x-kom hosting

Logi do sprawdzenia, problemy z internetem

Sulski
utworzono
utworzono (edytowane)

Witam , moj problem z internetem objawia sie nie wczytywaniem stron , musze poodswiezac parenascie razy aby wskoczylo ... Dlatego tez zamieszczam logi z programow ktore mialem na dysku, bo sciagniecie czegokolwiek graniczy z cudem.

Pozdrawiam i z gory dziekuje za pomoc

hijack :

[log]Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:54:00, on 2010-02-08
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\nvraidservice.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\Gadu-Gadu 10\gg.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = WindowZ IE
O2 - BHO: CommandBar.CtrlMHook - {3f1ab67e-12aa-352e-b4e0-a5f1810b60dd} - mscoree.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Loader Class - {F880A4A8-C436-4AC4-AFD1-AA0BDC9552DD} - C:\WINDOWS\system32\FindeXer.dll
O3 - Toolbar: QT Breadcrumbs Address Bar - {af83e43c-dd2b-4787-826b-31b17dee52ed} - mscoree.dll (file missing)
O3 - Toolbar: QT TabBar - {d2bf470e-ed1c-487f-a333-2bd8835eb6ce} - mscoree.dll (file missing)
O3 - Toolbar: QT Tab Standard Buttons - {D2BF470E-ED1C-487F-A666-2BD8835EB6CE} - mscoree.dll (file missing)
O3 - Toolbar: (no name) - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - (no file)
O4 - HKLM\..\Run: [Resume copy] copyfstq.exe /startup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe
O4 - HKLM\..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-21-1801674531-1614895754-1417001333-1003\..\Run: [Gadu-Gadu 10] "C:\Program Files\Gadu-Gadu 10\gg.exe" (User 'Milena')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - S-1-5-18 Startup: Transparent fx - lite.lnk = C:\Program Files\Fadebar\Fadebar.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: z.cmd (User 'SYSTEM')
O4 - .DEFAULT Startup: Transparent fx - lite.lnk = C:\Program Files\Fadebar\Fadebar.exe (User 'Default user')
O4 - .DEFAULT Startup: z.cmd (User 'Default user')
O4 - .DEFAULT User Startup: Transparent fx - lite.lnk = C:\Program Files\Fadebar\Fadebar.exe (User 'Default user')
O4 - .DEFAULT User Startup: z.cmd (User 'Default user')
O4 - Startup: Transparent fx - lite.lnk = C:\Program Files\Fadebar\Fadebar.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O13 - Gopher Prefix:
O20 - AppInit_DLLs: prio.dll
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 5498 bytes
[/log]

i combofix :

[log]omboFix 10-02-08.01 - Sulski 2010-02-08 19:59:11.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1250.48.1045.18.1535.780 [GMT 1:00]
Uruchomiony z: d:\muzyka\Muzyka z serialu Vampire Diares\ComboFix.exe
FW: NVIDIA Firewall *disabled* {EDC10449-64D1-46c7-A59A-EC20D662F26D}
.

((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\Install.bat
c:\windows\system32\msconfig.exe
c:\windows\Uninstall.ini

c:\windows\system32\proquota.exe . . . brak pliku!!

.
((((((((((((((((((((((((( Pliki utworzone od 2010-01-08 do 2010-02-08 )))))))))))))))))))))))))))))))
.

2010-02-08 18:53 . 2010-02-08 18:53 -------- d-----w- c:\program files\Trend Micro
2010-02-07 18:31 . 2010-02-07 18:31 -------- d-----w- c:\documents and settings\Sulski\Dane aplikacji\SpeedSim
2010-02-06 20:06 . 2010-02-07 19:52 1 ----a-w- c:\documents and settings\Mama\Dane aplikacji\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-02-06 20:05 . 2010-02-06 20:05 -------- d-----w- c:\documents and settings\Mama\Dane aplikacji\OpenOffice.org
2010-02-06 15:29 . 2010-02-06 15:29 -------- d-----w- c:\program files\JRE
2010-02-06 15:28 . 2010-02-06 15:29 -------- d-----w- c:\program files\OpenOffice.org 3
2010-02-06 14:15 . 2010-02-06 14:15 -------- d-----w- c:\documents and settings\Mama\Dane aplikacji\Xentient
2010-02-06 14:15 . 2010-02-07 13:31 13416 ----a-w- c:\documents and settings\Mama\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
2010-02-04 20:14 . 2010-02-04 20:14 -------- d-s---w- c:\documents and settings\Mama\Ulubione
2010-02-04 17:53 . 2010-02-04 20:15 -------- d-----w- c:\windows\SxsCaPendDel
2010-02-04 17:53 . 2010-02-04 17:53 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Gadu-Gadu 10
2010-02-04 17:53 . 2010-02-04 17:53 -------- d-----w- c:\program files\Gadu-Gadu 10
2010-02-04 17:47 . 2010-02-08 15:37 -------- d-----w- c:\documents and settings\Milena
2010-02-04 17:34 . 2010-02-04 17:34 -------- d-----w- c:\windows\Sun
2010-02-04 17:34 . 2010-02-04 17:34 -------- d-sh--w- c:\documents and settings\Sulski\PrivacIE

.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-08 18:57 . 2010-02-08 18:10 -------- d-----w- c:\documents and settings\Sulski\Dane aplikacji\Winamp
2010-02-08 18:10 . 2010-02-08 18:10 -------- d-----w- c:\program files\Winamp
2010-02-08 18:10 . 2010-02-08 18:10 -------- d-----w- c:\program files\Winamp Detect
2010-02-06 18:26 . 2010-02-04 16:02 13416 ----a-w- c:\documents and settings\Sulski\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
2010-02-05 16:52 . 2010-02-05 16:52 -------- d-----w- c:\documents and settings\Sulski\Dane aplikacji\Media Player Classic
2010-02-04 20:19 . 2010-02-04 20:19 -------- d-----w- c:\documents and settings\Sulski\Dane aplikacji\Gadu-Gadu 10
2010-02-04 16:17 . 2008-04-15 12:00 77594 ----a-w- c:\windows\system32\perfc015.dat
2010-02-04 16:17 . 2008-04-15 12:00 454962 ----a-w- c:\windows\system32\perfh015.dat
2010-02-04 16:15 . 2010-02-04 16:15 -------- d-----w- c:\program files\Opera
2010-02-04 16:12 . 2010-02-04 16:05 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-04 16:11 . 2010-02-04 16:05 -------- d-----w- c:\program files\Common Files\InstallShield
2010-02-04 16:10 . 2010-02-04 16:04 -------- d-----w- c:\program files\NVIDIA Corporation
2010-02-04 16:07 . 2010-02-04 16:07 -------- d-----w- c:\documents and settings\Sulski\Dane aplikacji\Xentient
2010-02-04 16:05 . 2010-02-04 16:05 -------- d-----w- c:\program files\Realtek Sound Manager
2010-02-04 16:05 . 2010-02-04 16:05 -------- d-----w- c:\program files\AvRack
2010-02-04 16:05 . 2010-02-04 16:05 -------- d-----w- c:\program files\Realtek AC97
2010-02-04 16:04 . 2010-02-04 16:04 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\NVIDIA Corporation
2010-02-04 16:00 . 2010-02-04 20:14 -------- d-----w- c:\documents and settings\Mama\Dane aplikacji\Finder Bar
2010-02-04 16:00 . 2010-02-04 16:02 -------- d-----w- c:\documents and settings\Sulski\Dane aplikacji\Finder Bar
2010-02-04 16:00 . 2010-02-04 15:59 -------- d-----w- c:\documents and settings\Default User\Dane aplikacji\Finder Bar
2010-02-04 15:59 . 2010-02-04 15:59 -------- d-----w- c:\documents and settings\Administrator\Dane aplikacji\Xentient
2010-02-04 15:59 . 2010-02-04 15:59 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Finder Bar
2010-02-04 15:59 . 2010-02-04 15:59 -------- d-----w- c:\program files\FolderSize
2010-02-04 15:59 . 2010-02-04 15:59 138 ----a-w- c:\documents and settings\Administrator\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
2010-02-04 15:59 . 2010-02-04 15:59 -------- d-----w- c:\program files\Command Prompt Explorer Bar
2010-02-04 15:55 . 2010-02-04 15:55 -------- d-----w- c:\program files\VisualTaskTips
2010-02-04 15:55 . 2010-02-04 15:55 -------- d-----w- c:\program files\Foxit
2010-02-04 15:55 . 2010-02-04 15:55 -------- d-----w- c:\program files\StyleFolder
2010-02-04 15:55 . 2010-02-04 15:55 53812 ----a-w- c:\windows\uninst-vj.exe
2010-02-04 15:55 . 2010-02-04 15:55 172032 ----a-w- c:\windows\vjpeg.exe
2010-02-04 15:55 . 2010-02-04 15:55 82898 ----a-w- c:\windows\uninstall.exe
2010-02-04 15:55 . 2010-02-04 15:55 -------- d-----w- c:\program files\Quizo
2010-02-04 15:55 . 2010-02-04 15:55 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Apple Computer
2010-02-04 15:55 . 2010-02-04 15:55 -------- d-----w- c:\program files\QuickTime Alternative
2010-02-04 15:55 . 2010-02-04 15:55 -------- d-----w- c:\program files\RegCompact.NET
2010-02-04 15:55 . 2010-02-04 15:54 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-02-04 15:54 . 2010-02-04 15:54 -------- d-----w- c:\program files\System
2010-02-04 15:54 . 2010-02-04 15:54 410984 ----a-w- c:\windows\system32\deploytk.dll
2010-02-04 15:54 . 2010-02-04 15:54 -------- d-----w- c:\program files\Java
2010-02-04 15:54 . 2010-02-04 15:54 -------- d-----w- c:\program files\Drive Space Indicator
2010-02-04 15:54 . 2010-02-04 15:54 -------- d-----w- c:\program files\Driver Magician
2010-02-04 15:54 . 2010-02-04 15:54 -------- d-----w- c:\program files\Defraggler
2010-02-04 15:54 . 2010-02-04 15:54 -------- d-----w- c:\program files\CDBurnerXP
2010-02-04 15:54 . 2010-02-04 15:54 -------- d-----w- c:\program files\CCleaner
2010-02-04 15:49 . 2010-02-04 15:49 21856 ----a-w- c:\windows\system32\emptyregdb.dat
2010-02-04 15:49 . 2010-02-04 15:49 -------- d-----w- c:\program files\Windows Media Connect 2
2009-11-21 02:34 . 2010-02-04 16:03 69632 ----a-w- c:\windows\system32\OpenCL.dll
2009-11-21 02:34 . 2010-02-04 16:03 4038656 ----a-w- c:\windows\system32\nvcuda.dll
2009-11-21 02:34 . 2010-02-04 16:03 2259560 ----a-w- c:\windows\system32\nvcuvid.dll
2009-11-21 02:34 . 2010-02-04 16:03 1989224 ----a-w- c:\windows\system32\nvcuvenc.dll
2009-11-21 02:34 . 2010-02-04 16:03 182888 ----a-w- c:\windows\system32\nvcodins.dll
2009-11-21 02:34 . 2010-02-04 16:03 182888 ----a-w- c:\windows\system32\nvcod.dll
2009-11-21 02:34 . 2010-02-04 16:03 13602816 ----a-w- c:\windows\system32\nvoglnt.dll
2009-11-21 02:34 . 2010-02-04 16:03 11374592 ----a-w- c:\windows\system32\nvcompiler.dll
2009-11-21 02:34 . 2010-02-04 16:03 1056768 ----a-w- c:\windows\system32\nvapi.dll
2009-11-21 02:34 . 2010-02-04 16:03 10235968 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2009-11-21 02:34 . 2010-02-04 16:03 6282752 ----a-w- c:\windows\system32\nv4_disp.dll
2009-11-21 02:34 . 2010-02-04 16:03 2293286 ----a-w- c:\windows\system32\nvdata.bin
.

------- Sigcheck -------

[-] 2009-06-25 . DF70435F3D17C40D5CB15E6DC918342E . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys

[-] 2009-06-25 . E3AE414813DA8279B2328CFE2D13ED70 . 629760 . . [5.82] . . c:\windows\system32\comctl32.dll

[-] 2009-06-23 . 150852B3EB5F0C3FB44D38D0375578BB . 8356864 . . [8.00.6001.22873] . . c:\windows\system32\mshtml.dll

[-] 2009-06-24 . 1146504E5B0E43C4E5CE70E42F025A26 . 2191744 . . [5.1.2600.5512] . . c:\windows\system32\ntoskrnl.exe

[-] 2009-06-14 . 44E3FE403A9F8A64B1306AAC62B52952 . 678400 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll

[-] 2009-06-14 . AC074B7C8D9966B5019E25EF8C527F54 . 1591808 . . [6.00.2900.5512] . . c:\windows\explorer.exe



[-] 2009-06-13 19:06 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll

[-] 2009-06-24 . C71E5B92124E8E8F6B9294E3E5FC8129 . 2068864 . . [5.1.2600.5755] . . c:\windows\system32\ntkrnlpa.exe

c:\windows\System32\ctfmon.exe ... - brak elementu !!
c:\windows\System32\regsvc.dll ... - brak elementu !!
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Resume copy"="copyfstq.exe" [2003-06-10 57344]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-11-20 110184]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-11-20 12669544]
"SoundMan"="SOUNDMAN.EXE" [2006-08-02 577536]
"NVRaidService"="c:\windows\system32\nvraidservice.exe" [2005-01-17 84480]
"nTrayFw"="c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe" [2005-04-29 266240]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-12-18 39424]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_3"="advpack.dll" [2009-06-25 128512]

c:\windows\system32\config\systemprofile\Menu Start\Programy\Autostart\
Transparent fx - lite.lnk - c:\program files\Fadebar\Fadebar.exe [2010-2-4 211333]
z.cmd [2009-5-8 389]

c:\documents and settings\Administrator\Menu Start\Programy\Autostart\
del.exe [2009-1-8 615759]
run.lnk - c:\program files\WindowZ\Kreator post-instalacyjny\run.bat [2010-2-4 473]
Transparent fx - lite.lnk - c:\program files\Fadebar\Fadebar.exe [2010-2-4 211333]

c:\documents and settings\Default User\Menu Start\Programy\Autostart\
Transparent fx - lite.lnk - c:\program files\Fadebar\Fadebar.exe [2010-2-4 211333]
z.cmd [2009-5-8 389]

c:\documents and settings\Mama\Menu Start\Programy\Autostart\
OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-8-18 384000]
Transparent fx - lite.lnk - c:\program files\Fadebar\Fadebar.exe [2010-2-4 211333]

c:\documents and settings\Sulski\Menu Start\Programy\Autostart\
Transparent fx - lite.lnk - c:\program files\Fadebar\Fadebar.exe [2010-2-4 211333]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableStatusMessages"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"NoSMMyPictures"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"NoSMMyPictures"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=

R1 vcdrom;Virtual CD-ROM Device Driver;c:\program files\System\CPL Bonus\vcdrom.sys [2010-02-04 8576]
S4 prio_svc;Prio Service;c:\program files\Prio\prio_svc.exe [2009-01-12 5120]

--- Inne Usługi/Sterowniki w Pamięci ---

*NewlyCreated* - BROWSER
*NewlyCreated* - SRSERVICE
*NewlyCreated* - VCDROM
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www.google.com/
LSP: %SYSTEMROOT%\system32\nvappfilter.dll
.
- - - - USUNIĘTO PUSTE WPISY - - - -

HKLM-Run-nwiz - nwiz.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-08 20:01
Windows 5.1.2600 Dodatek Service Pack 3 NTFS

skanowanie ukrytych procesów ...

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ...

skanowanie pomyślnie ukończone
ukryte pliki: 0

**************************************************************************
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------

- - - - - - - > 'winlogon.exe'(904)
c:\program files\Prio\prio.dll
c:\windows\system32\cscui.dll

- - - - - - - > 'lsass.exe'(976)
c:\program files\Prio\prio.dll
c:\windows\system32\scecli.dll
.
Czas ukończenia: 2010-02-08 20:02:10
ComboFix-quarantined-files.txt 2010-02-08 19:02

Przed: 36 037 087 232 bajtów wolnych
Po: 36 060 639 232 bajtów wolnych

WindowsXP-KB310994-SP2-Pro-BootDisk-PLK.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - 68F431020C0708D917FFB3359162E326
[/log]








dds :

[log]DDS (Ver_09-12-01.01) - NTFSx86
Run by Sulski at 21:32:54,39 on 2010-02-08
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1250.48.1045.18.1535.766 [GMT 1:00]

FW: NVIDIA Firewall *disabled* {EDC10449-64D1-46c7-A59A-EC20D662F26D}

============== Running Processes ===============

C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\nvraidservice.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Gadu-Gadu 10\gg.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\Winamp\winamp.exe
C:\Documents and Settings\Sulski\Ustawienia lokalne\Dane aplikacji\Opera\Opera\temporary_downloads\dds.pif

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
BHO: CommandBar.CtrlMHook: {3f1ab67e-12aa-352e-b4e0-a5f1810b60dd} - mscoree.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: Loader Class: {f880a4a8-c436-4ac4-afd1-aa0bdc9552dd} - c:\windows\system32\FindeXer.dll
TB: QT Breadcrumbs Address Bar: {af83e43c-dd2b-4787-826b-31b17dee52ed} - mscoree.dll
TB: QT TabBar: {d2bf470e-ed1c-487f-a333-2bd8835eb6ce} - mscoree.dll
TB: QT Tab Standard Buttons: {d2bf470e-ed1c-487f-a666-2bd8835eb6ce} - mscoree.dll
TB: {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - No File
EB: {22E710B1-BA2D-4CD5-99C4-9081B8105A20} - No File
EB: FindeXer: {377d8121-efaa-4d1c-981b-8bfad9f10de3} - c:\windows\system32\FindeXer.dll
EB: Command Prompt /Ctrl+M/: {8689a69c-cc9d-3aec-9d7c-e7f409700c15} - mscoree.dll
mRun: [Resume copy] copyfstq.exe /startup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [NVRaidService] c:\windows\system32\nvraidservice.exe
mRun: [nTrayFw] c:\program files\nvidia corporation\networkaccessmanager\bin\nTrayFw.exe
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
dRunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
StartupFolder: c:\docume~1\sulski\menu start\programy\autostart\transparent fx - lite.lnk - c:\program files\fadebar\Fadebar.exe
uPolicies-explorer: NoSMHelp = 1 (0x1)
uPolicies-explorer: NoSMMyPictures = 1 (0x1)
uPolicies-explorer: NoSMConfigurePrograms = 1 (0x1)
uPolicies-explorer: NoResolveTrack = 1 (0x1)
mPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)
mPolicies-system: DisableStatusMessages = 1 (0x1)
dPolicies-explorer: NoSMHelp = 1 (0x1)
dPolicies-explorer: NoSMMyPictures = 1 (0x1)
dPolicies-explorer: NoSMConfigurePrograms = 1 (0x1)
dPolicies-explorer: NoResolveTrack = 1 (0x1)
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
LSP: %SYSTEMROOT%\system32\nvappfilter.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll

============= SERVICES / DRIVERS ===============

R1 vcdrom;Virtual CD-ROM Device Driver;c:\program files\system\cpl bonus\vcdrom.sys [2010-2-4 8576]
S4 prio_svc;Prio Service;c:\program files\prio\prio_svc.exe [2009-1-12 5120]

=============== Created Last 30 ================

2010-02-08 18:58:41 0 d-sha-r- C:\cmdcons
2010-02-08 18:57:43 98816 ----a-w- c:\windows\sed.exe
2010-02-08 18:57:43 77312 ----a-w- c:\windows\MBR.exe
2010-02-08 18:57:43 261632 ----a-w- c:\windows\PEV.exe
2010-02-08 18:57:43 161792 ----a-w- c:\windows\SWREG.exe
2010-02-08 18:53:51 0 d-----w- c:\program files\Trend Micro
2010-02-08 18:10:35 0 d-----w- c:\program files\Winamp Detect
2010-02-07 18:31:59 0 d-----w- c:\docume~1\sulski\dane aplikacji\SpeedSim
2010-02-06 15:29:00 0 d-----w- c:\program files\JRE
2010-02-06 15:28:58 0 d-----w- c:\program files\OpenOffice.org 3
2010-02-04 20:19:52 0 d-----w- c:\docume~1\sulski\dane aplikacji\Gadu-Gadu 10
2010-02-04 17:53:32 0 d-----w- c:\windows\SxsCaPendDel
2010-02-04 17:53:25 0 d-----w- c:\docume~1\alluse~1\daneap~1\Gadu-Gadu 10
2010-02-04 17:53:22 0 d-----w- c:\program files\Gadu-Gadu 10
2010-02-04 17:34:06 0 d-sh--w- c:\documents and settings\sulski\PrivacIE
2010-02-04 16:45:57 0 d-----w- c:\program files\common files\ODBC
2010-02-04 16:45:37 0 d--h--w- c:\documents and settings\all users\Szablony
2010-02-04 16:45:37 0 d-----w- c:\documents and settings\all users\Ulubione
2010-02-04 16:45:37 0 d-----r- c:\documents and settings\all users\Menu Start
2010-02-04 16:45:37 0 d-----r- c:\documents and settings\all users\Dokumenty
2010-02-04 16:43:14 0 d--h--r- c:\documents and settings\all users\Dane aplikacji
2010-02-04 16:07:30 0 d-----w- c:\docume~1\sulski\dane aplikacji\Xentient
2010-02-04 16:05:27 0 d-----w- c:\program files\Realtek Sound Manager
2010-02-04 16:05:27 0 d-----w- c:\program files\AvRack
2010-02-04 16:05:20 0 d-----w- c:\program files\Realtek AC97
2010-02-04 16:04:17 0 d-----w- c:\docume~1\alluse~1\daneap~1\NVIDIA Corporation
2010-02-04 16:04:13 0 d-----w- c:\program files\NVIDIA Corporation
2010-02-04 16:02:06 0 d-----w- c:\docume~1\sulski\dane aplikacji\FindeXer
2010-02-04 16:02:06 0 d-----w- c:\docume~1\sulski\dane aplikacji\Finder Bar
2010-02-04 16:02:06 0 d-----w- c:\docume~1\sulski\dane aplikacji\AIMP
2010-02-04 15:59:51 0 d-----w- c:\documents and settings\all users\Pulpit
2010-02-04 15:59:51 0 d-----w- c:\docume~1\alluse~1\daneap~1\Finder Bar
2010-02-04 15:59:50 0 d-----w- c:\program files\FolderSize
2010-02-04 15:59:45 0 d-----w- c:\program files\Command Prompt Explorer Bar
2010-02-04 15:55:59 0 d---a-w- c:\program files\SubEdit-Player
2010-02-04 15:55:59 0 d-----w- c:\program files\Taskix
2010-02-04 15:55:59 0 d-----w- c:\program files\Stack
2010-02-04 15:55:59 0 d-----w- c:\program files\SpiritPyre Extensions
2010-02-04 15:55:58 0 d-----w- c:\program files\shutoffxp
2010-02-04 15:55:58 0 d-----w- c:\program files\Shell Picture
2010-02-04 15:55:58 0 d-----w- c:\program files\QDAcces
2010-02-04 15:55:57 0 d-----w- c:\program files\PNotes
2010-02-04 15:55:57 0 d-----w- c:\program files\Perlovga Removal Tool
2010-02-04 15:55:57 0 d-----w- c:\program files\MaZZicK
2010-02-04 15:55:57 0 d-----w- c:\program files\Ikony paska narzędzi
2010-02-04 15:55:57 0 d-----w- c:\program files\BESTplayer
2010-02-04 15:55:54 0 d-----w- c:\program files\IconZ
2010-02-04 15:55:54 0 d-----w- c:\program files\EdgeSwap
2010-02-04 15:55:52 0 d-----w- c:\program files\LClock
2010-02-04 15:55:52 0 d-----w- c:\program files\LaunchTab
2010-02-04 15:55:52 0 d-----w- c:\program files\GG Lite
2010-02-04 15:55:52 0 d-----w- c:\program files\DesktopListViewv1.0
2010-02-04 15:55:52 0 d-----w- c:\program files\Cymes Desktop Changer 1.7
2010-02-04 15:55:52 0 d-----w- c:\program files\AeroSnap
2010-02-04 15:55:52 0 d-----w- c:\program files\Aero shake
2010-02-04 15:55:49 0 d-----w- c:\program files\Fadebar
2010-02-04 15:55:49 0 d-----w- c:\program files\Contextaware
2010-02-04 15:55:46 0 d-----w- c:\program files\FreeRapiD-0.82
2010-02-04 15:55:45 0 d-----w- c:\program files\WinFlip
2010-02-04 15:55:45 0 d-----w- c:\program files\TrueTransparency
2010-02-04 15:55:39 0 d-----w- c:\program files\WindowZ
2010-02-04 15:55:39 0 d-----w- c:\program files\ViGlance OneStep
2010-02-04 15:55:39 0 d-----w- c:\program files\Thumbnail Resize
2010-02-04 15:55:38 0 d-----w- c:\program files\VisualTaskTips
2010-02-04 15:55:37 0 d-----w- c:\program files\VPX.PL Uploader
2010-02-04 15:55:33 0 d-----w- c:\program files\Foxit
2010-02-04 15:55:32 0 d-----w- c:\program files\Switch Off
2010-02-04 15:55:31 0 d-----w- c:\program files\StyleFolder
2010-02-04 15:55:21 0 d-----w- c:\program files\Quizo
2010-02-04 15:55:14 0 d-----w- c:\program files\QuickTime Alternative
2010-02-04 15:55:13 0 d-----w- c:\program files\Prio
2010-02-04 15:55:11 0 d-----w- c:\program files\RegCompact.NET
2010-02-04 15:54:58 0 d-----w- c:\program files\K-Lite Codec Pack
2010-02-04 15:54:55 0 d-----w- c:\program files\System
2010-02-04 15:54:31 0 d-----w- c:\program files\IrfanView
2010-02-04 15:54:29 0 d-----w- c:\program files\Drive Space Indicator
2010-02-04 15:54:24 0 d-----w- c:\program files\Driver Magician
2010-02-04 15:54:23 0 d-----w- c:\program files\Defraggler
2010-02-04 15:54:16 0 d-----w- c:\program files\CCleaner
2010-02-04 15:54:14 0 d-----w- c:\program files\AIMP2
2010-02-04 15:54:12 0 d-----w- c:\program files\TrueCrypt
2010-02-04 15:53:59 0 d-----w- c:\program files\AbiSuite2
2010-02-04 15:51:18 0 d-sh--w- c:\documents and settings\all users\DRM
2010-02-04 15:51:01 0 d--h--w- c:\program files\WindowsUpdate
2010-02-04 15:50:38 0 d-----w- c:\program files\common files\MSSoap
2010-02-04 15:49:19 0 d-----w- c:\program files\Windows Media Connect 2
2010-02-04 15:49:08 0 d-----w- c:\program files\Windows NT

==================== Find3M ====================

2010-02-04 16:17:27 77594 ----a-w- c:\windows\system32\perfc015.dat
2010-02-04 16:17:27 454962 ----a-w- c:\windows\system32\perfh015.dat
2010-02-04 15:55:30 53812 ----a-w- c:\windows\uninst-vj.exe
2010-02-04 15:55:30 172032 ----a-w- c:\windows\vjpeg.exe
2010-02-04 15:55:27 82898 ----a-w- c:\windows\uninstall.exe
2010-02-04 15:54:42 410984 ----a-w- c:\windows\system32\deploytk.dll
2010-02-04 15:49:57 21856 ----a-w- c:\windows\system32\emptyregdb.dat
2009-11-21 02:34:54 69632 ----a-w- c:\windows\system32\OpenCL.dll
2009-11-21 02:34:54 6282752 ----a-w- c:\windows\system32\nv4_disp.dll
2009-11-21 02:34:54 4038656 ----a-w- c:\windows\system32\nvcuda.dll
2009-11-21 02:34:54 2293286 ----a-w- c:\windows\system32\nvdata.bin
2009-11-21 02:34:54 2259560 ----a-w- c:\windows\system32\nvcuvid.dll
2009-11-21 02:34:54 1989224 ----a-w- c:\windows\system32\nvcuvenc.dll
2009-11-21 02:34:54 182888 ----a-w- c:\windows\system32\nvcodins.dll
2009-11-21 02:34:54 182888 ----a-w- c:\windows\system32\nvcod.dll
2009-11-21 02:34:54 13602816 ----a-w- c:\windows\system32\nvoglnt.dll
2009-11-21 02:34:54 11374592 ----a-w- c:\windows\system32\nvcompiler.dll
2009-11-21 02:34:54 1056768 ----a-w- c:\windows\system32\nvapi.dll

============= FINISH: 21:33:00,98 ===============
[/log]

[log]UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-12-01.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 2010-02-04 16:56:37
System Uptime: 2010-02-08 15:56:58 (6 hours ago)

Motherboard: Gigabyte Technology Co., Ltd. | | GA-K8NMF-9
Processor: AMD Athlon(tm) 64 Processor 3200+ | Socket 939 | 2010/200mhz

==== Disk Partitions =========================

A: is Removable
E: is CDROM (CDFS)

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP1: 2010-02-08 19:57:48 - Punkt kontrolny systemu

==== Installed Programs ======================

AbiWord 2.6.8
AbiWord Tools Plugins
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Shockwave Player 11.5
AIMP2
Aktualizacja zabezpieczeń dla systemu Windows XP (KB923561)
Archiwizator WinRAR
CCleaner (remove only)
CDBurnerXP
Command Prompt Explorer Bar
Deep Space 3D Screensaver
Defraggler (remove only)
Detektor Winampa
Drive Space Indicator
Driver Magician 3.42
Folder Size for Windows
Gadu-Gadu 10
HFSLIP Total Slipstream (v1.7.8, build 80614)
HijackThis 2.0.2
IrfanView (remove only)
Java(TM) 6 Update 13
K-Lite Mega Codec Pack 4.7.5
Kels' CPL Bonus Pack!
Koi Fish 3D Screensaver
Mechanical Clock 3D Screensaver
Microsoft .NET Framework 1.1 SP1
Microsoft .NET Framework 2.0
Microsoft Visual C++ 2005 Redistributable
NVIDIA Display Control Panel
NVIDIA Drivers
NVIDIA ForceWare Network Access Manager
NVIDIA nView Desktop Manager
OpenOffice.org 3.1
Opera 10.10
Poprawka Security Update dla produktu Microsoft .NET Framework 2.0 (KB917283)
Poprawka Security Update dla produktu Microsoft .NET Framework 2.0 (KB922770)
Prio v1.9.9.1732
QuickTime Alternative 2.8.0
Realtek AC'97 Audio
REALTEK Gigabit and Fast Ethernet NIC Driver
RegCompact.NET 2.0
StyleFolder 1.0.3
Switch Off
Total Copy 1.1 NetHorror Edition
Visual Task Tips 3.4
VJPEG Image Viewer (remove)
VPX.PL Uploader 1.0
WebFldrs XP
Winamp

==== End Of File ===========================
[/log]


I jeszcze udalo sie sciagnac OTL :

[log]OTL logfile created on: 2010-02-08 21:38:10 - Run 1
OTL by OldTimer - Version 3.1.28.0 Folder = C:\Documents and Settings\Sulski\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 49,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 82,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 39,06 Gb Total Space | 33,72 Gb Free Space | 86,32% Space Free | Partition Type: NTFS
Drive D: | 193,82 Gb Total Space | 131,19 Gb Free Space | 67,69% Space Free | Partition Type: NTFS
Drive E: | 36,87 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: WINDOWZ
Current User Name: Sulski
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2010-02-08 21:35:53 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sulski\Pulpit\OTL.exe
PRC - [2010-01-20 13:05:04 | 012,067,432 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe
PRC - [2009-12-18 01:31:52 | 001,551,712 | ---- | M] (Nullsoft) -- C:\Program Files\Winamp\winamp.exe
PRC - [2009-12-18 01:30:48 | 000,039,424 | ---- | M] (Nullsoft) -- C:\Program Files\Winamp\winampa.exe
PRC - [2009-11-20 20:32:14 | 000,154,216 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2009-11-20 19:01:18 | 000,832,296 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2009-06-14 14:36:55 | 001,591,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-15 13:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\unsecapp.exe
PRC - [2006-08-02 22:12:00 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
PRC - [2005-04-29 18:22:26 | 000,266,240 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
PRC - [2005-04-29 18:21:06 | 000,139,264 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
PRC - [2005-04-29 18:18:24 | 000,131,136 | ---- | M] (NVIDIA) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
PRC - [2005-04-29 18:18:08 | 000,057,412 | ---- | M] (NVIDIA) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
PRC - [2005-01-17 07:43:46 | 000,084,480 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvraidservice.exe


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2010-02-08 21:35:53 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sulski\Pulpit\OTL.exe


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2010-02-04 16:54:42 | 000,152,984 | ---- | M] (Sun Microsystems, Inc.) [Disabled | Stopped] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009-11-20 20:32:14 | 000,154,216 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2009-01-12 16:18:54 | 000,005,120 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Prio\prio_svc.exe -- (prio_svc)
SRV - [2008-10-20 22:18:26 | 000,071,096 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)
SRV - [2007-11-14 21:46:00 | 000,131,072 | ---- | M] (Brio) [Disabled | Stopped] -- C:\Program Files\FolderSize\FolderSizeSvc.exe -- (FolderSize)
SRV - [2005-04-29 18:21:06 | 000,139,264 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM)
SRV - [2005-04-29 18:18:24 | 000,131,136 | ---- | M] (NVIDIA) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe -- (nSvcIp)
SRV - [2005-04-29 18:18:08 | 000,057,412 | ---- | M] (NVIDIA) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe -- (nSvcLog)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2009-11-21 03:34:54 | 010,235,968 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2009-06-25 14:02:54 | 000,069,168 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\si3112.sys -- (Si3112)
DRV - [2009-06-25 14:02:07 | 000,145,952 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvgts.sys -- (nvgts)
DRV - [2009-06-25 14:02:06 | 000,133,152 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvrd32.sys -- (nvrd32)
DRV - [2009-04-28 21:20:06 | 000,044,944 | ---- | M] (Sonic Solutions) [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2008-04-15 13:00:00 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2008-04-15 13:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2006-08-18 06:52:00 | 004,017,536 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005-05-17 10:45:12 | 000,076,288 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvraid.sys -- (nvraid) NVIDIA nForce(tm)
DRV - [2005-05-17 10:45:08 | 000,092,800 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvatabus.sys -- (nvatabus)
DRV - [2005-04-05 20:22:30 | 000,012,928 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2005-04-05 20:22:28 | 000,033,536 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2001-12-19 11:45:00 | 000,008,576 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Program Files\System\CPL Bonus\vcdrom.sys -- (vcdrom)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: ([2008-04-15 13:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (Loader Class) - {F880A4A8-C436-4AC4-AFD1-AA0BDC9552DD} - C:\WINDOWS\system32\FindeXer.dll (A Part of the LessCliX Suite by Alianyn)
O3 - HKLM\..\Toolbar: (no name) - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {63AB4C54-3310-44c9-85D8-AA92C2263D58} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - No CLSID value found.
O4 - HKLM..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [Resume copy] C:\WINDOWS\copyfstq.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft)
O4 - Startup: C:\Documents and Settings\Sulski\Menu Start\Programy\Autostart\Transparent fx - lite.lnk = C:\Program Files\Fadebar\Fadebar.exe (Nookian Apps)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Sulski\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Sulski\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-02-04 16:52:12 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009-11-11 00:05:02 | 003,119,616 | R--- | M] () - E:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2009-06-22 09:10:04 | 000,004,286 | R--- | M] () - E:\autorun.ico -- [ CDFS ]
O32 - AutoRun File - [2009-09-30 10:09:24 | 000,000,047 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2010-02-08 21:35:43 | 000,549,376 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Sulski\Pulpit\OTL.exe
[2010-02-08 20:02:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010-02-08 19:58:41 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010-02-08 19:57:43 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010-02-08 19:57:43 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010-02-08 19:57:43 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010-02-08 19:57:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010-02-08 19:57:21 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010-02-08 19:53:51 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010-02-08 19:10:35 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect
[2010-02-08 19:10:31 | 001,858,032 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxsfs.dll
[2010-02-08 19:10:31 | 000,670,192 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\px.dll
[2010-02-08 19:10:31 | 000,551,408 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxdrv.dll
[2010-02-08 19:10:31 | 000,436,720 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxwave.dll
[2010-02-08 19:10:31 | 000,219,632 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxmas.dll
[2010-02-08 19:10:31 | 000,129,520 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxafs.dll
[2010-02-08 19:10:31 | 000,096,752 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\vxblock.dll
[2010-02-08 19:10:31 | 000,072,176 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxhpinst.exe
[2010-02-08 19:10:31 | 000,066,544 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxcpya64.exe
[2010-02-08 19:10:31 | 000,066,032 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxinsa64.exe
[2010-02-08 19:10:31 | 000,044,944 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\PxHelp20.sys
[2010-02-08 19:10:31 | 000,009,200 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdralw2k.sys
[2010-02-08 19:10:31 | 000,009,072 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys
[2010-02-08 19:10:30 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp
[2010-02-08 19:10:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sulski\Dane aplikacji\Winamp
[2010-02-08 06:07:03 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Sulski\Recent
[2010-02-07 19:31:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sulski\Dane aplikacji\SpeedSim
[2010-02-07 19:31:55 | 000,417,792 | ---- | C] (SpeedSim Developers) -- C:\Documents and Settings\Sulski\Pulpit\SpeedSim.exe
[2010-02-07 19:31:55 | 000,225,280 | ---- | C] (SpeedSim Developers) -- C:\Documents and Settings\Sulski\Pulpit\SpeedKernel.dll
[2010-02-07 19:31:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sulski\Dane aplikacji\WinRAR
[2010-02-06 16:29:00 | 000,000,000 | ---D | C] -- C:\Program Files\JRE
[2010-02-06 16:28:58 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2010-02-06 16:21:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sulski\Pulpit\OpenOffice.org 3.1 (pl) Installation Files
[2010-02-05 21:37:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sulski\Ustawienia lokalne\Dane aplikacji\cache
[2010-02-05 17:52:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sulski\Dane aplikacji\Media Player Classic
[2010-02-04 21:19:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sulski\Dane aplikacji\Gadu-Gadu 10
[2010-02-04 18:53:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2010-02-04 18:53:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2010-02-04 18:53:22 | 000,000,000 | ---D | C] -- C:\Program Files\Gadu-Gadu 10
[2010-02-04 18:34:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2010-02-04 18:34:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sulski\Dane aplikacji\Sun
[2010-02-04 18:34:06 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Sulski\PrivacIE
[2010-02-04 17:55:53 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Sulski\Moje dokumenty\Moje wideo
[2010-02-04 17:55:53 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje wideo
[2010-02-04 17:47:35 | 000,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\enum1394.sys
[2010-02-04 17:46:55 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2010-02-04 17:46:12 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moja muzyka
[2010-02-04 17:45:58 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2010-02-04 17:45:57 | 000,000,000 | ---D | C] -- C:\Program Files
[2010-02-04 17:45:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2010-02-04 17:45:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2010-02-04 17:45:48 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll
[2010-02-04 17:45:48 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll
[2010-02-04 17:45:48 | 000,085,532 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dgsetup.dll
[2010-02-04 17:45:48 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2010-02-04 17:45:48 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2010-02-04 17:45:47 | 000,127,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL
[2010-02-04 17:45:47 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL
[2010-02-04 17:45:47 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL
[2010-02-04 17:45:47 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL
[2010-02-04 17:45:47 | 000,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2010-02-04 17:45:47 | 000,009,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL
[2010-02-04 17:45:47 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL
[2010-02-04 17:45:47 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2010-02-04 17:45:47 | 000,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2010-02-04 17:45:47 | 000,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2010-02-04 17:45:47 | 000,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2010-02-04 17:45:46 | 000,109,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL
[2010-02-04 17:45:46 | 000,073,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV
[2010-02-04 17:45:46 | 000,070,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2010-02-04 17:45:46 | 000,033,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL
[2010-02-04 17:45:46 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV
[2010-02-04 17:45:46 | 000,025,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV
[2010-02-04 17:45:46 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2010-02-04 17:45:46 | 000,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL
[2010-02-04 17:45:46 | 000,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2010-02-04 17:45:46 | 000,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2010-02-04 17:45:46 | 000,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK
[2010-02-04 17:45:45 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WINSPOOL.DRV
[2010-02-04 17:45:45 | 000,069,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMSYSTEM.DLL
[2010-02-04 17:45:45 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2010-02-04 17:45:44 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2010-02-04 17:45:37 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start
[2010-02-04 17:45:37 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty
[2010-02-04 17:45:37 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Szablony
[2010-02-04 17:45:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Ulubione
[2010-02-04 17:43:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2010-02-04 17:43:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2010-02-04 17:43:14 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft
[2010-02-04 17:43:14 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji
[2010-02-04 17:42:55 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010-02-04 17:42:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2010-02-04 17:39:08 | 000,000,000 | --SD | C] -- C:\WINDOWS\Offline Web Pages
[2010-02-04 17:39:08 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2010-02-04 17:39:08 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Web
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl-pl
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\PCHealth
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\NLDRV
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Network Diagnostic
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\L2Schemas
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\inf
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1045
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2010-02-04 17:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2010-02-04 17:24:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sulski\Dane aplikacji\Macromedia
[2010-02-04 17:24:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sulski\Dane aplikacji\Adobe
[2010-02-04 17:16:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sulski\Ustawienia lokalne\Dane aplikacji\Opera
[2010-02-04 17:16:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sulski\Dane aplikacji\Opera
[2010-02-04 17:15:57 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2010-02-04 17:12:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\OPTIONS
[2010-02-04 17:09:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2010-02-04 17:09:13 | 000,454,656 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\CapabilityTable.exe
[2010-02-04 17:09:07 | 000,400,384 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidWizard.dll
[2010-02-04 17:09:07 | 000,084,480 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvraidservice.exe
[2010-02-04 17:09:07 | 000,081,920 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidWizardde.dll
[2010-02-04 17:09:07 | 000,080,896 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidWizardpt.dll
[2010-02-04 17:09:07 | 000,079,360 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidWizardit.dll
[2010-02-04 17:09:07 | 000,079,360 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidWizardfr.dll
[2010-02-04 17:09:07 | 000,079,360 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidWizardes.dll
[2010-02-04 17:09:07 | 000,079,360 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidWizardel.dll
[2010-02-04 17:09:07 | 000,078,336 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidWizardsl.dll
[2010-02-04 17:09:07 | 000,078,336 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidWizardptb.dll
[2010-02-04 17:09:07 | 000,077,824 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidWizardru.dll
[2010-02-04 17:09:07 | 000,077,312 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidWizardtr.dll
[2010-02-04 17:09:07 | 000,077,312 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidWizardno.dll
[2010-02-04 17:09:07 | 000,077,312 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidWizardnl.dll
[2010-02-04 17:09:07 | 000,077,312 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidWizardcs.dll
[2010-02-04 17:09:07 | 000,076,800 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidWizardth.dll
[2010-02-04 17:09:07 | 000,076,800 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidWizardhu.dll
[2010-02-04 17:09:07 | 000,076,288 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidWizardsv.dll
[2010-02-04 17:09:07 | 000,076,288 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidWizardpl.dll
[2010-02-04 17:09:07 | 000,076,288 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidWizardfi.dll
[2010-02-04 17:09:07 | 000,075,776 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidWizardsk.dll
[2010-02-04 17:09:07 | 000,075,776 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidWizardEnu.dll
[2010-02-04 17:09:07 | 000,075,776 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidWizardda.dll
[2010-02-04 17:09:07 | 000,075,264 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidWizardeng.dll
[2010-02-04 17:09:07 | 000,074,752 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidWizardhe.dll
[2010-02-04 17:09:07 | 000,073,216 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidWizardar.dll
[2010-02-04 17:09:07 | 000,068,096 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidWizardko.dll
[2010-02-04 17:09:07 | 000,068,096 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidWizardja.dll
[2010-02-04 17:09:07 | 000,067,072 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidWizardzht.dll
[2010-02-04 17:09:07 | 000,065,536 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidWizardzhc.dll
[2010-02-04 17:09:07 | 000,021,504 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidel.dll
[2010-02-04 17:09:07 | 000,020,992 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidsl.dll
[2010-02-04 17:09:07 | 000,020,992 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidru.dll
[2010-02-04 17:09:07 | 000,020,992 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidptb.dll
[2010-02-04 17:09:07 | 000,020,992 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidpt.dll
[2010-02-04 17:09:07 | 000,020,992 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidpl.dll
[2010-02-04 17:09:07 | 000,020,992 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidnl.dll
[2010-02-04 17:09:07 | 000,020,992 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidit.dll
[2010-02-04 17:09:07 | 000,020,992 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidhu.dll
[2010-02-04 17:09:07 | 000,020,992 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidfr.dll
[2010-02-04 17:09:07 | 000,020,992 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaides.dll
[2010-02-04 17:09:07 | 000,020,992 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidde.dll
[2010-02-04 17:09:07 | 000,020,992 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidcs.dll
[2010-02-04 17:09:07 | 000,020,480 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidtr.dll
[2010-02-04 17:09:07 | 000,020,480 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidth.dll
[2010-02-04 17:09:07 | 000,020,480 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidsv.dll
[2010-02-04 17:09:07 | 000,020,480 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidsk.dll
[2010-02-04 17:09:07 | 000,020,480 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidno.dll
[2010-02-04 17:09:07 | 000,020,480 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidfi.dll
[2010-02-04 17:09:07 | 000,020,480 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidEnu.dll
[2010-02-04 17:09:07 | 000,020,480 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaideng.dll
[2010-02-04 17:09:07 | 000,020,480 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidda.dll
[2010-02-04 17:09:07 | 000,019,968 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidhe.dll
[2010-02-04 17:09:07 | 000,019,968 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidar.dll
[2010-02-04 17:09:07 | 000,019,456 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidko.dll
[2010-02-04 17:09:07 | 000,019,456 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidja.dll
[2010-02-04 17:09:07 | 000,018,944 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidzht.dll
[2010-02-04 17:09:07 | 000,018,944 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidzhc.dll
[2010-02-04 17:09:07 | 000,006,656 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidSvpt.dll
[2010-02-04 17:09:07 | 000,006,656 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidSvde.dll
[2010-02-04 17:09:07 | 000,006,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidSvtr.dll
[2010-02-04 17:09:07 | 000,006,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidSvth.dll
[2010-02-04 17:09:07 | 000,006,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidSvsv.dll
[2010-02-04 17:09:07 | 000,006,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidSvsl.dll
[2010-02-04 17:09:07 | 000,006,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidSvsk.dll
[2010-02-04 17:09:07 | 000,006,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidSvru.dll
[2010-02-04 17:09:07 | 000,006,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidSvptb.dll
[2010-02-04 17:09:07 | 000,006,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidSvpl.dll
[2010-02-04 17:09:07 | 000,006,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidSvno.dll
[2010-02-04 17:09:07 | 000,006,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidSvnl.dll
[2010-02-04 17:09:07 | 000,006,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidSvit.dll
[2010-02-04 17:09:07 | 000,006,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidSvhu.dll
[2010-02-04 17:09:07 | 000,006,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidSvhe.dll
[2010-02-04 17:09:07 | 000,006,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidSvfr.dll
[2010-02-04 17:09:07 | 000,006,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidSvfi.dll
[2010-02-04 17:09:07 | 000,006,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidSves.dll
[2010-02-04 17:09:07 | 000,006,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidSvEnu.dll
[2010-02-04 17:09:07 | 000,006,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidSveng.dll
[2010-02-04 17:09:07 | 000,006,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidSvel.dll
[2010-02-04 17:09:07 | 000,006,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidSvda.dll
[2010-02-04 17:09:07 | 000,006,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidSvcs.dll
[2010-02-04 17:09:07 | 000,005,632 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidSvar.dll
[2010-02-04 17:09:07 | 000,005,120 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidSvzht.dll
[2010-02-04 17:09:07 | 000,005,120 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidSvzhc.dll
[2010-02-04 17:09:07 | 000,005,120 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidSvko.dll
[2010-02-04 17:09:07 | 000,005,120 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvRaidSvja.dll
[2010-02-04 17:09:07 | 000,004,096 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvSataConnectionzht.dll
[2010-02-04 17:09:07 | 000,004,096 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvSataConnectionzhc.dll
[2010-02-04 17:09:07 | 000,004,096 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvSataConnectiontr.dll
[2010-02-04 17:09:07 | 000,004,096 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvSataConnectionth.dll
[2010-02-04 17:09:07 | 000,004,096 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvSataConnectionsv.dll
[2010-02-04 17:09:07 | 000,004,096 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvSataConnectionsl.dll
[2010-02-04 17:09:07 | 000,004,096 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvSataConnectionsk.dll
[2010-02-04 17:09:07 | 000,004,096 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvSataConnectionru.dll
[2010-02-04 17:09:07 | 000,004,096 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvSataConnectionptb.dll
[2010-02-04 17:09:07 | 000,004,096 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvSataConnectionpt.dll
[2010-02-04 17:09:07 | 000,004,096 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvSataConnectionpl.dll
[2010-02-04 17:09:07 | 000,004,096 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvSataConnectionno.dll
[2010-02-04 17:09:07 | 000,004,096 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvSataConnectionnl.dll
[2010-02-04 17:09:07 | 000,004,096 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvSataConnectionko.dll
[2010-02-04 17:09:07 | 000,004,096 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvSataConnectionja.dll
[2010-02-04 17:09:07 | 000,004,096 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvSataConnectionit.dll
[2010-02-04 17:09:07 | 000,004,096 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvSataConnectionhu.dll
[2010-02-04 17:09:07 | 000,004,096 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvSataConnectionhe.dll
[2010-02-04 17:09:07 | 000,004,096 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvSataConnectionfr.dll
[2010-02-04 17:09:07 | 000,004,096 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvSataConnectionfi.dll
[2010-02-04 17:09:07 | 000,004,096 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvSataConnectiones.dll
[2010-02-04 17:09:07 | 000,004,096 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvSataConnectionEnu.dll
[2010-02-04 17:09:07 | 000,004,096 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvSataConnectioneng.dll
[2010-02-04 17:09:07 | 000,004,096 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvSataConnectionel.dll
[2010-02-04 17:09:07 | 000,004,096 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvSataConnectionde.dll
[2010-02-04 17:09:07 | 000,004,096 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvSataConnectionda.dll
[2010-02-04 17:09:07 | 000,004,096 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvSataConnectioncs.dll
[2010-02-04 17:09:07 | 000,004,096 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NvSataConnectionar.dll
[2010-02-04 17:08:04 | 000,176,128 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvunrm.exe
[2010-02-04 17:08:03 | 000,176,128 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvusmb.exe
[2010-02-04 17:08:03 | 000,176,128 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NVUNINST.EXE
[2010-02-04 17:07:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2010-02-04 17:07:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sulski\Dane aplikacji\Xentient
[2010-02-04 17:07:25 | 000,261,888 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nvnrm.sys
[2010-02-04 17:07:25 | 000,208,256 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nvsnpu.sys
[2010-02-04 17:07:25 | 000,092,800 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nvatabus.sys
[2010-02-04 17:07:25 | 000,092,800 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nvata.sys
[2010-02-04 17:07:25 | 000,076,288 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nvraid.sys
[2010-02-04 17:07:25 | 000,033,536 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\NVENETFD.sys
[2010-02-04 17:07:25 | 000,012,928 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nvnetbus.sys
[2010-02-04 17:07:20 | 000,300,032 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\idecoi.dll
[2010-02-04 17:07:20 | 000,201,728 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\fdco1ins.dll
[2010-02-04 17:07:20 | 000,201,728 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\fdco1.dll
[2010-02-04 17:07:20 | 000,032,256 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvconrm.dll
[2010-02-04 17:07:20 | 000,009,728 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\bdco1ins.dll
[2010-02-04 17:07:20 | 000,009,728 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\bdco1.dll
[2010-02-04 17:05:29 | 004,017,536 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\alcxwdm.sys
[2010-02-04 17:05:29 | 000,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2010-02-04 17:05:29 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2010-02-04 17:05:29 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2010-02-04 17:05:28 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2010-02-04 17:05:27 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek Sound Manager
[2010-02-04 17:05:27 | 000,000,000 | ---D | C] -- C:\Program Files\AvRack
[2010-02-04 17:05:20 | 010,528,768 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RTLCPL.exe
[2010-02-04 17:05:20 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek AC97
[2010-02-04 17:05:19 | 018,804,736 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\alsndmgr.cpl
[2010-02-04 17:05:19 | 000,577,536 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
[2010-02-04 17:05:19 | 000,315,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\alcupd.exe
[2010-02-04 17:05:19 | 000,217,088 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\Alcrmv.exe
[2010-02-04 17:05:19 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010-02-04 17:05:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010-02-04 17:04:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NVIDIA Corporation
[2010-02-04 17:04:13 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010-02-04 17:03:41 | 013,602,816 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvoglnt.dll
[2010-02-04 17:03:41 | 011,374,592 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcompiler.dll
[2010-02-04 17:03:41 | 010,235,968 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nv4_mini.sys
[2010-02-04 17:03:41 | 004,038,656 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuda.dll
[2010-02-04 17:03:41 | 002,259,560 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvid.dll
[2010-02-04 17:03:41 | 001,989,224 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvenc.dll
[2010-02-04 17:03:41 | 001,056,768 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvapi.dll
[2010-02-04 17:03:41 | 000,182,888 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcodins.dll
[2010-02-04 17:03:41 | 000,182,888 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcod.dll
[2010-02-04 17:03:41 | 000,069,632 | ---- | C] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll
[2010-02-04 17:03:39 | 006,282,752 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nv4_disp.dll
[2010-02-04 17:03:37 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2010-02-04 17:02:30 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Sulski\IETldCache
[2010-02-04 17:02:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sulski\Dane aplikacji\Identities
[2010-02-04 17:02:22 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Sulski\Moje dokumenty\Moje obrazy
[2010-02-04 17:02:22 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Sulski\Moje dokumenty\Moja muzyka
[2010-02-04 17:02:22 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2010-02-04 17:02:06 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Sulski\Ulubione
[2010-02-04 17:02:06 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Sulski\Moje dokumenty
[2010-02-04 17:02:06 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Sulski\Ustawienia lokalne\Dane aplikacji\Microsoft
[2010-02-04 17:02:06 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Sulski\SendTo
[2010-02-04 17:02:06 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Sulski\Cookies
[2010-02-04 17:02:06 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Sulski\Ustawienia lokalne
[2010-02-04 17:02:06 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Sulski\Szablony
[2010-02-04 17:02:06 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Sulski\PrintHood
[2010-02-04 17:02:06 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Sulski\NetHood
[2010-02-04 17:02:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sulski\Ustawienia lokalne\Dane aplikacji\Real
[2010-02-04 17:02:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sulski\Dane aplikacji\Real
[2010-02-04 17:02:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sulski\Pulpit
[2010-02-04 17:02:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sulski\nsq6BC.tmp
[2010-02-04 17:02:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sulski\Dane aplikacji\Microsoft
[2010-02-04 17:02:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sulski\Menu Start
[2010-02-04 17:02:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sulski\Dane aplikacji\FindeXer
[2010-02-04 17:02:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sulski\Ustawienia lokalne\Dane aplikacji\Finder Bar
[2010-02-04 17:02:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sulski\Dane aplikacji\Finder Bar
[2010-02-04 17:02:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sulski\Dane aplikacji
[2010-02-04 17:02:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sulski\Dane aplikacji\AIMP
[2010-02-04 16:59:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Pulpit
[2010-02-04 16:59:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Finder Bar
[2010-02-04 16:59:50 | 000,000,000 | ---D | C] -- C:\Program Files\FolderSize
[2010-02-04 16:59:45 | 000,000,000 | ---D | C] -- C:\Program Files\Command Prompt Explorer Bar
[2010-02-04 16:57:44 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2010-02-04 16:57:40 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2010-02-04 16:57:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
[2010-02-04 16:57:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010-02-04 16:57:39 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2010-02-04 16:57:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[2010-02-04 16:56:20 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2010-02-04 16:56:07 | 001,562,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2010-02-04 16:56:07 | 000,880,640 | ---- | C] (Xentient) -- C:\WINDOWS\System32\thumbs.dll
[2010-02-04 16:56:07 | 000,414,208 | ---- | C] (MiTeC) -- C:\WINDOWS\System32\MPEISE.dll
[2010-02-04 16:56:07 | 000,150,256 | ---- | C] (Moon Software) -- C:\WINDOWS\System32\UrlFileShellExt.dll
[2010-02-04 16:56:07 | 000,134,656 | ---- | C] (BAxBEx Software) -- C:\WINDOWS\System32\ShellPicture.dll
[2010-02-04 16:56:07 | 000,069,632 | ---- | C] (Villain) -- C:\WINDOWS\System32\TaskbarForms.exe
[2010-02-04 16:56:07 | 000,053,248 | ---- | C] (Quizo) -- C:\WINDOWS\System32\QTFileTools.dll
[2010-02-04 16:56:07 | 000,036,864 | ---- | C] (Quizo) -- C:\WINDOWS\System32\QTViewModeButton.dll
[2010-02-04 16:56:07 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\phototoys.dll
[2010-02-04 16:56:07 | 000,020,480 | ---- | C] (Quizo) -- C:\WINDOWS\System32\OptionButton.dll
[2010-02-04 16:56:06 | 000,609,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comctl32.ocx
[2010-02-04 16:56:06 | 000,488,448 | ---- | C] (MiTeC) -- C:\WINDOWS\System32\MIPSE.dll
[2010-02-04 16:56:06 | 000,387,584 | ---- | C] (MiTeC) -- C:\WINDOWS\System32\MAISE.dll
[2010-02-04 16:56:06 | 000,185,856 | ---- | C] (A Part of the LessCliX Suite by Alianyn) -- C:\WINDOWS\System32\FindeXer.dll
[2010-02-04 16:56:06 | 000,146,672 | ---- | C] (Moon Software) -- C:\WINDOWS\System32\FolderBackgroundShellExt.dll
[2010-02-04 16:56:06 | 000,036,864 | ---- | C] (Quizo) -- C:\WINDOWS\System32\CreateNewItemButton.dll
[2010-02-04 16:56:06 | 000,016,792 | ---- | C] (NTWind Software) -- C:\WINDOWS\System32\hstart.exe
[2010-02-04 16:56:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\locale
[2010-02-04 16:56:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\books
[2010-02-04 16:56:05 | 001,312,256 | ---- | C] (Softpointer Inc) -- C:\WINDOWS\System32\AudioShellExt.dll
[2010-02-04 16:56:05 | 000,150,256 | ---- | C] (Moon Software) -- C:\WINDOWS\System32\AnyFileShellExt.dll
[2010-02-04 16:56:02 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\nircmd.exe
[2010-02-04 16:56:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Gry
[2010-02-04 16:56:00 | 006,237,301 | ---- | C] (www.crazyscribbles.com) -- C:\WINDOWS\crazyscreen.scr
[2010-02-04 16:55:59 | 000,000,000 | ---D | C] -- C:\Program Files\Taskix
[2010-02-04 16:55:59 | 000,000,000 | ---D | C] -- C:\Program Files\SubEdit-Player
[2010-02-04 16:55:59 | 000,000,000 | ---D | C] -- C:\Program Files\Stack
[2010-02-04 16:55:59 | 000,000,000 | ---D | C] -- C:\Program Files\SpiritPyre Extensions
[2010-02-04 16:55:58 | 000,000,000 | ---D | C] -- C:\Program Files\shutoffxp
[2010-02-04 16:55:58 | 000,000,000 | ---D | C] -- C:\Program Files\Shell Picture
[2010-02-04 16:55:58 | 000,000,000 | ---D | C] -- C:\Program Files\QDAcces
[2010-02-04 16:55:57 | 000,000,000 | ---D | C] -- C:\Program Files\PNotes
[2010-02-04 16:55:57 | 000,000,000 | ---D | C] -- C:\Program Files\Perlovga Removal Tool
[2010-02-04 16:55:57 | 000,000,000 | ---D | C] -- C:\Program Files\MaZZicK
[2010-02-04 16:55:57 | 000,000,000 | ---D | C] -- C:\Program Files\Ikony paska narzędzi
[2010-02-04 16:55:57 | 000,000,000 | ---D | C] -- C:\Program Files\BESTplayer
[2010-02-04 16:55:54 | 000,000,000 | ---D | C] -- C:\Program Files\IconZ
[2010-02-04 16:55:54 | 000,000,000 | ---D | C] -- C:\Program Files\EdgeSwap
[2010-02-04 16:55:52 | 000,000,000 | ---D | C] -- C:\Program Files\LClock
[2010-02-04 16:55:52 | 000,000,000 | ---D | C] -- C:\Program Files\LaunchTab
[2010-02-04 16:55:52 | 000,000,000 | ---D | C] -- C:\Program Files\GG Lite
[2010-02-04 16:55:52 | 000,000,000 | ---D | C] -- C:\Program Files\DesktopListViewv1.0
[2010-02-04 16:55:52 | 000,000,000 | ---D | C] -- C:\Program Files\Cymes Desktop Changer 1.7
[2010-02-04 16:55:52 | 000,000,000 | ---D | C] -- C:\Program Files\AeroSnap
[2010-02-04 16:55:52 | 000,000,000 | ---D | C] -- C:\Program Files\Aero shake
[2010-02-04 16:55:49 | 000,000,000 | ---D | C] -- C:\Program Files\Fadebar
[2010-02-04 16:55:49 | 000,000,000 | ---D | C] -- C:\Program Files\Contextaware
[2010-02-04 16:55:46 | 000,000,000 | ---D | C] -- C:\Program Files\FreeRapiD-0.82
[2010-02-04 16:55:45 | 000,000,000 | ---D | C] -- C:\Program Files\WinFlip
[2010-02-04 16:55:45 | 000,000,000 | ---D | C] -- C:\Program Files\TrueTransparency
[2010-02-04 16:55:39 | 000,000,000 | ---D | C] -- C:\Program Files\WindowZ
[2010-02-04 16:55:39 | 000,000,000 | ---D | C] -- C:\Program Files\ViGlance OneStep
[2010-02-04 16:55:39 | 000,000,000 | ---D | C] -- C:\Program Files\Thumbnail Resize
[2010-02-04 16:55:38 | 000,000,000 | ---D | C] -- C:\Program Files\VisualTaskTips
[2010-02-04 16:55:37 | 000,000,000 | ---D | C] -- C:\Program Files\VPX.PL Uploader
[2010-02-04 16:55:36 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010-02-04 16:55:33 | 000,000,000 | ---D | C] -- C:\Program Files\Foxit
[2010-02-04 16:55:32 | 000,000,000 | ---D | C] -- C:\Program Files\Switch Off
[2010-02-04 16:55:31 | 000,000,000 | ---D | C] -- C:\Program Files\StyleFolder
[2010-02-04 16:55:30 | 000,172,032 | ---- | C] (Herf Consulting LLC) -- C:\WINDOWS\vjpeg.exe
[2010-02-04 16:55:21 | 000,000,000 | ---D | C] -- C:\Program Files\Quizo
[2010-02-04 16:55:20 | 000,090,112 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\QuickTimeVR.qtx
[2010-02-04 16:55:20 | 000,057,344 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\QuickTime.qts
[2010-02-04 16:55:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Apple Computer
[2010-02-04 16:55:14 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime Alternative
[2010-02-04 16:55:13 | 000,000,000 | ---D | C] -- C:\Program Files\Prio
[2010-02-04 16:55:11 | 000,000,000 | ---D | C] -- C:\Program Files\RegCompact.NET
[2010-02-04 16:55:06 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2010-02-04 16:55:06 | 000,185,920 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll
[2010-02-04 16:55:06 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll
[2010-02-04 16:55:06 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll
[2010-02-04 16:55:03 | 000,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\WINDOWS\System32\lameACM.acm
[2010-02-04 16:55:03 | 000,217,088 | ---- | C] (www.helixcommunity.org) -- C:\WINDOWS\System32\yv12vfw.dll
[2010-02-04 16:55:03 | 000,118,784 | ---- | C] (fccHandler) -- C:\WINDOWS\System32\ac3acm.acm
[2010-02-04 16:55:02 | 000,086,016 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\dpl100.dll
[2010-02-04 16:55:01 | 000,684,032 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divx.dll
[2010-02-04 16:54:58 | 000,060,273 | ---- | C] (Open Source Software community project) -- C:\WINDOWS\System32\pthreadGC2.dll
[2010-02-04 16:54:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Real
[2010-02-04 16:54:58 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2010-02-04 16:54:55 | 000,000,000 | ---D | C] -- C:\Program Files\System
[2010-02-04 16:54:48 | 000,410,984 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2010-02-04 16:54:48 | 000,148,888 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010-02-04 16:54:48 | 000,144,792 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010-02-04 16:54:48 | 000,144,792 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010-02-04 16:54:48 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010-02-04 16:54:41 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010-02-04 16:54:31 | 000,000,000 | ---D | C] -- C:\Program Files\IrfanView
[2010-02-04 16:54:29 | 000,000,000 | ---D | C] -- C:\Program Files\Drive Space Indicator
[2010-02-04 16:54:25 | 001,081,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Mscomctl.ocx
[2010-02-04 16:54:25 | 000,526,184 | ---- | C] (Xceed Software Inc (450) 442-2626 support@xceedsoft.com www.xceedsoft.com) -- C:\WINDOWS\System32\XceedCry.dll
[2010-02-04 16:54:25 | 000,456,536 | ---- | C] (Xceed Software Inc (450) 442-2626 support@xceedsoft.com www.xceedsoft.com) -- C:\WINDOWS\System32\XCEEDZIP.DLL
[2010-02-04 16:54:25 | 000,224,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Tabctl32.ocx
[2010-02-04 16:54:25 | 000,152,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Comdlg32.ocx
[2010-02-04 16:54:25 | 000,132,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Msinet.ocx
[2010-02-04 16:54:24 | 000,000,000 | ---D | C] -- C:\Program Files\Driver Magician
[2010-02-04 16:54:23 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2010-02-04 16:54:18 | 000,000,000 | ---D | C] -- C:\Program Files\CDBurnerXP
[2010-02-04 16:54:16 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010-02-04 16:54:14 | 000,000,000 | ---D | C] -- C:\Program Files\AIMP2
[2010-02-04 16:54:12 | 000,000,000 | ---D | C] -- C:\Program Files\TrueCrypt
[2010-02-04 16:54:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe
[2010-02-04 16:53:59 | 000,000,000 | ---D | C] -- C:\Program Files\AbiSuite2
[2010-02-04 16:52:32 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2010-02-04 16:52:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTemp
[2010-02-04 16:52:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2010-02-04 16:52:07 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2010-02-04 16:51:39 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll
[2010-02-04 16:51:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dllcache
[2010-02-04 16:51:18 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2010-02-04 16:51:06 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje obrazy
[2010-02-04 16:51:01 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2010-02-04 16:50:42 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2010-02-04 16:50:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2010-02-04 16:50:39 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2010-02-04 16:50:39 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2010-02-04 16:50:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2010-02-04 16:50:32 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2010-02-04 16:50:32 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2010-02-04 16:50:31 | 000,431,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2010-02-04 16:50:31 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2010-02-04 16:50:31 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2010-02-04 16:50:31 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2010-02-04 16:50:31 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2010-02-04 16:50:31 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2010-02-04 16:50:31 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2010-02-04 16:50:30 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltMc.exe
[2010-02-04 16:50:29 | 000,520,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2010-02-04 16:50:29 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2010-02-04 16:50:29 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2010-02-04 16:50:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2010-02-04 16:50:28 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2010-02-04 16:50:26 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2010-02-04 16:50:25 | 000,278,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2010-02-04 16:50:25 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2010-02-04 16:50:25 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2010-02-04 16:50:25 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2010-02-04 16:50:25 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2010-02-04 16:50:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2010-02-04 16:50:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2010-02-04 16:50:19 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2010-02-04 16:49:49 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2010-02-04 16:49:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2010-02-04 16:49:33 | 000,774,144 | ---- | C] (3Planesoft) -- C:\WINDOWS\System32\Deep Space 3D Screensaver.scr
[2010-02-04 16:49:30 | 012,360,192 | ---- | C] (3Planesoft) -- C:\WINDOWS\System32\Deep Space 3D Screensaver.exe
[2010-02-04 16:49:29 | 000,848,896 | ---- | C] (3Planesoft) -- C:\WINDOWS\System32\Mechanical Clock 3D Screensaver.scr
[2010-02-04 16:49:28 | 002,529,280 | ---- | C] (3Planesoft) -- C:\WINDOWS\System32\Mechanical Clock 3D Screensaver.exe
[2010-02-04 16:49:28 | 000,841,728 | ---- | C] (3Planesoft) -- C:\WINDOWS\System32\Koi Fish 3D Screensaver.scr
[2010-02-04 16:49:25 | 010,203,136 | ---- | C] (3Planesoft) -- C:\WINDOWS\System32\Koi Fish 3D Screensaver.exe
[2010-02-04 16:49:19 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
[2010-02-04 16:49:18 | 000,253,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2010-02-04 16:49:18 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2010-02-04 16:49:18 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2010-02-04 16:49:17 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2010-02-04 16:49:16 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2010-02-04 16:49:15 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2010-02-04 16:49:15 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2010-02-04 16:49:15 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2010-02-04 16:49:15 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2010-02-04 16:49:15 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2010-02-04 16:49:14 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2010-02-04 16:49:14 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2010-02-04 16:49:14 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2010-02-04 16:49:14 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2010-02-04 16:49:14 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2010-02-04 16:49:14 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2010-02-04 16:49:14 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2010-02-04 16:49:14 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2010-02-04 16:49:14 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2010-02-04 16:49:08 | 000,371,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2010-02-04 16:49:08 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2010-02-04 16:49:08 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2010-02-04 16:49:07 | 000,456,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2010-02-04 16:49:07 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2010-02-04 16:49:07 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2010-02-04 16:49:06 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2010-02-04 16:49:06 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2010-02-04 16:49:06 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2010-02-04 16:49:06 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2010-02-04 16:49:05 | 000,677,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstsc.exe
[2010-02-04 16:49:05 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2010-02-04 16:49:05 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2010-02-04 16:49:05 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2010-02-04 16:49:04 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2010-02-04 16:49:04 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll
[2010-02-04 16:49:04 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2010-02-04 16:49:04 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2010-02-04 16:49:04 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2010-02-04 16:49:04 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2010-02-04 16:49:04 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2010-02-04 16:49:04 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll
[2010-02-04 16:49:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2010-02-04 16:49:03 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2010-02-04 16:49:03 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2010-02-04 16:49:03 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2010-02-04 16:49:03 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2010-02-04 16:49:03 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2010-02-04 16:49:02 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2010-02-04 16:49:02 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2010-02-04 16:49:02 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2010-02-04 16:49:02 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll
[2010-02-04 16:49:02 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2010-02-04 16:49:02 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2010-02-04 16:49:02 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2010-02-04 16:49:02 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2010-02-04 16:49:02 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2010-02-04 16:49:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2010-02-04 16:49:01 | 001,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll
[2010-02-04 16:49:01 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll
[2010-02-04 16:49:01 | 000,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2010-02-04 16:49:01 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll
[2010-02-04 16:49:01 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2010-02-04 16:48:55 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2010-02-04 16:48:55 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2010-02-04 16:48:55 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2010-02-04 16:48:55 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Sulski\*.tmp files -> C:\Documents and Settings\Sulski\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2010-02-08 21:35:53 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sulski\Pulpit\OTL.exe
[2010-02-08 21:34:30 | 000,003,380 | ---- | M] () -- C:\WINDOWS\System32\NOTEPAD.ini
[2010-02-08 20:02:10 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-02-08 20:01:27 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010-02-08 19:58:42 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010-02-08 19:53:51 | 000,001,740 | ---- | M] () -- C:\Documents and Settings\Sulski\Pulpit\HijackThis.lnk
[2010-02-08 19:10:35 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Winamp.lnk
[2010-02-08 16:37:50 | 000,272,291 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010-02-08 15:57:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-02-08 06:07:11 | 001,048,576 | -H-- | M] () -- C:\Documents and Settings\Sulski\NTUSER.DAT
[2010-02-07 23:36:30 | 004,829,500 | -H-- | M] () -- C:\Documents and Settings\Sulski\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-02-07 19:31:49 | 000,317,101 | ---- | M] () -- C:\Documents and Settings\Sulski\Pulpit\SpeedSim.zip
[2010-02-06 19:27:43 | 000,003,584 | ---- | M] () -- C:\Documents and Settings\Sulski\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-02-06 19:26:57 | 000,013,416 | ---- | M] () -- C:\Documents and Settings\Sulski\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-02-06 19:13:53 | 000,110,992 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-02-06 16:29:28 | 000,000,967 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\OpenOffice.org 3.1.lnk
[2010-02-06 15:15:00 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Sulski\ntuser.ini
[2010-02-06 13:02:05 | 000,011,288 | ---- | M] () -- C:\Documents and Settings\Sulski\Pulpit\skrzypkopia7wn.jpg
[2010-02-04 18:53:27 | 000,000,707 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\OpenFM.lnk
[2010-02-04 18:53:27 | 000,000,678 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk
[2010-02-04 18:31:08 | 000,312,859 | ---- | M] () -- C:\Documents and Settings\Sulski\Pulpit\mapa-polityczna-swiata.jpg
[2010-02-04 17:46:01 | 000,004,444 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF
[2010-02-04 17:17:27 | 001,003,792 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-02-04 17:17:27 | 000,454,962 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2010-02-04 17:17:27 | 000,398,554 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-02-04 17:17:27 | 000,077,594 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2010-02-04 17:17:27 | 000,061,074 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-02-04 17:15:58 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk
[2010-02-04 17:10:31 | 000,001,981 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\NVIDIA Firewall.lnk
[2010-02-04 17:10:26 | 000,001,024 | ---- | M] () -- C:\.rnd
[2010-02-04 17:10:21 | 000,000,022 | ---- | M] () -- C:\WINDOWS\FileName
[2010-02-04 17:05:27 | 000,001,519 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\AvRack.lnk
[2010-02-04 17:02:33 | 000,001,474 | ---- | M] () -- C:\Documents and Settings\Sulski\Menu Start\Programy\Autostart\Transparent fx - lite.lnk
[2010-02-04 16:57:39 | 000,002,184 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-02-04 16:56:53 | 000,001,314 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2010-02-04 16:55:30 | 000,172,032 | ---- | M] (Herf Consulting LLC) -- C:\WINDOWS\vjpeg.exe
[2010-02-04 16:55:30 | 000,053,812 | ---- | M] () -- C:\WINDOWS\uninst-vj.exe
[2010-02-04 16:55:27 | 000,082,898 | ---- | M] () -- C:\WINDOWS\uninstall.exe
[2010-02-04 16:54:42 | 000,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2010-02-04 16:54:42 | 000,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010-02-04 16:54:42 | 000,144,792 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010-02-04 16:54:42 | 000,144,792 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010-02-04 16:54:42 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010-02-04 16:52:12 | 000,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010-02-04 16:52:12 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010-02-04 16:52:12 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010-02-04 16:52:12 | 000,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2010-02-04 16:52:12 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010-02-04 16:52:12 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010-02-04 16:52:10 | 000,000,507 | ---- | M] () -- C:\WINDOWS\win.ini
[2010-02-04 16:52:06 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010-02-04 16:52:06 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010-02-04 16:52:05 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010-02-04 16:51:39 | 000,004,293 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2010-02-04 16:51:09 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010-02-04 16:51:09 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010-02-04 16:51:06 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010-02-04 16:51:06 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2010-02-04 16:51:06 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010-02-04 16:51:06 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010-02-04 16:51:06 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010-02-04 16:51:06 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010-02-04 16:49:57 | 000,021,856 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010-02-04 16:49:48 | 000,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2010-02-04 16:49:48 | 000,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini
[2010-02-04 16:48:18 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Sulski\*.tmp files -> C:\Documents and Settings\Sulski\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-02-08 19:58:42 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010-02-08 19:58:41 | 000,262,400 | ---- | C] () -- C:\cmldr
[2010-02-08 19:57:43 | 000,261,632 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010-02-08 19:57:43 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010-02-08 19:57:43 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010-02-08 19:57:43 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010-02-08 19:57:43 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010-02-08 19:53:51 | 000,001,740 | ---- | C] () -- C:\Documents and Settings\Sulski\Pulpit\HijackThis.lnk
[2010-02-08 19:10:35 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Winamp.lnk
[2010-02-07 19:31:55 | 000,070,041 | ---- | C] () -- C:\Documents and Settings\Sulski\Pulpit\bw.jpg
[2010-02-07 19:31:55 | 000,021,116 | ---- | C] () -- C:\Documents and Settings\Sulski\Pulpit\pol_lang.ini
[2010-02-07 19:31:55 | 000,010,442 | ---- | C] () -- C:\Documents and Settings\Sulski\Pulpit\eng_lang.ini
[2010-02-07 19:31:55 | 000,004,588 | ---- | C] () -- C:\Documents and Settings\Sulski\Pulpit\bwc.css
[2010-02-07 19:31:55 | 000,004,468 | ---- | C] () -- C:\Documents and Settings\Sulski\Pulpit\cr.css
[2010-02-07 19:31:55 | 000,004,153 | ---- | C] () -- C:\Documents and Settings\Sulski\Pulpit\Standard.rf
[2010-02-07 19:31:55 | 000,001,464 | ---- | C] () -- C:\Documents and Settings\Sulski\Pulpit\Standard.sd
[2010-02-07 19:31:55 | 000,000,153 | ---- | C] () -- C:\Documents and Settings\Sulski\Pulpit\Plik pobrany z ogame.bajo.pl.url
[2010-02-07 19:31:46 | 000,317,101 | ---- | C] () -- C:\Documents and Settings\Sulski\Pulpit\SpeedSim.zip
[2010-02-06 19:27:43 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Sulski\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-02-06 16:29:28 | 000,000,967 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\OpenOffice.org 3.1.lnk
[2010-02-06 13:02:05 | 000,011,288 | ---- | C] () -- C:\Documents and Settings\Sulski\Pulpit\skrzypkopia7wn.jpg
[2010-02-04 18:53:27 | 000,000,707 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\OpenFM.lnk
[2010-02-04 18:53:27 | 000,000,678 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk
[2010-02-04 18:31:08 | 000,312,859 | ---- | C] () -- C:\Documents and Settings\Sulski\Pulpit\mapa-polityczna-swiata.jpg
[2010-02-04 17:46:01 | 000,004,444 | ---- | C] () -- C:\WINDOWS\System32\pid.PNF
[2010-02-04 17:45:54 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls
[2010-02-04 17:45:54 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls
[2010-02-04 17:45:54 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls
[2010-02-04 17:45:54 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls
[2010-02-04 17:45:54 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls
[2010-02-04 17:45:54 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls
[2010-02-04 17:45:54 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls
[2010-02-04 17:45:54 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls
[2010-02-04 17:45:54 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS
[2010-02-04 17:45:54 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS
[2010-02-04 17:45:54 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS
[2010-02-04 17:45:54 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls
[2010-02-04 17:45:54 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls
[2010-02-04 17:45:54 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls
[2010-02-04 17:45:54 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls
[2010-02-04 17:45:50 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls
[2010-02-04 17:45:49 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls
[2010-02-04 17:45:49 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls
[2010-02-04 17:45:49 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls
[2010-02-04 17:45:45 | 000,744,448 | ---- | C] () -- C:\WINDOWS\NOTEPAD.EXE
[2010-02-04 17:45:45 | 000,001,734 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2010-02-04 17:42:54 | 000,110,992 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-02-04 17:42:11 | 000,000,281 | RHS- | C] () -- C:\boot.ini
[2010-02-04 17:42:08 | 000,001,314 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2010-02-04 17:20:50 | 000,003,380 | ---- | C] () -- C:\WINDOWS\System32\NOTEPAD.ini
[2010-02-04 17:15:58 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk
[2010-02-04 17:10:31 | 000,001,981 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\NVIDIA Firewall.lnk
[2010-02-04 17:10:26 | 000,001,024 | ---- | C] () -- C:\.rnd
[2010-02-04 17:10:21 | 000,000,022 | ---- | C] () -- C:\WINDOWS\FileName
[2010-02-04 17:09:07 | 000,249,344 | ---- | C] () -- C:\WINDOWS\System32\NvRaidMan.exe
[2010-02-04 17:09:07 | 000,223,232 | ---- | C] () -- C:\WINDOWS\System32\nvsataconnection.exe
[2010-02-04 17:08:04 | 000,003,596 | ---- | C] () -- C:\WINDOWS\System32\nvnrm.nvu
[2010-02-04 17:08:03 | 000,001,231 | ---- | C] () -- C:\WINDOWS\System32\nvsmb.nvu
[2010-02-04 17:05:49 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010-02-04 17:05:27 | 000,001,519 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\AvRack.lnk
[2010-02-04 17:05:27 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2010-02-04 17:05:20 | 000,141,016 | ---- | C] () -- C:\WINDOWS\System32\alsndmgr.wav
[2010-02-04 17:05:19 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2010-02-04 17:03:41 | 000,008,743 | ---- | C] () -- C:\WINDOWS\System32\nvinfo.pb
[2010-02-04 17:03:39 | 002,293,286 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2010-02-04 17:02:08 | 000,000,188 | -HS- | C] () -- C:\Documents and Settings\Sulski\ntuser.ini
[2010-02-04 17:02:07 | 000,009,024 | ---- | C] () -- C:\Documents and Settings\Sulski\Logo0.jpg
[2010-02-04 17:02:07 | 000,001,474 | ---- | C] () -- C:\Documents and Settings\Sulski\Menu Start\Programy\Autostart\Transparent fx - lite.lnk
[2010-02-04 17:02:07 | 000,000,026 | ---- | C] () -- C:\Documents and Settings\Sulski\Dane aplikacji\prio.ini
[2010-02-04 17:02:06 | 001,048,576 | -H-- | C] () -- C:\Documents and Settings\Sulski\NTUSER.DAT
[2010-02-04 17:02:06 | 000,000,172 | ---- | C] () -- C:\Documents and Settings\Sulski\Pulpit\ .lnk
[2010-02-04 16:56:44 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010-02-04 16:56:07 | 000,013,339 | ---- | C] () -- C:\WINDOWS\System32\shConvert.dll
[2010-02-04 16:56:07 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\shpicgf.dll
[2010-02-04 16:56:07 | 000,002,362 | ---- | C] () -- C:\WINDOWS\System32\opty.vbs
[2010-02-04 16:56:07 | 000,000,582 | ---- | C] () -- C:\WINDOWS\System32\TaskbarForms.exe.manifest
[2010-02-04 16:56:07 | 000,000,368 | ---- | C] () -- C:\WINDOWS\System32\y.cmd
[2010-02-04 16:56:07 | 000,000,066 | ---- | C] () -- C:\WINDOWS\System32\undock.vbs
[2010-02-04 16:56:07 | 000,000,046 | ---- | C] () -- C:\WINDOWS\System32\wylaczshell.cmd
[2010-02-04 16:56:07 | 000,000,045 | ---- | C] () -- C:\WINDOWS\System32\uninstall.bat
[2010-02-04 16:56:07 | 000,000,043 | ---- | C] () -- C:\WINDOWS\System32\uruchomshell.cmd
[2010-02-04 16:56:07 | 000,000,034 | ---- | C] () -- C:\WINDOWS\System32\UrlFileOff.bat
[2010-02-04 16:56:07 | 000,000,034 | ---- | C] () -- C:\WINDOWS\System32\notatkaoff.bat
[2010-02-04 16:56:07 | 000,000,031 | ---- | C] () -- C:\WINDOWS\System32\UrlFileOn.bat
[2010-02-04 16:56:07 | 000,000,031 | ---- | C] () -- C:\WINDOWS\System32\notatkaon.bat
[2010-02-04 16:56:07 | 000,000,028 | ---- | C] () -- C:\WINDOWS\System32\optymalizacja.cmd
[2010-02-04 16:56:07 | 000,000,027 | ---- | C] () -- C:\WINDOWS\System32\Unregister.bat
[2010-02-04 16:56:07 | 000,000,025 | ---- | C] () -- C:\WINDOWS\System32\MPEISEoff.bat
[2010-02-04 16:56:07 | 000,000,024 | ---- | C] () -- C:\WINDOWS\System32\MIPSEoff.bat
[2010-02-04 16:56:07 | 000,000,022 | ---- | C] () -- C:\WINDOWS\System32\MPEISEon.bat
[2010-02-04 16:56:07 | 000,000,021 | ---- | C] () -- C:\WINDOWS\System32\Register.bat
[2010-02-04 16:56:07 | 000,000,021 | ---- | C] () -- C:\WINDOWS\System32\MIPSEon.bat
[2010-02-04 16:56:06 | 001,583,189 | ---- | C] () -- C:\WINDOWS\System32\eco-timer.scr
[2010-02-04 16:56:06 | 000,284,367 | ---- | C] () -- C:\WINDOWS\System32\hddspace.exe
[2010-02-04 16:56:06 | 000,211,968 | ---- | C] () -- C:\WINDOWS\System32\Formats.dll
[2010-02-04 16:56:06 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\cdeject.dll
[2010-02-04 16:56:06 | 000,031,232 | ---- | C] () -- C:\WINDOWS\System32\fstoggle.exe
[2010-02-04 16:56:06 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\instalacja.bat
[2010-02-04 16:56:06 | 000,000,297 | ---- | C] () -- C:\WINDOWS\System32\find_target.vbs
[2010-02-04 16:56:06 | 000,000,043 | ---- | C] () -- C:\WINDOWS\System32\FolderBackgrounOff.bat
[2010-02-04 16:56:06 | 000,000,040 | ---- | C] () -- C:\WINDOWS\System32\FolderBackgrounOn.bat
[2010-02-04 16:56:06 | 000,000,024 | ---- | C] () -- C:\WINDOWS\System32\MAISEoff.bat
[2010-02-04 16:56:06 | 000,000,021 | ---- | C] () -- C:\WINDOWS\System32\MAISEon.bat
[2010-02-04 16:56:06 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\czysc.cmd
[2010-02-04 16:56:02 | 000,025,780 | ---- | C] () -- C:\WINDOWS\Windowz.png
[2010-02-04 16:56:02 | 000,007,690 | ---- | C] () -- C:\WINDOWS\Lng_QTTabBar_Polish.xml
[2010-02-04 16:56:02 | 000,000,039 | ---- | C] () -- C:\WINDOWS\labelson.cmd
[2010-02-04 16:56:02 | 000,000,026 | ---- | C] () -- C:\WINDOWS\prio.ini
[2010-02-04 16:56:01 | 000,483,328 | ---- | C] () -- C:\WINDOWS\Helios.scr
[2010-02-04 16:56:01 | 000,348,160 | ---- | C] () -- C:\WINDOWS\labels.dll
[2010-02-04 16:56:01 | 000,000,042 | ---- | C] () -- C:\WINDOWS\labelsoff.cmd
[2010-02-04 16:55:30 | 000,053,812 | ---- | C] () -- C:\WINDOWS\uninst-vj.exe
[2010-02-04 16:55:27 | 000,082,898 | ---- | C] () -- C:\WINDOWS\uninstall.exe
[2010-02-04 16:55:05 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010-02-04 16:55:04 | 000,000,414 | ---- | C] () -- C:\WINDOWS\System32\lame_acm.xml
[2010-02-04 16:55:02 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2010-02-04 16:55:02 | 000,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010-02-04 16:55:02 | 000,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010-02-04 16:55:00 | 000,067,584 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010-02-04 16:55:00 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2010-02-04 16:54:53 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\cttune.cpl
[2010-02-04 16:54:53 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\Startup.cpl
[2010-02-04 16:54:25 | 000,110,602 | ---- | C] () -- C:\WINDOWS\System32\xcdsfx32.bin
[2010-02-04 16:52:12 | 000,002,596 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2010-02-04 16:52:12 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010-02-04 16:52:12 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010-02-04 16:52:12 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2010-02-04 16:52:12 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2010-02-04 16:52:06 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2010-02-04 16:52:06 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2010-02-04 16:52:05 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2010-02-04 16:51:09 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010-02-04 16:51:09 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010-02-04 16:51:06 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010-02-04 16:51:06 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2010-02-04 16:51:06 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010-02-04 16:51:06 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010-02-04 16:51:06 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010-02-04 16:51:06 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010-02-04 16:49:57 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010-02-04 16:49:17 | 000,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce
[2010-02-04 16:49:17 | 000,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce
[2010-02-04 16:49:17 | 000,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce
[2010-02-04 16:49:17 | 000,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce
[2010-02-04 16:49:17 | 000,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce
[2010-02-04 16:49:17 | 000,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce
[2010-02-04 16:49:16 | 000,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce
[2010-02-04 16:49:16 | 000,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce
[2010-02-04 16:49:15 | 006,160,384 | ---- | C] () -- C:\WINDOWS\System32\calc.exe
[2010-02-04 16:49:15 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2010-02-04 16:49:15 | 000,001,225 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2010-02-04 16:49:14 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2010-02-04 16:49:09 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2003-06-09 14:05:18 | 000,094,636 | ---- | C] () -- C:\WINDOWS\dropcpyr.dll
< End of report >
[/log]

[log]OTL Extras logfile created on: 2010-02-08 21:38:10 - Run 1
OTL by OldTimer - Version 3.1.28.0 Folder = C:\Documents and Settings\Sulski\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 49,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 82,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 39,06 Gb Total Space | 33,72 Gb Free Space | 86,32% Space Free | Partition Type: NTFS
Drive D: | 193,82 Gb Total Space | 131,19 Gb Free Space | 67,69% Space Free | Partition Type: NTFS
Drive E: | 36,87 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: WINDOWZ
Current User Name: Sulski
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- C:\Program Files\Opera\opera.exe (Opera Software)
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE ()
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE ()
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE ()

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 ()
batfile [open] -- "%1" %*
batfile [print] -- Reg Error: Key error.
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 ()
cmdfile [open] -- "%1" %*
cmdfile [print] -- Reg Error: Key error.
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Opera\opera.exe" (Opera Software)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 ()
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 ()
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 ()
inifile [print] -- Reg Error: Key error.
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 ()
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 ()
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 ()
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 ()
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 ()
regfile [merge] -- Reg Error: Key error.
regfile [print] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 ()
txtfile [print] -- Reg Error: Key error.
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" ()
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 ()
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 ()
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 ()
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 ()
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 ()
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 ()
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /k cd "%L" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [openNew] -- explorer %1 (Microsoft Corporation)
Directory [StyleFolder] -- "C:\Program Files\StyleFolder\StyleFolder.exe" %1 (Xaviorsoft Studios)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 13
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver
"{9DC696F3-BEDF-4069-A18D-89B41BF89769}" = Command Prompt Explorer Bar
"{C93C7A4B-7DD9-4725-9993-4F032063926B}_is1" = VPX.PL Uploader 1.0
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 SP1
"{D2D3D146-67BC-43D0-9015-2E7BAC2E032B}" = OpenOffice.org 3.1
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FB8148DD-C575-4B0A-9F6C-0CFC46937930}" = Opera 10.10
"{FC8D21C8-7B29-4104-ADB0-FEE9CA1C7922}" = Folder Size for Windows
"AbiWord2" = AbiWord 2.6.8
"AbiwordToolsPlugins" = AbiWord Tools Plugins
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AIMP2" = AIMP2
"CCleaner" = CCleaner (remove only)
"CPLBonus" = Kels' CPL Bonus Pack!
"Deep Space 3D Screensaver" = Deep Space 3D Screensaver
"Defraggler" = Defraggler (remove only)
"Driver Magician_is1" = Driver Magician 3.42
"DriveSpace" = Drive Space Indicator
"Gadu-Gadu 10" = Gadu-Gadu 10
"HFSLIPTotalSlipstream" = HFSLIP Total Slipstream (v1.7.8, build 80614)
"HijackThis" = HijackThis 2.0.2
"InstallShield_{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 4.7.5
"Koi Fish 3D Screensaver" = Koi Fish 3D Screensaver
"Mechanical Clock 3D Screensaver" = Mechanical Clock 3D Screensaver
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Prio" = Prio v1.9.9.1732
"QuicktimeAlt_is1" = QuickTime Alternative 2.8.0
"RegCompact.NET" = RegCompact.NET 2.0
"StyleFolder_is1" = StyleFolder 1.0.3
"SwitchOff" = Switch Off
"Total Copy 1.1 NetHorror Edition" = Total Copy 1.1 NetHorror Edition
"Visual Task Tips" = Visual Task Tips 3.4
"vjpeg" = VJPEG Image Viewer (remove)
"Winamp" = Winamp
"WinRAR archiver" = Archiwizator WinRAR

[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Detektor Winampa

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2010-02-04 11:53:58 | Computer Name = WINDOWZ | Source = .NET Runtime Optimization Service | ID = 1111
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Service reached limit of transient errors. Will shut down. Last error returned
from Service Manager: 0x800736b1.

Error - 2010-02-04 11:54:50 | Computer Name = WINDOWZ | Source = PerfNet | ID = 2004
Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie
zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0.

Error - 2010-02-06 11:28:51 | Computer Name = WINDOWZ | Source = MsiInstaller | ID = 11722
Description = Product: Java(TM) 6 Update 13 -- Error 1722.There is a problem with
this Windows Installer package. A program run as part of the setup did not finish
as expected. Contact your support personnel or package vendor. Action FilesInUseDialog,
location: C:\WINDOWS\Installer\MSI13F.tmp, command: C:\Program Files\Java\jre6\


Error - 2010-02-08 15:00:13 | Computer Name = WINDOWZ | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: The server name or address could not be resolved

[ System Events ]
Error - 2010-02-08 14:12:36 | Computer Name = WINDOWZ | Source = DCOM | ID = 10016
Description = Zgodnie z ustawieniami uprawnień machine-default nie jest udzielane
uprawnienie Local Activation do aplikacji serwera COM z identyfikatorem klasy {BC866CF2-5486-41F7-B46B-9AA49CF3EBB1}

użytkownikowi ZARZĄDZANIE NT\USŁUGA LOKALNA o identyfikatorze zabezpieczeń (S-1-5-19).
To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego
usług składowych.

Error - 2010-02-08 14:32:06 | Computer Name = WINDOWZ | Source = DCOM | ID = 10016
Description = Zgodnie z ustawieniami uprawnień machine-default nie jest udzielane
uprawnienie Local Activation do aplikacji serwera COM z identyfikatorem klasy {BC866CF2-5486-41F7-B46B-9AA49CF3EBB1}

użytkownikowi ZARZĄDZANIE NT\USŁUGA LOKALNA o identyfikatorze zabezpieczeń (S-1-5-19).
To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego
usług składowych.

Error - 2010-02-08 14:51:36 | Computer Name = WINDOWZ | Source = DCOM | ID = 10016
Description = Zgodnie z ustawieniami uprawnień machine-default nie jest udzielane
uprawnienie Local Activation do aplikacji serwera COM z identyfikatorem klasy {BC866CF2-5486-41F7-B46B-9AA49CF3EBB1}

użytkownikowi ZARZĄDZANIE NT\USŁUGA LOKALNA o identyfikatorze zabezpieczeń (S-1-5-19).
To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego
usług składowych.

Error - 2010-02-08 14:51:36 | Computer Name = WINDOWZ | Source = DCOM | ID = 10016
Description = Zgodnie z ustawieniami uprawnień machine-default nie jest udzielane
uprawnienie Local Activation do aplikacji serwera COM z identyfikatorem klasy {BC866CF2-5486-41F7-B46B-9AA49CF3EBB1}

użytkownikowi ZARZĄDZANIE NT\USŁUGA LOKALNA o identyfikatorze zabezpieczeń (S-1-5-19).
To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego
usług składowych.

Error - 2010-02-08 15:11:06 | Computer Name = WINDOWZ | Source = DCOM | ID = 10016
Description = Zgodnie z ustawieniami uprawnień machine-default nie jest udzielane
uprawnienie Local Activation do aplikacji serwera COM z identyfikatorem klasy {BC866CF2-5486-41F7-B46B-9AA49CF3EBB1}

użytkownikowi ZARZĄDZANIE NT\USŁUGA LOKALNA o identyfikatorze zabezpieczeń (S-1-5-19).
To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego
usług składowych.

Error - 2010-02-08 15:11:06 | Computer Name = WINDOWZ | Source = DCOM | ID = 10016
Description = Zgodnie z ustawieniami uprawnień machine-default nie jest udzielane
uprawnienie Local Activation do aplikacji serwera COM z identyfikatorem klasy {BC866CF2-5486-41F7-B46B-9AA49CF3EBB1}

użytkownikowi ZARZĄDZANIE NT\USŁUGA LOKALNA o identyfikatorze zabezpieczeń (S-1-5-19).
To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego
usług składowych.

Error - 2010-02-08 15:30:36 | Computer Name = WINDOWZ | Source = DCOM | ID = 10016
Description = Zgodnie z ustawieniami uprawnień machine-default nie jest udzielane
uprawnienie Local Activation do aplikacji serwera COM z identyfikatorem klasy {BC866CF2-5486-41F7-B46B-9AA49CF3EBB1}

użytkownikowi ZARZĄDZANIE NT\USŁUGA LOKALNA o identyfikatorze zabezpieczeń (S-1-5-19).
To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego
usług składowych.

Error - 2010-02-08 15:30:36 | Computer Name = WINDOWZ | Source = DCOM | ID = 10016
Description = Zgodnie z ustawieniami uprawnień machine-default nie jest udzielane
uprawnienie Local Activation do aplikacji serwera COM z identyfikatorem klasy {BC866CF2-5486-41F7-B46B-9AA49CF3EBB1}

użytkownikowi ZARZĄDZANIE NT\USŁUGA LOKALNA o identyfikatorze zabezpieczeń (S-1-5-19).
To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego
usług składowych.

Error - 2010-02-08 15:50:06 | Computer Name = WINDOWZ | Source = DCOM | ID = 10016
Description = Zgodnie z ustawieniami uprawnień machine-default nie jest udzielane
uprawnienie Local Activation do aplikacji serwera COM z identyfikatorem klasy {BC866CF2-5486-41F7-B46B-9AA49CF3EBB1}

użytkownikowi ZARZĄDZANIE NT\USŁUGA LOKALNA o identyfikatorze zabezpieczeń (S-1-5-19).
To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego
usług składowych.

Error - 2010-02-08 16:09:36 | Computer Name = WINDOWZ | Source = DCOM | ID = 10016
Description = Zgodnie z ustawieniami uprawnień machine-default nie jest udzielane
uprawnienie Local Activation do aplikacji serwera COM z identyfikatorem klasy {BC866CF2-5486-41F7-B46B-9AA49CF3EBB1}

użytkownikowi ZARZĄDZANIE NT\USŁUGA LOKALNA o identyfikatorze zabezpieczeń (S-1-5-19).
To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego
usług składowych.


< End of report >
[/log]

Mateusz J.
komentarz
komentarz

Wykonaj skan: http://www.forumpc.pl/index.php?showtopic=107753
Raport pokaż na forum + nowy log z ComboFix.

Sulski
komentarz
komentarz

[log]Malwarebytes' Anti-Malware 1.44
Wersja bazy definicji: 3716
Windows 5.1.2600 Dodatek Service Pack 3
Internet Explorer 8.0.6001.18702

2010-02-09 22:10:05
mbam-log-2010-02-09 (22-10-05).txt

Typ skanowania: Pełne skanowanie (C:\|D:\|)
Przeskanowane obiekty: 229187
Upłynęło: 28 minute(s), 2 second(s)

Zainfekowane procesy w pamięci: 0
Zainfekowane moduły pamięci: 0
Zainfekowane klucze rejestru: 0
Zainfekowane wartości rejestru: 0
Zainfekowane pliki rejestru: 1
Zainfekowane foldery: 0
Zainfekowane pliki: 0

Zainfekowane procesy w pamięci:
(Nie wykryto groźnych plików)

Zainfekowane moduły pamięci:
(Nie wykryto groźnych plików)

Zainfekowane klucze rejestru:
(Nie wykryto groźnych plików)

Zainfekowane wartości rejestru:
(Nie wykryto groźnych plików)

Zainfekowane pliki rejestru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSMHelp (Hijack.Help) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Zainfekowane foldery:
(Nie wykryto groźnych plików)

Zainfekowane pliki:
(Nie wykryto groźnych plików)[/log]

[log]ComboFix 10-02-09.01 - Sulski 2010-02-09 22:26:00.2.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1250.48.1045.18.1535.754 [GMT 1:00]
Uruchomiony z: d:\muzyka\Muzyka z serialu Vampire Diares\ComboFix.exe
FW: NVIDIA Firewall *disabled* {EDC10449-64D1-46c7-A59A-EC20D662F26D}
.

((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\auth.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\burnlib.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\dsp_sps.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\enc_aacplus.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\enc_flac.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\enc_lame.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\enc_vorbis.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\enc_wav.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\enc_wma.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\gen_crasher.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\gen_ff.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\gen_hotkeys.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\gen_ml.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\gen_orgler.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\gen_tray.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\in_avi.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\in_cdda.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\in_dshow.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\in_flac.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\in_flv.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\in_linein.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\in_midi.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\in_mkv.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\in_mod.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\in_mp3.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\in_mp4.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\in_nsv.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\in_swf.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\in_vorbis.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\in_wav.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\in_wave.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\in_wm.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\in_wv.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\ml_addons.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\ml_autotag.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\ml_bookmarks.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\ml_disc.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\ml_history.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\ml_impex.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\ml_local.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\ml_nowplaying.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\ml_online.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\ml_orb.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\ml_playlists.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\ml_plg.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\ml_pmp.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\ml_rg.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\ml_transcode.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\ml_wire.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\ombrowser.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\out_disk.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\out_ds.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\out_wave.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\playlist.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\pmp_activesync.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\pmp_ipod.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\pmp_njb.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\pmp_p4s.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\pmp_usb.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\tagz.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\vis_avs.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\vis_milk2.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\vis_nsfs.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\winamp.lng
c:\docume~1\Sulski\Ustawienia lokalne\Temp\WLZ6BA6.tmp\winampa.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\auth.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\burnlib.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\dsp_sps.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\enc_aacplus.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\enc_flac.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\enc_lame.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\enc_vorbis.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\enc_wav.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\enc_wma.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\gen_crasher.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\gen_ff.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\gen_hotkeys.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\gen_ml.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\gen_orgler.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\gen_tray.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\in_avi.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\in_cdda.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\in_dshow.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\in_flac.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\in_flv.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\in_linein.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\in_midi.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\in_mkv.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\in_mod.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\in_mp3.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\in_mp4.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\in_nsv.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\in_swf.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\in_vorbis.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\in_wav.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\in_wave.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\in_wm.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\in_wv.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\ml_addons.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\ml_autotag.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\ml_bookmarks.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\ml_disc.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\ml_history.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\ml_impex.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\ml_local.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\ml_nowplaying.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\ml_online.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\ml_orb.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\ml_playlists.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\ml_plg.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\ml_pmp.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\ml_rg.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\ml_transcode.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\ml_wire.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\ombrowser.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\out_disk.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\out_ds.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\out_wave.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\playlist.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\pmp_activesync.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\pmp_ipod.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\pmp_njb.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\pmp_p4s.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\pmp_usb.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\tagz.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\vis_avs.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\vis_milk2.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\vis_nsfs.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\winamp.lng
c:\documents and settings\Sulski\Ustawienia lokalne\temp\WLZ6BA6.tmp\winampa.lng

c:\windows\system32\proquota.exe . . . brak pliku!!

.
((((((((((((((((((((((((( Pliki utworzone od 2010-01-09 do 2010-02-09 )))))))))))))))))))))))))))))))
.

2010-02-09 20:40 . 2010-02-09 20:40 -------- d-----w- c:\documents and settings\Sulski\Dane aplikacji\Malwarebytes
2010-02-09 20:40 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-02-09 20:40 . 2010-02-09 20:40 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-09 20:40 . 2010-02-09 20:40 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Malwarebytes
2010-02-09 20:40 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-02-09 15:48 . 2010-02-09 16:50 -------- d-----w- c:\documents and settings\Sulski\Dane aplikacji\BESTplayer
2010-02-09 15:44 . 2010-02-09 15:45 -------- d-----w- c:\program files\NAPI-PROJEKT
2010-02-09 04:42 . 2010-02-09 04:42 -------- d-----w- c:\windows\system32\xircom
2010-02-09 04:42 . 2010-02-09 04:42 -------- d-----w- c:\windows\system32\wbem\snmp
2010-02-09 04:42 . 2010-02-09 04:42 -------- d-----w- c:\windows\system32\oobe
2010-02-09 04:42 . 2010-02-09 04:42 -------- d-----w- c:\windows\srchasst
2010-02-09 04:42 . 2010-02-09 04:42 -------- d-----w- c:\windows\msagent
2010-02-09 04:42 . 2010-02-09 04:42 -------- d-----w- c:\program files\microsoft frontpage
2010-02-08 18:53 . 2010-02-08 18:53 -------- d-----w- c:\program files\Trend Micro
2010-02-07 18:31 . 2010-02-07 18:31 -------- d-----w- c:\documents and settings\Sulski\Dane aplikacji\SpeedSim
2010-02-06 20:06 . 2010-02-07 19:52 1 ----a-w- c:\documents and settings\Mama\Dane aplikacji\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-02-06 20:05 . 2010-02-06 20:05 -------- d-----w- c:\documents and settings\Mama\Dane aplikacji\OpenOffice.org
2010-02-06 15:29 . 2010-02-06 15:29 -------- d-----w- c:\program files\JRE
2010-02-06 15:28 . 2010-02-06 15:29 -------- d-----w- c:\program files\OpenOffice.org 3
2010-02-06 14:15 . 2010-02-06 14:15 -------- d-----w- c:\documents and settings\Mama\Dane aplikacji\Xentient
2010-02-06 14:15 . 2010-02-07 13:31 13416 ----a-w- c:\documents and settings\Mama\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
2010-02-04 20:14 . 2010-02-04 20:14 -------- d-s---w- c:\documents and settings\Mama\Ulubione
2010-02-04 17:53 . 2010-02-04 20:15 -------- d-----w- c:\windows\SxsCaPendDel
2010-02-04 17:53 . 2010-02-04 17:53 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Gadu-Gadu 10
2010-02-04 17:53 . 2010-02-04 17:53 -------- d-----w- c:\program files\Gadu-Gadu 10
2010-02-04 17:47 . 2010-02-09 06:18 -------- d-----w- c:\documents and settings\Milena
2010-02-04 17:34 . 2010-02-04 17:34 -------- d-----w- c:\windows\Sun
2010-02-04 17:34 . 2010-02-04 17:34 -------- d-sh--w- c:\documents and settings\Sulski\PrivacIE

.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-09 15:52 . 2010-02-08 18:10 -------- d-----w- c:\documents and settings\Sulski\Dane aplikacji\Winamp
2010-02-09 06:06 . 2008-04-15 12:00 77594 ----a-w- c:\windows\system32\perfc015.dat
2010-02-09 06:06 . 2008-04-15 12:00 454962 ----a-w- c:\windows\system32\perfh015.dat
2010-02-08 18:10 . 2010-02-08 18:10 -------- d-----w- c:\program files\Winamp
2010-02-08 18:10 . 2010-02-08 18:10 -------- d-----w- c:\program files\Winamp Detect
2010-02-06 18:26 . 2010-02-04 16:02 13416 ----a-w- c:\documents and settings\Sulski\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
2010-02-05 16:52 . 2010-02-05 16:52 -------- d-----w- c:\documents and settings\Sulski\Dane aplikacji\Media Player Classic
2010-02-04 20:19 . 2010-02-04 20:19 -------- d-----w- c:\documents and settings\Sulski\Dane aplikacji\Gadu-Gadu 10
2010-02-04 16:15 . 2010-02-04 16:15 -------- d-----w- c:\program files\Opera
2010-02-04 16:12 . 2010-02-04 16:05 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-04 16:11 . 2010-02-04 16:05 -------- d-----w- c:\program files\Common Files\InstallShield
2010-02-04 16:10 . 2010-02-04 16:04 -------- d-----w- c:\program files\NVIDIA Corporation
2010-02-04 16:07 . 2010-02-04 16:07 -------- d-----w- c:\documents and settings\Sulski\Dane aplikacji\Xentient
2010-02-04 16:05 . 2010-02-04 16:05 -------- d-----w- c:\program files\Realtek Sound Manager
2010-02-04 16:05 . 2010-02-04 16:05 -------- d-----w- c:\program files\AvRack
2010-02-04 16:05 . 2010-02-04 16:05 -------- d-----w- c:\program files\Realtek AC97
2010-02-04 16:04 . 2010-02-04 16:04 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\NVIDIA Corporation
2010-02-04 16:00 . 2010-02-04 20:14 -------- d-----w- c:\documents and settings\Mama\Dane aplikacji\Finder Bar
2010-02-04 16:00 . 2010-02-04 16:02 -------- d-----w- c:\documents and settings\Sulski\Dane aplikacji\Finder Bar
2010-02-04 16:00 . 2010-02-04 15:59 -------- d-----w- c:\documents and settings\Default User\Dane aplikacji\Finder Bar
2010-02-04 15:59 . 2010-02-04 15:59 -------- d-----w- c:\documents and settings\Administrator\Dane aplikacji\Xentient
2010-02-04 15:59 . 2010-02-04 15:59 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Finder Bar
2010-02-04 15:59 . 2010-02-04 15:59 -------- d-----w- c:\program files\FolderSize
2010-02-04 15:59 . 2010-02-04 15:59 138 ----a-w- c:\documents and settings\Administrator\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
2010-02-04 15:59 . 2010-02-04 15:59 -------- d-----w- c:\program files\Command Prompt Explorer Bar
2010-02-04 15:55 . 2010-02-04 15:55 -------- d-----w- c:\program files\VisualTaskTips
2010-02-04 15:55 . 2010-02-04 15:55 -------- d-----w- c:\program files\Foxit
2010-02-04 15:55 . 2010-02-04 15:55 -------- d-----w- c:\program files\StyleFolder
2010-02-04 15:55 . 2010-02-04 15:55 53812 ----a-w- c:\windows\uninst-vj.exe
2010-02-04 15:55 . 2010-02-04 15:55 172032 ----a-w- c:\windows\vjpeg.exe
2010-02-04 15:55 . 2010-02-04 15:55 82898 ----a-w- c:\windows\uninstall.exe
2010-02-04 15:55 . 2010-02-04 15:55 -------- d-----w- c:\program files\Quizo
2010-02-04 15:55 . 2010-02-04 15:55 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Apple Computer
2010-02-04 15:55 . 2010-02-04 15:55 -------- d-----w- c:\program files\QuickTime Alternative
2010-02-04 15:55 . 2010-02-04 15:55 -------- d-----w- c:\program files\RegCompact.NET
2010-02-04 15:55 . 2010-02-04 15:54 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-02-04 15:54 . 2010-02-04 15:54 -------- d-----w- c:\program files\System
2010-02-04 15:54 . 2010-02-04 15:54 410984 ----a-w- c:\windows\system32\deploytk.dll
2010-02-04 15:54 . 2010-02-04 15:54 -------- d-----w- c:\program files\Java
2010-02-04 15:54 . 2010-02-04 15:54 -------- d-----w- c:\program files\Drive Space Indicator
2010-02-04 15:54 . 2010-02-04 15:54 -------- d-----w- c:\program files\Driver Magician
2010-02-04 15:54 . 2010-02-04 15:54 -------- d-----w- c:\program files\Defraggler
2010-02-04 15:54 . 2010-02-04 15:54 -------- d-----w- c:\program files\CDBurnerXP
2010-02-04 15:54 . 2010-02-04 15:54 -------- d-----w- c:\program files\CCleaner
2010-02-04 15:49 . 2010-02-04 15:49 21856 ----a-w- c:\windows\system32\emptyregdb.dat
2010-02-04 15:49 . 2010-02-04 15:49 -------- d-----w- c:\program files\Windows Media Connect 2
2009-11-21 02:34 . 2010-02-04 16:03 69632 ----a-w- c:\windows\system32\OpenCL.dll
2009-11-21 02:34 . 2010-02-04 16:03 4038656 ----a-w- c:\windows\system32\nvcuda.dll
2009-11-21 02:34 . 2010-02-04 16:03 2259560 ----a-w- c:\windows\system32\nvcuvid.dll
2009-11-21 02:34 . 2010-02-04 16:03 1989224 ----a-w- c:\windows\system32\nvcuvenc.dll
2009-11-21 02:34 . 2010-02-04 16:03 182888 ----a-w- c:\windows\system32\nvcodins.dll
2009-11-21 02:34 . 2010-02-04 16:03 182888 ----a-w- c:\windows\system32\nvcod.dll
2009-11-21 02:34 . 2010-02-04 16:03 13602816 ----a-w- c:\windows\system32\nvoglnt.dll
2009-11-21 02:34 . 2010-02-04 16:03 11374592 ----a-w- c:\windows\system32\nvcompiler.dll
2009-11-21 02:34 . 2010-02-04 16:03 1056768 ----a-w- c:\windows\system32\nvapi.dll
2009-11-21 02:34 . 2010-02-04 16:03 10235968 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2009-11-21 02:34 . 2010-02-04 16:03 6282752 ----a-w- c:\windows\system32\nv4_disp.dll
2009-11-21 02:34 . 2010-02-04 16:03 2293286 ----a-w- c:\windows\system32\nvdata.bin
.

------- Sigcheck -------

[-] 2009-06-25 . DF70435F3D17C40D5CB15E6DC918342E . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys

[-] 2009-06-25 . E3AE414813DA8279B2328CFE2D13ED70 . 629760 . . [5.82] . . c:\windows\system32\comctl32.dll

[-] 2009-06-23 . 150852B3EB5F0C3FB44D38D0375578BB . 8356864 . . [8.00.6001.22873] . . c:\windows\system32\mshtml.dll

[-] 2009-06-24 . 1146504E5B0E43C4E5CE70E42F025A26 . 2191744 . . [5.1.2600.5512] . . c:\windows\system32\ntoskrnl.exe

[-] 2009-06-14 . 44E3FE403A9F8A64B1306AAC62B52952 . 678400 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll

[-] 2009-06-14 . AC074B7C8D9966B5019E25EF8C527F54 . 1591808 . . [6.00.2900.5512] . . c:\windows\explorer.exe



[-] 2009-06-13 19:06 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll

[-] 2009-06-24 . C71E5B92124E8E8F6B9294E3E5FC8129 . 2068864 . . [5.1.2600.5755] . . c:\windows\system32\ntkrnlpa.exe

c:\windows\System32\ctfmon.exe ... - brak elementu !!
c:\windows\System32\regsvc.dll ... - brak elementu !!
.
((((((((((((((((((((((((((((( SnapShot@2010-02-08_19.01.27 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-04-15 12:00 . 2010-02-04 16:17 61074 c:\windows\system32\perfc009.dat
+ 2008-04-15 12:00 . 2010-02-09 06:06 61074 c:\windows\system32\perfc009.dat
+ 2008-04-15 12:00 . 2010-02-09 06:06 398554 c:\windows\system32\perfh009.dat
- 2008-04-15 12:00 . 2010-02-04 16:17 398554 c:\windows\system32\perfh009.dat
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Resume copy"="copyfstq.exe" [2003-06-10 57344]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-11-20 110184]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-11-20 12669544]
"SoundMan"="SOUNDMAN.EXE" [2006-08-02 577536]
"NVRaidService"="c:\windows\system32\nvraidservice.exe" [2005-01-17 84480]
"nTrayFw"="c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe" [2005-04-29 266240]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-12-18 39424]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_3"="advpack.dll" [2009-06-25 128512]

c:\windows\system32\config\systemprofile\Menu Start\Programy\Autostart\
Transparent fx - lite.lnk - c:\program files\Fadebar\Fadebar.exe [2010-2-4 211333]
z.cmd [2009-5-8 389]

c:\documents and settings\Administrator\Menu Start\Programy\Autostart\
del.exe [2009-1-8 615759]
run.lnk - c:\program files\WindowZ\Kreator post-instalacyjny\run.bat [2010-2-4 473]
Transparent fx - lite.lnk - c:\program files\Fadebar\Fadebar.exe [2010-2-4 211333]

c:\documents and settings\Default User\Menu Start\Programy\Autostart\
Transparent fx - lite.lnk - c:\program files\Fadebar\Fadebar.exe [2010-2-4 211333]
z.cmd [2009-5-8 389]

c:\documents and settings\Mama\Menu Start\Programy\Autostart\
OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-8-18 384000]
Transparent fx - lite.lnk - c:\program files\Fadebar\Fadebar.exe [2010-2-4 211333]

c:\documents and settings\Sulski\Menu Start\Programy\Autostart\
Transparent fx - lite.lnk - c:\program files\Fadebar\Fadebar.exe [2010-2-4 211333]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableStatusMessages"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMMyPictures"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"NoSMMyPictures"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Opera\\opera.exe"=

R1 vcdrom;Virtual CD-ROM Device Driver;c:\program files\System\CPL Bonus\vcdrom.sys [2010-02-04 8576]
S4 prio_svc;Prio Service;c:\program files\Prio\prio_svc.exe [2009-01-12 5120]

--- Inne Usługi/Sterowniki w Pamięci ---

*NewlyCreated* - VCDROM
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www.google.com/
LSP: %SYSTEMROOT%\system32\nvappfilter.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-09 22:30
Windows 5.1.2600 Dodatek Service Pack 3 NTFS

skanowanie ukrytych procesów ...

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ...

skanowanie pomyślnie ukończone
ukryte pliki: 0

**************************************************************************
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------

- - - - - - - > 'winlogon.exe'(924)
c:\windows\system32\cscui.dll

- - - - - - - > 'lsass.exe'(1012)
c:\windows\system32\scecli.dll

- - - - - - - > 'explorer.exe'(2832)
c:\windows\system32\WININET.dll
c:\windows\System32\cscui.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
c:\windows\system32\NETSHELL.dll
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
c:\windows\SOUNDMAN.EXE
c:\windows\system32\wscntfy.exe
c:\windows\system32\wbem\unsecapp.exe
.
**************************************************************************
.
Czas ukończenia: 2010-02-09 22:31:13 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt 2010-02-09 21:31
ComboFix2.txt 2010-02-08 19:02

Przed: 36 143 972 352 bajtów wolnych
Po: 36 132 503 552 bajtów wolnych

- - End Of File - - 96E9FB2B9814C1A61FC5A9C6EB932462
[/log]

Mateusz J.
komentarz
komentarz

Znasz: c:\program files\Fadebar\Fadebar.exe ?
Jeśli nie przeskanuj na www.virustotal.com

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.