Swirusek

Win32:SalityCode ~~ Pomocy

17 postów w tym temacie

Co mam zrobić? Jakieś logi z czego nie wiem nic.

Avast dzisiaj zaczal szaleć - pierw zablokowal 29 plikow i pozniej cos go wylaczylo.

Poczytalem po froach i sciagnalem SalityKiller i skanuje nim ale nie wiem czy dobrze bo w nim tez mi wykrylo tego wirusa.

Prosze o szybka odpowiedz i instrukcje co robic

Udostępnij tego posta


Odnośnik do posta
Udostępnij na stronach

otl.txt

OTL logfile created on: 2013-08-21 06:38:06 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\SZYMAN\Moje dokumenty\Pobieranie
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
3,00 Gb Total Physical Memory | 2,22 Gb Available Physical Memory | 73,92% Memory free
4,85 Gb Paging File | 4,21 Gb Available in Paging File | 86,91% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 78,13 Gb Total Space | 58,62 Gb Free Space | 75,03% Space Free | Partition Type: NTFS
Drive D: | 75,25 Gb Total Space | 52,89 Gb Free Space | 70,28% Space Free | Partition Type: NTFS
 
Computer Name: HOME | User Name: SZYMAN | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2013-08-21 06:33:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SZYMAN\Moje dokumenty\Pobieranie\OTL.exe
PRC - [2013-08-20 21:44:03 | 000,831,488 | ---- | M] () -- C:\WINDOWS\vsnpstd3.exe
PRC - [2013-08-20 21:41:11 | 000,020,480 | ---- | M] () -- C:\WINDOWS\FixCamera.exe
PRC - [2013-07-25 02:49:49 | 000,846,288 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013-06-29 13:50:22 | 000,182,184 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013-06-28 14:02:04 | 001,440,080 | ---- | M] (LogMeIn Inc.) -- D:\programs\hamahi\hamachi-2.exe
PRC - [2013-05-22 14:48:40 | 000,740,712 | ---- | M] (Spigot, Inc.) -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Search Protection\SearchProtection.exe
PRC - [2013-05-15 15:20:24 | 000,747,096 | ---- | M] (Bitdefender) -- C:\Program Files\Common Files\Bitdefender\setupinformation\downloader\setupdownloader.exe
PRC - [2013-05-09 10:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013-01-05 05:43:57 | 000,917,552 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012-05-15 18:18:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2013-08-20 21:44:03 | 000,831,488 | ---- | M] () -- C:\WINDOWS\vsnpstd3.exe
MOD - [2013-08-20 21:41:11 | 000,020,480 | ---- | M] () -- C:\WINDOWS\FixCamera.exe
MOD - [2013-07-25 02:49:46 | 000,396,240 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\28.0.1500.95\ppgooglenaclpluginchrome.dll
MOD - [2013-07-25 02:49:44 | 004,052,944 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\28.0.1500.95\pdf.dll
MOD - [2013-07-25 02:48:51 | 001,597,392 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\28.0.1500.95\ffmpegsumo.dll
MOD - [2013-07-10 14:57:34 | 016,166,280 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll
MOD - [2013-01-05 05:44:13 | 003,021,872 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012-04-27 16:08:08 | 000,093,040 | ---- | M] () -- C:\Program Files\Common Files\Bitdefender\setupinformation\downloader\bdmetrics.dll
MOD - [2008-04-14 22:50:38 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - [2013-07-10 14:57:35 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013-06-29 13:50:22 | 000,182,184 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013-06-28 14:02:04 | 001,440,080 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- D:\programs\hamahi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2013-06-03 16:21:54 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013-01-05 05:44:06 | 000,115,760 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-05-15 18:18:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2011-03-16 10:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\fasfasf\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ojlgmn.sys -- (amsint32)
DRV - [2010-11-01 06:08:46 | 000,014,416 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys -- (WinRing0_1_2_0)
DRV - [2009-03-18 18:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2007-04-24 16:28:52 | 010,252,672 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snpstd3.sys -- (SNPSTD3)
DRV - [2005-05-25 18:55:58 | 003,134,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2005-05-06 08:27:00 | 000,232,064 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2004-08-14 04:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://en.v9.com/?utm_source=b&utm_medium=update&from=update&uid=HitachiXHDS721616PLA380_PVC300Z2TSNAKJTSNAKJX&ts=1369916089
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-2025429265-651377827-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://en.v9.com/?utm_source=b&utm_medium=update&from=update&uid=HitachiXHDS721616PLA380_PVC300Z2TSNAKJTSNAKJX&ts=1369916089
IE - HKU\S-1-5-21-2025429265-651377827-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.order.1: "delta-homes"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=512435"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://en.v9.com/?utm_source=b&utm_medium=update&from=update&uid=HitachiXHDS721616PLA380_PVC300Z2TSNAKJTSNAKJX&ts=1369916089"
FF - prefs.js..extensions.enabledAddons: battlefieldplay4free%40ea.com:1.0.96.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=512435&p="
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013-05-20 15:20:53 | 000,000,000 | ---D | M]
 
[2013-05-20 15:21:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Mozilla\Extensions
[2013-08-18 18:22:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Mozilla\Firefox\Profiles\rnx29h1o.default\extensions
[2013-08-18 18:22:46 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Mozilla\Firefox\Profiles\rnx29h1o.default\extensions\battlefieldplay4free@ea.com
[2013-07-10 15:45:10 | 000,000,915 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Mozilla\Firefox\Profiles\rnx29h1o.default\searchplugins\yahoo.xml
[2013-05-20 15:20:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013-01-05 05:44:54 | 000,262,704 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013-01-05 17:46:00 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2013-07-10 15:45:10 | 000,000,787 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\delta-homes.xml
[2013-01-05 17:46:01 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2013-01-05 17:46:01 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2013-01-05 17:46:01 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2013-05-30 14:14:51 | 000,000,733 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\v9.xml
[2013-01-05 17:46:01 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2013-01-05 17:46:00 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = https://www.google.com/search?q={searchTerms}&ie=utf-8&oe=utf-8&aq=t&q={searchTerms}&ie=utf-8&oe=utf-8&aq=t&channel=fflb&q={searchTerms}&ie=utf-8&oe=utf-8&aq=t&channel=rcs
CHR - default_search_provider: suggest_url = https://www.google.com/complete/search?q={searchTerms},
CHR - homepage: http://google.pl/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.95\pdf.dll
CHR - plugin: Battlefield Play4Free Updater (Enabled) = C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh\1.0.96.0_0\npBP4FUpdater.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U25 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll
CHR - Extension: Dokumenty Google = C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Dysk Google = C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Battlefield Heroes = C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh\5.0.203.0_0\
CHR - Extension: Szukaj w Google = C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Dragon Ball Z Goku = C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\dlddadblackokbbanbihkhhkgdodniee\1_0\
CHR - Extension: Stylish = C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe\1.2_0\
CHR - Extension: Battlefield Play4Free = C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh\1.0.96.0_0\
CHR - Extension: Bitdefender QuickScan = C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.131_0\
CHR - Extension: Gmail = C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2013-08-20 22:19:00 | 000,000,025 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\SZYMAN\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)
O4 - HKLM..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKLM..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe ()
O4 - HKLM..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe (SONIX)
O4 - HKU\S-1-5-21-2025429265-651377827-839522115-1003..\Run: [SearchProtection] C:\Documents and Settings\SZYMAN\Dane aplikacji\Search Protection\SearchProtection.EXE (Spigot, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2025429265-651377827-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2025429265-651377827-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-2025429265-651377827-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-2025429265-651377827-839522115-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2025429265-651377827-839522115-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in Zaufane witryny)
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in Zaufane witryny)
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in Zaufane witryny)
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in Zaufane witryny)
O15 - HKU\S-1-5-21-2025429265-651377827-839522115-1003\..Trusted Domains: clonewarsadventures.com ([]* in Zaufane witryny)
O15 - HKU\S-1-5-21-2025429265-651377827-839522115-1003\..Trusted Domains: freerealms.com ([]* in Zaufane witryny)
O15 - HKU\S-1-5-21-2025429265-651377827-839522115-1003\..Trusted Domains: soe.com ([]* in Zaufane witryny)
O15 - HKU\S-1-5-21-2025429265-651377827-839522115-1003\..Trusted Domains: sony.com ([]* in Zaufane witryny)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B31B83DC-DA2D-4FC2-AD24-26A4901E7A46}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013-05-20 15:03:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2013-08-21 06:36:21 | 000,000,000 | ---D | C] -- C:\_OTL
[2013-08-20 21:58:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Process Hacker 2
[2013-08-20 21:29:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bitdefender
[2013-08-20 20:52:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\Kopia PokeDestiny
[2013-08-20 20:45:12 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013-08-20 20:45:12 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013-08-20 20:45:12 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013-08-20 20:45:12 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013-08-20 20:44:10 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013-08-20 20:43:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\SZYMAN\Menu Start\Programy\Narzędzia administracyjne
[2013-08-20 20:43:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\SZYMAN\Moje dokumenty\Moje wideo
[2013-08-20 20:42:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013-08-19 19:10:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\Spy++
[2013-08-19 18:11:42 | 020,791,627 | ---- | C] (DBMW Team) -- C:\Documents and Settings\SZYMAN\Pulpit\Dragon Ball Mysterious World v1.0.exe
[2013-08-19 12:38:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Pokeing
[2013-08-19 12:26:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\Pokemon-Sapphire-Client
[2013-08-18 20:05:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\DBL_1.89.7_test_v1.1
[2013-08-18 11:46:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Sony Online Entertainment
[2013-08-18 11:46:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\SCE
[2013-08-18 11:27:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2013-08-17 22:55:21 | 000,015,227 | ---- | C] (Wookash) -- C:\Program Files\Common Files\logonInit.dll
[2013-08-17 12:46:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\APARAT
[2013-08-17 11:58:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\GituSpamerV2
[2013-08-16 18:58:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\.minecraft_pixelmon.pl
[2013-08-16 18:58:09 | 003,422,750 | ---- | C] (Pixelmon.pl Pokemon Serwer) -- C:\Documents and Settings\SZYMAN\Pulpit\Pixelmon.exe
[2013-08-16 18:44:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\PokemonOnline.v.1.6
[2013-08-16 18:26:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Pokes
[2013-08-16 16:20:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\AdvTOR INJECTION
[2013-08-15 16:38:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\DatEditor by Daemon
[2013-08-15 16:37:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\Pokemon Conquest Klient
[2013-08-14 11:26:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Asprate
[2013-08-14 11:26:11 | 000,000,000 | ---D | C] -- C:\Program Files\Asprate
[2013-08-14 11:12:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\Poke by Bolz v3
[2013-08-12 20:03:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\PunkBuster
[2013-08-12 20:01:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Moje dokumenty\Battlefield Play4Free
[2013-08-12 19:59:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Menu Start\Programy\EA Games
[2013-08-12 17:44:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\PokeLife Client
[2013-08-12 14:59:09 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\SZYMAN\Recent
[2013-08-12 14:57:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\CCleaner
[2013-08-12 14:57:35 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013-08-11 11:51:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\poke dodac
[2013-08-10 18:04:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Help
[2013-08-10 18:04:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Help
[2013-08-10 16:40:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\Tasker
[2013-08-09 23:01:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\OTClient PokeXCath
[2013-08-09 19:09:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Game Booster 3
[2013-08-09 19:09:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\IObit
[2013-08-09 19:08:59 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2013-08-09 17:31:03 | 009,211,736 | ---- | C] (Martin Prikryl) -- C:\Documents and Settings\SZYMAN\Pulpit\WinSCP.exe
[2013-08-09 16:32:27 | 000,495,616 | ---- | C] (Simon Tatham) -- C:\Documents and Settings\SZYMAN\Pulpit\putty.exe
[2013-08-08 16:37:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Moje dokumenty\DeadIsland
[2013-08-08 16:32:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Menu Start\Programy\Steam
[2013-08-08 16:08:53 | 000,000,000 | ---D | C] -- C:\Program Files\dumps
[2013-08-08 16:08:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2013-08-08 16:08:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Steam
[2013-08-08 16:08:14 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2013-08-08 16:06:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2013-08-08 16:06:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2013-08-08 16:05:32 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_7.dll
[2013-08-08 16:05:32 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_5.dll
[2013-08-08 16:05:31 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_43.dll
[2013-08-08 16:05:31 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_7.dll
[2013-08-08 16:05:30 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_43.dll
[2013-08-08 16:05:29 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_43.dll
[2013-08-08 16:05:29 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_43.dll
[2013-08-08 16:05:28 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_43.dll
[2013-08-08 16:05:27 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_6.dll
[2013-08-08 16:05:27 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_6.dll
[2013-08-08 16:05:27 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_4.dll
[2013-08-08 16:05:26 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll
[2013-08-08 16:05:26 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_7.dll
[2013-08-08 16:05:25 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll
[2013-08-08 16:05:25 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll
[2013-08-08 16:05:24 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll
[2013-08-08 16:05:24 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll
[2013-08-08 16:05:23 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll
[2013-08-08 16:05:23 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_42.dll
[2013-08-08 16:05:22 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll
[2013-08-08 16:05:22 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll
[2013-08-08 16:05:21 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll
[2013-08-08 16:05:21 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll
[2013-08-08 16:05:20 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll
[2013-08-08 16:05:20 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll
[2013-08-08 16:05:19 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_40.dll
[2013-08-08 16:05:19 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_40.dll
[2013-08-08 16:05:19 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll
[2013-08-08 16:05:18 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_40.dll
[2013-08-08 16:05:17 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll
[2013-08-08 16:05:17 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll
[2013-08-08 16:05:17 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll
[2013-08-08 16:05:17 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll
[2013-08-08 16:05:16 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll
[2013-08-08 16:05:14 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll
[2013-08-08 16:05:14 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll
[2013-08-08 16:05:13 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll
[2013-08-08 16:05:12 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll
[2013-08-08 16:05:11 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll
[2013-08-08 16:05:11 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll
[2013-08-08 16:05:10 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll
[2013-08-08 16:05:10 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll
[2013-08-08 16:05:09 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll
[2013-08-08 16:05:09 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll
[2013-08-08 16:05:08 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll
[2013-08-08 16:05:08 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll
[2013-08-08 16:05:08 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll
[2013-08-08 16:05:07 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll
[2013-08-08 16:05:06 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll
[2013-08-08 16:05:06 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll
[2013-08-08 16:05:05 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll
[2013-08-08 16:05:05 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll
[2013-08-08 16:05:04 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll
[2013-08-08 16:05:04 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll
[2013-08-08 16:05:03 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll
[2013-08-08 16:05:02 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll
[2013-08-08 16:05:02 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll
[2013-08-08 16:05:02 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll
[2013-08-08 16:05:02 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll
[2013-08-08 16:05:01 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll
[2013-08-08 16:05:01 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_3.dll
[2013-08-08 16:04:59 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll
[2013-08-08 16:04:57 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll
[2013-08-08 16:04:57 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll
[2013-08-08 16:04:54 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll
[2013-08-08 16:04:54 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll
[2013-08-08 16:04:53 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll
[2013-08-08 16:04:53 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll
[2013-08-08 16:04:52 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll
[2013-08-08 16:04:52 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll
[2013-08-08 16:04:52 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll
[2013-08-08 16:04:51 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll
[2013-08-08 16:04:51 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll
[2013-08-08 16:04:51 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll
[2013-08-08 16:04:50 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll
[2013-08-08 16:04:50 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll
[2013-08-08 16:04:41 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll
[2013-08-08 16:04:40 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll
[2013-08-08 16:04:40 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll
[2013-08-08 16:04:39 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll
[2013-08-08 16:04:38 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_28.dll
[2013-08-08 16:04:38 | 000,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll
[2013-08-08 16:04:37 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll
[2013-08-08 16:04:37 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll
[2013-08-08 16:04:36 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_25.dll
[2013-08-08 16:04:35 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll
[2013-08-08 09:07:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Menu Start\Programy\VALVe
[2013-08-07 14:00:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\DBKH 4.0
[2013-08-07 13:58:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\Desktop
[2013-08-06 12:36:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Counter-Strike 1.6
[2013-08-06 12:27:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Menu Start\Programy\Earth's Special Forces
[2013-08-04 13:10:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\Silnik DBKO source (8.0)
[2013-08-03 22:16:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\WoDB
[2013-08-03 21:28:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\dbkos
[2013-08-03 13:52:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\WoDB Beta
[2013-08-02 21:44:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\rybki
[2013-08-01 21:52:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2013-08-01 18:17:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\LolClient
[2013-08-01 14:06:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\League of Legends
[2013-08-01 13:32:24 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_2.dll
[2013-08-01 13:32:24 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_1.dll
[2013-08-01 13:32:21 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll
[2013-08-01 13:32:21 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll
[2013-08-01 13:32:14 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_39.dll
[2013-08-01 13:31:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2013-08-01 13:31:57 | 000,000,000 | -HSD | C] -- C:\WINDOWS\System32\AI_RecycleBin
[2013-08-01 13:31:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Riot Games
[2013-07-31 22:16:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\Pokemon OTS
[2013-07-28 20:25:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\mapa poke
[2013-07-27 09:32:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\pxgclient
[2013-07-26 23:17:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\PxGClient
[2013-07-26 23:01:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\.minecraft
[2013-07-25 15:34:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\otsmateria
[2013-07-25 11:32:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\NooBwar_8.6
[2013-07-24 12:20:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\Mystera_4.2
[2013-07-23 20:59:34 | 021,269,058 | ---- | C] (Vultur GmbH) -- C:\Documents and Settings\SZYMAN\Pulpit\DBP 2.35.exe
[2013-07-22 22:18:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\otclient
[2013-07-22 22:17:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\Pokemon OTClient
[2013-07-22 21:58:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\Pokemon Slash 2.0
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2013-08-21 06:28:42 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013-08-21 06:28:42 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\Game_Booster_AutoUpdate.job
[2013-08-21 06:28:34 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013-08-21 00:13:00 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013-08-20 23:48:00 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013-08-20 22:19:00 | 000,000,025 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013-08-20 21:58:38 | 000,000,768 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\Process Hacker 2.lnk
[2013-08-20 21:44:03 | 000,831,488 | ---- | M] () -- C:\WINDOWS\vsnpstd3.exe
[2013-08-20 21:43:57 | 000,262,144 | ---- | M] (SONIX) -- C:\WINDOWS\tsnpstd3.exe
[2013-08-20 21:41:11 | 000,020,480 | ---- | M] () -- C:\WINDOWS\FixCamera.exe
[2013-08-20 21:31:27 | 020,791,627 | ---- | M] (DBMW Team) -- C:\Documents and Settings\SZYMAN\Pulpit\Dragon Ball Mysterious World v1.0.exe
[2013-08-20 21:30:42 | 000,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013-08-20 21:30:16 | 019,282,272 | ---- | M] (CipSoft GmbH) -- C:\Documents and Settings\SZYMAN\Pulpit\Bleach Warrior Online.exe
[2013-08-20 21:24:44 | 000,164,134 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\salitykiller.zip
[2013-08-20 20:42:06 | 000,000,174 | ---- | M] () -- C:\Fix.reg
[2013-08-20 14:35:29 | 000,139,424 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2013-08-20 14:35:23 | 000,282,104 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2013-08-19 21:04:03 | 000,122,783 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\Obraz.png
[2013-08-19 19:06:56 | 000,627,104 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\Spy++.rar
[2013-08-19 10:05:43 | 007,723,222 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\WoDB.rar
[2013-08-19 09:44:13 | 001,095,054 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\dasd.bmp
[2013-08-18 19:57:18 | 000,182,571 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Moje dokumenty\logo dbleague.xcf
[2013-08-18 19:57:18 | 000,022,936 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\recently-used.xbel
[2013-08-18 14:43:45 | 000,282,104 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.ex0
[2013-08-18 12:20:21 | 000,000,576 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\hehe.html
[2013-08-18 12:13:37 | 000,346,511 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\dbmw skin (1).rar
[2013-08-17 22:32:23 | 015,575,222 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\Wander of Shinobi.exe
[2013-08-17 13:49:00 | 000,399,360 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\NoxSpr.exe
[2013-08-17 12:49:05 | 000,008,192 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013-08-17 10:51:17 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013-08-16 18:58:17 | 003,422,750 | ---- | M] (Pixelmon.pl Pokemon Serwer) -- C:\Documents and Settings\SZYMAN\Pulpit\Pixelmon.exe
[2013-08-16 16:23:27 | 000,577,536 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\Tibia Spambot by IgI.exe
[2013-08-16 15:00:06 | 002,245,479 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\Hacked MUSIC.mp3
[2013-08-16 14:57:21 | 000,001,380 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\index.html
[2013-08-16 13:13:18 | 000,345,142 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\ZAPŁACIĆ.bmp
[2013-08-14 11:26:13 | 000,001,838 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Tibia MULTI-IP Changer.lnk
[2013-08-13 14:08:08 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2013-08-13 14:08:07 | 001,075,544 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2013-08-13 14:08:01 | 001,075,544 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2013-08-13 13:29:38 | 000,000,586 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\PokeXGame.lnk
[2013-08-13 13:29:16 | 000,000,863 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\Dead Island.lnk
[2013-08-13 13:28:44 | 000,000,804 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\Counter Strike Source.lnk
[2013-08-13 10:13:22 | 000,000,551 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\BattleField Play4Free.lnk
[2013-08-12 20:00:15 | 000,138,056 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Dane aplikacji\PnkBstrK.sys
[2013-08-12 15:15:49 | 000,055,474 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Moje dokumenty\cc_20130812_151527.reg
[2013-08-12 14:57:39 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\CCleaner.lnk
[2013-08-10 11:42:03 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\PUTTY.RND
[2013-08-09 22:20:29 | 029,566,306 | ---- | M] (CipSoft GmbH) -- C:\Documents and Settings\SZYMAN\Pulpit\SoFo.exe
[2013-08-09 22:08:36 | 000,011,902 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\WinSCP.ini
[2013-08-09 22:08:36 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Dane aplikacji\winscp.rnd
[2013-08-09 19:09:07 | 000,000,835 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Switch to Gaming Mode.lnk
[2013-08-09 19:09:07 | 000,000,823 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Game Booster 3.lnk
[2013-08-09 16:32:27 | 000,495,616 | ---- | M] (Simon Tatham) -- C:\Documents and Settings\SZYMAN\Pulpit\putty.exe
[2013-08-09 13:28:53 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2013-08-08 16:08:22 | 000,000,664 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Steam.lnk
[2013-08-08 16:07:43 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2013-08-08 16:06:27 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2013-08-07 23:34:00 | 000,000,652 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\zrobic.otbm
[2013-08-07 23:34:00 | 000,000,049 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\zrobic-spawn.xml
[2013-08-07 23:34:00 | 000,000,049 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\zrobic-house.xml
[2013-08-07 14:41:07 | 000,006,574 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\Bez nazwy.xcf
[2013-08-07 14:02:25 | 000,003,126 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\heh.bmp
[2013-08-06 13:19:43 | 000,002,281 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\swirus.bbtheme
[2013-08-06 13:17:40 | 000,002,281 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\worldofdb-actual-20130806.bbtheme
[2013-08-06 12:36:35 | 000,000,613 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Counter-Strike 1.6.lnk
[2013-08-05 13:56:41 | 000,147,983 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\vocations.xml
[2013-08-03 14:09:09 | 020,926,082 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\evorpg.otbm
[2013-08-03 14:09:09 | 000,006,079 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\evorpg-house.xml
[2013-08-03 14:09:09 | 000,000,049 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\evorpg-spawn.xml
[2013-08-02 22:35:45 | 000,291,083 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\wodb].png
[2013-08-02 22:30:34 | 000,034,990 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\logo.png
[2013-08-02 12:55:37 | 010,242,002 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\WoDB Beta.exe
[2013-08-02 09:12:07 | 104,438,596 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\b3liar mix vol.8.mp3
[2013-08-01 18:01:40 | 000,498,307 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\pokedestiny.rar
[2013-08-01 14:06:32 | 000,001,371 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\League of Legends.lnk
[2013-08-01 10:26:11 | 000,000,728 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\Counter-Strike GROM.lnk
[2013-08-01 10:21:52 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk
[2013-07-30 18:15:11 | 001,418,239 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Moje dokumenty\mapa poke(1).rar
[2013-07-29 13:09:18 | 000,002,165 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Moje dokumenty\inventory.lua
[2013-07-29 12:44:28 | 009,211,736 | ---- | M] (Martin Prikryl) -- C:\Documents and Settings\SZYMAN\Pulpit\WinSCP.exe
[2013-07-28 21:30:05 | 003,969,727 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\TibiaDatEditor8.70.rar
[2013-07-28 20:24:56 | 001,201,038 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Moje dokumenty\mapa poke.rar
[2013-07-27 09:31:45 | 080,412,598 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\things.spr
[2013-07-27 09:31:43 | 000,457,304 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\things.dat
[2013-07-27 08:58:45 | 001,104,102 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\MAPA SMOKI.bmp
[2013-07-26 23:18:23 | 000,675,988 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\Minecraft.exe
[2013-07-26 14:56:33 | 000,137,135 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\for sedron.gif
[2013-07-25 22:10:44 | 000,369,094 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\MAPA.bmp
[2013-07-24 12:19:01 | 004,933,873 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\Mystera_4.2.rar
[2013-07-23 21:09:02 | 021,269,058 | ---- | M] (Vultur GmbH) -- C:\Documents and Settings\SZYMAN\Pulpit\DBP 2.35.exe
[2013-07-22 21:56:30 | 034,517,228 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\Pokemon Slash 2.0.rar
[2013-07-22 11:51:07 | 000,272,576 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013-08-20 21:58:38 | 000,000,768 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\Process Hacker 2.lnk
[2013-08-20 21:24:43 | 000,164,134 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\salitykiller.zip
[2013-08-20 20:45:12 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013-08-20 20:45:12 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013-08-20 20:45:12 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013-08-20 20:45:12 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013-08-20 20:45:12 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013-08-20 20:42:06 | 000,000,174 | ---- | C] () -- C:\Fix.reg
[2013-08-19 23:13:06 | 000,122,783 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\Obraz.png
[2013-08-19 19:06:53 | 000,627,104 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\Spy++.rar
[2013-08-19 09:44:13 | 001,095,054 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\dasd.bmp
[2013-08-18 19:57:18 | 000,182,571 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Moje dokumenty\logo dbleague.xcf
[2013-08-18 19:57:18 | 000,022,936 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\recently-used.xbel
[2013-08-18 12:13:36 | 000,346,511 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\dbmw skin (1).rar
[2013-08-18 11:45:03 | 000,000,632 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Menu Start\Programy\DC Universe Online PSG.lnk
[2013-08-17 22:31:26 | 015,575,222 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\Wander of Shinobi.exe
[2013-08-17 13:48:45 | 000,399,360 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\NoxSpr.exe
[2013-08-16 16:23:21 | 000,577,536 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\Tibia Spambot by IgI.exe
[2013-08-16 13:13:17 | 000,345,142 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\ZAPŁACIĆ.bmp
[2013-08-14 11:26:13 | 000,001,838 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Tibia MULTI-IP Changer.lnk
[2013-08-13 13:29:38 | 000,000,586 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\PokeXGame.lnk
[2013-08-13 13:29:16 | 000,000,863 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\Dead Island.lnk
[2013-08-13 10:13:22 | 000,000,551 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\BattleField Play4Free.lnk
[2013-08-12 20:13:27 | 000,282,104 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2013-08-12 20:00:16 | 000,139,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2013-08-12 20:00:15 | 000,138,056 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Dane aplikacji\PnkBstrK.sys
[2013-08-12 20:00:01 | 000,282,104 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2013-08-12 20:00:01 | 000,282,104 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.ex0
[2013-08-12 19:59:58 | 000,076,888 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2013-08-12 15:15:31 | 000,055,474 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Moje dokumenty\cc_20130812_151527.reg
[2013-08-12 14:57:39 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\CCleaner.lnk
[2013-08-10 15:51:30 | 000,001,371 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\League of Legends.lnk
[2013-08-09 21:24:43 | 000,011,902 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\WinSCP.ini
[2013-08-09 19:09:21 | 000,000,280 | ---- | C] () -- C:\WINDOWS\tasks\Game_Booster_AutoUpdate.job
[2013-08-09 19:09:07 | 000,000,835 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Switch to Gaming Mode.lnk
[2013-08-09 19:09:07 | 000,000,823 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Game Booster 3.lnk
[2013-08-09 17:30:51 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Dane aplikacji\winscp.rnd
[2013-08-09 16:32:35 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\PUTTY.RND
[2013-08-08 20:43:39 | 000,000,804 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\Counter Strike Source.lnk
[2013-08-08 16:08:22 | 000,000,664 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Steam.lnk
[2013-08-08 16:06:27 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2013-08-07 23:34:00 | 000,000,652 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\zrobic.otbm
[2013-08-07 23:34:00 | 000,000,049 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\zrobic-spawn.xml
[2013-08-07 23:34:00 | 000,000,049 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\zrobic-house.xml
[2013-08-07 14:41:07 | 000,006,574 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\Bez nazwy.xcf
[2013-08-07 14:02:25 | 000,003,126 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\heh.bmp
[2013-08-06 13:18:28 | 000,002,281 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\swirus.bbtheme
[2013-08-06 13:16:25 | 000,002,281 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\worldofdb-actual-20130806.bbtheme
[2013-08-06 12:36:35 | 000,000,613 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Counter-Strike 1.6.lnk
[2013-08-05 13:57:59 | 000,147,983 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\vocations.xml
[2013-08-03 14:09:09 | 000,006,079 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\evorpg-house.xml
[2013-08-03 14:09:09 | 000,000,049 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\evorpg-spawn.xml
[2013-08-03 13:12:14 | 020,926,082 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\evorpg.otbm
[2013-08-03 11:16:26 | 007,723,222 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\WoDB.rar
[2013-08-02 22:35:44 | 000,291,083 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\wodb].png
[2013-08-02 22:30:34 | 000,034,990 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\logo.png
[2013-08-02 12:55:09 | 010,242,002 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\WoDB Beta.exe
[2013-08-02 09:08:31 | 104,438,596 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\b3liar mix vol.8.mp3
[2013-08-01 18:01:40 | 000,498,307 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\pokedestiny.rar
[2013-08-01 10:26:11 | 000,000,728 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\Counter-Strike GROM.lnk
[2013-07-30 18:14:27 | 001,418,239 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Moje dokumenty\mapa poke(1).rar
[2013-07-29 13:09:04 | 000,002,165 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Moje dokumenty\inventory.lua
[2013-07-28 21:28:37 | 003,969,727 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\TibiaDatEditor8.70.rar
[2013-07-28 20:24:15 | 001,201,038 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Moje dokumenty\mapa poke.rar
[2013-07-27 09:33:21 | 000,457,304 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\things.dat
[2013-07-27 09:33:20 | 080,412,598 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\things.spr
[2013-07-26 14:56:10 | 000,137,135 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\for sedron.gif
[2013-07-25 19:09:21 | 001,104,102 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\MAPA SMOKI.bmp
[2013-07-25 17:31:43 | 000,369,094 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\MAPA.bmp
[2013-07-24 12:15:41 | 004,933,873 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\Mystera_4.2.rar
[2013-07-22 22:51:38 | 001,271,460 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\MoleBox Pro 2.6.4.2534.exe
[2013-07-22 21:43:35 | 034,517,228 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\Pokemon Slash 2.0.rar
[2013-07-22 12:24:36 | 000,000,576 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\hehe.html
[2013-07-10 17:55:11 | 000,000,694 | ---- | C] () -- C:\Documents and Settings\SZYMAN\.jscreenfix.licence
[2013-07-01 18:26:20 | 000,008,192 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013-06-27 08:09:17 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSnx.sys.sum
[2013-06-27 08:09:16 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSP.sys.sum
[2013-06-25 13:15:18 | 000,000,067 | ---- | C] () -- C:\Documents and Settings\SZYMAN\.gtk-bookmarks
[2013-06-11 17:42:49 | 000,020,480 | ---- | C] () -- C:\WINDOWS\FixCamera.exe
[2013-06-11 17:42:47 | 000,831,488 | ---- | C] () -- C:\WINDOWS\vsnpstd3.exe
[2013-06-11 17:42:47 | 000,015,498 | ---- | C] () -- C:\WINDOWS\snpstd3.ini
[2013-06-11 17:42:45 | 000,172,032 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd3.dll
[2013-06-11 17:42:45 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll
[2013-06-11 17:42:45 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll
[2013-06-11 17:42:45 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\csnpstd3.dll
[2013-06-09 09:17:32 | 001,867,776 | ---- | C] () -- C:\WINDOWS\System32\python24.dll
[2013-05-20 16:54:47 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2013-05-20 16:53:51 | 000,272,576 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013-05-20 15:52:25 | 001,075,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2013-05-20 15:52:25 | 001,075,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2013-05-20 15:52:25 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2013-05-20 15:52:14 | 002,807,708 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2013-05-20 15:09:19 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2013-05-20 15:09:19 | 000,040,960 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2013-05-20 15:08:00 | 000,024,399 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2013-05-20 15:07:58 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2013-05-20 15:07:53 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2013-05-20 15:04:51 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013-05-20 15:00:23 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2013-05-23 19:06:20 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008-04-14 22:50:48 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2008-04-14 22:50:32 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008-04-14 22:50:58 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2013-05-20 15:51:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software
[2013-08-20 20:34:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\eSafe
[2013-06-20 19:53:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\GG
[2013-08-09 19:09:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\IObit
[2013-05-25 20:49:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Logs
[2013-08-01 18:06:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PMB Files
[2013-08-01 11:30:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\.minecraft
[2013-08-16 23:17:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\.minecraft_pixelmon.pl
[2013-06-23 18:40:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\.technic
[2013-06-01 10:29:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\BlWrO
[2013-06-15 13:08:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\DBV
[2013-06-09 20:59:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\DBzF1
[2013-05-30 14:20:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\DealPly
[2013-05-22 20:54:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Dev-Cpp
[2013-05-21 17:37:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\eDownload
[2013-05-30 14:03:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\eIntaller
[2013-06-23 14:19:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\GG
[2013-08-01 18:17:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\LolClient
[2013-06-20 13:59:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\LoS
[2013-08-03 15:43:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Nowe Gadu-Gadu
[2013-08-19 12:40:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Pokeing
[2013-08-16 18:32:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Pokes
[2013-08-20 22:12:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Process Hacker 2
[2013-06-18 17:14:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\pverb
[2013-08-12 13:27:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Remere's Map Editor
[2013-08-01 14:07:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Riot Games
[2013-06-08 19:54:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Search Protection
[2013-08-18 11:47:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Sony Online Entertainment
[2013-08-20 17:04:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\sqlitestudio
[2013-05-24 14:50:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\TeamViewer
[2013-08-20 18:28:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Tibia
[2013-08-18 18:59:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\TS3Client
[2013-08-12 15:07:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\uTorrent
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >

 

extras.txt

OTL Extras logfile created on: 2013-08-21 06:38:06 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\SZYMAN\Moje dokumenty\Pobieranie
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
3,00 Gb Total Physical Memory | 2,22 Gb Available Physical Memory | 73,92% Memory free
4,85 Gb Paging File | 4,21 Gb Available in Paging File | 86,91% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 78,13 Gb Total Space | 58,62 Gb Free Space | 75,03% Space Free | Partition Type: NTFS
Drive D: | 75,25 Gb Total Space | 52,89 Gb Free Space | 70,28% Space Free | Partition Type: NTFS
 
Computer Name: HOME | User Name: SZYMAN | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
 
[HKEY_USERS\S-1-5-21-2025429265-651377827-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"UacDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"FirewallOverride" = 0
"UpdatesDisableNotify" = 0
"UacDisableNotify" = 0
 
[color=#E56717]========== System Restore Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"56676:TCP" = 56676:TCP:*:Enabled:Pando Media Booster
"56676:UDP" = 56676:UDP:*:Enabled:Pando Media Booster
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"56676:TCP" = 56676:TCP:*:Enabled:Pando Media Booster
"56676:UDP" = 56676:UDP:*:Enabled:Pando Media Booster
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe" = C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare -- (MusicLab, LLC)
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" = C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Documents and Settings\SZYMAN\Pulpit\TFS NOB\TheForgottenServer.exe" = C:\Documents and Settings\SZYMAN\Pulpit\TFS NOB\TheForgottenServer.exe:*:Enabled:The Forgotten Server -- (OtLand.net)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Documents and Settings\SZYMAN\Pulpit\Tibia Counter STrike\[CSTibia] 1.0 by Roksas - CLIENTE + SERVIDOR\TheForgottenServerV8.2 32bit.exe" = C:\Documents and Settings\SZYMAN\Pulpit\Tibia Counter STrike\[CSTibia] 1.0 by Roksas - CLIENTE + SERVIDOR\TheForgottenServerV8.2 32bit.exe:*:Enabled:The Forgotten Server -- (OtLand.net)
"C:\Documents and Settings\SZYMAN\Pulpit\Tibia Counter STrike\[CSTibia] 1.0 by Roksas - CLIENTE + SERVIDOR\TheForgottenServerV8.2 64bit.exe" = C:\Documents and Settings\SZYMAN\Pulpit\Tibia Counter STrike\[CSTibia] 1.0 by Roksas - CLIENTE + SERVIDOR\TheForgottenServerV8.2 64bit.exe:*:Enabled:The Forgotten Server -- (OtLand.net)
"D:\programs\utorrent\uTorrent.exe" = D:\programs\utorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent Inc.)
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe" = C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare -- (MusicLab, LLC)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\Java\jre7\bin\javaw.exe" = C:\Program Files\Java\jre7\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Oracle Corporation)
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Documents and Settings\SZYMAN\Pulpit\PokeDestiny\PokeDestiny_by_Swirus.exe" = C:\Documents and Settings\SZYMAN\Pulpit\PokeDestiny\PokeDestiny_by_Swirus.exe:*:Enabled:Pokemon Destiny -- (Poke-Destiny)
"D:\programs\xampplite\apache\bin\httpd.exe" = D:\programs\xampplite\apache\bin\httpd.exe:*:Enabled:Apache HTTP Server -- (Apache Software Foundation)
"D:\programs\xampplite\mysql\bin\mysqld.exe" = D:\programs\xampplite\mysql\bin\mysqld.exe:*:Enabled:The MySQL Server -- (MySQL AB)
"D:\programs\Nowe Gadu-Gadu\gg.exe" = D:\programs\Nowe Gadu-Gadu\gg.exe:*:Enabled:Nowe Gadu-Gadu
"C:\Documents and Settings\SZYMAN\Pulpit\EvoRPG by Zbizu\TheOTXServer.exe" = C:\Documents and Settings\SZYMAN\Pulpit\EvoRPG by Zbizu\TheOTXServer.exe:*:Enabled:TheOTXServer -- ()
"C:\Documents and Settings\All Users\Dane aplikacji\eSafe\eGdpSvc.exe" = C:\Documents and Settings\All Users\Dane aplikacji\eSafe\eGdpSvc.exe:*:Enabled:WsysSvc -- (Wsys Co., Ltd.)
"C:\Documents and Settings\SZYMAN\Pulpit\Pokemon Slash 2.0\Pokemon Slash 2.0\PokeDestiny_by_Swirus.exe" = C:\Documents and Settings\SZYMAN\Pulpit\Pokemon Slash 2.0\Pokemon Slash 2.0\PokeDestiny_by_Swirus.exe:*:Enabled:Pokemon Destiny -- (Poke-Destiny)
"D:\games\Counter Strike Online 1.6\cstrike.exe" = D:\games\Counter Strike Online 1.6\cstrike.exe:*:Enabled:MetaHook Launcher -- ()
"C:\Documents and Settings\SZYMAN\Pulpit\WoDB\TheForgottenServer.exe" = C:\Documents and Settings\SZYMAN\Pulpit\WoDB\TheForgottenServer.exe:*:Enabled:The Forgotten Server -- (OtLand.net)
"C:\Documents and Settings\SZYMAN\Pulpit\DBLW 8.54\TheForgottenServer.exe" = C:\Documents and Settings\SZYMAN\Pulpit\DBLW 8.54\TheForgottenServer.exe:*:Enabled:The Forgotten Server -- (OtLand.net)
"D:\games\Counter Strike Online 1.6\hl.exe" = D:\games\Counter Strike Online 1.6\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
"D:\games\counter strike 1.6 new\hl.exe" = D:\games\counter strike 1.6 new\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
"C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"D:\games\SteamLibrary\SteamApps\common\Dead Island\DeadIslandGame.exe" = D:\games\SteamLibrary\SteamApps\common\Dead Island\DeadIslandGame.exe:*:Enabled:DeadIsland -- (Techland)
"D:\games\Counter-Strike Source\hl2.exe" = D:\games\Counter-Strike Source\hl2.exe:*:Enabled:hl2 -- ()
"C:\WINDOWS\system32\PnkBstrA.exe" = C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA -- ()
"C:\WINDOWS\system32\PnkBstrB.exe" = C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB -- ()
"D:\games\bf play4free\BFP4f.exe" = D:\games\bf play4free\BFP4f.exe:*:Enabled:BFP4f Application -- (Easy)
"C:\Documents and Settings\SZYMAN\Pulpit\Poke by Bolz v3\PDA Edited by Dandanvrb\Silnik\PO Dash World [Advanced] - GUI.exe" = C:\Documents and Settings\SZYMAN\Pulpit\Poke by Bolz v3\PDA Edited by Dandanvrb\Silnik\PO Dash World [Advanced] - GUI.exe:*:Enabled:Pokemon Dash Advanced -- (P.O.D Advanced)
"C:\Documents and Settings\SZYMAN\Pulpit\Poke by Bolz v3\PDA Edited by Bolz v3\Silnik\PO Dash World [Advanced] - GUI.exe" = C:\Documents and Settings\SZYMAN\Pulpit\Poke by Bolz v3\PDA Edited by Bolz v3\Silnik\PO Dash World [Advanced] - GUI.exe:*:Enabled:Pokemon Dash Advanced -- (P.O.D Advanced)
"C:\Program Files\Java\jre7\launch4j-tmp\Pixelmon.exe" = C:\Program Files\Java\jre7\launch4j-tmp\Pixelmon.exe:*:Enabled:Java(TM) Platform SE binary -- (Oracle Corporation)
"D:\games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.177\deploy\LoLLauncher.exe" = D:\games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.177\deploy\LoLLauncher.exe:*:Enabled:ipsec -- ()
"C:\Documents and Settings\SZYMAN\Pulpit\Dragon Ball Mysterious World v1.0.exe" = C:\Documents and Settings\SZYMAN\Pulpit\Dragon Ball Mysterious World v1.0.exe:*:Enabled:ipsec -- (DBMW Team)
"C:\WINDOWS\RTHDCPL.EXE" = C:\WINDOWS\RTHDCPL.EXE:*:Enabled:ipsec -- (Realtek Semiconductor Corp.)
"C:\Program Files\IObit\Game Booster 3\AutoUpdate.exe" = C:\Program Files\IObit\Game Booster 3\AutoUpdate.exe:*:Enabled:ipsec -- ()
"C:\fasfasf\CF29088.3XE" = C:\fasfasf\CF29088.3XE:*:Enabled:ipsec
"C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Enabled:ipsec -- (Microsoft Corporation)
 
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0ACC2993-2058-4BE7-9A92-9DCDAA9B3412}" = LogMeIn Hamachi
"{0C0FE292-E7D0-4938-AA41-E6E5F72D21BC}" = Remere's Map Editor
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.5
"{5DE67937-45D5-45E4-923C-0B7F7EC929A7}" = League of Legends
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0010-0415-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (Polish) 12
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.27
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.8.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C950420B-4182-49EA-850A-A6A2ABF06C6B}" = Marvell Miniport Driver
"{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = USB PC Camera-168
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F530C1D7-2F76-497A-934C-2C55F57BBB37}_is1" = Window Title Changer version 1.0
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Big Pack 8.4" = Big Pack 8.4
"CCleaner" = CCleaner
"Counter Strike Online 1.6 ver.1.0" = Counter Strike Online 1.6 ver.1.0
"Counter-Strike 1.6" = Counter-Strike 1.6
"CSS FULL DZ [Oct 15 2007]" = CSS FULL DZ [Oct 15 2007] v18.1
"ElfBot NG_is1" = ElfBot NG 4.1.3
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESF" = Earth's Special Forces
"Game Booster_is1" = Game Booster 3
"GIMP-2_is1" = GIMP 2.8.4
"Google Chrome" = Google Chrome
"League of Legends 3.0.1" = League of Legends
"LogMeIn Hamachi" = LogMeIn Hamachi
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 18.0 (x86 pl)" = Mozilla Firefox 18.0 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Nowe Gadu-Gadu" = Nowe Gadu-Gadu
"Process_Hacker2_is1" = Process Hacker 2.31 (r5355)
"PunkBusterSvc" = PunkBuster Services
"ResourceHacker_is1" = Resource Hacker Version 3.6.0
"screenSHU" = screenSHU - the fastest screen capture ever.
"Steam App 91310" = Dead Island
"The KMPlayer" = The KMPlayer (remove only)
"Tibia Auto" = NSIS Example2
"TMIPC" = Tibia MULTI-ip changer
"uTorrent" = µTorrent
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR 4.20 (32-bitowy)
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
 
[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]
 
[HKEY_USERS\S-1-5-21-2025429265-651377827-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{87686C21-8A15-4b4d-A3F1-11141D9BE094}" = Battlefield Play4Free (SZYMAN)
"BearShare" = BearShare
"Cs 1.6 Background Maker v3.0" = Cs 1.6 Background Maker v3.0
"Search Protection" = Search Protection
"TeamSpeak 3 Client" = TeamSpeak 3 Client
 
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 2013-07-23 03:22:02 | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd hlds.exe, wersja 4.1.1.1, moduł powodujący
 błąd hlds.exe, wersja 4.1.1.1, adres błędu 0x000061f0.
 
Error - 2013-07-24 13:29:19 | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd hl.exe, wersja 1.1.1.1, moduł powodujący
 błąd unknown, wersja 0.0.0.0, adres błędu 0x040ffa1c.
 
Error - 2013-07-24 17:07:35 | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd hl.exe, wersja 1.1.1.1, moduł powodujący
 błąd , wersja 0.0.0.0, adres błędu 0x00000000.
 
Error - 2013-07-25 11:26:09 | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd rme.exe, wersja 0.0.0.0, moduł powodujący
 błąd rme.exe, wersja 0.0.0.0, adres błędu 0x0026b2d7.
 
Error - 2013-07-25 11:30:17 | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd rme.exe, wersja 0.0.0.0, moduł powodujący
 błąd ntdll.dll, wersja 5.1.2600.5512, adres błędu 0x000109f9.
 
Error - 2013-07-29 06:29:37 | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd pokedestiny_by_swirus.exe, wersja 1.2.0.0,
 moduł powodujący błąd unknown, wersja 0.0.0.0, adres błędu 0x1381ad13.
 
Error - 2013-07-29 10:52:15 | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd pokedestiny_by_swirus.exe, wersja 1.2.0.0,
 moduł powodujący błąd pokedestiny_by_swirus.exe, wersja 1.2.0.0, adres błędu 0x0053cb1a.
 
Error - 2013-07-29 12:22:33 | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd pokedestiny_by_swirus.exe, wersja 1.2.0.0,
 moduł powodujący błąd msvcrt.dll, wersja 7.0.2600.5512, adres błędu 0x00025b61.
 
Error - 2013-07-29 12:27:42 | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd pokedestiny_by_swirus.exe, wersja 1.2.0.0,
 moduł powodujący błąd msvcrt.dll, wersja 7.0.2600.5512, adres błędu 0x00025b61.
 
Error - 2013-07-29 12:28:29 | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd pokedestiny_by_swirus.exe, wersja 1.2.0.0,
 moduł powodujący błąd pokedestiny_by_swirus.exe, wersja 1.2.0.0, adres błędu 0x0053d42a.
 
[ System Events ]
Error - 2013-08-20 15:20:01 | Computer Name = HOME | Source = Service Control Manager | ID = 7006
Description = Wywołanie ScRegSetValueExW dla Start nie powiodło się i wystąpił następujący
 błąd:   %%5.
 
Error - 2013-08-20 15:20:01 | Computer Name = HOME | Source = Service Control Manager | ID = 7006
Description = Wywołanie ScRegSetValueExW dla Start nie powiodło się i wystąpił następujący
 błąd:   %%5.
 
Error - 2013-08-20 15:20:01 | Computer Name = HOME | Source = Service Control Manager | ID = 7006
Description = Wywołanie ScRegSetValueExW dla Start nie powiodło się i wystąpił następujący
 błąd:   %%5.
 
Error - 2013-08-20 15:20:01 | Computer Name = HOME | Source = Service Control Manager | ID = 7006
Description = Wywołanie ScRegSetValueExW dla Start nie powiodło się i wystąpił następujący
 błąd:   %%5.
 
Error - 2013-08-20 15:20:02 | Computer Name = HOME | Source = Service Control Manager | ID = 7006
Description = Wywołanie ScRegSetValueExW dla Start nie powiodło się i wystąpił następujący
 błąd:   %%5.
 
Error - 2013-08-20 15:23:21 | Computer Name = HOME | Source = Service Control Manager | ID = 7006
Description = Wywołanie ScRegSetValueExW dla Start nie powiodło się i wystąpił następujący
 błąd:   %%5.
 
Error - 2013-08-20 15:23:21 | Computer Name = HOME | Source = Service Control Manager | ID = 7006
Description = Wywołanie ScRegSetValueExW dla Start nie powiodło się i wystąpił następujący
 błąd:   %%5.
 
Error - 2013-08-20 15:23:22 | Computer Name = HOME | Source = Service Control Manager | ID = 7006
Description = Wywołanie ScRegSetValueExW dla Start nie powiodło się i wystąpił następujący
 błąd:   %%5.
 
Error - 2013-08-20 15:23:22 | Computer Name = HOME | Source = Service Control Manager | ID = 7006
Description = Wywołanie ScRegSetValueExW dla Start nie powiodło się i wystąpił następujący
 błąd:   %%5.
 
Error - 2013-08-20 15:23:22 | Computer Name = HOME | Source = Service Control Manager | ID = 7006
Description = Wywołanie ScRegSetValueExW dla Start nie powiodło się i wystąpił następujący
 błąd:   %%5.
 
 
< End of report >

 

Zauwazylem, ze dzisiaj pc uruchomil sie znacznie szybciej (to chyba po tym skanowaniu salitykillerem)

Udostępnij tego posta


Odnośnik do posta
Udostępnij na stronach

W systemie były wykonywane inne działania oprócz SalityKillera. Coś było usuwane przez OTL, uruchamiany ComboFix oraz ładowany był fix do rejestru.

Co dokładnie usuwałeś przez OTL? Co zawiera się w pliku fix.reg ? Jeśli posiadasz jeszcze log z tamtego uruchomienia ComboFix, pokaż go.

Infekcja jest w pełni zakorzeniona, ale spróbujemy ją jak najszybciej usunąć. Na razie będziemy dezynfekować spod działającego systemu, jeśli się nie uda, przerzucimy się na narzędzia liveCD.

1. Do OTL w okno Własne opcje skanowania/Skrypt wklej:


:Processes
killallprocesses

:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://en.v9.com/?utm_source=b&utm_medium=update&from=update&uid=HitachiXHDS721616PLA380_PVC300Z2TSNAKJTSNAKJX&ts=1369916089
IE - HKU\S-1-5-21-2025429265-651377827-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://en.v9.com/?utm_source=b&utm_medium=update&from=update&uid=HitachiXHDS721616PLA380_PVC300Z2TSNAKJTSNAKJX&ts=1369916089
FF - prefs.js..browser.search.order.1: "delta-homes"
FF - prefs.js..browser.startup.homepage: "http://en.v9.com/?utm_source=b&utm_medium=update&from=update&uid=HitachiXHDS721616PLA380_PVC300Z2TSNAKJTSNAKJX&ts=1369916089"
[2013-07-10 15:45:10 | 000,000,787 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\delta-homes.xml
[2013-05-30 14:14:51 | 000,000,733 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\v9.xml
O4 - HKU\S-1-5-21-2025429265-651377827-839522115-1003..\Run: [SearchProtection] C:\Documents and Settings\SZYMAN\Dane aplikacji\Search Protection\SearchProtection.EXE (Spigot, Inc.)

:Files
C:\WINDOWS\system32\drivers\ojlgmn.sys
C:\Documents and Settings\SZYMAN\Dane aplikacji\Search Protection
C:\Program Files\Common Files\logonInit.dll
C:\Program Files\Common Files\userInit.dll
C:\Documents and Settings\SZYMAN\Dane aplikacji\DealPly
C:\fasfasf\CF29088.3XE

:Reg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\RTHDCPL.EXE"=-
"C:\fasfasf\CF29088.3XE"=-
"C:\WINDOWS\explorer.exe"=-

:Services
amsint32

:Commands
[emptytemp]
[Reboot]

Kliknij Wykonaj skrypt, pokaż raport.

2. Wykonaj chociaż dwa pełne skanowania SalityKillerem. Leczysz wszystkie pliki, jakie się da, tych których się nie da usuwasz.

3. Pokaż zestaw nowych logów.

 

Udostępnij tego posta


Odnośnik do posta
Udostępnij na stronach

Niechcacy po starcie systemu zamknalem to okno z logiem - gdzie moge znalezc te logi?

Nie nie usuwalem przez OTL znaczy sie jakis skrypt bralem chyba ten http://www.forumpc.pl/topic/164717-wirus-wylacza-antywirusa-i-utrudnia-prace-logi/ [link z historii] nie pamietam - moge gdzies znalezc log skryptow ktore uzywalem?

 

Chcialem tez dodac ze zainstalowalem AVG Free 2013 i zaaktualizowalem do 30dniowej wersji probnej i przeskanowalem caly pc i wykrylo 104 potencjalnie niebezpieczne watki i 79 potencjalnie niebezpieczne rootkity pousuwalo te, ktore nie byly z plikow systemowych ale troche ich zostalo ;/ to jeden z nich - czy moge znalezc jakis log textowy ze skanow avg?

qkr.png

I nie pamietam ale po umieszczeniu tu posta skanowalem sality killerem chyba 2 razy , no i teraz raz bo skoro nic nie wykrylo.

 

log combo fix w zalaczniku

 

 

"3. Pokaż zestaw nowych logów." jesli chodzi o otl no to lap w zalaczniku

 

 

Juz nic nie robie na wlasna reke [skrypty z neta/antywiry] bo pozniej nie wiem co robilem :( przepraszam za ten chaos

Udostępnij tego posta


Odnośnik do posta
Udostępnij na stronach

moge gdzies znalezc log skryptow ktore uzywalem?

 

Poszukaj plików .txt w folderze C:\_OTL .

 

Co do AVG - nigdy nie instaluj drugiego antywirusa, kiedy jeden już jest w systemie. To, co wykrył teraz, to jest składnik Avasta. Takie instalowanie prowadzi do "gryzienia" się antywirusów - jeden wykrywa składniki drugiego jako wirusy, a mogą się zdarzyć też poważniejsze konsekwencje typu zablokowanie niektórych funkcji systemu. Zdecyduj się na jeden program ochronny, drugi usuń.

 

Wykonaj ten skrypt w OTL:


:Files
C:\Documents and Settings\All Users\Dane aplikacji\eSafe
C:\Documents and Settings\SZYMAN\Dane aplikacji\eDownload
C:\Documents and Settings\SZYMAN\Dane aplikacji\eIntaller

Pokaż raport.

Wygląda na to, że będzie już w porządku, więc można odinstalować ComboFix.

Wciśnij kombinację Logo Windows + R i wklej:

"c:\documents and settings\SZYMAN\Moje dokumenty\Pobieranie\fasfasf.exe" /uninstall

Potwierdź Enterem.

Czy problem jeszcze występuje? Jeśli nie, podam kroki końcowe.

Udostępnij tego posta


Odnośnik do posta
Udostępnij na stronach

[spoiler]All processes killed
========== PROCESSES ==========
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-2025429265-651377827-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Prefs.js: "delta-homes" removed from browser.search.order.1
Prefs.js: "http://en.v9.com/?utm_source=b&utm_medium=update&from=update&uid=HitachiXHDS721616PLA380_PVC300Z2TSNAKJTSNAKJX&ts=1369916089" removed from browser.startup.homepage
C:\Program Files\Mozilla Firefox\searchplugins\delta-homes.xml moved successfully.
C:\Program Files\Mozilla Firefox\searchplugins\v9.xml moved successfully.
Registry value HKEY_USERS\S-1-5-21-2025429265-651377827-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run\\SearchProtection deleted successfully.
C:\Documents and Settings\SZYMAN\Dane aplikacji\Search Protection\SearchProtection.exe moved successfully.
========== FILES ==========
File\Folder C:\WINDOWS\system32\drivers\ojlgmn.sys not found.
C:\Documents and Settings\SZYMAN\Dane aplikacji\Search Protection folder moved successfully.
C:\Program Files\Common Files\logonInit.dll moved successfully.
File\Folder C:\Program Files\Common Files\userInit.dll not found.
C:\Documents and Settings\SZYMAN\Dane aplikacji\DealPly\UpdateProc folder moved successfully.
C:\Documents and Settings\SZYMAN\Dane aplikacji\DealPly folder moved successfully.
File\Folder C:\fasfasf\CF29088.3XE not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\RTHDCPL.EXE deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\fasfasf\CF29088.3XE deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\explorer.exe deleted successfully.
========== SERVICES/DRIVERS ==========
Service amsint32 stopped successfully!
Service amsint32 deleted successfully!
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
 
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
 
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
 
User: SZYMAN
->Temp folder emptied: 5820613 bytes
->Temporary Internet Files folder emptied: 5490254 bytes
->FireFox cache emptied: 375483257 bytes
->Google Chrome cache emptied: 191815242 bytes
->Flash cache emptied: 3806 bytes
 
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 2596 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 49234 bytes
RecycleBin emptied: 316700208 bytes
 
Total Files Cleaned = 854,00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 08222013_192431

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Temp\tmp30E.tmp not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[/spoiler]

 

Usunalem avasta i dopiero zainstalowalem AVG (dlatego ze wiekszosc ludzi z ktorymi gadalem mi go polecila)

 

log po skrypcie o ktory teraz prosiles/las

[spoiler]========== FILES ==========
C:\Documents and Settings\All Users\Dane aplikacji\eSafe\log folder moved successfully.
C:\Documents and Settings\All Users\Dane aplikacji\eSafe folder moved successfully.
C:\Documents and Settings\SZYMAN\Dane aplikacji\eDownload\skin\dl folder moved successfully.
C:\Documents and Settings\SZYMAN\Dane aplikacji\eDownload\skin folder moved successfully.
C:\Documents and Settings\SZYMAN\Dane aplikacji\eDownload\res\lang\zh folder moved successfully.
C:\Documents and Settings\SZYMAN\Dane aplikacji\eDownload\res\lang\vi folder moved successfully.
C:\Documents and Settings\SZYMAN\Dane aplikacji\eDownload\res\lang\tw folder moved successfully.
C:\Documents and Settings\SZYMAN\Dane aplikacji\eDownload\res\lang\tr folder moved successfully.
C:\Documents and Settings\SZYMAN\Dane aplikacji\eDownload\res\lang\th folder moved successfully.
C:\Documents and Settings\SZYMAN\Dane aplikacji\eDownload\res\lang\ro folder moved successfully.
C:\Documents and Settings\SZYMAN\Dane aplikacji\eDownload\res\lang\pt folder moved successfully.
C:\Documents and Settings\SZYMAN\Dane aplikacji\eDownload\res\lang\pl folder moved successfully.
C:\Documents and Settings\SZYMAN\Dane aplikacji\eDownload\res\lang\nl folder moved successfully.
C:\Documents and Settings\SZYMAN\Dane aplikacji\eDownload\res\lang\it folder moved successfully.
C:\Documents and Settings\SZYMAN\Dane aplikacji\eDownload\res\lang\fr folder moved successfully.
C:\Documents and Settings\SZYMAN\Dane aplikacji\eDownload\res\lang\es folder moved successfully.
C:\Documents and Settings\SZYMAN\Dane aplikacji\eDownload\res\lang\en folder moved successfully.
C:\Documents and Settings\SZYMAN\Dane aplikacji\eDownload\res\lang\de folder moved successfully.
C:\Documents and Settings\SZYMAN\Dane aplikacji\eDownload\res\lang\da folder moved successfully.
C:\Documents and Settings\SZYMAN\Dane aplikacji\eDownload\res\lang\ar folder moved successfully.
C:\Documents and Settings\SZYMAN\Dane aplikacji\eDownload\res\lang folder moved successfully.
C:\Documents and Settings\SZYMAN\Dane aplikacji\eDownload\res folder moved successfully.
C:\Documents and Settings\SZYMAN\Dane aplikacji\eDownload folder moved successfully.
C:\Documents and Settings\SZYMAN\Dane aplikacji\eIntaller\989F524C4F0143cd9EAF6D4015CC25D7 folder moved successfully.
C:\Documents and Settings\SZYMAN\Dane aplikacji\eIntaller\28B7BBD05150466f844EE68A921D9A8B folder moved successfully.
C:\Documents and Settings\SZYMAN\Dane aplikacji\eIntaller folder moved successfully.
 
OTL by OldTimer - Version 3.2.69.0 log created on 08242013_200502
[/spoiler]

 

combo fixa usunac? no okej gotowe ale tym ctrl+r sie nie dalo wiec usunalem recznie - bug byl taki

96nr.png

Problemu juz nie widze, komputer znacznie szybciej sie uruchamia :) Ale prosil bym jeszcze o jakis skrypt albo przejzenie logow bo filmiki nie tylko na yt jesli ogladam to mi klatkuje, wczesniej tak nie bylo. Dziekuje za wszystko :D

 

 

Udostępnij tego posta


Odnośnik do posta
Udostępnij na stronach

Pokaż jeszcze nowy log z OTL (bez Extras) - jeśli ComboFix całkiem się nie usunął, to trzeba będzie go usunąć ręcznie.

 

Ale prosil bym jeszcze o jakis skrypt albo przejzenie logow bo filmiki nie tylko na yt jesli ogladam to mi klatkuje, wczesniej tak nie bylo.

W takim razie przeglądnę nowy log, który teraz dasz i zobaczymy, co można jeszcze zrobić.

Udostępnij tego posta


Odnośnik do posta
Udostępnij na stronach

Jednak juz sobie z tym poradzilem ;d Znaczy sie na nastepny dzien juz normalnie dzialalo. Dzieki wielkie :D A te czynnosci ostateczne jakies jeszcze ;s

[spoiler]OTL logfile created on: 2013-08-27 13:43:30 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\SZYMAN\Moje dokumenty\Pobieranie
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
3,00 Gb Total Physical Memory | 1,77 Gb Available Physical Memory | 59,13% Memory free
4,85 Gb Paging File | 3,54 Gb Available in Paging File | 73,04% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 78,13 Gb Total Space | 56,90 Gb Free Space | 72,83% Space Free | Partition Type: NTFS
Drive D: | 75,25 Gb Total Space | 51,31 Gb Free Space | 68,19% Space Free | Partition Type: NTFS
 
Computer Name: HOME | User Name: SZYMAN | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013-08-22 20:49:24 | 000,276,376 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013-08-21 06:33:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SZYMAN\Moje dokumenty\Pobieranie\OTL.exe
PRC - [2013-08-20 22:12:46 | 000,029,416 | ---- | M] (Apache Software Foundation) -- D:\programs\xampplite\apache\bin\httpd.exe
PRC - [2013-08-20 21:44:03 | 000,831,488 | ---- | M] () -- C:\WINDOWS\vsnpstd3.exe
PRC - [2013-08-20 21:41:11 | 000,020,480 | ---- | M] () -- C:\WINDOWS\FixCamera.exe
PRC - [2013-08-16 05:21:43 | 000,829,392 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013-08-09 17:33:40 | 001,744,896 | ---- | M] (Don HO don.h@free.fr) -- C:\Program Files\notepad +\notepad++.exe
PRC - [2013-06-29 13:50:22 | 000,182,184 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013-06-28 14:02:04 | 001,440,080 | ---- | M] (LogMeIn Inc.) -- D:\programs\hamahi\hamachi-2.exe
PRC - [2012-12-11 03:52:44 | 003,147,384 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\programs\avg\avgui.exe
PRC - [2012-11-15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\programs\avg\avgidsagent.exe
PRC - [2012-10-30 04:59:56 | 000,726,648 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\programs\avg\avgrsx.exe
PRC - [2012-10-22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\programs\avg\avgwdsvc.exe
PRC - [2012-10-22 13:04:32 | 001,116,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\programs\avg\avgnsx.exe
PRC - [2012-10-22 13:03:46 | 000,440,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\programs\avg\avgcsrvx.exe
PRC - [2012-05-15 18:18:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2009-12-20 00:00:00 | 006,095,504 | ---- | M] (MySQL AB) -- D:\programs\xampplite\mysql\bin\mysqld.exe
PRC - [2009-12-20 00:00:00 | 000,148,112 | ---- | M] (Apache Friends) -- D:\programs\xampplite\xampp-control.exe
PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013-08-22 20:49:23 | 003,551,640 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013-08-20 21:44:03 | 000,831,488 | ---- | M] () -- C:\WINDOWS\vsnpstd3.exe
MOD - [2013-08-20 21:41:11 | 000,020,480 | ---- | M] () -- C:\WINDOWS\FixCamera.exe
MOD - [2013-08-16 05:21:41 | 000,410,576 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\29.0.1547.57\ppgooglenaclpluginchrome.dll
MOD - [2013-08-16 05:21:40 | 013,594,064 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\29.0.1547.57\PepperFlash\pepflashplayer.dll
MOD - [2013-08-16 05:21:39 | 004,053,456 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\29.0.1547.57\pdf.dll
MOD - [2013-08-16 05:20:49 | 000,709,584 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\29.0.1547.57\libglesv2.dll
MOD - [2013-08-16 05:20:48 | 000,099,792 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\29.0.1547.57\libegl.dll
MOD - [2013-08-16 05:20:46 | 001,604,560 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\29.0.1547.57\ffmpegsumo.dll
MOD - [2013-06-19 06:50:44 | 001,476,608 | ---- | M] () -- C:\Program Files\notepad +\plugins\DSpellCheck.dll
MOD - [2012-05-15 18:18:00 | 000,357,184 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nview\nvShell.dll
MOD - [2011-09-21 22:46:29 | 001,673,728 | ---- | M] () -- C:\Program Files\notepad +\plugins\NppFTP.dll
MOD - [2011-07-18 23:07:28 | 000,014,336 | ---- | M] () -- C:\Program Files\notepad +\plugins\NppExport.dll
MOD - [2008-04-14 22:50:38 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2013-08-22 20:49:23 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013-07-10 14:57:35 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013-06-29 13:50:22 | 000,182,184 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013-06-28 14:02:04 | 001,440,080 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- D:\programs\hamahi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2013-06-03 16:21:54 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-11-15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- D:\programs\avg\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012-10-22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- D:\programs\avg\avgwdsvc.exe -- (avgwd)
SRV - [2012-05-15 18:18:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2011-03-16 10:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\fasfasf\catchme.sys -- (catchme)
DRV - [2012-11-15 23:33:26 | 000,094,048 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2012-10-22 13:02:46 | 000,179,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2012-10-15 03:48:52 | 000,055,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012-10-02 03:30:38 | 000,159,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012-09-21 03:46:06 | 000,164,832 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012-09-21 03:46:00 | 000,177,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avglogx.sys -- (Avglogx)
DRV - [2012-09-21 03:45:54 | 000,019,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2012-09-14 03:05:20 | 000,035,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2010-11-01 06:08:46 | 000,014,416 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys -- (WinRing0_1_2_0)
DRV - [2009-03-18 18:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2007-04-24 16:28:52 | 010,252,672 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snpstd3.sys -- (SNPSTD3)
DRV - [2005-05-25 18:55:58 | 003,134,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2005-05-06 08:27:00 | 000,232,064 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2004-08-14 04:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-2025429265-651377827-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\S-1-5-21-2025429265-651377827-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=512435"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: battlefieldplay4free%40ea.com:1.0.96.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=512435&p="
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF
 
[2013-05-20 15:21:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Mozilla\Extensions
[2013-08-24 22:27:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Mozilla\Firefox\Profiles\rnx29h1o.default\extensions
[2013-08-18 18:22:46 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Mozilla\Firefox\Profiles\rnx29h1o.default\extensions\battlefieldplay4free@ea.com
[2013-08-24 22:27:56 | 000,824,302 | ---- | M] () (No name found) -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Mozilla\Firefox\Profiles\rnx29h1o.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013-07-10 15:45:10 | 000,000,915 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Mozilla\Firefox\Profiles\rnx29h1o.default\searchplugins\yahoo.xml
[2013-08-22 20:49:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013-08-22 20:49:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013-08-22 20:49:25 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = https://www.google.com/search?q={searchTerms}&ie=utf-8&oe=utf-8&aq=t&q={searchTerms}&ie=utf-8&oe=utf-8&aq=t&channel=fflb&q={searchTerms}&ie=utf-8&oe=utf-8&aq=t&channel=rcs
CHR - default_search_provider: suggest_url = https://www.google.com/complete/search?q={searchTerms},
CHR - homepage: http://google.pl/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.57\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.57\pdf.dll
CHR - plugin: Battlefield Play4Free Updater (Enabled) = C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh\1.0.96.0_0\npBP4FUpdater.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U25 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll
CHR - Extension: Dokumenty Google = C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Dysk Google = C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Battlefield Heroes = C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh\5.0.203.0_0\
CHR - Extension: Szukaj w Google = C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Dragon Ball Z Goku = C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\dlddadblackokbbanbihkhhkgdodniee\1_0\
CHR - Extension: AdBlock = C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.6_0\
CHR - Extension: Chrome In-App Payments service = C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\
CHR - Extension: Adblock Pro = C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch\2.3_0\
CHR - Extension: Battlefield Play4Free = C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh\1.0.96.0_0\
CHR - Extension: Gmail = C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2013-08-20 22:19:00 | 000,000,025 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\SZYMAN\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)
O4 - HKLM..\Run: [AVG_UI] D:\programs\avg\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKLM..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe ()
O4 - HKLM..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe (SONIX)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2025429265-651377827-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2025429265-651377827-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-2025429265-651377827-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-2025429265-651377827-839522115-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2025429265-651377827-839522115-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in Zaufane witryny)
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in Zaufane witryny)
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in Zaufane witryny)
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in Zaufane witryny)
O15 - HKU\S-1-5-21-2025429265-651377827-839522115-1003\..Trusted Domains: clonewarsadventures.com ([]* in Zaufane witryny)
O15 - HKU\S-1-5-21-2025429265-651377827-839522115-1003\..Trusted Domains: freerealms.com ([]* in Zaufane witryny)
O15 - HKU\S-1-5-21-2025429265-651377827-839522115-1003\..Trusted Domains: soe.com ([]* in Zaufane witryny)
O15 - HKU\S-1-5-21-2025429265-651377827-839522115-1003\..Trusted Domains: sony.com ([]* in Zaufane witryny)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B31B83DC-DA2D-4FC2-AD24-26A4901E7A46}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013-05-20 15:03:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (D:\programs\avg\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013-08-27 11:55:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Menu Start\Programy\Portal
[2013-08-26 18:38:20 | 025,316,313 | ---- | C] (CipSoft GmbH) -- C:\Documents and Settings\SZYMAN\Pulpit\dbrebirth v1.7.exe
[2013-08-24 22:56:08 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013-08-24 22:14:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\AVG
[2013-08-24 22:12:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG
[2013-08-24 22:12:30 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Dane aplikacji\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
[2013-08-24 21:49:56 | 058,674,136 | ---- | C] (AVG) -- C:\Documents and Settings\SZYMAN\Pulpit\avg_tuh_stf_all_2013_2_24c4.exe
[2013-08-24 12:36:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\Map
[2013-08-22 20:49:08 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013-08-21 14:01:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\AVG2013
[2013-08-21 13:59:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\TuneUp Software
[2013-08-21 13:59:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\AVG
[2013-08-21 13:59:09 | 000,000,000 | -H-D | C] -- C:\$AVG
[2013-08-21 13:59:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG2013
[2013-08-21 13:52:28 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files
[2013-08-21 13:52:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\MFAData
[2013-08-21 13:52:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\MFAData
[2013-08-21 13:52:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Avg2013
[2013-08-21 07:45:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2013-08-21 07:34:56 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013-08-21 06:36:21 | 000,000,000 | ---D | C] -- C:\_OTL
[2013-08-20 21:58:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Process Hacker 2
[2013-08-20 21:29:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bitdefender
[2013-08-20 20:52:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\Kopia PokeDestiny
[2013-08-20 20:45:12 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013-08-20 20:45:12 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013-08-20 20:45:12 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013-08-20 20:45:12 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013-08-20 20:44:10 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013-08-20 20:43:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\SZYMAN\Menu Start\Programy\Narzędzia administracyjne
[2013-08-20 20:43:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\SZYMAN\Moje dokumenty\Moje wideo
[2013-08-20 20:42:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013-08-19 18:11:42 | 020,791,627 | ---- | C] (DBMW Team) -- C:\Documents and Settings\SZYMAN\Pulpit\Dragon Ball Mysterious World v1.0.exe
[2013-08-19 12:38:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Pokeing
[2013-08-19 12:26:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\Pokemon-Sapphire-Client
[2013-08-18 20:05:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\DBL_1.89.7_test_v1.1
[2013-08-18 11:46:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Sony Online Entertainment
[2013-08-18 11:46:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\SCE
[2013-08-18 11:27:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2013-08-17 12:46:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\APARAT
[2013-08-17 11:58:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\GituSpamerV2
[2013-08-16 18:58:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\.minecraft_pixelmon.pl
[2013-08-16 18:58:09 | 003,422,750 | ---- | C] (Pixelmon.pl Pokemon Serwer) -- C:\Documents and Settings\SZYMAN\Pulpit\Pixelmon.exe
[2013-08-16 18:44:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\PokemonOnline.v.1.6
[2013-08-16 18:26:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Pokes
[2013-08-16 16:20:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\AdvTOR INJECTION
[2013-08-15 16:38:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\DatEditor by Daemon
[2013-08-15 16:37:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\Pokemon Conquest Klient
[2013-08-14 11:26:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Asprate
[2013-08-14 11:26:11 | 000,000,000 | ---D | C] -- C:\Program Files\Asprate
[2013-08-14 11:12:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\Poke by Bolz v3
[2013-08-12 20:03:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\PunkBuster
[2013-08-12 20:01:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Moje dokumenty\Battlefield Play4Free
[2013-08-12 19:59:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Menu Start\Programy\EA Games
[2013-08-12 17:44:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\PokeLife Client
[2013-08-12 14:59:09 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\SZYMAN\Recent
[2013-08-12 14:57:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\CCleaner
[2013-08-12 14:57:35 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013-08-11 11:51:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\poke dodac
[2013-08-10 18:04:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Help
[2013-08-10 18:04:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Help
[2013-08-10 16:40:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\Tasker
[2013-08-09 23:01:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\OTClient PokeXCath
[2013-08-09 19:09:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Game Booster 3
[2013-08-09 19:09:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\IObit
[2013-08-09 19:08:59 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2013-08-09 17:31:03 | 009,211,736 | ---- | C] (Martin Prikryl) -- C:\Documents and Settings\SZYMAN\Pulpit\WinSCP.exe
[2013-08-09 16:32:27 | 000,495,616 | ---- | C] (Simon Tatham) -- C:\Documents and Settings\SZYMAN\Pulpit\putty.exe
[2013-08-08 16:37:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Moje dokumenty\DeadIsland
[2013-08-08 16:32:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Menu Start\Programy\Steam
[2013-08-08 16:08:53 | 000,000,000 | ---D | C] -- C:\Program Files\dumps
[2013-08-08 16:08:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2013-08-08 16:08:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Steam
[2013-08-08 16:08:14 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2013-08-08 16:06:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2013-08-08 16:06:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2013-08-08 16:05:32 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_7.dll
[2013-08-08 16:05:32 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_5.dll
[2013-08-08 16:05:31 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_43.dll
[2013-08-08 16:05:31 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_7.dll
[2013-08-08 16:05:30 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_43.dll
[2013-08-08 16:05:29 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_43.dll
[2013-08-08 16:05:29 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_43.dll
[2013-08-08 16:05:28 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_43.dll
[2013-08-08 16:05:27 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_6.dll
[2013-08-08 16:05:27 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_6.dll
[2013-08-08 16:05:27 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_4.dll
[2013-08-08 16:05:26 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll
[2013-08-08 16:05:26 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_7.dll
[2013-08-08 16:05:25 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll
[2013-08-08 16:05:25 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll
[2013-08-08 16:05:24 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll
[2013-08-08 16:05:24 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll
[2013-08-08 16:05:23 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll
[2013-08-08 16:05:23 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_42.dll
[2013-08-08 16:05:22 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll
[2013-08-08 16:05:22 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll
[2013-08-08 16:05:21 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll
[2013-08-08 16:05:21 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll
[2013-08-08 16:05:20 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll
[2013-08-08 16:05:20 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll
[2013-08-08 16:05:19 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_40.dll
[2013-08-08 16:05:19 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_40.dll
[2013-08-08 16:05:19 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll
[2013-08-08 16:05:18 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_40.dll
[2013-08-08 16:05:17 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll
[2013-08-08 16:05:17 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll
[2013-08-08 16:05:17 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll
[2013-08-08 16:05:17 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll
[2013-08-08 16:05:16 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll
[2013-08-08 16:05:14 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll
[2013-08-08 16:05:14 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll
[2013-08-08 16:05:13 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll
[2013-08-08 16:05:12 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll
[2013-08-08 16:05:11 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll
[2013-08-08 16:05:11 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll
[2013-08-08 16:05:10 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll
[2013-08-08 16:05:10 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll
[2013-08-08 16:05:09 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll
[2013-08-08 16:05:09 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll
[2013-08-08 16:05:08 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll
[2013-08-08 16:05:08 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll
[2013-08-08 16:05:08 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll
[2013-08-08 16:05:07 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll
[2013-08-08 16:05:06 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll
[2013-08-08 16:05:06 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll
[2013-08-08 16:05:05 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll
[2013-08-08 16:05:05 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll
[2013-08-08 16:05:04 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll
[2013-08-08 16:05:04 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll
[2013-08-08 16:05:03 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll
[2013-08-08 16:05:02 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll
[2013-08-08 16:05:02 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll
[2013-08-08 16:05:02 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll
[2013-08-08 16:05:02 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll
[2013-08-08 16:05:01 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll
[2013-08-08 16:05:01 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_3.dll
[2013-08-08 16:04:59 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll
[2013-08-08 16:04:57 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll
[2013-08-08 16:04:57 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll
[2013-08-08 16:04:54 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll
[2013-08-08 16:04:54 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll
[2013-08-08 16:04:53 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll
[2013-08-08 16:04:53 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll
[2013-08-08 16:04:52 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll
[2013-08-08 16:04:52 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll
[2013-08-08 16:04:52 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll
[2013-08-08 16:04:51 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll
[2013-08-08 16:04:51 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll
[2013-08-08 16:04:51 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll
[2013-08-08 16:04:50 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll
[2013-08-08 16:04:50 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll
[2013-08-08 16:04:41 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll
[2013-08-08 16:04:40 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll
[2013-08-08 16:04:40 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll
[2013-08-08 16:04:39 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll
[2013-08-08 16:04:38 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_28.dll
[2013-08-08 16:04:38 | 000,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll
[2013-08-08 16:04:37 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll
[2013-08-08 16:04:37 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll
[2013-08-08 16:04:36 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_25.dll
[2013-08-08 16:04:35 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll
[2013-08-08 09:07:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Menu Start\Programy\VALVe
[2013-08-07 14:00:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\DBKH 4.0
[2013-08-07 13:58:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\Desktop
[2013-08-06 12:36:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Counter-Strike 1.6
[2013-08-06 12:27:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Menu Start\Programy\Earth's Special Forces
[2013-08-04 13:10:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\Silnik DBKO source (8.0)
[2013-08-03 22:16:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\WoDB
[2013-08-03 21:28:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\dbkos
[2013-08-03 13:52:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\WoDB Beta
[2013-08-02 21:44:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\rybki
[2013-08-01 21:52:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2013-08-01 18:17:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\LolClient
[2013-08-01 14:06:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\League of Legends
[2013-08-01 13:32:24 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_2.dll
[2013-08-01 13:32:24 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_1.dll
[2013-08-01 13:32:21 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll
[2013-08-01 13:32:21 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll
[2013-08-01 13:32:14 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_39.dll
[2013-08-01 13:31:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2013-08-01 13:31:57 | 000,000,000 | -HSD | C] -- C:\WINDOWS\System32\AI_RecycleBin
[2013-08-01 13:31:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Riot Games
[2013-07-31 22:16:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\Pokemon OTS
[2013-07-28 20:25:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\mapa poke
 
========== Files - Modified Within 30 Days ==========
 
[2013-08-27 13:48:00 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013-08-27 13:35:12 | 000,015,493 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\recently-used.xbel
[2013-08-27 13:13:00 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013-08-27 12:13:42 | 002,836,589 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\SMS Shop(itemplayer) + show EQ + my skin for nicaw acc v3.rar
[2013-08-27 11:55:08 | 000,000,580 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\Portal.lnk
[2013-08-27 10:13:00 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013-08-27 08:42:10 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\Game_Booster_AutoUpdate.job
[2013-08-27 08:42:05 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013-08-26 20:06:10 | 000,000,130 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\elfload.dll.vbs
[2013-08-26 19:18:25 | 000,627,104 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\Spy++ (1).rar
[2013-08-26 18:39:13 | 025,316,313 | ---- | M] (CipSoft GmbH) -- C:\Documents and Settings\SZYMAN\Pulpit\dbrebirth v1.7.exe
[2013-08-26 16:52:41 | 000,139,424 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2013-08-26 16:52:34 | 000,282,104 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2013-08-26 10:01:37 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013-08-25 11:37:07 | 000,282,104 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.ex0
[2013-08-24 22:34:47 | 000,055,494 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\zacne base.bmp
[2013-08-24 22:26:34 | 000,493,296 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2013-08-24 22:26:34 | 000,435,212 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013-08-24 22:26:34 | 000,085,360 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2013-08-24 22:26:34 | 000,067,590 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013-08-24 21:52:07 | 058,674,136 | ---- | M] (AVG) -- C:\Documents and Settings\SZYMAN\Pulpit\avg_tuh_stf_all_2013_2_24c4.exe
[2013-08-24 16:15:42 | 000,088,758 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\swiruss.bmp
[2013-08-24 16:13:38 | 000,118,410 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\swirusowy.bmp
[2013-08-24 12:36:27 | 000,035,320 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\Map.rar
[2013-08-22 19:50:45 | 000,807,894 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\dsdas.bmp
[2013-08-22 11:18:56 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk
[2013-08-21 19:00:39 | 000,138,056 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Dane aplikacji\PnkBstrK.sys
[2013-08-21 15:14:28 | 087,331,537 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\Paczka koncertowa dla Mind Out.rar
[2013-08-20 22:19:00 | 000,000,025 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013-08-20 21:58:38 | 000,000,768 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\Process Hacker 2.lnk
[2013-08-20 21:44:03 | 000,831,488 | ---- | M] () -- C:\WINDOWS\vsnpstd3.exe
[2013-08-20 21:43:57 | 000,262,144 | ---- | M] (SONIX) -- C:\WINDOWS\tsnpstd3.exe
[2013-08-20 21:41:11 | 000,020,480 | ---- | M] () -- C:\WINDOWS\FixCamera.exe
[2013-08-20 21:31:27 | 020,791,627 | ---- | M] (DBMW Team) -- C:\Documents and Settings\SZYMAN\Pulpit\Dragon Ball Mysterious World v1.0.exe
[2013-08-20 21:30:42 | 000,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013-08-20 21:30:16 | 019,282,272 | ---- | M] (CipSoft GmbH) -- C:\Documents and Settings\SZYMAN\Pulpit\Bleach Warrior Online.exe
[2013-08-20 21:24:44 | 000,164,134 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\salitykiller.zip
[2013-08-20 20:42:06 | 000,000,174 | ---- | M] () -- C:\Fix.reg
[2013-08-19 19:06:56 | 000,627,104 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\Spy++.rar
[2013-08-19 10:05:43 | 007,723,222 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\WoDB.rar
[2013-08-18 19:57:18 | 000,182,571 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Moje dokumenty\logo dbleague.xcf
[2013-08-18 12:20:21 | 000,000,576 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\hehe.html
[2013-08-18 12:13:37 | 000,346,511 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\dbmw skin (1).rar
[2013-08-17 22:32:23 | 015,575,222 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\Wander of Shinobi.exe
[2013-08-17 13:49:00 | 000,399,360 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\NoxSpr.exe
[2013-08-17 12:49:05 | 000,008,192 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013-08-16 18:58:17 | 003,422,750 | ---- | M] (Pixelmon.pl Pokemon Serwer) -- C:\Documents and Settings\SZYMAN\Pulpit\Pixelmon.exe
[2013-08-16 16:23:27 | 000,577,536 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\Tibia Spambot by IgI.exe
[2013-08-16 15:00:06 | 002,245,479 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\Hacked MUSIC.mp3
[2013-08-16 14:57:21 | 000,001,380 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\index.html
[2013-08-14 11:26:13 | 000,001,838 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Tibia MULTI-IP Changer.lnk
[2013-08-13 14:08:08 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2013-08-13 14:08:07 | 001,075,544 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2013-08-13 14:08:01 | 001,075,544 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2013-08-13 13:29:38 | 000,000,586 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\PokeXGame.lnk
[2013-08-13 13:29:16 | 000,000,863 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\Dead Island.lnk
[2013-08-13 13:28:44 | 000,000,804 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\Counter Strike Source.lnk
[2013-08-13 10:13:22 | 000,000,551 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\BattleField Play4Free.lnk
[2013-08-12 15:15:49 | 000,055,474 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Moje dokumenty\cc_20130812_151527.reg
[2013-08-12 14:57:39 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\CCleaner.lnk
[2013-08-10 11:42:03 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\PUTTY.RND
[2013-08-09 22:20:29 | 029,566,306 | ---- | M] (CipSoft GmbH) -- C:\Documents and Settings\SZYMAN\Pulpit\SoFo.exe
[2013-08-09 22:08:36 | 000,011,902 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\WinSCP.ini
[2013-08-09 22:08:36 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Dane aplikacji\winscp.rnd
[2013-08-09 19:09:07 | 000,000,835 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Switch to Gaming Mode.lnk
[2013-08-09 19:09:07 | 000,000,823 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Game Booster 3.lnk
[2013-08-09 16:32:27 | 000,495,616 | ---- | M] (Simon Tatham) -- C:\Documents and Settings\SZYMAN\Pulpit\putty.exe
[2013-08-09 13:28:53 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2013-08-08 16:08:22 | 000,000,664 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Steam.lnk
[2013-08-08 16:07:43 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2013-08-08 16:06:27 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2013-08-07 23:34:00 | 000,000,652 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\zrobic.otbm
[2013-08-07 23:34:00 | 000,000,049 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\zrobic-spawn.xml
[2013-08-07 23:34:00 | 000,000,049 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\zrobic-house.xml
[2013-08-07 14:41:07 | 000,006,574 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\Bez nazwy.xcf
[2013-08-07 14:02:25 | 000,003,126 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\heh.bmp
[2013-08-06 13:19:43 | 000,002,281 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\swirus.bbtheme
[2013-08-06 13:17:40 | 000,002,281 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\worldofdb-actual-20130806.bbtheme
[2013-08-06 12:36:35 | 000,000,613 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Counter-Strike 1.6.lnk
[2013-08-05 13:56:41 | 000,147,983 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\vocations.xml
[2013-08-03 14:09:09 | 020,926,082 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\evorpg.otbm
[2013-08-03 14:09:09 | 000,006,079 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\evorpg-house.xml
[2013-08-03 14:09:09 | 000,000,049 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\evorpg-spawn.xml
[2013-08-02 22:35:45 | 000,291,083 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\wodb].png
[2013-08-02 22:30:34 | 000,034,990 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\logo.png
[2013-08-02 12:55:37 | 010,242,002 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\WoDB Beta.exe
[2013-08-02 09:12:07 | 104,438,596 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\b3liar mix vol.8.mp3
[2013-08-01 18:01:40 | 000,498,307 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\pokedestiny.rar
[2013-08-01 14:06:32 | 000,001,371 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\League of Legends.lnk
[2013-08-01 10:26:11 | 000,000,728 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\Counter-Strike GROM.lnk
[2013-07-30 18:15:11 | 001,418,239 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Moje dokumenty\mapa poke(1).rar
[2013-07-29 13:09:18 | 000,002,165 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Moje dokumenty\inventory.lua
[2013-07-29 12:44:28 | 009,211,736 | ---- | M] (Martin Prikryl) -- C:\Documents and Settings\SZYMAN\Pulpit\WinSCP.exe
[2013-07-28 21:30:05 | 003,969,727 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\TibiaDatEditor8.70.rar
[2013-07-28 20:24:56 | 001,201,038 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Moje dokumenty\mapa poke.rar
 
========== Files Created - No Company Name ==========
 
[2013-08-27 13:35:12 | 000,015,493 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\recently-used.xbel
[2013-08-27 11:55:08 | 000,000,580 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\Portal.lnk
[2013-08-26 20:06:10 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\elfload.dll.vbs
[2013-08-26 19:18:25 | 000,627,104 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\Spy++ (1).rar
[2013-08-24 16:15:42 | 000,088,758 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\swiruss.bmp
[2013-08-24 16:09:28 | 000,118,410 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\swirusowy.bmp
[2013-08-24 12:36:27 | 000,035,320 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\Map.rar
[2013-08-23 15:31:40 | 000,055,494 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\zacne base.bmp
[2013-08-22 19:50:45 | 000,807,894 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\dsdas.bmp
[2013-08-21 15:11:21 | 087,331,537 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\Paczka koncertowa dla Mind Out.rar
[2013-08-20 21:58:38 | 000,000,768 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\Process Hacker 2.lnk
[2013-08-20 21:24:43 | 000,164,134 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\salitykiller.zip
[2013-08-20 20:45:12 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013-08-20 20:45:12 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013-08-20 20:45:12 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013-08-20 20:45:12 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013-08-20 20:45:12 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013-08-20 20:42:06 | 000,000,174 | ---- | C] () -- C:\Fix.reg
[2013-08-19 19:06:53 | 000,627,104 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\Spy++.rar
[2013-08-18 19:57:18 | 000,182,571 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Moje dokumenty\logo dbleague.xcf
[2013-08-18 12:13:36 | 000,346,511 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\dbmw skin (1).rar
[2013-08-17 22:31:26 | 015,575,222 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\Wander of Shinobi.exe
[2013-08-17 13:48:45 | 000,399,360 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\NoxSpr.exe
[2013-08-16 16:23:21 | 000,577,536 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\Tibia Spambot by IgI.exe
[2013-08-14 11:26:13 | 000,001,838 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Tibia MULTI-IP Changer.lnk
[2013-08-13 13:29:38 | 000,000,586 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\PokeXGame.lnk
[2013-08-13 13:29:16 | 000,000,863 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\Dead Island.lnk
[2013-08-13 10:13:22 | 000,000,551 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\BattleField Play4Free.lnk
[2013-08-12 20:13:27 | 000,282,104 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2013-08-12 20:00:16 | 000,139,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2013-08-12 20:00:15 | 000,138,056 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Dane aplikacji\PnkBstrK.sys
[2013-08-12 20:00:01 | 000,282,104 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2013-08-12 20:00:01 | 000,282,104 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.ex0
[2013-08-12 19:59:58 | 000,076,888 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2013-08-12 15:15:31 | 000,055,474 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Moje dokumenty\cc_20130812_151527.reg
[2013-08-12 14:57:39 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\CCleaner.lnk
[2013-08-10 15:51:30 | 000,001,371 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\League of Legends.lnk
[2013-08-09 21:24:43 | 000,011,902 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\WinSCP.ini
[2013-08-09 19:09:21 | 000,000,280 | ---- | C] () -- C:\WINDOWS\tasks\Game_Booster_AutoUpdate.job
[2013-08-09 19:09:07 | 000,000,835 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Switch to Gaming Mode.lnk
[2013-08-09 19:09:07 | 000,000,823 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Game Booster 3.lnk
[2013-08-09 17:30:51 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Dane aplikacji\winscp.rnd
[2013-08-09 16:32:35 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\PUTTY.RND
[2013-08-08 20:43:39 | 000,000,804 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\Counter Strike Source.lnk
[2013-08-08 16:08:22 | 000,000,664 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Steam.lnk
[2013-08-08 16:06:27 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2013-08-07 23:34:00 | 000,000,652 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\zrobic.otbm
[2013-08-07 23:34:00 | 000,000,049 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\zrobic-spawn.xml
[2013-08-07 23:34:00 | 000,000,049 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\zrobic-house.xml
[2013-08-07 14:41:07 | 000,006,574 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\Bez nazwy.xcf
[2013-08-07 14:02:25 | 000,003,126 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\heh.bmp
[2013-08-06 13:18:28 | 000,002,281 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\swirus.bbtheme
[2013-08-06 13:16:25 | 000,002,281 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\worldofdb-actual-20130806.bbtheme
[2013-08-06 12:36:35 | 000,000,613 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Counter-Strike 1.6.lnk
[2013-08-05 13:57:59 | 000,147,983 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\vocations.xml
[2013-08-03 14:09:09 | 000,006,079 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\evorpg-house.xml
[2013-08-03 14:09:09 | 000,000,049 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\evorpg-spawn.xml
[2013-08-03 13:12:14 | 020,926,082 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\evorpg.otbm
[2013-08-03 11:16:26 | 007,723,222 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\WoDB.rar
[2013-08-02 22:35:44 | 000,291,083 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\wodb].png
[2013-08-02 22:30:34 | 000,034,990 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\logo.png
[2013-08-02 12:55:09 | 010,242,002 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\WoDB Beta.exe
[2013-08-02 09:08:31 | 104,438,596 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\b3liar mix vol.8.mp3
[2013-08-01 18:01:40 | 000,498,307 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\pokedestiny.rar
[2013-08-01 10:26:11 | 000,000,728 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\Counter-Strike GROM.lnk
[2013-07-30 18:14:27 | 001,418,239 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Moje dokumenty\mapa poke(1).rar
[2013-07-29 13:09:04 | 000,002,165 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Moje dokumenty\inventory.lua
[2013-07-28 21:28:37 | 003,969,727 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\TibiaDatEditor8.70.rar
[2013-07-28 20:24:15 | 001,201,038 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Moje dokumenty\mapa poke.rar
[2013-07-10 17:55:11 | 000,000,694 | ---- | C] () -- C:\Documents and Settings\SZYMAN\.jscreenfix.licence
[2013-07-01 18:26:20 | 000,008,192 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013-06-27 08:09:17 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSnx.sys.sum
[2013-06-27 08:09:16 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSP.sys.sum
[2013-06-25 13:15:18 | 000,000,067 | ---- | C] () -- C:\Documents and Settings\SZYMAN\.gtk-bookmarks
[2013-06-11 17:42:49 | 000,020,480 | ---- | C] () -- C:\WINDOWS\FixCamera.exe
[2013-06-11 17:42:47 | 000,831,488 | ---- | C] () -- C:\WINDOWS\vsnpstd3.exe
[2013-06-11 17:42:47 | 000,015,498 | ---- | C] () -- C:\WINDOWS\snpstd3.ini
[2013-06-11 17:42:45 | 000,172,032 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd3.dll
[2013-06-11 17:42:45 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll
[2013-06-11 17:42:45 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll
[2013-06-11 17:42:45 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\csnpstd3.dll
[2013-06-09 09:17:32 | 001,867,776 | ---- | C] () -- C:\WINDOWS\System32\python24.dll
[2013-05-20 16:54:47 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2013-05-20 16:53:51 | 000,272,576 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013-05-20 15:52:25 | 001,075,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2013-05-20 15:52:25 | 001,075,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2013-05-20 15:52:25 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2013-05-20 15:52:14 | 002,807,708 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2013-05-20 15:09:19 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2013-05-20 15:09:19 | 000,040,960 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2013-05-20 15:08:00 | 000,024,399 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2013-05-20 15:07:58 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2013-05-20 15:07:53 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2013-05-20 15:04:51 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013-05-20 15:00:23 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
 
========== ZeroAccess Check ==========
 
[2013-05-23 19:06:20 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008-04-14 22:50:48 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2008-04-14 22:50:32 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008-04-14 22:50:58 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2013-08-21 18:54:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software
[2013-08-24 22:14:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG
[2013-08-21 14:00:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG2013
[2013-08-21 13:52:28 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files
[2013-06-20 19:53:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\GG
[2013-08-09 19:09:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\IObit
[2013-05-25 20:49:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Logs
[2013-08-27 11:16:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MFAData
[2013-08-01 18:06:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PMB Files
[2013-08-27 11:49:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2013-08-24 22:12:30 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
[2013-08-01 11:30:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\.minecraft
[2013-08-16 23:17:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\.minecraft_pixelmon.pl
[2013-06-23 18:40:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\.technic
[2013-08-24 22:14:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\AVG
[2013-08-21 14:01:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\AVG2013
[2013-06-01 10:29:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\BlWrO
[2013-06-15 13:08:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\DBV
[2013-06-09 20:59:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\DBzF1
[2013-05-22 20:54:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Dev-Cpp
[2013-06-23 14:19:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\GG
[2013-08-01 18:17:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\LolClient
[2013-06-20 13:59:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\LoS
[2013-08-03 15:43:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Nowe Gadu-Gadu
[2013-08-19 12:40:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Pokeing
[2013-08-16 18:32:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Pokes
[2013-08-20 22:12:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Process Hacker 2
[2013-06-18 17:14:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\pverb
[2013-08-12 13:27:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Remere's Map Editor
[2013-08-01 14:07:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Riot Games
[2013-08-18 11:47:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Sony Online Entertainment
[2013-08-20 17:04:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\sqlitestudio
[2013-05-24 14:50:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\TeamViewer
[2013-08-27 12:54:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Tibia
[2013-08-26 18:35:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\TS3Client
[2013-08-21 13:59:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\TuneUp Software
[2013-08-27 11:53:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\uTorrent
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 231 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:6BE50C2B

< End of report >
[/spoiler]

Dzisiaj AVG wykrył mi na dysku D wirusa Win32/Sality.dropper - mozna sprawdzic logi pod katem tego wirusa?

 

[spoiler]OTL logfile created on: 2013-08-28 10:45:57 - Run 4
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\SZYMAN\Moje dokumenty\Pobieranie
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
3,00 Gb Total Physical Memory | 2,23 Gb Available Physical Memory | 74,51% Memory free
4,85 Gb Paging File | 4,14 Gb Available in Paging File | 85,45% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 78,13 Gb Total Space | 56,74 Gb Free Space | 72,63% Space Free | Partition Type: NTFS
Drive D: | 75,25 Gb Total Space | 51,23 Gb Free Space | 68,08% Space Free | Partition Type: NTFS
 
Computer Name: HOME | User Name: SZYMAN | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013-08-22 20:49:24 | 000,276,376 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013-08-21 06:33:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SZYMAN\Moje dokumenty\Pobieranie\OTL.exe
PRC - [2013-08-20 21:44:03 | 000,831,488 | ---- | M] () -- C:\WINDOWS\vsnpstd3.exe
PRC - [2013-08-20 21:41:11 | 000,020,480 | ---- | M] () -- C:\WINDOWS\FixCamera.exe
PRC - [2013-07-23 19:09:28 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\programs\avg\avgwdsvc.exe
PRC - [2013-07-10 01:33:22 | 000,452,144 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\programs\avg\avgcsrvx.exe
PRC - [2013-07-04 15:53:28 | 000,763,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\programs\avg\avgrsx.exe
PRC - [2013-07-04 15:53:26 | 001,117,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\programs\avg\avgnsx.exe
PRC - [2013-07-04 15:53:10 | 004,939,312 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\programs\avg\avgidsagent.exe
PRC - [2013-07-01 01:46:26 | 004,411,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\programs\avg\avgui.exe
PRC - [2013-06-29 13:50:22 | 000,182,184 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013-06-28 14:02:04 | 001,440,080 | ---- | M] (LogMeIn Inc.) -- D:\programs\hamahi\hamachi-2.exe
PRC - [2012-05-15 18:18:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013-08-22 20:49:23 | 003,551,640 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013-08-20 21:44:03 | 000,831,488 | ---- | M] () -- C:\WINDOWS\vsnpstd3.exe
MOD - [2013-08-20 21:41:11 | 000,020,480 | ---- | M] () -- C:\WINDOWS\FixCamera.exe
MOD - [2012-05-15 18:18:00 | 000,357,184 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nview\nvShell.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2013-08-22 20:49:23 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013-07-23 19:09:28 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- D:\programs\avg\avgwdsvc.exe -- (avgwd)
SRV - [2013-07-10 14:57:35 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013-07-04 15:53:10 | 004,939,312 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- D:\programs\avg\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013-06-29 13:50:22 | 000,182,184 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013-06-28 14:02:04 | 001,440,080 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- D:\programs\hamahi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2013-06-03 16:21:54 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-05-15 18:18:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2011-03-16 10:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\fasfasf\catchme.sys -- (catchme)
DRV - [2013-07-20 01:51:00 | 000,246,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avglogx.sys -- (Avglogx)
DRV - [2013-07-20 01:50:56 | 000,208,184 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2013-07-20 01:50:56 | 000,060,216 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2013-07-20 01:50:50 | 000,171,320 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2013-07-10 01:32:40 | 000,039,224 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2013-07-01 01:45:28 | 000,096,568 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2013-03-21 03:08:24 | 000,182,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2013-03-01 10:32:20 | 000,022,328 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2010-11-01 06:08:46 | 000,014,416 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys -- (WinRing0_1_2_0)
DRV - [2009-03-18 18:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2007-04-24 16:28:52 | 010,252,672 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snpstd3.sys -- (SNPSTD3)
DRV - [2005-05-25 18:55:58 | 003,134,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2005-05-06 08:27:00 | 000,232,064 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2004-08-14 04:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-2025429265-651377827-839522115-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2025429265-651377827-839522115-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-21-2025429265-651377827-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=512435"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: battlefieldplay4free%40ea.com:1.0.96.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=512435&p="
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF
 
[2013-05-20 15:21:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Mozilla\Extensions
[2013-08-24 22:27:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Mozilla\Firefox\Profiles\rnx29h1o.default\extensions
[2013-08-18 18:22:46 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Mozilla\Firefox\Profiles\rnx29h1o.default\extensions\battlefieldplay4free@ea.com
[2013-08-24 22:27:56 | 000,824,302 | ---- | M] () (No name found) -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Mozilla\Firefox\Profiles\rnx29h1o.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013-07-10 15:45:10 | 000,000,915 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Mozilla\Firefox\Profiles\rnx29h1o.default\searchplugins\yahoo.xml
[2013-08-22 20:49:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013-08-22 20:49:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013-08-22 20:49:25 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = https://www.google.com/search?q={searchTerms}&ie=utf-8&oe=utf-8&aq=t&q={searchTerms}&ie=utf-8&oe=utf-8&aq=t&channel=fflb&q={searchTerms}&ie=utf-8&oe=utf-8&aq=t&channel=rcs
CHR - default_search_provider: suggest_url = https://www.google.com/complete/search?q={searchTerms},
CHR - homepage: http://google.pl/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.57\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.57\pdf.dll
CHR - plugin: Battlefield Play4Free Updater (Enabled) = C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh\1.0.96.0_0\npBP4FUpdater.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U25 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll
CHR - Extension: Dokumenty Google = C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Dysk Google = C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Battlefield Heroes = C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh\5.0.203.0_0\
CHR - Extension: Szukaj w Google = C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Dragon Ball Z Goku = C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\dlddadblackokbbanbihkhhkgdodniee\1_0\
CHR - Extension: AdBlock = C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.6_0\
CHR - Extension: Chrome In-App Payments service = C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\
CHR - Extension: Adblock Pro = C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch\2.3_0\
CHR - Extension: Battlefield Play4Free = C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh\1.0.96.0_0\
CHR - Extension: Gmail = C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2013-08-20 22:19:00 | 000,000,025 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\SZYMAN\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)
O4 - HKLM..\Run: [AVG_UI] D:\programs\avg\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKLM..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe ()
O4 - HKLM..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe (SONIX)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2025429265-651377827-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2025429265-651377827-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-2025429265-651377827-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-2025429265-651377827-839522115-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2025429265-651377827-839522115-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in Zaufane witryny)
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in Zaufane witryny)
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in Zaufane witryny)
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in Zaufane witryny)
O15 - HKU\S-1-5-21-2025429265-651377827-839522115-1003\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2025429265-651377827-839522115-1003\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2025429265-651377827-839522115-1003\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2025429265-651377827-839522115-1003\..Trusted Domains: sony.com ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B31B83DC-DA2D-4FC2-AD24-26A4901E7A46}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013-05-20 15:03:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (D:\programs\avg\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013-08-28 08:55:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\AVG
[2013-08-28 08:55:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2013-08-27 21:17:53 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\SZYMAN\PrivacIE
[2013-08-27 19:04:24 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\SZYMAN\IETldCache
[2013-08-27 18:37:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\WapSter
[2013-08-27 18:36:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2013-08-27 18:35:42 | 000,018,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2013-08-27 18:34:40 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2013-08-27 18:31:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Menu Start\Programy\WapSter
[2013-08-27 11:55:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Menu Start\Programy\Portal
[2013-08-26 18:38:20 | 025,316,313 | ---- | C] (CipSoft GmbH) -- C:\Documents and Settings\SZYMAN\Pulpit\dbrebirth v1.7.exe
[2013-08-24 22:14:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\AVG
[2013-08-24 22:12:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG
[2013-08-24 22:12:30 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Dane aplikacji\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
[2013-08-24 21:49:56 | 058,674,136 | ---- | C] (AVG) -- C:\Documents and Settings\SZYMAN\Pulpit\avg_tuh_stf_all_2013_2_24c4.exe
[2013-08-24 12:36:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\Map
[2013-08-22 20:49:08 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013-08-21 14:01:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\AVG2013
[2013-08-21 13:59:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\TuneUp Software
[2013-08-21 13:59:09 | 000,000,000 | -H-D | C] -- C:\$AVG
[2013-08-21 13:59:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG2013
[2013-08-21 13:52:28 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files
[2013-08-21 13:52:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\MFAData
[2013-08-21 13:52:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\MFAData
[2013-08-21 13:52:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Avg2013
[2013-08-21 07:45:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2013-08-21 07:34:56 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013-08-21 06:36:21 | 000,000,000 | ---D | C] -- C:\_OTL
[2013-08-20 21:58:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Process Hacker 2
[2013-08-20 21:29:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bitdefender
[2013-08-20 20:52:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\Kopia PokeDestiny
[2013-08-20 20:45:12 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013-08-20 20:45:12 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013-08-20 20:45:12 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013-08-20 20:45:12 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013-08-20 20:44:10 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013-08-20 20:43:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\SZYMAN\Menu Start\Programy\Narzędzia administracyjne
[2013-08-20 20:43:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\SZYMAN\Moje dokumenty\Moje wideo
[2013-08-20 20:42:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013-08-19 18:11:42 | 020,791,627 | ---- | C] (DBMW Team) -- C:\Documents and Settings\SZYMAN\Pulpit\Dragon Ball Mysterious World v1.0.exe
[2013-08-19 12:38:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Pokeing
[2013-08-19 12:26:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\Pokemon-Sapphire-Client
[2013-08-18 20:05:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\DBL_1.89.7_test_v1.1
[2013-08-18 11:46:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Sony Online Entertainment
[2013-08-18 11:46:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\SCE
[2013-08-18 11:27:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2013-08-17 12:46:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\APARAT
[2013-08-17 11:58:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\GituSpamerV2
[2013-08-16 18:58:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\.minecraft_pixelmon.pl
[2013-08-16 18:58:09 | 003,422,750 | ---- | C] (Pixelmon.pl Pokemon Serwer) -- C:\Documents and Settings\SZYMAN\Pulpit\Pixelmon.exe
[2013-08-16 18:44:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\PokemonOnline.v.1.6
[2013-08-16 18:26:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Pokes
[2013-08-16 16:20:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\AdvTOR INJECTION
[2013-08-15 16:38:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\DatEditor by Daemon
[2013-08-15 16:37:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\Pokemon Conquest Klient
[2013-08-14 11:26:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Asprate
[2013-08-14 11:26:11 | 000,000,000 | ---D | C] -- C:\Program Files\Asprate
[2013-08-14 11:12:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\Poke by Bolz v3
[2013-08-12 20:03:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\PunkBuster
[2013-08-12 20:01:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Moje dokumenty\Battlefield Play4Free
[2013-08-12 19:59:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Menu Start\Programy\EA Games
[2013-08-12 17:44:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\PokeLife Client
[2013-08-12 14:59:09 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\SZYMAN\Recent
[2013-08-12 14:57:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\CCleaner
[2013-08-12 14:57:35 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013-08-11 11:51:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\poke dodac
[2013-08-10 18:04:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Help
[2013-08-10 18:04:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Help
[2013-08-10 16:40:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\Tasker
[2013-08-09 23:01:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\OTClient PokeXCath
[2013-08-09 19:09:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Game Booster 3
[2013-08-09 19:09:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\IObit
[2013-08-09 19:08:59 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2013-08-09 17:31:03 | 009,211,736 | ---- | C] (Martin Prikryl) -- C:\Documents and Settings\SZYMAN\Pulpit\WinSCP.exe
[2013-08-09 16:32:27 | 000,495,616 | ---- | C] (Simon Tatham) -- C:\Documents and Settings\SZYMAN\Pulpit\putty.exe
[2013-08-08 16:37:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Moje dokumenty\DeadIsland
[2013-08-08 16:32:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Menu Start\Programy\Steam
[2013-08-08 16:08:53 | 000,000,000 | ---D | C] -- C:\Program Files\dumps
[2013-08-08 16:08:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2013-08-08 16:08:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Steam
[2013-08-08 16:08:14 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2013-08-08 16:06:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2013-08-08 16:06:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2013-08-08 16:05:32 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_7.dll
[2013-08-08 16:05:32 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_5.dll
[2013-08-08 16:05:31 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_43.dll
[2013-08-08 16:05:31 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_7.dll
[2013-08-08 16:05:30 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_43.dll
[2013-08-08 16:05:29 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_43.dll
[2013-08-08 16:05:29 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_43.dll
[2013-08-08 16:05:28 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_43.dll
[2013-08-08 16:05:27 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_6.dll
[2013-08-08 16:05:27 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_6.dll
[2013-08-08 16:05:27 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_4.dll
[2013-08-08 16:05:26 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll
[2013-08-08 16:05:26 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_7.dll
[2013-08-08 16:05:25 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll
[2013-08-08 16:05:25 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll
[2013-08-08 16:05:24 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll
[2013-08-08 16:05:24 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll
[2013-08-08 16:05:23 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll
[2013-08-08 16:05:23 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_42.dll
[2013-08-08 16:05:22 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll
[2013-08-08 16:05:22 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll
[2013-08-08 16:05:21 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll
[2013-08-08 16:05:21 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll
[2013-08-08 16:05:20 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll
[2013-08-08 16:05:20 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll
[2013-08-08 16:05:19 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_40.dll
[2013-08-08 16:05:19 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_40.dll
[2013-08-08 16:05:19 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll
[2013-08-08 16:05:18 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_40.dll
[2013-08-08 16:05:17 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll
[2013-08-08 16:05:17 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll
[2013-08-08 16:05:17 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll
[2013-08-08 16:05:17 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll
[2013-08-08 16:05:16 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll
[2013-08-08 16:05:14 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll
[2013-08-08 16:05:14 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll
[2013-08-08 16:05:13 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll
[2013-08-08 16:05:12 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll
[2013-08-08 16:05:11 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll
[2013-08-08 16:05:11 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll
[2013-08-08 16:05:10 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll
[2013-08-08 16:05:10 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll
[2013-08-08 16:05:09 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll
[2013-08-08 16:05:09 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll
[2013-08-08 16:05:08 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll
[2013-08-08 16:05:08 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll
[2013-08-08 16:05:08 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll
[2013-08-08 16:05:07 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll
[2013-08-08 16:05:06 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll
[2013-08-08 16:05:06 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll
[2013-08-08 16:05:05 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll
[2013-08-08 16:05:05 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll
[2013-08-08 16:05:04 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll
[2013-08-08 16:05:04 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll
[2013-08-08 16:05:03 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll
[2013-08-08 16:05:02 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll
[2013-08-08 16:05:02 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll
[2013-08-08 16:05:02 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll
[2013-08-08 16:05:02 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll
[2013-08-08 16:05:01 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll
[2013-08-08 16:05:01 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_3.dll
[2013-08-08 16:04:59 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll
[2013-08-08 16:04:57 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll
[2013-08-08 16:04:57 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll
[2013-08-08 16:04:54 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll
[2013-08-08 16:04:54 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll
[2013-08-08 16:04:53 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll
[2013-08-08 16:04:53 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll
[2013-08-08 16:04:52 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll
[2013-08-08 16:04:52 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll
[2013-08-08 16:04:52 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll
[2013-08-08 16:04:51 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll
[2013-08-08 16:04:51 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll
[2013-08-08 16:04:51 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll
[2013-08-08 16:04:50 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll
[2013-08-08 16:04:50 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll
[2013-08-08 16:04:41 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll
[2013-08-08 16:04:40 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll
[2013-08-08 16:04:40 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll
[2013-08-08 16:04:39 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll
[2013-08-08 16:04:38 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_28.dll
[2013-08-08 16:04:38 | 000,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll
[2013-08-08 16:04:37 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll
[2013-08-08 16:04:37 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll
[2013-08-08 16:04:36 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_25.dll
[2013-08-08 16:04:35 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll
[2013-08-08 09:07:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Menu Start\Programy\VALVe
[2013-08-07 14:00:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\DBKH 4.0
[2013-08-07 13:58:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\Desktop
[2013-08-06 12:36:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Counter-Strike 1.6
[2013-08-06 12:27:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Menu Start\Programy\Earth's Special Forces
[2013-08-04 13:10:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\Silnik DBKO source (8.0)
[2013-08-03 22:16:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\WoDB
[2013-08-03 21:28:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\dbkos
[2013-08-03 13:52:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\WoDB Beta
[2013-08-02 21:44:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\rybki
[2013-08-01 21:52:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2013-08-01 18:17:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\LolClient
[2013-08-01 14:06:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\League of Legends
[2013-08-01 13:32:24 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_2.dll
[2013-08-01 13:32:24 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_1.dll
[2013-08-01 13:32:21 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll
[2013-08-01 13:32:21 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll
[2013-08-01 13:32:14 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_39.dll
[2013-08-01 13:31:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2013-08-01 13:31:57 | 000,000,000 | -HSD | C] -- C:\WINDOWS\System32\AI_RecycleBin
[2013-08-01 13:31:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Riot Games
[2013-07-31 22:16:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\Pokemon OTS
 
========== Files - Modified Within 30 Days ==========
 
[2013-08-28 10:48:00 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013-08-28 10:13:00 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013-08-28 10:13:00 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013-08-28 10:00:05 | 000,139,424 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2013-08-28 09:59:59 | 000,282,104 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2013-08-28 08:47:25 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\Game_Booster_AutoUpdate.job
[2013-08-28 08:47:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013-08-27 20:28:46 | 000,282,104 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.ex0
[2013-08-27 18:31:36 | 000,000,373 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\AQQ.lnk
[2013-08-27 13:35:12 | 000,015,493 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\recently-used.xbel
[2013-08-27 12:13:42 | 002,836,589 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\SMS Shop(itemplayer) + show EQ + my skin for nicaw acc v3.rar
[2013-08-27 11:55:08 | 000,000,580 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\Portal.lnk
[2013-08-26 19:18:25 | 000,627,104 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\Spy++ (1).rar
[2013-08-26 18:39:13 | 025,316,313 | ---- | M] (CipSoft GmbH) -- C:\Documents and Settings\SZYMAN\Pulpit\dbrebirth v1.7.exe
[2013-08-26 10:01:37 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013-08-24 22:34:47 | 000,055,494 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\zacne base.bmp
[2013-08-24 22:26:35 | 000,004,659 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013-08-24 22:26:34 | 000,493,296 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2013-08-24 22:26:34 | 000,435,212 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013-08-24 22:26:34 | 000,085,360 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2013-08-24 22:26:34 | 000,067,590 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013-08-24 21:52:07 | 058,674,136 | ---- | M] (AVG) -- C:\Documents and Settings\SZYMAN\Pulpit\avg_tuh_stf_all_2013_2_24c4.exe
[2013-08-24 20:06:28 | 000,194,046 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\bug.bmp
[2013-08-24 16:15:42 | 000,088,758 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\swiruss.bmp
[2013-08-24 16:13:38 | 000,118,410 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\swirusowy.bmp
[2013-08-24 12:36:27 | 000,035,320 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\Map.rar
[2013-08-22 19:50:45 | 000,807,894 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\dsdas.bmp
[2013-08-22 11:18:56 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk
[2013-08-21 19:00:39 | 000,138,056 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Dane aplikacji\PnkBstrK.sys
[2013-08-21 15:14:28 | 087,331,537 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\Paczka koncertowa dla Mind Out.rar
[2013-08-20 22:19:00 | 000,000,025 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013-08-20 21:58:38 | 000,000,768 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\Process Hacker 2.lnk
[2013-08-20 21:44:03 | 000,831,488 | ---- | M] () -- C:\WINDOWS\vsnpstd3.exe
[2013-08-20 21:43:57 | 000,262,144 | ---- | M] (SONIX) -- C:\WINDOWS\tsnpstd3.exe
[2013-08-20 21:41:11 | 000,020,480 | ---- | M] () -- C:\WINDOWS\FixCamera.exe
[2013-08-20 21:31:27 | 020,791,627 | ---- | M] (DBMW Team) -- C:\Documents and Settings\SZYMAN\Pulpit\Dragon Ball Mysterious World v1.0.exe
[2013-08-20 21:30:42 | 000,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013-08-20 21:30:16 | 019,282,272 | ---- | M] (CipSoft GmbH) -- C:\Documents and Settings\SZYMAN\Pulpit\Bleach Warrior Online.exe
[2013-08-20 21:24:44 | 000,164,134 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\salitykiller.zip
[2013-08-20 20:42:06 | 000,000,174 | ---- | M] () -- C:\Fix.reg
[2013-08-19 19:06:56 | 000,627,104 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\Spy++.rar
[2013-08-19 10:05:43 | 007,723,222 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\WoDB.rar
[2013-08-18 19:57:18 | 000,182,571 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Moje dokumenty\logo dbleague.xcf
[2013-08-18 12:20:21 | 000,000,576 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\hehe.html
[2013-08-18 12:13:37 | 000,346,511 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\dbmw skin (1).rar
[2013-08-17 22:32:23 | 015,575,222 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\Wander of Shinobi.exe
[2013-08-17 13:49:00 | 000,399,360 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\NoxSpr.exe
[2013-08-17 12:49:05 | 000,008,192 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013-08-16 18:58:17 | 003,422,750 | ---- | M] (Pixelmon.pl Pokemon Serwer) -- C:\Documents and Settings\SZYMAN\Pulpit\Pixelmon.exe
[2013-08-16 16:23:27 | 000,577,536 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\Tibia Spambot by IgI.exe
[2013-08-16 15:00:06 | 002,245,479 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\Hacked MUSIC.mp3
[2013-08-16 14:57:21 | 000,001,380 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\index.html
[2013-08-14 11:26:13 | 000,001,838 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Tibia MULTI-IP Changer.lnk
[2013-08-13 14:08:08 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2013-08-13 14:08:07 | 001,075,544 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2013-08-13 14:08:01 | 001,075,544 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2013-08-13 13:29:38 | 000,000,586 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\PokeXGame.lnk
[2013-08-13 13:29:16 | 000,000,863 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\Dead Island.lnk
[2013-08-13 13:28:44 | 000,000,804 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\Counter Strike Source.lnk
[2013-08-13 10:13:22 | 000,000,551 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\BattleField Play4Free.lnk
[2013-08-12 15:15:49 | 000,055,474 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Moje dokumenty\cc_20130812_151527.reg
[2013-08-12 14:57:39 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\CCleaner.lnk
[2013-08-10 11:42:03 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\PUTTY.RND
[2013-08-09 22:20:29 | 029,566,306 | ---- | M] (CipSoft GmbH) -- C:\Documents and Settings\SZYMAN\Pulpit\SoFo.exe
[2013-08-09 22:08:36 | 000,011,902 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\WinSCP.ini
[2013-08-09 22:08:36 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Dane aplikacji\winscp.rnd
[2013-08-09 19:09:07 | 000,000,835 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Switch to Gaming Mode.lnk
[2013-08-09 19:09:07 | 000,000,823 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Game Booster 3.lnk
[2013-08-09 16:32:27 | 000,495,616 | ---- | M] (Simon Tatham) -- C:\Documents and Settings\SZYMAN\Pulpit\putty.exe
[2013-08-09 13:28:53 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2013-08-08 16:08:22 | 000,000,664 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Steam.lnk
[2013-08-08 16:07:43 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2013-08-08 16:06:27 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2013-08-07 23:34:00 | 000,000,652 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\zrobic.otbm
[2013-08-07 23:34:00 | 000,000,049 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\zrobic-spawn.xml
[2013-08-07 23:34:00 | 000,000,049 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\zrobic-house.xml
[2013-08-07 14:41:07 | 000,006,574 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\Bez nazwy.xcf
[2013-08-07 14:02:25 | 000,003,126 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\heh.bmp
[2013-08-06 13:19:43 | 000,002,281 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\swirus.bbtheme
[2013-08-06 13:17:40 | 000,002,281 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\worldofdb-actual-20130806.bbtheme
[2013-08-06 12:36:35 | 000,000,613 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Counter-Strike 1.6.lnk
[2013-08-05 13:56:41 | 000,147,983 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\vocations.xml
[2013-08-03 14:09:09 | 020,926,082 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\evorpg.otbm
[2013-08-03 14:09:09 | 000,006,079 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\evorpg-house.xml
[2013-08-03 14:09:09 | 000,000,049 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\evorpg-spawn.xml
[2013-08-02 22:35:45 | 000,291,083 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\wodb].png
[2013-08-02 22:30:34 | 000,034,990 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\logo.png
[2013-08-02 12:55:37 | 010,242,002 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\WoDB Beta.exe
[2013-08-02 09:12:07 | 104,438,596 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\b3liar mix vol.8.mp3
[2013-08-01 18:01:40 | 000,498,307 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\pokedestiny.rar
[2013-08-01 14:06:32 | 000,001,371 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\League of Legends.lnk
[2013-08-01 10:26:11 | 000,000,728 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\Counter-Strike GROM.lnk
[2013-07-30 18:15:11 | 001,418,239 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Moje dokumenty\mapa poke(1).rar
[2013-07-29 13:09:18 | 000,002,165 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Moje dokumenty\inventory.lua
[2013-07-29 12:44:28 | 009,211,736 | ---- | M] (Martin Prikryl) -- C:\Documents and Settings\SZYMAN\Pulpit\WinSCP.exe
 
========== Files Created - No Company Name ==========
 
[2013-08-27 18:31:36 | 000,000,373 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\AQQ.lnk
[2013-08-27 13:35:12 | 000,015,493 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\recently-used.xbel
[2013-08-27 11:55:08 | 000,000,580 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\Portal.lnk
[2013-08-26 19:18:25 | 000,627,104 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\Spy++ (1).rar
[2013-08-24 22:26:29 | 000,004,659 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2013-08-24 20:06:28 | 000,194,046 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\bug.bmp
[2013-08-24 16:15:42 | 000,088,758 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\swiruss.bmp
[2013-08-24 16:09:28 | 000,118,410 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\swirusowy.bmp
[2013-08-24 12:36:27 | 000,035,320 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\Map.rar
[2013-08-23 15:31:40 | 000,055,494 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\zacne base.bmp
[2013-08-22 19:50:45 | 000,807,894 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\dsdas.bmp
[2013-08-21 15:11:21 | 087,331,537 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\Paczka koncertowa dla Mind Out.rar
[2013-08-20 21:58:38 | 000,000,768 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\Process Hacker 2.lnk
[2013-08-20 21:24:43 | 000,164,134 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\salitykiller.zip
[2013-08-20 20:45:12 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013-08-20 20:45:12 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013-08-20 20:45:12 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013-08-20 20:45:12 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013-08-20 20:45:12 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013-08-20 20:42:06 | 000,000,174 | ---- | C] () -- C:\Fix.reg
[2013-08-19 19:06:53 | 000,627,104 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\Spy++.rar
[2013-08-18 19:57:18 | 000,182,571 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Moje dokumenty\logo dbleague.xcf
[2013-08-18 12:13:36 | 000,346,511 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\dbmw skin (1).rar
[2013-08-17 22:31:26 | 015,575,222 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\Wander of Shinobi.exe
[2013-08-17 13:48:45 | 000,399,360 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\NoxSpr.exe
[2013-08-16 16:23:21 | 000,577,536 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\Tibia Spambot by IgI.exe
[2013-08-14 11:26:13 | 000,001,838 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Tibia MULTI-IP Changer.lnk
[2013-08-13 13:29:38 | 000,000,586 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\PokeXGame.lnk
[2013-08-13 13:29:16 | 000,000,863 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\Dead Island.lnk
[2013-08-13 10:13:22 | 000,000,551 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\BattleField Play4Free.lnk
[2013-08-12 20:13:27 | 000,282,104 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2013-08-12 20:00:16 | 000,139,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2013-08-12 20:00:15 | 000,138,056 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Dane aplikacji\PnkBstrK.sys
[2013-08-12 20:00:01 | 000,282,104 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2013-08-12 20:00:01 | 000,282,104 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.ex0
[2013-08-12 19:59:58 | 000,076,888 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2013-08-12 15:15:31 | 000,055,474 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Moje dokumenty\cc_20130812_151527.reg
[2013-08-12 14:57:39 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\CCleaner.lnk
[2013-08-10 15:51:30 | 000,001,371 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\League of Legends.lnk
[2013-08-09 21:24:43 | 000,011,902 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\WinSCP.ini
[2013-08-09 19:09:21 | 000,000,280 | ---- | C] () -- C:\WINDOWS\tasks\Game_Booster_AutoUpdate.job
[2013-08-09 19:09:07 | 000,000,835 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Switch to Gaming Mode.lnk
[2013-08-09 19:09:07 | 000,000,823 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Game Booster 3.lnk
[2013-08-09 17:30:51 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Dane aplikacji\winscp.rnd
[2013-08-09 16:32:35 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\PUTTY.RND
[2013-08-08 20:43:39 | 000,000,804 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\Counter Strike Source.lnk
[2013-08-08 16:08:22 | 000,000,664 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Steam.lnk
[2013-08-08 16:06:27 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2013-08-07 23:34:00 | 000,000,652 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\zrobic.otbm
[2013-08-07 23:34:00 | 000,000,049 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\zrobic-spawn.xml
[2013-08-07 23:34:00 | 000,000,049 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\zrobic-house.xml
[2013-08-07 14:41:07 | 000,006,574 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\Bez nazwy.xcf
[2013-08-07 14:02:25 | 000,003,126 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\heh.bmp
[2013-08-06 13:18:28 | 000,002,281 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\swirus.bbtheme
[2013-08-06 13:16:25 | 000,002,281 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\worldofdb-actual-20130806.bbtheme
[2013-08-06 12:36:35 | 000,000,613 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Counter-Strike 1.6.lnk
[2013-08-05 13:57:59 | 000,147,983 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\vocations.xml
[2013-08-03 14:09:09 | 000,006,079 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\evorpg-house.xml
[2013-08-03 14:09:09 | 000,000,049 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\evorpg-spawn.xml
[2013-08-03 13:12:14 | 020,926,082 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\evorpg.otbm
[2013-08-03 11:16:26 | 007,723,222 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\WoDB.rar
[2013-08-02 22:35:44 | 000,291,083 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\wodb].png
[2013-08-02 22:30:34 | 000,034,990 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\logo.png
[2013-08-02 12:55:09 | 010,242,002 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\WoDB Beta.exe
[2013-08-02 09:08:31 | 104,438,596 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\b3liar mix vol.8.mp3
[2013-08-01 18:01:40 | 000,498,307 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\pokedestiny.rar
[2013-08-01 10:26:11 | 000,000,728 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\Counter-Strike GROM.lnk
[2013-07-30 18:14:27 | 001,418,239 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Moje dokumenty\mapa poke(1).rar
[2013-07-29 13:09:04 | 000,002,165 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Moje dokumenty\inventory.lua
[2013-07-10 17:55:11 | 000,000,694 | ---- | C] () -- C:\Documents and Settings\SZYMAN\.jscreenfix.licence
[2013-07-01 18:26:20 | 000,008,192 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013-06-27 08:09:17 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSnx.sys.sum
[2013-06-27 08:09:16 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSP.sys.sum
[2013-06-25 13:15:18 | 000,000,067 | ---- | C] () -- C:\Documents and Settings\SZYMAN\.gtk-bookmarks
[2013-06-11 17:42:49 | 000,020,480 | ---- | C] () -- C:\WINDOWS\FixCamera.exe
[2013-06-11 17:42:47 | 000,831,488 | ---- | C] () -- C:\WINDOWS\vsnpstd3.exe
[2013-06-11 17:42:47 | 000,015,498 | ---- | C] () -- C:\WINDOWS\snpstd3.ini
[2013-06-11 17:42:45 | 000,172,032 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd3.dll
[2013-06-11 17:42:45 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll
[2013-06-11 17:42:45 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll
[2013-06-11 17:42:45 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\csnpstd3.dll
[2013-06-09 09:17:32 | 001,867,776 | ---- | C] () -- C:\WINDOWS\System32\python24.dll
[2013-05-20 16:54:47 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2013-05-20 16:53:51 | 000,272,576 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013-05-20 15:52:25 | 001,075,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2013-05-20 15:52:25 | 001,075,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2013-05-20 15:52:25 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2013-05-20 15:52:14 | 002,807,708 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2013-05-20 15:09:19 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2013-05-20 15:09:19 | 000,040,960 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2013-05-20 15:08:00 | 000,024,399 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2013-05-20 15:07:58 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2013-05-20 15:07:53 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2013-05-20 15:04:51 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013-05-20 15:00:23 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
 
========== ZeroAccess Check ==========
 
[2013-05-23 19:06:20 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008-04-14 22:50:48 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2008-04-14 22:50:32 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008-04-14 22:50:58 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2013-08-21 18:54:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software
[2013-08-24 22:14:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG
[2013-08-21 14:00:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG2013
[2013-08-21 13:52:28 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files
[2013-06-20 19:53:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\GG
[2013-08-09 19:09:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\IObit
[2013-05-25 20:49:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Logs
[2013-08-28 08:56:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MFAData
[2013-08-01 18:06:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PMB Files
[2013-08-28 10:43:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2013-08-24 22:12:30 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
[2013-08-28 08:55:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Dane aplikacji\TuneUp Software
[2013-08-01 11:30:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\.minecraft
[2013-08-16 23:17:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\.minecraft_pixelmon.pl
[2013-06-23 18:40:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\.technic
[2013-08-24 22:14:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\AVG
[2013-08-21 14:01:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\AVG2013
[2013-06-01 10:29:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\BlWrO
[2013-06-15 13:08:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\DBV
[2013-06-09 20:59:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\DBzF1
[2013-05-22 20:54:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Dev-Cpp
[2013-06-23 14:19:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\GG
[2013-08-01 18:17:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\LolClient
[2013-06-20 13:59:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\LoS
[2013-08-03 15:43:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Nowe Gadu-Gadu
[2013-08-19 12:40:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Pokeing
[2013-08-16 18:32:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Pokes
[2013-08-20 22:12:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Process Hacker 2
[2013-06-18 17:14:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\pverb
[2013-08-12 13:27:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Remere's Map Editor
[2013-08-01 14:07:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Riot Games
[2013-08-18 11:47:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Sony Online Entertainment
[2013-08-20 17:04:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\sqlitestudio
[2013-05-24 14:50:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\TeamViewer
[2013-08-27 12:54:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Tibia
[2013-08-27 15:25:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\TS3Client
[2013-08-21 13:59:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\TuneUp Software
[2013-08-27 11:53:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\uTorrent
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 231 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:6BE50C2B

< End of report >
[/spoiler]

 

extras

[spoiler]OTL Extras logfile created on: 2013-08-28 10:45:58 - Run 4
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\SZYMAN\Moje dokumenty\Pobieranie
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
3,00 Gb Total Physical Memory | 2,23 Gb Available Physical Memory | 74,51% Memory free
4,85 Gb Paging File | 4,14 Gb Available in Paging File | 85,45% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 78,13 Gb Total Space | 56,74 Gb Free Space | 72,63% Space Free | Partition Type: NTFS
Drive D: | 75,25 Gb Total Space | 51,23 Gb Free Space | 68,08% Space Free | Partition Type: NTFS
 
Computer Name: HOME | User Name: SZYMAN | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
 
[HKEY_USERS\S-1-5-21-2025429265-651377827-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"UacDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"FirewallOverride" = 0
"UpdatesDisableNotify" = 0
"UacDisableNotify" = 0
 
[color=#E56717]========== System Restore Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"56676:TCP" = 56676:TCP:*:Enabled:Pando Media Booster
"56676:UDP" = 56676:UDP:*:Enabled:Pando Media Booster
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"56676:TCP" = 56676:TCP:*:Enabled:Pando Media Booster
"56676:UDP" = 56676:UDP:*:Enabled:Pando Media Booster
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe" = C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare -- (MusicLab, LLC)
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" = C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Documents and Settings\SZYMAN\Pulpit\TFS NOB\TheForgottenServer.exe" = C:\Documents and Settings\SZYMAN\Pulpit\TFS NOB\TheForgottenServer.exe:*:Enabled:The Forgotten Server -- (OtLand.net)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Documents and Settings\SZYMAN\Pulpit\Tibia Counter STrike\[CSTibia] 1.0 by Roksas - CLIENTE + SERVIDOR\TheForgottenServerV8.2 32bit.exe" = C:\Documents and Settings\SZYMAN\Pulpit\Tibia Counter STrike\[CSTibia] 1.0 by Roksas - CLIENTE + SERVIDOR\TheForgottenServerV8.2 32bit.exe:*:Enabled:The Forgotten Server -- (OtLand.net)
"C:\Documents and Settings\SZYMAN\Pulpit\Tibia Counter STrike\[CSTibia] 1.0 by Roksas - CLIENTE + SERVIDOR\TheForgottenServerV8.2 64bit.exe" = C:\Documents and Settings\SZYMAN\Pulpit\Tibia Counter STrike\[CSTibia] 1.0 by Roksas - CLIENTE + SERVIDOR\TheForgottenServerV8.2 64bit.exe:*:Enabled:The Forgotten Server -- (OtLand.net)
"D:\programs\utorrent\uTorrent.exe" = D:\programs\utorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent Inc.)
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe" = C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare -- (MusicLab, LLC)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\Java\jre7\bin\javaw.exe" = C:\Program Files\Java\jre7\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Oracle Corporation)
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"D:\programs\xampplite\apache\bin\httpd.exe" = D:\programs\xampplite\apache\bin\httpd.exe:*:Enabled:Apache HTTP Server -- (Apache Software Foundation)
"D:\programs\xampplite\mysql\bin\mysqld.exe" = D:\programs\xampplite\mysql\bin\mysqld.exe:*:Enabled:The MySQL Server -- (MySQL AB)
"D:\programs\Nowe Gadu-Gadu\gg.exe" = D:\programs\Nowe Gadu-Gadu\gg.exe:*:Enabled:Nowe Gadu-Gadu
"C:\Documents and Settings\SZYMAN\Pulpit\EvoRPG by Zbizu\TheOTXServer.exe" = C:\Documents and Settings\SZYMAN\Pulpit\EvoRPG by Zbizu\TheOTXServer.exe:*:Enabled:TheOTXServer -- ()
"C:\Documents and Settings\All Users\Dane aplikacji\eSafe\eGdpSvc.exe" = C:\Documents and Settings\All Users\Dane aplikacji\eSafe\eGdpSvc.exe:*:Enabled:WsysSvc
"D:\games\Counter Strike Online 1.6\cstrike.exe" = D:\games\Counter Strike Online 1.6\cstrike.exe:*:Enabled:MetaHook Launcher -- ()
"C:\Documents and Settings\SZYMAN\Pulpit\WoDB\TheForgottenServer.exe" = C:\Documents and Settings\SZYMAN\Pulpit\WoDB\TheForgottenServer.exe:*:Enabled:The Forgotten Server -- (OtLand.net)
"C:\Documents and Settings\SZYMAN\Pulpit\DBLW 8.54\TheForgottenServer.exe" = C:\Documents and Settings\SZYMAN\Pulpit\DBLW 8.54\TheForgottenServer.exe:*:Enabled:The Forgotten Server -- (OtLand.net)
"D:\games\Counter Strike Online 1.6\hl.exe" = D:\games\Counter Strike Online 1.6\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
"D:\games\counter strike 1.6 new\hl.exe" = D:\games\counter strike 1.6 new\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
"C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"D:\games\SteamLibrary\SteamApps\common\Dead Island\DeadIslandGame.exe" = D:\games\SteamLibrary\SteamApps\common\Dead Island\DeadIslandGame.exe:*:Enabled:DeadIsland -- (Techland)
"D:\games\Counter-Strike Source\hl2.exe" = D:\games\Counter-Strike Source\hl2.exe:*:Enabled:hl2 -- ()
"C:\WINDOWS\system32\PnkBstrA.exe" = C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA -- ()
"C:\WINDOWS\system32\PnkBstrB.exe" = C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB -- ()
"D:\games\bf play4free\BFP4f.exe" = D:\games\bf play4free\BFP4f.exe:*:Enabled:BFP4f Application -- (Easy)
"C:\Documents and Settings\SZYMAN\Pulpit\Poke by Bolz v3\PDA Edited by Dandanvrb\Silnik\PO Dash World [Advanced] - GUI.exe" = C:\Documents and Settings\SZYMAN\Pulpit\Poke by Bolz v3\PDA Edited by Dandanvrb\Silnik\PO Dash World [Advanced] - GUI.exe:*:Enabled:Pokemon Dash Advanced -- (P.O.D Advanced)
"C:\Documents and Settings\SZYMAN\Pulpit\Poke by Bolz v3\PDA Edited by Bolz v3\Silnik\PO Dash World [Advanced] - GUI.exe" = C:\Documents and Settings\SZYMAN\Pulpit\Poke by Bolz v3\PDA Edited by Bolz v3\Silnik\PO Dash World [Advanced] - GUI.exe:*:Enabled:Pokemon Dash Advanced -- (P.O.D Advanced)
"C:\Program Files\Java\jre7\launch4j-tmp\Pixelmon.exe" = C:\Program Files\Java\jre7\launch4j-tmp\Pixelmon.exe:*:Enabled:Java(TM) Platform SE binary -- (Oracle Corporation)
"D:\games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.177\deploy\LoLLauncher.exe" = D:\games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.177\deploy\LoLLauncher.exe:*:Enabled:ipsec -- ()
"C:\Documents and Settings\SZYMAN\Pulpit\Dragon Ball Mysterious World v1.0.exe" = C:\Documents and Settings\SZYMAN\Pulpit\Dragon Ball Mysterious World v1.0.exe:*:Enabled:ipsec -- (DBMW Team)
"C:\Program Files\IObit\Game Booster 3\AutoUpdate.exe" = C:\Program Files\IObit\Game Booster 3\AutoUpdate.exe:*:Enabled:ipsec -- ()
 
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0ACC2993-2058-4BE7-9A92-9DCDAA9B3412}" = LogMeIn Hamachi
"{0C0FE292-E7D0-4938-AA41-E6E5F72D21BC}" = Remere's Map Editor
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.5
"{5DE67937-45D5-45E4-923C-0B7F7EC929A7}" = League of Legends
"{5FF27D65-35E5-4855-B7ED-59BCFBC85776}" = AVG 2013
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0010-0415-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (Polish) 12
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.27
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.8.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C950420B-4182-49EA-850A-A6A2ABF06C6B}" = Marvell Miniport Driver
"{CBBB226E-2289-4D29-8E5C-1331E7D71ED9}" = AVG 2013
"{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = USB PC Camera-168
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F530C1D7-2F76-497A-934C-2C55F57BBB37}_is1" = Window Title Changer version 1.0
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AQQ" = WapSter AQQ
"AVG" = AVG 2013
"Big Pack 8.4" = Big Pack 8.4
"CCleaner" = CCleaner
"Counter Strike Online 1.6 ver.1.0" = Counter Strike Online 1.6 ver.1.0
"Counter-Strike 1.6" = Counter-Strike 1.6
"CSS FULL DZ [Oct 15 2007]" = CSS FULL DZ [Oct 15 2007] v18.1
"ElfBot NG_is1" = ElfBot NG 4.1.3
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESF" = Earth's Special Forces
"Game Booster_is1" = Game Booster 3
"GIMP-2_is1" = GIMP 2.8.4
"Google Chrome" = Google Chrome
"ie8" = Windows Internet Explorer 8
"League of Legends 3.0.1" = League of Legends
"LogMeIn Hamachi" = LogMeIn Hamachi
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 23.0.1 (x86 pl)" = Mozilla Firefox 23.0.1 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Nowe Gadu-Gadu" = Nowe Gadu-Gadu
"Portal" = Portal
"Process_Hacker2_is1" = Process Hacker 2.31 (r5355)
"PunkBusterSvc" = PunkBuster Services
"ResourceHacker_is1" = Resource Hacker Version 3.6.0
"screenSHU" = screenSHU - the fastest screen capture ever.
"Steam App 91310" = Dead Island
"The KMPlayer" = The KMPlayer (remove only)
"Tibia Auto" = NSIS Example2
"TMIPC" = Tibia MULTI-ip changer
"uTorrent" = µTorrent
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR 4.20 (32-bitowy)
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
 
[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]
 
[HKEY_USERS\S-1-5-21-2025429265-651377827-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{87686C21-8A15-4b4d-A3F1-11141D9BE094}" = Battlefield Play4Free (SZYMAN)
"BearShare" = BearShare
"Cs 1.6 Background Maker v3.0" = Cs 1.6 Background Maker v3.0
"Search Protection" = Search Protection
"TeamSpeak 3 Client" = TeamSpeak 3 Client
 
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 2013-07-29 12:27:42 | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd pokedestiny_by_swirus.exe, wersja 1.2.0.0,
 moduł powodujący błąd msvcrt.dll, wersja 7.0.2600.5512, adres błędu 0x00025b61.
 
Error - 2013-07-29 12:28:29 | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd pokedestiny_by_swirus.exe, wersja 1.2.0.0,
 moduł powodujący błąd pokedestiny_by_swirus.exe, wersja 1.2.0.0, adres błędu 0x0053d42a.
 
Error - 2013-07-30 12:56:33 | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd pokedestiny_by_swirus.exe, wersja 1.2.0.0,
 moduł powodujący błąd libmysql.dll, wersja 0.0.0.0, adres błędu 0x00009f40.
 
Error - 2013-08-01 13:11:10 | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd lollauncher.exe, wersja 0.0.0.0, moduł powodujący
 błąd launcher.maestro.dll, wersja 1.0.0.29, adres błędu 0x000022d6.
 
Error - 2013-08-03 04:14:05 | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd pokedestiny_by_swirus.exe, wersja 1.2.0.0,
 moduł powodujący błąd libmysql.dll, wersja 0.0.0.0, adres błędu 0x00009f40.
 
Error - 2013-08-03 16:46:46 | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd tibiaeditor.exe, wersja 0.0.0.0, moduł powodujący
 błąd tibiaeditor.exe, wersja 0.0.0.0, adres błędu 0x00178300.
 
Error - 2013-08-03 16:47:28 | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd tibiaeditor.exe, wersja 0.0.0.0, moduł powodujący
 błąd tibiaeditor.exe, wersja 0.0.0.0, adres błędu 0x00178300.
 
Error - 2013-08-03 16:49:14 | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd tibiaeditor.exe, wersja 0.0.0.0, moduł powodujący
 błąd tibiaeditor.exe, wersja 0.0.0.0, adres błędu 0x00178300.
 
Error - 2013-08-03 16:49:26 | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd tibiaeditor.exe, wersja 0.0.0.0, moduł powodujący
 błąd tibiaeditor.exe, wersja 0.0.0.0, adres błędu 0x00178300.
 
Error - 2013-08-03 16:52:29 | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd rme.exe, wersja 0.0.0.0, moduł powodujący
 błąd rme.exe, wersja 0.0.0.0, adres błędu 0x002ad468.
 
[ System Events ]
Error - 2013-08-25 04:37:18 | Computer Name = HOME | Source = Service Control Manager | ID = 7034
Description = Usługa LogMeIn Hamachi Tunneling Engine niespodziewanie zakończyła
 pracę. Wystąpiło to razy: 1.
 
Error - 2013-08-25 04:37:35 | Computer Name = HOME | Source = Service Control Manager | ID = 7034
Description = Usługa Java Quick Starter niespodziewanie zakończyła pracę. Wystąpiło
 to razy: 1.
 
Error - 2013-08-26 04:02:49 | Computer Name = HOME | Source = Service Control Manager | ID = 7006
Description = Wywołanie ScRegSetValueExW dla FailureActions nie powiodło się i wystąpił
 następujący błąd:   %%5.
 
Error - 2013-08-26 04:02:49 | Computer Name = HOME | Source = Service Control Manager | ID = 7006
Description = Wywołanie ScRegSetValueExW dla FailureActions nie powiodło się i wystąpił
 następujący błąd:   %%5.
 
Error - 2013-08-27 02:43:23 | Computer Name = HOME | Source = Service Control Manager | ID = 7006
Description = Wywołanie ScRegSetValueExW dla FailureActions nie powiodło się i wystąpił
 następujący błąd:   %%5.
 
Error - 2013-08-27 02:43:23 | Computer Name = HOME | Source = Service Control Manager | ID = 7006
Description = Wywołanie ScRegSetValueExW dla FailureActions nie powiodło się i wystąpił
 następujący błąd:   %%5.
 
Error - 2013-08-27 13:05:41 | Computer Name = HOME | Source = Service Control Manager | ID = 7006
Description = Wywołanie ScRegSetValueExW dla FailureActions nie powiodło się i wystąpił
 następujący błąd:   %%5.
 
Error - 2013-08-27 13:05:41 | Computer Name = HOME | Source = Service Control Manager | ID = 7006
Description = Wywołanie ScRegSetValueExW dla FailureActions nie powiodło się i wystąpił
 następujący błąd:   %%5.
 
Error - 2013-08-28 02:48:43 | Computer Name = HOME | Source = Service Control Manager | ID = 7006
Description = Wywołanie ScRegSetValueExW dla FailureActions nie powiodło się i wystąpił
 następujący błąd:   %%5.
 
Error - 2013-08-28 02:48:43 | Computer Name = HOME | Source = Service Control Manager | ID = 7006
Description = Wywołanie ScRegSetValueExW dla FailureActions nie powiodło się i wystąpił
 następujący błąd:   %%5.
 
 
< End of report >

[/spoiler]

Edytowane przez Swirusek

Udostępnij tego posta


Odnośnik do posta
Udostępnij na stronach

Odinstaluj [b]Search Protection[/b] poprzez aplet Dodaj/usuń programy.

 

Dzisiaj AVG wykrył mi na dysku D wirusa Win32/Sality.dropper

W jakim pliku go wykrył? Podłączałeś jakieś pamięci przenośne do komputera?

Udostępnij tego posta


Odnośnik do posta
Udostępnij na stronach

Nie podlaczalem.

d:/qmaok.exe

 

I poprzedzam pytanie - nie wiem co to za plik i co tam robil, nie odpalalem go avg sam go wykryl-wlaczylem pokazywanie ukrytych folderow i plikow i mi go pokazalo.

 

Search Protection usuniete.

Udostępnij tego posta


Odnośnik do posta
Udostępnij na stronach

To mi wygląda na plik inicjujący całą infekcję, mam coś podobnego w swojej kolekcji próbek. (jeśli chcesz, możesz mi go podesłać na PW przed kasacją, to go sobie zbadam) Jeśli jest sam na dysku, nie robi nic - cała zabawa zaczyna się po uruchomieniu.

 

Wykonaj ten skrypt w OTL:

:Files
D:\qmaok.exe

Pokaż raport.

 

Potem wklej to do OTL:

C:\*.*
D:\*.*

Skanuj, pokaż log.

Udostępnij tego posta


Odnośnik do posta
Udostępnij na stronach

[spoiler]========== FILES ==========
D:\qmaok.exe moved successfully.
 
OTL by OldTimer - Version 3.2.69.0 log created on 09012013_155728
[/spoiler]

 

i

 

[spoiler]OTL logfile created on: 2013-09-01 16:01:17 - Run 5
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\SZYMAN\Moje dokumenty\Pobieranie
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
3,00 Gb Total Physical Memory | 2,01 Gb Available Physical Memory | 66,87% Memory free
4,85 Gb Paging File | 3,90 Gb Available in Paging File | 80,57% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 78,13 Gb Total Space | 56,08 Gb Free Space | 71,79% Space Free | Partition Type: NTFS
Drive D: | 75,25 Gb Total Space | 51,25 Gb Free Space | 68,11% Space Free | Partition Type: NTFS
 
Computer Name: HOME | User Name: SZYMAN | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2013-08-22 20:49:24 | 000,276,376 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013-08-21 06:33:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SZYMAN\Moje dokumenty\Pobieranie\OTL.exe
PRC - [2013-08-20 21:44:03 | 000,831,488 | ---- | M] () -- C:\WINDOWS\vsnpstd3.exe
PRC - [2013-08-20 21:41:11 | 000,020,480 | ---- | M] () -- C:\WINDOWS\FixCamera.exe
PRC - [2013-08-20 21:31:27 | 020,791,627 | ---- | M] (DBMW Team) -- C:\Documents and Settings\SZYMAN\Pulpit\Dragon Ball Mysterious World v1.0.exe
PRC - [2013-07-25 09:43:24 | 008,062,464 | ---- | M] (AQQ Sp. z o.o.) -- D:\programs\WapSter AQQ\AQQ.exe
PRC - [2013-07-23 19:09:28 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\programs\avg\avgwdsvc.exe
PRC - [2013-07-01 01:46:26 | 004,411,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\programs\avg\avgui.exe
PRC - [2013-06-29 13:50:22 | 000,182,184 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013-06-28 14:02:04 | 001,440,080 | ---- | M] (LogMeIn Inc.) -- D:\programs\hamahi\hamachi-2.exe
PRC - [2012-05-15 18:18:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2013-08-28 18:38:09 | 000,022,528 | ---- | M] () -- C:\Documents and Settings\SZYMAN\WapSter\AQQ Folder\Profiles\Swirussss\Plugins\silence.dll
MOD - [2013-08-28 18:33:52 | 000,060,416 | ---- | M] () -- C:\Documents and Settings\SZYMAN\WapSter\AQQ Folder\Profiles\Swirussss\Plugins\SpellChecker.dll
MOD - [2013-08-28 18:33:33 | 002,831,872 | ---- | M] () -- C:\Documents and Settings\SZYMAN\WapSter\AQQ Folder\Profiles\Swirussss\Plugins\offlinePictures.dll
MOD - [2013-08-22 20:49:23 | 003,551,640 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013-08-20 21:44:03 | 000,831,488 | ---- | M] () -- C:\WINDOWS\vsnpstd3.exe
MOD - [2013-08-20 21:41:11 | 000,020,480 | ---- | M] () -- C:\WINDOWS\FixCamera.exe
MOD - [2013-07-10 14:57:34 | 016,166,280 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll
MOD - [2013-06-13 13:30:58 | 004,296,192 | ---- | M] () -- D:\programs\WapSter AQQ\System\Shared\Plugins\GGNet.dll
MOD - [2013-01-29 15:10:14 | 000,025,088 | ---- | M] () -- D:\programs\WapSter AQQ\System\Shared\Plugins\SMS.dll
MOD - [2008-04-14 22:50:38 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - [2013-08-22 20:49:23 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013-07-23 19:09:28 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- D:\programs\avg\avgwdsvc.exe -- (avgwd)
SRV - [2013-07-10 14:57:35 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013-07-04 15:53:10 | 004,939,312 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- D:\programs\avg\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013-06-29 13:50:22 | 000,182,184 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013-06-28 14:02:04 | 001,440,080 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- D:\programs\hamahi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2013-06-03 16:21:54 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-05-15 18:18:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2011-03-16 10:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\fasfasf\catchme.sys -- (catchme)
DRV - [2013-07-20 01:51:00 | 000,246,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avglogx.sys -- (Avglogx)
DRV - [2013-07-20 01:50:56 | 000,208,184 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2013-07-20 01:50:56 | 000,060,216 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2013-07-20 01:50:50 | 000,171,320 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2013-07-10 01:32:40 | 000,039,224 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2013-07-01 01:45:28 | 000,096,568 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2013-03-21 03:08:24 | 000,182,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2013-03-01 10:32:20 | 000,022,328 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2010-11-01 06:08:46 | 000,014,416 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys -- (WinRing0_1_2_0)
DRV - [2009-03-18 18:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2007-04-24 16:28:52 | 010,252,672 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snpstd3.sys -- (SNPSTD3)
DRV - [2005-05-25 18:55:58 | 003,134,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2005-05-06 08:27:00 | 000,232,064 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2004-08-14 04:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=512435"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: battlefieldplay4free%40ea.com:1.0.96.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=512435&p="
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF
 
[2013-05-20 15:21:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Mozilla\Extensions
[2013-08-31 10:26:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Mozilla\Firefox\Profiles\rnx29h1o.default\extensions
[2013-08-31 10:26:20 | 000,000,000 | ---D | M] (syaveNsHaRue a) -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Mozilla\Firefox\Profiles\rnx29h1o.default\extensions\6kkzfvg@b-u.edu
[2013-08-18 18:22:46 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Mozilla\Firefox\Profiles\rnx29h1o.default\extensions\battlefieldplay4free@ea.com
[2013-08-31 10:26:20 | 000,000,000 | ---D | M] (SearchNewTab) -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Mozilla\Firefox\Profiles\rnx29h1o.default\extensions\gxphf@glavrjy.edu
[2013-08-24 22:27:56 | 000,824,302 | ---- | M] () (No name found) -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Mozilla\Firefox\Profiles\rnx29h1o.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013-07-10 15:45:10 | 000,000,915 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Mozilla\Firefox\Profiles\rnx29h1o.default\searchplugins\yahoo.xml
[2013-08-22 20:49:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013-08-22 20:49:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013-08-22 20:49:25 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = https://www.google.com/search?q={searchTerms}&ie=utf-8&oe=utf-8&aq=t&q={searchTerms}&ie=utf-8&oe=utf-8&aq=t&channel=fflb&q={searchTerms}&ie=utf-8&oe=utf-8&aq=t&channel=rcs
CHR - default_search_provider: suggest_url = https://www.google.com/complete/search?q={searchTerms},
CHR - homepage: http://google.pl/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.62\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.62\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.62\pdf.dll
CHR - plugin: Battlefield Play4Free Updater (Enabled) = C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh\1.0.96.0_0\npBP4FUpdater.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U25 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll
CHR - Extension: Dokumenty Google = C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Dysk Google = C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Battlefield Heroes = C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh\5.0.203.0_0\
CHR - Extension: Szukaj w Google = C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Dragon Ball Z Goku = C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\dlddadblackokbbanbihkhhkgdodniee\1_0\
CHR - Extension: AdBlock = C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.6_0\
CHR - Extension: SearchNewTab = C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\hgfaggpmfkckdoneadplinagpkklnigo\1\
CHR - Extension: syaveNsHaRue a = C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\jiallclnnjifoigoaiocimnpdhfmodic\1\
CHR - Extension: Chrome In-App Payments service = C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\
CHR - Extension: Adblock Pro = C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch\2.3_0\
CHR - Extension: Battlefield Play4Free = C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh\1.0.96.0_0\
CHR - Extension: Gmail = C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2013-08-20 22:19:00 | 000,000,025 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\SZYMAN\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)
O4 - HKLM..\Run: [AVG_UI] D:\programs\avg\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKLM..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe ()
O4 - HKLM..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe (SONIX)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Ranges: Range1979 ([http] in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B31B83DC-DA2D-4FC2-AD24-26A4901E7A46}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013-05-20 15:03:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (D:\programs\avg\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2013-08-31 20:30:15 | 023,186,226 | ---- | C] (DBzF GmbH) -- C:\Documents and Settings\SZYMAN\Pulpit\DBzF v1.27.exe
[2013-08-30 22:48:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\OTMapEditor-0.459
[2013-08-30 22:33:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\mapa
[2013-08-30 21:22:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\SearchNewTab
[2013-08-30 21:22:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\syaveNsHaRue a
[2013-08-30 21:21:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\SummerSoft
[2013-08-30 21:21:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\InstallMate
[2013-08-30 20:51:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\wrd
[2013-08-30 17:50:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\wodbo client
[2013-08-30 13:45:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\dbzbi
[2013-08-30 13:32:10 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2013-08-30 13:04:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\LogMeIn Hamachi
[2013-08-29 17:41:24 | 011,520,617 | ---- | C] (CipSoft GmbH) -- C:\Documents and Settings\SZYMAN\Pulpit\DBL.exe
[2013-08-28 18:42:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Qrix
[2013-08-28 12:34:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\wodbowe idf'y
[2013-08-28 08:55:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\AVG
[2013-08-27 21:17:53 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\SZYMAN\PrivacIE
[2013-08-27 19:04:24 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\SZYMAN\IETldCache
[2013-08-27 18:37:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\WapSter
[2013-08-27 18:36:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2013-08-27 18:35:42 | 000,018,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2013-08-27 18:34:40 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2013-08-27 18:31:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Menu Start\Programy\WapSter
[2013-08-27 11:55:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Menu Start\Programy\Portal
[2013-08-24 22:14:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\AVG
[2013-08-24 22:12:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG
[2013-08-24 22:12:30 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Dane aplikacji\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
[2013-08-24 12:36:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\Map
[2013-08-22 20:49:08 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013-08-21 14:01:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\AVG2013
[2013-08-21 13:59:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\TuneUp Software
[2013-08-21 13:59:09 | 000,000,000 | -H-D | C] -- C:\$AVG
[2013-08-21 13:59:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG2013
[2013-08-21 13:52:28 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files
[2013-08-21 13:52:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\MFAData
[2013-08-21 13:52:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\MFAData
[2013-08-21 13:52:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Avg2013
[2013-08-21 07:45:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2013-08-21 07:34:56 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013-08-21 06:36:21 | 000,000,000 | ---D | C] -- C:\_OTL
[2013-08-20 21:58:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Process Hacker 2
[2013-08-20 21:29:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bitdefender
[2013-08-20 20:52:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\Kopia PokeDestiny
[2013-08-20 20:45:12 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013-08-20 20:45:12 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013-08-20 20:45:12 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013-08-20 20:45:12 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013-08-20 20:44:10 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013-08-20 20:43:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\SZYMAN\Menu Start\Programy\Narzędzia administracyjne
[2013-08-20 20:43:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\SZYMAN\Moje dokumenty\Moje wideo
[2013-08-20 20:42:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013-08-19 18:11:42 | 020,791,627 | ---- | C] (DBMW Team) -- C:\Documents and Settings\SZYMAN\Pulpit\Dragon Ball Mysterious World v1.0.exe
[2013-08-19 12:38:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Pokeing
[2013-08-19 12:26:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\Pokemon-Sapphire-Client
[2013-08-18 20:05:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\DBL_1.89.7_test_v1.1
[2013-08-18 11:46:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Sony Online Entertainment
[2013-08-18 11:46:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\SCE
[2013-08-18 11:27:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2013-08-17 12:46:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\APARAT
[2013-08-17 11:58:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\GituSpamerV2
[2013-08-16 18:58:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\.minecraft_pixelmon.pl
[2013-08-16 18:58:09 | 003,422,750 | ---- | C] (Pixelmon.pl Pokemon Serwer) -- C:\Documents and Settings\SZYMAN\Pulpit\Pixelmon.exe
[2013-08-16 18:44:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\PokemonOnline.v.1.6
[2013-08-16 18:26:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Pokes
[2013-08-16 16:20:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\AdvTOR INJECTION
[2013-08-15 16:38:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\DatEditor by Daemon
[2013-08-15 16:37:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\Pokemon Conquest Klient
[2013-08-14 11:26:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Asprate
[2013-08-14 11:26:11 | 000,000,000 | ---D | C] -- C:\Program Files\Asprate
[2013-08-14 11:12:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\Poke by Bolz v3
[2013-08-12 20:03:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\PunkBuster
[2013-08-12 20:01:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Moje dokumenty\Battlefield Play4Free
[2013-08-12 19:59:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Menu Start\Programy\EA Games
[2013-08-12 17:44:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\PokeLife Client
[2013-08-12 14:59:09 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\SZYMAN\Recent
[2013-08-12 14:57:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\CCleaner
[2013-08-12 14:57:35 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013-08-11 11:51:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\poke dodac
[2013-08-10 18:04:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\Help
[2013-08-10 18:04:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Dane aplikacji\Help
[2013-08-10 16:40:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\Tasker
[2013-08-09 23:01:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\OTClient PokeXCath
[2013-08-09 19:09:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Game Booster 3
[2013-08-09 19:09:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\IObit
[2013-08-09 19:08:59 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2013-08-09 17:31:03 | 009,211,736 | ---- | C] (Martin Prikryl) -- C:\Documents and Settings\SZYMAN\Pulpit\WinSCP.exe
[2013-08-09 16:32:27 | 000,495,616 | ---- | C] (Simon Tatham) -- C:\Documents and Settings\SZYMAN\Pulpit\putty.exe
[2013-08-08 16:37:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Moje dokumenty\DeadIsland
[2013-08-08 16:32:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Menu Start\Programy\Steam
[2013-08-08 16:08:53 | 000,000,000 | ---D | C] -- C:\Program Files\dumps
[2013-08-08 16:08:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2013-08-08 16:08:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Steam
[2013-08-08 16:08:14 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2013-08-08 16:06:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2013-08-08 16:06:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2013-08-08 16:05:32 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_7.dll
[2013-08-08 16:05:32 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_5.dll
[2013-08-08 16:05:31 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_43.dll
[2013-08-08 16:05:31 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_7.dll
[2013-08-08 16:05:30 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_43.dll
[2013-08-08 16:05:29 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_43.dll
[2013-08-08 16:05:29 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_43.dll
[2013-08-08 16:05:28 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_43.dll
[2013-08-08 16:05:27 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_6.dll
[2013-08-08 16:05:27 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_6.dll
[2013-08-08 16:05:27 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_4.dll
[2013-08-08 16:05:26 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll
[2013-08-08 16:05:26 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_7.dll
[2013-08-08 16:05:25 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll
[2013-08-08 16:05:25 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll
[2013-08-08 16:05:24 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll
[2013-08-08 16:05:24 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll
[2013-08-08 16:05:23 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll
[2013-08-08 16:05:23 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_42.dll
[2013-08-08 16:05:22 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll
[2013-08-08 16:05:22 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll
[2013-08-08 16:05:21 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll
[2013-08-08 16:05:21 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll
[2013-08-08 16:05:20 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll
[2013-08-08 16:05:20 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll
[2013-08-08 16:05:19 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_40.dll
[2013-08-08 16:05:19 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_40.dll
[2013-08-08 16:05:19 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll
[2013-08-08 16:05:18 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_40.dll
[2013-08-08 16:05:17 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll
[2013-08-08 16:05:17 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll
[2013-08-08 16:05:17 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll
[2013-08-08 16:05:17 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll
[2013-08-08 16:05:16 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll
[2013-08-08 16:05:14 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll
[2013-08-08 16:05:14 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll
[2013-08-08 16:05:13 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll
[2013-08-08 16:05:12 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll
[2013-08-08 16:05:11 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll
[2013-08-08 16:05:11 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll
[2013-08-08 16:05:10 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll
[2013-08-08 16:05:10 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll
[2013-08-08 16:05:09 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll
[2013-08-08 16:05:09 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll
[2013-08-08 16:05:08 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll
[2013-08-08 16:05:08 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll
[2013-08-08 16:05:08 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll
[2013-08-08 16:05:07 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll
[2013-08-08 16:05:06 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll
[2013-08-08 16:05:06 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll
[2013-08-08 16:05:05 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll
[2013-08-08 16:05:05 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll
[2013-08-08 16:05:04 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll
[2013-08-08 16:05:04 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll
[2013-08-08 16:05:03 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll
[2013-08-08 16:05:02 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll
[2013-08-08 16:05:02 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll
[2013-08-08 16:05:02 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll
[2013-08-08 16:05:02 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll
[2013-08-08 16:05:01 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll
[2013-08-08 16:05:01 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_3.dll
[2013-08-08 16:04:59 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll
[2013-08-08 16:04:57 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll
[2013-08-08 16:04:57 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll
[2013-08-08 16:04:54 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll
[2013-08-08 16:04:54 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll
[2013-08-08 16:04:53 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll
[2013-08-08 16:04:53 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll
[2013-08-08 16:04:52 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll
[2013-08-08 16:04:52 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll
[2013-08-08 16:04:52 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll
[2013-08-08 16:04:51 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll
[2013-08-08 16:04:51 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll
[2013-08-08 16:04:51 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll
[2013-08-08 16:04:50 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll
[2013-08-08 16:04:50 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll
[2013-08-08 16:04:41 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll
[2013-08-08 16:04:40 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll
[2013-08-08 16:04:40 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll
[2013-08-08 16:04:39 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll
[2013-08-08 16:04:38 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_28.dll
[2013-08-08 16:04:38 | 000,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll
[2013-08-08 16:04:37 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll
[2013-08-08 16:04:37 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll
[2013-08-08 16:04:36 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_25.dll
[2013-08-08 16:04:35 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll
[2013-08-08 09:07:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Menu Start\Programy\VALVe
[2013-08-07 14:00:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\DBKH 4.0
[2013-08-07 13:58:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\Desktop
[2013-08-06 12:36:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Counter-Strike 1.6
[2013-08-06 12:27:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Menu Start\Programy\Earth's Special Forces
[2013-08-04 13:10:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\Silnik DBKO source (8.0)
[2013-08-03 22:16:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\WoDB
[2013-08-03 21:28:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\dbkos
[2013-08-03 13:52:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\WoDB Beta
[2013-08-02 21:44:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SZYMAN\Pulpit\rybki
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2013-09-01 15:48:27 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\Game_Booster_AutoUpdate.job
[2013-09-01 15:48:26 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013-09-01 15:48:23 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013-08-31 22:48:00 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013-08-31 22:13:00 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013-08-31 21:48:33 | 000,139,424 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2013-08-31 21:48:26 | 000,282,104 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2013-08-31 18:00:51 | 000,282,104 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.ex0
[2013-08-30 23:01:39 | 000,002,827 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\Remere's Map Editor.lnk
[2013-08-30 22:48:49 | 000,447,392 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\OTMapEditor-0.459.zip
[2013-08-30 19:44:59 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2013-08-30 16:20:19 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk
[2013-08-30 13:03:39 | 004,296,704 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\hamachi.msi
[2013-08-29 20:10:10 | 000,016,132 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\recently-used.xbel
[2013-08-29 20:07:48 | 000,029,754 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\zr.bmp
[2013-08-29 17:41:34 | 011,520,617 | ---- | M] (CipSoft GmbH) -- C:\Documents and Settings\SZYMAN\Pulpit\DBL.exe
[2013-08-28 16:04:14 | 000,100,273 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\ass.bmp
[2013-08-28 16:03:33 | 000,921,624 | ---- | M] () -- C:\img2-001.raw
[2013-08-27 18:31:36 | 000,000,373 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\AQQ.lnk
[2013-08-27 12:13:42 | 002,836,589 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\SMS Shop(itemplayer) + show EQ + my skin for nicaw acc v3.rar
[2013-08-27 11:55:08 | 000,000,580 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\Portal.lnk
[2013-08-26 19:18:25 | 000,627,104 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\Spy++ (1).rar
[2013-08-26 10:01:37 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013-08-24 22:34:47 | 000,055,494 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\zacne base.bmp
[2013-08-24 22:26:35 | 000,004,659 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013-08-24 22:26:34 | 000,493,296 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2013-08-24 22:26:34 | 000,435,212 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013-08-24 22:26:34 | 000,085,360 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2013-08-24 22:26:34 | 000,067,590 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013-08-24 20:06:28 | 000,194,046 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\bug.bmp
[2013-08-24 16:15:42 | 000,088,758 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\swiruss.bmp
[2013-08-24 16:13:38 | 000,118,410 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\swirusowy.bmp
[2013-08-24 12:36:27 | 000,035,320 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\Map.rar
[2013-08-22 19:50:45 | 000,807,894 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\dsdas.bmp
[2013-08-21 19:00:39 | 000,138,056 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Dane aplikacji\PnkBstrK.sys
[2013-08-21 15:14:28 | 087,331,537 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\Paczka koncertowa dla Mind Out.rar
[2013-08-20 22:19:00 | 000,000,025 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013-08-20 21:58:38 | 000,000,768 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\Process Hacker 2.lnk
[2013-08-20 21:44:03 | 000,831,488 | ---- | M] () -- C:\WINDOWS\vsnpstd3.exe
[2013-08-20 21:43:57 | 000,262,144 | ---- | M] (SONIX) -- C:\WINDOWS\tsnpstd3.exe
[2013-08-20 21:41:11 | 000,020,480 | ---- | M] () -- C:\WINDOWS\FixCamera.exe
[2013-08-20 21:34:59 | 023,186,226 | ---- | M] (DBzF GmbH) -- C:\Documents and Settings\SZYMAN\Pulpit\DBzF v1.27.exe
[2013-08-20 21:31:27 | 020,791,627 | ---- | M] (DBMW Team) -- C:\Documents and Settings\SZYMAN\Pulpit\Dragon Ball Mysterious World v1.0.exe
[2013-08-20 21:30:42 | 000,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013-08-20 21:30:16 | 019,282,272 | ---- | M] (CipSoft GmbH) -- C:\Documents and Settings\SZYMAN\Pulpit\Bleach Warrior Online.exe
[2013-08-20 21:24:44 | 000,164,134 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\salitykiller.zip
[2013-08-20 20:42:06 | 000,000,174 | ---- | M] () -- C:\Fix.reg
[2013-08-19 19:06:56 | 000,627,104 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\Spy++.rar
[2013-08-19 10:05:43 | 007,723,222 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\WoDB.rar
[2013-08-18 19:57:18 | 000,182,571 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Moje dokumenty\logo dbleague.xcf
[2013-08-18 12:20:21 | 000,000,576 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\hehe.html
[2013-08-18 12:13:37 | 000,346,511 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\dbmw skin (1).rar
[2013-08-17 22:32:23 | 015,575,222 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\Wander of Shinobi.exe
[2013-08-17 13:49:00 | 000,399,360 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\NoxSpr.exe
[2013-08-17 12:49:05 | 000,008,192 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013-08-16 18:58:17 | 003,422,750 | ---- | M] (Pixelmon.pl Pokemon Serwer) -- C:\Documents and Settings\SZYMAN\Pulpit\Pixelmon.exe
[2013-08-16 16:23:27 | 000,577,536 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\Tibia Spambot by IgI.exe
[2013-08-16 15:00:06 | 002,245,479 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\Hacked MUSIC.mp3
[2013-08-16 14:57:21 | 000,001,380 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\index.html
[2013-08-14 11:26:13 | 000,001,838 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Tibia MULTI-IP Changer.lnk
[2013-08-13 14:08:08 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2013-08-13 14:08:07 | 001,075,544 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2013-08-13 14:08:01 | 001,075,544 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2013-08-13 13:29:38 | 000,000,586 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\PokeXGame.lnk
[2013-08-13 13:29:16 | 000,000,863 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\Dead Island.lnk
[2013-08-13 13:28:44 | 000,000,804 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\Counter Strike Source.lnk
[2013-08-13 10:13:22 | 000,000,551 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\BattleField Play4Free.lnk
[2013-08-12 15:15:49 | 000,055,474 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Moje dokumenty\cc_20130812_151527.reg
[2013-08-12 14:57:39 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\CCleaner.lnk
[2013-08-10 11:42:03 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\PUTTY.RND
[2013-08-09 22:20:29 | 029,566,306 | ---- | M] (CipSoft GmbH) -- C:\Documents and Settings\SZYMAN\Pulpit\SoFo.exe
[2013-08-09 22:08:36 | 000,011,902 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\WinSCP.ini
[2013-08-09 22:08:36 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Dane aplikacji\winscp.rnd
[2013-08-09 19:09:07 | 000,000,835 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Switch to Gaming Mode.lnk
[2013-08-09 19:09:07 | 000,000,823 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Game Booster 3.lnk
[2013-08-09 16:32:27 | 000,495,616 | ---- | M] (Simon Tatham) -- C:\Documents and Settings\SZYMAN\Pulpit\putty.exe
[2013-08-08 16:08:22 | 000,000,664 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Steam.lnk
[2013-08-08 16:07:43 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2013-08-08 16:06:27 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2013-08-07 23:34:00 | 000,000,652 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\zrobic.otbm
[2013-08-07 23:34:00 | 000,000,049 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\zrobic-spawn.xml
[2013-08-07 23:34:00 | 000,000,049 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\zrobic-house.xml
[2013-08-07 14:41:07 | 000,006,574 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\Bez nazwy.xcf
[2013-08-07 14:02:25 | 000,003,126 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\heh.bmp
[2013-08-06 13:19:43 | 000,002,281 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\swirus.bbtheme
[2013-08-06 13:17:40 | 000,002,281 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\worldofdb-actual-20130806.bbtheme
[2013-08-06 12:36:35 | 000,000,613 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Counter-Strike 1.6.lnk
[2013-08-05 13:56:41 | 000,147,983 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\vocations.xml
[2013-08-03 14:09:09 | 020,926,082 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\evorpg.otbm
[2013-08-03 14:09:09 | 000,006,079 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\evorpg-house.xml
[2013-08-03 14:09:09 | 000,000,049 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\evorpg-spawn.xml
[2013-08-02 22:35:45 | 000,291,083 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\wodb].png
[2013-08-02 22:30:34 | 000,034,990 | ---- | M] () -- C:\Documents and Settings\SZYMAN\Pulpit\logo.png
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013-08-30 23:01:39 | 000,002,827 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\Remere's Map Editor.lnk
[2013-08-30 22:48:49 | 000,447,392 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\OTMapEditor-0.459.zip
[2013-08-30 13:03:32 | 004,296,704 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\hamachi.msi
[2013-08-29 20:10:10 | 000,016,132 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\recently-used.xbel
[2013-08-29 20:07:48 | 000,029,754 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\zr.bmp
[2013-08-28 16:04:14 | 000,100,273 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\ass.bmp
[2013-08-28 16:03:33 | 000,921,624 | ---- | C] () -- C:\img2-001.raw
[2013-08-27 18:31:36 | 000,000,373 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\AQQ.lnk
[2013-08-27 11:55:08 | 000,000,580 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\Portal.lnk
[2013-08-26 19:18:25 | 000,627,104 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\Spy++ (1).rar
[2013-08-24 22:26:29 | 000,004,659 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2013-08-24 20:06:28 | 000,194,046 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\bug.bmp
[2013-08-24 16:15:42 | 000,088,758 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\swiruss.bmp
[2013-08-24 16:09:28 | 000,118,410 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\swirusowy.bmp
[2013-08-24 12:36:27 | 000,035,320 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\Map.rar
[2013-08-23 15:31:40 | 000,055,494 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\zacne base.bmp
[2013-08-22 19:50:45 | 000,807,894 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\dsdas.bmp
[2013-08-21 15:11:21 | 087,331,537 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\Paczka koncertowa dla Mind Out.rar
[2013-08-20 21:58:38 | 000,000,768 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\Process Hacker 2.lnk
[2013-08-20 21:24:43 | 000,164,134 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\salitykiller.zip
[2013-08-20 20:45:12 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013-08-20 20:45:12 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013-08-20 20:45:12 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013-08-20 20:45:12 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013-08-20 20:45:12 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013-08-20 20:42:06 | 000,000,174 | ---- | C] () -- C:\Fix.reg
[2013-08-19 19:06:53 | 000,627,104 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\Spy++.rar
[2013-08-18 19:57:18 | 000,182,571 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Moje dokumenty\logo dbleague.xcf
[2013-08-18 12:13:36 | 000,346,511 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\dbmw skin (1).rar
[2013-08-17 22:31:26 | 015,575,222 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\Wander of Shinobi.exe
[2013-08-17 13:48:45 | 000,399,360 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\NoxSpr.exe
[2013-08-16 16:23:21 | 000,577,536 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\Tibia Spambot by IgI.exe
[2013-08-14 11:26:13 | 000,001,838 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Tibia MULTI-IP Changer.lnk
[2013-08-13 13:29:38 | 000,000,586 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\PokeXGame.lnk
[2013-08-13 13:29:16 | 000,000,863 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\Dead Island.lnk
[2013-08-13 10:13:22 | 000,000,551 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\BattleField Play4Free.lnk
[2013-08-12 20:13:27 | 000,282,104 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2013-08-12 20:00:16 | 000,139,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2013-08-12 20:00:15 | 000,138,056 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Dane aplikacji\PnkBstrK.sys
[2013-08-12 20:00:01 | 000,282,104 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2013-08-12 20:00:01 | 000,282,104 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.ex0
[2013-08-12 19:59:58 | 000,076,888 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2013-08-12 15:15:31 | 000,055,474 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Moje dokumenty\cc_20130812_151527.reg
[2013-08-12 14:57:39 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\CCleaner.lnk
[2013-08-10 15:51:30 | 000,001,371 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\League of Legends.lnk
[2013-08-09 21:24:43 | 000,011,902 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\WinSCP.ini
[2013-08-09 19:09:21 | 000,000,280 | ---- | C] () -- C:\WINDOWS\tasks\Game_Booster_AutoUpdate.job
[2013-08-09 19:09:07 | 000,000,835 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Switch to Gaming Mode.lnk
[2013-08-09 19:09:07 | 000,000,823 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Game Booster 3.lnk
[2013-08-09 17:30:51 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Dane aplikacji\winscp.rnd
[2013-08-09 16:32:35 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\PUTTY.RND
[2013-08-08 20:43:39 | 000,000,804 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\Counter Strike Source.lnk
[2013-08-08 16:08:22 | 000,000,664 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Steam.lnk
[2013-08-08 16:06:27 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2013-08-07 23:34:00 | 000,000,652 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\zrobic.otbm
[2013-08-07 23:34:00 | 000,000,049 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\zrobic-spawn.xml
[2013-08-07 23:34:00 | 000,000,049 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\zrobic-house.xml
[2013-08-07 14:41:07 | 000,006,574 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\Bez nazwy.xcf
[2013-08-07 14:02:25 | 000,003,126 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\heh.bmp
[2013-08-06 13:18:28 | 000,002,281 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\swirus.bbtheme
[2013-08-06 13:16:25 | 000,002,281 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\worldofdb-actual-20130806.bbtheme
[2013-08-06 12:36:35 | 000,000,613 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Counter-Strike 1.6.lnk
[2013-08-05 13:57:59 | 000,147,983 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\vocations.xml
[2013-08-03 14:09:09 | 000,006,079 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\evorpg-house.xml
[2013-08-03 14:09:09 | 000,000,049 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\evorpg-spawn.xml
[2013-08-03 13:12:14 | 020,926,082 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\evorpg.otbm
[2013-08-03 11:16:26 | 007,723,222 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\WoDB.rar
[2013-08-02 22:35:44 | 000,291,083 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\wodb].png
[2013-08-02 22:30:34 | 000,034,990 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Pulpit\logo.png
[2013-07-10 17:55:11 | 000,000,694 | ---- | C] () -- C:\Documents and Settings\SZYMAN\.jscreenfix.licence
[2013-07-01 18:26:20 | 000,008,192 | ---- | C] () -- C:\Documents and Settings\SZYMAN\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013-06-27 08:09:17 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSnx.sys.sum
[2013-06-27 08:09:16 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSP.sys.sum
[2013-06-25 13:15:18 | 000,000,067 | ---- | C] () -- C:\Documents and Settings\SZYMAN\.gtk-bookmarks
[2013-06-11 17:42:49 | 000,020,480 | ---- | C] () -- C:\WINDOWS\FixCamera.exe
[2013-06-11 17:42:47 | 000,831,488 | ---- | C] () -- C:\WINDOWS\vsnpstd3.exe
[2013-06-11 17:42:47 | 000,015,498 | ---- | C] () -- C:\WINDOWS\snpstd3.ini
[2013-06-11 17:42:45 | 000,172,032 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd3.dll
[2013-06-11 17:42:45 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll
[2013-06-11 17:42:45 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll
[2013-06-11 17:42:45 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\csnpstd3.dll
[2013-06-09 09:17:32 | 001,867,776 | ---- | C] () -- C:\WINDOWS\System32\python24.dll
[2013-05-20 16:54:47 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2013-05-20 16:53:51 | 000,272,576 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013-05-20 15:52:25 | 001,075,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2013-05-20 15:52:25 | 001,075,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2013-05-20 15:52:25 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2013-05-20 15:52:14 | 002,807,708 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2013-05-20 15:09:19 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2013-05-20 15:09:19 | 000,040,960 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2013-05-20 15:08:00 | 000,024,399 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2013-05-20 15:07:58 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2013-05-20 15:07:53 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2013-05-20 15:04:51 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013-05-20 15:00:23 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2013-05-23 19:06:20 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008-04-14 22:50:48 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2008-04-14 22:50:32 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008-04-14 22:50:58 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[color=#E56717]========== Custom Scans ==========[/color]
 
[color=#A23BEC]< C:\*.* >[/color]
[2013-05-20 15:03:04 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2013-08-30 19:44:59 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2001-07-21 22:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2013-08-20 21:03:04 | 000,018,149 | ---- | M] () -- C:\ComboFix.txt
[2013-05-20 15:03:04 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2013-08-20 20:41:56 | 000,000,000 | ---- | M] () -- C:\das.txt
[2013-08-20 20:42:06 | 000,000,174 | ---- | M] () -- C:\Fix.reg
[2013-08-28 16:03:33 | 000,921,624 | ---- | M] () -- C:\img2-001.raw
[2013-05-20 15:03:04 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2013-05-20 15:03:04 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004-08-03 22:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2013-05-25 20:10:36 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2013-09-01 15:48:18 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2013-08-20 21:28:09 | 000,055,096 | ---- | M] () -- C:\Report 2013-08-20 21.25.18.txt
 
[color=#A23BEC]< D:\*.* >[/color]
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 242 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:6BE50C2B

< End of report >
[/spoiler]

Udostępnij tego posta


Odnośnik do posta
Udostępnij na stronach

Żeby dodać komentarz, musisz założyć konto lub zalogować się

Tylko zarejestrowani użytkownicy mogą dodawać komentarze

Dodaj konto

Załóż nowe konto. To bardzo proste!


Zarejestruj nowe konto

Zaloguj się

Posiadasz już konto? Zaloguj się tutaj.


Zaloguj się teraz

  • Przeglądający   0 użytkowników

    Brak zarejestrowanych użytkowników, przeglądających tę stronę.