - 2014-05-22 09:08 - 00023673 _____ () C:\Documents and Settings\eo07\.recently-used.xbel 2014-05-21 21:32 - 2014-05-21 21:32 - 00023129 _____ () C:\Documents and Settings\eo07\Pulpit\cosik.rar 2014-05-21 21:30 - 2014-05-21 21:30 - 00253952 _____ () C:\Documents and Settings\eo07\Pulpit\cosik.max 2014-05-21 21:17 - 2014-05-21 21:17 - 00012658 _____ () C:\Documents and Settings\eo07\Pulpit\pudlo SM31.obj 2014-05-21 21:17 - 2014-05-21 21:17 - 00000861 _____ () C:\Documents and Settings\eo07\Pulpit\pudlo SM31.mtl 2014-05-21 19:24 - 2014-05-21 19:29 - 16777260 _____ () C:\Documents and Settings\eo07\Pulpit\sm-134 układ(3) - Kopia.tga 2014-05-20 12:45 - 2014-05-20 13:04 - 97222821 _____ () C:\Documents and Settings\eo07\Pulpit\S_awomir_Mro_ek_-_Szcz_liwe_wydarzenie_--_kopia.flv 2014-05-19 17:17 - 2014-05-19 17:17 - 00000000 ____D () C:\Documents and Settings\LocalService\Pulpit 2014-05-19 17:17 - 2014-05-19 17:17 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\WPM 2014-05-19 17:17 - 2014-05-19 17:17 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\IePluginServices 2014-05-19 17:16 - 2014-05-19 20:10 - 00000000 ____D () C:\Documents and Settings\eo07\Dane aplikacji\sweet-page 2014-05-19 17:16 - 2014-05-19 17:16 - 04739368 _____ () C:\Documents and Settings\eo07\Moje dokumenty\Pontifex II 1.05.exe 2014-05-19 08:54 - 2014-05-20 18:35 - 00000000 ____D () C:\Documents and Settings\eo07\Pulpit\Nowy folder (17) 2014-05-18 10:03 - 2014-05-18 10:03 - 03411483 _____ () C:\Documents and Settings\eo07\Pulpit\303e_b]kabina_a.t3d 2014-05-17 22:20 - 2014-05-17 22:20 - 00112555 _____ () C:\Documents and Settings\eo07\Pulpit\w11a_s-1.tga 2014-05-17 22:04 - 2014-05-17 22:05 - 00978886 _____ () C:\Documents and Settings\eo07\Pulpit\Nowy Obraz - mapa bitowa (3).bmp 2014-05-17 21:35 - 2014-05-17 21:35 - 01880850 _____ () C:\Documents and Settings\eo07\Pulpit\2.xcf 2014-05-17 21:06 - 2014-05-17 21:57 - 00464303 _____ () C:\Documents and Settings\eo07\Pulpit\1.xcf 2014-05-17 21:06 - 2014-05-17 21:55 - 01242623 _____ () C:\Documents and Settings\eo07\Pulpit\3.xcf 2014-05-17 14:07 - 2014-05-17 20:08 - 00000000 ____D () C:\Documents and Settings\eo07\Pulpit\Nowy folder (16) 2014-05-16 15:50 - 2014-05-16 15:56 - 31292668 _____ () C:\Documents and Settings\eo07\Pulpit\Road_Runner_Rushing_Roulette.mp4 2014-05-16 15:42 - 2014-05-16 15:46 - 14683587 _____ () C:\Documents and Settings\eo07\Pulpit\Road_Runner_Cartoon.flv 2014-05-15 15:11 - 2014-05-15 15:15 - 00063044 _____ () C:\Documents and Settings\eo07\Pulpit\gg.sav 2014-05-15 09:46 - 2014-05-15 09:46 - 00278528 _____ () C:\Documents and Settings\eo07\Pulpit\AutoBackup07.max 2014-05-15 09:46 - 2014-05-15 09:46 - 00014365 _____ () C:\Documents and Settings\eo07\Pulpit\AutoBackup07.rar 2014-05-15 09:44 - 2014-05-15 09:44 - 00278528 _____ () C:\Documents and Settings\eo07\Moje dokumenty\AutoBackup06.max 2014-05-15 09:42 - 2014-05-15 09:42 - 00303104 _____ () C:\Documents and Settings\eo07\Moje dokumenty\AutoBackup05.max 2014-05-14 12:37 - 2014-05-14 12:37 - 00000000 ____D () C:\Program Files\LogMeIn Hamachi 2014-05-14 12:37 - 2014-05-14 12:37 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\LogMeIn Hamachi 2014-05-13 23:28 - 2014-05-13 23:28 - 00001812 _____ () C:\Documents and Settings\eo07\Pulpit\Nowy Dokument tekstowy (5).txt 2014-05-13 23:26 - 2014-05-13 23:27 - 00000757 _____ () C:\Documents and Settings\eo07\Pulpit\Nowy Dokument tekstowy (4).txt 2014-05-10 07:29 - 2014-05-10 07:29 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-05-07 20:36 - 2014-05-07 20:36 - 03379200 _____ () C:\Documents and Settings\eo07\Pulpit\Untitled.max 2014-05-05 21:21 - 2014-05-05 21:21 - 00288065 _____ () C:\Documents and Settings\eo07\Pulpit\zasadniczy kab 303e_1.t3d 2014-05-05 16:26 - 2014-05-05 16:26 - 00643072 _____ () C:\Documents and Settings\eo07\Pulpit\sm61.max 2014-05-04 11:01 - 2014-05-04 11:01 - 00027659 _____ () C:\Documents and Settings\eo07\Pulpit\lampka_104eb.t3d 2014-05-03 15:36 - 2014-05-03 15:36 - 03522560 _____ () C:\Documents and Settings\eo07\Pulpit\vdbbg.max 2014-05-03 15:34 - 2014-05-03 15:34 - 05099520 _____ () C:\Documents and Settings\eo07\Pulpit\v vv.max 2014-05-03 15:33 - 2014-05-03 15:33 - 03698688 _____ () C:\Documents and Settings\eo07\Pulpit\nn.max 2014-05-03 15:32 - 2014-05-03 15:32 - 03706880 _____ () C:\Documents and Settings\eo07\Pulpit\kran.max 2014-05-03 13:23 - 2014-05-08 21:47 - 00000000 ____D () C:\Documents and Settings\eo07\Pulpit\Nowy folder (14) 2014-05-03 08:31 - 2014-05-03 01:12 - 00342668 _____ () C:\Documents and Settings\eo07\Pulpit\zwierzyniec_trakcja.scm 2014-05-03 08:31 - 2014-05-03 00:32 - 01551798 _____ () C:\Documents and Settings\eo07\Pulpit\zwierzyniec.scm 2014-05-03 08:24 - 2014-05-24 07:45 - 00047986 _____ () C:\WINDOWS\setupapi.log 2014-05-03 08:24 - 2014-05-03 08:28 - 00005576 _____ () C:\WINDOWS\KB2964358-IE8.log 2014-05-02 20:41 - 2014-05-02 20:41 - 00001279 _____ () C:\Documents and Settings\eo07\Pulpit\info.txt 2014-05-01 20:56 - 2014-05-01 20:56 - 01436899 _____ () C:\Documents and Settings\eo07\Pulpit\priv-wymiary1.zip 2014-05-01 12:39 - 2014-05-01 12:39 - 00012222 _____ () C:\Documents and Settings\eo07\Pulpit\gora.rar 2014-05-01 12:38 - 2014-05-01 12:38 - 10743808 _____ () C:\Documents and Settings\eo07\Pulpit\nnn04ymj.max 2014-05-01 12:38 - 2014-05-01 12:38 - 00208896 _____ () C:\Documents and Settings\eo07\Pulpit\gora.max 2014-04-30 21:16 - 2014-04-30 21:16 - 00193083 _____ () C:\Documents and Settings\eo07\Pulpit\Kopia.rar 2014-04-30 21:15 - 2014-04-30 21:15 - 13010418 _____ () C:\Documents and Settings\eo07\Pulpit\rd_login.bmp 2014-04-29 20:33 - 2014-04-30 16:09 - 00000176 _____ () C:\Documents and Settings\eo07\Pulpit\Nowy Dokument tekstowy (3).txt 2014-04-29 17:17 - 2014-04-29 17:17 - 10723328 _____ () C:\Documents and Settings\eo07\Pulpit\lampa01.max 2014-04-29 13:16 - 2014-04-29 13:16 - 00798865 _____ () C:\Documents and Settings\eo07\Pulpit\lampa.rar 2014-04-29 13:01 - 2014-04-29 13:01 - 10723328 _____ () C:\Documents and Settings\eo07\Pulpit\lampa.max 2014-04-27 22:35 - 2014-04-27 22:35 - 00217088 _____ () C:\Documents and Settings\eo07\Pulpit\AutoBackup04.max 2014-04-27 15:43 - 2014-04-27 15:43 - 00000000 ____D () C:\Documents and Settings\eo07\Pulpit\1006_kabina 2014-04-27 13:17 - 2014-04-27 13:17 - 00012540 _____ () C:\Documents and Settings\eo07\Pulpit\dolne.rar 2014-04-27 13:16 - 2014-04-27 13:16 - 00229376 _____ () C:\Documents and Settings\eo07\Pulpit\dolne.max 2014-04-26 23:25 - 2014-04-26 23:31 - 45591043 _____ () C:\Documents and Settings\eo07\Pulpit\1006_kabina.7z 2014-04-26 13:05 - 2014-04-26 13:05 - 00000620 _____ () C:\Documents and Settings\eo07\Pulpit\Skrót do FarmingSimulator2013.lnk 2014-04-26 12:13 - 2014-04-26 12:13 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Farming Simulator 2013 2014-04-26 08:35 - 2014-04-26 08:35 - 10747904 _____ () C:\Documents and Settings\eo07\Pulpit\nnn05.max 2014-04-26 08:03 - 2014-04-26 08:03 - 00808281 _____ () C:\Documents and Settings\eo07\Pulpit\nnn04.rar 2014-04-26 08:02 - 2014-04-26 08:02 - 10756096 _____ () C:\Documents and Settings\eo07\Pulpit\nnn04.max 2014-04-26 07:49 - 2014-04-26 07:49 - 00813464 _____ () C:\Documents and Settings\eo07\Pulpit\nnn03.rar 2014-04-25 22:50 - 2014-04-25 22:50 - 10756096 _____ () C:\Documents and Settings\eo07\Pulpit\nnn03.max 2014-04-25 22:49 - 2014-04-14 20:13 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll 2014-04-25 22:49 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe 2014-04-25 22:49 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe 2014-04-25 22:49 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe 2014-04-25 22:45 - 2014-04-25 22:49 - 00003966 _____ () C:\WINDOWS\system32\jupdate-1.7.0_55-b14.log 2014-04-25 17:27 - 2014-04-25 17:27 - 10842112 _____ () C:\Documents and Settings\eo07\Pulpit\nnn02.max 2014-04-25 17:09 - 2014-04-26 23:25 - 00000060 _____ () C:\Documents and Settings\eo07\Pulpit\Nowy Dokument tekstowy.txt 2014-04-25 10:12 - 2014-04-25 10:12 - 10838016 _____ () C:\Documents and Settings\eo07\Pulpit\nnn01.max 2014-04-25 07:06 - 2014-04-13 11:15 - 00010459 _____ () C:\Documents and Settings\eo07\Pulpit\opis_manewrowo3.html 2014-04-24 22:43 - 2014-04-24 22:43 - 10821632 _____ () C:\Documents and Settings\eo07\Pulpit\nnn.max ==================== One Month Modified Files and Folders ======= 2014-05-24 10:54 - 2014-05-24 10:48 - 00000000 ____D () C:\FRST 2014-05-24 10:54 - 2012-04-04 10:49 - 00000000 ____D () C:\Documents and Settings\eo07\Moje dokumenty\Pobieranie 2014-05-24 10:27 - 2013-09-22 06:54 - 00000930 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-05-24 10:21 - 2011-11-27 09:12 - 00000000 ____D () C:\Documents and Settings\eo07\Pulpit 2014-05-24 10:12 - 2012-02-04 17:59 - 00001032 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-05-24 09:43 - 2009-08-04 19:17 - 01524316 _____ () C:\WINDOWS\WindowsUpdate.log 2014-05-24 09:17 - 2012-09-20 14:24 - 00000000 ____D () C:\Documents and Settings\eo07\Dane aplikacji\GG 2014-05-24 08:29 - 2009-08-05 16:42 - 00000069 _____ () C:\WINDOWS\NeroDigital.ini 2014-05-24 08:25 - 2014-01-16 20:20 - 00000998 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-602162358-1409082233-1417001333-1008UA.job 2014-05-24 07:49 - 2013-12-05 20:30 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job 2014-05-24 07:45 - 2014-05-03 08:24 - 00047986 _____ () C:\WINDOWS\setupapi.log 2014-05-24 07:44 - 2011-11-27 09:12 - 00000000 ____D () C:\Documents and Settings\eo07\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi 2014-05-24 07:44 - 2011-08-11 06:45 - 00000000 ____D () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi 2014-05-24 07:44 - 2009-08-04 21:12 - 00000159 _____ () C:\WINDOWS\wiadebug.log 2014-05-24 07:44 - 2009-08-04 21:12 - 00000050 _____ () C:\WINDOWS\wiaservc.log 2014-05-24 07:43 - 2014-03-07 18:49 - 00000220 _____ () C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job 2014-05-24 07:43 - 2012-02-04 17:59 - 00001028 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-05-24 07:43 - 2011-11-27 09:12 - 00000000 ____D () C:\Documents and Settings\eo07\Menu Start\Programy\CyberLink DVD Suite 2014-05-24 07:43 - 2009-08-04 19:42 - 00220188 _____ () C:\WINDOWS\system32\nvapps.xml 2014-05-24 07:43 - 2009-08-04 19:31 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-05-23 23:02 - 2009-08-04 19:31 - 00032634 _____ () C:\WINDOWS\SchedLgU.Txt 2014-05-23 22:47 - 2011-12-02 18:30 - 00000000 ____D () C:\Documents and Settings\eo07\Ustawienia lokalne\Dane aplikacji\ChomikBox 2014-05-23 22:47 - 2011-12-02 18:30 - 00000000 ____D () C:\Documents and Settings\eo07\.gstreamer-0.10 2014-05-23 20:25 - 2014-01-16 20:20 - 00000976 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-602162358-1409082233-1417001333-1008Core.job 2014-05-23 17:55 - 2014-05-23 17:55 - 00226774 _____ () C:\Documents and Settings\eo07\Pulpit\xdf.bmp 2014-05-22 22:56 - 2012-11-03 19:00 - 00000000 ____D () C:\Program Files\Graffiti Studio 2.0 2014-05-22 22:49 - 2012-04-08 20:40 - 00000379 _____ () C:\WINDOWS\HAFASWIN.INI 2014-05-22 22:49 - 2012-04-08 20:39 - 00000000 ____D () C:\ERJP 2014-05-22 21:16 - 2009-08-12 19:35 - 00000000 ____D () C:\Program Files\ChickenInvaders2Polish 2014-05-22 17:12 - 2012-08-31 19:08 - 00000000 ____D () C:\Documents and Settings\eo07\Pulpit\maszynka 2014-05-22 15:32 - 2011-12-01 17:00 - 00000000 ____D () C:\Documents and Settings\eo07\.gimp-2.6 2014-05-22 09:08 - 2014-05-22 09:08 - 00023673 _____ () C:\Documents and Settings\eo07\.recently-used.xbel 2014-05-22 09:08 - 2011-11-27 09:12 - 00000000 ____D () C:\Documents and Settings\eo07 2014-05-21 21:32 - 2014-05-21 21:32 - 00023129 _____ () C:\Documents and Settings\eo07\Pulpit\cosik.rar 2014-05-21 21:30 - 2014-05-21 21:30 - 00253952 _____ () C:\Documents and Settings\eo07\Pulpit\cosik.max 2014-05-21 21:17 - 2014-05-21 21:17 - 00012658 _____ () C:\Documents and Settings\eo07\Pulpit\pudlo SM31.obj 2014-05-21 21:17 - 2014-05-21 21:17 - 00000861 _____ () C:\Documents and Settings\eo07\Pulpit\pudlo SM31.mtl 2014-05-21 19:29 - 2014-05-21 19:24 - 16777260 _____ () C:\Documents and Settings\eo07\Pulpit\sm-134 układ(3) - Kopia.tga 2014-05-21 18:49 - 2013-01-22 15:36 - 00000000 ____D () C:\Documents and Settings\eo07\Moje dokumenty\Euro Truck Simulator 2 2014-05-20 18:35 - 2014-05-19 08:54 - 00000000 ____D () C:\Documents and Settings\eo07\Pulpit\Nowy folder (17) 2014-05-20 14:18 - 2011-12-07 20:03 - 00000000 ____D () C:\Documents and Settings\eo07\Dane aplikacji\gtk-2.0 2014-05-20 13:47 - 2011-12-15 15:28 - 00000000 ____D () C:\Documents and Settings\eo07\Dane aplikacji\vlc 2014-05-20 13:04 - 2014-05-20 12:45 - 97222821 _____ () C:\Documents and Settings\eo07\Pulpit\S_awomir_Mro_ek_-_Szcz_liwe_wydarzenie_--_kopia.flv 2014-05-19 20:51 - 2011-11-27 09:12 - 00000188 ___SH () C:\Documents and Settings\eo07\ntuser.ini 2014-05-19 20:44 - 2012-11-12 18:49 - 00000000 ____D () C:\Program Files\efaktura 2014-05-19 20:44 - 2012-09-30 08:14 - 00000000 ____D () C:\Program Files\PDF Editor 3 2014-05-19 20:44 - 2012-05-07 16:01 - 00008192 ___SH () C:\WINDOWS\Thumbs.db 2014-05-19 20:41 - 2012-12-25 14:02 - 00001324 _____ () C:\WINDOWS\system32\d3d9caps.dat 2014-05-19 20:11 - 2011-11-27 09:12 - 00000000 ___RD () C:\Documents and Settings\eo07\Menu Start\Programy 2014-05-19 20:10 - 2014-05-19 17:16 - 00000000 ____D () C:\Documents and Settings\eo07\Dane aplikacji\sweet-page 2014-05-19 20:10 - 2011-11-27 09:12 - 00000000 ___RD () C:\Documents and Settings\eo07\Dane aplikacji 2014-05-19 17:53 - 2012-08-18 10:05 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\InstallMate 2014-05-19 17:17 - 2014-05-19 17:17 - 00000000 ____D () C:\Documents and Settings\LocalService\Pulpit 2014-05-19 17:17 - 2014-05-19 17:17 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\WPM 2014-05-19 17:17 - 2014-05-19 17:17 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\IePluginServices 2014-05-19 17:17 - 2011-06-21 09:26 - 00000920 _____ () C:\Documents and Settings\All Users\Menu Start\Programy\Mozilla Firefox.lnk 2014-05-19 17:17 - 2009-08-04 21:08 - 00000000 __RHD () C:\Documents and Settings\All Users\Dane aplikacji 2014-05-19 17:17 - 2009-08-04 19:31 - 00000000 __SHD () C:\Documents and Settings\LocalService 2014-05-19 17:16 - 2014-05-19 17:16 - 04739368 _____ () C:\Documents and Settings\eo07\Moje dokumenty\Pontifex II 1.05.exe 2014-05-19 17:16 - 2011-11-27 09:12 - 00000000 ___RD () C:\Documents and Settings\eo07\Moje dokumenty 2014-05-18 15:22 - 2012-01-09 18:31 - 00000000 ____D () C:\Documents and Settings\eo07\Pulpit\ISDR 2014-05-18 10:03 - 2014-05-18 10:03 - 03411483 _____ () C:\Documents and Settings\eo07\Pulpit\303e_b]kabina_a.t3d 2014-05-17 22:20 - 2014-05-17 22:20 - 00112555 _____ () C:\Documents and Settings\eo07\Pulpit\w11a_s-1.tga 2014-05-17 22:05 - 2014-05-17 22:04 - 00978886 _____ () C:\Documents and Settings\eo07\Pulpit\Nowy Obraz - mapa bitowa (3).bmp 2014-05-17 21:57 - 2014-05-17 21:06 - 00464303 _____ () C:\Documents and Settings\eo07\Pulpit\1.xcf 2014-05-17 21:55 - 2014-05-17 21:06 - 01242623 _____ () C:\Documents and Settings\eo07\Pulpit\3.xcf 2014-05-17 21:35 - 2014-05-17 21:35 - 01880850 _____ () C:\Documents and Settings\eo07\Pulpit\2.xcf 2014-05-17 20:08 - 2014-05-17 14:07 - 00000000 ____D () C:\Documents and Settings\eo07\Pulpit\Nowy folder (16) 2014-05-17 13:19 - 2012-11-23 11:59 - 00000000 ____D () C:\Documents and Settings\eo07\Pulpit\isdr_l 2014-05-17 10:10 - 2011-11-27 12:37 - 00000000 ____D () C:\notepad 2014-05-16 15:56 - 2014-05-16 15:50 - 31292668 _____ () C:\Documents and Settings\eo07\Pulpit\Road_Runner_Rushing_Roulette.mp4 2014-05-16 15:46 - 2014-05-16 15:42 - 14683587 _____ () C:\Documents and Settings\eo07\Pulpit\Road_Runner_Cartoon.flv 2014-05-15 17:41 - 2011-08-24 11:42 - 00000000 ____D () C:\Program Files\Crazy Machines - New Challenges 2014-05-15 15:15 - 2014-05-15 15:11 - 00063044 _____ () C:\Documents and Settings\eo07\Pulpit\gg.sav 2014-05-15 11:13 - 2009-08-04 19:15 - 00087783 _____ () C:\WINDOWS\wmsetup.log 2014-05-15 09:46 - 2014-05-15 09:46 - 00278528 _____ () C:\Documents and Settings\eo07\Pulpit\AutoBackup07.max 2014-05-15 09:46 - 2014-05-15 09:46 - 00014365 _____ () C:\Documents and Settings\eo07\Pulpit\AutoBackup07.rar 2014-05-15 09:44 - 2014-05-15 09:44 - 00278528 _____ () C:\Documents and Settings\eo07\Moje dokumenty\AutoBackup06.max 2014-05-15 09:42 - 2014-05-15 09:42 - 00303104 _____ () C:\Documents and Settings\eo07\Moje dokumenty\AutoBackup05.max 2014-05-14 21:28 - 2012-11-12 18:50 - 00000496 _____ () C:\Documents and Settings\eo07\efaktura.properties 2014-05-14 15:22 - 2009-09-27 09:05 - 00000000 _____ () C:\FileOut.Cns 2014-05-14 15:22 - 2009-09-27 09:05 - 00000000 _____ () C:\FileIn.Cns 2014-05-14 12:37 - 2014-05-14 12:37 - 00000000 ____D () C:\Program Files\LogMeIn Hamachi 2014-05-14 12:37 - 2014-05-14 12:37 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\LogMeIn Hamachi 2014-05-14 12:37 - 2009-08-04 21:10 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy 2014-05-14 07:31 - 2012-10-12 17:21 - 00692400 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2014-05-14 07:31 - 2011-06-21 06:54 - 00070832 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2014-05-14 07:30 - 2013-07-18 07:12 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-05-14 07:19 - 2013-03-25 09:33 - 90547776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-05-14 07:15 - 2008-04-15 13:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl 2014-05-13 23:28 - 2014-05-13 23:28 - 00001812 _____ () C:\Documents and Settings\eo07\Pulpit\Nowy Dokument tekstowy (5).txt 2014-05-13 23:27 - 2014-05-13 23:26 - 00000757 _____ () C:\Documents and Settings\eo07\Pulpit\Nowy Dokument tekstowy (4).txt 2014-05-10 07:29 - 2014-05-10 07:29 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-05-08 21:47 - 2014-05-03 13:23 - 00000000 ____D () C:\Documents and Settings\eo07\Pulpit\Nowy folder (14) 2014-05-07 20:53 - 2013-10-02 19:20 - 00000000 ____D () C:\Documents and Settings\eo07\Pulpit\skan 2014-05-07 20:36 - 2014-05-07 20:36 - 03379200 _____ () C:\Documents and Settings\eo07\Pulpit\Untitled.max 2014-05-05 21:21 - 2014-05-05 21:21 - 00288065 _____ () C:\Documents and Settings\eo07\Pulpit\zasadniczy kab 303e_1.t3d 2014-05-05 16:26 - 2014-05-05 16:26 - 00643072 _____ () C:\Documents and Settings\eo07\Pulpit\sm61.max 2014-05-04 11:01 - 2014-05-04 11:01 - 00027659 _____ () C:\Documents and Settings\eo07\Pulpit\lampka_104eb.t3d 2014-05-03 22:48 - 2011-12-02 07:35 - 00096768 _____ () C:\Documents and Settings\eo07\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-05-03 15:36 - 2014-05-03 15:36 - 03522560 _____ () C:\Documents and Settings\eo07\Pulpit\vdbbg.max 2014-05-03 15:34 - 2014-05-03 15:34 - 05099520 _____ () C:\Documents and Settings\eo07\Pulpit\v vv.max 2014-05-03 15:33 - 2014-05-03 15:33 - 03698688 _____ () C:\Documents and Settings\eo07\Pulpit\nn.max 2014-05-03 15:32 - 2014-05-03 15:32 - 03706880 _____ () C:\Documents and Settings\eo07\Pulpit\kran.max 2014-05-03 08:28 - 2014-05-03 08:24 - 00005576 _____ () C:\WINDOWS\KB2964358-IE8.log 2014-05-03 08:28 - 2011-11-21 07:09 - 00000000 ____D () C:\WINDOWS\ie8updates 2014-05-03 08:28 - 2009-08-13 20:19 - 00171914 _____ () C:\WINDOWS\updspapi.log 2014-05-03 08:28 - 2009-08-04 21:10 - 02052444 _____ () C:\WINDOWS\FaxSetup.log 2014-05-03 08:28 - 2009-08-04 21:10 - 00993018 _____ () C:\WINDOWS\ocgen.log 2014-05-03 08:28 - 2009-08-04 21:10 - 00791645 _____ () C:\WINDOWS\tsoc.log 2014-05-03 08:28 - 2009-08-04 21:10 - 00692104 _____ () C:\WINDOWS\comsetup.log 2014-05-03 08:28 - 2009-08-04 21:10 - 00418323 _____ () C:\WINDOWS\ntdtcsetup.log 2014-05-03 08:28 - 2009-08-04 21:10 - 00326338 _____ () C:\WINDOWS\iis6.log 2014-05-03 08:28 - 2009-08-04 21:10 - 00128348 _____ () C:\WINDOWS\ocmsn.log 2014-05-03 08:28 - 2009-08-04 21:10 - 00103011 _____ () C:\WINDOWS\msgsocm.log 2014-05-03 08:28 - 2009-08-04 21:10 - 00001355 _____ () C:\WINDOWS\imsins.log 2014-05-03 01:12 - 2014-05-03 08:31 - 00342668 _____ () C:\Documents and Settings\eo07\Pulpit\zwierzyniec_trakcja.scm 2014-05-03 00:32 - 2014-05-03 08:31 - 01551798 _____ () C:\Documents and Settings\eo07\Pulpit\zwierzyniec.scm 2014-05-02 20:41 - 2014-05-02 20:41 - 00001279 _____ () C:\Documents and Settings\eo07\Pulpit\info.txt 2014-05-02 14:37 - 2011-11-30 20:19 - 00083536 _____ () C:\Documents and Settings\eo07\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT 2014-05-02 10:12 - 2013-03-19 23:07 - 01044046 _____ () C:\WINDOWS\setupapi.log.3.old 2014-05-01 20:56 - 2014-05-01 20:56 - 01436899 _____ () C:\Documents and Settings\eo07\Pulpit\priv-wymiary1.zip 2014-05-01 12:39 - 2014-05-01 12:39 - 00012222 _____ () C:\Documents and Settings\eo07\Pulpit\gora.rar 2014-05-01 12:38 - 2014-05-01 12:38 - 10743808 _____ () C:\Documents and Settings\eo07\Pulpit\nnn04ymj.max 2014-05-01 12:38 - 2014-05-01 12:38 - 00208896 _____ () C:\Documents and Settings\eo07\Pulpit\gora.max 2014-04-30 21:16 - 2014-04-30 21:16 - 00193083 _____ () C:\Documents and Settings\eo07\Pulpit\Kopia.rar 2014-04-30 21:15 - 2014-04-30 21:15 - 13010418 _____ () C:\Documents and Settings\eo07\Pulpit\rd_login.bmp 2014-04-30 16:09 - 2014-04-29 20:33 - 00000176 _____ () C:\Documents and Settings\eo07\Pulpit\Nowy Dokument tekstowy (3).txt 2014-04-30 09:12 - 2008-04-15 13:00 - 06022144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtml.dll 2014-04-30 09:12 - 2008-04-15 13:00 - 06022144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-04-29 17:17 - 2014-04-29 17:17 - 10723328 _____ () C:\Documents and Settings\eo07\Pulpit\lampa01.max 2014-04-29 13:16 - 2014-04-29 13:16 - 00798865 _____ () C:\Documents and Settings\eo07\Pulpit\lampa.rar 2014-04-29 13:01 - 2014-04-29 13:01 - 10723328 _____ () C:\Documents and Settings\eo07\Pulpit\lampa.max 2014-04-27 22:35 - 2014-04-27 22:35 - 00217088 _____ () C:\Documents and Settings\eo07\Pulpit\AutoBackup04.max 2014-04-27 15:43 - 2014-04-27 15:43 - 00000000 ____D () C:\Documents and Settings\eo07\Pulpit\1006_kabina 2014-04-27 14:37 - 2014-04-22 10:59 - 00000000 ____D () C:\Documents and Settings\eo07\Pulpit\Nowy folder (12) 2014-04-27 13:17 - 2014-04-27 13:17 - 00012540 _____ () C:\Documents and Settings\eo07\Pulpit\dolne.rar 2014-04-27 13:16 - 2014-04-27 13:16 - 00229376 _____ () C:\Documents and Settings\eo07\Pulpit\dolne.max 2014-04-26 23:31 - 2014-04-26 23:25 - 45591043 _____ () C:\Documents and Settings\eo07\Pulpit\1006_kabina.7z 2014-04-26 23:25 - 2014-04-25 17:09 - 00000060 _____ () C:\Documents and Settings\eo07\Pulpit\Nowy Dokument tekstowy.txt 2014-04-26 13:05 - 2014-04-26 13:05 - 00000620 _____ () C:\Documents and Settings\eo07\Pulpit\Skrót do FarmingSimulator2013.lnk 2014-04-26 13:05 - 2009-08-04 21:10 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit 2014-04-26 12:26 - 2011-12-27 15:50 - 00000000 ____D () C:\Documents and Settings\eo07\Moje dokumenty\My Games 2014-04-26 12:13 - 2014-04-26 12:13 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Farming Simulator 2013 2014-04-26 10:05 - 2014-02-08 22:54 - 00000000 ____D () C:\Documents and Settings\eo07\Pulpit\Kopia sis_v2 2014-04-26 08:35 - 2014-04-26 08:35 - 10747904 _____ () C:\Documents and Settings\eo07\Pulpit\nnn05.max 2014-04-26 08:03 - 2014-04-26 08:03 - 00808281 _____ () C:\Documents and Settings\eo07\Pulpit\nnn04.rar 2014-04-26 08:02 - 2014-04-26 08:02 - 10756096 _____ () C:\Documents and Settings\eo07\Pulpit\nnn04.max 2014-04-26 07:49 - 2014-04-26 07:49 - 00813464 _____ () C:\Documents and Settings\eo07\Pulpit\nnn03.rar 2014-04-25 22:50 - 2014-04-25 22:50 - 10756096 _____ () C:\Documents and Settings\eo07\Pulpit\nnn03.max 2014-04-25 22:49 - 2014-04-25 22:45 - 00003966 _____ () C:\WINDOWS\system32\jupdate-1.7.0_55-b14.log 2014-04-25 22:49 - 2009-08-11 08:22 - 00000000 ____D () C:\Program Files\Java 2014-04-25 21:25 - 2012-09-20 14:23 - 00000000 ____D () C:\Documents and Settings\eo07\Ustawienia lokalne\Dane aplikacji\GG 2014-04-25 17:27 - 2014-04-25 17:27 - 10842112 _____ () C:\Documents and Settings\eo07\Pulpit\nnn02.max 2014-04-25 10:12 - 2014-04-25 10:12 - 10838016 _____ () C:\Documents and Settings\eo07\Pulpit\nnn01.max 2014-04-24 22:43 - 2014-04-24 22:43 - 10821632 _____ () C:\Documents and Settings\eo07\Pulpit\nnn.max Files to move or delete: ==================== C:\Documents and Settings\systemowe\railmap_inst.exe Some content of TEMP: ==================== C:\Documents and Settings\eo07\Ustawienia lokalne\Temp\1_Offer_2.exe C:\Documents and Settings\eo07\Ustawienia lokalne\Temp\1_Offer_3.exe C:\Documents and Settings\eo07\Ustawienia lokalne\Temp\AcDeltree.exe C:\Documents and Settings\eo07\Ustawienia lokalne\Temp\ConduitEngine.dll C:\Documents and Settings\eo07\Ustawienia lokalne\Temp\DownloadManager.exe C:\Documents and Settings\eo07\Ustawienia lokalne\Temp\gert0.exe C:\Documents and Settings\eo07\Ustawienia lokalne\Temp\gg10.upgr.exe C:\Documents and Settings\eo07\Ustawienia lokalne\Temp\ggdrive-menu.exe C:\Documents and Settings\eo07\Ustawienia lokalne\Temp\ggdrive-overlay.exe C:\Documents and Settings\eo07\Ustawienia lokalne\Temp\installstats.exe C:\Documents and Settings\eo07\Ustawienia lokalne\Temp\iplBA.tmp.exe C:\Documents and Settings\eo07\Ustawienia lokalne\Temp\sfamcc00001.dll C:\Documents and Settings\eo07\Ustawienia lokalne\Temp\sfextra.dll C:\Documents and Settings\eo07\Ustawienia lokalne\Temp\TrainzPatchInstaller.exe C:\Documents and Settings\eo07\Ustawienia lokalne\Temp\Tsu-0874.dll C:\Documents and Settings\eo07\Ustawienia lokalne\Temp\Tsu11D1E1DF.dll C:\Documents and Settings\eo07\Ustawienia lokalne\Temp\Tsu2153DF79.dll C:\Documents and Settings\eo07\Ustawienia lokalne\Temp\xmlUpdater.exe C:\Documents and Settings\eo07\Ustawienia lokalne\Temp\_is43.exe C:\Documents and Settings\eo07\Ustawienia lokalne\Temp\_isB1.exe C:\Documents and Settings\eo07\Ustawienia lokalne\Temp\_isF9.exe C:\Documents and Settings\eo07\Ustawienia lokalne\Temp\_te161.exe C:\Documents and Settings\systemowe\Ustawienia lokalne\Temp\AcDeltree.exe C:\Documents and Settings\systemowe\Ustawienia lokalne\Temp\AEV1B.exe C:\Documents and Settings\systemowe\Ustawienia lokalne\Temp\aswV5Hlp.dll C:\Documents and Settings\systemowe\Ustawienia lokalne\Temp\AutoRun.exe C:\Documents and Settings\systemowe\Ustawienia lokalne\Temp\difxapi.dll C:\Documents and Settings\systemowe\Ustawienia lokalne\Temp\eauninstall.exe C:\Documents and Settings\systemowe\Ustawienia lokalne\Temp\EBU457.EXE C:\Documents and Settings\systemowe\Ustawienia lokalne\Temp\EBU458.DLL C:\Documents and Settings\systemowe\Ustawienia lokalne\Temp\EBU4A0.EXE C:\Documents and Settings\systemowe\Ustawienia lokalne\Temp\EBU4A1.DLL C:\Documents and Settings\systemowe\Ustawienia lokalne\Temp\firefoxjre_exe.exe C:\Documents and Settings\systemowe\Ustawienia lokalne\Temp\First15.exe C:\Documents and Settings\systemowe\Ustawienia lokalne\Temp\FP_PL_PFS_INSTALLER-1.exe C:\Documents and Settings\systemowe\Ustawienia lokalne\Temp\FP_PL_PFS_INSTALLER.exe C:\Documents and Settings\systemowe\Ustawienia lokalne\Temp\gg10.upgr.exe C:\Documents and Settings\systemowe\Ustawienia lokalne\Temp\gg10_upgr_to_11984_from_11790.exe C:\Documents and Settings\systemowe\Ustawienia lokalne\Temp\gg10_upgr_to_11999_from_11984.exe C:\Documents and Settings\systemowe\Ustawienia lokalne\Temp\gg10_upgr_to_12096_from_11999.exe C:\Documents and Settings\systemowe\Ustawienia lokalne\Temp\gg10_upgr_to_12444_from_12096.exe C:\Documents and Settings\systemowe\Ustawienia lokalne\Temp\GLF112.tmp.ConduitEngineSetup.exe C:\Documents and Settings\systemowe\Ustawienia lokalne\Temp\hpzmsi01.exe C:\Documents and Settings\systemowe\Ustawienia lokalne\Temp\hpzscr01.EXE C:\Documents and Settings\systemowe\Ustawienia lokalne\Temp\hpzswp01.exe C:\Documents and Settings\systemowe\Ustawienia lokalne\Temp\iet109.tmp.exe C:\Documents and Settings\systemowe\Ustawienia lokalne\Temp\install_flashplayer10x32_mssd_aih.exe C:\Documents and Settings\systemowe\Ustawienia lokalne\Temp\install_flashplayer11x32ax_gtbd_aih.exe C:\Documents and Settings\systemowe\Ustawienia lokalne\Temp\install_flashplayer11x32ax_gtbd_aih[1].exe C:\Documents and Settings\systemowe\Ustawienia lokalne\Temp\install_flashplayer11x32ax_gtbd_aih_1.exe C:\Documents and Settings\systemowe\Ustawienia lokalne\Temp\ipl3EA.tmp.exe C:\Documents and Settings\systemowe\Ustawienia lokalne\Temp\ipl572.tmp.exe C:\Documents and Settings\systemowe\Ustawienia lokalne\Temp\iv_uninstall.exe C:\Documents and Settings\systemowe\Ustawienia lokalne\Temp\msxml6-KB927977-enu-x86.exe C:\Documents and Settings\systemowe\Ustawienia lokalne\Temp\nowegg.upgr.exe C:\Documents and Settings\systemowe\Ustawienia lokalne\Temp\ose00000.exe C:\Documents and Settings\systemowe\Ustawienia lokalne\Temp\SIntf16.dll C:\Documents and Settings\systemowe\Ustawienia lokalne\Temp\SIntf32.dll C:\Documents and Settings\systemowe\Ustawienia lokalne\Temp\SIntfNT.dll C:\Documents and Settings\systemowe\Ustawienia lokalne\Temp\SkypeSetup.exe C:\Documents and Settings\systemowe\Ustawienia lokalne\Temp\The Sims 2_uninst.exe C:\Documents and Settings\systemowe\Ustawienia lokalne\Temp\TrainzPatchInstaller.exe C:\Documents and Settings\systemowe\Ustawienia lokalne\Temp\VP6Install.exe C:\Documents and Settings\systemowe\Ustawienia lokalne\Temp\VP6VFW.dll C:\Documents and Settings\systemowe\Ustawienia lokalne\Temp\_is11.exe C:\Documents and Settings\systemowe\Ustawienia lokalne\Temp\_is1C3.exe C:\Documents and Settings\systemowe\Ustawienia lokalne\Temp\_is1C8.exe C:\Documents and Settings\systemowe\Ustawienia lokalne\Temp\_is20D.exe C:\Documents and Settings\systemowe\Ustawienia lokalne\Temp\_is918.exe C:\Documents and Settings\systemowe\Ustawienia lokalne\Temp\_is98.exe C:\Documents and Settings\systemowe\Ustawienia lokalne\Temp\_is99.exe C:\Documents and Settings\systemowe\Ustawienia lokalne\Temp\_is9A.exe C:\Documents and Settings\systemowe\Ustawienia lokalne\Temp\{703E16EB-0E21-4CF1-A42D-D048634C9026}.exe C:\Documents and Settings\systemowe\Ustawienia lokalne\Temp\{9713BDAA-9521-4C64-B001-FE143F9E9F98}.exe C:\Documents and Settings\WIN\Ustawienia lokalne\Temp\instmsia.exe C:\Documents and Settings\WIN\Ustawienia lokalne\Temp\instmsiw.exe C:\Documents and Settings\WIN\Ustawienia lokalne\Temp\setup.exe C:\Documents and Settings\WIN\Ustawienia lokalne\Temp\_is1.exe C:\Documents and Settings\WIN\Ustawienia lokalne\Temp\_is2.exe C:\Documents and Settings\WIN\Ustawienia lokalne\Temp\_isAA.exe ==================== Bamital & volsnap Check ================= C:\WINDOWS\explorer.exe [2008-04-15 13:00] - [2008-04-15 13:00] - 1035264 ____A (Microsoft Corporation) c791ed9eac5e76d9525e157b1d7a599a C:\WINDOWS\system32\winlogon.exe [2008-04-15 13:00] - [2008-04-15 13:00] - 0510464 ____A (Microsoft Corporation) 51fd2e13d723857b9ca239ae77150f48 C:\WINDOWS\system32\svchost.exe [2008-04-15 13:00] - [2008-04-15 13:00] - 0014336 ____A (Microsoft Corporation) 8607d35d92528e2df386f19a960d23ce C:\WINDOWS\system32\services.exe [2008-04-15 13:00] - [2009-02-09 12:25] - 0111104 ____A (Microsoft Corporation) 02a467e27af55f7064c5b251e587315f C:\WINDOWS\system32\User32.dll [2008-04-15 13:00] - [2008-04-15 13:00] - 0580096 ____A (Microsoft Corporation) a435c5c069afd901751ac323ad238793 C:\WINDOWS\system32\userinit.exe [2008-04-15 13:00] - [2008-04-15 13:00] - 0026624 ____A (Microsoft Corporation) 2a5b37d520508be6570a3ea79695f5b5 C:\WINDOWS\system32\rpcss.dll [2008-04-15 13:00] - [2009-02-09 11:53] - 0401408 ____A (Microsoft Corporation) a37311d9d628c1042a2836731787f0f3 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected. C:\WINDOWS\system32\Drivers\volsnap.sys [2008-04-15 13:00] - [2008-04-15 13:00] - 0052864 ____A (Microsoft Corporation) 56b191ac5fc0df219949c95a6c87afe7 ==================== End Of Log ============================