x-kom hosting

Brak ikon i paska startu po starcie systemu

bezimienny
utworzono
utworzono

Po starcie systemu ukazuje mi się jedynie moja piękna tapeta i muszę "zabić" explorer.exe, odpalić go jeszcze raz a następnie wszystkie programy z autostartu. Zamieszczam poniżej log'a, gdyby ktoś mógł rzucić okiem i podzielić się swoimi uwagami to byłbym bardzo wdzięczny. Uprzedzam, że wypróbowałem już większość pomysłów z innych for internetowych i nic nie pomogło.
[log]OTL logfile created on: 2010-07-02 14:55:45 - Run 1
OTL by OldTimer - Version 3.2.7.0 Folder = D:\Download
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 59,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 93,00% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 45,31 Gb Total Space | 33,29 Gb Free Space | 73,48% Space Free | Partition Type: NTFS
Drive D: | 50,01 Gb Total Space | 11,09 Gb Free Space | 22,18% Space Free | Partition Type: NTFS
Drive E: | 202,77 Gb Total Space | 91,55 Gb Free Space | 45,15% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PRYWATNY
Current User Name: Krzysiek
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-07-02 14:54:28 | 000,574,464 | ---- | M] (OldTimer Tools) -- D:\Download\OTL.exe
PRC - [2010-06-28 22:57:18 | 002,837,864 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010-06-28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010-06-27 16:55:19 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010-06-27 16:55:19 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010-06-23 13:52:56 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe
PRC - [2010-06-23 13:51:30 | 001,043,968 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2010-04-03 19:23:16 | 000,154,216 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2010-02-09 17:52:15 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009-03-05 17:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- E:\Programy\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008-04-14 22:51:52 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-14 22:51:50 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe
PRC - [2008-04-14 22:51:44 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2008-04-14 22:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [WUDFSERVICEGROUP]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPZ12]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPZ12]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPDEVMGMT]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-14 22:51:40 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008-04-14 22:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 22:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 22:51:04 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2007-05-15 11:33:30 | 000,204,800 | ---- | M] (A4Tech Co.,Ltd.) -- C:\Program Files\A4Tech\Mouse\Amoumain.exe
PRC - [2007-04-18 20:57:48 | 001,617,920 | ---- | M] () -- E:\Programy\M-KbdDrv.exe
PRC - [2007-03-21 08:49:20 | 016,126,464 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe
PRC - [2006-09-22 11:58:12 | 000,241,664 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\ATKKBService.exe
PRC - [2003-06-20 00:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-07-02 14:54:28 | 000,574,464 | ---- | M] (OldTimer Tools) -- D:\Download\OTL.exe
MOD - [2008-04-14 22:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 22:50:58 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2008-04-14 22:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 22:50:58 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-14 22:50:58 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
MOD - [2008-04-14 22:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 22:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 22:50:48 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2008-04-14 22:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 22:50:48 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2008-04-14 22:50:46 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2008-04-14 22:50:46 | 000,584,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2008-04-14 22:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 22:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 22:50:46 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2008-04-14 22:50:46 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2008-04-14 22:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 22:50:42 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
MOD - [2008-04-14 22:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 22:50:36 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2008-04-14 22:50:32 | 000,285,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-04-14 22:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-14 22:50:16 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2008-04-14 22:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-14 22:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2008-04-14 22:50:00 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2008-04-14 22:49:16 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2008-04-14 22:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008-04-14 22:29:10 | 001,054,208 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
MOD - [2007-05-15 11:31:52 | 000,036,864 | ---- | M] (A4Tech Co.,Ltd.) -- C:\WINDOWS\system32\Amhooker.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2010-06-28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010-06-28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010-06-28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010-06-23 13:52:56 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2010-04-27 13:43:48 | 000,611,840 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010-03-18 16:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe -- (aspnet_state)
SRV - [2010-03-18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-03-18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2010-02-19 20:30:16 | 000,067,360 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R)
SRV - [2009-11-21 14:13:30 | 000,354,560 | ---- | M] (TuneUp Software GmbH) [On_Demand | Stopped] -- C:\WINDOWS\system32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2008-04-04 15:51:32 | 000,028,416 | ---- | M] (TuneUp Software GmbH) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2006-09-22 11:58:12 | 000,241,664 | ---- | M] (ASUSTeK COMPUTER INC.) [Auto | Running] -- C:\WINDOWS\ATKKBService.exe -- (ATKKeyboardService)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2010-06-28 22:37:52 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010-06-28 22:37:30 | 000,165,456 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2010-06-28 22:33:13 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010-06-28 22:32:45 | 000,100,176 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010-06-28 22:32:33 | 000,017,744 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010-06-28 22:32:16 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010-06-24 11:45:36 | 000,137,256 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PnkBstrK.sys -- (PnkBstrK)
DRV - [2010-05-13 10:02:32 | 000,532,224 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2010-04-04 00:55:31 | 010,232,128 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2010-02-26 14:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010-02-26 14:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010-02-26 14:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010-02-26 14:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010-02-26 14:21:22 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2010-02-26 14:21:22 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2009-12-09 19:03:03 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2009-12-09 19:03:03 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)
DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008-04-13 22:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007-07-12 11:03:38 | 000,012,288 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\EIO.sys -- (EIO)
DRV - [2007-05-25 05:35:32 | 000,137,728 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\mv61xx.sys -- (mv61xx)
DRV - [2007-05-14 23:41:46 | 000,014,336 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Amusbprt.sys -- (Amusbprt)
DRV - [2007-05-14 23:38:22 | 000,009,216 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Amfilter.sys -- (Amfilter)
DRV - [2007-03-26 13:21:06 | 004,395,008 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007-03-15 08:12:02 | 000,038,656 | R--- | M] (Attansic Technology corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atl01_xp.sys -- (AtcL001)
DRV - [2005-10-18 16:01:00 | 000,011,008 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\atkkbnt.sys -- (asuskbnt)
DRV - [2005-05-17 14:48:21 | 000,050,176 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005-05-16 15:23:38 | 000,019,968 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2005-05-16 15:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2004-08-13 12:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2004-04-30 10:37:02 | 000,160,640 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\a347bus.sys -- (a347bus)
DRV - [2004-04-30 10:33:00 | 000,005,248 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\a347scsi.sys -- (a347scsi)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-436374069-308236825-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.selectedEngine: "Wikipedia (pl)"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.3
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:3.6.3
FF - prefs.js..extensions.enabledItems: undoclosedtabsbutton@supernova00.biz:3.6.2
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.60
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.2.26
FF - prefs.js..extensions.enabledItems: openmedspel@e-medtools.com:1.0.8
FF - prefs.js..extensions.enabledItems: tineye@ideeinc.com:1.0
FF - prefs.js..extensions.enabledItems: turntoolviewer@turntool.com:2.9.5.9
FF - prefs.js..extensions.enabledItems: {DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}:1.0
FF - prefs.js..extensions.enabledItems: nasanightlaunch@example.com:0.6.20100629
FF - prefs.js..extensions.enabledItems: {5c8bfb7c-9a54-11dc-8314-0800200c9a66}:3.6.3


FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-02-05 19:21:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010-03-30 14:08:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-06-27 16:55:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-06-27 16:55:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010-03-30 14:08:30 | 000,000,000 | ---D | M]

[2009-11-21 13:59:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Extensions
[2010-07-01 18:54:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions
[2010-02-10 18:55:33 | 000,000,000 | ---D | M] (Aero Fox) -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}
[2010-04-13 18:57:48 | 000,000,000 | ---D | M] (ReloadEvery) -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}
[2010-04-30 21:35:29 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010-06-04 16:02:08 | 000,000,000 | ---D | M] (flashget3 Extension) -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}
[2010-02-19 00:23:19 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010-01-22 22:49:20 | 000,000,000 | ---D | M] (FoxTab) -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2010-06-29 12:47:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\nasanightlaunch@example.com
[2010-04-09 20:18:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\openmedspel@e-medtools.com
[2010-07-01 18:54:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\tineye@ideeinc.com
[2010-05-26 20:59:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\turntoolviewer@turntool.com
[2010-02-10 14:12:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\undoclosedtabsbutton@supernova00.biz
[2010-02-10 18:55:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\mac\browser\extensions
[2010-02-10 18:55:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\mac\mozapps\extensions
[2010-02-10 18:55:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\win\browser\extensions
[2010-02-10 18:55:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\win\mozapps\extensions
[2009-12-05 22:47:12 | 000,005,609 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\searchplugins\nonsensopedia-pl.xml
[2010-02-09 22:42:23 | 000,001,244 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\searchplugins\winamp-search.xml
[2010-01-05 23:31:59 | 000,001,738 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\searchplugins\wyszukiwanie-filmw-wideo-w-youtube.xml
[2010-07-01 14:45:03 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009-07-17 10:40:12 | 000,704,512 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2010-02-09 19:50:44 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-02-09 19:50:44 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-02-09 19:50:44 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-02-09 19:50:44 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-02-09 19:50:44 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-02-09 19:50:44 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2010-07-02 14:01:36 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - E:\Programy\BitComet\tools\BitCometBHO_1.3.7.16.dll (BitComet)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - E:\Programy\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - No CLSID value found.
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Krzysiek\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [MutlimediaKbdDriver] E:\Programy\M-KbdDrv.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe (A4Tech Co.,Ltd.)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKU\S-1-5-21-436374069-308236825-1801674531-1003..\Run: [SpybotSD TeaTimer] E:\Programy\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoMovingBands = 0
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCloseDragDropBands = 0
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarsOnTaskbar = 0
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 0
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = 0
O8 - Extra context menu item: Download all by FlashGet3 - E:\Programy\FlashGet universal\FlashGet\GetAllUrl.htm ()
O8 - Extra context menu item: Download by FlashGet3 - E:\Programy\FlashGet universal\FlashGet\GetUrl.htm ()
O8 - Extra context menu item: Pobierz wszystkie VIdeo za pomocą BitComet - E:\Programy\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Pobierz wszystko za pomocą BitComet - E:\Programy\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Pobierz za pomocą BitComet - E:\Programy\BitComet\BitComet.exe (www.BitComet.com)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - E:\Programy\BitComet\tools\BitCometBHO_1.3.7.16.dll (BitComet)
O9 - Extra Button: Pokaż lub ukryj HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\Programy\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 88.156.96.61 82.139.8.7 88.156.63.9
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Krzysiek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Krzysiek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-11-20 23:43:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2009-11-21 00:27:19 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software GmbH)
NetSvcs: WmdmPmSp - File not found

MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: vsmon - C:\WINDOWS\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-07-02 14:41:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\$regcmp$
[2010-07-02 14:35:13 | 000,000,000 | ---D | C] -- C:\Program Files\SmartPCTools
[2010-07-02 14:34:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\BITS
[2010-07-02 14:13:14 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010-07-02 13:56:11 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010-07-02 13:56:11 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010-07-02 13:56:11 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010-07-02 13:56:11 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010-07-02 13:56:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010-07-02 13:39:53 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010-06-29 12:14:08 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\WINDOWS\avastSS.scr
[2010-06-26 18:14:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Ustawienia lokalne\Dane aplikacji\PMB Files
[2010-06-26 18:13:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\PMB Files
[2010-06-25 12:47:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010-06-23 17:18:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Moje dokumenty\Moje skanowanie
[2010-06-22 20:31:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Moje dokumenty\Black & White 2
[2010-06-18 20:15:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Moje dokumenty\NFS Most Wanted
[2010-06-16 21:55:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Moje dokumenty\Pobieranie
[2010-06-14 14:55:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2010-06-12 18:59:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Moje dokumenty\Moje dzieła SPORE
[2010-06-12 18:59:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\SPORE
[2010-06-12 18:58:55 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts
[2010-06-11 18:28:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\TeamViewer
[2010-06-11 18:28:22 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer
[2010-06-10 17:47:27 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys
[2010-06-10 13:39:30 | 000,679,936 | ---- | C] (Generated by JEDI) -- C:\WINDOWS\System32\D3DX81ab.dll
[2010-06-10 13:39:28 | 000,000,000 | ---D | C] -- C:\Program Files\Cheat Engine
[2010-06-09 16:40:37 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2010-06-09 16:30:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\DVDVideoSoftIEHelpers
[2010-06-09 16:30:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Moje dokumenty\DVDVideoSoft
[2010-06-07 20:05:00 | 000,000,000 | ---D | C] -- C:\Program Files\PDF Image Extract Software
[2010-06-04 22:09:27 | 000,000,000 | ---D | C] -- C:\BDS
[2010-06-04 22:07:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\NVIDIA
[2010-06-04 20:54:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Trymedia
[2010-06-04 16:01:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\FlashGet
[2010-05-29 20:02:07 | 000,000,000 | ---D | C] -- C:\Program Files\JustDo
[2010-05-27 22:26:40 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
[2010-05-26 20:59:44 | 000,000,000 | ---D | C] -- C:\Program Files\TurnTool
[2010-05-26 20:59:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Ustawienia lokalne\Dane aplikacji\TurnTool
[2010-05-23 18:51:30 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\SecuROM
[2010-05-19 19:01:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts
[2010-05-18 14:44:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NVIDIA Corporation
[2010-05-18 14:44:44 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010-05-18 14:44:06 | 000,061,440 | ---- | C] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll
[2010-05-18 14:43:57 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2010-05-18 14:07:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Moje dokumenty\BFBC2
[2010-05-05 11:58:09 | 000,008,320 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\nmwcdnsuc.sys
[2010-05-05 11:58:08 | 000,137,344 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\nmwcdnsu.sys
[2010-05-05 11:58:08 | 000,008,192 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\usbser_lowerfltj.sys
[2010-05-05 11:58:08 | 000,008,192 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\usbser_lowerflt.sys
[2010-05-05 11:58:07 | 000,022,528 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmbo.sys
[2010-05-05 11:58:06 | 000,662,016 | ---- | C] (Nokia) -- C:\WINDOWS\System32\nmwcdcocls.dll
[2010-05-05 11:58:06 | 000,018,176 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmb.sys
[2009-12-11 18:33:34 | 000,160,640 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347bus.sys
[2009-12-11 18:33:34 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347scsi.sys

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-07-02 14:46:40 | 010,223,616 | ---- | M] () -- C:\Documents and Settings\Krzysiek\NTUSER.DAT
[2010-07-02 14:44:33 | 000,000,482 | ---- | M] () -- C:\WINDOWS\tasks\1-Click Maintenance.job
[2010-07-02 14:44:30 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-07-02 14:44:22 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-07-02 14:34:43 | 000,000,820 | ---- | M] () -- C:\WINDOWS\System32\secustat.dat
[2010-07-02 14:01:42 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010-07-02 14:01:36 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010-07-02 11:26:01 | 000,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat
[2010-07-02 11:26:01 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Pulpit\ZoneAlarm Security.lnk
[2010-07-02 11:25:59 | 000,420,889 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2010-07-02 10:44:38 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-06-29 12:14:09 | 000,002,645 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010-06-28 22:57:33 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\WINDOWS\avastSS.scr
[2010-06-28 22:57:12 | 000,165,032 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010-06-28 22:37:52 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010-06-28 22:37:30 | 000,165,456 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010-06-28 22:33:13 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010-06-28 22:32:45 | 000,100,176 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010-06-28 22:32:42 | 000,094,544 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010-06-28 22:32:33 | 000,017,744 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010-06-28 22:32:16 | 000,028,880 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010-06-25 13:16:25 | 000,276,202 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010-06-25 13:13:24 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Krzysiek\ntuser.ini
[2010-06-25 13:13:04 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2010-06-25 13:13:03 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010-06-25 13:13:03 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010-06-25 13:13:03 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010-06-25 13:13:03 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010-06-25 13:13:03 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010-06-25 13:07:56 | 000,000,793 | ---- | M] () -- C:\WINDOWS\win.ini
[2010-06-25 13:07:56 | 000,000,223 | -HS- | M] () -- C:\boot.ini
[2010-06-24 22:57:43 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010-06-24 22:57:28 | 000,022,528 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-06-24 19:52:49 | 001,260,448 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-06-24 19:52:49 | 000,573,982 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2010-06-24 19:52:49 | 000,510,806 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-06-24 19:52:49 | 000,113,268 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2010-06-24 19:52:49 | 000,091,248 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-06-24 19:37:51 | 000,000,647 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Pulpit\Counter-Strike.lnk
[2010-06-24 19:37:51 | 000,000,602 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Pulpit\Half-Life.lnk
[2010-06-24 14:40:05 | 000,218,808 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2010-06-24 11:45:36 | 000,137,256 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010-06-23 21:14:58 | 000,408,553 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100701-222447.backup
[2010-06-23 19:43:18 | 000,025,600 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\Book97.doc
[2010-06-23 17:23:05 | 000,031,674 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\skanowanie0001_1.htm
[2010-06-23 17:22:29 | 000,031,672 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\skanowanie0001.htm
[2010-06-22 19:29:19 | 000,000,589 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Black & White 2.lnk
[2010-06-20 18:51:25 | 000,408,427 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100623-211458.backup
[2010-06-18 19:35:47 | 000,000,751 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Medieval II Total War.lnk
[2010-06-18 19:25:05 | 000,000,804 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Need for Speed™ Most Wanted.lnk
[2010-06-17 19:30:36 | 000,099,814 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\fce.jpg
[2010-06-14 18:12:06 | 000,404,365 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100620-185125.backup
[2010-06-14 14:55:58 | 000,001,700 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\avast! Free Antivirus.lnk
[2010-06-12 18:48:23 | 000,000,848 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\SPORE™.lnk
[2010-06-11 19:47:33 | 000,000,519 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\AIMP2.lnk
[2010-06-11 18:28:27 | 000,000,879 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\TeamViewer 5.lnk
[2010-06-10 17:47:29 | 000,000,767 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Pulpit\EVEREST Home Edition.lnk
[2010-06-10 13:39:32 | 000,000,670 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Pulpit\Cheat Engine.lnk
[2010-06-09 20:52:45 | 000,127,587 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\screen.jpg
[2010-06-04 22:19:31 | 000,000,779 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Borderlands.lnk
[2010-06-04 16:01:38 | 000,000,025 | ---- | M] () -- C:\WINDOWS\libem.INI
[2010-06-04 16:01:16 | 000,000,695 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Pulpit\FlashGet 3.5.lnk
[2010-06-03 18:28:10 | 000,000,509 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Pulpit\MoorHunt.lnk
[2010-05-27 22:26:25 | 000,001,855 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nokia Software Updater.lnk
[2010-05-23 16:53:57 | 002,940,928 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\CHOROBY sss.ppt
[2010-05-18 14:04:27 | 000,001,687 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Battlefield Bad Company 2.lnk
[2010-05-17 15:45:15 | 000,000,619 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Pulpit\Zeus and Posejdon.lnk
[2010-05-14 16:35:28 | 000,000,128 | ---- | M] () -- C:\Documents and Settings\Krzysiek\default.pls
[2010-05-12 16:32:14 | 000,395,194 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100614-181206.backup
[2010-05-08 23:50:55 | 000,393,062 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100512-163214.backup
[2010-05-07 18:33:12 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010-05-05 17:41:51 | 000,002,331 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nokia Ovi Player.lnk
[2010-05-05 13:01:31 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2010-05-05 12:26:50 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2010-05-05 12:26:48 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2010-05-03 23:10:06 | 000,000,514 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Steam.lnk

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-07-02 14:34:43 | 000,000,820 | ---- | C] () -- C:\WINDOWS\System32\secustat.dat
[2010-07-02 13:56:12 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010-07-02 13:56:11 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010-07-02 13:56:11 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010-07-02 13:56:11 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010-07-02 13:56:11 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010-07-02 11:26:01 | 000,000,731 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Pulpit\ZoneAlarm Security.lnk
[2010-06-24 19:37:51 | 000,000,647 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Pulpit\Counter-Strike.lnk
[2010-06-24 19:37:51 | 000,000,602 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Pulpit\Half-Life.lnk
[2010-06-23 19:43:15 | 000,025,600 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\Book97.doc
[2010-06-23 17:23:03 | 000,031,674 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\skanowanie0001_1.htm
[2010-06-23 17:22:26 | 000,031,672 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\skanowanie0001.htm
[2010-06-22 19:29:19 | 000,000,589 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Black & White 2.lnk
[2010-06-18 20:15:05 | 000,030,560 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Pulpit\pzn-nfst.exe
[2010-06-18 19:35:47 | 000,000,751 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Medieval II Total War.lnk
[2010-06-18 19:25:05 | 000,000,804 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Need for Speed™ Most Wanted.lnk
[2010-06-17 19:30:29 | 000,099,814 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\fce.jpg
[2010-06-14 14:55:58 | 000,001,700 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\avast! Free Antivirus.lnk
[2010-06-12 18:48:23 | 000,000,848 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\SPORE™.lnk
[2010-06-11 18:28:27 | 000,000,879 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\TeamViewer 5.lnk
[2010-06-10 17:47:29 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Pulpit\EVEREST Home Edition.lnk
[2010-06-10 13:39:32 | 000,000,670 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Pulpit\Cheat Engine.lnk
[2010-06-10 13:39:30 | 001,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll
[2010-06-09 20:52:31 | 000,127,587 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\screen.jpg
[2010-06-04 22:19:31 | 000,000,779 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Borderlands.lnk
[2010-06-04 16:01:38 | 000,000,025 | ---- | C] () -- C:\WINDOWS\libem.INI
[2010-06-04 16:01:16 | 000,000,695 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Pulpit\FlashGet 3.5.lnk
[2010-05-23 16:52:16 | 002,940,928 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\CHOROBY sss.ppt
[2010-05-18 14:44:06 | 000,009,046 | ---- | C] () -- C:\WINDOWS\System32\nvinfo.pb
[2010-05-18 14:44:04 | 002,183,470 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2010-05-18 14:04:27 | 000,001,687 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Battlefield Bad Company 2.lnk
[2010-05-14 19:12:07 | 000,000,619 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Pulpit\Zeus and Posejdon.lnk
[2010-05-05 12:26:50 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2010-05-05 12:26:48 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2010-04-10 16:18:56 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2010-01-10 16:49:31 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009-12-31 15:21:32 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-12-07 23:18:07 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.INI
[2009-11-21 16:29:14 | 000,010,496 | ---- | C] () -- C:\WINDOWS\System32\ATKOSDMini.DLL
[2009-11-21 16:29:14 | 000,000,018 | ---- | C] () -- C:\WINDOWS\System32\atkid.ini
[2009-11-21 16:29:13 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\asrussian.dll
[2009-11-21 16:29:13 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\asgerman.dll
[2009-11-21 16:29:13 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\askorean.dll
[2009-11-21 16:29:13 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\asjapan.dll
[2009-11-21 16:29:12 | 000,046,592 | ---- | C] () -- C:\WINDOWS\System32\asfrench.dll
[2009-11-21 16:29:12 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\aseng.dll
[2009-11-21 16:29:12 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\ASCHT.dll
[2009-11-21 16:29:12 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\aschs.dll
[2009-11-21 14:39:56 | 000,137,256 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009-11-21 14:39:32 | 000,000,309 | ---- | C] () -- C:\WINDOWS\game.ini
[2009-11-21 13:44:59 | 000,796,048 | ---- | C] () -- C:\WINDOWS\System32\libeay32_0.9.6l.dll
[2009-11-21 13:36:02 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009-11-21 13:36:01 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009-11-21 13:36:01 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009-11-21 00:08:55 | 000,014,277 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2009-11-21 00:08:55 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2009-11-21 00:08:48 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2007-06-28 18:43:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2003-04-08 12:40:22 | 000,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

[color=#E56717]========== LOP Check ==========[/color]

[2010-06-14 14:55:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2010-05-19 19:01:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts
[2010-05-27 22:25:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations
[2009-11-21 13:45:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MailFrontier
[2010-03-29 20:12:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia
[2010-03-29 19:35:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NokiaMusic
[2009-11-22 14:35:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2010-03-29 20:50:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OviInstallerCache
[2010-03-29 20:10:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
[2010-06-26 22:24:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PMB Files
[2010-07-02 14:46:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2009-11-21 14:13:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TuneUp Software
[2010-03-06 15:14:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ubisoft
[2010-01-30 18:38:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{402F10B9-711E-4EF4-BC0E-AFE669ACC04C}
[2010-06-30 22:10:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\AIMP
[2010-07-02 14:34:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\BITS
[2009-12-09 17:06:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Broad Intelligence
[2010-03-20 16:22:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\COWON
[2009-12-19 21:07:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Dev-Cpp
[2009-11-21 13:44:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Dual Vibration Game pad
[2009-11-21 13:44:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Dual Vibration Gamepad
[2010-06-09 16:30:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\DVDVideoSoftIEHelpers
[2009-12-06 20:53:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\FileZilla
[2010-06-04 16:01:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\FlashGet
[2009-12-06 22:19:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Free Mp3 Wma Ogg Converter
[2009-11-21 13:35:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Gadu-Gadu
[2009-11-21 14:23:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Gadu-Gadu 10
[2009-12-19 15:28:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Leadertech
[2010-04-06 20:52:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mp3tag
[2010-03-29 20:58:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Nokia
[2010-06-22 22:00:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Nowe Gadu-Gadu
[2009-11-22 14:34:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\OpenFM
[2010-03-30 14:19:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\PC Suite
[2010-01-07 21:45:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\SoundSpectrum
[2010-06-12 19:00:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\SPORE
[2010-06-11 18:50:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\TeamViewer
[2009-11-24 21:45:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\TigerPlayer
[2009-11-21 14:13:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\TuneUp Software
[2010-03-06 15:14:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Ubisoft
[2009-11-21 14:35:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\URSoft
[2010-07-02 14:44:33 | 000,000,482 | ---- | M] () -- C:\WINDOWS\Tasks\1-Click Maintenance.job

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2009-11-20 23:43:08 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010-06-25 13:07:56 | 000,000,223 | -HS- | M] () -- C:\boot.ini
[2001-07-22 00:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2009-11-20 23:43:08 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2009-11-20 23:43:08 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2009-11-20 23:43:08 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008-04-13 22:13:04 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008-04-14 00:02:00 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2010-07-02 14:44:19 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\system32\DRIVERS\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2001-08-17 23:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\ERDNT\cache\beep.sys
[2001-08-17 23:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2001-08-17 23:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ERDNT\cache\ndis.sys
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 368 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:B3D74A13
@Alternate Data Stream - 158 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:ECF54A0E
< End of report >
[/log]

Gość
komentarz
komentarz

wg mnie - ok

full scan mbamem -> http://www.malwarebytes.org/mbam.php

Tomek01
komentarz
komentarz (edytowane)

Jest coś do usunięcia: C:\WINDOWS\System32\secustat.dat

Ale może tak pokazałbyś też log z Combofix'a skoro już go użyłeś.

Edytowane przez Tomek01
bezimienny
komentarz
komentarz (edytowane)

Panowie, Windows zmienny jest jak kobieta. Dziękuje za okazaną pomoc. Wszystko już działa :)

No to sobie komputer podziałał. Znowu nawala.
[log]OTL logfile created on: 2010-07-06 11:55:37 - Run 1
OTL by OldTimer - Version 3.2.7.1 Folder = D:\Download
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 57,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 92,00% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 45,31 Gb Total Space | 32,61 Gb Free Space | 71,96% Space Free | Partition Type: NTFS
Drive D: | 50,01 Gb Total Space | 11,09 Gb Free Space | 22,18% Space Free | Partition Type: NTFS
Drive E: | 202,77 Gb Total Space | 91,41 Gb Free Space | 45,08% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PRYWATNY
Current User Name: Krzysiek
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-07-06 11:54:37 | 000,574,976 | ---- | M] (OldTimer Tools) -- D:\Download\OTL.exe
PRC - [2010-07-05 21:30:07 | 000,219,128 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.exe
PRC - [2010-06-28 22:57:18 | 002,837,864 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010-06-28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010-06-27 16:55:19 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010-06-27 16:55:19 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010-06-23 13:52:56 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe
PRC - [2010-06-23 13:51:30 | 001,043,968 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2010-04-03 19:23:16 | 000,154,216 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2010-02-09 17:52:15 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2010-01-30 13:53:51 | 000,075,064 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe
PRC - [2009-03-05 17:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- E:\Programy\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008-04-14 22:51:52 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-14 22:51:50 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe
PRC - [2008-04-14 22:51:44 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2008-04-14 22:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [WUDFSERVICEGROUP]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPZ12]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPZ12]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPDEVMGMT]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-14 22:51:40 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008-04-14 22:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 22:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 22:51:04 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2007-05-15 11:33:30 | 000,204,800 | ---- | M] (A4Tech Co.,Ltd.) -- C:\Program Files\A4Tech\Mouse\Amoumain.exe
PRC - [2007-04-18 20:57:48 | 001,617,920 | ---- | M] () -- E:\Programy\M-KbdDrv.exe
PRC - [2007-03-21 08:49:20 | 016,126,464 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe
PRC - [2006-09-22 11:58:12 | 000,241,664 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\ATKKBService.exe
PRC - [2003-06-20 00:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-07-06 11:54:37 | 000,574,976 | ---- | M] (OldTimer Tools) -- D:\Download\OTL.exe
MOD - [2008-04-14 22:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 22:50:58 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2008-04-14 22:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 22:50:58 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-14 22:50:58 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
MOD - [2008-04-14 22:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 22:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 22:50:48 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2008-04-14 22:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 22:50:48 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2008-04-14 22:50:46 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2008-04-14 22:50:46 | 000,584,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2008-04-14 22:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 22:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 22:50:46 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2008-04-14 22:50:46 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2008-04-14 22:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 22:50:42 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
MOD - [2008-04-14 22:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 22:50:36 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2008-04-14 22:50:32 | 000,285,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-04-14 22:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-14 22:50:16 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2008-04-14 22:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-14 22:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2008-04-14 22:50:00 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2008-04-14 22:49:16 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2008-04-14 22:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008-04-14 22:29:10 | 001,054,208 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
MOD - [2007-05-15 11:31:52 | 000,036,864 | ---- | M] (A4Tech Co.,Ltd.) -- C:\WINDOWS\system32\Amhooker.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2010-06-28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010-06-28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010-06-28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010-06-23 13:52:56 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2010-04-27 13:43:48 | 000,611,840 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010-03-18 16:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe -- (aspnet_state)
SRV - [2010-03-18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-03-18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2010-02-19 20:30:16 | 000,067,360 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R)
SRV - [2009-11-21 14:13:30 | 000,354,560 | ---- | M] (TuneUp Software GmbH) [On_Demand | Stopped] -- C:\WINDOWS\system32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2008-04-04 15:51:32 | 000,028,416 | ---- | M] (TuneUp Software GmbH) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2006-09-22 11:58:12 | 000,241,664 | ---- | M] (ASUSTeK COMPUTER INC.) [Auto | Running] -- C:\WINDOWS\ATKKBService.exe -- (ATKKeyboardService)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\Video3D32.sys -- (Video3D)
DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\ZoneLabs\srescan.sys -- (srescan)
DRV - File not found [File_System | System | Stopped] -- C:\WINDOWS\System32\DRIVERS\klif.sys -- (KLIF)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Krzysiek\USTAWI~1\Temp\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Krzysiek\USTAWI~1\Temp\cpuz130\cpuz_x32.sys -- (cpuz130)
DRV - [2010-06-28 22:37:52 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010-06-28 22:37:30 | 000,165,456 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010-06-28 22:33:13 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010-06-28 22:32:45 | 000,100,176 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010-06-28 22:32:33 | 000,017,744 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010-06-28 22:32:16 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010-05-13 10:02:32 | 000,532,224 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2010-04-04 00:55:31 | 010,232,128 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2010-02-26 14:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010-02-26 14:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010-02-26 14:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010-02-26 14:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010-02-26 14:21:22 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2010-02-26 14:21:22 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2009-12-09 19:03:03 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2009-12-09 19:03:03 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)
DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008-04-13 22:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007-07-12 11:03:38 | 000,012,288 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\EIO.sys -- (EIO)
DRV - [2007-05-25 05:35:32 | 000,137,728 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\mv61xx.sys -- (mv61xx)
DRV - [2007-05-14 23:41:46 | 000,014,336 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Amusbprt.sys -- (Amusbprt)
DRV - [2007-05-14 23:38:22 | 000,009,216 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Amfilter.sys -- (Amfilter)
DRV - [2007-03-26 13:21:06 | 004,395,008 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007-03-15 08:12:02 | 000,038,656 | R--- | M] (Attansic Technology corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atl01_xp.sys -- (AtcL001)
DRV - [2005-10-18 16:01:00 | 000,011,008 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\atkkbnt.sys -- (asuskbnt)
DRV - [2005-05-17 14:48:21 | 000,050,176 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005-05-16 15:23:38 | 000,019,968 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2005-05-16 15:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2004-08-13 12:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2004-04-30 10:37:02 | 000,160,640 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\a347bus.sys -- (a347bus)
DRV - [2004-04-30 10:33:00 | 000,005,248 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\a347scsi.sys -- (a347scsi)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-436374069-308236825-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.3
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:3.6.3
FF - prefs.js..extensions.enabledItems: undoclosedtabsbutton@supernova00.biz:3.6.2
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.60
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.2.26
FF - prefs.js..extensions.enabledItems: openmedspel@e-medtools.com:1.0.8
FF - prefs.js..extensions.enabledItems: tineye@ideeinc.com:1.0
FF - prefs.js..extensions.enabledItems: turntoolviewer@turntool.com:2.9.5.9
FF - prefs.js..extensions.enabledItems: {DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}:1.0
FF - prefs.js..extensions.enabledItems: nasanightlaunch@example.com:0.6.20100629
FF - prefs.js..extensions.enabledItems: {5c8bfb7c-9a54-11dc-8314-0800200c9a66}:3.6.3


FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-02-05 19:21:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010-03-30 14:08:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-06-27 16:55:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-06-27 16:55:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010-03-30 14:08:30 | 000,000,000 | ---D | M]

[2009-11-21 13:59:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Extensions
[2010-07-05 20:44:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions
[2010-02-10 18:55:33 | 000,000,000 | ---D | M] (Aero Fox) -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}
[2010-04-13 18:57:48 | 000,000,000 | ---D | M] (ReloadEvery) -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}
[2010-04-30 21:35:29 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010-06-04 16:02:08 | 000,000,000 | ---D | M] (flashget3 Extension) -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}
[2010-02-19 00:23:19 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010-01-22 22:49:20 | 000,000,000 | ---D | M] (FoxTab) -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2010-06-29 12:47:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\nasanightlaunch@example.com
[2010-04-09 20:18:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\openmedspel@e-medtools.com
[2010-07-01 18:54:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\tineye@ideeinc.com
[2010-05-26 20:59:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\turntoolviewer@turntool.com
[2010-02-10 14:12:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\undoclosedtabsbutton@supernova00.biz
[2010-02-10 18:55:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\mac\browser\extensions
[2010-02-10 18:55:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\mac\mozapps\extensions
[2010-02-10 18:55:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\win\browser\extensions
[2010-02-10 18:55:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\win\mozapps\extensions
[2009-12-05 22:47:12 | 000,005,609 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\searchplugins\nonsensopedia-pl.xml
[2010-02-09 22:42:23 | 000,001,244 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\searchplugins\winamp-search.xml
[2010-01-05 23:31:59 | 000,001,738 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\searchplugins\wyszukiwanie-filmw-wideo-w-youtube.xml
[2010-07-05 20:44:37 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009-07-17 10:40:12 | 000,704,512 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2010-02-09 19:50:44 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-02-09 19:50:44 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-02-09 19:50:44 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-02-09 19:50:44 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-02-09 19:50:44 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-02-09 19:50:44 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2010-07-02 14:01:36 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - E:\Programy\BitComet\tools\BitCometBHO_1.3.7.16.dll (BitComet)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - E:\Programy\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - No CLSID value found.
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Krzysiek\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [MutlimediaKbdDriver] E:\Programy\M-KbdDrv.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe (A4Tech Co.,Ltd.)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKU\S-1-5-21-436374069-308236825-1801674531-1003..\Run: [SpybotSD TeaTimer] E:\Programy\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoMovingBands = 0
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCloseDragDropBands = 0
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarsOnTaskbar = 0
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 0
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = 0
O8 - Extra context menu item: Download all by FlashGet3 - E:\Programy\FlashGet universal\FlashGet\GetAllUrl.htm ()
O8 - Extra context menu item: Download by FlashGet3 - E:\Programy\FlashGet universal\FlashGet\GetUrl.htm ()
O8 - Extra context menu item: Pobierz wszystkie VIdeo za pomocą BitComet - E:\Programy\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Pobierz wszystko za pomocą BitComet - E:\Programy\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Pobierz za pomocą BitComet - E:\Programy\BitComet\BitComet.exe (www.BitComet.com)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - E:\Programy\BitComet\tools\BitCometBHO_1.3.7.16.dll (BitComet)
O9 - Extra Button: Pokaż lub ukryj HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\Programy\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 88.156.96.61 82.139.8.7 88.156.63.9
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Krzysiek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Krzysiek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-11-20 23:43:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software GmbH)
NetSvcs: WmdmPmSp - File not found

MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: vsmon - C:\WINDOWS\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-07-02 14:41:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\$regcmp$
[2010-07-02 14:35:13 | 000,000,000 | ---D | C] -- C:\Program Files\SmartPCTools
[2010-07-02 14:34:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\BITS
[2010-07-02 14:13:14 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010-07-02 13:56:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010-06-29 12:14:08 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\WINDOWS\avastSS.scr
[2010-06-26 18:14:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Ustawienia lokalne\Dane aplikacji\PMB Files
[2010-06-26 18:13:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\PMB Files
[2010-06-25 12:47:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010-06-23 17:18:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Moje dokumenty\Moje skanowanie
[2010-06-22 20:31:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Moje dokumenty\Black & White 2
[2010-06-18 20:15:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Moje dokumenty\NFS Most Wanted
[2010-06-16 21:55:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Moje dokumenty\Pobieranie
[2010-06-14 14:55:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2010-06-12 18:59:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Moje dokumenty\Moje dzieła SPORE
[2010-06-12 18:59:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\SPORE
[2010-06-12 18:58:55 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts
[2010-06-11 18:28:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\TeamViewer
[2010-06-11 18:28:22 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer
[2010-06-10 17:47:27 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys
[2010-06-10 13:39:30 | 000,679,936 | ---- | C] (Generated by JEDI) -- C:\WINDOWS\System32\D3DX81ab.dll
[2010-06-10 13:39:28 | 000,000,000 | ---D | C] -- C:\Program Files\Cheat Engine
[2010-06-09 16:40:37 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2010-06-09 16:30:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\DVDVideoSoftIEHelpers
[2010-06-09 16:30:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Moje dokumenty\DVDVideoSoft
[2010-06-07 20:05:00 | 000,000,000 | ---D | C] -- C:\Program Files\PDF Image Extract Software
[2010-06-04 22:09:27 | 000,000,000 | ---D | C] -- C:\BDS
[2010-06-04 22:07:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\NVIDIA
[2010-06-04 20:54:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Trymedia
[2010-06-04 16:01:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\FlashGet
[2010-05-29 20:02:07 | 000,000,000 | ---D | C] -- C:\Program Files\JustDo
[2010-05-27 22:26:40 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
[2010-05-26 20:59:44 | 000,000,000 | ---D | C] -- C:\Program Files\TurnTool
[2010-05-26 20:59:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Ustawienia lokalne\Dane aplikacji\TurnTool
[2010-05-23 18:51:30 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\SecuROM
[2010-05-19 19:01:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts
[2010-05-18 14:44:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NVIDIA Corporation
[2010-05-18 14:44:44 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010-05-18 14:44:06 | 000,061,440 | ---- | C] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll
[2010-05-18 14:43:57 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2010-05-18 14:07:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Moje dokumenty\BFBC2
[2009-12-11 18:33:34 | 000,160,640 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347bus.sys
[2009-12-11 18:33:34 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347scsi.sys

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-07-06 11:41:06 | 000,000,482 | ---- | M] () -- C:\WINDOWS\tasks\1-Click Maintenance.job
[2010-07-06 11:41:02 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-07-06 11:40:48 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-07-06 11:40:46 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-07-05 23:16:14 | 010,485,760 | ---- | M] () -- C:\Documents and Settings\Krzysiek\NTUSER.DAT
[2010-07-05 21:30:07 | 000,219,128 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2010-07-05 21:13:13 | 000,138,592 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010-07-05 12:59:34 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2010-07-05 10:28:15 | 000,000,128 | ---- | M] () -- C:\Documents and Settings\Krzysiek\default.pls
[2010-07-04 23:47:30 | 002,115,778 | -H-- | M] () -- C:\Documents and Settings\Krzysiek\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-07-04 19:05:08 | 000,276,202 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010-07-03 23:21:30 | 000,075,120 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-07-03 19:22:15 | 001,603,052 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\tapetka3.2.png
[2010-07-03 17:28:35 | 000,841,061 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\tapetka2.jpg
[2010-07-03 15:20:51 | 000,282,928 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-07-02 22:44:28 | 000,280,605 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\bez_nazwy_;).png
[2010-07-02 14:34:43 | 000,000,820 | ---- | M] () -- C:\WINDOWS\System32\secustat.dat
[2010-07-02 14:01:42 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010-07-02 14:01:36 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010-07-02 11:26:01 | 000,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat
[2010-07-02 11:26:01 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Pulpit\ZoneAlarm Security.lnk
[2010-07-02 11:25:59 | 000,420,889 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2010-06-29 12:14:09 | 000,002,645 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010-06-28 22:57:33 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\WINDOWS\avastSS.scr
[2010-06-28 22:57:12 | 000,165,032 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010-06-28 22:37:52 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010-06-28 22:37:30 | 000,165,456 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010-06-28 22:33:13 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010-06-28 22:32:45 | 000,100,176 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010-06-28 22:32:42 | 000,094,544 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010-06-28 22:32:33 | 000,017,744 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010-06-28 22:32:16 | 000,028,880 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010-06-25 13:13:24 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Krzysiek\ntuser.ini
[2010-06-25 13:13:04 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2010-06-25 13:13:03 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010-06-25 13:13:03 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010-06-25 13:13:03 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010-06-25 13:13:03 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010-06-25 13:13:03 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010-06-25 13:07:56 | 000,000,793 | ---- | M] () -- C:\WINDOWS\win.ini
[2010-06-25 13:07:56 | 000,000,223 | -HS- | M] () -- C:\boot.ini
[2010-06-24 22:57:43 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010-06-24 22:57:28 | 000,022,528 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-06-24 19:52:49 | 001,260,448 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-06-24 19:52:49 | 000,573,982 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2010-06-24 19:52:49 | 000,510,806 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-06-24 19:52:49 | 000,113,268 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2010-06-24 19:52:49 | 000,091,248 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-06-24 19:37:51 | 000,000,647 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Pulpit\Counter-Strike.lnk
[2010-06-24 19:37:51 | 000,000,602 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Pulpit\Half-Life.lnk
[2010-06-23 21:14:58 | 000,408,553 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100701-222447.backup
[2010-06-23 19:43:18 | 000,025,600 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\Book97.doc
[2010-06-23 17:23:05 | 000,031,674 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\skanowanie0001_1.htm
[2010-06-23 17:22:29 | 000,031,672 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\skanowanie0001.htm
[2010-06-22 19:29:19 | 000,000,589 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Black & White 2.lnk
[2010-06-20 18:51:25 | 000,408,427 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100623-211458.backup
[2010-06-18 19:35:47 | 000,000,751 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Medieval II Total War.lnk
[2010-06-18 19:25:05 | 000,000,804 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Need for Speed™ Most Wanted.lnk
[2010-06-17 19:30:36 | 000,099,814 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\fce.jpg
[2010-06-14 18:12:06 | 000,404,365 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100620-185125.backup
[2010-06-14 14:55:58 | 000,001,700 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\avast! Free Antivirus.lnk
[2010-06-12 18:48:23 | 000,000,848 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\SPORE™.lnk
[2010-06-11 19:47:33 | 000,000,519 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\AIMP2.lnk
[2010-06-11 18:28:27 | 000,000,879 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\TeamViewer 5.lnk
[2010-06-10 17:47:29 | 000,000,767 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Pulpit\EVEREST Home Edition.lnk
[2010-06-10 13:39:32 | 000,000,670 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Pulpit\Cheat Engine.lnk
[2010-06-09 20:52:45 | 000,127,587 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\screen.jpg
[2010-06-04 22:19:31 | 000,000,779 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Borderlands.lnk
[2010-06-04 16:01:38 | 000,000,025 | ---- | M] () -- C:\WINDOWS\libem.INI
[2010-06-04 16:01:16 | 000,000,695 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Pulpit\FlashGet 3.5.lnk
[2010-06-03 18:28:10 | 000,000,509 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Pulpit\MoorHunt.lnk
[2010-05-27 22:26:25 | 000,001,855 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nokia Software Updater.lnk
[2010-05-23 16:53:57 | 002,940,928 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\CHOROBY sss.ppt
[2010-05-18 14:04:27 | 000,001,687 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Battlefield Bad Company 2.lnk
[2010-05-17 15:45:15 | 000,000,619 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Pulpit\Zeus and Posejdon.lnk
[2010-05-12 16:32:14 | 000,395,194 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100614-181206.backup
[2010-05-08 23:50:55 | 000,393,062 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100512-163214.backup
[2010-05-07 18:33:12 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-07-03 19:19:53 | 001,603,052 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\tapetka3.2.png
[2010-07-03 17:27:29 | 000,841,061 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\tapetka2.jpg
[2010-07-02 22:44:09 | 000,280,605 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\bez_nazwy_;).png
[2010-07-02 14:34:43 | 000,000,820 | ---- | C] () -- C:\WINDOWS\System32\secustat.dat
[2010-07-02 13:56:12 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010-07-02 13:56:11 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010-07-02 11:26:01 | 000,000,731 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Pulpit\ZoneAlarm Security.lnk
[2010-06-24 19:37:51 | 000,000,647 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Pulpit\Counter-Strike.lnk
[2010-06-24 19:37:51 | 000,000,602 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Pulpit\Half-Life.lnk
[2010-06-23 19:43:15 | 000,025,600 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\Book97.doc
[2010-06-23 17:23:03 | 000,031,674 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\skanowanie0001_1.htm
[2010-06-23 17:22:26 | 000,031,672 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\skanowanie0001.htm
[2010-06-22 19:29:19 | 000,000,589 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Black & White 2.lnk
[2010-06-18 20:15:05 | 000,030,560 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Pulpit\pzn-nfst.exe
[2010-06-18 19:35:47 | 000,000,751 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Medieval II Total War.lnk
[2010-06-18 19:25:05 | 000,000,804 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Need for Speed™ Most Wanted.lnk
[2010-06-17 19:30:29 | 000,099,814 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\fce.jpg
[2010-06-14 14:55:58 | 000,001,700 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\avast! Free Antivirus.lnk
[2010-06-12 18:48:23 | 000,000,848 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\SPORE™.lnk
[2010-06-11 18:28:27 | 000,000,879 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\TeamViewer 5.lnk
[2010-06-10 17:47:29 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Pulpit\EVEREST Home Edition.lnk
[2010-06-10 13:39:32 | 000,000,670 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Pulpit\Cheat Engine.lnk
[2010-06-10 13:39:30 | 001,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll
[2010-06-09 20:52:31 | 000,127,587 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\screen.jpg
[2010-06-04 22:19:31 | 000,000,779 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Borderlands.lnk
[2010-06-04 16:01:38 | 000,000,025 | ---- | C] () -- C:\WINDOWS\libem.INI
[2010-06-04 16:01:16 | 000,000,695 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Pulpit\FlashGet 3.5.lnk
[2010-05-23 16:52:16 | 002,940,928 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\CHOROBY sss.ppt
[2010-05-18 14:44:06 | 000,009,046 | ---- | C] () -- C:\WINDOWS\System32\nvinfo.pb
[2010-05-18 14:44:04 | 002,183,470 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2010-05-18 14:04:27 | 000,001,687 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Battlefield Bad Company 2.lnk
[2010-05-14 19:12:07 | 000,000,619 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Pulpit\Zeus and Posejdon.lnk
[2010-04-10 16:18:56 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2010-01-10 16:49:31 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009-12-31 15:21:32 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-12-07 23:18:07 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.INI
[2009-11-21 16:29:14 | 000,010,496 | ---- | C] () -- C:\WINDOWS\System32\ATKOSDMini.DLL
[2009-11-21 16:29:14 | 000,000,018 | ---- | C] () -- C:\WINDOWS\System32\atkid.ini
[2009-11-21 16:29:13 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\asrussian.dll
[2009-11-21 16:29:13 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\asgerman.dll
[2009-11-21 16:29:13 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\askorean.dll
[2009-11-21 16:29:13 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\asjapan.dll
[2009-11-21 16:29:12 | 000,046,592 | ---- | C] () -- C:\WINDOWS\System32\asfrench.dll
[2009-11-21 16:29:12 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\aseng.dll
[2009-11-21 16:29:12 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\ASCHT.dll
[2009-11-21 16:29:12 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\aschs.dll
[2009-11-21 14:39:56 | 000,138,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009-11-21 14:39:32 | 000,000,309 | ---- | C] () -- C:\WINDOWS\game.ini
[2009-11-21 13:44:59 | 000,796,048 | ---- | C] () -- C:\WINDOWS\System32\libeay32_0.9.6l.dll
[2009-11-21 13:36:02 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009-11-21 13:36:01 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009-11-21 13:36:01 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009-11-21 00:08:55 | 000,014,277 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2009-11-21 00:08:55 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2009-11-21 00:08:48 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2007-06-28 18:43:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2003-04-08 12:40:22 | 000,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

[color=#E56717]========== LOP Check ==========[/color]

[2010-06-14 14:55:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2010-05-19 19:01:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts
[2010-05-27 22:25:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations
[2009-11-21 13:45:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MailFrontier
[2010-03-29 20:12:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia
[2010-03-29 19:35:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NokiaMusic
[2009-11-22 14:35:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2010-03-29 20:50:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OviInstallerCache
[2010-03-29 20:10:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
[2010-06-26 22:24:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PMB Files
[2010-07-02 14:46:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2009-11-21 14:13:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TuneUp Software
[2010-03-06 15:14:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ubisoft
[2010-01-30 18:38:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{402F10B9-711E-4EF4-BC0E-AFE669ACC04C}
[2010-07-05 14:49:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\AIMP
[2010-07-02 14:34:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\BITS
[2009-12-09 17:06:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Broad Intelligence
[2010-03-20 16:22:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\COWON
[2009-12-19 21:07:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Dev-Cpp
[2009-11-21 13:44:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Dual Vibration Game pad
[2009-11-21 13:44:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Dual Vibration Gamepad
[2010-06-09 16:30:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\DVDVideoSoftIEHelpers
[2009-12-06 20:53:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\FileZilla
[2010-06-04 16:01:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\FlashGet
[2009-12-06 22:19:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Free Mp3 Wma Ogg Converter
[2009-11-21 13:35:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Gadu-Gadu
[2009-11-21 14:23:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Gadu-Gadu 10
[2009-12-19 15:28:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Leadertech
[2010-04-06 20:52:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mp3tag
[2010-03-29 20:58:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Nokia
[2010-06-22 22:00:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Nowe Gadu-Gadu
[2009-11-22 14:34:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\OpenFM
[2010-03-30 14:19:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\PC Suite
[2010-01-07 21:45:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\SoundSpectrum
[2010-06-12 19:00:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\SPORE
[2010-06-11 18:50:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\TeamViewer
[2009-11-24 21:45:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\TigerPlayer
[2009-11-21 14:13:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\TuneUp Software
[2010-03-06 15:14:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Ubisoft
[2009-11-21 14:35:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\URSoft
[2010-07-06 11:41:06 | 000,000,482 | ---- | M] () -- C:\WINDOWS\Tasks\1-Click Maintenance.job

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2009-11-20 23:43:08 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010-06-25 13:07:56 | 000,000,223 | -HS- | M] () -- C:\boot.ini
[2001-07-22 00:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2009-11-20 23:43:08 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2009-11-20 23:43:08 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2009-11-20 23:43:08 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008-04-13 22:13:04 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008-04-14 00:02:00 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2010-07-06 11:40:42 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\system32\DRIVERS\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2001-08-17 23:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\ERDNT\cache\beep.sys
[2001-08-17 23:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2001-08-17 23:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ERDNT\cache\ndis.sys
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 368 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:B3D74A13
@Alternate Data Stream - 158 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:ECF54A0E
< End of report >
[/log]

Ma ktoś może jakieś pomysły?

Edytowane przez Bezimienny
Tomek01
komentarz
komentarz

Nic specjalnego nie widzę i usunięcie jednego pliku na pewno sytuacji nie poprawi.

Wykonaj pełny skan [url=http://www.instalki.pl/programy/download_c/14/155.html][color=#0000CD][b]DrWebCureIt[/b][/color][/url] oraz [url=http://www.instalki.pl/programy/download_c/13/96.html][color=#0000CD][b]Malwarebytes Anti-Malware[/b][/color][/url] i wyniki podaj na forum.

Oraz pokaż log z Combofix'a o którego wcześniej już prosiłem.

bezimienny
komentarz
komentarz

Anti-malware:
[URL=http://img819.imageshack.us/i/antimalware.png/][IMG]http://img819.imageshack.us/img819/1310/antimalware.th.png[/IMG][/URL]

Uploaded with [URL=http://imageshack.us]ImageShack.us[/URL]
[log]Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Wersja bazy: 4304

Windows 5.1.2600 Dodatek Service Pack 3
Internet Explorer 6.0.2900.5512

2010-07-12 13:51:09
mbam-log-2010-07-12 (13-51-09).txt

Typ skanowania: Pełne skanowanie (C:\|D:\|E:\|)
Przeskanowano obiektów: 225440
Upłynęło: 28 minut(y), 10 sekund(y)

Zainfekowanych procesów w pamięci: 0
Zainfekowanych modułów w pamięci: 0
Zainfekowanych kluczy rejestru: 0
Zainfekowanych wartości rejestru: 0
Zainfekowane informacje rejestru systemowego: 0
Zainfekowanych folderów: 0
Zainfekowanych plików: 1

Zainfekowanych procesów w pamięci:
(Nie znaleziono zagrożeń)

Zainfekowanych modułów w pamięci:
(Nie znaleziono zagrożeń)

Zainfekowanych kluczy rejestru:
(Nie znaleziono zagrożeń)

Zainfekowanych wartości rejestru:
(Nie znaleziono zagrożeń)

Zainfekowane informacje rejestru systemowego:
(Nie znaleziono zagrożeń)

Zainfekowanych folderów:
(Nie znaleziono zagrożeń)

Zainfekowanych plików:
C:\Documents and Settings\Użytkownik\Pulpit\pzn-nfst.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.[/log]

a dr.web nic nie znalazł
combofix'a boje się odpalać, bo log zniknął a podczas skanowania wyskakiwały jakieś errory

Mateusz J.
komentarz
komentarz

Nie widać w logu żadnych problemów z powłoką systemową shell.
Ale spróbuj wykonać poniższy fix, możliwe że OTL nie pokazuje wszystkiego.
Do notatnika wklej:[code]Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Shell"=-
"Shell"=Explorer.exe[/code]Plik ==> Zapisz jako ==> Zmień rozszerzenie na Wszystkie pliki ==> Zapisz pod nazwą [b]FIX.REG[/b]
Uruchom utworzony plik [b]FIX.REG[/b] i potwierdź dodanie do Rejestru i zresetuj komputer.

Jeśli nie pomoże proponuję podmianę pliku explorer.exe.

Tomek01
komentarz
komentarz

Do [url=http://images.malwareremoval.com/jpshortstuff/SystemLook.exe][b]System Look[/b][/url] wklej:

[code]:filefind
explorer.exe
[/code]
Wciśnij look pokaż co wyskoczy.

bezimienny
komentarz
komentarz

[log]SystemLook v1.0 by jpshortstuff (11.01.10)
Log created at 19:59 on 12/07/2010 by Użytkownik (Administrator - Elevation successful)

========== filefind ==========

Searching for "explorer.exe"
C:\WINDOWS\ERDNT\cache\explorer.exe --a--- 1035264 bytes [12:02 02/07/2010] [20:51 14/04/2008] C791ED9EAC5E76D9525E157B1D7A599A
C:\WINDOWS\explorer.exe --a--- 1035264 bytes [20:51 14/04/2008] [20:51 14/04/2008] C791ED9EAC5E76D9525E157B1D7A599A
C:\WINDOWS\system32\dllcache\explorer.exe --a--c 1035264 bytes [20:51 14/04/2008] [20:51 14/04/2008] C791ED9EAC5E76D9525E157B1D7A599A

-=End Of File=-[/log]

Tomek01
komentarz
komentarz

Explorer w jak najlepszym porządku.

Wrzuć jeszcze log z Silent Runners oraz Gmer.

bezimienny
komentarz
komentarz

ściągnąłem silent runners w zip'ie, to był jakiś plik .vbs i od czasu jego odpalenia użycie procesora skacze od 50% do 100% (albo jest ok.50 albo tylko 100), nawet nie moge zrobić skanów GMER'em

odpala mi się także kilka svchost.exe, przed chwilą musiałem resetować kompa, bo na 2 rdzeniach miałem 100% użycie. Nawet Menadżer zadań się zawiesił i wgrał stary motyw okna.

Tomek01
komentarz
komentarz

Pokaż logi OTL i RSIT.

bezimienny
komentarz
komentarz

OTL
[log]OTL logfile created on: 2010-07-16 13:48:35 - Run 1
OTL by OldTimer - Version 3.2.9.0 Folder = D:\Download
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 59,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 92,00% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 45,31 Gb Total Space | 29,84 Gb Free Space | 65,85% Space Free | Partition Type: NTFS
Drive D: | 50,01 Gb Total Space | 9,59 Gb Free Space | 19,18% Space Free | Partition Type: NTFS
Drive E: | 202,77 Gb Total Space | 92,15 Gb Free Space | 45,45% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PRYWATNY
Current User Name: Krzysiek
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-07-10 16:14:07 | 000,574,976 | ---- | M] (OldTimer Tools) -- D:\Download\OTL.exe
PRC - [2010-06-28 22:57:18 | 002,837,864 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010-06-28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010-06-27 16:55:19 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010-06-27 16:55:19 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010-06-23 13:52:56 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe
PRC - [2010-06-23 13:51:30 | 001,043,968 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2010-04-03 19:23:16 | 000,154,216 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2010-02-09 17:52:15 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009-11-22 14:37:35 | 011,539,048 | ---- | M] (GG Network S.A.) -- E:\Programy\Nowe Gadu-Gadu\gg.exe
PRC - [2009-10-28 13:43:06 | 000,077,824 | ---- | M] () -- E:\Programy\Nowe Gadu-Gadu\spellchecker_gg.exe
PRC - [2009-03-05 17:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- E:\Programy\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008-04-14 22:51:52 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-14 22:51:50 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe
PRC - [2008-04-14 22:51:44 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2008-04-14 22:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [WUDFSERVICEGROUP]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPZ12]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPZ12]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPDEVMGMT]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-14 22:51:40 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008-04-14 22:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 22:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 22:51:04 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2007-05-15 11:33:30 | 000,204,800 | ---- | M] (A4Tech Co.,Ltd.) -- C:\Program Files\A4Tech\Mouse\Amoumain.exe
PRC - [2007-04-18 20:57:48 | 001,617,920 | ---- | M] () -- E:\Programy\M-KbdDrv.exe
PRC - [2007-03-21 08:49:20 | 016,126,464 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe
PRC - [2006-09-22 11:58:12 | 000,241,664 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\ATKKBService.exe
PRC - [2003-06-20 00:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-07-10 16:14:07 | 000,574,976 | ---- | M] (OldTimer Tools) -- D:\Download\OTL.exe
MOD - [2008-04-14 22:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 22:50:58 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2008-04-14 22:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 22:50:58 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-14 22:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 22:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 22:50:48 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2008-04-14 22:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 22:50:48 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2008-04-14 22:50:46 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2008-04-14 22:50:46 | 000,584,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2008-04-14 22:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 22:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 22:50:46 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2008-04-14 22:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 22:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 22:50:36 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2008-04-14 22:50:32 | 000,285,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-04-14 22:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-14 22:50:16 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2008-04-14 22:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-14 22:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2008-04-14 22:50:00 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2008-04-14 22:49:16 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2008-04-14 22:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008-04-14 22:29:10 | 001,054,208 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
MOD - [2007-05-15 11:31:52 | 000,036,864 | ---- | M] (A4Tech Co.,Ltd.) -- C:\WINDOWS\system32\Amhooker.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2010-06-28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010-06-28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010-06-28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010-06-23 13:52:56 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2010-04-27 13:43:48 | 000,611,840 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010-03-18 16:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe -- (aspnet_state)
SRV - [2010-03-18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-03-18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2010-02-19 20:30:16 | 000,067,360 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R)
SRV - [2009-11-21 14:13:30 | 000,354,560 | ---- | M] (TuneUp Software GmbH) [On_Demand | Stopped] -- C:\WINDOWS\system32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2008-04-04 15:51:32 | 000,028,416 | ---- | M] (TuneUp Software GmbH) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2006-09-22 11:58:12 | 000,241,664 | ---- | M] (ASUSTeK COMPUTER INC.) [Auto | Running] -- C:\WINDOWS\ATKKBService.exe -- (ATKKeyboardService)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\Video3D32.sys -- (Video3D)
DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\ZoneLabs\srescan.sys -- (srescan)
DRV - File not found [File_System | System | Stopped] -- C:\WINDOWS\System32\DRIVERS\klif.sys -- (KLIF)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Krzysiek\USTAWI~1\Temp\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Krzysiek\USTAWI~1\Temp\cpuz130\cpuz_x32.sys -- (cpuz130)
DRV - [2010-07-15 17:43:06 | 000,137,256 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PnkBstrK.sys -- (PnkBstrK)
DRV - [2010-06-28 22:37:52 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010-06-28 22:37:30 | 000,165,456 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010-06-28 22:33:13 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010-06-28 22:32:45 | 000,100,176 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010-06-28 22:32:33 | 000,017,744 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010-06-28 22:32:16 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010-05-13 10:02:32 | 000,532,224 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2010-04-04 00:55:31 | 010,232,128 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2010-02-26 14:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010-02-26 14:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010-02-26 14:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010-02-26 14:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010-02-26 14:21:22 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2010-02-26 14:21:22 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2009-12-09 19:03:03 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2009-12-09 19:03:03 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)
DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008-04-13 22:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007-07-12 11:03:38 | 000,012,288 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\EIO.sys -- (EIO)
DRV - [2007-05-25 05:35:32 | 000,137,728 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\mv61xx.sys -- (mv61xx)
DRV - [2007-05-14 23:41:46 | 000,014,336 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Amusbprt.sys -- (Amusbprt)
DRV - [2007-05-14 23:38:22 | 000,009,216 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Amfilter.sys -- (Amfilter)
DRV - [2007-03-26 13:21:06 | 004,395,008 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007-03-15 08:12:02 | 000,038,656 | R--- | M] (Attansic Technology corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atl01_xp.sys -- (AtcL001)
DRV - [2005-10-18 16:01:00 | 000,011,008 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\atkkbnt.sys -- (asuskbnt)
DRV - [2005-05-17 14:48:21 | 000,050,176 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005-05-16 15:23:38 | 000,019,968 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2005-05-16 15:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2004-08-13 12:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2004-04-30 10:37:02 | 000,160,640 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\a347bus.sys -- (a347bus)
DRV - [2004-04-30 10:33:00 | 000,005,248 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\a347scsi.sys -- (a347scsi)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-436374069-308236825-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.1
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.3
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:3.6.3
FF - prefs.js..extensions.enabledItems: undoclosedtabsbutton@supernova00.biz:3.6.2
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.60
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.2.26
FF - prefs.js..extensions.enabledItems: openmedspel@e-medtools.com:1.0.8
FF - prefs.js..extensions.enabledItems: tineye@ideeinc.com:1.0
FF - prefs.js..extensions.enabledItems: turntoolviewer@turntool.com:2.9.5.9
FF - prefs.js..extensions.enabledItems: {DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}:1.0
FF - prefs.js..extensions.enabledItems: illimitux@illimitux.net:4.0
FF - prefs.js..extensions.enabledItems: nasanightlaunch@example.com:0.6.20100705
FF - prefs.js..extensions.enabledItems: {5c8bfb7c-9a54-11dc-8314-0800200c9a66}:3.6.3
FF - prefs.js..network.proxy.http: "202.153.41.211"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.type: 0


FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-02-05 19:21:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010-03-30 14:08:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-06-27 16:55:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-06-27 16:55:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010-03-30 14:08:30 | 000,000,000 | ---D | M]

[2009-11-21 13:59:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Extensions
[2010-07-15 16:04:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions
[2010-02-10 18:55:33 | 000,000,000 | ---D | M] (Aero Fox) -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}
[2010-04-13 18:57:48 | 000,000,000 | ---D | M] (ReloadEvery) -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}
[2010-07-10 22:50:37 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010-06-04 16:02:08 | 000,000,000 | ---D | M] (flashget3 Extension) -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}
[2010-02-19 00:23:19 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010-01-22 22:49:20 | 000,000,000 | ---D | M] (FoxTab) -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2010-07-13 19:05:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\illimitux@illimitux.net
[2010-07-10 22:50:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\nasanightlaunch@example.com
[2010-04-09 20:18:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\openmedspel@e-medtools.com
[2010-07-01 18:54:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\tineye@ideeinc.com
[2010-05-26 20:59:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\turntoolviewer@turntool.com
[2010-02-10 14:12:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\undoclosedtabsbutton@supernova00.biz
[2010-02-10 18:55:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\mac\browser\extensions
[2010-02-10 18:55:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\mac\mozapps\extensions
[2010-02-10 18:55:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\win\browser\extensions
[2010-02-10 18:55:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\win\mozapps\extensions
[2009-12-05 22:47:12 | 000,005,609 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\searchplugins\nonsensopedia-pl.xml
[2010-02-09 22:42:23 | 000,001,244 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\searchplugins\winamp-search.xml
[2010-01-05 23:31:59 | 000,001,738 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\searchplugins\wyszukiwanie-filmw-wideo-w-youtube.xml
[2010-07-15 16:04:02 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009-07-17 10:40:12 | 000,704,512 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2010-02-09 19:50:44 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-02-09 19:50:44 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-02-09 19:50:44 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-02-09 19:50:44 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-02-09 19:50:44 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-02-09 19:50:44 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2010-07-16 13:42:18 | 000,411,385 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 14242 more lines...
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - E:\Programy\BitComet\tools\BitCometBHO_1.3.7.16.dll (BitComet)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - E:\Programy\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - No CLSID value found.
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Krzysiek\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [MutlimediaKbdDriver] E:\Programy\M-KbdDrv.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe (A4Tech Co.,Ltd.)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKU\S-1-5-21-436374069-308236825-1801674531-1003..\Run: [SpybotSD TeaTimer] E:\Programy\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoMovingBands = 0
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCloseDragDropBands = 0
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarsOnTaskbar = 0
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 0
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = 0
O8 - Extra context menu item: Download all by FlashGet3 - E:\Programy\FlashGet universal\FlashGet\GetAllUrl.htm ()
O8 - Extra context menu item: Download by FlashGet3 - E:\Programy\FlashGet universal\FlashGet\GetUrl.htm ()
O8 - Extra context menu item: Pobierz wszystkie VIdeo za pomocą BitComet - E:\Programy\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Pobierz wszystko za pomocą BitComet - E:\Programy\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Pobierz za pomocą BitComet - E:\Programy\BitComet\BitComet.exe (www.BitComet.com)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - E:\Programy\BitComet\tools\BitCometBHO_1.3.7.16.dll (BitComet)
O9 - Extra Button: Pokaż lub ukryj HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\Programy\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 88.156.96.61 82.139.8.7 88.156.63.9
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Krzysiek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Krzysiek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-11-20 23:43:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software GmbH)
NetSvcs: WmdmPmSp - File not found

MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: vsmon - C:\WINDOWS\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-07-16 13:44:55 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010-07-16 13:44:54 | 000,000,000 | ---D | C] -- C:\rsit
[2010-07-12 23:11:25 | 000,000,000 | ---D | C] -- C:\Program Files\Xvid
[2010-07-12 23:11:24 | 000,000,000 | ---D | C] -- C:\Program Files\FDRLab
[2010-07-12 23:09:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\dwhelper
[2010-07-12 13:55:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\DoctorWeb
[2010-07-12 13:19:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Malwarebytes
[2010-07-12 13:18:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
[2010-07-06 23:05:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Moje dokumenty\Medal of Honor MP Beta
[2010-07-02 14:41:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\$regcmp$
[2010-07-02 14:35:13 | 000,000,000 | ---D | C] -- C:\Program Files\SmartPCTools
[2010-07-02 14:34:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\BITS
[2010-07-02 14:13:14 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010-07-02 13:56:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010-06-29 12:14:08 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\WINDOWS\avastSS.scr
[2010-06-26 18:14:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Ustawienia lokalne\Dane aplikacji\PMB Files
[2010-06-26 18:13:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\PMB Files
[2010-06-25 12:47:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010-06-23 17:18:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Moje dokumenty\Moje skanowanie
[2010-06-22 20:31:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Moje dokumenty\Black & White 2
[2010-06-18 20:15:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Moje dokumenty\NFS Most Wanted
[2010-06-16 21:55:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Moje dokumenty\Pobieranie
[2010-06-14 14:55:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2010-06-12 18:59:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Moje dokumenty\Moje dzieła SPORE
[2010-06-12 18:59:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\SPORE
[2010-06-12 18:58:55 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts
[2010-06-11 18:28:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\TeamViewer
[2010-06-11 18:28:22 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer
[2010-06-10 17:47:27 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys
[2010-06-10 13:39:30 | 000,679,936 | ---- | C] (Generated by JEDI) -- C:\WINDOWS\System32\D3DX81ab.dll
[2010-06-10 13:39:28 | 000,000,000 | ---D | C] -- C:\Program Files\Cheat Engine
[2010-06-09 16:40:37 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2010-06-09 16:30:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\DVDVideoSoftIEHelpers
[2010-06-09 16:30:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Moje dokumenty\DVDVideoSoft
[2010-06-07 20:05:00 | 000,000,000 | ---D | C] -- C:\Program Files\PDF Image Extract Software
[2010-06-04 22:09:27 | 000,000,000 | ---D | C] -- C:\BDS
[2010-06-04 22:07:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\NVIDIA
[2010-06-04 20:54:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Trymedia
[2010-06-04 16:01:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\FlashGet
[2010-05-29 20:02:07 | 000,000,000 | ---D | C] -- C:\Program Files\JustDo
[2010-05-27 22:26:40 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
[2010-05-26 20:59:44 | 000,000,000 | ---D | C] -- C:\Program Files\TurnTool
[2010-05-26 20:59:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Ustawienia lokalne\Dane aplikacji\TurnTool
[2010-05-23 18:51:30 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\SecuROM
[2010-05-19 19:01:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts
[2010-05-18 14:44:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NVIDIA Corporation
[2010-05-18 14:44:44 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010-05-18 14:44:06 | 000,061,440 | ---- | C] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll
[2010-05-18 14:43:57 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2010-05-18 14:07:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Moje dokumenty\BFBC2
[2009-12-11 18:33:34 | 000,160,640 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347bus.sys
[2009-12-11 18:33:34 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347scsi.sys

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-07-16 13:46:51 | 000,001,040 | ---- | M] () -- C:\WINDOWS\System32\secustat.dat
[2010-07-16 13:46:44 | 000,005,579 | ---- | M] () -- C:\WINDOWS\System32\secushr.dat
[2010-07-16 13:42:18 | 000,411,385 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010-07-16 13:42:17 | 010,485,760 | ---- | M] () -- C:\Documents and Settings\Krzysiek\NTUSER.DAT
[2010-07-16 13:00:00 | 000,000,482 | ---- | M] () -- C:\WINDOWS\tasks\1-Click Maintenance.job
[2010-07-16 12:23:19 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-07-16 12:23:03 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-07-15 18:33:25 | 000,218,808 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2010-07-15 17:43:06 | 000,137,256 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010-07-14 22:40:35 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Krzysiek\ntuser.ini
[2010-07-13 18:32:16 | 000,276,202 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010-07-12 23:44:43 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010-07-12 20:01:29 | 000,000,147 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Pulpit\FIX.reg
[2010-07-12 13:51:04 | 001,350,102 | ---- | M] () -- C:\anti-malware.bmp
[2010-07-12 12:10:49 | 000,000,647 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Pulpit\KMPlayer.lnk
[2010-07-11 23:06:21 | 000,029,184 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-07-08 20:11:45 | 000,075,120 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-07-08 18:38:35 | 000,282,928 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-07-06 23:05:36 | 000,001,586 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Medal of Honor™ MP Beta.lnk
[2010-07-06 11:40:48 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-07-05 12:59:34 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2010-07-05 10:28:15 | 000,000,128 | ---- | M] () -- C:\Documents and Settings\Krzysiek\default.pls
[2010-07-04 23:47:30 | 002,115,778 | -H-- | M] () -- C:\Documents and Settings\Krzysiek\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-07-03 19:22:15 | 001,603,052 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\tapetka3.2.png
[2010-07-03 17:28:35 | 000,841,061 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\tapetka2.jpg
[2010-07-02 22:44:28 | 000,280,605 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\bez_nazwy_;).png
[2010-07-02 14:01:42 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010-07-02 14:01:36 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100716-134218.backup
[2010-07-02 11:26:01 | 000,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat
[2010-07-02 11:26:01 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Pulpit\ZoneAlarm Security.lnk
[2010-07-02 11:25:59 | 000,420,889 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2010-06-29 12:14:09 | 000,002,645 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010-06-28 22:57:33 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\WINDOWS\avastSS.scr
[2010-06-28 22:57:12 | 000,165,032 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010-06-28 22:37:52 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010-06-28 22:37:30 | 000,165,456 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010-06-28 22:33:13 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010-06-28 22:32:45 | 000,100,176 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010-06-28 22:32:42 | 000,094,544 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010-06-28 22:32:33 | 000,017,744 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010-06-28 22:32:16 | 000,028,880 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010-06-25 13:13:04 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2010-06-25 13:13:03 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010-06-25 13:13:03 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010-06-25 13:13:03 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010-06-25 13:13:03 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010-06-25 13:13:03 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010-06-25 13:07:56 | 000,000,793 | ---- | M] () -- C:\WINDOWS\win.ini
[2010-06-25 13:07:56 | 000,000,223 | -HS- | M] () -- C:\boot.ini
[2010-06-24 19:52:49 | 001,260,448 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-06-24 19:52:49 | 000,573,982 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2010-06-24 19:52:49 | 000,510,806 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-06-24 19:52:49 | 000,113,268 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2010-06-24 19:52:49 | 000,091,248 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-06-24 19:37:51 | 000,000,647 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Pulpit\Counter-Strike.lnk
[2010-06-24 19:37:51 | 000,000,602 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Pulpit\Half-Life.lnk
[2010-06-23 21:14:58 | 000,408,553 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100701-222447.backup
[2010-06-23 19:43:18 | 000,025,600 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\Book97.doc
[2010-06-23 17:23:05 | 000,031,674 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\skanowanie0001_1.htm
[2010-06-23 17:22:29 | 000,031,672 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\skanowanie0001.htm
[2010-06-22 19:29:19 | 000,000,589 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Black & White 2.lnk
[2010-06-20 18:51:25 | 000,408,427 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100623-211458.backup
[2010-06-18 19:35:47 | 000,000,751 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Medieval II Total War.lnk
[2010-06-17 19:30:36 | 000,099,814 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\fce.jpg
[2010-06-14 18:12:06 | 000,404,365 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100620-185125.backup
[2010-06-14 14:55:58 | 000,001,700 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\avast! Free Antivirus.lnk
[2010-06-12 18:48:23 | 000,000,848 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\SPORE™.lnk
[2010-06-11 19:47:33 | 000,000,519 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\AIMP2.lnk
[2010-06-11 18:28:27 | 000,000,879 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\TeamViewer 5.lnk
[2010-06-10 17:47:29 | 000,000,767 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Pulpit\EVEREST Home Edition.lnk
[2010-06-10 13:39:32 | 000,000,670 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Pulpit\Cheat Engine.lnk
[2010-06-09 20:52:45 | 000,127,587 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\screen.jpg
[2010-06-04 22:19:31 | 000,000,779 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Borderlands.lnk
[2010-06-04 16:01:38 | 000,000,025 | ---- | M] () -- C:\WINDOWS\libem.INI
[2010-06-04 16:01:16 | 000,000,695 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Pulpit\FlashGet 3.5.lnk
[2010-06-03 18:28:10 | 000,000,509 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Pulpit\MoorHunt.lnk
[2010-05-27 22:26:25 | 000,001,855 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nokia Software Updater.lnk
[2010-05-23 16:53:57 | 002,940,928 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\CHOROBY sss.ppt
[2010-05-18 14:04:27 | 000,001,687 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Battlefield Bad Company 2.lnk
[2010-05-17 15:45:15 | 000,000,619 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Pulpit\Zeus and Posejdon.lnk

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-07-12 23:11:25 | 000,815,104 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010-07-12 23:11:25 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010-07-12 23:11:25 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\xvid.ax
[2010-07-12 20:01:21 | 000,000,147 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Pulpit\FIX.reg
[2010-07-12 13:51:04 | 001,350,102 | ---- | C] () -- C:\anti-malware.bmp
[2010-07-08 20:16:40 | 000,001,040 | ---- | C] () -- C:\WINDOWS\System32\secustat.dat
[2010-07-06 23:05:36 | 000,001,586 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Medal of Honor™ MP Beta.lnk
[2010-07-06 22:57:31 | 000,005,579 | ---- | C] () -- C:\WINDOWS\System32\secushr.dat
[2010-07-03 19:19:53 | 001,603,052 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\tapetka3.2.png
[2010-07-03 17:27:29 | 000,841,061 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\tapetka2.jpg
[2010-07-02 22:44:09 | 000,280,605 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\bez_nazwy_;).png
[2010-07-02 13:56:12 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010-07-02 13:56:11 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010-07-02 11:26:01 | 000,000,731 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Pulpit\ZoneAlarm Security.lnk
[2010-06-24 19:37:51 | 000,000,647 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Pulpit\Counter-Strike.lnk
[2010-06-24 19:37:51 | 000,000,602 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Pulpit\Half-Life.lnk
[2010-06-23 19:43:15 | 000,025,600 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\Book97.doc
[2010-06-23 17:23:03 | 000,031,674 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\skanowanie0001_1.htm
[2010-06-23 17:22:26 | 000,031,672 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\skanowanie0001.htm
[2010-06-22 19:29:19 | 000,000,589 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Black & White 2.lnk
[2010-06-18 19:35:47 | 000,000,751 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Medieval II Total War.lnk
[2010-06-17 19:30:29 | 000,099,814 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\fce.jpg
[2010-06-14 14:55:58 | 000,001,700 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\avast! Free Antivirus.lnk
[2010-06-12 18:48:23 | 000,000,848 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\SPORE™.lnk
[2010-06-11 18:28:27 | 000,000,879 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\TeamViewer 5.lnk
[2010-06-10 17:47:29 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Pulpit\EVEREST Home Edition.lnk
[2010-06-10 13:39:32 | 000,000,670 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Pulpit\Cheat Engine.lnk
[2010-06-10 13:39:30 | 001,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll
[2010-06-09 20:52:31 | 000,127,587 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\screen.jpg
[2010-06-04 22:19:31 | 000,000,779 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Borderlands.lnk
[2010-06-04 16:01:38 | 000,000,025 | ---- | C] () -- C:\WINDOWS\libem.INI
[2010-06-04 16:01:16 | 000,000,695 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Pulpit\FlashGet 3.5.lnk
[2010-05-23 16:52:16 | 002,940,928 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\CHOROBY sss.ppt
[2010-05-18 14:44:06 | 000,009,046 | ---- | C] () -- C:\WINDOWS\System32\nvinfo.pb
[2010-05-18 14:44:04 | 002,183,470 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2010-05-18 14:04:27 | 000,001,687 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Battlefield Bad Company 2.lnk
[2010-04-10 16:18:56 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2010-01-10 16:49:31 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009-12-31 15:21:32 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-12-07 23:18:07 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.INI
[2009-11-21 16:29:14 | 000,010,496 | ---- | C] () -- C:\WINDOWS\System32\ATKOSDMini.DLL
[2009-11-21 16:29:14 | 000,000,018 | ---- | C] () -- C:\WINDOWS\System32\atkid.ini
[2009-11-21 16:29:13 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\asrussian.dll
[2009-11-21 16:29:13 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\asgerman.dll
[2009-11-21 16:29:13 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\askorean.dll
[2009-11-21 16:29:13 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\asjapan.dll
[2009-11-21 16:29:12 | 000,046,592 | ---- | C] () -- C:\WINDOWS\System32\asfrench.dll
[2009-11-21 16:29:12 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\aseng.dll
[2009-11-21 16:29:12 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\ASCHT.dll
[2009-11-21 16:29:12 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\aschs.dll
[2009-11-21 14:39:56 | 000,137,256 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009-11-21 14:39:32 | 000,000,309 | ---- | C] () -- C:\WINDOWS\game.ini
[2009-11-21 13:44:59 | 000,796,048 | ---- | C] () -- C:\WINDOWS\System32\libeay32_0.9.6l.dll
[2009-11-21 13:36:02 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009-11-21 13:36:01 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009-11-21 13:36:01 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009-11-21 00:08:55 | 000,014,277 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2009-11-21 00:08:55 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2009-11-21 00:08:48 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2007-06-28 18:43:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2003-04-08 12:40:22 | 000,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

[color=#E56717]========== LOP Check ==========[/color]

[2010-06-14 14:55:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2010-05-19 19:01:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts
[2010-05-27 22:25:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations
[2009-11-21 13:45:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MailFrontier
[2010-03-29 20:12:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia
[2010-03-29 19:35:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NokiaMusic
[2009-11-22 14:35:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2010-03-29 20:50:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OviInstallerCache
[2010-03-29 20:10:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
[2010-06-26 22:24:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PMB Files
[2010-07-12 23:19:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2009-11-21 14:13:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TuneUp Software
[2010-03-06 15:14:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ubisoft
[2010-01-30 18:38:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{402F10B9-711E-4EF4-BC0E-AFE669ACC04C}
[2010-07-15 21:55:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\AIMP
[2010-07-16 13:46:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\BITS
[2009-12-09 17:06:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Broad Intelligence
[2010-03-20 16:22:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\COWON
[2009-12-19 21:07:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Dev-Cpp
[2009-11-21 13:44:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Dual Vibration Game pad
[2009-11-21 13:44:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Dual Vibration Gamepad
[2010-06-09 16:30:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\DVDVideoSoftIEHelpers
[2009-12-06 20:53:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\FileZilla
[2010-06-04 16:01:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\FlashGet
[2009-12-06 22:19:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Free Mp3 Wma Ogg Converter
[2009-11-21 13:35:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Gadu-Gadu
[2009-11-21 14:23:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Gadu-Gadu 10
[2009-12-19 15:28:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Leadertech
[2010-04-06 20:52:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mp3tag
[2010-03-29 20:58:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Nokia
[2010-06-22 22:00:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Nowe Gadu-Gadu
[2009-11-22 14:34:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\OpenFM
[2010-03-30 14:19:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\PC Suite
[2010-01-07 21:45:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\SoundSpectrum
[2010-06-12 19:00:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\SPORE
[2010-06-11 18:50:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\TeamViewer
[2009-11-24 21:45:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\TigerPlayer
[2009-11-21 14:13:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\TuneUp Software
[2010-03-06 15:14:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Ubisoft
[2009-11-21 14:35:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\URSoft
[2010-07-16 13:00:00 | 000,000,482 | ---- | M] () -- C:\WINDOWS\Tasks\1-Click Maintenance.job

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2010-07-12 13:51:04 | 001,350,102 | ---- | M] () -- C:\anti-malware.bmp
[2009-11-20 23:43:08 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010-06-25 13:07:56 | 000,000,223 | -HS- | M] () -- C:\boot.ini
[2001-07-22 00:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2009-11-20 23:43:08 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2009-11-20 23:43:08 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2009-11-20 23:43:08 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008-04-13 22:13:04 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008-04-14 00:02:00 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2010-07-16 12:22:59 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\system32\DRIVERS\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2001-08-17 23:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\ERDNT\cache\beep.sys
[2001-08-17 23:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2001-08-17 23:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ERDNT\cache\ndis.sys
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 368 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:B3D74A13
@Alternate Data Stream - 158 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:ECF54A0E
< End of report >
[/log]

RSIT
[log]Logfile of random's system information tool 1.08 (written by random/random)
Run by Krzysiek at 2010-07-16 13:44:54
Microsoft Windows XP Professional Dodatek Service Pack 3
System drive C: has 31 GB (66%) free of 46 GB
Total RAM: 2047 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:45:43, on 2010-07-16
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ATKKBService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\A4Tech\Mouse\Amoumain.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
E:\Programy\M-KbdDrv.exe
C:\WINDOWS\RTHDCPL.EXE
E:\Programy\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
E:\Programy\Nowe Gadu-Gadu\gg.exe
E:\Programy\Nowe Gadu-Gadu\spellchecker_gg.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
D:\Download\RSIT.exe
C:\Program Files\trend micro\Krzysiek.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://adclick.hit.gemius.pl/hitredir/id=cohAhEs7a7LzBVb1y957B6dzrqxU_U8zTiwAeZ1L7O7.r7/stparam=ohdggqdfbg/sarg=00000005801E4EF4/fastid=1297036692683035469/url=http://ad.pl.doubleclick.net/click;h=v2|3B9D|0|0|%2a|u;218826783;0-0;0;41766982;31-1|1;33769888|33787766|1;;%3fhttp://nieplaczatv.dialogmedia.pl/kontakt,krok-start,1,1.html?iK=62
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
F2 - REG:system.ini: Shell=
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - E:\Programy\BitComet\tools\BitCometBHO_1.3.7.16.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\Programy\SPYBOT~1\SDHelper.dll
O2 - BHO: FlashGetBHO - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Krzysiek\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [MutlimediaKbdDriver] E:\Programy\M-KbdDrv.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] E:\Programy\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Download all by FlashGet3 - E:\Programy\FlashGet universal\FlashGet\GetAllUrl.htm
O8 - Extra context menu item: Download by FlashGet3 - E:\Programy\FlashGet universal\FlashGet\GetUrl.htm
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Pobierz wszystkie VIdeo za pomocą BitComet - res://E:\Programy\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Pobierz wszystko za pomocą BitComet - res://E:\Programy\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Pobierz za pomocą BitComet - res://E:\Programy\BitComet\BitComet.exe/AddLink.htm
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://E:\Programy\BitComet\tools\BitCometBHO_1.3.7.16.dll/206 (file missing)
O9 - Extra button: Pokaż lub ukryj HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\Programy\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\Programy\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 8320 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\1-Click Maintenance.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - E:\Programy\BitComet\tools\BitCometBHO_1.3.7.16.dll [2009-07-16 664888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - E:\Programy\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0}]
FlashGetBHO

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-02-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-02-09 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}]
IEPluginBHO Class - C:\Documents and Settings\Krzysiek\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll [2009-10-28 42088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-06-28 2837864]
"WheelMouse"=C:\Program Files\A4Tech\Mouse\Amoumain.exe [2007-05-15 204800]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-03-21 16126464]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-04-03 110696]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-04-03 13670504]
"MutlimediaKbdDriver"=E:\Programy\M-KbdDrv.exe [2007-04-18 1617920]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2010-06-23 1043968]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"=E:\Programy\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoBandCustomize"=0
"NoMovingBands"=0
"NoCloseDragDropBands"=0
"NoDriveAutoRun"=67108863
"NoDrives"=0
"NoActiveDesktop"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"E:\Programy\BitComet\BitComet.exe"="E:\Programy\BitComet\BitComet.exe:*:Enabled:BitComet.exe"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"E:\Gry\Crysis\Bin32\Crysis.exe"="E:\Gry\Crysis\Bin32\Crysis.exe:*:Enabled:Crysis_32"
"E:\Gry\Crysis\Bin32\CrysisDedicatedServer.exe"="E:\Gry\Crysis\Bin32\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"E:\Gry\Ubisoft\Far Cry 2\bin\FarCry2.exe"="E:\Gry\Ubisoft\Far Cry 2\bin\FarCry2.exe:*:Enabled:Far Cry 2"
"E:\Gry\Ubisoft\Far Cry 2\bin\FC2Launcher.exe"="E:\Gry\Ubisoft\Far Cry 2\bin\FC2Launcher.exe:*:Enabled:Far Cry 2 Updater"
"E:\Gry\Ubisoft\Far Cry 2\bin\FC2Editor.exe"="E:\Gry\Ubisoft\Far Cry 2\bin\FC2Editor.exe:*:Enabled:Editor"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe"="C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe"
"C:\Program Files\HP\HP Software Update\hpwucli.exe"="C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe"
"C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe"="C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe"
"E:\Gry\Steam\Steam.exe"="E:\Gry\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe"="C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher"
"E:\Gry\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe"="E:\Gry\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe:*:Enabled:Assassin's Creed II"
"E:\Gry\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe"="E:\Gry\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe:*:Enabled:Assassin's Creed II Update"
"E:\Gry\Ubisoft\Assassin's Creed II\UPlayBrowser.exe"="E:\Gry\Ubisoft\Assassin's Creed II\UPlayBrowser.exe:*:Enabled:Assassin's Creed II Uplay"
"E:\Gry\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe"="E:\Gry\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2"
"E:\Gry\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="E:\Gry\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"E:\Programy\FlashGet universal\FlashGet\FlashGet3.exe"="E:\Programy\FlashGet universal\FlashGet\FlashGet3.exe:*:Enabled:Flashget3"
"C:\Program Files\TeamViewer\Version5\TeamViewer.exe"="C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"C:\WINDOWS\system32\ZoneLabs\vsmon.exe"="C:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:vsmon"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"E:\Gry\Medal of Honor Beta Multi Game\MoHMPUpdater.exe"="E:\Gry\Medal of Honor Beta Multi Game\MoHMPUpdater.exe:*:Enabled:Medal of Honor™ MP Beta"
"E:\Gry\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe"="E:\Gry\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe:*:Enabled:Call of Duty: Modern Warfare 2 - Multiplayer"
"E:\Gry\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe"="E:\Gry\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe:*:Enabled:Call of Duty: Modern Warfare 2"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe"="C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe"
"C:\Program Files\HP\HP Software Update\hpwucli.exe"="C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe"
"C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe"="C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"

======List of files/folders created in the last 1 months======

2010-07-16 13:44:55 ----D---- C:\Program Files\trend micro
2010-07-16 13:44:54 ----D---- C:\rsit
2010-07-12 23:11:25 ----D---- C:\Program Files\Xvid
2010-07-12 23:11:25 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2010-07-12 23:11:25 ----A---- C:\WINDOWS\system32\xvidcore.dll
2010-07-12 23:11:24 ----D---- C:\Program Files\FDRLab
2010-07-12 13:19:01 ----D---- C:\Documents and Settings\Krzysiek\Dane aplikacji\Malwarebytes
2010-07-12 13:18:54 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
2010-07-02 14:41:00 ----D---- C:\WINDOWS\$regcmp$
2010-07-02 14:35:13 ----D---- C:\Program Files\SmartPCTools
2010-07-02 14:34:40 ----D---- C:\Documents and Settings\Krzysiek\Dane aplikacji\BITS
2010-07-02 14:13:14 ----SHD---- C:\RECYCLER
2010-07-02 14:10:30 ----A---- C:\WINDOWS\UPGRADE.TXT
2010-07-02 13:56:12 ----A---- C:\WINDOWS\MBR.exe
2010-07-02 13:56:11 ----A---- C:\WINDOWS\PEV.exe
2010-07-02 13:56:03 ----D---- C:\WINDOWS\ERDNT
2010-06-26 18:13:57 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\PMB Files
2010-06-25 12:47:50 ----D---- C:\WINDOWS\pss
2010-06-18 19:13:18 ----A---- C:\WINDOWS\IsUn0415.exe

======List of files/folders modified in the last 1 months======

2010-07-16 13:45:35 ----D---- C:\WINDOWS\Internet Logs
2010-07-16 13:44:55 ----RD---- C:\Program Files
2010-07-16 13:42:18 ----D---- C:\WINDOWS\system32\drivers\etc
2010-07-16 12:38:19 ----D---- C:\WINDOWS\Temp
2010-07-16 12:23:11 ----D---- C:\WINDOWS\system32\CatRoot2
2010-07-15 23:19:18 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-07-15 21:55:21 ----D---- C:\Documents and Settings\Krzysiek\Dane aplikacji\AIMP
2010-07-15 18:33:25 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2010-07-14 00:22:02 ----D---- C:\Documents and Settings\Krzysiek\Dane aplikacji\HPAppData
2010-07-12 23:44:43 ----A---- C:\WINDOWS\NeroDigital.ini
2010-07-12 23:19:01 ----AD---- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
2010-07-12 23:13:15 ----D---- C:\WINDOWS\system32
2010-07-12 23:13:09 ----D---- C:\WINDOWS\Prefetch
2010-07-12 20:02:56 ----D---- C:\WINDOWS\system32\drivers
2010-07-07 10:35:42 ----D---- C:\WINDOWS
2010-07-06 23:05:37 ----SHD---- C:\WINDOWS\Installer
2010-07-06 23:05:36 ----D---- C:\Config.Msi
2010-07-06 23:04:30 ----D---- C:\WINDOWS\system32\DirectX
2010-07-06 23:04:28 ----HD---- C:\WINDOWS\inf
2010-07-06 23:04:03 ----RSD---- C:\WINDOWS\assembly
2010-07-06 13:47:48 ----SHD---- C:\System Volume Information
2010-07-06 13:47:48 ----D---- C:\WINDOWS\system32\Restore
2010-07-05 13:01:39 ----D---- C:\Documents and Settings\Krzysiek\Dane aplikacji\Skype
2010-07-05 12:59:43 ----D---- C:\Documents and Settings\Krzysiek\Dane aplikacji\skypePM
2010-07-02 14:43:15 ----D---- C:\WINDOWS\system32\config
2010-07-02 14:18:09 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-07-02 14:13:29 ----D---- C:\Program Files\Mozilla Firefox
2010-07-02 14:13:29 ----D---- C:\Program Files\Cheat Engine
2010-07-02 14:11:30 ----SD---- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft
2010-07-02 14:01:42 ----A---- C:\WINDOWS\system.ini
2010-07-02 13:59:22 ----D---- C:\WINDOWS\AppPatch
2010-07-02 13:59:19 ----D---- C:\Program Files\Common Files
2010-07-02 12:13:40 ----D---- C:\WINDOWS\system32\ZoneLabs
2010-06-28 22:57:12 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-06-25 18:10:13 ----D---- C:\WINDOWS\Microsoft.NET
2010-06-25 13:13:03 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2010-06-25 13:07:56 ----SH---- C:\boot.ini
2010-06-25 13:07:56 ----A---- C:\WINDOWS\win.ini
2010-06-24 19:52:49 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-06-24 19:52:38 ----D---- C:\WINDOWS\WinSxS
2010-06-24 19:50:35 ----D---- C:\WINDOWS\system32\en-us
2010-06-24 19:50:23 ----D---- C:\Program Files\Microsoft.NET
2010-06-23 13:51:22 ----A---- C:\WINDOWS\system32\zpeng25.dll
2010-06-23 13:51:20 ----A---- C:\WINDOWS\system32\zlcommdb.dll
2010-06-23 13:51:20 ----A---- C:\WINDOWS\system32\zlcomm.dll
2010-06-23 13:51:20 ----A---- C:\WINDOWS\system32\vsxml.dll
2010-06-23 13:51:20 ----A---- C:\WINDOWS\system32\vswmi.dll
2010-06-23 13:51:18 ----A---- C:\WINDOWS\system32\vsutil.dll
2010-06-23 13:51:18 ----A---- C:\WINDOWS\system32\vsregexp.dll
2010-06-23 13:51:18 ----A---- C:\WINDOWS\system32\vspubapi.dll
2010-06-23 13:51:18 ----A---- C:\WINDOWS\system32\vsmonapi.dll
2010-06-23 13:51:18 ----A---- C:\WINDOWS\system32\vsinit.dll
2010-06-23 13:51:18 ----A---- C:\WINDOWS\system32\vsdata.dll
2010-06-22 22:00:31 ----D---- C:\Documents and Settings\Krzysiek\Dane aplikacji\Nowe Gadu-Gadu
2010-06-22 19:25:28 ----HD---- C:\Program Files\InstallShield Installation Information
2010-06-18 16:52:04 ----A---- C:\WINDOWS\resetlog.txt

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 a347bus;a347bus; C:\WINDOWS\system32\DRIVERS\a347bus.sys [2004-04-30 160640]
R0 a347scsi;a347scsi; C:\WINDOWS\System32\Drivers\a347scsi.sys [2004-04-30 5248]
R0 mv61xx;mv61xx; C:\WINDOWS\system32\DRIVERS\mv61xx.sys [2007-05-25 137728]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-05-17 50176]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2005-05-16 19968]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-15 76544]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-06-28 28880]
R1 Amfilter;A4Tech Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\Amfilter.sys [2007-05-14 9216]
R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2005-10-18 11008]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-06-28 165456]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-06-28 46672]
R1 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys []
R1 intelppm;Sterownik procesora Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448]
R1 kbdhid;Sterownik klawiatury HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2010-05-13 532224]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-06-28 17744]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-06-28 100176]
R3 Amusbprt;A4Tech HID-compliant Mouse Driver; C:\WINDOWS\system32\DRIVERS\Amusbprt.sys [2007-05-14 14336]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-06-28 23376]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller; C:\WINDOWS\system32\DRIVERS\atl01_xp.sys [2007-03-15 38656]
R3 HDAudBus;Sterownik magistrali Microsoft UAA dla High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-03-26 4395008]
R3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-26 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-04-04 10232128]
R3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbstor;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S0 srescan;srescan; C:\WINDOWS\system32\ZoneLabs\srescan.sys []
S1 KLIF;KLIF; C:\WINDOWS\system32\DRIVERS\klif.sys []
S3 cpuz130;cpuz130; \??\C:\DOCUME~1\Krzysiek\USTAWI~1\Temp\cpuz130\cpuz_x32.sys []
S3 EagleNT;EagleNT; \??\C:\DOCUME~1\Krzysiek\USTAWI~1\Temp\EagleNT.sys []
S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2009-12-09 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2009-12-09 25512]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2008-04-16 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2008-04-16 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2008-04-16 21568]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2010-02-26 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2010-02-26 8320]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbprint;Klasa PRINTER USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Sterownik skanera USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 Video3D;ASUS Video3D Service; C:\WINDOWS\System32\Drivers\Video3D32.sys []
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2006-09-22 241664]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R2 hpqddsvc;Usługa HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-02-09 153376]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-04-03 154216]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2010-06-23 2435592]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-01-30 75064]
S2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2010-07-15 218808]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
S3 getPlusHelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-03 779824]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-04-27 611840]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-11-21 354560]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------
[/log]

Tomek01
komentarz
komentarz

Wiele tu nie widać do usunięcia.

Zastosuj [b][color=#0000CD][url=http://download.bleepingcomputer.com//sUBs/Flash_Disinfector.exe]Flash Disinfector[/url][/color][/b], najlepiej z podpiętym pendrive'm.

Pobierz [b][url=http://www.instalki.pl/programy/download/antyspyware/get.php?file=avenger]Avenger[/url][/b]
W polu input script here wklej taki tekst :


[code]Files to delete:
C:\WINDOWS\System32\secustat.dat
C:\WINDOWS\System32\secushr.dat

Folders to delete:
C:\Program Files\Conduit[/code]

Klikasz execute, komputer uruchamia się ponownie.

Wrzuć raport, który powstanie i nowy OTL.

bezimienny
komentarz
komentarz

Avenger
[log]Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!

File "C:\WINDOWS\System32\secustat.dat" deleted successfully.
File "C:\WINDOWS\System32\secushr.dat" deleted successfully.
Folder "C:\Program Files\Conduit" deleted successfully.

Completed script processing.

*******************

Finished! Terminate.
[/log]

wyskoczył jakiś error po reboocie - "Nie znaleziono dysku" i szybko zniknął

OTL
[log]OTL logfile created on: 2010-07-18 16:27:31 - Run 2
OTL by OldTimer - Version 3.2.9.0 Folder = D:\Download
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 64,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 93,00% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 45,31 Gb Total Space | 30,50 Gb Free Space | 67,32% Space Free | Partition Type: NTFS
Drive D: | 50,01 Gb Total Space | 10,29 Gb Free Space | 20,58% Space Free | Partition Type: NTFS
Drive E: | 202,77 Gb Total Space | 119,51 Gb Free Space | 58,94% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PRYWATNY
Current User Name: Krzysiek
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-07-18 15:30:46 | 000,218,808 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.exe
PRC - [2010-07-10 16:14:07 | 000,574,976 | ---- | M] (OldTimer Tools) -- D:\Download\OTL.exe
PRC - [2010-06-28 22:57:18 | 002,837,864 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010-06-28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010-06-27 16:55:19 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010-06-27 16:55:19 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010-06-23 13:52:56 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe
PRC - [2010-06-23 13:51:30 | 001,043,968 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2010-06-05 18:26:10 | 001,262,080 | ---- | M] (AIMP DevTeam) -- E:\Programy\AIMP2\AIMP2.exe
PRC - [2010-04-03 19:23:16 | 000,154,216 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2010-02-09 17:52:15 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2010-01-30 13:53:51 | 000,075,064 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe
PRC - [2009-03-05 17:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- E:\Programy\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008-04-14 22:51:52 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-14 22:51:50 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe
PRC - [2008-04-14 22:51:44 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2008-04-14 22:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [WUDFSERVICEGROUP]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPZ12]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPZ12]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPDEVMGMT]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-14 22:51:40 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008-04-14 22:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 22:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 22:51:04 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2007-05-15 11:33:30 | 000,204,800 | ---- | M] (A4Tech Co.,Ltd.) -- C:\Program Files\A4Tech\Mouse\Amoumain.exe
PRC - [2007-04-18 20:57:48 | 001,617,920 | ---- | M] () -- E:\Programy\M-KbdDrv.exe
PRC - [2007-03-21 08:49:20 | 016,126,464 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe
PRC - [2006-09-22 11:58:12 | 000,241,664 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\ATKKBService.exe
PRC - [2003-06-20 00:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-07-10 16:14:07 | 000,574,976 | ---- | M] (OldTimer Tools) -- D:\Download\OTL.exe
MOD - [2008-04-14 22:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 22:50:58 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2008-04-14 22:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 22:50:58 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-14 22:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 22:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 22:50:48 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2008-04-14 22:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 22:50:48 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2008-04-14 22:50:46 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2008-04-14 22:50:46 | 000,584,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2008-04-14 22:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 22:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 22:50:46 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2008-04-14 22:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 22:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 22:50:36 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2008-04-14 22:50:32 | 000,285,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-04-14 22:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-14 22:50:16 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2008-04-14 22:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-14 22:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2008-04-14 22:50:00 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2008-04-14 22:49:16 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2008-04-14 22:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008-04-14 22:29:10 | 001,054,208 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
MOD - [2007-05-15 11:31:52 | 000,036,864 | ---- | M] (A4Tech Co.,Ltd.) -- C:\WINDOWS\system32\Amhooker.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2010-06-28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010-06-28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010-06-28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010-06-23 13:52:56 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2010-04-27 13:43:48 | 000,611,840 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010-03-18 16:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe -- (aspnet_state)
SRV - [2010-03-18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-03-18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2010-02-19 20:30:16 | 000,067,360 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R)
SRV - [2009-11-21 14:13:30 | 000,354,560 | ---- | M] (TuneUp Software GmbH) [On_Demand | Stopped] -- C:\WINDOWS\system32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2008-04-04 15:51:32 | 000,028,416 | ---- | M] (TuneUp Software GmbH) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2006-09-22 11:58:12 | 000,241,664 | ---- | M] (ASUSTeK COMPUTER INC.) [Auto | Running] -- C:\WINDOWS\ATKKBService.exe -- (ATKKeyboardService)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\Video3D32.sys -- (Video3D)
DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\ZoneLabs\srescan.sys -- (srescan)
DRV - File not found [File_System | System | Stopped] -- C:\WINDOWS\System32\DRIVERS\klif.sys -- (KLIF)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Krzysiek\USTAWI~1\Temp\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Krzysiek\USTAWI~1\Temp\cpuz130\cpuz_x32.sys -- (cpuz130)
DRV - [2010-07-18 13:21:41 | 000,137,256 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PnkBstrK.sys -- (PnkBstrK)
DRV - [2010-06-28 22:37:52 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010-06-28 22:37:30 | 000,165,456 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010-06-28 22:33:13 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010-06-28 22:32:45 | 000,100,176 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010-06-28 22:32:33 | 000,017,744 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010-06-28 22:32:16 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010-05-13 10:02:32 | 000,532,224 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2010-04-04 00:55:31 | 010,232,128 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2010-02-26 14:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010-02-26 14:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010-02-26 14:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010-02-26 14:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010-02-26 14:21:22 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2010-02-26 14:21:22 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2009-12-09 19:03:03 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2009-12-09 19:03:03 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)
DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008-04-13 22:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007-07-12 11:03:38 | 000,012,288 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\EIO.sys -- (EIO)
DRV - [2007-05-25 05:35:32 | 000,137,728 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\mv61xx.sys -- (mv61xx)
DRV - [2007-05-14 23:41:46 | 000,014,336 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Amusbprt.sys -- (Amusbprt)
DRV - [2007-05-14 23:38:22 | 000,009,216 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Amfilter.sys -- (Amfilter)
DRV - [2007-03-26 13:21:06 | 004,395,008 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007-03-15 08:12:02 | 000,038,656 | R--- | M] (Attansic Technology corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atl01_xp.sys -- (AtcL001)
DRV - [2005-10-18 16:01:00 | 000,011,008 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\atkkbnt.sys -- (asuskbnt)
DRV - [2005-05-17 14:48:21 | 000,050,176 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005-05-16 15:23:38 | 000,019,968 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2005-05-16 15:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2004-08-13 12:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2004-04-30 10:37:02 | 000,160,640 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\a347bus.sys -- (a347bus)
DRV - [2004-04-30 10:33:00 | 000,005,248 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\a347scsi.sys -- (a347scsi)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-436374069-308236825-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.1
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.3
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:3.6.3
FF - prefs.js..extensions.enabledItems: undoclosedtabsbutton@supernova00.biz:3.6.2
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.60
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.2.26
FF - prefs.js..extensions.enabledItems: openmedspel@e-medtools.com:1.0.8
FF - prefs.js..extensions.enabledItems: tineye@ideeinc.com:1.0
FF - prefs.js..extensions.enabledItems: turntoolviewer@turntool.com:2.9.5.9
FF - prefs.js..extensions.enabledItems: {DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}:1.0
FF - prefs.js..extensions.enabledItems: illimitux@illimitux.net:4.0
FF - prefs.js..extensions.enabledItems: nasanightlaunch@example.com:0.6.20100705
FF - prefs.js..extensions.enabledItems: {5c8bfb7c-9a54-11dc-8314-0800200c9a66}:3.6.3
FF - prefs.js..network.proxy.http: "202.153.41.211"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.type: 0


FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-02-05 19:21:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010-03-30 14:08:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-06-27 16:55:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-06-27 16:55:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010-03-30 14:08:30 | 000,000,000 | ---D | M]

[2009-11-21 13:59:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Extensions
[2010-07-17 19:41:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions
[2010-02-10 18:55:33 | 000,000,000 | ---D | M] (Aero Fox) -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}
[2010-04-13 18:57:48 | 000,000,000 | ---D | M] (ReloadEvery) -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}
[2010-07-10 22:50:37 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010-06-04 16:02:08 | 000,000,000 | ---D | M] (flashget3 Extension) -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}
[2010-02-19 00:23:19 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010-01-22 22:49:20 | 000,000,000 | ---D | M] (FoxTab) -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2010-07-13 19:05:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\illimitux@illimitux.net
[2010-07-10 22:50:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\nasanightlaunch@example.com
[2010-04-09 20:18:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\openmedspel@e-medtools.com
[2010-07-01 18:54:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\tineye@ideeinc.com
[2010-05-26 20:59:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\turntoolviewer@turntool.com
[2010-02-10 14:12:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\undoclosedtabsbutton@supernova00.biz
[2010-02-10 18:55:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\mac\browser\extensions
[2010-02-10 18:55:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\mac\mozapps\extensions
[2010-02-10 18:55:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\win\browser\extensions
[2010-02-10 18:55:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\win\mozapps\extensions
[2009-12-05 22:47:12 | 000,005,609 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\searchplugins\nonsensopedia-pl.xml
[2010-01-05 23:31:59 | 000,001,738 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\searchplugins\wyszukiwanie-filmw-wideo-w-youtube.xml
[2010-07-17 19:41:36 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009-07-17 10:40:12 | 000,704,512 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2010-02-09 19:50:44 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-02-09 19:50:44 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-02-09 19:50:44 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-02-09 19:50:44 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-02-09 19:50:44 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-02-09 19:50:44 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2010-07-16 13:42:18 | 000,411,385 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 14242 more lines...
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - E:\Programy\BitComet\tools\BitCometBHO_1.3.7.16.dll (BitComet)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - E:\Programy\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - No CLSID value found.
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Krzysiek\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [MutlimediaKbdDriver] E:\Programy\M-KbdDrv.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe (A4Tech Co.,Ltd.)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKU\S-1-5-21-436374069-308236825-1801674531-1003..\Run: [SpybotSD TeaTimer] E:\Programy\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoMovingBands = 0
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCloseDragDropBands = 0
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarsOnTaskbar = 0
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 0
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = 0
O8 - Extra context menu item: Download all by FlashGet3 - E:\Programy\FlashGet universal\FlashGet\GetAllUrl.htm ()
O8 - Extra context menu item: Download by FlashGet3 - E:\Programy\FlashGet universal\FlashGet\GetUrl.htm ()
O8 - Extra context menu item: Pobierz wszystkie VIdeo za pomocą BitComet - E:\Programy\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Pobierz wszystko za pomocą BitComet - E:\Programy\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Pobierz za pomocą BitComet - E:\Programy\BitComet\BitComet.exe (www.BitComet.com)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - E:\Programy\BitComet\tools\BitCometBHO_1.3.7.16.dll (BitComet)
O9 - Extra Button: Pokaż lub ukryj HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\Programy\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 88.156.96.61 82.139.8.7 88.156.63.9
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Krzysiek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Krzysiek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-11-20 23:43:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010-07-18 16:03:09 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-07-18 16:03:10 | 000,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-07-18 16:03:10 | 000,000,000 | RHSD | M] - E:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software GmbH)
NetSvcs: WmdmPmSp - File not found

MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: vsmon - C:\WINDOWS\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-07-18 16:04:58 | 000,000,000 | ---D | C] -- C:\Avenger
[2010-07-18 16:03:09 | 000,000,000 | RHSD | C] -- C:\autorun.inf
[2010-07-16 13:44:55 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010-07-16 13:44:54 | 000,000,000 | ---D | C] -- C:\rsit
[2010-07-12 23:09:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\dwhelper
[2010-07-12 13:55:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\DoctorWeb
[2010-07-12 13:19:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Malwarebytes
[2010-07-12 13:18:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
[2010-07-06 23:05:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Moje dokumenty\Medal of Honor MP Beta
[2010-07-02 14:41:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\$regcmp$
[2010-07-02 14:35:13 | 000,000,000 | ---D | C] -- C:\Program Files\SmartPCTools
[2010-07-02 14:34:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\BITS
[2010-07-02 14:13:14 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010-07-02 13:56:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010-06-29 12:14:08 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\WINDOWS\avastSS.scr
[2010-06-26 18:14:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Ustawienia lokalne\Dane aplikacji\PMB Files
[2010-06-26 18:13:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\PMB Files
[2010-06-25 12:47:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010-06-23 17:18:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Moje dokumenty\Moje skanowanie
[2010-06-22 20:31:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Moje dokumenty\Black & White 2
[2010-06-18 20:15:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Moje dokumenty\NFS Most Wanted
[2010-06-16 21:55:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Moje dokumenty\Pobieranie
[2010-06-14 14:55:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2010-06-12 18:58:55 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts
[2010-06-11 18:28:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\TeamViewer
[2010-06-11 18:28:22 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer
[2010-06-10 17:47:27 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys
[2010-06-10 13:39:30 | 000,679,936 | ---- | C] (Generated by JEDI) -- C:\WINDOWS\System32\D3DX81ab.dll
[2010-06-10 13:39:28 | 000,000,000 | ---D | C] -- C:\Program Files\Cheat Engine
[2010-06-09 16:30:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\DVDVideoSoftIEHelpers
[2010-06-09 16:30:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Moje dokumenty\DVDVideoSoft
[2010-06-07 20:05:00 | 000,000,000 | ---D | C] -- C:\Program Files\PDF Image Extract Software
[2010-06-04 22:09:27 | 000,000,000 | ---D | C] -- C:\BDS
[2010-06-04 22:07:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\NVIDIA
[2010-06-04 20:54:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Trymedia
[2010-06-04 16:01:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\FlashGet
[2010-05-29 20:02:07 | 000,000,000 | ---D | C] -- C:\Program Files\JustDo
[2010-05-27 22:26:40 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
[2010-05-26 20:59:44 | 000,000,000 | ---D | C] -- C:\Program Files\TurnTool
[2010-05-26 20:59:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Ustawienia lokalne\Dane aplikacji\TurnTool
[2010-05-23 18:51:30 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\SecuROM
[2010-05-19 19:01:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts
[2009-12-11 18:33:34 | 000,160,640 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347bus.sys
[2009-12-11 18:33:34 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347scsi.sys

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-07-18 16:24:39 | 000,001,040 | ---- | M] () -- C:\WINDOWS\System32\secustat.dat
[2010-07-18 16:05:26 | 000,000,482 | ---- | M] () -- C:\WINDOWS\tasks\1-Click Maintenance.job
[2010-07-18 16:05:23 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-07-18 16:05:11 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-07-18 16:04:27 | 010,485,760 | ---- | M] () -- C:\Documents and Settings\Krzysiek\NTUSER.DAT
[2010-07-18 15:30:46 | 000,218,808 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2010-07-18 13:21:41 | 000,137,256 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010-07-16 13:42:18 | 000,411,385 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010-07-14 22:40:35 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Krzysiek\ntuser.ini
[2010-07-13 18:32:16 | 000,276,202 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010-07-12 23:44:43 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010-07-12 20:01:29 | 000,000,147 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Pulpit\FIX.reg
[2010-07-12 13:51:04 | 001,350,102 | ---- | M] () -- C:\anti-malware.bmp
[2010-07-12 12:10:49 | 000,000,647 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Pulpit\KMPlayer.lnk
[2010-07-11 23:06:21 | 000,029,184 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-07-08 20:11:45 | 000,075,120 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-07-08 18:38:35 | 000,282,928 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-07-06 11:40:48 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-07-05 12:59:34 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2010-07-05 10:28:15 | 000,000,128 | ---- | M] () -- C:\Documents and Settings\Krzysiek\default.pls
[2010-07-04 23:47:30 | 002,115,778 | -H-- | M] () -- C:\Documents and Settings\Krzysiek\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-07-03 19:22:15 | 001,603,052 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\tapetka3.2.png
[2010-07-03 17:28:35 | 000,841,061 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\tapetka2.jpg
[2010-07-02 22:44:28 | 000,280,605 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\bez_nazwy_;).png
[2010-07-02 14:01:42 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010-07-02 14:01:36 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100716-134218.backup
[2010-07-02 11:26:01 | 000,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat
[2010-07-02 11:26:01 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Pulpit\ZoneAlarm Security.lnk
[2010-07-02 11:25:59 | 000,420,889 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2010-06-29 12:14:09 | 000,002,645 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010-06-28 22:57:33 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\WINDOWS\avastSS.scr
[2010-06-28 22:57:12 | 000,165,032 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010-06-28 22:37:52 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010-06-28 22:37:30 | 000,165,456 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010-06-28 22:33:13 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010-06-28 22:32:45 | 000,100,176 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010-06-28 22:32:42 | 000,094,544 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010-06-28 22:32:33 | 000,017,744 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010-06-28 22:32:16 | 000,028,880 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010-06-25 13:13:04 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2010-06-25 13:13:03 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010-06-25 13:13:03 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010-06-25 13:13:03 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010-06-25 13:13:03 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010-06-25 13:13:03 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010-06-25 13:07:56 | 000,000,793 | ---- | M] () -- C:\WINDOWS\win.ini
[2010-06-25 13:07:56 | 000,000,223 | -HS- | M] () -- C:\boot.ini
[2010-06-24 19:52:49 | 001,260,448 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-06-24 19:52:49 | 000,573,982 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2010-06-24 19:52:49 | 000,510,806 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-06-24 19:52:49 | 000,113,268 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2010-06-24 19:52:49 | 000,091,248 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-06-24 19:37:51 | 000,000,647 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Pulpit\Counter-Strike.lnk
[2010-06-24 19:37:51 | 000,000,602 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Pulpit\Half-Life.lnk
[2010-06-23 21:14:58 | 000,408,553 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100701-222447.backup
[2010-06-23 19:43:18 | 000,025,600 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\Book97.doc
[2010-06-23 17:23:05 | 000,031,674 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\skanowanie0001_1.htm
[2010-06-23 17:22:29 | 000,031,672 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\skanowanie0001.htm
[2010-06-22 19:29:19 | 000,000,589 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Black & White 2.lnk
[2010-06-20 18:51:25 | 000,408,427 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100623-211458.backup
[2010-06-17 19:30:36 | 000,099,814 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\fce.jpg
[2010-06-14 18:12:06 | 000,404,365 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100620-185125.backup
[2010-06-14 14:55:58 | 000,001,700 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\avast! Free Antivirus.lnk
[2010-06-11 19:47:33 | 000,000,519 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\AIMP2.lnk
[2010-06-11 18:28:27 | 000,000,879 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\TeamViewer 5.lnk
[2010-06-10 17:47:29 | 000,000,767 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Pulpit\EVEREST Home Edition.lnk
[2010-06-10 13:39:32 | 000,000,670 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Pulpit\Cheat Engine.lnk
[2010-06-09 20:52:45 | 000,127,587 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\screen.jpg
[2010-06-04 22:19:31 | 000,000,779 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Borderlands.lnk
[2010-06-04 16:01:38 | 000,000,025 | ---- | M] () -- C:\WINDOWS\libem.INI
[2010-06-04 16:01:16 | 000,000,695 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Pulpit\FlashGet 3.5.lnk
[2010-06-03 18:28:10 | 000,000,509 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Pulpit\MoorHunt.lnk
[2010-05-27 22:26:25 | 000,001,855 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nokia Software Updater.lnk
[2010-05-23 16:53:57 | 002,940,928 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\CHOROBY sss.ppt

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-07-18 16:24:39 | 000,001,040 | ---- | C] () -- C:\WINDOWS\System32\secustat.dat
[2010-07-12 20:01:21 | 000,000,147 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Pulpit\FIX.reg
[2010-07-12 13:51:04 | 001,350,102 | ---- | C] () -- C:\anti-malware.bmp
[2010-07-03 19:19:53 | 001,603,052 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\tapetka3.2.png
[2010-07-03 17:27:29 | 000,841,061 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\tapetka2.jpg
[2010-07-02 22:44:09 | 000,280,605 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\bez_nazwy_;).png
[2010-07-02 13:56:12 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010-07-02 13:56:11 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010-07-02 11:26:01 | 000,000,731 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Pulpit\ZoneAlarm Security.lnk
[2010-06-24 19:37:51 | 000,000,647 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Pulpit\Counter-Strike.lnk
[2010-06-24 19:37:51 | 000,000,602 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Pulpit\Half-Life.lnk
[2010-06-23 19:43:15 | 000,025,600 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\Book97.doc
[2010-06-23 17:23:03 | 000,031,674 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\skanowanie0001_1.htm
[2010-06-23 17:22:26 | 000,031,672 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\skanowanie0001.htm
[2010-06-22 19:29:19 | 000,000,589 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Black & White 2.lnk
[2010-06-17 19:30:29 | 000,099,814 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\fce.jpg
[2010-06-14 14:55:58 | 000,001,700 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\avast! Free Antivirus.lnk
[2010-06-11 18:28:27 | 000,000,879 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\TeamViewer 5.lnk
[2010-06-10 17:47:29 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Pulpit\EVEREST Home Edition.lnk
[2010-06-10 13:39:32 | 000,000,670 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Pulpit\Cheat Engine.lnk
[2010-06-10 13:39:30 | 001,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll
[2010-06-09 20:52:31 | 000,127,587 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\screen.jpg
[2010-06-04 22:19:31 | 000,000,779 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Borderlands.lnk
[2010-06-04 16:01:38 | 000,000,025 | ---- | C] () -- C:\WINDOWS\libem.INI
[2010-06-04 16:01:16 | 000,000,695 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Pulpit\FlashGet 3.5.lnk
[2010-05-23 16:52:16 | 002,940,928 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\CHOROBY sss.ppt
[2010-04-10 16:18:56 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2010-01-10 16:49:31 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009-12-31 15:21:32 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-12-07 23:18:07 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.INI
[2009-11-21 16:29:14 | 000,010,496 | ---- | C] () -- C:\WINDOWS\System32\ATKOSDMini.DLL
[2009-11-21 16:29:14 | 000,000,018 | ---- | C] () -- C:\WINDOWS\System32\atkid.ini
[2009-11-21 16:29:13 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\asrussian.dll
[2009-11-21 16:29:13 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\asgerman.dll
[2009-11-21 16:29:13 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\askorean.dll
[2009-11-21 16:29:13 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\asjapan.dll
[2009-11-21 16:29:12 | 000,046,592 | ---- | C] () -- C:\WINDOWS\System32\asfrench.dll
[2009-11-21 16:29:12 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\aseng.dll
[2009-11-21 16:29:12 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\ASCHT.dll
[2009-11-21 16:29:12 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\aschs.dll
[2009-11-21 14:39:56 | 000,137,256 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009-11-21 14:39:32 | 000,000,309 | ---- | C] () -- C:\WINDOWS\game.ini
[2009-11-21 13:44:59 | 000,796,048 | ---- | C] () -- C:\WINDOWS\System32\libeay32_0.9.6l.dll
[2009-11-21 13:36:02 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009-11-21 13:36:01 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009-11-21 13:36:01 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009-11-21 00:08:55 | 000,014,277 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2009-11-21 00:08:55 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2009-11-21 00:08:48 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2007-06-28 18:43:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2003-04-08 12:40:22 | 000,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

[color=#E56717]========== LOP Check ==========[/color]

[2010-06-14 14:55:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2010-05-19 19:01:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts
[2010-05-27 22:25:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations
[2009-11-21 13:45:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MailFrontier
[2010-03-29 20:12:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia
[2010-03-29 19:35:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NokiaMusic
[2009-11-22 14:35:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2010-03-29 20:50:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OviInstallerCache
[2010-03-29 20:10:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
[2010-06-26 22:24:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PMB Files
[2010-07-17 15:03:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2009-11-21 14:13:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TuneUp Software
[2010-03-06 15:14:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ubisoft
[2010-01-30 18:38:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{402F10B9-711E-4EF4-BC0E-AFE669ACC04C}
[2010-07-18 16:29:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\AIMP
[2010-07-18 16:24:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\BITS
[2009-12-09 17:06:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Broad Intelligence
[2010-03-20 16:22:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\COWON
[2009-12-19 21:07:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Dev-Cpp
[2009-11-21 13:44:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Dual Vibration Game pad
[2009-11-21 13:44:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Dual Vibration Gamepad
[2010-06-09 16:30:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\DVDVideoSoftIEHelpers
[2009-12-06 20:53:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\FileZilla
[2010-06-04 16:01:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\FlashGet
[2009-12-06 22:19:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Free Mp3 Wma Ogg Converter
[2009-11-21 13:35:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Gadu-Gadu
[2009-11-21 14:23:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Gadu-Gadu 10
[2009-12-19 15:28:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Leadertech
[2010-04-06 20:52:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mp3tag
[2010-03-29 20:58:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Nokia
[2010-06-22 22:00:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Nowe Gadu-Gadu
[2009-11-22 14:34:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\OpenFM
[2010-03-30 14:19:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\PC Suite
[2010-01-07 21:45:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\SoundSpectrum
[2010-06-11 18:50:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\TeamViewer
[2009-11-24 21:45:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\TigerPlayer
[2009-11-21 14:13:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\TuneUp Software
[2010-03-06 15:14:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Ubisoft
[2009-11-21 14:35:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\URSoft
[2010-07-18 16:05:26 | 000,000,482 | ---- | M] () -- C:\WINDOWS\Tasks\1-Click Maintenance.job

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2010-07-12 13:51:04 | 001,350,102 | ---- | M] () -- C:\anti-malware.bmp
[2009-11-20 23:43:08 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010-07-18 16:04:58 | 000,001,250 | ---- | M] () -- C:\avenger.txt
[2010-06-25 13:07:56 | 000,000,223 | -HS- | M] () -- C:\boot.ini
[2001-07-22 00:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2009-11-20 23:43:08 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2009-11-20 23:43:08 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2009-11-20 23:43:08 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008-04-13 22:13:04 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008-04-14 00:02:00 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2010-07-18 16:05:07 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\system32\DRIVERS\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2001-08-17 23:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\ERDNT\cache\beep.sys
[2001-08-17 23:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2001-08-17 23:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ERDNT\cache\ndis.sys
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 394 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:B3D74A13
@Alternate Data Stream - 158 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:ECF54A0E
< End of report >
[/log]

Tomek01
komentarz
komentarz

Do OTL wklej:
[code]
:Processes
Explorer.exe

:OTL
@Alternate Data Stream - 394 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:B3D74A13
@Alternate Data Stream - 158 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:ECF54A0E

:Commands
[emptytemp]
[start explorer]
[/code]
Run fix...

Poza tym system wydaje się być czysty od infekcji.
Chciałbym jednak tego loga z [url="http://www.instalki.pl/programy/download_c/116/2295.html"][color="#0000FF"][b]Silent Runners[/b][/color][/url] zobaczyć.

bezimienny
komentarz
komentarz

OTL
[log]All processes killed
========== PROCESSES ==========
No active process named Explorer.exe was found!
========== OTL ==========
ADS C:\Documents and Settings\All Users\Dane aplikacji\TEMP:B3D74A13 deleted successfully.
ADS C:\Documents and Settings\All Users\Dane aplikacji\TEMP:ECF54A0E deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Gość
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->FireFox cache emptied: 3567862 bytes

User: Krzysiek
->Temp folder emptied: 42953404 bytes
->Temporary Internet Files folder emptied: 848838 bytes
->Java cache emptied: 5014699 bytes
->FireFox cache emptied: 62675764 bytes
->Flash cache emptied: 428432 bytes

User: LocalService
->Temp folder emptied: 65716 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 977223 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 111,00 mb


OTL by OldTimer - Version 3.2.9.0 log created on 07222010_232807

Files\Folders moved on Reboot...
C:\Documents and Settings\Krzysiek\Ustawienia lokalne\Temp\~DFE120.tmp moved successfully.
File\Folder C:\WINDOWS\temp\_avast5_\Webshlock.txt not found!
File\Folder C:\WINDOWS\temp\ZLT0625a.TMP not found!

Registry entries deleted on Reboot...
[/log]

Silent Runners
[log]"Silent Runners.vbs", revision 61, http://www.silentrunners.org/
Operating System: Windows XP SP3
Output limited to non-default values, except where indicated by "{++}"


Startup items buried in registry:
---------------------------------

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"SpybotSD TeaTimer" = "E:\Programy\Spybot - Search & Destroy\TeaTimer.exe" ["Safer-Networking Ltd."]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"avast5" = "C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui" ["AVAST Software"]
"WheelMouse" = "C:\Program Files\A4Tech\Mouse\Amoumain.exe" ["A4Tech Co.,Ltd."]
"RTHDCPL" = "RTHDCPL.EXE" ["Realtek Semiconductor Corp."]
"NvMediaCenter" = "RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit" [MS]
"NvCplDaemon" = "RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup" [MS]
"MutlimediaKbdDriver" = "E:\Programy\M-KbdDrv.exe" [empty string]
"ZoneAlarm Client" = ""C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"" ["Check Point Software Technologies LTD"]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

{0347C33E-8762-4905-BF09-768834316C61}\(Default) = "HP Print Enhancer"
-> {HKLM...CLSID} = "HP Print Enhancer"
\InProcServer32\(Default) = "C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll" ["Hewlett-Packard Co."]

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Adobe PDF Reader Link Helper"
\InProcServer32\(Default) = "C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"]

{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}\(Default) = "BitComet ClickCapture"
-> {HKLM...CLSID} = "BitComet Helper"
\InProcServer32\(Default) = "E:\Programy\BitComet\tools\BitCometBHO_1.3.7.16.dll" ["BitComet"]

{53707962-6F74-2D53-2644-206D7942484F}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Spybot-S&D IE Protection"
\InProcServer32\(Default) = "E:\Programy\SPYBOT~1\SDHelper.dll" ["Safer Networking Limited"]

{DBC80044-A445-435b-BC74-9C25C1C588A9}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Java(tm) Plug-In 2 SSV Helper"
\InProcServer32\(Default) = "C:\Program Files\Java\jre6\bin\jp2ssv.dll" ["Sun Microsystems, Inc."]

{E7E6F031-17CE-4C07-BC86-EABFE594F69C}\(Default) = "JQSIEStartDetectorImpl"
-> {HKLM...CLSID} = "JQSIEStartDetectorImpl Class"
\InProcServer32\(Default) = "C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll" ["Sun Microsystems, Inc."]

{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}\(Default) = "IEPluginBHO"
-> {HKLM...CLSID} = "IEPluginBHO Class"
\InProcServer32\(Default) = "C:\Documents and Settings\Krzysiek\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll" ["GG Network S.A."]

{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}\(Default) = "HP Smart BHO Class"
-> {HKLM...CLSID} = "HP Smart BHO Class"
\InProcServer32\(Default) = "C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll" ["Hewlett-Packard Co."]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\

"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Rozszerzenie ikony HyperTerminalu"
-> {HKLM...CLSID} = "HyperTerminal Icon Ext"
\InProcServer32\(Default) = "C:\WINDOWS\system32\hticons.dll" ["Hilgraeve, Inc."]

"{3028902F-6374-48b2-8DC6-9725E775B926}" = "IE Microsoft AutoComplete"
-> {HKLM...CLSID} = "IE Microsoft AutoComplete"
\InProcServer32\(Default) = "C:\WINDOWS\system32\browseui.dll" [MS]

"{EFA24E62-B078-11d0-89E4-00C04FC9E26E}" = "History Band"
-> {HKLM...CLSID} = "History Band"
\InProcServer32\(Default) = "C:\WINDOWS\system32\shdocvw.dll" [MS]

"{A70C977A-BF00-412C-90B7-034C51DA2439}" = "NvCpl DesktopContext Class"
-> {HKLM...CLSID} = "DesktopContext Class"
\InProcServer32\(Default) = "C:\WINDOWS\system32\nvcpl.dll" ["NVIDIA Corporation"]

"{1CDB2949-8F65-4355-8456-263E7C208A5D}" = "Desktop Explorer"
-> {HKLM...CLSID} = "Desktop Explorer"
\InProcServer32\(Default) = "C:\Program Files\NVIDIA Corporation\nView\nvshell.dll" ["NVIDIA Corporation"]

"{1E9B04FB-F9E5-4718-997B-B8DA88302A47}" = "Desktop Explorer Menu"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\NVIDIA Corporation\nView\nvshell.dll" ["NVIDIA Corporation"]

"{1E9B04FB-F9E5-4718-997B-B8DA88302A48}" = "nView Desktop Context Menu"
-> {HKLM...CLSID} = "nView Desktop Context Menu"
\InProcServer32\(Default) = "C:\Program Files\NVIDIA Corporation\nView\nvshell.dll" ["NVIDIA Corporation"]

"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"]

"{44440D00-FF19-4AFC-B765-9A0970567D97}" = "TuneUp Theme Extension"
-> {HKLM...CLSID} = "TuneUp Theme Extension"
\InProcServer32\(Default) = "C:\WINDOWS\System32\uxtuneup.dll" ["TuneUp Software GmbH"]

"{4858E7D9-8E12-45a3-B6A3-1CD128C9D403}" = "TuneUp Shredder Shell Extension"
-> {HKLM...CLSID} = "TuneUp Shredder Shell Extension"
\InProcServer32\(Default) = "E:\Programy\TuneUp Utilities 2008\SDShelEx-win32.dll" ["TuneUp Software GmbH"]

"{32020A01-506E-484D-A2A8-BE3CF17601C3}" = "AlcoholShellEx"
-> {HKLM...CLSID} = "AlcoholShellEx"
\InProcServer32\(Default) = "C:\PROGRA~1\ALCOHO~1\ALCOHO~1\AXShlEx.dll" ["Alcohol Soft Development Team"]

"{97F68CE3-7146-45FF-BE24-D9A7DD7CB8A2}" = "NeroCoverEd Live Icons"
-> {HKLM...CLSID} = "NeroCoverEdLiveIcons Class"
\InProcServer32\(Default) = "C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll" ["Nero AG"]

"{B327765E-D724-4347-8B16-78AE18552FC3}" = "NeroDigitalIconHandler"
-> {HKLM...CLSID} = "NeroDigitalIconHandler Class"
\InProcServer32\(Default) = "C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll" ["Nero AG"]

"{7F1CF152-04F8-453A-B34C-E609530A9DC8}" = "NeroDigitalPropSheetHandler"
-> {HKLM...CLSID} = "NeroDigitalPropSheetHandler Class"
\InProcServer32\(Default) = "C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll" ["Nero AG"]

"{00020D75-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Desktop Icon Handler"
-> {HKLM...CLSID} = "Microsoft Office Outlook"
\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL" [MS]

"{0006F045-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Custom Icon Handler"
-> {HKLM...CLSID} = "Rozszerzenie ikon plików programu Outlook"
\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL" [MS]

"{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\OFFICE11\msohev.dll" [MS]

"{1F77B17B-F531-44DB-ACA4-76ABB5010A28}" = "AIMP2: ShellExt"
-> {HKLM...CLSID} = "AIMP2: ShellExt"
\InProcServer32\(Default) = "E:\Programy\AIMP2\System\aimp_shell.dll" ["AIMP DevTeam"]

"{FFB699E0-306A-11d3-8BD1-00104B6F7516}" = "Play on my TV helper"
-> {HKLM...CLSID} = "NVIDIA CPL Extension"
\InProcServer32\(Default) = "C:\WINDOWS\system32\nvcpl.dll" ["NVIDIA Corporation"]

"{472083B0-C522-11CF-8763-00608CC02F24}" = "avast"
-> {HKLM...CLSID} = "avast"
\InProcServer32\(Default) = "C:\Program Files\Alwil Software\Avast5\ashShell.dll" ["AVAST Software"]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\

"WPDShServiceObj" = "{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"
-> {HKLM...CLSID} = "WPDShServiceObj Class"
\InProcServer32\(Default) = "C:\WINDOWS\system32\WPDShServiceObj.dll" [MS]

HKLM\SOFTWARE\Classes\PROTOCOLS\Filter\

<<!>> text/xml\CLSID = "{807553E5-5146-11D5-A672-00B0D022E945}"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL" [MS]

HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\

<<!>> ms-itss\CLSID = "{0A9007C0-4076-11D3-8789-0000F8105754}"
-> {HKLM...CLSID} = "Microsoft Infotech Storage Protocol for IE 4.0"
\InProcServer32\(Default) = "C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL" [MS]

<<!>> mso-offdap\CLSID = "{3D9F03FA-7A94-11D3-BE81-0050048385D1}"
-> {HKLM...CLSID} = "Data Page Pluggable Protocol mso-offdap Handler"
\InProcServer32\(Default) = "C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL" [MS]

<<!>> mso-offdap11\CLSID = "{32505114-5902-49B2-880A-1F7738E5A384}"
-> {HKLM...CLSID} = "Data Page Plugable Protocal mso-offdap11 Handler"
\InProcServer32\(Default) = "C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL" [MS]

<<!>> skype4com\CLSID = "{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}"
-> {HKLM...CLSID} = "IEProtocolHandler Class"
\InProcServer32\(Default) = "C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL" ["Skype Technologies"]

HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\

AIMPClassic\(Default) = "{1F77B17B-F531-44DB-ACA4-76ABB5010A28}"
-> {HKLM...CLSID} = "AIMP2: ShellExt"
\InProcServer32\(Default) = "E:\Programy\AIMP2\System\aimp_shell.dll" ["AIMP DevTeam"]

avast\(Default) = "{472083B0-C522-11CF-8763-00608CC02F24}"
-> {HKLM...CLSID} = "avast"
\InProcServer32\(Default) = "C:\Program Files\Alwil Software\Avast5\ashShell.dll" ["AVAST Software"]

Cover Designer\(Default) = "{73FCA462-9BD5-4065-A73F-A8E5F6904EF7}"
-> {HKLM...CLSID} = "NeroCoverEdContextMenu Class"
\InProcServer32\(Default) = "C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll" ["Nero AG"]

TuneUp Shredder Shell Extension\(Default) = "{4858E7D9-8E12-45a3-B6A3-1CD128C9D403}"
-> {HKLM...CLSID} = "TuneUp Shredder Shell Extension"
\InProcServer32\(Default) = "E:\Programy\TuneUp Utilities 2008\SDShelEx-win32.dll" ["TuneUp Software GmbH"]

WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"]

{EB4D3CFE-E2AA-4C6E-B2FE-2A749F95D208}\(Default) = (no title provided)
-> {HKLM...CLSID} = "NBShellHook Class"
\InProcServer32\(Default) = "C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll" ["Nero AG"]

HKLM\SOFTWARE\Classes\*\shellex\DragDropHandlers\

NBShellHook\(Default) = "{EB4D3CFE-E2AA-4C6E-B2FE-2A749F95D208}"
-> {HKLM...CLSID} = "NBShellHook Class"
\InProcServer32\(Default) = "C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll" ["Nero AG"]

HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\

AIMPClassic\(Default) = "{1F77B17B-F531-44DB-ACA4-76ABB5010A28}"
-> {HKLM...CLSID} = "AIMP2: ShellExt"
\InProcServer32\(Default) = "E:\Programy\AIMP2\System\aimp_shell.dll" ["AIMP DevTeam"]

TuneUp Shredder Shell Extension\(Default) = "{4858E7D9-8E12-45a3-B6A3-1CD128C9D403}"
-> {HKLM...CLSID} = "TuneUp Shredder Shell Extension"
\InProcServer32\(Default) = "E:\Programy\TuneUp Utilities 2008\SDShelEx-win32.dll" ["TuneUp Software GmbH"]

WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"]

HKLM\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\

WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"]

HKLM\SOFTWARE\Classes\Directory\Background\shellex\ContextMenuHandlers\

00nView\(Default) = "{1E9B04FB-F9E5-4718-997B-B8DA88302A48}"
-> {HKLM...CLSID} = "nView Desktop Context Menu"
\InProcServer32\(Default) = "C:\Program Files\NVIDIA Corporation\nView\nvshell.dll" ["NVIDIA Corporation"]

NvCplDesktopContext\(Default) = "{A70C977A-BF00-412C-90B7-034C51DA2439}"
-> {HKLM...CLSID} = "DesktopContext Class"
\InProcServer32\(Default) = "C:\WINDOWS\system32\nvcpl.dll" ["NVIDIA Corporation"]

HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\

{7D4D6379-F301-4311-BEBA-E26EB0561882}\(Default) = "NeroDigitalExt.NeroDigitalColumnHandler"
-> {HKLM...CLSID} = "NeroDigitalColumnHandler Class"
\InProcServer32\(Default) = "C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll" ["Nero AG"]

{F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = "PDF Column Info"
-> {HKLM...CLSID} = "PDF Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll" ["Adobe Systems, Inc."]

HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\

avast\(Default) = "{472083B0-C522-11CF-8763-00608CC02F24}"
-> {HKLM...CLSID} = "avast"
\InProcServer32\(Default) = "C:\Program Files\Alwil Software\Avast5\ashShell.dll" ["AVAST Software"]

WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"]

{EB4D3CFE-E2AA-4C6E-B2FE-2A749F95D208}\(Default) = (no title provided)
-> {HKLM...CLSID} = "NBShellHook Class"
\InProcServer32\(Default) = "C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll" ["Nero AG"]

HKLM\SOFTWARE\Classes\Folder\shellex\DragDropHandlers\

NBShellHook\(Default) = "{EB4D3CFE-E2AA-4C6E-B2FE-2A749F95D208}"
-> {HKLM...CLSID} = "NBShellHook Class"
\InProcServer32\(Default) = "C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll" ["Nero AG"]

WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"]


Group Policies {GPedit.msc branch and setting}:
-----------------------------------------------

Note: detected settings may not have any effect.

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\

"NoBandCustomize" = (REG_DWORD) dword:0x00000000
{User Configuration|Administrative Templates|Windows Components|Internet Explorer|Toolbars|
Disable customizing browser toolbars}

"NoMovingBands" = (REG_DWORD) dword:0x00000000
{unrecognized setting}

"NoCloseDragDropBands" = (REG_DWORD) dword:0x00000000
{unrecognized setting}

"NoSetTaskbar" = (REG_DWORD) dword:0x00000000
{User Configuration|Administrative Templates|Start Menu and Taskbar|
Prevent changes to Taskbar and Start Menu Settings}

"NoToolbarsOnTaskbar" = (REG_DWORD) dword:0x00000000
{unrecognized setting}

"NoDrives" = (REG_DWORD) dword:0x00000000
{unrecognized setting}

"NoSaveSettings" = (REG_DWORD) dword:0x00000000
{User Configuration|Administrative Templates|Desktop|
Don't save settings at exit}

"NoActiveDesktop" = (REG_DWORD) dword:0x00000000
{User Configuration|Administrative Templates|Desktop|Desktop / Active Desktop|
Disable Active Desktop}

"ClassicShell" = (REG_DWORD) dword:0x00000000
{User Configuration|Administrative Templates|Windows Components|Windows Explorer|
Enable Classic Shell / Turn on Classic Shell}

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\

"NoDrives" = (REG_DWORD) dword:0x00000000
{unrecognized setting}


Active Desktop and Wallpaper:
-----------------------------

Active Desktop may be disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

Displayed if Active Desktop enabled and wallpaper not set by Group Policy:
HKCU\Software\Microsoft\Internet Explorer\Desktop\General\
"Wallpaper" = "C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp"

Displayed if Active Desktop disabled and wallpaper not set by Group Policy:
HKCU\Control Panel\Desktop\
"Wallpaper" = "C:\Documents and Settings\Krzysiek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp"


Enabled Screen Saver:
---------------------

HKCU\Control Panel\Desktop\
"SCRNSAVE.EXE" = "C:\WINDOWS\system32\logon.scr" [MS]


Windows Portable Device AutoPlay Handlers
-----------------------------------------

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\

AIMP.EventCDA\
"Provider" = "AIMP2"
"InvokeProgID" = "AIMP.EventCDA"
"InvokeVerb" = "open"
HKLM\SOFTWARE\Classes\AIMP.EventCDA\shell\open\command\(Default) = "E:\Programy\AIMP2\AIMP2.exe /CDA %1" ["AIMP DevTeam"]

AIMP.EventMusic\
"Provider" = "AIMP2"
"InvokeProgID" = "AIMP.EventMusic"
"InvokeVerb" = "open"
HKLM\SOFTWARE\Classes\AIMP.EventMusic\shell\open\command\(Default) = "E:\Programy\AIMP2\AIMP2.exe /DIR %1" ["AIMP DevTeam"]

AlcoholAutoPlayV2.BurnDisc\
"Provider" = "Alcohol 120%"
"InvokeProgID" = "AlcoholAutoPlayV2"
"InvokeVerb" = "BurnDisc"
HKLM\SOFTWARE\Classes\AlcoholAutoPlayV2\shell\BurnDisc\command\(Default) = ""C:\Program Files\Alcohol Soft\Alcohol 120\Alcohol.exe" %1" ["Alcohol Soft Development Team"]

AlcoholAutoPlayV2.ReadDisc\
"Provider" = "Alcohol 120%"
"InvokeProgID" = "AlcoholAutoPlayV2"
"InvokeVerb" = "ReadDisc"
HKLM\SOFTWARE\Classes\AlcoholAutoPlayV2\shell\ReadDisc\command\(Default) = ""C:\Program Files\Alcohol Soft\Alcohol 120\Alcohol.exe" %1" ["Alcohol Soft Development Team"]

MPCPlayCDAudioOnArrival\
"Provider" = "Media Player Classic"
"InvokeProgID" = "MediaPlayerClassic.Autorun"
"InvokeVerb" = "PlayCDAudio"
HKLM\SOFTWARE\Classes\MediaPlayerClassic.Autorun\shell\PlayCDAudio\command\(Default) = ""E:\Programy\K-Lite Codec Pack\Media Player Classic\mplayerc.exe" %1 /cd" ["Gabest"]

MPCPlayDVDMovieOnArrival\
"Provider" = "Media Player Classic"
"InvokeProgID" = "MediaPlayerClassic.Autorun"
"InvokeVerb" = "PlayDVDMovie"
HKLM\SOFTWARE\Classes\MediaPlayerClassic.Autorun\shell\PlayDVDMovie\command\(Default) = ""E:\Programy\K-Lite Codec Pack\Media Player Classic\mplayerc.exe" %1 /dvd" ["Gabest"]

MPCPlayMusicFilesOnArrival\
"Provider" = "Media Player Classic"
"InvokeProgID" = "MediaPlayerClassic.Autorun"
"InvokeVerb" = "PlayMusicFiles"
HKLM\SOFTWARE\Classes\MediaPlayerClassic.Autorun\shell\PlayMusicFiles\command\(Default) = ""E:\Programy\K-Lite Codec Pack\Media Player Classic\mplayerc.exe" %1" ["Gabest"]

MPCPlayVideoFilesOnArrival\
"Provider" = "Media Player Classic"
"InvokeProgID" = "MediaPlayerClassic.Autorun"
"InvokeVerb" = "PlayVideoFiles"
HKLM\SOFTWARE\Classes\MediaPlayerClassic.Autorun\shell\PlayVideoFiles\command\(Default) = ""E:\Programy\K-Lite Codec Pack\Media Player Classic\mplayerc.exe" %1" ["Gabest"]

MSWPDShellNamespaceHandler\
"Provider" = "@%SystemRoot%\System32\WPDShextRes.dll,-501"
"CLSID" = "{A55803CC-4D53-404c-8557-FD63DBA95D24}"
"InitCmdLine" = " "
-> {HKLM...CLSID} = "WPDShextAutoplay"
\LocalServer32\(Default) = "C:\WINDOWS\system32\WPDShextAutoplay.exe" [MS]

NeroAutoPlay7AudioToNeroDigital\
"Provider" = "Nero Burning ROM"
"InvokeProgID" = "Nero.AutoPlay7"
"InvokeVerb" = "AudioToNeroDigital_PlayCDAudioOnArrival"
HKLM\SOFTWARE\Classes\Nero.AutoPlay7\shell\AudioToNeroDigital_PlayCDAudioOnArrival\command\(Default) = "C:\Program Files\Nero\Nero 7\Core\nero.exe /Dialog:SaveTracks %L" ["Nero AG"]

NeroAutoPlay7CDAudio\
"Provider" = "Nero Express"
"InvokeProgID" = "Nero.AutoPlay7"
"InvokeVerb" = "CDAudio_HandleCDBurningOnArrival"
HKLM\SOFTWARE\Classes\Nero.AutoPlay7\shell\CDAudio_HandleCDBurningOnArrival\command\(Default) = "C:\Program Files\Nero\Nero 7\Core\nero.exe -w /New:AudioCD" ["Nero AG"]

NeroAutoPlay7CopyCD\
"Provider" = "Nero Burning ROM"
"InvokeProgID" = "Nero.AutoPlay7"
"InvokeVerb" = "CopyCD_PlayMusicFilesOnArrival"
HKLM\SOFTWARE\Classes\Nero.AutoPlay7\shell\CopyCD_PlayMusicFilesOnArrival\command\(Default) = "C:\Program Files\Nero\Nero 7\Core\nero.exe /Dialog:DiscCopy %L" ["Nero AG"]

NeroAutoPlay7DataDisc\
"Provider" = "Nero Express"
"InvokeProgID" = "Nero.AutoPlay7"
"InvokeVerb" = "DataDisc_HandleCDBurningOnArrival"
HKLM\SOFTWARE\Classes\Nero.AutoPlay7\shell\DataDisc_HandleCDBurningOnArrival\command\(Default) = "C:\Program Files\Nero\Nero 7\Core\nero.exe -w /New:ISODisc" ["Nero AG"]

NeroAutoPlay7LaunchNeroStartSmart\
"Provider" = "Nero StartSmart"
"InvokeProgID" = "Nero.AutoPlay7"
"InvokeVerb" = "LaunchNeroStartSmart_HandleCDBurningOnArrival"
HKLM\SOFTWARE\Classes\Nero.AutoPlay7\shell\LaunchNeroStartSmart_HandleCDBurningOnArrival\command\(Default) = "C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe /AutoPlay" ["Nero AG"]

NeroAutoPlay7PlayAudioCD\
"Provider" = "Nero ShowTime"
"InvokeProgID" = "Nero.AutoPlay7"
"InvokeVerb" = "PlayAudioCD_PlayMusicFilesOnArrival"
HKLM\SOFTWARE\Classes\Nero.AutoPlay7\shell\PlayAudioCD_PlayMusicFilesOnArrival\command\(Default) = "C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe /Play %L" ["Nero AG"]

NeroAutoPlay7PlayDVD\
"Provider" = "Nero ShowTime"
"InvokeProgID" = "Nero.AutoPlay7"
"InvokeVerb" = "PlayDVD_PlayVideoFilesOnArrival"
HKLM\SOFTWARE\Classes\Nero.AutoPlay7\shell\PlayDVD_PlayVideoFilesOnArrival\command\(Default) = "C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe /Play %L" ["Nero AG"]

NeroAutoPlay7RipCD\
"Provider" = "Nero Burning ROM"
"InvokeProgID" = "Nero.AutoPlay7"
"InvokeVerb" = "RipCD_PlayCDAudioOnArrival"
HKLM\SOFTWARE\Classes\Nero.AutoPlay7\shell\RipCD_PlayCDAudioOnArrival\command\(Default) = "C:\Program Files\Nero\Nero 7\Core\nero.exe /Dialog:SaveTracks %L" ["Nero AG"]

NeroAutoPlay7TranscodeVideo\
"Provider" = "Nero Recode"
"InvokeProgID" = "Nero.AutoPlay7"
"InvokeVerb" = "TranscodeVideo_PlayDVDMovieOnArrival"
HKLM\SOFTWARE\Classes\Nero.AutoPlay7\shell\TranscodeVideo_PlayDVDMovieOnArrival\command\(Default) = "C:\Program Files\Nero\Nero 7\Nero Recode\Recode.exe /New:CopyDVDVideo" ["Nero AG"]

NeroAutoPlay7VideoCapture\
"Provider" = "Nero Vision"
"ProgID" = "Shell.HWEventHandlerShellExecute"
"InitCmdLine" = ""C:\Program Files\Nero\Nero 7\Nero Vision\NeroVision.exe" /New:VideoCapture"
HKLM\SOFTWARE\Classes\Shell.HWEventHandlerShellExecute\CLSID\(Default) = "{FFB8655F-81B9-4fce-B89C-9A6BA76D13E7}"
-> {HKLM...CLSID} = "ShellExecute HW Event Handler"
\LocalServer32\(Default) = "rundll32.exe shell32.dll,SHCreateLocalServerRunDll {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7}" [MS]

NeroAutoPlay7ViewPhotos\
"Provider" = "Nero PhotoSnap Viewer"
"InvokeProgID" = "Nero.AutoPlay7"
"InvokeVerb" = "ViewPhotos_ShowPicturesOnArrival"
HKLM\SOFTWARE\Classes\Nero.AutoPlay7\shell\ViewPhotos_ShowPicturesOnArrival\command\(Default) = "C:\Program Files\Nero\Nero 7\Nero PhotoSnap\PhotoSnapViewer.exe /" ["Nero AG"]

NokiaMusicBurnCD\
"Provider" = "Nokia Ovi Player"
"InvokeProgID" = "NokiaMusic.Autoplay"
"InvokeVerb" = "BurnCD"
HKLM\SOFTWARE\Classes\NokiaMusic.Autoplay\shell\BurnCD\command\(Default) = ""C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:burn %L /device:cd %L" [null data]

NokiaMusicPlayCD\
"Provider" = "Nokia Ovi Player"
"InvokeProgID" = "NokiaMusic.Autoplay"
"InvokeVerb" = "PlayCD"
HKLM\SOFTWARE\Classes\NokiaMusic.Autoplay\shell\PlayCD\command\(Default) = ""C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:playcd %L /device:cd %L" [null data]

NokiaMusicRipCD\
"Provider" = "Nokia Ovi Player"
"InvokeProgID" = "NokiaMusic.Autoplay"
"InvokeVerb" = "RipCD"
HKLM\SOFTWARE\Classes\NokiaMusic.Autoplay\shell\RipCD\command\(Default) = ""C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:rip %L /device:cd %L" [null data]

NokiaMusicViewCD\
"Provider" = "Nokia Ovi Player"
"InvokeProgID" = "NokiaMusic.Autoplay"
"InvokeVerb" = "ViewCD"
HKLM\SOFTWARE\Classes\NokiaMusic.Autoplay\shell\ViewCD\command\(Default) = ""C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe" /device:cd %L" [null data]

NokiaMusicViewDevice\
"Provider" = "Nokia Ovi Player"
"ProgID" = "NokiaMusic.Autoplay"
HKLM\SOFTWARE\Classes\NokiaMusic.Autoplay\CLSID\(Default) = "{546811A4-510D-4E15-9679-DD6A27C5CCB3}"
-> {HKLM...CLSID} = "Nokia Ovi Player"
\LocalServer32\(Default) = "C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe" [null data]

NPAutoPlayHandler\
"Provider" = "Nokia Photos"
"InvokeProgID" = "NPAutoPlay"
"InvokeVerb" = "import"
HKLM\SOFTWARE\Classes\NPAutoPlay\shell\import\command\(Default) = "C:\Program Files\Nokia\Nokia Photos\NokiaPhotos2.exe -import %1" [null data]

tigerplayerDVDMovieOnArrival\
"Provider" = "MPCSTAR"
"InvokeProgID" = "tigerplayer.DVD"
"InvokeVerb" = "open"
HKLM\SOFTWARE\Classes\tigerplayer.DVD\shell\open\command\(Default) = ""E:\Programy\MpcStar\mpcstar.exe" %1" [null data]


Enabled Scheduled Tasks:
------------------------

"1-Click Maintenance" -> launches: "E:\Programy\TuneUp Utilities 2008\OneClickStarter.exe /schedulestart" [null data]


Winsock2 Service Provider DLLs:
-------------------------------

Namespace Service Providers

HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000004\LibraryPath = "%SystemRoot%\System32\nwprovau.dll" [MS]

Transport Service Providers

HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 18
%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05


Toolbars, Explorer Bars, Extensions:
------------------------------------

Explorer Bars

HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\

{555D4D79-4BD2-4094-A395-CFC534424A05}\(Default) = (no title provided)
-> {HKLM...CLSID} = "HP Smart Web Printing"
\InProcServer32\(Default) = "C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll" ["Hewlett-Packard Co."]

HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\

{555D4D79-4BD2-4094-A395-CFC534424A05}\(Default) = (no title provided)
-> {HKLM...CLSID} = "HP Smart Web Printing"
\InProcServer32\(Default) = "C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll" ["Hewlett-Packard Co."]

HKLM\SOFTWARE\Classes\CLSID\{FF059E31-CC5A-4E2E-BF3B-96E929D65503}\(Default) = "&Badanie"
Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar]
InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL" [MS]

Extensions (Tools menu items, main toolbar menu buttons)

HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\
{92780B25-18CC-41C8-B9BE-3C9C571A8263}\
"ButtonText" = "Badanie"

{D18A0B52-D63C-4ED0-AFC6-C1E3DC1AF43A}\
"ButtonText" = "BitComet"
"Script" = "res://E:\Programy\BitComet\tools\BitCometBHO_1.3.7.16.dll/206" ["BitComet"]

{DDE87865-83C5-48C4-8357-2F5B1AA84522}\
"ButtonText" = "Pokaż lub ukryj HP Smart Web Printing"
"CLSIDExtension" = "{DDE87865-83C5-48c4-8357-2F5B1AA84522}"
-> {HKLM...CLSID} = "ClipBookBtn Class"
\InProcServer32\(Default) = "C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll" ["Hewlett-Packard Co."]

{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}\
"MenuText" = "Spybot - Search & Destroy Configuration"
"CLSIDExtension" = "{53707962-6F74-2D53-2644-206D7942484F}"
-> {HKLM...CLSID} = "Spybot-S&D IE Protection"
\InProcServer32\(Default) = "E:\Programy\SPYBOT~1\SDHelper.dll" ["Safer Networking Limited"]

{E2E2DD38-D088-4134-82B7-F2BA38496583}\
"MenuText" = "@xpsp3res.dll,-20001"
"Exec" = "%windir%\Network Diagnostic\xpnetdiag.exe" [MS]


Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------

ATK Keyboard Service, ATKKeyboardService, "C:\WINDOWS\ATKKBService.exe" ["ASUSTeK COMPUTER INC."]
avast! Antivirus, avast! Antivirus, ""C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"" ["AVAST Software"]
avast! Mail Scanner, avast! Mail Scanner, ""C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"" ["AVAST Software"]
avast! Web Scanner, avast! Web Scanner, ""C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"" ["AVAST Software"]
hpqcxs08, hpqcxs08, "C:\WINDOWS\system32\svchost.exe -k hpdevmgmt" {"C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll" ["Hewlett-Packard Co."]}
Java Quick Starter, JavaQuickStarterService, ""C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"" ["Sun Microsystems, Inc."]
Karta wydajności WMI, WmiApSrv, "C:\WINDOWS\system32\wbem\wmiapsrv.exe" [MS]
Machine Debug Manager, MDM, ""C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"" [MS]
Net Driver HPZ12, Net Driver HPZ12, "C:\WINDOWS\System32\svchost.exe -k HPZ12" {"C:\WINDOWS\system32\HPZinw12.dll" ["Hewlett-Packard"]}
NVIDIA Display Driver Service, NVSvc, "C:\WINDOWS\system32\nvsvc32.exe" ["NVIDIA Corporation"]
Pml Driver HPZ12, Pml Driver HPZ12, "C:\WINDOWS\System32\svchost.exe -k HPZ12" {"C:\WINDOWS\system32\HPZipm12.dll" ["Hewlett-Packard"]}
PnkBstrA, PnkBstrA, "C:\WINDOWS\system32\PnkBstrA.exe" [null data]
PnkBstrB, PnkBstrB, "C:\WINDOWS\system32\PnkBstrB.exe" [null data]
TrueVector Internet Monitor, vsmon, "C:\WINDOWS\system32\ZoneLabs\vsmon.exe -service" ["Check Point Software Technologies LTD"]
TuneUp Theme Extension, UxTuneUp, "C:\WINDOWS\System32\svchost.exe -k netsvcs" {"C:\WINDOWS\System32\uxtuneup.dll" ["TuneUp Software GmbH"]}
Usługa HP CUE DeviceDiscovery, hpqddsvc, "C:\WINDOWS\system32\svchost.exe -k hpdevmgmt" {"C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll" ["Hewlett-Packard Co."]}
Windows Driver Foundation - User-mode Driver Framework, WudfSvc, "C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup" {"C:\WINDOWS\System32\WUDFSvc.dll" [MS]}


Safe Mode Drivers & Services (subkey name, subkey default value):
-----------------------------------------------------------------

HKLM\System\CurrentControlSet\Control\SafeBoot\Network\

<<!>> vsmon, "Service"


Print Monitors:
---------------

HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\
Microsoft Document Imaging Writer Monitor\Driver = "mdimon.dll" [MS]
PCL hpz3l5mu\Driver = "hpz3l5mu.dll" ["Hewlett-Packard Company"]


---------- (launch time: 2010-07-22 23:33:50)
<<!>>: Suspicious data at a malware launch point.

+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ To search all directories of local fixed drives for DESKTOP.INI
DLL launch points, use the -supp parameter or answer "No" at the
first message box and "Yes" at the second message box.
---------- (total run time: 47 seconds, including 15 seconds for message boxes)
[/log]

Tomek01
komentarz
komentarz

Logi wyglądają w porządku.
W OTL użyj funkcji Clean Up.

bezimienny
komentarz
komentarz

Zrobiłem, dalej to samo. Sorry za brak aktywności ale byłem na urlopie.

MarekM25
komentarz
komentarz

Daj najnowszego loga z OTL;)

bezimienny
komentarz
komentarz

proszę:
OTL
[log]OTL logfile created on: 2010-07-31 18:12:21 - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = D:\Download
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 60,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 92,00% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 45,31 Gb Total Space | 30,90 Gb Free Space | 68,20% Space Free | Partition Type: NTFS
Drive D: | 50,01 Gb Total Space | 4,65 Gb Free Space | 9,29% Space Free | Partition Type: NTFS
Drive E: | 202,77 Gb Total Space | 116,41 Gb Free Space | 57,41% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PRYWATNY
Current User Name: Krzysiek
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-07-31 16:56:43 | 000,218,808 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.exe
PRC - [2010-07-30 16:50:52 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010-07-30 16:50:51 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010-07-18 06:45:23 | 000,574,976 | ---- | M] (OldTimer Tools) -- D:\Download\OTL.exe
PRC - [2010-06-28 22:57:18 | 002,837,864 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010-06-28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010-06-23 13:52:56 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe
PRC - [2010-06-23 13:51:30 | 001,043,968 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2010-04-03 19:23:16 | 000,154,216 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2010-02-09 17:52:15 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2010-01-30 13:53:51 | 000,075,064 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe
PRC - [2009-11-22 14:37:35 | 011,539,048 | ---- | M] (GG Network S.A.) -- E:\Programy\Nowe Gadu-Gadu\gg.exe
PRC - [2009-10-28 13:43:06 | 000,077,824 | ---- | M] () -- E:\Programy\Nowe Gadu-Gadu\spellchecker_gg.exe
PRC - [2009-03-05 17:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- E:\Programy\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008-04-14 22:51:52 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-14 22:51:50 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe
PRC - [2008-04-14 22:51:44 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2008-04-14 22:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [WUDFSERVICEGROUP]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPZ12]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPZ12]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPDEVMGMT]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-14 22:51:40 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008-04-14 22:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 22:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 22:51:04 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2007-05-15 11:33:30 | 000,204,800 | ---- | M] (A4Tech Co.,Ltd.) -- C:\Program Files\A4Tech\Mouse\Amoumain.exe
PRC - [2007-04-18 20:57:48 | 001,617,920 | ---- | M] () -- E:\Programy\M-KbdDrv.exe
PRC - [2007-03-21 08:49:20 | 016,126,464 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe
PRC - [2006-09-22 11:58:12 | 000,241,664 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\ATKKBService.exe
PRC - [2003-06-20 00:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-07-18 06:45:23 | 000,574,976 | ---- | M] (OldTimer Tools) -- D:\Download\OTL.exe
MOD - [2008-04-14 22:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 22:50:58 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2008-04-14 22:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 22:50:58 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-14 22:50:58 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
MOD - [2008-04-14 22:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 22:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 22:50:48 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2008-04-14 22:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 22:50:48 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2008-04-14 22:50:46 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2008-04-14 22:50:46 | 000,584,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2008-04-14 22:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 22:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 22:50:46 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2008-04-14 22:50:46 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2008-04-14 22:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 22:50:42 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
MOD - [2008-04-14 22:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 22:50:36 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2008-04-14 22:50:32 | 000,285,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-04-14 22:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-14 22:50:16 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2008-04-14 22:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-14 22:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2008-04-14 22:50:00 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2008-04-14 22:49:16 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2008-04-14 22:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008-04-14 22:29:10 | 001,054,208 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
MOD - [2007-05-15 11:31:52 | 000,036,864 | ---- | M] (A4Tech Co.,Ltd.) -- C:\WINDOWS\system32\Amhooker.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2010-06-28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010-06-28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010-06-28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010-06-23 13:52:56 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2010-04-27 13:43:48 | 000,611,840 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010-03-18 16:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe -- (aspnet_state)
SRV - [2010-03-18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-03-18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2010-02-19 20:30:16 | 000,067,360 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R)
SRV - [2009-11-21 14:13:30 | 000,354,560 | ---- | M] (TuneUp Software GmbH) [On_Demand | Stopped] -- C:\WINDOWS\system32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2008-04-04 15:51:32 | 000,028,416 | ---- | M] (TuneUp Software GmbH) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2006-09-22 11:58:12 | 000,241,664 | ---- | M] (ASUSTeK COMPUTER INC.) [Auto | Running] -- C:\WINDOWS\ATKKBService.exe -- (ATKKeyboardService)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\Video3D32.sys -- (Video3D)
DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\ZoneLabs\srescan.sys -- (srescan)
DRV - File not found [File_System | System | Stopped] -- C:\WINDOWS\System32\DRIVERS\klif.sys -- (KLIF)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Krzysiek\USTAWI~1\Temp\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Krzysiek\USTAWI~1\Temp\cpuz130\cpuz_x32.sys -- (cpuz130)
DRV - [2010-07-31 14:36:39 | 000,137,256 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PnkBstrK.sys -- (PnkBstrK)
DRV - [2010-06-28 22:37:52 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010-06-28 22:37:30 | 000,165,456 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010-06-28 22:33:13 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010-06-28 22:32:45 | 000,100,176 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010-06-28 22:32:33 | 000,017,744 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010-06-28 22:32:16 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010-05-13 10:02:32 | 000,532,224 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2010-04-04 00:55:31 | 010,232,128 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2010-02-26 14:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010-02-26 14:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010-02-26 14:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010-02-26 14:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010-02-26 14:21:22 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2010-02-26 14:21:22 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2009-12-09 19:03:03 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2009-12-09 19:03:03 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)
DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008-04-13 22:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007-07-12 11:03:38 | 000,012,288 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\EIO.sys -- (EIO)
DRV - [2007-05-25 05:35:32 | 000,137,728 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\mv61xx.sys -- (mv61xx)
DRV - [2007-05-14 23:41:46 | 000,014,336 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Amusbprt.sys -- (Amusbprt)
DRV - [2007-05-14 23:38:22 | 000,009,216 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Amfilter.sys -- (Amfilter)
DRV - [2007-03-26 13:21:06 | 004,395,008 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007-03-15 08:12:02 | 000,038,656 | R--- | M] (Attansic Technology corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atl01_xp.sys -- (AtcL001)
DRV - [2005-10-18 16:01:00 | 000,011,008 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\atkkbnt.sys -- (asuskbnt)
DRV - [2005-05-17 14:48:21 | 000,050,176 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005-05-16 15:23:38 | 000,019,968 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2005-05-16 15:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2004-08-13 12:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2004-04-30 10:37:02 | 000,160,640 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\a347bus.sys -- (a347bus)
DRV - [2004-04-30 10:33:00 | 000,005,248 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\a347scsi.sys -- (a347scsi)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-436374069-308236825-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.1
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.3
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.0
FF - prefs.js..extensions.enabledItems: undoclosedtabsbutton@supernova00.biz:3.6.2
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.60
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.2.26
FF - prefs.js..extensions.enabledItems: openmedspel@e-medtools.com:1.0.8
FF - prefs.js..extensions.enabledItems: tineye@ideeinc.com:1.0
FF - prefs.js..extensions.enabledItems: turntoolviewer@turntool.com:2.9.5.9
FF - prefs.js..extensions.enabledItems: {DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}:1.0
FF - prefs.js..extensions.enabledItems: illimitux@illimitux.net:4.0
FF - prefs.js..extensions.enabledItems: nasanightlaunch@example.com:0.6.20100719
FF - prefs.js..extensions.enabledItems: {5c8bfb7c-9a54-11dc-8314-0800200c9a66}:3.6.3
FF - prefs.js..network.proxy.http: "202.153.41.211"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.type: 0


FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-02-05 19:21:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010-03-30 14:08:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-07-30 16:50:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-07-30 16:50:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010-03-30 14:08:30 | 000,000,000 | ---D | M]

[2009-11-21 13:59:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Extensions
[2010-07-31 17:09:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions
[2010-02-10 18:55:33 | 000,000,000 | ---D | M] (Aero Fox) -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}
[2010-07-18 23:07:57 | 000,000,000 | ---D | M] (ReloadEvery) -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}
[2010-07-10 22:50:37 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010-06-04 16:02:08 | 000,000,000 | ---D | M] (flashget3 Extension) -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}
[2010-02-19 00:23:19 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010-01-22 22:49:20 | 000,000,000 | ---D | M] (FoxTab) -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2010-07-13 19:05:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\illimitux@illimitux.net
[2010-07-22 23:27:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\nasanightlaunch@example.com
[2010-04-09 20:18:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\openmedspel@e-medtools.com
[2010-07-01 18:54:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\tineye@ideeinc.com
[2010-05-26 20:59:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\turntoolviewer@turntool.com
[2010-02-10 14:12:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\undoclosedtabsbutton@supernova00.biz
[2010-02-10 18:55:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\mac\browser\extensions
[2010-02-10 18:55:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\mac\mozapps\extensions
[2010-02-10 18:55:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\win\browser\extensions
[2010-02-10 18:55:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\win\mozapps\extensions
[2009-12-05 22:47:12 | 000,005,609 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\searchplugins\nonsensopedia-pl.xml
[2010-01-05 23:31:59 | 000,001,738 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mozilla\Firefox\Profiles\15uuingq.default\searchplugins\wyszukiwanie-filmw-wideo-w-youtube.xml
[2010-07-31 17:09:23 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009-07-17 10:40:12 | 000,704,512 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2010-02-09 19:50:44 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-02-09 19:50:44 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-02-09 19:50:44 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-02-09 19:50:44 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-02-09 19:50:44 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-02-09 19:50:44 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2010-07-24 17:47:48 | 000,413,985 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 14321 more lines...
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - E:\Programy\BitComet\tools\BitCometBHO_1.3.7.16.dll (BitComet)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - E:\Programy\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - No CLSID value found.
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Krzysiek\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [MutlimediaKbdDriver] E:\Programy\M-KbdDrv.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe (A4Tech Co.,Ltd.)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKU\S-1-5-21-436374069-308236825-1801674531-1003..\Run: [SpybotSD TeaTimer] E:\Programy\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoMovingBands = 0
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCloseDragDropBands = 0
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarsOnTaskbar = 0
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 0
O7 - HKU\S-1-5-21-436374069-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = 0
O8 - Extra context menu item: Download all by FlashGet3 - E:\Programy\FlashGet universal\FlashGet\GetAllUrl.htm ()
O8 - Extra context menu item: Download by FlashGet3 - E:\Programy\FlashGet universal\FlashGet\GetUrl.htm ()
O8 - Extra context menu item: Pobierz wszystkie VIdeo za pomocą BitComet - E:\Programy\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Pobierz wszystko za pomocą BitComet - E:\Programy\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Pobierz za pomocą BitComet - E:\Programy\BitComet\BitComet.exe (www.BitComet.com)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - E:\Programy\BitComet\tools\BitCometBHO_1.3.7.16.dll (BitComet)
O9 - Extra Button: Pokaż lub ukryj HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\Programy\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 88.156.96.61 82.139.8.7 88.156.63.9
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Krzysiek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Krzysiek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-11-20 23:43:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010-07-18 16:03:09 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-07-18 16:03:10 | 000,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-07-18 16:03:10 | 000,000,000 | RHSD | M] - E:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software GmbH)
NetSvcs: WmdmPmSp - File not found

MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: vsmon - C:\WINDOWS\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-07-24 18:52:04 | 000,000,000 | ---D | C] -- C:\Program Files\AP Tuner
[2010-07-18 16:03:09 | 000,000,000 | RHSD | C] -- C:\autorun.inf
[2010-07-16 13:44:55 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010-07-12 23:09:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\dwhelper
[2010-07-12 13:55:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\DoctorWeb
[2010-07-12 13:19:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Malwarebytes
[2010-07-12 13:18:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
[2010-07-06 23:05:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Moje dokumenty\Medal of Honor MP Beta
[2010-07-02 14:41:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\$regcmp$
[2010-07-02 14:35:13 | 000,000,000 | ---D | C] -- C:\Program Files\SmartPCTools
[2010-07-02 14:34:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\BITS
[2010-07-02 14:13:14 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010-07-02 13:56:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010-06-29 12:14:08 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\WINDOWS\avastSS.scr
[2010-06-26 18:14:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Ustawienia lokalne\Dane aplikacji\PMB Files
[2010-06-26 18:13:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\PMB Files
[2010-06-25 12:47:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010-06-23 17:18:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Moje dokumenty\Moje skanowanie
[2010-06-22 20:31:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Moje dokumenty\Black & White 2
[2010-06-18 20:15:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Moje dokumenty\NFS Most Wanted
[2010-06-16 21:55:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Moje dokumenty\Pobieranie
[2010-06-14 14:55:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2010-06-12 18:58:55 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts
[2010-06-11 18:28:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\TeamViewer
[2010-06-11 18:28:22 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer
[2010-06-10 17:47:27 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys
[2010-06-10 13:39:30 | 000,679,936 | ---- | C] (Generated by JEDI) -- C:\WINDOWS\System32\D3DX81ab.dll
[2010-06-10 13:39:28 | 000,000,000 | ---D | C] -- C:\Program Files\Cheat Engine
[2010-06-09 16:30:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\DVDVideoSoftIEHelpers
[2010-06-09 16:30:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Moje dokumenty\DVDVideoSoft
[2010-06-07 20:05:00 | 000,000,000 | ---D | C] -- C:\Program Files\PDF Image Extract Software
[2010-06-04 22:09:27 | 000,000,000 | ---D | C] -- C:\BDS
[2010-06-04 22:07:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\NVIDIA
[2010-06-04 20:54:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Trymedia
[2010-06-04 16:01:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\FlashGet
[2009-12-11 18:33:34 | 000,160,640 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347bus.sys
[2009-12-11 18:33:34 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347scsi.sys

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-07-31 18:11:48 | 000,000,908 | ---- | M] () -- C:\WINDOWS\System32\secustat.dat
[2010-07-31 18:11:40 | 000,004,700 | ---- | M] () -- C:\WINDOWS\System32\secushr.dat
[2010-07-31 18:00:00 | 000,000,482 | ---- | M] () -- C:\WINDOWS\tasks\1-Click Maintenance.job
[2010-07-31 16:56:43 | 000,218,808 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2010-07-31 14:36:39 | 000,137,256 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010-07-31 13:12:35 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-07-31 13:12:11 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-07-31 00:19:46 | 010,485,760 | ---- | M] () -- C:\Documents and Settings\Krzysiek\NTUSER.DAT
[2010-07-30 20:34:30 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010-07-30 18:33:47 | 000,029,184 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-07-30 16:49:43 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-07-24 18:51:32 | 000,075,120 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-07-24 17:47:48 | 000,413,985 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010-07-24 16:02:28 | 000,282,928 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-07-21 11:46:50 | 000,276,202 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010-07-20 00:43:21 | 003,176,046 | -H-- | M] () -- C:\Documents and Settings\Krzysiek\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-07-19 23:31:56 | 000,000,754 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Heroes of Might and Magic V.lnk
[2010-07-19 17:37:29 | 000,000,509 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Pulpit\MoorHunt.lnk
[2010-07-16 13:42:18 | 000,411,385 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100724-174748.backup
[2010-07-14 22:40:35 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Krzysiek\ntuser.ini
[2010-07-12 20:01:29 | 000,000,147 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Pulpit\FIX.reg
[2010-07-12 13:51:04 | 001,350,102 | ---- | M] () -- C:\anti-malware.bmp
[2010-07-12 12:10:49 | 000,000,647 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Pulpit\KMPlayer.lnk
[2010-07-05 12:59:34 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2010-07-05 10:28:15 | 000,000,128 | ---- | M] () -- C:\Documents and Settings\Krzysiek\default.pls
[2010-07-03 19:22:15 | 001,603,052 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\tapetka3.2.png
[2010-07-03 17:28:35 | 000,841,061 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\tapetka2.jpg
[2010-07-02 22:44:28 | 000,280,605 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\bez_nazwy_;).png
[2010-07-02 14:01:42 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010-07-02 14:01:36 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100716-134218.backup
[2010-07-02 11:26:01 | 000,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat
[2010-07-02 11:26:01 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Pulpit\ZoneAlarm Security.lnk
[2010-07-02 11:25:59 | 000,420,889 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2010-06-29 12:14:09 | 000,002,645 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010-06-28 22:57:33 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\WINDOWS\avastSS.scr
[2010-06-28 22:57:12 | 000,165,032 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010-06-28 22:37:52 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010-06-28 22:37:30 | 000,165,456 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010-06-28 22:33:13 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010-06-28 22:32:45 | 000,100,176 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010-06-28 22:32:42 | 000,094,544 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010-06-28 22:32:33 | 000,017,744 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010-06-28 22:32:16 | 000,028,880 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010-06-25 13:13:04 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2010-06-25 13:13:03 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010-06-25 13:13:03 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010-06-25 13:13:03 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010-06-25 13:13:03 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010-06-25 13:13:03 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010-06-25 13:07:56 | 000,000,793 | ---- | M] () -- C:\WINDOWS\win.ini
[2010-06-25 13:07:56 | 000,000,223 | -HS- | M] () -- C:\boot.ini
[2010-06-24 19:52:49 | 001,260,448 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-06-24 19:52:49 | 000,573,982 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2010-06-24 19:52:49 | 000,510,806 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-06-24 19:52:49 | 000,113,268 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2010-06-24 19:52:49 | 000,091,248 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-06-24 19:37:51 | 000,000,647 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Pulpit\Counter-Strike.lnk
[2010-06-24 19:37:51 | 000,000,602 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Pulpit\Half-Life.lnk
[2010-06-23 21:14:58 | 000,408,553 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100701-222447.backup
[2010-06-23 19:43:18 | 000,025,600 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\Book97.doc
[2010-06-23 17:23:05 | 000,031,674 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\skanowanie0001_1.htm
[2010-06-23 17:22:29 | 000,031,672 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\skanowanie0001.htm
[2010-06-22 19:29:19 | 000,000,589 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Black & White 2.lnk
[2010-06-20 18:51:25 | 000,408,427 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100623-211458.backup
[2010-06-17 19:30:36 | 000,099,814 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\fce.jpg
[2010-06-14 18:12:06 | 000,404,365 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100620-185125.backup
[2010-06-14 14:55:58 | 000,001,700 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\avast! Free Antivirus.lnk
[2010-06-11 19:47:33 | 000,000,519 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\AIMP2.lnk
[2010-06-11 18:28:27 | 000,000,879 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\TeamViewer 5.lnk
[2010-06-10 17:47:29 | 000,000,767 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Pulpit\EVEREST Home Edition.lnk
[2010-06-10 13:39:32 | 000,000,670 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Pulpit\Cheat Engine.lnk
[2010-06-09 20:52:45 | 000,127,587 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\screen.jpg
[2010-06-04 22:19:31 | 000,000,779 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Borderlands.lnk
[2010-06-04 16:01:38 | 000,000,025 | ---- | M] () -- C:\WINDOWS\libem.INI
[2010-06-04 16:01:16 | 000,000,695 | ---- | M] () -- C:\Documents and Settings\Krzysiek\Pulpit\FlashGet 3.5.lnk

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-07-24 18:51:44 | 000,004,700 | ---- | C] () -- C:\WINDOWS\System32\secushr.dat
[2010-07-19 23:31:56 | 000,000,754 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Heroes of Might and Magic V.lnk
[2010-07-18 16:24:39 | 000,000,908 | ---- | C] () -- C:\WINDOWS\System32\secustat.dat
[2010-07-12 20:01:21 | 000,000,147 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Pulpit\FIX.reg
[2010-07-12 13:51:04 | 001,350,102 | ---- | C] () -- C:\anti-malware.bmp
[2010-07-03 19:19:53 | 001,603,052 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\tapetka3.2.png
[2010-07-03 17:27:29 | 000,841,061 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\tapetka2.jpg
[2010-07-02 22:44:09 | 000,280,605 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\bez_nazwy_;).png
[2010-07-02 13:56:12 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010-07-02 13:56:11 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010-07-02 11:26:01 | 000,000,731 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Pulpit\ZoneAlarm Security.lnk
[2010-06-24 19:37:51 | 000,000,647 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Pulpit\Counter-Strike.lnk
[2010-06-24 19:37:51 | 000,000,602 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Pulpit\Half-Life.lnk
[2010-06-23 19:43:15 | 000,025,600 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\Book97.doc
[2010-06-23 17:23:03 | 000,031,674 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\skanowanie0001_1.htm
[2010-06-23 17:22:26 | 000,031,672 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\skanowanie0001.htm
[2010-06-22 19:29:19 | 000,000,589 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Black & White 2.lnk
[2010-06-17 19:30:29 | 000,099,814 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\fce.jpg
[2010-06-14 14:55:58 | 000,001,700 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\avast! Free Antivirus.lnk
[2010-06-11 18:28:27 | 000,000,879 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\TeamViewer 5.lnk
[2010-06-10 17:47:29 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Pulpit\EVEREST Home Edition.lnk
[2010-06-10 13:39:32 | 000,000,670 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Pulpit\Cheat Engine.lnk
[2010-06-10 13:39:30 | 001,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll
[2010-06-09 20:52:31 | 000,127,587 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Moje dokumenty\screen.jpg
[2010-06-04 22:19:31 | 000,000,779 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Borderlands.lnk
[2010-06-04 16:01:38 | 000,000,025 | ---- | C] () -- C:\WINDOWS\libem.INI
[2010-06-04 16:01:16 | 000,000,695 | ---- | C] () -- C:\Documents and Settings\Krzysiek\Pulpit\FlashGet 3.5.lnk
[2010-04-10 16:18:56 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2010-01-10 16:49:31 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009-12-31 15:21:32 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-12-07 23:18:07 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.INI
[2009-11-21 16:29:14 | 000,010,496 | ---- | C] () -- C:\WINDOWS\System32\ATKOSDMini.DLL
[2009-11-21 16:29:14 | 000,000,018 | ---- | C] () -- C:\WINDOWS\System32\atkid.ini
[2009-11-21 16:29:13 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\asrussian.dll
[2009-11-21 16:29:13 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\asgerman.dll
[2009-11-21 16:29:13 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\askorean.dll
[2009-11-21 16:29:13 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\asjapan.dll
[2009-11-21 16:29:12 | 000,046,592 | ---- | C] () -- C:\WINDOWS\System32\asfrench.dll
[2009-11-21 16:29:12 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\aseng.dll
[2009-11-21 16:29:12 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\ASCHT.dll
[2009-11-21 16:29:12 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\aschs.dll
[2009-11-21 14:39:56 | 000,137,256 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009-11-21 14:39:32 | 000,000,309 | ---- | C] () -- C:\WINDOWS\game.ini
[2009-11-21 13:44:59 | 000,796,048 | ---- | C] () -- C:\WINDOWS\System32\libeay32_0.9.6l.dll
[2009-11-21 13:36:02 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009-11-21 13:36:01 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009-11-21 13:36:01 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009-11-21 00:08:55 | 000,014,277 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2009-11-21 00:08:55 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2009-11-21 00:08:48 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2007-06-28 18:43:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2003-04-08 12:40:22 | 000,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

[color=#E56717]========== LOP Check ==========[/color]

[2010-06-14 14:55:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2010-05-19 19:01:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts
[2010-05-27 22:25:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations
[2009-11-21 13:45:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MailFrontier
[2010-03-29 20:12:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia
[2010-03-29 19:35:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NokiaMusic
[2009-11-22 14:35:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2010-03-29 20:50:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OviInstallerCache
[2010-03-29 20:10:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
[2010-06-26 22:24:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PMB Files
[2010-07-24 18:52:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2009-11-21 14:13:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TuneUp Software
[2010-03-06 15:14:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ubisoft
[2010-01-30 18:38:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{402F10B9-711E-4EF4-BC0E-AFE669ACC04C}
[2010-07-23 21:28:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\AIMP
[2010-07-31 18:11:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\BITS
[2009-12-09 17:06:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Broad Intelligence
[2010-03-20 16:22:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\COWON
[2009-12-19 21:07:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Dev-Cpp
[2009-11-21 13:44:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Dual Vibration Game pad
[2009-11-21 13:44:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Dual Vibration Gamepad
[2010-06-09 16:30:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\DVDVideoSoftIEHelpers
[2009-12-06 20:53:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\FileZilla
[2010-06-04 16:01:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\FlashGet
[2009-12-06 22:19:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Free Mp3 Wma Ogg Converter
[2009-11-21 13:35:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Gadu-Gadu
[2009-11-21 14:23:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Gadu-Gadu 10
[2009-12-19 15:28:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Leadertech
[2010-04-06 20:52:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Mp3tag
[2010-03-29 20:58:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Nokia
[2010-06-22 22:00:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Nowe Gadu-Gadu
[2009-11-22 14:34:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\OpenFM
[2010-03-30 14:19:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\PC Suite
[2010-01-07 21:45:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\SoundSpectrum
[2010-06-11 18:50:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\TeamViewer
[2009-11-24 21:45:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\TigerPlayer
[2009-11-21 14:13:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\TuneUp Software
[2010-03-06 15:14:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\Ubisoft
[2009-11-21 14:35:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krzysiek\Dane aplikacji\URSoft
[2010-07-31 18:00:00 | 000,000,482 | ---- | M] () -- C:\WINDOWS\Tasks\1-Click Maintenance.job

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2010-07-12 13:51:04 | 001,350,102 | ---- | M] () -- C:\anti-malware.bmp
[2009-11-20 23:43:08 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010-06-25 13:07:56 | 000,000,223 | -HS- | M] () -- C:\boot.ini
[2001-07-22 00:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2009-11-20 23:43:08 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2009-11-20 23:43:08 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2009-11-20 23:43:08 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008-04-13 22:13:04 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008-04-14 00:02:00 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2010-07-31 13:12:05 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\system32\DRIVERS\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2001-08-17 23:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\ERDNT\cache\beep.sys
[2001-08-17 23:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2001-08-17 23:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ERDNT\cache\ndis.sys
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 394 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:B3D74A13
< End of report >
[/log]

MarekM25
komentarz
komentarz

Użyj Combofixa. On powinien tu coś zdziałać.

Tomek01
komentarz
komentarz

Marek, nie wydaje mi się by Combofix tu pomógł. Infekcji tu śladu nie widać.
Może nakładka systemu rozwiąże problem :)

MarekM25
komentarz
komentarz

Ja bym jednak sprawdził tego combofixa ;) Spróbować nie zaszkodzi. Ale jak chcesz, Ty tu rządzisz xP

Tomek01
komentarz
komentarz

Ok, zobaczymy. Na razie czekamy aż kolega się odezwie. :)

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.