Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-12-2013
Ran by palikot (administrator) on TOONG on 27-12-2013 15:21:42
Running from C:\Documents and Settings\palikot\Pulpit
Microsoft Windows XP Home Edition Dodatek Service Pack 3 (X86) OS Language: Polish
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
() C:\Program Files\Mobogenie\DaemonProcess.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Teruten) C:\WINDOWS\system32\FsUsbExService.Exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(IObit) C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Program Files\Marvell\61xx\svc\mvraidsvc.exe
(Apache Software Foundation) C:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(StarWind Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(Apache Software Foundation) C:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\java.exe
() C:\Documents and Settings\palikot\Ustawienia lokalne\Temp\DSOClient\drakensangonline.exe
(Farbar) C:\Documents and Settings\palikot\Pulpit\FRST(1).exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [Nvtmru] - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1012000 2013-05-16] (NVIDIA Corporation)
HKLM\...\Run: [NPSStartup] - [x]
HKLM\...\Run: [mobilegeni daemon] - C:\Program Files\Mobogenie\DaemonProcess.exe [761024 2013-12-13] ()
HKLM\...\Winlogon: [Userinit] C:\WINDOWS\system32\userinit.exe
Winlogon\Notify\Antiwpa: C:\Windows\system32\antiwpa.dll ()
HKCU\...\Run: [Clownfish] - [x]
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673696 2013-08-01] (Disc Soft Ltd)
HKCU\...\Run: [NextLive] - C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\palikot\Dane aplikacji\newnext.me\nengine.dll",EntryPoint -m l
HKCU\...\Policies\Explorer: [NoThumbnailCache] 1
MountPoints2: {7c12c6c5-3978-11e2-837e-0060b3015a17} - L:\setup.exe
MountPoints2: {7c12c6ce-3978-11e2-837e-0060b3015a17} - O:\STARTUP.EXE
MountPoints2: {a9846431-ec45-11e1-ba0c-0060b3015a17} - N:\AutoRun.exe
MountPoints2: {ad008912-318d-11e1-b632-0060b3015a17} - F:\AutoRun.exe
MountPoints2: {cfbf95c2-ec4a-11e1-a6bb-806d6172696f} - L:\AutoRun.exe
MountPoints2: {df8da9c1-ec4f-11e1-ba8d-0060b3015a17} - N:\AutoRun.exe
Lsa: [Notification Packages]  :\WINDOWS\system32\srrstr.dll

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://msn.gazeta.pl/msn/0,0.html?pc=UP97&ocid=UP97DHP
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\programy\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\programy\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit)
Toolbar: HKCU - &Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

FireFox:
========
FF ProfilePath: C:\Documents and Settings\palikot\Dane aplikacji\Mozilla\Firefox\Profiles\r3t4ttob.default-1368015765796
FF NewTab: about:blank
FF SearchEngineOrder.3: Bing 
FF SelectedSearchEngine: Google
FF Homepage: www.google.pl
FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin: @ganymede/GanymedeNetPlugin,version=1.0 - C:\Program Files\Ganymede\Plugins\npganymedenet.dll ( )
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - D:\programy\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - D:\programy\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @real.com/nppl3260;version=16.0.1.18 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nppl3260;version=6.0.12.450 - C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 - C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.1.18 - C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Documents and Settings\palikot\Ustawienia lokalne\Dane aplikacji\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\wolnelektury-pl.xml
FF Extension: BTControl12DM3  - C:\Documents and Settings\palikot\Dane aplikacji\Mozilla\Firefox\Profiles\r3t4ttob.default-1368015765796\Extensions\{281032d3-fd1f-46dd-80f9-2abc77a7812a}
FF Extension: Adblock Plus - C:\Documents and Settings\palikot\Dane aplikacji\Mozilla\Firefox\Profiles\r3t4ttob.default-1368015765796\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\staged
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

Chrome: 
=======
CHR HomePage: hxxp://msn.gazeta.pl/msn/0,0.html?pc=UP97&ocid=UP97DHP
CHR RestoreOnStartup: "hxxp://www.google.pl/"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\28.0.1500.72\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Facebook Video Calling Plugin) - C:\Documents and Settings\palikot\Ustawienia lokalne\Dane aplikacji\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (GanymedeNet.Detector) - C:\Program Files\Ganymede\Plugins\npganymedenet.dll ( )
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U21) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (Pando Web Plugin) - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
CHR Plugin: (Windows Presentation Foundation) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\WINDOWS\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll No File
CHR Plugin: (Microsoft Office 2010) - D:\programy\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - D:\programy\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Extension: (AdBlock) - C:\Documents and Settings\palikot\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.16_0

========================== Services (Whitelisted) =================

R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 AxAutoMntSrv; C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1664336 2013-11-29] (LogMeIn Inc.)
S4 KMService; C:\WINDOWS\system32\srvany.exe [8192 2012-02-03] ()
R2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2151744 2013-12-13] (IObit)
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [375056 2013-10-11] (LogMeIn, Inc.)
R2 Marvell RAID; C:\Program Files\Marvell\61xx\svc\mvraidsvc.exe [114688 2006-07-26] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [235216 2013-09-06] (McAfee, Inc.)
S3 Microsoft SharePoint Workspace Audit Service; D:\programy\Microsoft Office\Office14\GROOVE.EXE [30785672 2012-09-20] (Microsoft Corporation)
R2 MRUWebService; C:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe [20541 2006-06-26] (Apache Software Foundation)
S3 npggsvc; C:\WINDOWS\system32\GameMon.des [4581296 2012-09-10] (INCA Internet Co., Ltd.)
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software)
S2 hpdj3500; 

==================== Drivers (Whitelisted) ====================

R3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
S3 Ambfilt; C:\Windows\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
R1 AmdPPM; C:\Windows\System32\DRIVERS\AmdPPM.sys [33792 2007-04-16] (Advanced Micro Devices)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [278984 2012-09-02] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2013-09-30] (Disc Soft Ltd)
R3 FsUsbExDisk; C:\WINDOWS\system32\FsUsbExDisk.SYS [36608 2010-06-14] ()
R2 GenPort; C:\Windows\System32\Drivers\GenPort.sys [4832 1997-10-08] (3Dfx Interactive, Inc.)
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [49920 2007-03-08] (HP)
R3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16496 2007-03-08] (HP)
R3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21568 2007-03-08] (HP)
R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO32.SYS [21624 2013-03-23] (REALiX(tm))
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25416 2012-09-02] ()
R2 MapMem; C:\Windows\System32\Drivers\MapMem.sys [6816 1997-10-08] (3Dfx Interactive, Inc.)
S3 Monfilt; C:\Windows\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
R2 NTRemap; C:\Windows\System32\Drivers\NTRemap.sys [6336 1997-10-08] (3Dfx Interactive, Inc.)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf.sys [15544 2011-12-16] (Secunia)
S3 se59bus; C:\Windows\System32\DRIVERS\se59bus.sys [61536 2006-09-05] (MCCI)
S3 se59mdfl; C:\Windows\System32\DRIVERS\se59mdfl.sys [9360 2006-09-05] (MCCI)
S3 se59mdm; C:\Windows\System32\DRIVERS\se59mdm.sys [97088 2006-09-05] (MCCI)
S3 se59obex; C:\Windows\System32\DRIVERS\se59obex.sys [86432 2006-09-05] (MCCI)
R3 SG762_XP; C:\Windows\System32\DRIVERS\WlanBZXP.sys [402432 2006-01-19] (ZyDAS Technology Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [466008 2012-11-28] (Duplex Secure Ltd.)
S3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [33512 2013-02-13] (AnchorFree Inc)
U3 a9u2yt4d; C:\Windows\System32\Drivers\a9u2yt4d.sys [0 ] (Microsoft Corporation)
U3 aq0yrbrn; C:\Windows\System32\Drivers\aq0yrbrn.sys [0 ] (Microsoft Corporation)
U5 ap139eov; C:\Windows\System32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-30 13:19 - 2011-12-29 15:08 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Ivona
2013-12-27 15:21 - 2013-12-27 15:21 - 00017019 _____ C:\Documents and Settings\palikot\Pulpit\FRST.txt
2013-12-27 15:20 - 2013-12-27 15:20 - 00000000 ____D C:\FRST
2013-12-27 15:19 - 2013-12-27 15:19 - 01063503 _____ (Farbar) C:\Documents and Settings\palikot\Pulpit\FRST(1).exe
2013-12-27 15:17 - 2013-12-27 15:19 - 01061207 _____ (Farbar) C:\Documents and Settings\palikot\Pulpit\FRST.exe.part
2013-12-27 15:17 - 2013-12-27 15:17 - 00000000 _____ C:\Documents and Settings\palikot\Pulpit\FRST.exe
2013-12-27 13:12 - 2013-12-27 13:12 - 00116362 _____ C:\Documents and Settings\palikot\Pulpit\OTL.Txt
2013-12-27 13:12 - 2013-12-27 13:12 - 00063514 _____ C:\Documents and Settings\palikot\Pulpit\Extras.Txt
2013-12-26 16:18 - 2013-12-26 16:18 - 00000000 ____D C:\Documents and Settings\palikot\Dane aplikacji\Landwirt2014
2013-12-26 16:17 - 2013-12-26 16:17 - 00000862 _____ C:\Documents and Settings\All Users\Pulpit\Professional Farmer 2014.lnk
2013-12-26 16:17 - 2013-12-26 16:17 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\UIG Entertainment
2013-12-26 15:12 - 2013-12-27 13:04 - 00000000 ____D C:\Documents and Settings\palikot\Dane aplikacji\uTorrent
2013-12-26 15:12 - 2013-12-26 15:12 - 00000826 _____ C:\Documents and Settings\palikot\Pulpit\µTorrent.lnk
2013-12-26 15:12 - 2013-12-26 15:12 - 00000826 _____ C:\Documents and Settings\palikot\Menu Start\µTorrent.lnk
2013-12-26 10:34 - 2013-12-26 11:30 - 64153826 _____ C:\Documents and Settings\palikot\Pulpit\Hardstyle mix 1 (2013).wmv
2013-12-25 19:13 - 2013-12-27 12:47 - 00000000 ____D C:\Documents and Settings\palikot\Dane aplikacji\newnext.me
2013-12-25 19:13 - 2013-12-25 19:13 - 00000000 ____D C:\Documents and Settings\palikot\Ustawienia lokalne\Dane aplikacji\genienext
2013-12-25 19:13 - 2013-12-25 19:13 - 00000000 ____D C:\Documents and Settings\palikot\.android
2013-12-25 19:12 - 2013-12-25 19:13 - 00000000 ____D C:\Program Files\Mobogenie
2013-12-25 19:08 - 2013-12-25 19:18 - 01142864 _____ (BitTorrent Inc.) C:\Documents and Settings\palikot\Pulpit\utorrent.exe
2013-12-24 13:45 - 2013-12-24 13:45 - 00000041 _____ C:\Documents and Settings\palikot\Pulpit\Nowy Dokument tekstowy.txt
2013-12-24 12:55 - 2013-12-24 12:55 - 00000000 ____D C:\Documents and Settings\palikot\Dane aplikacji\Autodesk
2013-12-24 12:55 - 2013-12-24 12:55 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Autodesk
2013-12-23 16:55 - 2013-12-23 16:55 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\TrackMania
2013-12-23 16:53 - 2013-12-23 16:55 - 00000000 ____D C:\Documents and Settings\palikot\Moje dokumenty\TrackMania
2013-12-23 16:52 - 2013-12-23 16:52 - 00000582 _____ C:\Documents and Settings\All Users\Pulpit\TmUnitedForever.lnk
2013-12-23 16:52 - 2013-12-23 16:52 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\TmUnitedForever
2013-12-23 16:11 - 2013-12-23 16:53 - 00236961 _____ C:\WINDOWS\DirectX.log
2013-12-20 18:36 - 2013-12-20 18:36 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-16 20:24 - 2013-12-16 20:26 - 00000000 ____D C:\AdwCleaner
2013-12-14 19:33 - 2013-12-14 19:33 - 00000000 ____D C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Google
2013-12-14 19:30 - 2013-12-26 10:26 - 00000000 ____D C:\Documents and Settings\palikot\Ustawienia lokalne\Dane aplikacji\Mobogenie
2013-12-14 19:30 - 2013-12-14 19:30 - 00000000 ____D C:\Documents and Settings\palikot\Ustawienia lokalne\Dane aplikacji\cache
2013-12-14 19:30 - 2013-12-14 19:30 - 00000000 ____D C:\Documents and Settings\palikot\Moje dokumenty\Mobogenie
2013-12-14 19:30 - 2013-12-14 19:30 - 00000000 _____ C:\Documents and Settings\palikot\daemonprocess.txt
2013-12-14 18:25 - 2013-12-26 15:36 - 00026833 _____ C:\WINDOWS\setupapi.log
2013-12-13 21:48 - 2013-12-27 12:47 - 00012025 _____ C:\WINDOWS\AutoKMS.log
2013-12-13 21:47 - 2013-12-27 12:48 - 00100038 _____ C:\WINDOWS\WindowsUpdate.log
2013-12-13 15:48 - 2013-12-13 15:48 - 00000831 _____ C:\Documents and Settings\palikot\Ustawienia lokalne\Dane aplikacji\recently-used.xbel
2013-12-13 13:09 - 2013-12-13 13:09 - 00000546 _____ C:\Documents and Settings\palikot\Pulpit\Counter-Strike 1.6.lnk
2013-12-13 13:08 - 2013-12-13 13:08 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Counter-Strike 1.6 NonSteam
2013-12-13 12:04 - 2013-12-20 17:44 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\ProductData
2013-12-13 12:04 - 2013-12-13 12:04 - 00000866 _____ C:\Documents and Settings\palikot\Menu Start\Uninstall Programs.lnk
2013-12-13 12:04 - 2013-12-13 12:04 - 00000866 _____ C:\Documents and Settings\All Users\Pulpit\IObit Uninstaller.lnk
2013-12-13 11:47 - 2013-12-13 11:47 - 00000000 __SHD C:\AI_RecycleBin
2013-12-12 21:03 - 2013-12-14 18:25 - 00000082 _____ C:\WINDOWS\setupact.log
2013-12-12 21:03 - 2013-12-12 21:03 - 00000000 _____ C:\WINDOWS\setuperr.log
2013-12-11 11:26 - 2013-12-11 14:26 - 09272200 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe
2013-12-03 17:16 - 2013-12-03 17:16 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\LogMeIn Hamachi

==================== One Month Modified Files and Folders =======

2013-12-27 15:21 - 2013-12-27 15:21 - 00017019 _____ C:\Documents and Settings\palikot\Pulpit\FRST.txt
2013-12-27 15:21 - 2011-12-28 19:42 - 00000000 ____D C:\Documents and Settings\palikot\Pulpit
2013-12-27 15:20 - 2013-12-27 15:20 - 00000000 ____D C:\FRST
2013-12-27 15:19 - 2013-12-27 15:19 - 01063503 _____ (Farbar) C:\Documents and Settings\palikot\Pulpit\FRST(1).exe
2013-12-27 15:19 - 2013-12-27 15:17 - 01061207 _____ (Farbar) C:\Documents and Settings\palikot\Pulpit\FRST.exe.part
2013-12-27 15:18 - 2013-03-21 11:35 - 00027918 _____ C:\WINDOWS\system32\nvAppTimestamps
2013-12-27 15:17 - 2013-12-27 15:17 - 00000000 _____ C:\Documents and Settings\palikot\Pulpit\FRST.exe
2013-12-27 13:12 - 2013-12-27 13:12 - 00116362 _____ C:\Documents and Settings\palikot\Pulpit\OTL.Txt
2013-12-27 13:12 - 2013-12-27 13:12 - 00063514 _____ C:\Documents and Settings\palikot\Pulpit\Extras.Txt
2013-12-27 13:04 - 2013-12-26 15:12 - 00000000 ____D C:\Documents and Settings\palikot\Dane aplikacji\uTorrent
2013-12-27 12:48 - 2013-12-13 21:47 - 00100038 _____ C:\WINDOWS\WindowsUpdate.log
2013-12-27 12:47 - 2013-12-25 19:13 - 00000000 ____D C:\Documents and Settings\palikot\Dane aplikacji\newnext.me
2013-12-27 12:47 - 2013-12-13 21:48 - 00012025 _____ C:\WINDOWS\AutoKMS.log
2013-12-27 12:47 - 2013-08-02 18:02 - 00000000 ____D C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi
2013-12-27 12:47 - 2013-05-15 13:14 - 00078848 _____ C:\WINDOWS\KMSEmulator.exe
2013-12-27 12:47 - 2013-05-15 13:14 - 00000204 _____ C:\WINDOWS\Tasks\AutoKMS.job
2013-12-27 12:47 - 2013-05-15 13:14 - 00000202 _____ C:\WINDOWS\Tasks\AutoKMSDaily.job
2013-12-27 12:47 - 2013-03-24 13:10 - 00000236 _____ C:\WINDOWS\wiadebug.log
2013-12-27 12:47 - 2013-03-24 13:10 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-12-27 12:47 - 2011-12-28 19:41 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-12-26 22:34 - 2011-12-28 19:42 - 00000188 ___SH C:\Documents and Settings\palikot\ntuser.ini
2013-12-26 22:34 - 2011-12-28 19:41 - 00032540 _____ C:\WINDOWS\SchedLgU.Txt
2013-12-26 21:46 - 2012-02-24 22:09 - 00000000 ____D C:\Documents and Settings\palikot\Dane aplikacji\TS3Client
2013-12-26 19:52 - 2013-01-20 16:12 - 00000000 ____D C:\Documents and Settings\palikot\Moje dokumenty\FIFA 10
2013-12-26 16:18 - 2013-12-26 16:18 - 00000000 ____D C:\Documents and Settings\palikot\Dane aplikacji\Landwirt2014
2013-12-26 16:18 - 2012-08-21 21:25 - 00000000 ____D C:\Documents and Settings\palikot\Ustawienia lokalne\Dane aplikacji\SKIDROW
2013-12-26 16:18 - 2011-12-28 19:42 - 00000000 __RHD C:\Documents and Settings\palikot\Dane aplikacji
2013-12-26 16:17 - 2013-12-26 16:17 - 00000862 _____ C:\Documents and Settings\All Users\Pulpit\Professional Farmer 2014.lnk
2013-12-26 16:17 - 2013-12-26 16:17 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\UIG Entertainment
2013-12-26 16:17 - 2011-12-28 20:29 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Start\Programy
2013-12-26 16:17 - 2011-12-28 20:29 - 00000000 ____D C:\Documents and Settings\All Users\Pulpit
2013-12-26 15:36 - 2013-12-14 18:25 - 00026833 _____ C:\WINDOWS\setupapi.log
2013-12-26 15:12 - 2013-12-26 15:12 - 00000826 _____ C:\Documents and Settings\palikot\Pulpit\µTorrent.lnk
2013-12-26 15:12 - 2013-12-26 15:12 - 00000826 _____ C:\Documents and Settings\palikot\Menu Start\µTorrent.lnk
2013-12-26 15:12 - 2011-12-28 19:42 - 00000000 ___RD C:\Documents and Settings\palikot\Menu Start
2013-12-26 11:30 - 2013-12-26 10:34 - 64153826 _____ C:\Documents and Settings\palikot\Pulpit\Hardstyle mix 1 (2013).wmv
2013-12-26 10:33 - 2011-12-28 19:42 - 00000000 ___RD C:\Documents and Settings\palikot\Moje dokumenty
2013-12-26 10:26 - 2013-12-14 19:30 - 00000000 ____D C:\Documents and Settings\palikot\Ustawienia lokalne\Dane aplikacji\Mobogenie
2013-12-26 00:16 - 2012-01-03 18:32 - 00131072 _____ C:\WINDOWS\system32\config\WindowsPowerShell.evt
2013-12-25 19:18 - 2013-12-25 19:08 - 01142864 _____ (BitTorrent Inc.) C:\Documents and Settings\palikot\Pulpit\utorrent.exe
2013-12-25 19:13 - 2013-12-25 19:13 - 00000000 ____D C:\Documents and Settings\palikot\Ustawienia lokalne\Dane aplikacji\genienext
2013-12-25 19:13 - 2013-12-25 19:13 - 00000000 ____D C:\Documents and Settings\palikot\.android
2013-12-25 19:13 - 2013-12-25 19:12 - 00000000 ____D C:\Program Files\Mobogenie
2013-12-25 19:13 - 2011-12-28 19:42 - 00000000 ___RD C:\Documents and Settings\palikot\Menu Start\Programy
2013-12-25 19:13 - 2011-12-28 19:42 - 00000000 ___HD C:\Documents and Settings\palikot\Ustawienia lokalne\Dane aplikacji
2013-12-25 19:13 - 2011-12-28 19:42 - 00000000 ____D C:\Documents and Settings\palikot
2013-12-25 19:07 - 2011-12-28 20:29 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Start
2013-12-25 15:47 - 2012-12-23 15:54 - 00000000 ____D C:\Documents and Settings\palikot\Dane aplikacji\GG
2013-12-25 15:47 - 2012-12-23 15:53 - 00000000 ____D C:\Documents and Settings\palikot\Ustawienia lokalne\Dane aplikacji\GG
2013-12-25 14:23 - 2013-02-03 13:19 - 00000000 ____D C:\Documents and Settings\palikot\.rainlendar2
2013-12-24 13:45 - 2013-12-24 13:45 - 00000041 _____ C:\Documents and Settings\palikot\Pulpit\Nowy Dokument tekstowy.txt
2013-12-24 12:55 - 2013-12-24 12:55 - 00000000 ____D C:\Documents and Settings\palikot\Dane aplikacji\Autodesk
2013-12-24 12:55 - 2013-12-24 12:55 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Autodesk
2013-12-24 12:55 - 2011-12-28 20:27 - 00000000 __RHD C:\Documents and Settings\All Users\Dane aplikacji
2013-12-23 22:35 - 2011-12-29 18:52 - 00000000 ____D C:\Documents and Settings\palikot\Dane aplikacji\Skype
2013-12-23 16:55 - 2013-12-23 16:55 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\TrackMania
2013-12-23 16:55 - 2013-12-23 16:53 - 00000000 ____D C:\Documents and Settings\palikot\Moje dokumenty\TrackMania
2013-12-23 16:53 - 2013-12-23 16:11 - 00236961 _____ C:\WINDOWS\DirectX.log
2013-12-23 16:53 - 2011-12-28 19:37 - 00000000 ____D C:\WINDOWS\system32\DirectX
2013-12-23 16:52 - 2013-12-23 16:52 - 00000582 _____ C:\Documents and Settings\All Users\Pulpit\TmUnitedForever.lnk
2013-12-23 16:52 - 2013-12-23 16:52 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\TmUnitedForever
2013-12-23 16:05 - 2011-12-28 21:04 - 00000000 ____D C:\Documents and Settings\palikot\Dane aplikacji\DAEMON Tools Lite
2013-12-20 18:36 - 2013-12-20 18:36 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-20 17:44 - 2013-12-13 12:04 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\ProductData
2013-12-18 17:23 - 2011-12-29 01:13 - 00000000 ____D C:\Documents and Settings\palikot\Dane aplikacji\Media Player Classic
2013-12-17 23:27 - 2011-12-29 01:18 - 00131072 _____ C:\WINDOWS\system32\config\OAlerts.evt
2013-12-16 20:26 - 2013-12-16 20:24 - 00000000 ____D C:\AdwCleaner
2013-12-16 18:55 - 2013-01-31 17:43 - 00000000 ____D C:\Program Files\Image-Line
2013-12-16 18:55 - 2013-01-31 17:43 - 00000000 ____D C:\Documents and Settings\palikot\Menu Start\Programy\Image-Line
2013-12-16 15:18 - 2006-03-02 13:00 - 00002300 _____ C:\WINDOWS\system32\wpa.dbl
2013-12-14 19:33 - 2013-12-14 19:33 - 00000000 ____D C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Google
2013-12-14 19:33 - 2011-12-28 19:41 - 00000000 ___HD C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji
2013-12-14 19:30 - 2013-12-14 19:30 - 00000000 ____D C:\Documents and Settings\palikot\Ustawienia lokalne\Dane aplikacji\cache
2013-12-14 19:30 - 2013-12-14 19:30 - 00000000 ____D C:\Documents and Settings\palikot\Moje dokumenty\Mobogenie
2013-12-14 19:30 - 2013-12-14 19:30 - 00000000 _____ C:\Documents and Settings\palikot\daemonprocess.txt
2013-12-14 18:25 - 2013-12-12 21:03 - 00000082 _____ C:\WINDOWS\setupact.log
2013-12-14 10:59 - 2011-12-30 17:44 - 00000000 ____D C:\WINDOWS\pss
2013-12-14 10:59 - 2011-12-28 20:29 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
2013-12-14 10:58 - 2013-08-02 18:03 - 00000000 ____D C:\Documents and Settings\palikot\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi
2013-12-13 22:13 - 2013-02-21 17:47 - 00000000 ____D C:\Program Files\Steam
2013-12-13 15:48 - 2013-12-13 15:48 - 00000831 _____ C:\Documents and Settings\palikot\Ustawienia lokalne\Dane aplikacji\recently-used.xbel
2013-12-13 15:48 - 2013-05-15 14:00 - 00000000 ____D C:\Documents and Settings\palikot\.gimp-2.8
2013-12-13 13:09 - 2013-12-13 13:09 - 00000546 _____ C:\Documents and Settings\palikot\Pulpit\Counter-Strike 1.6.lnk
2013-12-13 13:08 - 2013-12-13 13:08 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Counter-Strike 1.6 NonSteam
2013-12-13 12:25 - 2013-01-27 10:38 - 00000000 ___RD C:\Documents and Settings\palikot\Moje dokumenty\Moje obrazy
2013-12-13 12:19 - 2012-07-16 21:33 - 00000000 ____D C:\WINDOWS\ie8updates
2013-12-13 12:19 - 2011-12-29 18:46 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Skype
2013-12-13 12:16 - 2013-08-09 16:54 - 00000000 ____D C:\Documents and Settings\palikot\Dane aplikacji\.minecraft
2013-12-13 12:11 - 2013-05-21 18:44 - 00000000 ____D C:\Documents and Settings\palikot\Pulpit\Muzyka Nowa
2013-12-13 12:11 - 2011-12-28 20:56 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\IObit
2013-12-13 12:07 - 2011-12-28 20:28 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-12-13 12:04 - 2013-12-13 12:04 - 00000866 _____ C:\Documents and Settings\palikot\Menu Start\Uninstall Programs.lnk
2013-12-13 12:04 - 2013-12-13 12:04 - 00000866 _____ C:\Documents and Settings\All Users\Pulpit\IObit Uninstaller.lnk
2013-12-13 12:04 - 2012-01-03 16:41 - 00000000 ____D C:\Program Files\IObit
2013-12-13 12:04 - 2011-12-28 20:56 - 00000000 ____D C:\Documents and Settings\palikot\Dane aplikacji\IObit
2013-12-13 12:04 - 2011-12-28 19:42 - 00000000 ___HD C:\Documents and Settings\palikot\Szablony
2013-12-13 11:59 - 2011-12-28 20:20 - 00000000 ____D C:\WINDOWS\system
2013-12-13 11:53 - 2012-10-25 11:10 - 00000000 ____D C:\Games
2013-12-13 11:47 - 2013-12-13 11:47 - 00000000 __SHD C:\AI_RecycleBin
2013-12-13 11:43 - 2012-03-21 20:44 - 00000000 ____D C:\Documents and Settings\palikot\Ustawienia lokalne\Dane aplikacji\ChomikBox
2013-12-13 11:42 - 2012-03-21 20:44 - 00000000 ____D C:\Documents and Settings\palikot\.gstreamer-0.10
2013-12-13 11:31 - 2011-12-28 23:23 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Camtasia Studio 7
2013-12-12 21:03 - 2013-12-12 21:03 - 00000000 _____ C:\WINDOWS\setuperr.log
2013-12-11 14:26 - 2013-12-11 11:26 - 09272200 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe
2013-12-11 14:26 - 2012-04-10 17:11 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2013-12-11 14:26 - 2011-12-28 19:56 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2013-12-05 19:06 - 2011-12-28 20:29 - 01622066 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-12-05 19:06 - 2006-03-02 13:00 - 00694974 _____ C:\WINDOWS\system32\perfh015.dat
2013-12-05 19:06 - 2006-03-02 13:00 - 00156248 _____ C:\WINDOWS\system32\perfc015.dat
2013-12-03 17:16 - 2013-12-03 17:16 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\LogMeIn Hamachi
2013-12-03 17:16 - 2013-08-02 18:02 - 00000685 _____ C:\Documents and Settings\All Users\Pulpit\LogMeIn Hamachi.lnk
2013-12-03 17:16 - 2013-02-07 16:06 - 00000000 ____D C:\Program Files\LogMeIn Hamachi

Some content of TEMP:
====================
C:\Documents and Settings\palikot\Ustawienia lokalne\Temp\AcDeltree.exe
C:\Documents and Settings\palikot\Ustawienia lokalne\Temp\DownloadManager.exe
C:\Documents and Settings\palikot\Ustawienia lokalne\Temp\HitmanSP1.exe
C:\Documents and Settings\palikot\Ustawienia lokalne\Temp\htmlayout.dll
C:\Documents and Settings\palikot\Ustawienia lokalne\Temp\Mobogenie563.exe
C:\Documents and Settings\palikot\Ustawienia lokalne\Temp\Msvcp60.dll
C:\Documents and Settings\palikot\Ustawienia lokalne\Temp\Quarantine.exe
C:\Documents and Settings\palikot\Ustawienia lokalne\Temp\SkypeSetup.exe
C:\Documents and Settings\palikot\Ustawienia lokalne\Temp\toolbar3867203.exe
C:\Documents and Settings\palikot\Ustawienia lokalne\Temp\uninstall3947812.exe
C:\Documents and Settings\palikot\Ustawienia lokalne\Temp\uninstall3971343.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2006-03-02 13:00] - [2008-04-14 22:51] - 1035264 ____A (Microsoft Corporation) c791ed9eac5e76d9525e157b1d7a599a 

C:\Windows\System32\winlogon.exe
[2006-03-02 13:00] - [2008-04-14 22:51] - 0510464 ____A (Microsoft Corporation) 51fd2e13d723857b9ca239ae77150f48 

C:\Windows\System32\svchost.exe
[2006-03-02 13:00] - [2008-04-14 22:51] - 0014336 ____A (Microsoft Corporation) 8607d35d92528e2df386f19a960d23ce 

C:\Windows\System32\services.exe
[2006-03-02 13:00] - [2009-02-09 12:25] - 0111104 ____A (Microsoft Corporation) 02a467e27af55f7064c5b251e587315f 

C:\Windows\System32\User32.dll
[2006-03-02 13:00] - [2008-04-14 22:50] - 0580096 ____A (Microsoft Corporation) a435c5c069afd901751ac323ad238793 

C:\Windows\System32\userinit.exe
[2006-03-02 13:00] - [2008-04-14 22:51] - 0026624 ____A (Microsoft Corporation) 2a5b37d520508be6570a3ea79695f5b5 

C:\Windows\System32\Drivers\volsnap.sys
[2006-03-02 13:00] - [2008-04-14 21:31] - 0052864 ____A (Microsoft Corporation) 56b191ac5fc0df219949c95a6c87afe7 


==================== End Of Log ============================