young7 utworzono 20 grudnia 2009 utworzono 20 grudnia 2009 Avast ciągle pokazuje mi taki komunikat: http://img705.imageshack.us/i/61433714.png/ a gdy robię skana także avastem to pojawia się coś takiego: http://img705.imageshack.us/i/27797974.png/ i http://img695.imageshack.us/i/96109492.png/ . Prosze o jak najszybsza pomoc. [log]OTL logfile created on: 2009-12-20 22:25:34 - Run 2 OTL by OldTimer - Version 3.1.19.0 Folder = C:\Documents and Settings\Rogalski\Moje dokumenty Windows XP Home Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 75,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 89,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 298,08 Gb Total Space | 277,38 Gb Free Space | 93,06% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: ROGALSKI-3EAC94 Current User Name: Rogalski Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: On Skip Microsoft Files: On File Age = 30 Days Output = Standard [color=#E56717]========== Processes (All) ==========[/color] PRC - [2009-12-20 00:34:34 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Rogalski\Moje dokumenty\OTL.exe PRC - [2009-12-02 15:26:07 | 00,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2009-11-25 00:51:40 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe PRC - [2009-11-25 00:51:35 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe PRC - [2009-11-25 00:51:21 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe PRC - [2009-11-25 00:48:48 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe PRC - [2009-11-25 00:43:56 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe PRC - [2009-08-06 19:24:06 | 00,053,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe PRC - [2009-02-09 11:10:45 | 00,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2007-07-23 03:34:17 | 00,155,716 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe PRC - [2007-06-26 14:58:14 | 02,165,272 | ---- | M] (Palit Microsystems, Inc.) -- C:\Program Files\VDOTool\TBPANEL.exe PRC - [2007-06-01 10:21:30 | 01,209,904 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe PRC - [2007-06-01 10:21:30 | 00,271,920 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe PRC - [2007-06-01 10:21:08 | 00,153,136 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe PRC - [2007-04-12 10:33:10 | 16,132,608 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe PRC - [2006-09-08 15:33:46 | 00,282,624 | ---- | M] (Portrait Displays, Inc) -- C:\Program Files\Portrait Displays\forteManager\dthtml.exe PRC - [2006-09-08 15:32:12 | 00,061,440 | ---- | M] () -- C:\Program Files\Portrait Displays\forteManager\DTSRVC.exe PRC - [2006-03-03 21:03:10 | 00,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe PRC - [2006-03-02 13:00:00 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2006-03-02 13:00:00 | 00,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2006-03-02 13:00:00 | 00,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2006-03-02 13:00:00 | 00,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2006-03-02 13:00:00 | 00,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe PRC - [2006-03-02 13:00:00 | 00,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wpabaln.exe PRC - [2006-03-02 13:00:00 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe PRC - [2006-03-02 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2006-03-02 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2006-03-02 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2006-03-02 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2006-03-02 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2006-03-02 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC] PRC - [2006-03-02 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2006-03-02 13:00:00 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2006-03-02 13:00:00 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2006-02-19 02:41:10 | 00,049,152 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe PRC - [2005-01-28 13:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe PRC - [2004-08-04 00:55:54 | 01,667,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2009-12-20 00:34:34 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Rogalski\Moje dokumenty\OTL.exe MOD - [2009-09-25 06:58:06 | 00,473,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2009-06-25 09:48:08 | 00,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2009-04-15 16:18:19 | 00,584,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2009-03-21 15:21:24 | 01,014,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2009-02-09 11:22:08 | 00,686,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2009-02-09 11:22:06 | 00,722,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2008-10-23 14:01:37 | 00,283,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-07-03 14:16:27 | 08,483,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2006-03-02 13:00:00 | 01,281,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2006-03-02 13:00:00 | 01,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll MOD - [2006-03-02 13:00:00 | 00,996,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2006-03-02 13:00:00 | 00,729,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll MOD - [2006-03-02 13:00:00 | 00,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2006-03-02 13:00:00 | 00,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2006-03-02 13:00:00 | 00,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2006-03-02 13:00:00 | 00,294,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll MOD - [2006-03-02 13:00:00 | 00,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2006-03-02 13:00:00 | 00,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2006-03-02 13:00:00 | 00,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2006-03-02 13:00:00 | 00,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2006-03-02 13:00:00 | 00,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2006-03-02 13:00:00 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2006-03-02 13:00:00 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2009-11-25 00:51:35 | 00,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus) SRV - [2009-11-25 00:51:21 | 00,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner) SRV - [2009-11-25 00:48:48 | 00,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner) SRV - [2009-11-25 00:43:56 | 00,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv) SRV - [2008-11-04 01:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2007-07-23 03:34:17 | 00,155,716 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc) SRV - [2007-06-01 10:21:30 | 00,271,920 | ---- | M] (Nero AG) [On_Demand | Running] -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService) SRV - [2007-04-13 21:09:56 | 00,792,112 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService) SRV - [2006-10-26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose) SRV - [2006-09-08 15:32:12 | 00,061,440 | ---- | M] () [Auto | Running] -- C:\Program Files\Portrait Displays\forteManager\DTSRVC.exe -- (DTSRVC) SRV - [2006-03-03 21:03:10 | 00,069,632 | ---- | M] (HP) [Unknown | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2009-12-16 16:59:04 | 00,014,656 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv) DRV - [2009-11-25 00:50:59 | 00,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2) DRV - [2009-11-25 00:50:12 | 00,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP) DRV - [2009-11-25 00:50:00 | 00,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2009-11-25 00:49:07 | 00,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi) DRV - [2009-11-25 00:48:57 | 00,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr) DRV - [2009-11-25 00:47:54 | 00,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2007-07-23 03:34:17 | 06,807,328 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2007-07-23 03:34:17 | 00,141,246 | ---- | M] (NVIDIA Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\NVCAP.SYS -- (nvcap) nVidia WDM Video Capture (universal) DRV - [2007-07-23 03:34:17 | 00,016,176 | ---- | M] (NVIDIA Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\NVXBAR.SYS -- (NVXBAR) DRV - [2007-04-23 11:12:28 | 04,402,176 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2007-03-16 10:11:38 | 00,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\TBPanel.sys -- (TBPanel) DRV - [2007-03-16 10:11:38 | 00,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TBPanel.sys -- (Cardex) DRV - [2006-09-08 15:34:34 | 00,011,776 | ---- | M] (Portrait Displays, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pdiddcci.sys -- (pdiddcci) DRV - [2006-09-08 15:31:28 | 00,008,960 | ---- | M] (Portrait Displays, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PdiPorts.sys -- (PdiPorts) DRV - [2006-08-14 06:09:48 | 00,083,200 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp) DRV - [2006-04-13 01:04:39 | 00,049,664 | R--- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HPZid412.sys -- (HPZid412) DRV - [2006-04-13 01:04:39 | 00,021,568 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12) DRV - [2006-04-13 01:04:39 | 00,016,496 | R--- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12) DRV - [2006-03-02 13:00:00 | 00,027,440 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv) DRV - [2006-03-02 13:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink) DRV - [2005-01-07 17:07:18 | 00,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "http://www.google.pl/" FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-12-16 17:41:24 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-12-17 22:55:03 | 00,000,000 | ---D | M] [2009-12-16 17:41:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rogalski\Dane aplikacji\Mozilla\Extensions [2009-12-19 07:55:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rogalski\Dane aplikacji\Mozilla\Firefox\Profiles\h1i9hwik.default\extensions [2009-12-20 18:33:18 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2009-12-02 09:23:35 | 00,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2009-12-02 09:23:35 | 00,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2009-12-02 09:23:35 | 00,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2009-12-02 09:23:35 | 00,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2009-12-02 09:23:35 | 00,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2009-12-02 09:23:35 | 00,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: (742 bytes) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll (Sun Microsystems, Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software) O4 - HKLM..\Run: [DT Task] C:\Program Files\Portrait Displays\forteManager\DTHtml.exe (Portrait Displays, Inc) O4 - HKLM..\Run: [Gainward] C:\Program Files\VDOTool\TBPanel.exe (Palit Microsystems, Inc.) O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Development Company, L.P.) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.) O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01) O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 82.139.8.7 88.156.63.9 88.156.96.61 O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-12-16 17:06:28 | 00,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - comfile [open] -- "%1" %* O35 - exefile [open] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - C:\WINDOWS\system32\ias [2009-12-16 17:32:21 | 00,000,000 | ---D | M] NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation) NetSvcs: WmdmPmSp - File not found [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2009-12-20 18:46:55 | 00,098,304 | ---- | C] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll [2009-12-20 17:01:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rogalski\Pulpit\Tomek [2009-12-20 16:25:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rogalski\Moje dokumenty\Nowy folder [2009-12-20 12:52:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rogalski\Moje dokumenty\fulham.vs.manu.19.12.09.dvbrip.xvid.pl.allgoals.pl.ksych [2009-12-20 00:34:42 | 00,000,000 | ---D | C] -- C:\_OTL [2009-12-20 00:34:31 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Rogalski\Moje dokumenty\OTL.exe [2009-12-19 23:59:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\Minidump [2009-12-19 23:41:34 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Rogalski\Recent [2009-12-19 23:40:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\pss [2009-12-19 23:38:03 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner [2009-12-19 23:36:41 | 03,326,576 | ---- | C] (Piriform Ltd) -- C:\Documents and Settings\Rogalski\Moje dokumenty\ccsetup_2.26.1050(dobreprogramy.pl).exe [2009-12-19 23:15:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rogalski\Dane aplikacji\Malwarebytes [2009-12-19 23:15:47 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2009-12-19 23:15:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes [2009-12-19 23:15:45 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2009-12-19 23:15:45 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2009-12-19 23:14:53 | 04,844,296 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Rogalski\Moje dokumenty\mbam-setup_1.42(dobreprogramy.pl).exe [2009-12-19 21:07:23 | 00,000,000 | ---D | C] -- C:\WINDOWS\Sun [2009-12-19 01:16:01 | 00,000,000 | ---D | C] -- C:\Program Files\Video mp3 Extractor [2009-12-19 01:15:52 | 00,964,447 | ---- | C] (GeoVid ) -- C:\Documents and Settings\Rogalski\Moje dokumenty\video-mp3-extractor.exe [2009-12-19 01:14:25 | 00,000,000 | ---D | C] -- C:\Program Files\GeoVid [2009-12-19 01:14:10 | 01,498,396 | ---- | C] (GeoVid ) -- C:\Documents and Settings\Rogalski\Moje dokumenty\video-mp3-extractor-pro.exe [2009-12-19 01:05:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rogalski\Dane aplikacji\Thinstall [2009-12-19 00:59:23 | 02,260,992 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\NCTVideoCompress.dll [2009-12-19 00:59:23 | 00,139,264 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\NCTVideoFile.dll [2009-12-19 00:59:23 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\RMBin [2009-12-19 00:59:22 | 02,564,096 | ---- | C] (Online Media Technologies Ltd.) -- C:\WINDOWS\System32\NCTAudioCompress3.dll [2009-12-19 00:59:22 | 01,986,560 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\NCTAudioFile2.dll [2009-12-19 00:59:22 | 01,810,432 | ---- | C] (Online Media Technologies Ltd.) -- C:\WINDOWS\System32\NCTAudioCompress2.dll [2009-12-19 00:59:22 | 01,245,184 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\NCTRMFile.dll [2009-12-19 00:59:22 | 00,991,232 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\NCTVideoCoreM.dll [2009-12-19 00:59:22 | 00,294,912 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\NCTAVIFile.dll [2009-12-19 00:59:22 | 00,282,624 | ---- | C] (Online Media Technologies Company Ltd.) -- C:\WINDOWS\System32\NCTQuickTimeFile.dll [2009-12-19 00:59:22 | 00,196,608 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\NCTWMVFile.dll [2009-12-19 00:59:22 | 00,106,496 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\NCTVideoCoreU.dll [2009-12-19 00:59:20 | 00,000,000 | ---D | C] -- C:\Program Files\AliveMedia [2009-12-19 00:58:13 | 11,696,466 | ---- | C] (AliveMedia, Inc. ) -- C:\Documents and Settings\Rogalski\Moje dokumenty\alive-video-converter.exe [2009-12-19 00:54:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rogalski\Shared [2009-12-19 00:54:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rogalski\Incomplete [2009-12-19 00:53:30 | 00,000,000 | ---D | C] -- C:\Program Files\Java [2009-12-19 00:53:29 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2009-12-19 00:53:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rogalski\Dane aplikacji\Sun [2009-12-19 00:52:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rogalski\Dane aplikacji\MP3Rocket [2009-12-19 00:52:04 | 00,000,000 | ---D | C] -- C:\Program Files\MP3 Rocket [2009-12-19 00:33:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rogalski\Moje dokumenty\2009.12.12_liga_plus_www.sport_video.pl_ [2009-12-18 16:41:58 | 00,000,000 | ---D | C] -- C:\Program Files\Rockstar Games [2009-12-17 22:55:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rogalski\Ustawienia lokalne\Dane aplikacji\Adobe [2009-12-17 22:54:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Adobe [2009-12-17 22:54:53 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2009-12-17 22:54:53 | 00,000,000 | ---D | C] -- C:\Program Files\Adobe [2009-12-17 22:50:07 | 27,386,280 | ---- | C] ( ) -- C:\Documents and Settings\Rogalski\Moje dokumenty\AdbeRdr920_en_US.exe [2009-12-17 20:47:55 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Works [2009-12-17 20:47:45 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2009-12-17 20:44:03 | 00,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW [2009-12-17 20:43:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rogalski\Ustawienia lokalne\Dane aplikacji\Microsoft Help [2009-12-17 20:43:50 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2009-12-17 20:43:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help [2009-12-17 20:43:18 | 00,000,000 | RH-D | C] -- C:\MSOCache [2009-12-17 15:05:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles [2009-12-17 15:05:19 | 00,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0 [2009-12-17 14:06:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot_bak [2009-12-17 13:34:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rogalski\Dane aplikacji\DisplayTune [2009-12-16 23:01:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall [2009-12-16 22:11:39 | 00,000,000 | ---D | C] -- C:\Program Files\SopCast [2009-12-16 20:56:18 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Lingea Shared [2009-12-16 20:53:11 | 00,000,000 | ---D | C] -- C:\Program Files\Oxford [2009-12-16 19:27:06 | 00,048,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2009-12-16 19:27:06 | 00,027,408 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys [2009-12-16 19:27:06 | 00,023,120 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2009-12-16 19:27:05 | 00,114,768 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2009-12-16 19:27:05 | 00,097,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr [2009-12-16 19:27:05 | 00,094,160 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys [2009-12-16 19:27:05 | 00,093,424 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys [2009-12-16 19:27:05 | 00,020,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2009-12-16 19:26:52 | 01,280,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe [2009-12-16 19:26:50 | 00,000,000 | ---D | C] -- C:\Program Files\Alwil Software [2009-12-16 18:22:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rogalski\Dane aplikacji\GRETECH [2009-12-16 18:22:16 | 00,000,000 | ---D | C] -- C:\Program Files\GRETECH [2009-12-16 18:17:51 | 06,147,544 | ---- | C] (Gretech Corp.) -- C:\Documents and Settings\Rogalski\Pulpit\GOMPLAYERENSETUP.EXE [2009-12-16 18:01:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rogalski\Pulpit\Rafał [2009-12-16 17:59:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rogalski\Dane aplikacji\WinRAR [2009-12-16 17:58:40 | 00,000,000 | ---D | C] -- C:\Program Files\WinRAR [2009-12-16 17:52:16 | 00,000,000 | -HSD | C] -- C:\RECYCLER [2009-12-16 17:51:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rogalski\Moje dokumenty\Pobieranie [2009-12-16 17:41:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rogalski\Ustawienia lokalne\Dane aplikacji\Mozilla [2009-12-16 17:41:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rogalski\Dane aplikacji\Mozilla [2009-12-16 17:41:18 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2009-12-16 17:39:43 | 00,000,000 | -HSD | C] -- C:\WINDOWS\Installer [2009-12-16 17:39:42 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC [2009-12-16 17:39:40 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines [2009-12-16 17:39:39 | 00,000,000 | R--D | C] -- C:\Program Files [2009-12-16 17:39:39 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared [2009-12-16 17:39:39 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files [2009-12-16 17:39:20 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start [2009-12-16 17:39:20 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty [2009-12-16 17:39:20 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Szablony [2009-12-16 17:39:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Ulubione [2009-12-16 17:39:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Pulpit [2009-12-16 17:37:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2 [2009-12-16 17:37:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot [2009-12-16 17:37:27 | 00,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft [2009-12-16 17:37:27 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji [2009-12-16 17:37:10 | 00,000,000 | -HSD | C] -- C:\System Volume Information [2009-12-16 17:37:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings [2009-12-16 17:34:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rogalski\Dane aplikacji\HP [2009-12-16 17:34:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\HP [2009-12-16 17:33:32 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\HP [2009-12-16 17:32:34 | 00,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard [2009-12-16 17:32:20 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Hewlett-Packard [2009-12-16 17:31:33 | 00,000,000 | R-SD | C] -- C:\WINDOWS\Fonts [2009-12-16 17:31:33 | 00,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache [2009-12-16 17:31:33 | 00,000,000 | R--D | C] -- C:\WINDOWS\Web [2009-12-16 17:31:33 | 00,000,000 | -H-D | C] -- C:\WINDOWS\inf [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\WinSxS [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\wins [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\twain_32 [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\Temp [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\system32 [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\system [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\spool [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\security [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\Resources [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\repair [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ras [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\Provisioning [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\PeerNet [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\pchealth [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\npp [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\mui [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\mui [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\msapps [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\msagent [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\Media [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\java [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\IME [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\ime [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ias [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\Help [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\export [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\Debug [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\Cursors [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\config [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\Config [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\AppPatch [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\addins [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\3076 [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\2052 [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1054 [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1045 [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1042 [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1041 [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1037 [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1033 [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1031 [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1028 [2009-12-16 17:31:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1025 [2009-12-16 17:29:20 | 00,000,000 | ---D | C] -- C:\Program Files\HP [2009-12-16 17:27:52 | 00,000,000 | -H-D | C] -- C:\Config.Msi [2009-12-16 17:23:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rogalski\Dane aplikacji\Adobe [2009-12-16 17:23:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rogalski\Dane aplikacji\Macromedia [2009-12-16 17:23:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rogalski\Ustawienia lokalne\Dane aplikacji\cache [2009-12-16 17:21:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rogalski\Dane aplikacji\Gadu-Gadu 10 [2009-12-16 17:21:38 | 00,000,000 | ---D | C] -- C:\Program Files\Gadu-Gadu 10 [2009-12-16 17:17:21 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Rogalski\UserData [2009-12-16 17:16:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rogalski\Ustawienia lokalne\Dane aplikacji\Identities [2009-12-16 17:16:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rogalski\Ustawienia lokalne\Dane aplikacji\Ahead [2009-12-16 17:13:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rogalski\Dane aplikacji\Ahead [2009-12-16 17:13:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Ahead [2009-12-16 17:11:15 | 00,000,000 | ---D | C] -- C:\Program Files\Nero [2009-12-16 17:11:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Nero [2009-12-16 17:11:15 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Ahead [2009-12-16 17:08:08 | 00,011,776 | ---- | C] (Portrait Displays, Inc.) -- C:\WINDOWS\System32\drivers\pdiddcci.sys [2009-12-16 17:08:05 | 00,008,960 | ---- | C] (Portrait Displays, Inc.) -- C:\WINDOWS\System32\drivers\PdiPorts.sys [2009-12-16 17:07:54 | 00,000,000 | ---D | C] -- C:\Program Files\Portrait Displays [2009-12-16 17:06:28 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Rogalski\Moje dokumenty\Moje wideo [2009-12-16 17:06:09 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\muvee Technologies [2009-12-16 17:06:07 | 00,000,000 | ---D | C] -- C:\Program Files\muvee Technologies [2009-12-16 17:05:56 | 00,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages [2009-12-16 17:05:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\muvee Technologies [2009-12-16 17:05:21 | 00,029,696 | ---- | C] (Nvidia) -- C:\WINDOWS\System32\FILTER.AX [2009-12-16 17:02:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\nview [2009-12-16 17:01:03 | 00,000,000 | ---D | C] -- C:\Program Files\VDOTool [2009-12-16 17:00:27 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution [2009-12-16 16:59:29 | 00,083,200 | R--- | C] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\drivers\Rtenicxp.sys [2009-12-16 16:59:21 | 00,000,000 | ---D | C] -- C:\WINDOWS\OPTIONS [2009-12-16 16:59:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rogalski\Dane aplikacji\InstallShield [2009-12-16 16:59:05 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Lang [2009-12-16 16:57:38 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\RTCOM [2009-12-16 16:57:09 | 02,808,832 | R--- | C] (RealTek Semicoductor Corp.) -- C:\WINDOWS\alcwzrd.exe [2009-12-16 16:57:09 | 00,000,000 | ---D | C] -- C:\Program Files\Realtek [2009-12-16 16:57:08 | 00,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information [2009-12-16 16:57:03 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield [2009-12-16 16:55:15 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups [2009-12-16 16:55:14 | 00,000,000 | ---D | C] -- C:\Program Files\Intel [2009-12-16 16:54:26 | 00,014,656 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\WINDOWS\gdrv.sys [2009-12-16 16:52:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rogalski\Dane aplikacji\Identities [2009-12-16 16:52:52 | 00,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information [2009-12-16 16:52:50 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Rogalski\Moje dokumenty\Moje obrazy [2009-12-16 16:52:50 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Rogalski\Moje dokumenty\Moja muzyka [2009-12-16 16:52:37 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Rogalski\Dane aplikacji\Microsoft [2009-12-16 16:52:37 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Rogalski\Cookies [2009-12-16 16:52:37 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Rogalski\SendTo [2009-12-16 16:52:37 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Rogalski\Ulubione [2009-12-16 16:52:37 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Rogalski\Moje dokumenty [2009-12-16 16:52:37 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Rogalski\Menu Start [2009-12-16 16:52:37 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Rogalski\Ustawienia lokalne [2009-12-16 16:52:37 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Rogalski\Szablony [2009-12-16 16:52:37 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Rogalski\PrintHood [2009-12-16 16:52:37 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Rogalski\NetHood [2009-12-16 16:52:37 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Rogalski\Dane aplikacji [2009-12-16 16:52:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rogalski\Pulpit [2009-12-16 16:52:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rogalski\Ustawienia lokalne\Dane aplikacji\Microsoft [2009-12-16 16:51:58 | 00,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution [2009-12-16 16:51:57 | 00,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft [2009-12-16 16:51:57 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch [2009-12-16 16:51:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft [2009-12-16 16:51:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft [2009-12-16 16:49:59 | 00,080,384 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll [2009-12-16 16:49:59 | 00,080,384 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll [2009-12-16 16:49:59 | 00,026,624 | ---- | C] (RICOH Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll [2009-12-16 16:49:31 | 00,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll [2009-12-16 16:49:31 | 00,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll [2009-12-16 16:49:31 | 00,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll [2009-12-16 16:49:25 | 00,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys [2009-12-16 16:49:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom [2009-12-16 16:49:13 | 00,000,000 | ---D | C] -- C:\Program Files\xerox [2009-12-16 16:49:13 | 00,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage [2009-12-16 16:49:04 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$ [2009-12-16 16:48:54 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft [2009-12-16 16:48:54 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft [2009-12-16 16:48:23 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM [2009-12-16 16:48:18 | 00,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files [2009-12-16 16:48:18 | 00,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages [2009-12-16 16:48:12 | 00,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate [2009-12-16 16:48:10 | 00,000,000 | ---D | C] -- C:\Program Files\Usługi online [2009-12-16 16:48:00 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX [2009-12-16 16:47:39 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Services [2009-12-16 16:47:37 | 00,000,000 | --SD | C] -- C:\WINDOWS\Tasks [2009-12-16 16:47:37 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap [2009-12-16 16:47:34 | 00,000,000 | ---D | C] -- C:\WINDOWS\srchasst [2009-12-16 16:47:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed [2009-12-16 16:47:28 | 00,000,000 | ---D | C] -- C:\Program Files\Movie Maker [2009-12-16 16:47:22 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore [2009-12-16 16:47:19 | 00,000,000 | ---D | C] -- C:\Program Files\NetMeeting [2009-12-16 16:47:17 | 00,000,000 | ---D | C] -- C:\Program Files\Outlook Express [2009-12-16 16:47:13 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\System [2009-12-16 16:47:12 | 00,000,000 | ---D | C] -- C:\Program Files\Internet Explorer [2009-12-16 16:47:11 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje obrazy [2009-12-16 16:47:04 | 00,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications [2009-12-16 16:47:00 | 00,000,000 | ---D | C] -- C:\WINDOWS\Registration [2009-12-16 16:46:42 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moja muzyka [2009-12-16 16:46:41 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Media Player [2009-12-16 16:46:39 | 00,000,000 | ---D | C] -- C:\Program Files\Messenger [2009-12-16 16:46:36 | 00,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone [2009-12-16 16:46:19 | 00,283,136 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe [2009-12-16 16:46:18 | 00,000,000 | ---D | C] -- C:\Program Files\Windows NT [2009-12-16 16:46:16 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc [2009-12-16 16:46:15 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Com [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2009-12-20 22:26:49 | 00,734,208 | ---- | M] () -- C:\WINDOWS\System32\drivers\hdyqaim.sys [2009-12-20 22:25:03 | 00,000,558 | ---- | M] () -- C:\WINDOWS\DFC.INI [2009-12-20 22:20:15 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2009-12-20 22:20:11 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2009-12-20 19:57:27 | 01,310,720 | -H-- | M] () -- C:\Documents and Settings\Rogalski\NTUSER.DAT [2009-12-20 19:24:59 | 20,480,0000 | ---- | M] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\MOTD_19.12.part3.rar [2009-12-20 19:16:50 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2009-12-20 19:16:49 | 00,008,192 | ---- | M] () -- C:\Documents and Settings\Rogalski\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-12-20 19:01:00 | 00,000,240 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job [2009-12-20 18:46:55 | 00,098,304 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll [2009-12-20 18:46:08 | 20,480,0000 | ---- | M] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\MOTD_19.12.part2.rar [2009-12-20 18:07:03 | 96,530,583 | ---- | M] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\Fulham.vs.ManU.19.12.09.DVBRip.XviD.PL.AllGoals.pl.ksych.part7.rar [2009-12-20 17:51:57 | 20,480,0000 | ---- | M] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\MOTD_19.12.part1.rar [2009-12-20 16:51:55 | 00,000,965 | ---- | M] () -- C:\Documents and Settings\Rogalski\Pulpit\Oxford Wordpower - polskie wydanie.lnk [2009-12-20 14:12:27 | 10,485,7600 | ---- | M] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\fulham.vs.manu.19.12.09.dvbrip.xvid.pl.allgoals.pl.ksych.part6.rar [2009-12-20 13:53:16 | 10,485,7600 | ---- | M] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\fulham.vs.manu.19.12.09.dvbrip.xvid.pl.allgoals.pl.ksych.part5.rar [2009-12-20 13:37:41 | 10,485,7600 | ---- | M] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\fulham.vs.manu.19.12.09.dvbrip.xvid.pl.allgoals.pl.ksych.part4.rar [2009-12-20 13:22:49 | 10,485,7600 | ---- | M] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\fulham.vs.manu.19.12.09.dvbrip.xvid.pl.allgoals.pl.ksych.part3.rar [2009-12-20 13:02:05 | 10,485,7600 | ---- | M] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\fulham.vs.manu.19.12.09.dvbrip.xvid.pl.allgoals.pl.ksych.part2.rar [2009-12-20 12:46:15 | 10,485,7600 | ---- | M] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\fulham.vs.manu.19.12.09.dvbrip.xvid.pl.allgoals.pl.ksych.part1.rar [2009-12-20 12:04:17 | 03,932,214 | ---- | M] () -- C:\Documents and Settings\Rogalski\Pulpit\2.bmp [2009-12-20 12:03:53 | 03,932,214 | ---- | M] () -- C:\Documents and Settings\Rogalski\Pulpit\1.bmp [2009-12-20 11:56:42 | 03,932,214 | ---- | M] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\3.bmp [2009-12-20 09:52:16 | 00,001,408 | ---- | M] () -- C:\Documents and Settings\Rogalski\Pulpit\downloader_rs_1.0.7.nast [2009-12-20 00:34:34 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Rogalski\Moje dokumenty\OTL.exe [2009-12-19 23:59:23 | 00,156,360 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2009-12-19 23:49:33 | 00,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2009-12-19 23:36:54 | 03,326,576 | ---- | M] (Piriform Ltd) -- C:\Documents and Settings\Rogalski\Moje dokumenty\ccsetup_2.26.1050(dobreprogramy.pl).exe [2009-12-19 23:15:49 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2009-12-19 23:15:11 | 04,844,296 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Rogalski\Moje dokumenty\mbam-setup_1.42(dobreprogramy.pl).exe [2009-12-19 22:55:36 | 72,567,5164 | ---- | M] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\Fulham.vs.ManU.19.12.09.DVBRip.XviD.PL.AllGoals.pl.ksych.avi [2009-12-19 22:42:17 | 05,339,008 | -H-- | M] () -- C:\Documents and Settings\Rogalski\Ustawienia lokalne\Dane aplikacji\IconCache.db [2009-12-19 22:22:17 | 07,200,130 | ---- | M] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\Gregor Schlierenzauer_II seria.avi [2009-12-19 22:21:06 | 09,001,522 | ---- | M] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\Simon%20Amman_II%20seria.avi [2009-12-19 22:14:04 | 08,432,250 | ---- | M] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\Amman_I seria.avi [2009-12-19 22:13:51 | 09,822,412 | ---- | M] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\Schlierenzauer_I seria.avi [2009-12-19 21:28:59 | 00,293,376 | ---- | M] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\zlrtzr9f.exe [2009-12-19 21:21:57 | 00,868,323 | ---- | M] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\sreng2.zip [2009-12-19 21:07:27 | 00,000,004 | ---- | M] () -- C:\Documents and Settings\Rogalski\Dane aplikacji\avdrn.dat [2009-12-19 15:38:48 | 10,485,7600 | ---- | M] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\2009.12.12_liga_plus_www.sport_video.pl_.part06.rar [2009-12-19 14:23:51 | 10,485,7600 | ---- | M] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\13.12.2009Bundesliga-Podsumowanie_16Kolejki_www.sport-video.pl.part2.rar [2009-12-19 13:01:42 | 10,485,7600 | ---- | M] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\13.12.2009Bundesliga-Podsumowanie_16Kolejki_www.sport-video.pl.part1.rar [2009-12-19 01:16:02 | 00,000,690 | ---- | M] () -- C:\Documents and Settings\Rogalski\Pulpit\Video mp3 Extractor.lnk [2009-12-19 01:15:53 | 00,964,447 | ---- | M] (GeoVid ) -- C:\Documents and Settings\Rogalski\Moje dokumenty\video-mp3-extractor.exe [2009-12-19 01:14:12 | 01,498,396 | ---- | M] (GeoVid ) -- C:\Documents and Settings\Rogalski\Moje dokumenty\video-mp3-extractor-pro.exe [2009-12-19 01:05:23 | 05,342,694 | ---- | M] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\Portable_AVI_To_MP3_Converter_1.00.rar [2009-12-19 00:59:32 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx [2009-12-19 00:59:07 | 11,696,466 | ---- | M] (AliveMedia, Inc. ) -- C:\Documents and Settings\Rogalski\Moje dokumenty\alive-video-converter.exe [2009-12-19 00:53:10 | 13,801,120 | ---- | M] () -- C:\Documents and Settings\Rogalski\Pulpit\jre-6u1-windows-i586-p-s.exe [2009-12-19 00:51:25 | 07,096,048 | ---- | M] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\mp3rocket535.exe [2009-12-19 00:42:33 | 10,485,7600 | ---- | M] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\2009.12.12_liga_plus_www.sport_video.pl_.part02.rar [2009-12-19 00:33:23 | 10,485,7600 | ---- | M] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\2009.12.12_Liga_plus__www.sport-video.pl_.part05.rar [2009-12-19 00:21:40 | 91,169,125 | ---- | M] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\2009.12.15_SarieA__www.sport-video.pl_.part3.rar [2009-12-18 23:42:14 | 10,485,7600 | ---- | M] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\2009.12.15_SarieA__www.sport-video.pl_.part2.rar [2009-12-18 23:16:22 | 10,485,7600 | ---- | M] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\2009.12.15_SarieA__www.sport-video.pl_.part1.rar [2009-12-18 23:01:21 | 10,000,0000 | ---- | M] () -- C:\sfgfhe.part10.rar [2009-12-18 22:45:53 | 41,297,805 | ---- | M] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\magazyn_La_Liga_14kol__2009.12.15_www.sport-video.pl.part3.rar [2009-12-18 22:37:22 | 10,000,0000 | ---- | M] () -- C:\sfgfhe.part09.rar [2009-12-18 22:14:33 | 10,000,0000 | ---- | M] () -- C:\sfgfhe.part08.rar [2009-12-18 21:58:04 | 10,000,0000 | ---- | M] () -- C:\sfgfhe.part07.rar [2009-12-18 21:43:51 | 10,000,0000 | ---- | M] () -- C:\sfgfhe.part06.rar [2009-12-18 21:23:19 | 10,000,0000 | ---- | M] () -- C:\sfgfhe.part05.rar [2009-12-18 21:05:14 | 10,000,0000 | ---- | M] () -- C:\sfgfhe.part04.rar [2009-12-18 20:50:47 | 10,000,0000 | ---- | M] () -- C:\sfgfhe.part03.rar [2009-12-18 20:36:11 | 10,000,0000 | ---- | M] () -- C:\sfgfhe.part02.rar [2009-12-18 20:21:15 | 10,000,0000 | ---- | M] () -- C:\sfgfhe.part01.rar [2009-12-18 20:19:37 | 01,040,384 | ---- | M] () -- C:\Documents and Settings\Rogalski\Pulpit\downloader_rs_1.0.7.exe [2009-12-18 19:05:17 | 00,763,990 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2009-12-18 19:05:17 | 00,355,830 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2009-12-18 19:05:17 | 00,311,740 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2009-12-18 19:05:17 | 00,049,712 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2009-12-18 19:05:17 | 00,040,128 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2009-12-18 18:17:31 | 10,043,1872 | ---- | M] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\magazyn_La_Liga_14kol__2009.12.15_www.sport-video.pl.part2.rar [2009-12-18 17:05:44 | 10,043,1872 | ---- | M] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\magazyn_La_Liga_14kol__2009.12.15_www.sport-video.pl.part1.rar [2009-12-17 22:55:03 | 00,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk [2009-12-17 22:54:22 | 27,386,280 | ---- | M] ( ) -- C:\Documents and Settings\Rogalski\Moje dokumenty\AdbeRdr920_en_US.exe [2009-12-17 22:49:19 | 00,204,240 | ---- | M] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\arkusz_chemia_poziom_p_rok_2003_979_MODEL.pdf [2009-12-17 20:27:04 | 10,485,7600 | ---- | M] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\2009.12.12_Liga_plus__www.sport-video.pl_.part04.rar [2009-12-17 18:03:39 | 10,485,7600 | ---- | M] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\2009.12.12_Liga_plus__www.sport-video.pl_.part03.rar [2009-12-17 13:34:22 | 00,127,254 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2009-12-16 22:11:39 | 00,000,666 | ---- | M] () -- C:\Documents and Settings\Rogalski\Pulpit\SopCast.lnk [2009-12-16 22:10:06 | 05,419,576 | ---- | M] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\SopCast-3.2.4.zip [2009-12-16 21:02:22 | 10,485,7600 | ---- | M] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\2009.12.12_Liga_plus__www.sport-video.pl_.part02.rar [2009-12-16 19:57:23 | 10,485,7600 | ---- | M] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\2009.12.12_liga_plus_www.sport_video.pl_.part01.rar [2009-12-16 19:27:06 | 00,001,709 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\avast! Antivirus.lnk [2009-12-16 19:27:05 | 00,002,645 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2009-12-16 19:24:34 | 41,387,464 | ---- | M] () -- C:\Documents and Settings\Rogalski\Pulpit\setuppol.exe [2009-12-16 18:21:36 | 06,147,544 | ---- | M] (Gretech Corp.) -- C:\Documents and Settings\Rogalski\Pulpit\GOMPLAYERENSETUP.EXE [2009-12-16 17:41:24 | 00,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat [2009-12-16 17:41:19 | 00,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [2009-12-16 17:41:06 | 00,000,300 | ---- | M] () -- C:\WINDOWS\tasks\WebReg psc C3100 series.job [2009-12-16 17:41:01 | 00,119,767 | ---- | M] () -- C:\WINDOWS\hpoins11.dat [2009-12-16 17:39:38 | 00,000,231 | ---- | M] () -- C:\WINDOWS\system.ini [2009-12-16 17:34:32 | 00,000,532 | ---- | M] () -- C:\WINDOWS\win.ini [2009-12-16 17:33:01 | 00,000,862 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Centrum obsługi HP.lnk [2009-12-16 17:26:39 | 00,017,024 | ---- | M] () -- C:\Documents and Settings\Rogalski\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2009-12-16 17:21:43 | 00,000,674 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk [2009-12-16 17:16:13 | 00,002,385 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nero StartSmart Essentials.lnk [2009-12-16 17:16:13 | 00,002,305 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nero Home Essentials SE.lnk [2009-12-16 17:16:13 | 00,001,901 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Uaktualnienie online pakietu Nero.lnk [2009-12-16 17:06:28 | 00,000,050 | ---- | M] () -- C:\AUTOEXEC.BAT [2009-12-16 17:06:21 | 00,000,759 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\muvee aP3.5MX.lnk [2009-12-16 16:59:06 | 00,940,794 | ---- | M] () -- C:\WINDOWS\System32\LoopyMusic.wav [2009-12-16 16:59:06 | 00,146,650 | ---- | M] () -- C:\WINDOWS\System32\BuzzingBee.wav [2009-12-16 16:59:04 | 00,014,656 | ---- | M] (Windows (R) Codename Longhorn DDK provider) -- C:\WINDOWS\gdrv.sys [2009-12-16 16:57:58 | 00,000,188 | -HS- | M] () -- C:\Documents and Settings\Rogalski\ntuser.ini [2009-12-16 16:51:07 | 00,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD [2009-12-16 16:50:13 | 00,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf [2009-12-16 16:48:56 | 00,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2009-12-16 16:48:56 | 00,000,000 | RHS- | M] () -- C:\IO.SYS [2009-12-16 16:48:56 | 00,000,000 | ---- | M] () -- C:\WINDOWS\control.ini [2009-12-16 16:48:56 | 00,000,000 | ---- | M] () -- C:\CONFIG.SYS [2009-12-16 16:48:53 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb [2009-12-16 16:48:53 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb [2009-12-16 16:48:47 | 00,004,293 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI [2009-12-16 16:48:18 | 00,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest [2009-12-16 16:48:18 | 00,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest [2009-12-16 16:48:15 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest [2009-12-16 16:48:15 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest [2009-12-16 16:48:15 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest [2009-12-16 16:48:15 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest [2009-12-16 16:48:15 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest [2009-12-16 16:48:15 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest [2009-12-16 16:47:10 | 00,021,856 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat [2009-12-16 16:47:03 | 00,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini [2009-12-16 16:47:03 | 00,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini [2009-12-16 16:45:34 | 00,000,211 | -HS- | M] () -- C:\boot.ini [2009-12-15 23:53:48 | 24,216,1150 | ---- | M] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\magazyn La Liga 14kol 2009.12.15 www.sport-video.pl.avi [2009-12-15 20:52:11 | 30,088,3968 | ---- | M] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\2009.12.15 SarieA [www.sport-video.pl].avi [2009-12-13 10:35:10 | 52,422,2464 | ---- | M] () -- C:\Documents and Settings\Rogalski\Pulpit\2009.12.12 Liga plus [www.sport-video.pl].avi [2009-12-03 16:14:06 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2009-12-03 16:13:56 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2009-11-25 00:54:29 | 01,280,480 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe [2009-11-25 00:51:09 | 00,093,424 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys [2009-11-25 00:50:59 | 00,094,160 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys [2009-11-25 00:50:12 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2009-11-25 00:50:00 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2009-11-25 00:49:07 | 00,048,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2009-11-25 00:48:57 | 00,023,120 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2009-11-25 00:47:54 | 00,027,408 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys [2009-11-25 00:47:28 | 00,097,480 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr [color=#E56717]========== Files Created - No Company Name ==========[/color] [2009-12-20 19:15:55 | 72,567,5164 | ---- | C] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\Fulham.vs.ManU.19.12.09.DVBRip.XviD.PL.AllGoals.pl.ksych.avi [2009-12-20 18:56:40 | 20,480,0000 | ---- | C] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\MOTD_19.12.part3.rar [2009-12-20 18:13:38 | 20,480,0000 | ---- | C] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\MOTD_19.12.part2.rar [2009-12-20 17:50:52 | 96,530,583 | ---- | C] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\Fulham.vs.ManU.19.12.09.DVBRip.XviD.PL.AllGoals.pl.ksych.part7.rar [2009-12-20 17:22:19 | 20,480,0000 | ---- | C] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\MOTD_19.12.part1.rar [2009-12-20 16:51:55 | 00,000,965 | ---- | C] () -- C:\Documents and Settings\Rogalski\Pulpit\Oxford Wordpower - polskie wydanie.lnk [2009-12-20 13:54:12 | 10,485,7600 | ---- | C] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\fulham.vs.manu.19.12.09.dvbrip.xvid.pl.allgoals.pl.ksych.part6.rar [2009-12-20 13:38:28 | 10,485,7600 | ---- | C] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\fulham.vs.manu.19.12.09.dvbrip.xvid.pl.allgoals.pl.ksych.part5.rar [2009-12-20 13:23:04 | 10,485,7600 | ---- | C] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\fulham.vs.manu.19.12.09.dvbrip.xvid.pl.allgoals.pl.ksych.part4.rar [2009-12-20 13:08:25 | 10,485,7600 | ---- | C] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\fulham.vs.manu.19.12.09.dvbrip.xvid.pl.allgoals.pl.ksych.part3.rar [2009-12-20 12:47:11 | 10,485,7600 | ---- | C] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\fulham.vs.manu.19.12.09.dvbrip.xvid.pl.allgoals.pl.ksych.part2.rar [2009-12-20 12:31:04 | 10,485,7600 | ---- | C] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\fulham.vs.manu.19.12.09.dvbrip.xvid.pl.allgoals.pl.ksych.part1.rar [2009-12-20 11:56:41 | 03,932,214 | ---- | C] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\3.bmp [2009-12-19 23:31:31 | 03,932,214 | ---- | C] () -- C:\Documents and Settings\Rogalski\Pulpit\2.bmp [2009-12-19 23:31:12 | 03,932,214 | ---- | C] () -- C:\Documents and Settings\Rogalski\Pulpit\1.bmp [2009-12-19 23:15:49 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2009-12-19 22:21:17 | 07,200,130 | ---- | C] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\Gregor Schlierenzauer_II seria.avi [2009-12-19 22:18:47 | 09,001,522 | ---- | C] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\Simon%20Amman_II%20seria.avi [2009-12-19 22:11:38 | 08,432,250 | ---- | C] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\Amman_I seria.avi [2009-12-19 22:11:01 | 09,822,412 | ---- | C] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\Schlierenzauer_I seria.avi [2009-12-19 21:28:58 | 00,293,376 | ---- | C] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\zlrtzr9f.exe [2009-12-19 21:21:27 | 00,868,323 | ---- | C] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\sreng2.zip [2009-12-19 21:07:55 | 00,734,208 | ---- | C] () -- C:\WINDOWS\System32\drivers\hdyqaim.sys [2009-12-19 21:07:30 | 00,000,016 | ---- | C] () -- C:\Documents and Settings\NetworkService\Dane aplikacji\fvgqad.dat [2009-12-19 21:07:27 | 00,000,004 | ---- | C] () -- C:\Documents and Settings\Rogalski\Dane aplikacji\avdrn.dat [2009-12-19 15:20:47 | 10,485,7600 | ---- | C] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\2009.12.12_liga_plus_www.sport_video.pl_.part06.rar [2009-12-19 13:28:15 | 10,485,7600 | ---- | C] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\13.12.2009Bundesliga-Podsumowanie_16Kolejki_www.sport-video.pl.part2.rar [2009-12-19 12:15:46 | 10,485,7600 | ---- | C] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\13.12.2009Bundesliga-Podsumowanie_16Kolejki_www.sport-video.pl.part1.rar [2009-12-19 12:12:05 | 30,088,3968 | ---- | C] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\2009.12.15 SarieA [www.sport-video.pl].avi [2009-12-19 01:16:02 | 00,000,690 | ---- | C] () -- C:\Documents and Settings\Rogalski\Pulpit\Video mp3 Extractor.lnk [2009-12-19 01:07:22 | 52,422,2464 | ---- | C] () -- C:\Documents and Settings\Rogalski\Pulpit\2009.12.12 Liga plus [www.sport-video.pl].avi [2009-12-19 01:04:34 | 05,342,694 | ---- | C] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\Portable_AVI_To_MP3_Converter_1.00.rar [2009-12-19 00:59:21 | 00,126,464 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll [2009-12-19 00:52:11 | 13,801,120 | ---- | C] () -- C:\Documents and Settings\Rogalski\Pulpit\jre-6u1-windows-i586-p-s.exe [2009-12-19 00:52:01 | 00,000,240 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job [2009-12-19 00:50:57 | 07,096,048 | ---- | C] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\mp3rocket535.exe [2009-12-19 00:35:16 | 10,485,7600 | ---- | C] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\2009.12.12_liga_plus_www.sport_video.pl_.part02.rar [2009-12-18 23:59:21 | 10,485,7600 | ---- | C] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\2009.12.12_Liga_plus__www.sport-video.pl_.part05.rar [2009-12-18 23:51:57 | 91,169,125 | ---- | C] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\2009.12.15_SarieA__www.sport-video.pl_.part3.rar [2009-12-18 23:21:31 | 10,485,7600 | ---- | C] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\2009.12.15_SarieA__www.sport-video.pl_.part2.rar [2009-12-18 23:01:21 | 10,000,0000 | ---- | C] () -- C:\sfgfhe.part10.rar [2009-12-18 22:49:24 | 24,216,1150 | ---- | C] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\magazyn La Liga 14kol 2009.12.15 www.sport-video.pl.avi [2009-12-18 22:37:22 | 10,000,0000 | ---- | C] () -- C:\sfgfhe.part09.rar [2009-12-18 22:33:21 | 10,485,7600 | ---- | C] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\2009.12.15_SarieA__www.sport-video.pl_.part1.rar [2009-12-18 22:19:48 | 41,297,805 | ---- | C] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\magazyn_La_Liga_14kol__2009.12.15_www.sport-video.pl.part3.rar [2009-12-18 22:14:33 | 10,000,0000 | ---- | C] () -- C:\sfgfhe.part08.rar [2009-12-18 21:58:04 | 10,000,0000 | ---- | C] () -- C:\sfgfhe.part07.rar [2009-12-18 21:43:51 | 10,000,0000 | ---- | C] () -- C:\sfgfhe.part06.rar [2009-12-18 21:23:19 | 10,000,0000 | ---- | C] () -- C:\sfgfhe.part05.rar [2009-12-18 21:05:14 | 10,000,0000 | ---- | C] () -- C:\sfgfhe.part04.rar [2009-12-18 20:50:47 | 10,000,0000 | ---- | C] () -- C:\sfgfhe.part03.rar [2009-12-18 20:36:11 | 10,000,0000 | ---- | C] () -- C:\sfgfhe.part02.rar [2009-12-18 20:21:15 | 10,000,0000 | ---- | C] () -- C:\sfgfhe.part01.rar [2009-12-18 20:20:48 | 00,001,408 | ---- | C] () -- C:\Documents and Settings\Rogalski\Pulpit\downloader_rs_1.0.7.nast [2009-12-18 20:19:33 | 01,040,384 | ---- | C] () -- C:\Documents and Settings\Rogalski\Pulpit\downloader_rs_1.0.7.exe [2009-12-18 17:53:36 | 10,043,1872 | ---- | C] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\magazyn_La_Liga_14kol__2009.12.15_www.sport-video.pl.part2.rar [2009-12-18 16:45:12 | 10,043,1872 | ---- | C] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\magazyn_La_Liga_14kol__2009.12.15_www.sport-video.pl.part1.rar [2009-12-17 22:55:03 | 00,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk [2009-12-17 22:49:19 | 00,204,240 | ---- | C] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\arkusz_chemia_poziom_p_rok_2003_979_MODEL.pdf [2009-12-17 19:33:25 | 10,485,7600 | ---- | C] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\2009.12.12_Liga_plus__www.sport-video.pl_.part04.rar [2009-12-17 13:35:00 | 00,000,558 | ---- | C] () -- C:\WINDOWS\DFC.INI [2009-12-16 22:11:39 | 00,000,666 | ---- | C] () -- C:\Documents and Settings\Rogalski\Pulpit\SopCast.lnk [2009-12-16 22:09:09 | 05,419,576 | ---- | C] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\SopCast-3.2.4.zip [2009-12-16 22:03:28 | 10,485,7600 | ---- | C] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\2009.12.12_Liga_plus__www.sport-video.pl_.part03.rar [2009-12-16 20:03:06 | 10,485,7600 | ---- | C] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\2009.12.12_Liga_plus__www.sport-video.pl_.part02.rar [2009-12-16 19:27:06 | 00,001,709 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\avast! Antivirus.lnk [2009-12-16 19:26:52 | 00,380,928 | ---- | C] () -- C:\WINDOWS\System32\actskin4.ocx [2009-12-16 19:19:35 | 10,485,7600 | ---- | C] () -- C:\Documents and Settings\Rogalski\Moje dokumenty\2009.12.12_liga_plus_www.sport_video.pl_.part01.rar [2009-12-16 19:13:40 | 41,387,464 | ---- | C] () -- C:\Documents and Settings\Rogalski\Pulpit\setuppol.exe [2009-12-16 18:22:48 | 00,008,192 | ---- | C] () -- C:\Documents and Settings\Rogalski\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-12-16 18:22:48 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009-12-16 17:41:24 | 00,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2009-12-16 17:41:19 | 00,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [2009-12-16 17:41:06 | 00,000,300 | ---- | C] () -- C:\WINDOWS\tasks\WebReg psc C3100 series.job [2009-12-16 17:39:41 | 01,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd [2009-12-16 17:39:41 | 00,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa [2009-12-16 17:39:41 | 00,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf [2009-12-16 17:39:40 | 00,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa [2009-12-16 17:39:38 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28603.nls [2009-12-16 17:39:38 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls [2009-12-16 17:39:37 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_857.nls [2009-12-16 17:39:37 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls [2009-12-16 17:39:37 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28599.nls [2009-12-16 17:39:37 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls [2009-12-16 17:39:37 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10081.nls [2009-12-16 17:39:37 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls [2009-12-16 17:39:35 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28595.nls [2009-12-16 17:39:35 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS [2009-12-16 17:39:35 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10017.nls [2009-12-16 17:39:35 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls [2009-12-16 17:39:35 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10007.nls [2009-12-16 17:39:35 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls [2009-12-16 17:39:34 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_869.nls [2009-12-16 17:39:34 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls [2009-12-16 17:39:34 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_737.nls [2009-12-16 17:39:34 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls [2009-12-16 17:39:34 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_875.nls [2009-12-16 17:39:34 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls [2009-12-16 17:39:34 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28597.nls [2009-12-16 17:39:34 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS [2009-12-16 17:39:34 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10006.nls [2009-12-16 17:39:34 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls [2009-12-16 17:39:33 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_866.nls [2009-12-16 17:39:33 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls [2009-12-16 17:39:33 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_855.nls [2009-12-16 17:39:33 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls [2009-12-16 17:39:33 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28594.nls [2009-12-16 17:39:33 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS [2009-12-16 17:39:32 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20127.nls [2009-12-16 17:39:32 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls [2009-12-16 17:39:31 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10082.nls [2009-12-16 17:39:31 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls [2009-12-16 17:39:31 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10029.nls [2009-12-16 17:39:31 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls [2009-12-16 17:39:31 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10010.nls [2009-12-16 17:39:31 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls [2009-12-16 17:39:28 | 00,001,734 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT [2009-12-16 17:37:41 | 01,896,400 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT [2009-12-16 17:37:41 | 01,014,483 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT [2009-12-16 17:37:41 | 00,808,524 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT [2009-12-16 17:37:41 | 00,525,346 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT [2009-12-16 17:37:41 | 00,399,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT [2009-12-16 17:37:41 | 00,168,806 | ---- | C] () -- C:\WINDOWS\System32\dllcache\startoc.cat [2009-12-16 17:37:41 | 00,037,509 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT [2009-12-16 17:37:41 | 00,030,983 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT [2009-12-16 17:37:41 | 00,014,043 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT [2009-12-16 17:37:41 | 00,013,497 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT [2009-12-16 17:37:41 | 00,009,581 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT [2009-12-16 17:37:41 | 00,008,599 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT [2009-12-16 17:37:41 | 00,007,407 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT [2009-12-16 17:37:41 | 00,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat [2009-12-16 17:37:41 | 00,007,245 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT [2009-12-16 17:37:10 | 00,156,360 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2009-12-16 17:36:06 | 00,000,211 | -HS- | C] () -- C:\boot.ini [2009-12-16 17:36:04 | 00,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf [2009-12-16 17:33:01 | 00,000,862 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Centrum obsługi HP.lnk [2009-12-16 17:30:57 | 00,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll [2009-12-16 17:26:45 | 00,000,749 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log [2009-12-16 17:26:44 | 00,119,767 | ---- | C] () -- C:\WINDOWS\hpoins11.dat [2009-12-16 17:21:43 | 00,000,674 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk [2009-12-16 17:16:13 | 00,002,385 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nero StartSmart Essentials.lnk [2009-12-16 17:16:13 | 00,002,305 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nero Home Essentials SE.lnk [2009-12-16 17:16:13 | 00,001,901 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Uaktualnienie online pakietu Nero.lnk [2009-12-16 17:06:21 | 00,000,759 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\muvee aP3.5MX.lnk [2009-12-16 17:03:01 | 00,127,254 | ---- | C] () -- C:\WINDOWS\System32\nvapps.xml [2009-12-16 17:02:35 | 00,017,463 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu [2009-12-16 16:59:06 | 00,940,794 | ---- | C] () -- C:\WINDOWS\System32\LoopyMusic.wav [2009-12-16 16:59:06 | 00,146,650 | ---- | C] () -- C:\WINDOWS\System32\BuzzingBee.wav [2009-12-16 16:57:52 | 00,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2009-12-16 16:52:38 | 00,000,188 | -HS- | C] () -- C:\Documents and Settings\Rogalski\ntuser.ini [2009-12-16 16:52:37 | 01,310,720 | -H-- | C] () -- C:\Documents and Settings\Rogalski\NTUSER.DAT [2009-12-16 16:51:07 | 00,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD [2009-12-16 16:50:13 | 00,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2009-12-16 16:50:10 | 00,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls [2009-12-16 16:49:57 | 00,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls [2009-12-16 16:49:57 | 00,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls [2009-12-16 16:49:56 | 00,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll [2009-12-16 16:49:49 | 01,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex [2009-12-16 16:49:49 | 00,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls [2009-12-16 16:49:46 | 00,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe [2009-12-16 16:49:45 | 00,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe [2009-12-16 16:49:44 | 00,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex [2009-12-16 16:49:37 | 13,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll [2009-12-16 16:49:34 | 00,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex [2009-12-16 16:49:32 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll [2009-12-16 16:49:27 | 00,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll [2009-12-16 16:49:25 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls [2009-12-16 16:49:25 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls [2009-12-16 16:49:25 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls [2009-12-16 16:49:25 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls [2009-12-16 16:49:25 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls [2009-12-16 16:49:25 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls [2009-12-16 16:49:25 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls [2009-12-16 16:49:25 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls [2009-12-16 16:49:25 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls [2009-12-16 16:49:24 | 00,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls [2009-12-16 16:49:24 | 00,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls [2009-12-16 16:49:24 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls [2009-12-16 16:49:24 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls [2009-12-16 16:49:24 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls [2009-12-16 16:49:24 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls [2009-12-16 16:49:24 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls [2009-12-16 16:49:24 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls [2009-12-16 16:49:24 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls [2009-12-16 16:49:24 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls [2009-12-16 16:49:24 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls [2009-12-16 16:49:24 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls [2009-12-16 16:49:24 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls [2009-12-16 16:49:24 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls [2009-12-16 16:49:24 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls [2009-12-16 16:49:24 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls [2009-12-16 16:49:24 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls [2009-12-16 16:49:24 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls [2009-12-16 16:49:24 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls [2009-12-16 16:49:24 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls [2009-12-16 16:49:24 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls [2009-12-16 16:49:24 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls [2009-12-16 16:49:24 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls [2009-12-16 16:49:24 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls [2009-12-16 16:49:23 | 00,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls [2009-12-16 16:49:23 | 00,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls [2009-12-16 16:49:23 | 00,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls [2009-12-16 16:49:23 | 00,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls [2009-12-16 16:49:23 | 00,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls [2009-12-16 16:49:23 | 00,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls [2009-12-16 16:49:23 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls [2009-12-16 16:49:23 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls [2009-12-16 16:49:23 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls [2009-12-16 16:49:23 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls [2009-12-16 16:49:23 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls [2009-12-16 16:49:23 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls [2009-12-16 16:49:23 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls [2009-12-16 16:49:23 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls [2009-12-16 16:49:23 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls [2009-12-16 16:49:23 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls [2009-12-16 16:49:23 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls [2009-12-16 16:49:23 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls [2009-12-16 16:49:23 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls [2009-12-16 16:49:22 | 00,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls [2009-12-16 16:49:22 | 00,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls [2009-12-16 16:49:22 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls [2009-12-16 16:49:22 | 00,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls [2009-12-16 16:49:22 | 00,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls [2009-12-16 16:49:22 | 00,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls [2009-12-16 16:49:22 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls [2009-12-16 16:49:22 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls [2009-12-16 16:48:56 | 00,002,645 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT [2009-12-16 16:48:56 | 00,000,050 | ---- | C] () -- C:\AUTOEXEC.BAT [2009-12-16 16:48:56 | 00,000,000 | RHS- | C] () -- C:\MSDOS.SYS [2009-12-16 16:48:56 | 00,000,000 | RHS- | C] () -- C:\IO.SYS [2009-12-16 16:48:56 | 00,000,000 | ---- | C] () -- C:\CONFIG.SYS [2009-12-16 16:48:53 | 00,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb [2009-12-16 16:48:53 | 00,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb [2009-12-16 16:48:52 | 00,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx [2009-12-16 16:48:18 | 00,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest [2009-12-16 16:48:18 | 00,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest [2009-12-16 16:48:15 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest [2009-12-16 16:48:15 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest [2009-12-16 16:48:15 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest [2009-12-16 16:48:15 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest [2009-12-16 16:48:15 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest [2009-12-16 16:48:15 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest [2009-12-16 16:48:05 | 04,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex [2009-12-16 16:47:45 | 00,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp [2009-12-16 16:47:45 | 00,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp [2009-12-16 16:47:41 | 00,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf [2009-12-16 16:47:32 | 00,004,639 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.exe [2009-12-16 16:47:24 | 00,379,904 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll [2009-12-16 16:47:10 | 00,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2009-12-16 16:46:27 | 00,065,954 | ---- | C] () -- C:\WINDOWS\Pod mikroskopem.bmp [2009-12-16 16:46:27 | 00,065,832 | ---- | C] () -- C:\WINDOWS\Stiuk z Santa Fe.bmp [2009-12-16 16:46:27 | 00,026,680 | ---- | C] () -- C:\WINDOWS\Wachlarze.bmp [2009-12-16 16:46:27 | 00,026,582 | ---- | C] () -- C:\WINDOWS\Nefryt.bmp [2009-12-16 16:46:27 | 00,017,362 | ---- | C] () -- C:\WINDOWS\Rododendron.bmp [2009-12-16 16:46:27 | 00,009,522 | ---- | C] () -- C:\WINDOWS\Indiański pled.bmp [2009-12-16 16:46:26 | 00,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce [2009-12-16 16:46:26 | 00,065,978 | ---- | C] () -- C:\WINDOWS\Bąbelki.bmp [2009-12-16 16:46:26 | 00,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce [2009-12-16 16:46:26 | 00,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce [2009-12-16 16:46:26 | 00,017,336 | ---- | C] () -- C:\WINDOWS\Na rybkach.bmp [2009-12-16 16:46:26 | 00,017,062 | ---- | C] () -- C:\WINDOWS\Kawa.bmp [2009-12-16 16:46:26 | 00,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce [2009-12-16 16:46:26 | 00,016,730 | ---- | C] () -- C:\WINDOWS\Puch.bmp [2009-12-16 16:46:26 | 00,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce [2009-12-16 16:46:26 | 00,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce [2009-12-16 16:46:26 | 00,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce [2009-12-16 16:46:26 | 00,001,272 | ---- | C] () -- C:\WINDOWS\Niebieska koronka 16.bmp [2009-12-16 16:46:25 | 00,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce [2009-12-16 16:46:24 | 00,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h [2009-12-16 16:46:24 | 00,001,225 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd [2009-12-16 16:46:24 | 00,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h [2009-12-16 16:46:19 | 00,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc [2007-07-23 03:34:17 | 01,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2007-07-23 03:34:17 | 01,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2007-07-23 03:34:17 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2007-07-23 03:34:17 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2007-07-23 03:34:17 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2006-03-02 13:00:00 | 00,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys [2001-07-07 03:00:02 | 00,003,234 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI [color=#E56717]========== LOP Check ==========[/color] [2009-12-16 17:05:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\muvee Technologies [2009-12-17 13:34:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rogalski\Dane aplikacji\DisplayTune [2009-12-17 13:42:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rogalski\Dane aplikacji\Gadu-Gadu 10 [2009-12-19 00:55:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rogalski\Dane aplikacji\MP3Rocket [2009-12-19 01:05:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rogalski\Dane aplikacji\Thinstall [2009-12-20 19:01:00 | 00,000,240 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2009-12-16 17:06:28 | 00,000,050 | ---- | M] () -- C:\AUTOEXEC.BAT [2009-12-16 16:45:34 | 00,000,211 | -HS- | M] () -- C:\boot.ini [2006-03-02 13:00:00 | 00,004,952 | RHS- | M] () -- C:\Bootfont.bin [2009-12-16 16:48:56 | 00,000,000 | ---- | M] () -- C:\CONFIG.SYS [2009-12-16 16:59:33 | 00,000,143 | ---- | M] () -- C:\csb.log [2009-12-16 16:48:56 | 00,000,000 | RHS- | M] () -- C:\IO.SYS [2009-12-16 16:48:56 | 00,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2006-03-02 13:00:00 | 00,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2006-03-02 13:00:00 | 00,250,624 | RHS- | M] () -- C:\ntldr [2009-12-20 22:20:06 | 21,453,86496 | -HS- | M] () -- C:\pagefile.sys [2009-12-16 16:57:53 | 00,000,423 | ---- | M] () -- C:\RHDSetup.log [2009-12-18 20:21:15 | 10,000,0000 | ---- | M] () -- C:\sfgfhe.part01.rar [2009-12-18 20:36:11 | 10,000,0000 | ---- | M] () -- C:\sfgfhe.part02.rar [2009-12-18 20:50:47 | 10,000,0000 | ---- | M] () -- C:\sfgfhe.part03.rar [2009-12-18 21:05:14 | 10,000,0000 | ---- | M] () -- C:\sfgfhe.part04.rar [2009-12-18 21:23:19 | 10,000,0000 | ---- | M] () -- C:\sfgfhe.part05.rar [2009-12-18 21:43:51 | 10,000,0000 | ---- | M] () -- C:\sfgfhe.part06.rar [2009-12-18 21:58:04 | 10,000,0000 | ---- | M] () -- C:\sfgfhe.part07.rar [2009-12-18 22:14:33 | 10,000,0000 | ---- | M] () -- C:\sfgfhe.part08.rar [2009-12-18 22:37:22 | 10,000,0000 | ---- | M] () -- C:\sfgfhe.part09.rar [2009-12-18 23:01:21 | 10,000,0000 | ---- | M] () -- C:\sfgfhe.part10.rar < End of report >[/log]
Gość komentarz 21 grudnia 2009 komentarz 21 grudnia 2009 Daj log z ComboFixa: http://www.forumpc.pl/index.php?showtopic=120614&st=0&p=837303&fromsearch=1&#entry837303
young7 komentarz 21 grudnia 2009 Autor komentarz 21 grudnia 2009 Proszę bardzo [log]ComboFix 09-12-20.08 - Rogalski 2009-12-21 16:59:21.1.4 - x86 Microsoft Windows XP Home Edition 5.1.2600.2.1250.48.1045.18.2046.1512 [GMT 1:00] Uruchomiony z: c:\documents and settings\Rogalski\Pulpit\ComboFix.exe AV: avast! antivirus 4.8.1368 [VPS 091221-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Rogalski\Dane aplikacji\avdrn.dat c:\windows\system32\ieuinit.inf . ((((((((((((((((((((((((( Pliki utworzone od 2009-11-21 do 2009-12-21 ))))))))))))))))))))))))))))))) . 2009-12-19 22:38 . 2009-12-19 22:38 -------- d-----w- c:\program files\CCleaner 2009-12-19 22:15 . 2009-12-19 22:15 -------- d-----w- c:\documents and settings\Rogalski\Dane aplikacji\Malwarebytes 2009-12-19 22:15 . 2009-12-03 15:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-12-19 22:15 . 2009-12-19 22:15 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Malwarebytes 2009-12-19 22:15 . 2009-12-19 22:15 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-12-19 22:15 . 2009-12-03 15:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-12-19 20:07 . 2009-12-21 16:00 734208 ----a-w- c:\windows\system32\drivers\hdyqaim.sys 2009-12-19 20:07 . 2009-12-19 20:07 -------- d-----w- c:\windows\Sun 2009-12-19 00:16 . 2009-12-19 00:16 -------- d-----w- c:\program files\Video mp3 Extractor 2009-12-19 00:14 . 2009-12-19 00:14 -------- d-----w- c:\program files\GeoVid 2009-12-19 00:07 . 2009-12-19 00:07 8704 ----a-w- c:\documents and settings\Rogalski\Dane aplikacji\Thinstall\AVI To MP3 Converter 1.00\1000000ff00002i\explorer.exe 2009-12-19 00:05 . 2009-12-19 00:05 -------- d-----w- c:\documents and settings\Rogalski\Dane aplikacji\Thinstall 2009-12-18 23:54 . 2009-12-18 23:54 -------- d-----w- c:\documents and settings\Rogalski\Incomplete 2009-12-18 23:54 . 2009-12-18 23:54 -------- d-----w- c:\documents and settings\Rogalski\Shared 2009-12-18 23:53 . 2009-12-18 23:53 -------- d-----w- c:\program files\Java 2009-12-18 23:53 . 2009-12-18 23:53 -------- d-----w- c:\program files\Common Files\Java 2009-12-18 23:52 . 2009-12-18 23:55 -------- d-----w- c:\documents and settings\Rogalski\Dane aplikacji\MP3Rocket 2009-12-18 23:52 . 2009-12-18 23:55 -------- d-----w- c:\program files\MP3 Rocket 2009-12-18 17:39 . 2009-12-18 17:39 -------- d-----w- c:\documents and settings\Default User\Ustawienia lokalne\Dane aplikacji\Microsoft Help 2009-12-18 15:41 . 2009-12-18 15:41 -------- d-----w- c:\program files\Rockstar Games 2009-12-17 21:55 . 2009-12-17 21:56 -------- d-----w- c:\documents and settings\Rogalski\Ustawienia lokalne\Dane aplikacji\Adobe 2009-12-17 21:54 . 2009-12-17 21:55 -------- d-----w- c:\program files\Common Files\Adobe 2009-12-17 19:56 . 2009-08-06 18:23 274288 ----a-w- c:\windows\system32\mucltui.dll 2009-12-17 19:56 . 2009-08-06 18:23 215920 ----a-w- c:\windows\system32\muweb.dll 2009-12-17 19:48 . 2008-11-10 10:41 32656 ----a-w- c:\windows\system32\msonpmon.dll 2009-12-17 19:48 . 2006-10-26 18:56 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll 2009-12-17 19:47 . 2009-12-19 00:18 -------- d-----w- c:\program files\Microsoft Works 2009-12-17 19:44 . 2009-12-17 19:44 -------- d-----w- c:\windows\SHELLNEW 2009-12-17 19:43 . 2009-12-17 19:43 -------- d-----w- c:\documents and settings\Rogalski\Ustawienia lokalne\Dane aplikacji\Microsoft Help 2009-12-17 19:43 . 2009-12-19 23:43 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Microsoft Help 2009-12-17 19:43 . 2009-12-17 19:43 -------- d-----r- C:\MSOCache 2009-12-17 14:05 . 2009-12-17 14:05 -------- d-----w- c:\windows\ServicePackFiles 2009-12-17 14:05 . 2009-12-17 14:05 -------- d-----w- c:\program files\MSXML 4.0 2009-12-17 13:06 . 2009-12-18 12:18 -------- d-----w- c:\windows\system32\CatRoot_bak 2009-12-17 12:55 . 2008-06-14 18:01 273024 -c----w- c:\windows\system32\dllcache\bthport.sys 2009-12-17 12:55 . 2008-06-14 18:01 273024 ------w- c:\windows\system32\drivers\bthport.sys 2009-12-17 12:44 . 2008-10-24 11:10 453632 -c----w- c:\windows\system32\dllcache\mrxsmb.sys 2009-12-17 12:43 . 2009-08-04 17:07 2059008 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe 2009-12-17 12:43 . 2009-08-04 17:07 2137600 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe 2009-12-17 12:43 . 2009-08-04 17:07 2181632 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe 2009-12-17 12:43 . 2009-08-04 17:07 2017280 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe 2009-12-17 12:34 . 2009-12-17 12:34 -------- d-----w- c:\documents and settings\Rogalski\Dane aplikacji\DisplayTune 2009-12-16 21:11 . 2009-12-16 21:11 -------- d-----w- c:\program files\SopCast 2009-12-16 19:56 . 2009-12-16 19:56 -------- d-----w- c:\program files\Common Files\Lingea Shared 2009-12-16 19:53 . 2009-12-16 19:53 -------- d-----w- c:\program files\Oxford 2009-12-16 18:27 . 2009-11-24 23:49 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2009-12-16 18:27 . 2009-11-24 23:48 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2009-12-16 18:27 . 2009-11-24 23:47 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2009-12-16 18:27 . 2009-11-24 23:51 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys 2009-12-16 18:27 . 2009-11-24 23:50 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2009-12-16 18:27 . 2009-11-24 23:50 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys 2009-12-16 18:27 . 2009-11-24 23:50 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2009-12-16 18:27 . 2009-11-24 23:47 97480 ----a-w- c:\windows\system32\AvastSS.scr 2009-12-16 18:26 . 2009-11-24 23:54 1280480 ----a-w- c:\windows\system32\aswBoot.exe 2009-12-16 18:26 . 2009-12-16 18:26 -------- d-----w- c:\program files\Alwil Software 2009-12-16 17:22 . 2009-12-16 17:22 -------- d-----w- c:\documents and settings\Rogalski\Dane aplikacji\GRETECH 2009-12-16 17:22 . 2009-12-16 17:22 -------- d-----w- c:\program files\GRETECH . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-12-20 17:46 . 2009-12-20 17:46 98304 ----a-w- c:\windows\system32\CmdLineExt.dll 2009-12-20 16:45 . 2009-12-16 16:21 -------- d-----w- c:\program files\Gadu-Gadu 10 2009-12-19 20:34 . 2009-12-19 20:34 16 ----a-w- c:\windows\system32\config\systemprofile\Dane aplikacji\fvgqad.dat 2009-12-19 20:07 . 2009-12-19 20:07 16 ----a-w- c:\documents and settings\NetworkService\Dane aplikacji\fvgqad.dat 2009-12-18 23:59 . 2009-12-18 23:59 -------- d-----w- c:\program files\AliveMedia 2009-12-18 18:05 . 2006-03-02 12:00 49712 ----a-w- c:\windows\system32\perfc015.dat 2009-12-18 18:05 . 2006-03-02 12:00 355830 ----a-w- c:\windows\system32\perfh015.dat 2009-12-18 15:41 . 2009-12-16 15:57 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-12-17 17:53 . 2009-12-16 15:48 76487 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat 2009-12-17 12:42 . 2009-12-16 16:21 -------- d-----w- c:\documents and settings\Rogalski\Dane aplikacji\Gadu-Gadu 10 2009-12-16 16:41 . 2009-12-16 16:41 0 ----a-w- c:\windows\nsreg.dat 2009-12-16 16:41 . 2009-12-16 16:26 119767 ----a-w- c:\windows\hpoins11.dat 2009-12-16 16:34 . 2009-12-16 16:34 -------- d-----w- c:\documents and settings\Rogalski\Dane aplikacji\HP 2009-12-16 16:34 . 2009-12-16 16:34 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\HP 2009-12-16 16:34 . 2009-12-16 16:33 -------- d-----w- c:\program files\Common Files\HP 2009-12-16 16:34 . 2009-12-16 16:29 -------- d-----w- c:\program files\HP 2009-12-16 16:32 . 2009-12-16 16:32 -------- d-----w- c:\program files\Hewlett-Packard 2009-12-16 16:32 . 2009-12-16 16:32 -------- d-----w- c:\program files\Common Files\Hewlett-Packard 2009-12-16 16:26 . 2009-12-16 16:26 17024 ----a-w- c:\documents and settings\Rogalski\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT 2009-12-16 16:13 . 2009-12-16 16:13 -------- d-----w- c:\documents and settings\Rogalski\Dane aplikacji\Ahead 2009-12-16 16:13 . 2009-12-16 16:13 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Ahead 2009-12-16 16:13 . 2009-12-16 16:11 -------- d-----w- c:\program files\Common Files\Ahead 2009-12-16 16:11 . 2009-12-16 16:11 -------- d-----w- c:\program files\Nero 2009-12-16 16:11 . 2009-12-16 16:11 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Nero 2009-12-16 16:07 . 2009-12-16 16:07 -------- d-----w- c:\program files\Portrait Displays 2009-12-16 16:06 . 2009-12-16 16:06 -------- d-----w- c:\program files\Common Files\muvee Technologies 2009-12-16 16:06 . 2009-12-16 16:06 -------- d-----w- c:\program files\muvee Technologies 2009-12-16 16:05 . 2009-12-16 16:05 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\muvee Technologies 2009-12-16 16:05 . 2009-12-16 15:57 -------- d-----w- c:\program files\Common Files\InstallShield 2009-12-16 16:01 . 2009-12-16 16:01 -------- d-----w- c:\program files\VDOTool 2009-12-16 15:59 . 2009-12-16 15:57 -------- d-----w- c:\program files\Realtek 2009-12-16 15:59 . 2009-12-16 15:59 -------- d-----w- c:\documents and settings\Rogalski\Dane aplikacji\InstallShield 2009-12-16 15:59 . 2009-12-16 15:54 14656 ----a-w- c:\windows\gdrv.sys 2009-12-16 15:57 . 2009-12-16 15:57 315392 ----a-w- c:\windows\HideWin.exe 2009-12-16 15:55 . 2009-12-16 15:55 -------- d-----w- c:\program files\Intel 2009-12-16 15:49 . 2009-12-16 15:49 -------- d-----w- c:\program files\microsoft frontpage 2009-12-16 15:48 . 2009-12-16 15:48 -------- d-----w- c:\program files\Usługi online 2009-12-16 15:47 . 2009-12-16 15:47 21856 ----a-w- c:\windows\system32\emptyregdb.dat 2009-12-02 17:52 . 2009-12-02 17:52 37376 ----a-w- c:\documents and settings\Rogalski\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll 2009-10-29 05:48 . 2006-03-02 12:00 664576 ----a-w- c:\windows\system32\wininet.dll 2009-10-21 06:03 . 2006-03-02 12:00 75776 ----a-w- c:\windows\system32\strmfilt.dll 2009-10-21 06:03 . 2006-03-02 12:00 25088 ----a-w- c:\windows\system32\httpapi.dll 2009-10-20 14:58 . 2006-03-02 12:00 263552 ----a-w- c:\windows\system32\drivers\http.sys 2009-10-13 10:53 . 2006-03-02 12:00 267776 ----a-w- c:\windows\system32\oakley.dll 2009-10-12 13:54 . 2006-03-02 12:00 69632 ----a-w- c:\windows\system32\raschap.dll 2009-10-12 13:54 . 2006-03-02 12:00 112640 ----a-w- c:\windows\system32\rastls.dll 2009-09-25 05:58 . 2006-03-02 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-01 153136] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-08-03 1667584] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" [2007-04-12 16132608] "Gainward"="c:\program files\VDOTool\TBPanel.exe" [2007-06-26 2165272] "nwiz"="nwiz.exe" [2007-07-23 1626112] "DT Task"="c:\program files\Portrait Displays\forteManager\DTHtml.exe" [2006-09-08 282624] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 49152] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-07-23 8466432] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2006-03-02 15360] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^HP Digital Imaging Monitor.lnk] path=c:\documents and settings\All Users\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2009-09-04 11:08 935288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2009-10-03 03:08 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware] 2009-12-03 15:14 429392 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2007-03-01 14:57 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] 2007-07-23 02:34 8466432 ----a-w- c:\windows\system32\nvcpl.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] 2007-07-23 02:34 81920 ----a-w- c:\windows\system32\nvmctray.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2007-03-14 02:43 83608 ----a-w- c:\program files\Java\jre1.6.0_01\bin\jusched.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Gadu-Gadu 10\\gg.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"= "c:\\Program Files\\SopCast\\adv\\SopAdver.exe"= "c:\\Program Files\\SopCast\\SopCast.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Java\\jre1.6.0_01\\bin\\javaw.exe"= R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-12-16 114768] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-12-16 20560] --- Inne Usługi/Sterowniki w Pamięci --- *Deregistered* - hdyqaim . ------- Skan uzupełniający ------- . IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 FF - ProfilePath - c:\documents and settings\Rogalski\Dane aplikacji\Mozilla\Firefox\Profiles\h1i9hwik.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.pl/ . - - - - USUNIĘTO PUSTE WPISY - - - - WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-12-21 17:00 Windows 5.1.2600 Dodatek Service Pack 2 NTFS skanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ... skanowanie pomyślnie ukończone ukryte pliki: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\hdyqaim] . Czas ukończenia: 2009-12-21 17:01:15 ComboFix-quarantined-files.txt 2009-12-21 16:01 Przed: 301 676 564 480 bajtów wolnych Po: 301 647 126 528 bajtów wolnych WindowsXP-KB310994-SP2-Home-BootDisk-PLK.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect - - End Of File - - 8B9D34C9674CB554BF3CA9EC713521E3[/log]
Gość komentarz 21 grudnia 2009 komentarz 21 grudnia 2009 Wklej do [b]Notatnika[/b]: [code] File:: c:\windows\system32\drivers\hdyqaim.sys Driver:: hdyqaim Registry:: [-HKEY_LOCAL_MACHINE\System\ControlSet001\Services\hdyqaim] [/code] [b]>>Plik>>Zapisz jako... >>> [color="red"]CFScript[/color][/b] Przeciągnij i upuść plik [color="red"][b]CFScript.txt[/b][/color] na plik [b]ComboFix.exe[/b] [b][color="blue"]-------->[/color][/b] [img]http://img167.imageshack.us/img167/7180/cfscript10gm1.gif[/img] Ma się rozpocząć kopiowanie. (i powstanie log). Po tej operacji Avast nie powinnien już Alarmować o Rootkicie. 1
young7 komentarz 21 grudnia 2009 Autor komentarz 21 grudnia 2009 Na razie wszystko działa, bardzo dziękuje
young7 komentarz 21 grudnia 2009 Autor komentarz 21 grudnia 2009 Tak jest. Nie zauważyłem, bo szukałem w folderze combofix. [log]ComboFix 09-12-20.08 - Rogalski 2009-12-21 17:15:46.2.4 - x86 Microsoft Windows XP Home Edition 5.1.2600.2.1250.48.1045.18.2046.1440 [GMT 1:00] Uruchomiony z: c:\documents and settings\Rogalski\Pulpit\ComboFix.exe Użyto następujących komend :: c:\documents and settings\Rogalski\Pulpit\CFScript.txt AV: avast! antivirus 4.8.1368 [VPS 091221-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} FILE :: "c:\windows\system32\drivers\hdyqaim.sys" . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\drivers\hdyqaim.sys . ((((((((((((((((((((((((((((((((((((((( Sterowniki/Usługi ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_HDYQAIM -------\Service_hdyqaim ((((((((((((((((((((((((( Pliki utworzone od 2009-11-21 do 2009-12-21 ))))))))))))))))))))))))))))))) . 2009-12-21 13:47 . 2009-12-21 13:47 11776 ----a-w- c:\documents and settings\Rogalski\Dane aplikacji\Gadu-Gadu 10\_userdata\npgg.2.dll 2009-12-20 17:46 . 2009-12-20 17:46 98304 ----a-w- c:\windows\system32\CmdLineExt.dll 2009-12-19 23:34 . 2009-12-19 23:34 -------- d-----w- C:\_OTL 2009-12-19 22:38 . 2009-12-19 22:38 -------- d-----w- c:\program files\CCleaner 2009-12-19 22:15 . 2009-12-19 22:15 -------- d-----w- c:\documents and settings\Rogalski\Dane aplikacji\Malwarebytes 2009-12-19 22:15 . 2009-12-03 15:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-12-19 22:15 . 2009-12-19 22:15 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Malwarebytes 2009-12-19 22:15 . 2009-12-19 22:15 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-12-19 22:15 . 2009-12-03 15:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-12-19 20:07 . 2009-12-19 20:07 -------- d-----w- c:\windows\Sun 2009-12-19 00:16 . 2009-12-19 00:16 -------- d-----w- c:\program files\Video mp3 Extractor 2009-12-19 00:14 . 2009-12-19 00:14 -------- d-----w- c:\program files\GeoVid 2009-12-19 00:07 . 2009-12-19 00:07 8704 ----a-w- c:\documents and settings\Rogalski\Dane aplikacji\Thinstall\AVI To MP3 Converter 1.00\1000000ff00002i\explorer.exe 2009-12-19 00:05 . 2009-12-19 00:05 -------- d-----w- c:\documents and settings\Rogalski\Dane aplikacji\Thinstall 2009-12-18 23:54 . 2009-12-18 23:54 -------- d-----w- c:\documents and settings\Rogalski\Incomplete 2009-12-18 23:54 . 2009-12-18 23:54 -------- d-----w- c:\documents and settings\Rogalski\Shared 2009-12-18 23:53 . 2009-12-18 23:53 -------- d-----w- c:\program files\Java 2009-12-18 23:53 . 2009-12-18 23:53 -------- d-----w- c:\program files\Common Files\Java 2009-12-18 23:52 . 2009-12-18 23:55 -------- d-----w- c:\documents and settings\Rogalski\Dane aplikacji\MP3Rocket 2009-12-18 23:52 . 2009-12-18 23:55 -------- d-----w- c:\program files\MP3 Rocket 2009-12-18 17:39 . 2009-12-18 17:39 -------- d-----w- c:\documents and settings\Default User\Ustawienia lokalne\Dane aplikacji\Microsoft Help 2009-12-18 15:41 . 2009-12-18 15:41 -------- d-----w- c:\program files\Rockstar Games 2009-12-17 21:55 . 2009-12-17 21:56 -------- d-----w- c:\documents and settings\Rogalski\Ustawienia lokalne\Dane aplikacji\Adobe 2009-12-17 21:54 . 2009-12-17 21:55 -------- d-----w- c:\program files\Common Files\Adobe 2009-12-17 19:56 . 2009-08-06 18:23 274288 ----a-w- c:\windows\system32\mucltui.dll 2009-12-17 19:56 . 2009-08-06 18:23 215920 ----a-w- c:\windows\system32\muweb.dll 2009-12-17 19:48 . 2008-11-10 10:41 32656 ----a-w- c:\windows\system32\msonpmon.dll 2009-12-17 19:48 . 2006-10-26 18:56 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll 2009-12-17 19:47 . 2009-12-19 00:18 -------- d-----w- c:\program files\Microsoft Works 2009-12-17 19:44 . 2009-12-17 19:44 -------- d-----w- c:\windows\SHELLNEW 2009-12-17 19:43 . 2009-12-17 19:43 -------- d-----w- c:\documents and settings\Rogalski\Ustawienia lokalne\Dane aplikacji\Microsoft Help 2009-12-17 19:43 . 2009-12-19 23:43 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Microsoft Help 2009-12-17 19:43 . 2009-12-17 19:43 -------- d-----r- C:\MSOCache 2009-12-17 14:05 . 2009-12-17 14:05 -------- d-----w- c:\windows\ServicePackFiles 2009-12-17 14:05 . 2009-12-17 14:05 -------- d-----w- c:\program files\MSXML 4.0 2009-12-17 13:06 . 2009-12-18 12:18 -------- d-----w- c:\windows\system32\CatRoot_bak 2009-12-17 12:55 . 2008-06-14 18:01 273024 -c----w- c:\windows\system32\dllcache\bthport.sys 2009-12-17 12:55 . 2008-06-14 18:01 273024 ------w- c:\windows\system32\drivers\bthport.sys 2009-12-17 12:44 . 2008-10-24 11:10 453632 -c----w- c:\windows\system32\dllcache\mrxsmb.sys 2009-12-17 12:43 . 2009-08-04 17:07 2059008 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe 2009-12-17 12:43 . 2009-08-04 17:07 2137600 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe 2009-12-17 12:43 . 2009-08-04 17:07 2181632 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe 2009-12-17 12:43 . 2009-08-04 17:07 2017280 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe 2009-12-17 12:34 . 2009-12-17 12:34 -------- d-----w- c:\documents and settings\Rogalski\Dane aplikacji\DisplayTune 2009-12-16 21:11 . 2009-12-16 21:11 -------- d-----w- c:\program files\SopCast 2009-12-16 19:56 . 2009-12-16 19:56 -------- d-----w- c:\program files\Common Files\Lingea Shared 2009-12-16 19:53 . 2009-12-16 19:53 -------- d-----w- c:\program files\Oxford 2009-12-16 18:27 . 2009-11-24 23:49 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2009-12-16 18:27 . 2009-11-24 23:48 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2009-12-16 18:27 . 2009-11-24 23:47 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2009-12-16 18:27 . 2009-11-24 23:51 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys 2009-12-16 18:27 . 2009-11-24 23:50 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2009-12-16 18:27 . 2009-11-24 23:50 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys 2009-12-16 18:27 . 2009-11-24 23:50 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2009-12-16 18:27 . 2009-11-24 23:47 97480 ----a-w- c:\windows\system32\AvastSS.scr 2009-12-16 18:26 . 2009-11-24 23:54 1280480 ----a-w- c:\windows\system32\aswBoot.exe 2009-12-16 18:26 . 2009-12-16 18:26 -------- d-----w- c:\program files\Alwil Software 2009-12-16 17:22 . 2009-12-16 17:22 -------- d-----w- c:\documents and settings\Rogalski\Dane aplikacji\GRETECH 2009-12-16 17:22 . 2009-12-16 17:22 -------- d-----w- c:\program files\GRETECH . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-12-21 16:09 . 2009-12-16 16:21 -------- d-----w- c:\program files\Gadu-Gadu 10 2009-12-19 20:34 . 2009-12-19 20:34 16 ----a-w- c:\windows\system32\config\systemprofile\Dane aplikacji\fvgqad.dat 2009-12-19 20:07 . 2009-12-19 20:07 16 ----a-w- c:\documents and settings\NetworkService\Dane aplikacji\fvgqad.dat 2009-12-18 23:59 . 2009-12-18 23:59 -------- d-----w- c:\program files\AliveMedia 2009-12-18 18:05 . 2006-03-02 12:00 49712 ----a-w- c:\windows\system32\perfc015.dat 2009-12-18 18:05 . 2006-03-02 12:00 355830 ----a-w- c:\windows\system32\perfh015.dat 2009-12-18 15:41 . 2009-12-16 15:57 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-12-17 17:53 . 2009-12-16 15:48 76487 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat 2009-12-17 12:42 . 2009-12-16 16:21 -------- d-----w- c:\documents and settings\Rogalski\Dane aplikacji\Gadu-Gadu 10 2009-12-16 16:41 . 2009-12-16 16:41 0 ----a-w- c:\windows\nsreg.dat 2009-12-16 16:41 . 2009-12-16 16:26 119767 ----a-w- c:\windows\hpoins11.dat 2009-12-16 16:34 . 2009-12-16 16:34 -------- d-----w- c:\documents and settings\Rogalski\Dane aplikacji\HP 2009-12-16 16:34 . 2009-12-16 16:34 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\HP 2009-12-16 16:34 . 2009-12-16 16:33 -------- d-----w- c:\program files\Common Files\HP 2009-12-16 16:34 . 2009-12-16 16:29 -------- d-----w- c:\program files\HP 2009-12-16 16:32 . 2009-12-16 16:32 -------- d-----w- c:\program files\Hewlett-Packard 2009-12-16 16:32 . 2009-12-16 16:32 -------- d-----w- c:\program files\Common Files\Hewlett-Packard 2009-12-16 16:26 . 2009-12-16 16:26 17024 ----a-w- c:\documents and settings\Rogalski\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT 2009-12-16 16:13 . 2009-12-16 16:13 -------- d-----w- c:\documents and settings\Rogalski\Dane aplikacji\Ahead 2009-12-16 16:13 . 2009-12-16 16:13 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Ahead 2009-12-16 16:13 . 2009-12-16 16:11 -------- d-----w- c:\program files\Common Files\Ahead 2009-12-16 16:11 . 2009-12-16 16:11 -------- d-----w- c:\program files\Nero 2009-12-16 16:11 . 2009-12-16 16:11 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Nero 2009-12-16 16:07 . 2009-12-16 16:07 -------- d-----w- c:\program files\Portrait Displays 2009-12-16 16:06 . 2009-12-16 16:06 -------- d-----w- c:\program files\Common Files\muvee Technologies 2009-12-16 16:06 . 2009-12-16 16:06 -------- d-----w- c:\program files\muvee Technologies 2009-12-16 16:05 . 2009-12-16 16:05 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\muvee Technologies 2009-12-16 16:05 . 2009-12-16 15:57 -------- d-----w- c:\program files\Common Files\InstallShield 2009-12-16 16:01 . 2009-12-16 16:01 -------- d-----w- c:\program files\VDOTool 2009-12-16 15:59 . 2009-12-16 15:57 -------- d-----w- c:\program files\Realtek 2009-12-16 15:59 . 2009-12-16 15:59 -------- d-----w- c:\documents and settings\Rogalski\Dane aplikacji\InstallShield 2009-12-16 15:59 . 2009-12-16 15:54 14656 ----a-w- c:\windows\gdrv.sys 2009-12-16 15:57 . 2009-12-16 15:57 315392 ----a-w- c:\windows\HideWin.exe 2009-12-16 15:55 . 2009-12-16 15:55 -------- d-----w- c:\program files\Intel 2009-12-16 15:49 . 2009-12-16 15:49 -------- d-----w- c:\program files\microsoft frontpage 2009-12-16 15:48 . 2009-12-16 15:48 -------- d-----w- c:\program files\Usługi online 2009-12-16 15:47 . 2009-12-16 15:47 21856 ----a-w- c:\windows\system32\emptyregdb.dat 2009-12-02 17:52 . 2009-12-02 17:52 37376 ----a-w- c:\documents and settings\Rogalski\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll 2009-10-29 05:48 . 2006-03-02 12:00 664576 ------w- c:\windows\system32\wininet.dll 2009-10-21 06:03 . 2006-03-02 12:00 75776 ----a-w- c:\windows\system32\strmfilt.dll 2009-10-21 06:03 . 2006-03-02 12:00 25088 ----a-w- c:\windows\system32\httpapi.dll 2009-10-20 14:58 . 2006-03-02 12:00 263552 ----a-w- c:\windows\system32\drivers\http.sys 2009-10-13 10:53 . 2006-03-02 12:00 267776 ----a-w- c:\windows\system32\oakley.dll 2009-10-12 13:54 . 2006-03-02 12:00 69632 ----a-w- c:\windows\system32\raschap.dll 2009-10-12 13:54 . 2006-03-02 12:00 112640 ----a-w- c:\windows\system32\rastls.dll 2009-09-25 05:58 . 2006-03-02 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll . ((((((((((((((((((((((((((((( SnapShot@2009-12-21_16.00.43 ))))))))))))))))))))))))))))))))))))))))) . + 2009-12-21 16:18 . 2009-12-21 16:18 16384 c:\windows\Temp\Perflib_Perfdata_558.dat . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-01 153136] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-08-03 1667584] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" [2007-04-12 16132608] "Gainward"="c:\program files\VDOTool\TBPanel.exe" [2007-06-26 2165272] "nwiz"="nwiz.exe" [2007-07-23 1626112] "DT Task"="c:\program files\Portrait Displays\forteManager\DTHtml.exe" [2006-09-08 282624] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 49152] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-07-23 8466432] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2006-03-02 15360] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^HP Digital Imaging Monitor.lnk] path=c:\documents and settings\All Users\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2009-09-04 11:08 935288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2009-10-03 03:08 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware] 2009-12-03 15:14 429392 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2007-03-01 14:57 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] 2007-07-23 02:34 8466432 ----a-w- c:\windows\system32\nvcpl.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] 2007-07-23 02:34 81920 ----a-w- c:\windows\system32\nvmctray.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2007-03-14 02:43 83608 ----a-w- c:\program files\Java\jre1.6.0_01\bin\jusched.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Gadu-Gadu 10\\gg.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"= "c:\\Program Files\\SopCast\\adv\\SopAdver.exe"= "c:\\Program Files\\SopCast\\SopCast.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Java\\jre1.6.0_01\\bin\\javaw.exe"= R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-12-16 114768] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-12-16 20560] . ------- Skan uzupełniający ------- . IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 FF - ProfilePath - c:\documents and settings\Rogalski\Dane aplikacji\Mozilla\Firefox\Profiles\h1i9hwik.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.pl/ FF - plugin: c:\documents and settings\Rogalski\Dane aplikacji\Gadu-Gadu 10\_userdata\npgg.2.dll . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-12-21 17:18 Windows 5.1.2600 Dodatek Service Pack 2 NTFS skanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ... skanowanie pomyślnie ukończone ukryte pliki: 0 ************************************************************************** . --------------------- Pliki DLL ładowane pod uruchomionymi procesami --------------------- - - - - - - - > 'explorer.exe'(2248) c:\windows\system32\msi.dll . ------------------------ Pozostałe uruchomione procesy ------------------------ . c:\program files\Alwil Software\Avast4\aswUpdSv.exe c:\program files\Alwil Software\Avast4\ashServ.exe c:\program files\Portrait Displays\forteManager\DTSRVC.exe c:\windows\system32\nvsvc32.exe c:\windows\system32\HPZipm12.exe c:\windows\RTHDCPL.EXE c:\windows\system32\wdfmgr.exe c:\program files\Common Files\Ahead\Lib\NMIndexingService.exe c:\program files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe c:\windows\system32\wscntfy.exe c:\windows\system32\imapi.exe . ************************************************************************** . Czas ukończenia: 2009-12-21 17:19:34 - komputer został uruchomiony ponownie ComboFix-quarantined-files.txt 2009-12-21 16:19 ComboFix2.txt 2009-12-21 16:01 Przed: 301 562 449 920 bajtów wolnych Po: 301 494 988 800 bajtów wolnych - - End Of File - - 9EEF215EBEC98628939281317019D425[/log]
Gość komentarz 21 grudnia 2009 komentarz 21 grudnia 2009 Rootkit sie usunął. Jest czysto. Użyj OTL i wywołaj go z opcji [b]CleanUp[/b].
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.