x-kom hosting

Złośliwe oprogramowanie

artega7
utworzono
utworzono

Mam problem, chciałem ściągnąć sobie program z Internetu, ale zamiast tego zainstalowało mi się jakieś „złośliwe oprogramowanie”, chodzi mi o to, że pojawiła się ikona na pulpicie, która odsyła mnie do jakiejś zagranicznej strony, ten program schował się pod ikoną internet Explorer.

Próbowałem to przesunąć do kosza, włączyłem program antywirusowy, program do usuwania złośliwego oprogramowania, ale nic to nie dało.

Proszę o pomoc, może miał ktoś z tym problem, dodam log z OTLa

[log]OTL logfile created on: 2010-03-20 11:23:34 - Run 2
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\Mateusz\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1 023,00 Mb Total Physical Memory | 202,00 Mb Available Physical Memory | 20,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 390,63 Gb Total Space | 312,61 Gb Free Space | 80,03% Space Free | Partition Type: NTFS
Drive D: | 390,63 Gb Total Space | 364,25 Gb Free Space | 93,25% Space Free | Partition Type: NTFS
Drive E: | 390,63 Gb Total Space | 319,51 Gb Free Space | 81,79% Space Free | Partition Type: NTFS
Drive F: | 225,38 Gb Total Space | 222,07 Gb Free Space | 98,53% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ARTEGA7
Current User Name: Mateusz
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-03-20 01:18:10 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mateusz\Pulpit\OTL.exe
PRC - [2010-03-17 12:26:12 | 000,319,192 | R--- | M] (cFos Software GmbH) -- C:\Program Files\cFosSpeed\spd.exe
PRC - [2010-03-17 12:26:08 | 000,819,416 | R--- | M] (cFos Software GmbH) -- C:\Program Files\cFosSpeed\cfosspeed.exe
PRC - [2010-02-18 11:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2010-02-03 09:46:52 | 001,531,904 | ---- | M] (Nokia) -- C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2010-01-26 14:22:32 | 000,134,144 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
PRC - [2010-01-26 12:41:08 | 000,652,800 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2010-01-13 23:44:52 | 000,037,888 | ---- | M] (Nullsoft, Inc.) -- D:\Winamp\winampa.exe
PRC - [2009-12-17 17:14:11 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009-11-16 09:04:30 | 000,735,960 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2009-11-16 09:03:32 | 002,054,360 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2009-10-28 19:40:16 | 000,289,072 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2009-10-27 09:15:44 | 000,132,608 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2009-10-27 09:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2009-08-31 17:07:34 | 011,391,592 | ---- | M] (GG Network S.A.) -- D:\Nowe Gadu-Gadu\gg.exe
PRC - [2009-06-30 06:26:02 | 000,075,064 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe
PRC - [2009-05-27 03:27:04 | 029,262,680 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
PRC - [2009-03-05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009-02-09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2009-02-06 11:10:02 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe
PRC - [2008-11-24 22:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
PRC - [2008-11-24 22:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
PRC - [2008-05-14 02:29:04 | 000,507,904 | ---- | M] (Orb Networks) -- C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe
PRC - [2008-05-08 12:26:26 | 000,438,399 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files\Creative\Creative Live! Cam\Live! Central\CTLVCentral.exe
PRC - [2008-04-14 21:51:52 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2008-04-14 21:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-14 21:51:44 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2008-04-14 21:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [WUDFSERVICEGROUP]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-14 21:51:40 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
PRC - [2008-04-14 21:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-14 21:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 21:51:12 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2008-04-14 21:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 21:51:04 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2008-02-28 16:07:58 | 001,828,136 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
PRC - [2008-02-28 16:07:48 | 000,529,704 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
PRC - [2008-02-27 11:22:58 | 000,494,088 | ---- | M] () -- C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
PRC - [2008-02-27 10:29:50 | 000,910,088 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
PRC - [2008-02-27 10:24:52 | 000,140,568 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2008-02-27 10:24:48 | 000,427,288 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2008-02-27 10:22:46 | 002,611,368 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC - [2008-02-18 15:29:12 | 000,877,864 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
PRC - [2007-09-04 13:52:08 | 000,095,536 | ---- | M] (OLYMPUS IMAGING CORP.) -- C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
PRC - [2006-12-19 08:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\WINDOWS\system32\IoctlSvc.exe
PRC - [2006-09-01 14:57:48 | 000,282,624 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\QuickTime\qttask.exe
PRC - [2006-07-21 09:56:38 | 016,261,632 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe
PRC - [2006-06-01 10:22:00 | 000,155,715 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2006-04-26 07:29:50 | 000,237,568 | ---- | M] (Nokia) -- D:\Nokia\Nokia PC Suite 6\LaunchApplication.exe
PRC - [2006-04-11 16:52:14 | 001,409,024 | ---- | M] (Time Information Services Ltd.) -- D:\Nokia\Nokia PC Suite 6\PcSync2.exe
PRC - [2006-03-23 14:23:54 | 000,471,040 | ---- | M] (Nokia Corporation) -- C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
PRC - [2003-12-22 07:38:42 | 000,241,664 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
PRC - [2003-09-16 04:19:24 | 000,237,568 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\digital imaging\bin\hpqtra08.exe
PRC - [2003-08-04 16:28:18 | 000,049,152 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd.exe
PRC - [2003-06-19 22:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
PRC - [2002-07-11 23:22:58 | 000,176,128 | ---- | M] (Netropa Corp.) -- C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
PRC - [2001-11-14 03:03:12 | 000,090,112 | ---- | M] (Netropa Corp.) -- C:\Program Files\Netropa\Onscreen Display\osd.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-03-20 01:18:10 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mateusz\Pulpit\OTL.exe
MOD - [2009-12-08 10:25:45 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2009-06-25 09:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2009-04-15 15:54:38 | 000,585,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2009-03-21 15:08:59 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2009-02-09 11:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2009-02-09 11:53:43 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2008-10-23 13:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-06-17 20:03:15 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2008-04-14 21:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 21:50:58 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2008-04-14 21:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 21:50:58 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-14 21:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 21:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 21:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 21:50:46 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2008-04-14 21:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 21:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 21:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 21:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 21:50:38 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll
MOD - [2008-04-14 21:50:34 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2008-04-14 21:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-14 21:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-14 21:50:00 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll
MOD - [2008-04-14 21:43:00 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctfime.ime
MOD - [2008-04-14 21:29:10 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
MOD - [2002-06-19 08:39:14 | 000,053,248 | ---- | M] (Netropa Corp.) -- C:\Program Files\Netropa\Multimedia Keyboard\Nhkdll.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2010-03-17 12:26:12 | 000,319,192 | R--- | M] (cFos Software GmbH) [Auto | Running] -- C:\Program Files\cFosSpeed\spd.exe -- (cFosSpeedS)
SRV - [2010-01-26 12:41:08 | 000,652,800 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009-11-16 09:12:54 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009-11-16 09:04:30 | 000,735,960 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2009-05-27 03:27:04 | 029,262,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$ACRONIS) SQL Server (ACRONIS)
SRV - [2009-01-29 16:54:44 | 000,102,400 | ---- | M] (PacketVideo) [Auto | Stopped] -- C:\Program Files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -- (TwonkyMedia)
SRV - [2008-11-24 22:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2008-11-24 22:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
SRV - [2008-11-24 22:31:08 | 000,045,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper)
SRV - [2008-02-27 11:22:58 | 000,494,088 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe -- (TryAndDecideService)
SRV - [2008-02-27 10:24:48 | 000,427,288 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2004-01-05 13:04:56 | 000,065,795 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\hpzipm12.exe -- (Pml Driver HPZ12)
SRV - [2001-08-06 05:41:48 | 000,028,672 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe -- (nhksrv)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Running] -- -- (catchme)
DRV - [2010-03-17 12:26:18 | 000,974,040 | ---- | M] (cFos Software GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cfosspeed.sys -- (cFosSpeed)
DRV - [2010-01-21 14:53:16 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010-01-09 19:31:13 | 000,441,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2010-01-09 19:31:13 | 000,044,384 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2010-01-09 19:31:06 | 000,129,248 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2010-01-09 19:30:59 | 000,368,480 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\tdrpman.sys -- (tdrpman)
DRV - [2009-12-30 11:30:56 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009-12-30 11:30:48 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009-12-30 11:30:48 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009-12-30 11:25:12 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2009-11-16 09:06:50 | 000,096,408 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2009-11-16 09:03:36 | 000,108,792 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009-11-16 08:56:12 | 000,116,520 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2009-06-18 20:50:12 | 000,721,904 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009-06-17 12:17:30 | 000,043,488 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2008-08-26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008-06-18 02:00:00 | 000,286,592 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\V0560Vid.sys -- (V0560Vid)
DRV - [2008-05-07 10:20:10 | 000,145,952 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV - [2008-04-30 08:43:42 | 000,160,768 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\V0560Afx.sys -- (V0560Afx)
DRV - [2008-04-13 23:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Sterownik audio USB (WDM)
DRV - [2008-04-13 21:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007-01-15 16:57:08 | 000,031,616 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\livecamv.sys -- (RLDesignVirtualAudioCableWdm)
DRV - [2006-09-18 07:59:00 | 000,250,240 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2006-07-24 09:15:04 | 004,353,024 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006-06-01 10:22:00 | 003,925,920 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004-05-02 09:47:08 | 000,023,040 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GVCplDrv.sys -- (GVCplDrv)
DRV - [2003-08-04 12:22:44 | 000,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCANDIS5.SYS -- (PCANDIS5)
DRV - [2001-12-20 08:02:12 | 000,006,656 | ---- | M] (Netropa Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Msikbd2k.sys -- (msikbd2k)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1454471165-1284227242-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/
IE - HKU\S-1-5-21-1454471165-1284227242-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "http://www.onet.pl/"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - HKLM\software\mozilla\Firefox\extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010-03-15 12:25:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-02-16 10:58:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-03-10 17:36:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010-03-19 23:05:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010-03-15 12:25:11 | 000,000,000 | ---D | M]

[2010-01-09 23:33:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Extensions
[2010-01-10 10:27:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\kwauy9xv.default\extensions
[2010-01-10 10:27:33 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\kwauy9xv.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010-03-17 20:37:47 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010-02-16 12:22:23 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
[2010-01-13 23:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
[2009-12-22 04:48:34 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2009-12-22 04:48:34 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2009-12-22 04:48:34 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2009-12-22 04:48:34 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2009-12-22 04:48:34 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2009-12-22 04:48:34 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2010-03-18 18:40:49 | 000,380,712 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 13116 more lines...
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Mateusz\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKU\S-1-5-21-1454471165-1284227242-725345543-1003\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [cFosSpeed] C:\Program Files\cFosSpeed\cfosspeed.exe (cFos Software GmbH)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd.exe (Hewlett-Packard)
O4 - HKLM..\Run: [Live! Central] C:\Program Files\Creative\Creative Live! Cam\Live! Central\CTLVCentral.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [MULTIMEDIA KEYBOARD] C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe (Netropa Corp.)
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [NokiaMusic FastStart] C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe (Nokia)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [OM2_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe (OLYMPUS IMAGING CORP.)
O4 - HKLM..\Run: [PCSuiteTrayApplication] D:\Nokia\Nokia PC Suite 6\LaunchApplication.exe (Nokia)
O4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [WinampAgent] d:\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\S-1-5-21-1454471165-1284227242-725345543-1003..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKU\S-1-5-21-1454471165-1284227242-725345543-1003..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
O4 - HKU\S-1-5-21-1454471165-1284227242-725345543-1003..\Run: [Nowe Gadu-Gadu] d:\Nowe Gadu-Gadu\gg.exe (GG Network S.A.)
O4 - HKU\S-1-5-21-1454471165-1284227242-725345543-1003..\Run: [OM2_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe (OLYMPUS IMAGING CORP.)
O4 - HKU\S-1-5-21-1454471165-1284227242-725345543-1003..\Run: [Orb] C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe (Orb Networks)
O4 - HKU\S-1-5-21-1454471165-1284227242-725345543-1003..\Run: [PcSync] D:\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.)
O4 - HKU\S-1-5-21-1454471165-1284227242-725345543-1003..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-1454471165-1284227242-725345543-1003..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU\.DEFAULT..\RunOnce: [VF0560Inst] C:\WINDOWS\System32\V0560Pin.DLL (Creative Technology Ltd.)
O4 - HKU\S-1-5-18..\RunOnce: [VF0560Inst] C:\WINDOWS\System32\V0560Pin.DLL (Creative Technology Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk = D:\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1454471165-1284227242-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1454471165-1284227242-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1454471165-1284227242-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1454471165-1284227242-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - D:\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/templates/ieawsdc.cab (Microsoft Office Template and Media Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {4B4513E2-43DF-4E57-9496-FCD37E9DFA64} http://cached.gamedesire.com/g_bin/pl/navy_2_0_0_33.cab (GameDesire Sea Battle)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1245189401390 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} http://85.89.171.5/activex/AxisCamControl.cab (CamImage Class)
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} https://asp.photoprintit.de/microsite/333333/defaults/activex/ips/IPSUploader4.cab (IPSUploader4 Control)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.113.224.35 217.113.224.36
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-16 22:06:42 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2009-06-16 22:06:18 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found


SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-03-20 11:05:50 | 000,000,000 | ---D | C] -- C:\ComboFix
[2010-03-20 01:18:07 | 000,555,520 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Mateusz\Pulpit\OTL.exe
[2010-03-19 23:05:11 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010-03-19 19:50:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Malwarebytes
[2010-03-19 19:50:15 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010-03-19 19:50:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
[2010-03-19 19:50:12 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010-03-19 19:50:12 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010-03-19 19:20:27 | 000,000,000 | R--D | C] -- C:\assembly
[2010-03-19 15:14:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\DivX
[2010-03-19 13:28:40 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010-03-19 13:27:19 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010-03-19 13:27:19 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010-03-19 13:27:18 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010-03-19 13:27:18 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010-03-19 13:26:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010-03-19 13:25:06 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010-03-19 01:02:55 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010-03-19 01:02:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2010-03-19 00:02:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab
[2010-03-18 22:00:45 | 000,000,000 | ---D | C] -- C:\Program Files\Browser
[2010-03-18 10:09:26 | 000,974,040 | ---- | C] (cFos Software GmbH) -- C:\WINDOWS\System32\drivers\cfosspeed.sys
[2010-03-18 10:09:26 | 000,334,040 | ---- | C] (cFos Software GmbH) -- C:\WINDOWS\System32\cfosspeed.dll
[2010-03-18 10:09:26 | 000,000,000 | ---D | C] -- C:\Program Files\cFosSpeed
[2010-03-18 10:03:45 | 000,000,000 | ---D | C] -- C:\Program Files\xp-AntiSpy
[2010-03-17 23:03:00 | 000,000,000 | ---D | C] -- C:\Program Files\Wolfenstein - Enemy Territory
[2010-03-17 20:38:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sun
[2010-03-17 20:30:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\.dsig
[2010-03-16 21:36:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Pulpit\SYMBIAN
[2010-03-15 23:53:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Moje dokumenty\Ovi
[2010-03-15 23:11:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Nokia Ovi Suite
[2010-03-15 14:26:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations
[2010-03-15 14:23:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia
[2010-03-15 14:21:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2010-03-15 14:18:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\NokiaAccount
[2010-03-15 14:18:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Nokia
[2010-03-15 12:37:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\OrbNetworks
[2010-03-15 12:37:15 | 000,000,000 | ---D | C] -- C:\Program Files\Orb Networks
[2010-03-15 12:36:45 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Mateusz\Moje dokumenty\Moje obrazy
[2010-03-15 12:33:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Nokia
[2010-03-15 12:32:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NokiaMusic
[2010-03-15 12:31:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\Globalization
[2010-03-15 12:30:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\muvee Technologies
[2010-03-15 12:25:02 | 000,018,816 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\pccsmcfd.sys
[2010-03-15 12:24:55 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
[2010-03-15 12:24:27 | 000,137,344 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\nmwcdnsu.sys
[2010-03-15 12:24:26 | 000,007,936 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\usbser_lowerfltj.sys
[2010-03-15 12:24:25 | 000,007,936 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\usbser_lowerflt.sys
[2010-03-15 12:24:24 | 000,022,016 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmbo.sys
[2010-03-15 12:24:23 | 000,660,480 | ---- | C] (Nokia) -- C:\WINDOWS\System32\nmwcdcocls.dll
[2010-03-15 12:24:23 | 000,018,048 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmb.sys
[2010-03-15 12:24:18 | 000,000,000 | ---D | C] -- C:\Program Files\Nokia
[2010-03-15 12:22:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\OviInstallerCache
[2010-03-11 18:23:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Pulpit\ARTEGAPL
[2010-02-24 22:13:56 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Mateusz\Recent
[2010-02-24 21:59:33 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010-02-20 14:27:39 | 000,105,088 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\av5flt.sys
[2010-02-20 00:18:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Pulpit\stonewall
[2010-02-17 12:55:37 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010-02-16 18:11:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Pulpit\CHEMIA SKANY
[2010-02-16 13:20:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\ESET
[2010-02-16 12:38:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET
[2010-02-16 10:59:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2010-02-15 20:48:50 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security
[2010-02-15 19:41:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\SUPERAntiSpyware.com
[2010-02-15 19:41:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Dane aplikacji\SUPERAntiSpyware.com
[2010-02-15 19:41:16 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010-02-15 19:06:31 | 000,000,000 | ---D | C] -- C:\Program Files\SkanerOnline
[2010-01-24 13:43:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Dane aplikacji\TS3Client
[2010-01-24 13:43:43 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client
[2010-01-21 18:20:30 | 000,000,000 | ---D | C] -- C:\Program Files\Allegro Image Resizer
[2010-01-09 20:49:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Acronis
[2009-12-02 12:27:43 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[2009-06-17 21:47:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Sun
[2009-06-17 21:46:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Adobe
[2009-06-17 09:00:40 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
[2009-06-16 22:09:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[6 C:\Documents and Settings\Mateusz\Moje dokumenty\*.tmp files -> C:\Documents and Settings\Mateusz\Moje dokumenty\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-03-20 11:21:42 | 000,000,245 | ---- | M] () -- C:\WINDOWS\Msiosd.ini
[2010-03-20 11:21:36 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-03-20 11:18:46 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010-03-20 11:03:33 | 000,063,804 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010-03-20 11:02:50 | 003,895,562 | R--- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\ComboFix.exe
[2010-03-20 11:02:12 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-03-20 11:01:27 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-03-20 11:00:41 | 010,485,760 | -H-- | M] () -- C:\Documents and Settings\Mateusz\NTUSER.DAT
[2010-03-20 11:00:41 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Mateusz\ntuser.ini
[2010-03-20 01:18:10 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mateusz\Pulpit\OTL.exe
[2010-03-20 00:54:07 | 000,554,992 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2010-03-20 00:54:07 | 000,496,158 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-03-20 00:54:07 | 000,109,470 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2010-03-20 00:54:06 | 001,270,692 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-03-20 00:54:06 | 000,091,912 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-03-19 22:07:31 | 000,109,568 | ---- | M] () -- C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-03-19 21:41:55 | 000,138,328 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010-03-19 21:41:46 | 000,214,816 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2010-03-19 19:50:18 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2010-03-19 13:28:42 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010-03-19 13:11:04 | 000,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010-03-18 23:52:54 | 070,225,670 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\kav9.0.0.736sch.zip
[2010-03-18 22:00:36 | 000,001,389 | ---- | M] () -- C:\Documents and Settings\Mateusz\Menu Start\Programy\Autostart\ĚÚѶQQ.lnk
[2010-03-18 18:40:49 | 000,380,712 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010-03-18 10:11:14 | 000,000,222 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\cFos Traffic Shaping.lnk
[2010-03-18 10:03:46 | 000,001,580 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\xp-AntiSpy.lnk
[2010-03-17 23:03:44 | 000,000,753 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\Wolfenstein - Enemy Territory.lnk
[2010-03-17 22:09:55 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2010-03-17 12:26:18 | 000,974,040 | ---- | M] (cFos Software GmbH) -- C:\WINDOWS\System32\drivers\cfosspeed.sys
[2010-03-17 12:26:14 | 000,334,040 | ---- | M] (cFos Software GmbH) -- C:\WINDOWS\System32\cfosspeed.dll
[2010-03-17 00:42:23 | 000,020,480 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\11.doc
[2010-03-15 23:46:13 | 000,001,844 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nokia Map Loader.lnk
[2010-03-15 23:43:08 | 000,030,592 | ---- | M] () -- C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-03-15 22:36:15 | 003,652,222 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\EWSA_1.0.0.133.rar
[2010-03-15 14:28:21 | 000,001,855 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nokia Software Updater.lnk
[2010-03-15 14:21:47 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[2010-03-15 14:21:37 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
[2010-03-15 14:21:33 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010-03-15 14:21:33 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
[2010-03-15 14:17:00 | 000,156,360 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-03-15 12:37:20 | 000,000,839 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Orb.lnk
[2010-03-15 12:33:01 | 000,001,880 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nokia Ovi Player.lnk
[2010-03-15 12:30:45 | 000,001,845 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nokia Photos.lnk
[2010-03-15 12:27:22 | 000,001,788 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nokia Ovi Suite.lnk
[2010-03-12 18:02:38 | 000,261,632 | ---- | M] () -- C:\WINDOWS\PEV.exe
[2010-03-08 18:42:31 | 000,576,156 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\Psiloc_FontMagnifier_NokiaPL.sisx
[2010-03-08 09:26:59 | 000,105,088 | ---- | M] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\av5flt.sys
[2010-03-03 22:33:38 | 000,008,627 | ---- | M] () -- C:\WINDOWS\System32\PAV_FOG.OPC
[2010-03-02 08:38:09 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010-02-24 22:02:57 | 000,094,230 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\cc_20100224_220248.reg
[2010-02-24 21:59:34 | 000,001,548 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\CCleaner.lnk
[2010-02-20 12:20:58 | 000,049,664 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\bind x.doc
[2010-02-20 12:18:32 | 000,000,581 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\bindy.cfg
[2010-02-20 01:15:05 | 000,000,087 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\etconfig.cfg
[2010-02-20 00:18:12 | 000,160,293 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\stonewall.zip
[2010-02-17 13:08:57 | 000,000,750 | ---- | M] () -- C:\WINDOWS\win.ini
[2010-02-17 12:55:44 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\Spybot - Search & Destroy.lnk
[2010-02-16 23:29:39 | 000,000,881 | ---- | M] () -- C:\Documents and Settings\Mateusz\.recently-used.xbel
[2010-02-01 17:31:12 | 000,090,112 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\Kopia OCHRONA.doc
[2010-01-31 11:02:30 | 001,822,208 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\Budowa komorki1.ppt
[2010-01-30 16:38:00 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\Na matematyce były 3 zadania.doc
[2010-01-30 10:34:09 | 000,070,144 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\OCHRONA.doc
[2010-01-29 17:19:51 | 116,920,419 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\ochrona___rodowiska_16_i_23.11.09_www.przeklej.pl.rar
[2010-01-26 17:19:11 | 009,785,856 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\skany z chemii.doc
[2010-01-25 20:40:20 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010-01-25 16:14:45 | 000,026,112 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\Szanowna Pani dr Alicja Zawadzka.doc
[2010-01-24 13:45:23 | 000,000,837 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\TeamSpeak 3 Client.lnk
[2010-01-23 11:27:58 | 000,020,480 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\Proszę o pomoc w rozwiązaniu zadania.doc
[2010-01-22 14:11:39 | 000,021,504 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\Mam miejsce na Bilbord Reklamowy.doc
[2010-01-21 18:26:06 | 000,018,786 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\1.2010-01-21.jpg
[2010-01-21 14:53:16 | 000,018,048 | ---- | M] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmb.sys
[2010-01-20 14:29:28 | 000,025,600 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\Ochrona Środowiska_Tematy i pytania_2009.doc
[2010-01-19 20:07:01 | 000,027,648 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\EWOLUCJONIZM pogląd.doc
[2010-01-19 11:36:24 | 000,020,333 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\320[1].jpg
[2010-01-19 11:35:34 | 000,033,087 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\416[1].jpg
[2010-01-19 11:35:20 | 000,034,356 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\416[1].jpg
[2010-01-19 11:34:54 | 000,022,187 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\320[1].jpg
[6 C:\Documents and Settings\Mateusz\Moje dokumenty\*.tmp files -> C:\Documents and Settings\Mateusz\Moje dokumenty\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-03-19 19:50:18 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2010-03-19 13:28:42 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010-03-19 13:28:41 | 000,262,400 | ---- | C] () -- C:\cmldr
[2010-03-19 13:27:19 | 000,261,632 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010-03-19 13:27:19 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010-03-19 13:27:19 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010-03-19 13:27:19 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010-03-19 13:27:18 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010-03-19 13:24:44 | 003,895,562 | R--- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\ComboFix.exe
[2010-03-18 23:52:37 | 070,225,670 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\kav9.0.0.736sch.zip
[2010-03-18 22:00:36 | 000,001,389 | ---- | C] () -- C:\Documents and Settings\Mateusz\Menu Start\Programy\Autostart\ĚÚѶQQ.lnk
[2010-03-18 10:11:14 | 000,000,222 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\cFos Traffic Shaping.lnk
[2010-03-18 10:03:46 | 000,001,580 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\xp-AntiSpy.lnk
[2010-03-17 23:03:44 | 000,000,753 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\Wolfenstein - Enemy Territory.lnk
[2010-03-17 00:42:22 | 000,020,480 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\11.doc
[2010-03-15 23:46:13 | 000,001,844 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nokia Map Loader.lnk
[2010-03-15 22:36:10 | 003,652,222 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\EWSA_1.0.0.133.rar
[2010-03-15 14:21:37 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
[2010-03-15 14:21:33 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
[2010-03-15 14:16:15 | 000,091,672 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2010-03-15 12:37:20 | 000,000,839 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Orb.lnk
[2010-03-15 12:36:16 | 000,001,855 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nokia Software Updater.lnk
[2010-03-15 12:33:01 | 000,001,880 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nokia Ovi Player.lnk
[2010-03-15 12:30:45 | 000,001,845 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nokia Photos.lnk
[2010-03-15 12:27:21 | 000,001,788 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nokia Ovi Suite.lnk
[2010-03-11 10:10:02 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2010-03-08 18:42:29 | 000,576,156 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\Psiloc_FontMagnifier_NokiaPL.sisx
[2010-02-24 22:02:52 | 000,094,230 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\cc_20100224_220248.reg
[2010-02-24 21:59:34 | 000,001,548 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\CCleaner.lnk
[2010-02-20 01:33:40 | 000,049,664 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\bind x.doc
[2010-02-20 01:13:39 | 000,000,087 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\etconfig.cfg
[2010-02-20 01:09:18 | 000,000,581 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\bindy.cfg
[2010-02-20 00:18:06 | 000,160,293 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\stonewall.zip
[2010-02-17 13:14:10 | 000,008,627 | ---- | C] () -- C:\WINDOWS\System32\PAV_FOG.OPC
[2010-02-17 12:55:44 | 000,000,933 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\Spybot - Search & Destroy.lnk
[2010-02-16 23:29:39 | 000,000,881 | ---- | C] () -- C:\Documents and Settings\Mateusz\.recently-used.xbel
[2010-02-01 17:16:53 | 000,090,112 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\Kopia OCHRONA.doc
[2010-01-31 11:02:21 | 001,822,208 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\Budowa komorki1.ppt
[2010-01-30 16:38:00 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\Na matematyce były 3 zadania.doc
[2010-01-30 10:34:07 | 000,070,144 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\OCHRONA.doc
[2010-01-29 14:37:24 | 116,920,419 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\ochrona___rodowiska_16_i_23.11.09_www.przeklej.pl.rar
[2010-01-25 14:37:11 | 009,785,856 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\skany z chemii.doc
[2010-01-24 13:43:44 | 000,000,837 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\TeamSpeak 3 Client.lnk
[2010-01-23 11:27:57 | 000,020,480 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\Proszę o pomoc w rozwiązaniu zadania.doc
[2010-01-22 14:11:38 | 000,021,504 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\Mam miejsce na Bilbord Reklamowy.doc
[2010-01-21 18:56:29 | 000,026,112 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\Szanowna Pani dr Alicja Zawadzka.doc
[2010-01-21 18:23:31 | 000,018,786 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\1.2010-01-21.jpg
[2010-01-20 14:29:27 | 000,025,600 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\Ochrona Środowiska_Tematy i pytania_2009.doc
[2010-01-19 20:07:00 | 000,027,648 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\EWOLUCJONIZM pogląd.doc
[2010-01-19 11:36:33 | 000,020,333 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\320[1].jpg
[2010-01-19 11:35:54 | 000,033,087 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\416[1].jpg
[2010-01-19 11:35:26 | 000,034,356 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\416[1].jpg
[2010-01-19 11:35:00 | 000,022,187 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\320[1].jpg
[2009-10-06 20:10:36 | 000,031,616 | ---- | C] () -- C:\WINDOWS\System32\drivers\livecamv.sys
[2009-09-02 23:04:20 | 000,018,053 | ---- | C] () -- C:\Documents and Settings\Mateusz\Dane aplikacji\NMM-MetaData.db
[2009-06-23 09:27:29 | 000,138,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009-06-19 07:54:50 | 000,000,427 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009-06-17 21:46:21 | 000,000,010 | ---- | C] () -- C:\Program Files\eula.txt
[2009-06-17 19:32:38 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
[2009-06-17 19:30:49 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009-06-17 19:30:47 | 000,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009-06-17 19:30:47 | 000,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009-06-17 19:30:46 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009-06-17 19:30:45 | 000,067,584 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009-06-17 19:30:45 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009-06-17 19:01:01 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-06-17 19:01:00 | 000,109,568 | ---- | C] () -- C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-06-17 14:02:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2009-06-17 14:02:14 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\msiosd32.dll
[2009-06-17 14:02:14 | 000,000,245 | ---- | C] () -- C:\WINDOWS\Msiosd.ini
[2009-06-17 12:04:10 | 000,027,184 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log
[2009-06-16 22:23:28 | 000,023,040 | R--- | C] () -- C:\WINDOWS\System32\drivers\GVCplDrv.sys
[2009-06-16 22:19:45 | 000,143,360 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2006-06-01 10:22:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006-06-01 10:22:00 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006-06-01 10:22:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006-06-01 10:22:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006-06-01 10:22:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006-06-01 10:22:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006-06-01 10:22:00 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2005-12-07 11:31:00 | 000,202,752 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll
[2004-01-05 13:04:58 | 000,565,248 | ---- | C] () -- C:\WINDOWS\System32\hpotscl.dll

[color=#E56717]========== LOP Check ==========[/color]

[2010-01-08 19:58:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Acronis
[2010-03-19 01:02:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2009-06-18 21:15:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2009-06-17 13:08:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Downloaded Installations
[2010-02-16 12:38:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET
[2010-03-15 14:26:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations
[2010-01-08 17:12:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla
[2010-03-15 14:23:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia
[2010-03-15 12:32:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NokiaMusic
[2009-11-10 10:38:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2010-03-15 14:17:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OrbNetworks
[2010-03-15 12:22:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OviInstallerCache
[2010-03-15 14:17:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
[2010-01-10 00:15:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Acronis
[2009-06-18 22:13:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\DAEMON Tools Lite
[2010-03-15 22:52:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Datalayer
[2010-01-13 16:20:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\GanymedeNet
[2009-06-23 11:31:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\GetRightToGo
[2009-08-11 21:54:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\gtk-2.0
[2010-01-08 17:12:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\ipla
[2010-03-19 13:52:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Nokia
[2010-03-15 23:11:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Nokia Ovi Suite
[2009-06-23 10:13:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Nowe Gadu-Gadu
[2009-11-10 10:37:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\OpenFM
[2010-03-15 23:09:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\PC Suite
[2010-01-24 14:00:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\TS3Client
[2010-03-20 11:23:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\uTorrent
[2010-03-09 20:24:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\VSO
[2010-01-09 20:49:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Acronis

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2009-06-16 22:06:42 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009-06-16 22:01:54 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010-03-19 13:28:42 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2004-08-04 13:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2004-08-03 23:00:14 | 000,262,400 | ---- | M] () -- C:\cmldr
[2010-03-20 11:21:36 | 000,024,192 | ---- | M] () -- C:\ComboFix.txt
[2009-06-16 22:06:42 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2009-06-16 22:19:49 | 000,000,090 | ---- | M] () -- C:\csb.log
[2009-06-16 22:06:42 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010-02-16 20:32:40 | 000,011,298 | ---- | M] () -- C:\mksbasel.cpp.log
[2009-06-16 22:06:42 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004-08-04 13:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009-06-17 08:24:23 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2010-03-20 11:01:22 | 1610,612,736 | -HS- | M] () -- C:\pagefile.sys
[2009-06-16 22:19:49 | 000,000,347 | ---- | M] () -- C:\RHDSetup.log
[2009-10-06 20:13:24 | 000,000,086 | ---- | M] () -- C:\Setup.log
[2009-10-06 20:11:06 | 000,000,159 | ---- | M] () -- C:\SetupLCVI.log
[2009-10-06 20:04:10 | 000,000,159 | ---- | M] () -- C:\SetupLCVU.log


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2004-08-04 13:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys
[2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys
[2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys
[2008-04-13 23:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ERDNT\cache\agp440.sys
[2008-04-13 23:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008-04-13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\agp440.sys
[2008-04-13 23:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2004-08-04 13:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008-04-13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008-04-13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008-04-13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\atapi.sys
[2008-04-13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004-08-04 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys
[2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2004-08-04 13:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\ERDNT\cache\beep.sys
[2004-08-04 13:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2004-08-04 13:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2004-08-04 13:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008-04-13 23:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008-04-13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\cdrom.sys
[2008-04-13 23:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004-08-04 13:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2004-08-04 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2008-04-14 21:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008-04-14 21:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008-04-14 18:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\eventlog.dll
[2008-04-14 21:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ERDNT\cache\ndis.sys
[2008-04-13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008-04-13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\ndis.sys
[2008-04-13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004-08-04 13:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2004-08-04 13:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008-04-14 21:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008-04-14 21:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008-04-14 18:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\winlogon.exe
[2008-04-14 21:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe
< End of report >[/log]

Psycholandia
komentarz
komentarz

W okienko OTL wklej poniższy skrypt i klik na Run Fix:

[quote]:Processes
explorer.exe

:OTL
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKU\S-1-5-21-1454471165-1284227242-725345543-1003\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx...owserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)

:Files
C:\WINDOWS\QTFont.qfn

:Commands
[emptytemp]
[start explorer]
[Reboot][/quote]

Pobierz: http://www.freedrweb.pl/livecd.php nagraj na płytę, reset kompa, podczas uruchamiania wciskaj F11, odpali się program i wykona skanowanie. Wszystko co znajdzie usuń.

artega7
komentarz
komentarz

Wszystko zrobiłem jak trzeba, ale nic nie dało, program znalazł coś, ale to, co chciałem nie usunęło, próbowałem też usunąć to za pomącą specjalnych programów do usuwania plików, które nie chcą się usunąć, ale też nic nie dało.

Daje nowe znowu logi po przeprowadzeniu tych procesów.

[log]OTL logfile created on: 2010-03-22 12:04:00 - Run 4
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\Mateusz\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1 023,00 Mb Total Physical Memory | 431,00 Mb Available Physical Memory | 42,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 71,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 390,63 Gb Total Space | 296,98 Gb Free Space | 76,03% Space Free | Partition Type: NTFS
Drive D: | 390,63 Gb Total Space | 379,19 Gb Free Space | 97,07% Space Free | Partition Type: NTFS
Drive E: | 390,63 Gb Total Space | 319,51 Gb Free Space | 81,79% Space Free | Partition Type: NTFS
Drive F: | 225,38 Gb Total Space | 222,07 Gb Free Space | 98,53% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ARTEGA7
Current User Name: Mateusz
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-03-20 01:18:10 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mateusz\Pulpit\OTL.exe
PRC - [2010-03-17 12:26:12 | 000,319,192 | R--- | M] (cFos Software GmbH) -- C:\Program Files\cFosSpeed\spd.exe
PRC - [2010-03-17 12:26:08 | 000,819,416 | R--- | M] (cFos Software GmbH) -- C:\Program Files\cFosSpeed\cfosspeed.exe
PRC - [2010-02-18 11:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2010-02-03 09:46:52 | 001,531,904 | ---- | M] (Nokia) -- C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2010-01-26 14:22:32 | 000,134,144 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
PRC - [2010-01-26 12:41:08 | 000,652,800 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2010-01-13 23:44:52 | 000,037,888 | ---- | M] (Nullsoft, Inc.) -- D:\Winamp\winampa.exe
PRC - [2009-12-17 17:14:11 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009-11-16 09:04:30 | 000,735,960 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2009-11-16 09:03:32 | 002,054,360 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2009-10-28 19:40:16 | 000,289,072 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2009-10-27 09:15:44 | 000,132,608 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2009-10-27 09:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2009-08-31 17:07:34 | 011,391,592 | ---- | M] (GG Network S.A.) -- D:\Nowe Gadu-Gadu\gg.exe
PRC - [2009-08-31 15:56:26 | 000,077,824 | ---- | M] () -- D:\Nowe Gadu-Gadu\spellchecker_gg.exe
PRC - [2009-06-30 06:26:02 | 000,075,064 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe
PRC - [2009-05-27 03:27:04 | 029,262,680 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
PRC - [2009-03-08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009-03-05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009-02-09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008-11-24 22:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
PRC - [2008-11-24 22:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
PRC - [2008-05-14 02:29:04 | 000,507,904 | ---- | M] (Orb Networks) -- C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe
PRC - [2008-05-08 12:26:26 | 000,438,399 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files\Creative\Creative Live! Cam\Live! Central\CTLVCentral.exe
PRC - [2008-04-14 21:51:52 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2008-04-14 21:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-14 21:51:44 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2008-04-14 21:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [WUDFSERVICEGROUP]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-14 21:51:40 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
PRC - [2008-04-14 21:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-14 21:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 21:51:12 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2008-04-14 21:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 21:51:04 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2008-02-28 16:07:58 | 001,828,136 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
PRC - [2008-02-28 16:07:48 | 000,529,704 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
PRC - [2008-02-27 11:22:58 | 000,494,088 | ---- | M] () -- C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
PRC - [2008-02-27 10:29:50 | 000,910,088 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
PRC - [2008-02-27 10:24:52 | 000,140,568 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2008-02-27 10:24:48 | 000,427,288 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2008-02-27 10:22:46 | 002,611,368 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC - [2008-02-18 15:29:12 | 000,877,864 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
PRC - [2007-09-04 13:52:08 | 000,095,536 | ---- | M] (OLYMPUS IMAGING CORP.) -- C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
PRC - [2006-12-19 08:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\WINDOWS\system32\IoctlSvc.exe
PRC - [2006-09-01 14:57:48 | 000,282,624 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\QuickTime\qttask.exe
PRC - [2006-07-21 09:56:38 | 016,261,632 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe
PRC - [2006-06-01 10:22:00 | 000,155,715 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2006-04-26 07:29:50 | 000,237,568 | ---- | M] (Nokia) -- D:\Nokia\Nokia PC Suite 6\LaunchApplication.exe
PRC - [2006-04-11 16:52:14 | 001,409,024 | ---- | M] (Time Information Services Ltd.) -- D:\Nokia\Nokia PC Suite 6\PcSync2.exe
PRC - [2006-03-23 14:23:54 | 000,471,040 | ---- | M] (Nokia Corporation) -- C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
PRC - [2003-12-22 07:38:42 | 000,241,664 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
PRC - [2003-09-16 04:19:24 | 000,237,568 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\digital imaging\bin\hpqtra08.exe
PRC - [2003-08-04 16:28:18 | 000,049,152 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd.exe
PRC - [2003-06-19 22:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
PRC - [2002-08-06 23:28:38 | 000,110,592 | ---- | M] () -- C:\Program Files\Netropa\Multimedia Keyboard\Traymon.exe
PRC - [2002-07-11 23:22:58 | 000,176,128 | ---- | M] (Netropa Corp.) -- C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
PRC - [2001-11-14 03:03:12 | 000,090,112 | ---- | M] (Netropa Corp.) -- C:\Program Files\Netropa\Onscreen Display\osd.exe
PRC - [2001-08-06 05:41:48 | 000,028,672 | ---- | M] () -- C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-03-20 01:18:10 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mateusz\Pulpit\OTL.exe
MOD - [2009-12-08 10:25:45 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2009-06-25 09:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2009-04-15 15:54:38 | 000,585,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2009-03-21 15:08:59 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2009-02-09 11:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2009-02-09 11:53:43 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2008-10-23 13:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-06-17 20:03:15 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2008-04-14 21:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 21:50:58 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2008-04-14 21:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 21:50:58 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-14 21:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 21:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 21:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 21:50:46 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2008-04-14 21:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 21:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 21:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 21:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 21:50:38 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll
MOD - [2008-04-14 21:50:34 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2008-04-14 21:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-14 21:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-14 21:50:00 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll
MOD - [2008-04-14 21:43:00 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctfime.ime
MOD - [2008-04-14 21:29:10 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
MOD - [2002-06-19 08:39:14 | 000,053,248 | ---- | M] (Netropa Corp.) -- C:\Program Files\Netropa\Multimedia Keyboard\Nhkdll.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2010-03-17 12:26:12 | 000,319,192 | R--- | M] (cFos Software GmbH) [Auto | Running] -- C:\Program Files\cFosSpeed\spd.exe -- (cFosSpeedS)
SRV - [2010-01-26 12:41:08 | 000,652,800 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009-11-16 09:12:54 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009-11-16 09:04:30 | 000,735,960 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2009-05-27 03:27:04 | 029,262,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$ACRONIS) SQL Server (ACRONIS)
SRV - [2009-01-29 16:54:44 | 000,102,400 | ---- | M] (PacketVideo) [Auto | Stopped] -- C:\Program Files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -- (TwonkyMedia)
SRV - [2008-11-24 22:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2008-11-24 22:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
SRV - [2008-11-24 22:31:08 | 000,045,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper)
SRV - [2008-02-27 11:22:58 | 000,494,088 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe -- (TryAndDecideService)
SRV - [2008-02-27 10:24:48 | 000,427,288 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2004-01-05 13:04:56 | 000,065,795 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\hpzipm12.exe -- (Pml Driver HPZ12)
SRV - [2001-08-06 05:41:48 | 000,028,672 | ---- | M] () [Auto | Running] -- C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe -- (nhksrv)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2010-03-17 12:26:18 | 000,974,040 | ---- | M] (cFos Software GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cfosspeed.sys -- (cFosSpeed)
DRV - [2010-01-21 14:53:16 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010-01-09 19:31:13 | 000,441,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2010-01-09 19:31:13 | 000,044,384 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2010-01-09 19:31:06 | 000,129,248 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2010-01-09 19:30:59 | 000,368,480 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\tdrpman.sys -- (tdrpman)
DRV - [2009-12-30 11:30:56 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009-12-30 11:30:48 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009-12-30 11:30:48 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009-12-30 11:25:12 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2009-11-16 09:06:50 | 000,096,408 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2009-11-16 09:03:36 | 000,108,792 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009-11-16 08:56:12 | 000,116,520 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2009-06-18 20:50:12 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009-06-17 12:17:30 | 000,043,488 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2008-08-26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008-06-18 02:00:00 | 000,286,592 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\V0560Vid.sys -- (V0560Vid)
DRV - [2008-05-07 10:20:10 | 000,145,952 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV - [2008-04-30 08:43:42 | 000,160,768 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\V0560Afx.sys -- (V0560Afx)
DRV - [2008-04-13 23:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Sterownik audio USB (WDM)
DRV - [2008-04-13 21:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007-01-15 16:57:08 | 000,031,616 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\livecamv.sys -- (RLDesignVirtualAudioCableWdm)
DRV - [2006-09-18 07:59:00 | 000,250,240 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2006-07-24 09:15:04 | 004,353,024 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006-06-01 10:22:00 | 003,925,920 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004-05-02 09:47:08 | 000,023,040 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GVCplDrv.sys -- (GVCplDrv)
DRV - [2003-08-04 12:22:44 | 000,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCANDIS5.SYS -- (PCANDIS5)
DRV - [2001-12-20 08:02:12 | 000,006,656 | ---- | M] (Netropa Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Msikbd2k.sys -- (msikbd2k)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1454471165-1284227242-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/
IE - HKU\S-1-5-21-1454471165-1284227242-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "http://www.onet.pl/"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - HKLM\software\mozilla\Firefox\extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010-03-15 12:25:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-02-16 10:58:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-03-10 17:36:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010-03-19 23:05:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010-03-15 12:25:11 | 000,000,000 | ---D | M]

[2010-01-09 23:33:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Extensions
[2010-01-10 10:27:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\kwauy9xv.default\extensions
[2010-01-10 10:27:33 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\kwauy9xv.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010-03-17 20:37:47 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010-02-16 12:22:23 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
[2010-01-13 23:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
[2009-12-22 04:48:34 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2009-12-22 04:48:34 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2009-12-22 04:48:34 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2009-12-22 04:48:34 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2009-12-22 04:48:34 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2009-12-22 04:48:34 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2010-03-18 18:40:49 | 000,380,712 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 13116 more lines...
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Mateusz\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [cFosSpeed] C:\Program Files\cFosSpeed\cfosspeed.exe (cFos Software GmbH)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd.exe (Hewlett-Packard)
O4 - HKLM..\Run: [Live! Central] C:\Program Files\Creative\Creative Live! Cam\Live! Central\CTLVCentral.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [MULTIMEDIA KEYBOARD] C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe (Netropa Corp.)
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [NokiaMusic FastStart] C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe (Nokia)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [OM2_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe (OLYMPUS IMAGING CORP.)
O4 - HKLM..\Run: [PCSuiteTrayApplication] D:\Nokia\Nokia PC Suite 6\LaunchApplication.exe (Nokia)
O4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe ()
O4 - HKLM..\Run: [WinampAgent] d:\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\S-1-5-21-1454471165-1284227242-725345543-1003..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKU\S-1-5-21-1454471165-1284227242-725345543-1003..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
O4 - HKU\S-1-5-21-1454471165-1284227242-725345543-1003..\Run: [Nowe Gadu-Gadu] d:\Nowe Gadu-Gadu\gg.exe (GG Network S.A.)
O4 - HKU\S-1-5-21-1454471165-1284227242-725345543-1003..\Run: [OM2_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe (OLYMPUS IMAGING CORP.)
O4 - HKU\S-1-5-21-1454471165-1284227242-725345543-1003..\Run: [Orb] C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe (Orb Networks)
O4 - HKU\S-1-5-21-1454471165-1284227242-725345543-1003..\Run: [PcSync] D:\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.)
O4 - HKU\S-1-5-21-1454471165-1284227242-725345543-1003..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-1454471165-1284227242-725345543-1003..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU\.DEFAULT..\RunOnce: [VF0560Inst] C:\WINDOWS\System32\V0560Pin.DLL (Creative Technology Ltd.)
O4 - HKU\S-1-5-18..\RunOnce: [VF0560Inst] C:\WINDOWS\System32\V0560Pin.DLL (Creative Technology Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk = D:\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1454471165-1284227242-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1454471165-1284227242-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1454471165-1284227242-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1454471165-1284227242-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - D:\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/templates/ieawsdc.cab (Microsoft Office Template and Media Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {4B4513E2-43DF-4E57-9496-FCD37E9DFA64} http://cached.gamedesire.com/g_bin/pl/navy_2_0_0_33.cab (GameDesire Sea Battle)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1245189401390 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} http://85.89.171.5/activex/AxisCamControl.cab (CamImage Class)
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} https://asp.photoprintit.de/microsite/333333/defaults/activex/ips/IPSUploader4.cab (IPSUploader4 Control)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} Reg Error: Value error. (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.113.224.35 217.113.224.36
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-16 22:06:42 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-03-21 11:46:03 | 000,000,000 | ---D | C] -- C:\Program Files\JRTwine Software
[2010-03-21 11:45:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2010-03-21 11:28:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Desktopicon
[2010-03-21 11:28:20 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker
[2010-03-21 11:24:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Pulpit\program
[2010-03-21 11:22:03 | 000,000,000 | ---D | C] -- C:\!KillBox
[2010-03-20 17:12:08 | 000,000,000 | ---D | C] -- C:\_OTL
[2010-03-20 12:02:28 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010-03-20 11:05:50 | 000,000,000 | ---D | C] -- C:\ComboFix
[2010-03-20 01:18:07 | 000,555,520 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Mateusz\Pulpit\OTL.exe
[2010-03-19 23:05:11 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010-03-19 19:50:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Malwarebytes
[2010-03-19 19:50:15 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010-03-19 19:50:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
[2010-03-19 19:50:12 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010-03-19 19:50:12 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010-03-19 19:20:27 | 000,000,000 | R--D | C] -- C:\assembly
[2010-03-19 15:14:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\DivX
[2010-03-19 13:28:40 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010-03-19 13:27:19 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010-03-19 13:27:19 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010-03-19 13:27:18 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010-03-19 13:27:18 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010-03-19 13:26:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010-03-19 13:25:06 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010-03-19 01:02:55 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010-03-19 01:02:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2010-03-19 00:02:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab
[2010-03-18 22:00:45 | 000,000,000 | ---D | C] -- C:\Program Files\Browser
[2010-03-18 10:09:26 | 000,974,040 | ---- | C] (cFos Software GmbH) -- C:\WINDOWS\System32\drivers\cfosspeed.sys
[2010-03-18 10:09:26 | 000,334,040 | ---- | C] (cFos Software GmbH) -- C:\WINDOWS\System32\cfosspeed.dll
[2010-03-18 10:09:26 | 000,000,000 | ---D | C] -- C:\Program Files\cFosSpeed
[2010-03-18 10:03:45 | 000,000,000 | ---D | C] -- C:\Program Files\xp-AntiSpy
[2010-03-17 23:03:00 | 000,000,000 | ---D | C] -- C:\Program Files\Wolfenstein - Enemy Territory
[2010-03-17 20:38:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sun
[2010-03-17 20:30:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\.dsig
[2010-03-16 21:36:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Pulpit\SYMBIAN
[2010-03-15 23:53:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Moje dokumenty\Ovi
[2010-03-15 23:11:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Nokia Ovi Suite
[2010-03-15 14:26:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations
[2010-03-15 14:23:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia
[2010-03-15 14:21:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2010-03-15 14:18:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\NokiaAccount
[2010-03-15 14:18:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Nokia
[2010-03-15 12:37:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\OrbNetworks
[2010-03-15 12:37:15 | 000,000,000 | ---D | C] -- C:\Program Files\Orb Networks
[2010-03-15 12:36:45 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Mateusz\Moje dokumenty\Moje obrazy
[2010-03-15 12:33:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Nokia
[2010-03-15 12:32:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NokiaMusic
[2010-03-15 12:31:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\Globalization
[2010-03-15 12:30:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\muvee Technologies
[2010-03-15 12:25:02 | 000,018,816 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\pccsmcfd.sys
[2010-03-15 12:24:55 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
[2010-03-15 12:24:27 | 000,137,344 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\nmwcdnsu.sys
[2010-03-15 12:24:26 | 000,007,936 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\usbser_lowerfltj.sys
[2010-03-15 12:24:25 | 000,007,936 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\usbser_lowerflt.sys
[2010-03-15 12:24:24 | 000,022,016 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmbo.sys
[2010-03-15 12:24:23 | 000,660,480 | ---- | C] (Nokia) -- C:\WINDOWS\System32\nmwcdcocls.dll
[2010-03-15 12:24:23 | 000,018,048 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmb.sys
[2010-03-15 12:24:18 | 000,000,000 | ---D | C] -- C:\Program Files\Nokia
[2010-03-15 12:22:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\OviInstallerCache
[2010-03-11 18:23:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Pulpit\ARTEGAPL
[2010-02-24 22:13:56 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Mateusz\Recent
[2010-02-24 21:59:33 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010-02-20 14:27:39 | 000,105,088 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\av5flt.sys
[2010-02-20 00:18:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Pulpit\stonewall
[2010-02-17 12:55:37 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010-02-16 18:11:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Pulpit\CHEMIA SKANY
[2010-02-16 13:20:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\ESET
[2010-02-16 12:38:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET
[2010-02-16 10:59:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2010-02-15 20:48:50 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security
[2010-02-15 19:41:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\SUPERAntiSpyware.com
[2010-02-15 19:41:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Dane aplikacji\SUPERAntiSpyware.com
[2010-02-15 19:41:16 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010-02-15 19:06:31 | 000,000,000 | ---D | C] -- C:\Program Files\SkanerOnline
[2010-01-24 13:43:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Dane aplikacji\TS3Client
[2010-01-24 13:43:43 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client
[2010-01-21 18:20:30 | 000,000,000 | ---D | C] -- C:\Program Files\Allegro Image Resizer
[2010-01-09 20:49:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Acronis
[2009-12-02 12:27:43 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[2009-06-17 21:47:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Sun
[2009-06-17 21:46:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Adobe
[2009-06-17 09:00:40 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
[2009-06-16 22:09:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[6 C:\Documents and Settings\Mateusz\Moje dokumenty\*.tmp files -> C:\Documents and Settings\Mateusz\Moje dokumenty\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-03-22 11:37:39 | 000,138,328 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010-03-22 11:37:15 | 000,214,816 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2010-03-22 11:34:09 | 000,180,402 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\4B6Y1L.mp3
[2010-03-22 11:27:20 | 000,000,245 | ---- | M] () -- C:\WINDOWS\Msiosd.ini
[2010-03-22 11:26:38 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-03-22 11:25:44 | 000,063,804 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010-03-22 11:25:31 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-03-22 11:25:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-03-22 06:31:37 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Mateusz\ntuser.ini
[2010-03-22 06:31:36 | 010,485,760 | -H-- | M] () -- C:\Documents and Settings\Mateusz\NTUSER.DAT
[2010-03-21 23:07:34 | 000,114,688 | ---- | M] () -- C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-03-21 12:18:32 | 000,024,576 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\Ja tez to zauważyłem.doc
[2010-03-20 11:18:46 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010-03-20 11:02:50 | 003,895,562 | R--- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\ComboFix.exe
[2010-03-20 01:18:10 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mateusz\Pulpit\OTL.exe
[2010-03-20 00:54:07 | 000,554,992 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2010-03-20 00:54:07 | 000,496,158 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-03-20 00:54:07 | 000,109,470 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2010-03-20 00:54:06 | 001,270,692 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-03-20 00:54:06 | 000,091,912 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-03-19 19:50:18 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2010-03-19 13:28:42 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010-03-19 13:11:04 | 000,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010-03-18 22:00:36 | 000,001,389 | ---- | M] () -- C:\Documents and Settings\Mateusz\Menu Start\Programy\Autostart\ĚÚѶQQ.lnk
[2010-03-18 18:40:49 | 000,380,712 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010-03-18 10:11:14 | 000,000,222 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\cFos Traffic Shaping.lnk
[2010-03-18 10:03:46 | 000,001,580 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\xp-AntiSpy.lnk
[2010-03-17 23:03:44 | 000,000,753 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\Wolfenstein - Enemy Territory.lnk
[2010-03-17 22:09:55 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2010-03-17 12:26:18 | 000,974,040 | ---- | M] (cFos Software GmbH) -- C:\WINDOWS\System32\drivers\cfosspeed.sys
[2010-03-17 12:26:14 | 000,334,040 | ---- | M] (cFos Software GmbH) -- C:\WINDOWS\System32\cfosspeed.dll
[2010-03-17 00:42:23 | 000,020,480 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\11.doc
[2010-03-15 23:46:13 | 000,001,844 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nokia Map Loader.lnk
[2010-03-15 23:43:08 | 000,030,592 | ---- | M] () -- C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-03-15 22:36:15 | 003,652,222 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\EWSA_1.0.0.133.rar
[2010-03-15 14:28:21 | 000,001,855 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nokia Software Updater.lnk
[2010-03-15 14:21:47 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[2010-03-15 14:21:37 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
[2010-03-15 14:21:33 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010-03-15 14:21:33 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
[2010-03-15 14:17:00 | 000,156,360 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-03-15 12:37:20 | 000,000,839 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Orb.lnk
[2010-03-15 12:33:01 | 000,001,880 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nokia Ovi Player.lnk
[2010-03-15 12:30:45 | 000,001,845 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nokia Photos.lnk
[2010-03-15 12:27:22 | 000,001,788 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nokia Ovi Suite.lnk
[2010-03-12 18:02:38 | 000,261,632 | ---- | M] () -- C:\WINDOWS\PEV.exe
[2010-03-08 18:42:31 | 000,576,156 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\Psiloc_FontMagnifier_NokiaPL.sisx
[2010-03-08 09:26:59 | 000,105,088 | ---- | M] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\av5flt.sys
[2010-03-03 22:33:38 | 000,008,627 | ---- | M] () -- C:\WINDOWS\System32\PAV_FOG.OPC
[2010-02-24 22:02:57 | 000,094,230 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\cc_20100224_220248.reg
[2010-02-24 21:59:34 | 000,001,548 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\CCleaner.lnk
[2010-02-20 12:20:58 | 000,049,664 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\bind x.doc
[2010-02-20 12:18:32 | 000,000,581 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\bindy.cfg
[2010-02-20 01:15:05 | 000,000,087 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\etconfig.cfg
[2010-02-20 00:18:12 | 000,160,293 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\stonewall.zip
[2010-02-17 13:08:57 | 000,000,750 | ---- | M] () -- C:\WINDOWS\win.ini
[2010-02-17 12:55:44 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\Spybot - Search & Destroy.lnk
[2010-02-16 23:29:39 | 000,000,881 | ---- | M] () -- C:\Documents and Settings\Mateusz\.recently-used.xbel
[2010-02-01 17:31:12 | 000,090,112 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\Kopia OCHRONA.doc
[2010-01-31 11:02:30 | 001,822,208 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\Budowa komorki1.ppt
[2010-01-30 16:38:00 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\Na matematyce były 3 zadania.doc
[2010-01-30 10:34:09 | 000,070,144 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\OCHRONA.doc
[2010-01-29 17:19:51 | 116,920,419 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\ochrona___rodowiska_16_i_23.11.09_www.przeklej.pl.rar
[2010-01-26 17:19:11 | 009,785,856 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\skany z chemii.doc
[2010-01-25 20:40:20 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010-01-25 16:14:45 | 000,026,112 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\Szanowna Pani dr Alicja Zawadzka.doc
[2010-01-24 13:45:23 | 000,000,837 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\TeamSpeak 3 Client.lnk
[2010-01-23 11:27:58 | 000,020,480 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\Proszę o pomoc w rozwiązaniu zadania.doc
[2010-01-22 14:11:39 | 000,021,504 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\Mam miejsce na Bilbord Reklamowy.doc
[2010-01-21 18:26:06 | 000,018,786 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\1.2010-01-21.jpg
[2010-01-21 14:53:16 | 000,018,048 | ---- | M] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmb.sys
[6 C:\Documents and Settings\Mateusz\Moje dokumenty\*.tmp files -> C:\Documents and Settings\Mateusz\Moje dokumenty\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-03-22 11:34:08 | 000,180,402 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\4B6Y1L.mp3
[2010-03-21 12:18:31 | 000,024,576 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\Ja tez to zauważyłem.doc
[2010-03-21 11:45:35 | 001,736,704 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\DeleteFXPFilesInstall.exe
[2010-03-19 19:50:18 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2010-03-19 13:28:42 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010-03-19 13:28:41 | 000,262,400 | ---- | C] () -- C:\cmldr
[2010-03-19 13:27:19 | 000,261,632 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010-03-19 13:27:19 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010-03-19 13:27:19 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010-03-19 13:27:19 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010-03-19 13:27:18 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010-03-19 13:24:44 | 003,895,562 | R--- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\ComboFix.exe
[2010-03-18 22:00:36 | 000,001,389 | ---- | C] () -- C:\Documents and Settings\Mateusz\Menu Start\Programy\Autostart\ĚÚѶQQ.lnk
[2010-03-18 10:11:14 | 000,000,222 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\cFos Traffic Shaping.lnk
[2010-03-18 10:03:46 | 000,001,580 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\xp-AntiSpy.lnk
[2010-03-17 23:03:44 | 000,000,753 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\Wolfenstein - Enemy Territory.lnk
[2010-03-17 00:42:22 | 000,020,480 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\11.doc
[2010-03-15 23:46:13 | 000,001,844 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nokia Map Loader.lnk
[2010-03-15 22:36:10 | 003,652,222 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\EWSA_1.0.0.133.rar
[2010-03-15 14:21:37 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
[2010-03-15 14:21:33 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
[2010-03-15 14:16:15 | 000,091,672 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2010-03-15 12:37:20 | 000,000,839 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Orb.lnk
[2010-03-15 12:36:16 | 000,001,855 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nokia Software Updater.lnk
[2010-03-15 12:33:01 | 000,001,880 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nokia Ovi Player.lnk
[2010-03-15 12:30:45 | 000,001,845 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nokia Photos.lnk
[2010-03-15 12:27:21 | 000,001,788 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nokia Ovi Suite.lnk
[2010-03-11 10:10:02 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2010-03-08 18:42:29 | 000,576,156 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\Psiloc_FontMagnifier_NokiaPL.sisx
[2010-02-24 22:02:52 | 000,094,230 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\cc_20100224_220248.reg
[2010-02-24 21:59:34 | 000,001,548 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\CCleaner.lnk
[2010-02-20 01:33:40 | 000,049,664 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\bind x.doc
[2010-02-20 01:13:39 | 000,000,087 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\etconfig.cfg
[2010-02-20 01:09:18 | 000,000,581 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\bindy.cfg
[2010-02-20 00:18:06 | 000,160,293 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\stonewall.zip
[2010-02-17 13:14:10 | 000,008,627 | ---- | C] () -- C:\WINDOWS\System32\PAV_FOG.OPC
[2010-02-17 12:55:44 | 000,000,933 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\Spybot - Search & Destroy.lnk
[2010-02-16 23:29:39 | 000,000,881 | ---- | C] () -- C:\Documents and Settings\Mateusz\.recently-used.xbel
[2010-02-01 17:16:53 | 000,090,112 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\Kopia OCHRONA.doc
[2010-01-31 11:02:21 | 001,822,208 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\Budowa komorki1.ppt
[2010-01-30 16:38:00 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\Na matematyce były 3 zadania.doc
[2010-01-30 10:34:07 | 000,070,144 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\OCHRONA.doc
[2010-01-29 14:37:24 | 116,920,419 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\ochrona___rodowiska_16_i_23.11.09_www.przeklej.pl.rar
[2010-01-25 14:37:11 | 009,785,856 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\skany z chemii.doc
[2010-01-24 13:43:44 | 000,000,837 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\TeamSpeak 3 Client.lnk
[2010-01-23 11:27:57 | 000,020,480 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\Proszę o pomoc w rozwiązaniu zadania.doc
[2010-01-22 14:11:38 | 000,021,504 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\Mam miejsce na Bilbord Reklamowy.doc
[2010-01-21 18:56:29 | 000,026,112 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\Szanowna Pani dr Alicja Zawadzka.doc
[2010-01-21 18:23:31 | 000,018,786 | ---- | C] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\1.2010-01-21.jpg
[2009-10-06 20:10:36 | 000,031,616 | ---- | C] () -- C:\WINDOWS\System32\drivers\livecamv.sys
[2009-09-02 23:04:20 | 000,018,053 | ---- | C] () -- C:\Documents and Settings\Mateusz\Dane aplikacji\NMM-MetaData.db
[2009-06-23 09:27:29 | 000,138,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009-06-19 07:54:50 | 000,000,427 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009-06-18 20:50:12 | 000,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009-06-17 21:46:21 | 000,000,010 | ---- | C] () -- C:\Program Files\eula.txt
[2009-06-17 19:32:38 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
[2009-06-17 19:30:49 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009-06-17 19:30:47 | 000,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009-06-17 19:30:47 | 000,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009-06-17 19:30:46 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009-06-17 19:30:45 | 000,067,584 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009-06-17 19:30:45 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009-06-17 19:01:01 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-06-17 19:01:00 | 000,114,688 | ---- | C] () -- C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-06-17 14:02:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2009-06-17 14:02:14 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\msiosd32.dll
[2009-06-17 14:02:14 | 000,000,245 | ---- | C] () -- C:\WINDOWS\Msiosd.ini
[2009-06-17 12:04:10 | 000,027,184 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log
[2009-06-16 22:23:28 | 000,023,040 | R--- | C] () -- C:\WINDOWS\System32\drivers\GVCplDrv.sys
[2009-06-16 22:19:45 | 000,143,360 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2006-06-01 10:22:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006-06-01 10:22:00 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006-06-01 10:22:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006-06-01 10:22:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006-06-01 10:22:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006-06-01 10:22:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006-06-01 10:22:00 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2005-12-07 11:31:00 | 000,202,752 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll
[2004-01-05 13:04:58 | 000,565,248 | ---- | C] () -- C:\WINDOWS\System32\hpotscl.dll

[color=#E56717]========== LOP Check ==========[/color]

[2010-01-08 19:58:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Acronis
[2010-03-19 01:02:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2009-06-18 21:15:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2009-06-17 13:08:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Downloaded Installations
[2010-02-16 12:38:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET
[2010-03-15 14:26:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations
[2010-01-08 17:12:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla
[2010-03-15 14:23:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia
[2010-03-15 12:32:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NokiaMusic
[2009-11-10 10:38:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2010-03-15 14:17:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OrbNetworks
[2010-03-15 12:22:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OviInstallerCache
[2010-03-15 14:17:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
[2010-01-10 00:15:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Acronis
[2009-06-18 22:13:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\DAEMON Tools Lite
[2010-03-15 22:52:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Datalayer
[2010-03-21 11:28:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Desktopicon
[2010-01-13 16:20:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\GanymedeNet
[2009-06-23 11:31:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\GetRightToGo
[2009-08-11 21:54:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\gtk-2.0
[2010-03-21 17:29:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\ipla
[2010-03-19 13:52:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Nokia
[2010-03-15 23:11:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Nokia Ovi Suite
[2009-06-23 10:13:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Nowe Gadu-Gadu
[2009-11-10 10:37:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\OpenFM
[2010-03-15 23:09:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\PC Suite
[2010-01-24 14:00:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\TS3Client
[2010-03-22 11:56:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\uTorrent
[2010-03-09 20:24:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mateusz\Dane aplikacji\VSO
[2010-01-09 20:49:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Acronis

[color=#E56717]========== Purity Check ==========[/color]


< End of report >[/log]

Psycholandia
komentarz
komentarz

Log wygląda na czysty, problem zniknął?

artega7
komentarz
komentarz

To już nie wiem co z tym zrobić, ten odsyłacz nadal jest i nie da sie usunąć, moze mi ktoś coś poradzi

Psycholandia
komentarz
komentarz

Daj loga z Combofixa: http://www.forumpc.pl/index.php?showtopic=153621

artega7
komentarz
komentarz

Ten złośliwy plik ma nazwę internet exploer i znajduje się na pulpicie

log z combofixa

[log]ComboFix 10-03-21.04 - Mateusz 2010-03-22 16:08:04.5.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1250.48.1045.18.1023.349 [GMT 1:00]
Uruchomiony z: c:\documents and settings\Mateusz\Pulpit\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.

((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Mateusz\Dane aplikacji\Desktopicon
c:\documents and settings\Mateusz\Dane aplikacji\Desktopicon\eBay.ico
c:\documents and settings\Mateusz\Dane aplikacji\Desktopicon\uninst.exe

.
((((((((((((((((((((((((( Pliki utworzone od 2010-02-22 do 2010-03-22 )))))))))))))))))))))))))))))))
.

2010-03-22 14:14 . 2010-03-22 14:14 -------- d-----w- c:\program files\FreeTime
2010-03-22 14:06 . 2010-03-22 14:06 -------- d-----w- c:\program files\Video Converter for Nokia Smartphones
2010-03-22 13:35 . 2010-03-22 13:35 -------- d-----w- c:\program files\Lonely Cat Games
2010-03-21 10:46 . 2010-03-21 10:46 -------- d-----w- c:\program files\JRTwine Software
2010-03-21 10:45 . 2010-03-21 10:45 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-03-21 10:28 . 2010-03-22 15:02 -------- d-----w- c:\program files\Unlocker
2010-03-21 10:22 . 2010-03-21 10:22 -------- d-----w- C:\!KillBox
2010-03-20 16:12 . 2010-03-20 16:12 -------- d-----w- C:\_OTL
2010-03-19 22:05 . 2010-03-19 22:05 -------- d-----w- c:\program files\ESET
2010-03-19 18:50 . 2010-03-19 18:50 -------- d-----w- c:\documents and settings\Mateusz\Dane aplikacji\Malwarebytes
2010-03-19 18:50 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-03-19 18:50 . 2010-03-19 18:50 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Malwarebytes
2010-03-19 18:50 . 2010-03-19 18:50 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-03-19 18:50 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-03-19 18:20 . 2010-03-19 18:20 -------- d-----r- C:\assembly
2010-03-19 14:14 . 2010-03-19 14:16 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\DivX
2010-03-19 00:02 . 2010-03-19 00:02 -------- d-----w- c:\program files\Alwil Software
2010-03-19 00:02 . 2010-03-19 00:02 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Alwil Software
2010-03-18 23:02 . 2010-03-18 23:02 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Kaspersky Lab
2010-03-18 21:00 . 2010-03-18 21:03 -------- d-----w- c:\program files\Browser
2010-03-18 09:09 . 2010-03-22 15:14 -------- d-----w- c:\program files\cFosSpeed
2010-03-18 09:09 . 2010-03-17 11:26 974040 ----a-w- c:\windows\system32\drivers\cfosspeed.sys
2010-03-18 09:09 . 2010-03-17 11:26 334040 ----a-w- c:\windows\system32\cfosspeed.dll
2010-03-18 09:03 . 2010-03-18 09:03 -------- d-----w- c:\program files\xp-AntiSpy
2010-03-17 22:03 . 2010-03-17 22:10 -------- d-----w- c:\program files\Wolfenstein - Enemy Territory
2010-03-17 19:37 . 2010-03-17 19:37 503808 ----a-w- c:\documents and settings\Mateusz\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-659f3100-n\msvcp71.dll
2010-03-17 19:37 . 2010-03-17 19:37 499712 ----a-w- c:\documents and settings\Mateusz\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-659f3100-n\jmc.dll
2010-03-17 19:37 . 2010-03-17 19:37 348160 ----a-w- c:\documents and settings\Mateusz\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-659f3100-n\msvcr71.dll
2010-03-17 19:37 . 2010-03-17 19:37 61440 ----a-w- c:\documents and settings\Mateusz\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-57638374-n\decora-sse.dll
2010-03-17 19:37 . 2010-03-17 19:37 12800 ----a-w- c:\documents and settings\Mateusz\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-57638374-n\decora-d3d.dll
2010-03-17 19:30 . 2010-03-17 19:30 -------- d-----w- c:\documents and settings\Mateusz\.dsig
2010-03-15 22:11 . 2010-03-15 22:11 -------- d-----w- c:\documents and settings\Mateusz\Dane aplikacji\Nokia Ovi Suite
2010-03-15 13:27 . 2010-03-15 13:26 34819744 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Installations\{D8DDC00B-2881-407D-AAC2-44AEE70AF0B7}\NokiaSoftwareUpdaterSetup_2.4.6PL.exe
2010-03-15 13:26 . 2010-03-15 13:26 3351812 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Installations\{D8DDC00B-2881-407D-AAC2-44AEE70AF0B7}\Installer\CommonCustomActions\msxml6Exec.exe
2010-03-15 13:26 . 2010-03-15 13:26 36864 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Installations\{D8DDC00B-2881-407D-AAC2-44AEE70AF0B7}\Installer\CommonCustomActions\Sleep.exe
2010-03-15 13:26 . 2010-03-15 13:26 3203453 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Installations\{D8DDC00B-2881-407D-AAC2-44AEE70AF0B7}\Installer\CommonCustomActions\vcredistExec.exe
2010-03-15 13:26 . 2010-03-15 13:26 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Installations
2010-03-15 13:23 . 2010-03-15 13:23 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Nokia
2010-03-15 13:21 . 2008-04-13 23:15 26112 -c--a-w- c:\windows\system32\dllcache\usbser.sys
2010-03-15 13:21 . 2008-04-13 23:15 26112 ----a-w- c:\windows\system32\drivers\usbser.sys
2010-03-15 13:21 . 2008-03-21 12:57 14640 ------w- c:\windows\system32\spmsgXP_2k3.dll
2010-03-15 13:18 . 2010-03-22 15:06 -------- d-----w- c:\documents and settings\Mateusz\Ustawienia lokalne\Dane aplikacji\NokiaAccount
2010-03-15 13:18 . 2010-03-15 13:18 -------- d-----w- c:\documents and settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Nokia
2010-03-15 13:16 . 2010-03-22 15:01 91672 ----a-w- c:\documents and settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
2010-03-15 11:37 . 2010-03-15 13:17 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\OrbNetworks
2010-03-15 11:37 . 2010-03-15 11:37 -------- d-----w- c:\program files\Orb Networks
2010-03-15 11:33 . 2010-03-15 22:46 -------- d-----w- c:\documents and settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Nokia
2010-03-15 11:32 . 2010-03-15 11:32 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\NokiaMusic
2010-03-15 11:31 . 2010-03-22 13:33 -------- d-----w- c:\windows\Globalization
2010-03-15 11:30 . 2010-03-15 11:30 -------- d-----w- c:\program files\Common Files\muvee Technologies
2010-03-15 11:25 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2010-03-15 11:24 . 2010-03-15 11:24 -------- d-----w- c:\program files\PC Connectivity Solution
2010-03-15 11:24 . 2009-12-30 10:25 137344 ----a-w- c:\windows\system32\drivers\nmwcdnsu.sys
2010-03-15 11:24 . 2009-12-30 10:30 7936 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
2010-03-15 11:24 . 2009-12-30 10:30 7936 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2010-03-15 11:24 . 2009-12-30 10:30 22016 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2010-03-15 11:24 . 2010-01-21 13:53 18048 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2010-03-15 11:24 . 2009-12-30 10:30 660480 ----a-w- c:\windows\system32\nmwcdcocls.dll
2010-03-15 11:24 . 2009-10-06 10:55 1112288 ----a-w- c:\windows\system32\wdfcoinstaller01007.dll
2010-03-15 11:24 . 2010-03-15 22:46 -------- d-----w- c:\program files\Nokia
2010-03-15 11:22 . 2010-03-15 11:22 12212040 ----a-w- c:\documents and settings\All Users\Dane aplikacji\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X86-ENU.exe
2010-03-15 11:22 . 2010-03-15 11:22 13930312 ----a-w- c:\documents and settings\All Users\Dane aplikacji\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X64-ENU.exe
2010-03-15 11:22 . 2010-03-15 11:22 77824 ----a-w- c:\documents and settings\All Users\Dane aplikacji\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Installer\CommonCustomActions\Run_XML6_SP1.exe
2010-03-15 11:22 . 2010-03-15 11:22 61440 ----a-w- c:\documents and settings\All Users\Dane aplikacji\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Installer\CommonCustomActions\WMF11Runx86.exe
2010-03-15 11:22 . 2010-03-15 11:22 58880 ----a-w- c:\documents and settings\All Users\Dane aplikacji\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Installer\CommonCustomActions\WMF11Runx64.exe
2010-03-15 11:22 . 2010-03-15 11:22 50000 ----a-w- c:\documents and settings\All Users\Dane aplikacji\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Installer\CommonCustomActions\pcswpc.exe
2010-03-15 11:22 . 2010-03-15 11:22 98366952 ----a-w- c:\documents and settings\All Users\Dane aplikacji\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Nokia_Ovi_Suite_11_update.exe
2010-03-15 11:22 . 2010-03-15 11:22 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\OviInstallerCache
2010-03-10 16:35 . 2010-03-10 16:35 152576 ----a-w- c:\documents and settings\Mateusz\Dane aplikacji\Sun\Java\jre1.6.0_17\lzma.dll
2010-03-10 16:35 . 2010-03-10 16:35 79488 ----a-w- c:\documents and settings\Mateusz\Dane aplikacji\Sun\Java\jre1.6.0_17\gtapi.dll
2010-03-10 16:34 . 2009-10-23 15:28 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
2010-02-24 20:59 . 2010-02-24 20:59 -------- d-----w- c:\program files\CCleaner

.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-22 15:15 . 2009-10-28 18:39 -------- d-----w- c:\documents and settings\Mateusz\Dane aplikacji\uTorrent
2010-03-22 14:37 . 2009-06-17 09:53 -------- d-----w- c:\documents and settings\Mateusz\Dane aplikacji\Winamp
2010-03-22 13:27 . 2004-08-04 12:00 555336 ----a-w- c:\windows\system32\perfh015.dat
2010-03-22 13:27 . 2004-08-04 12:00 109690 ----a-w- c:\windows\system32\perfc015.dat
2010-03-22 13:06 . 2009-06-23 08:27 138328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-03-22 13:05 . 2009-06-23 08:27 214816 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-03-21 16:29 . 2009-06-23 10:43 -------- d-----w- c:\documents and settings\Mateusz\Dane aplikacji\ipla
2010-03-19 21:57 . 2009-06-17 12:25 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files
2010-03-19 12:52 . 2009-06-17 12:11 -------- d-----w- c:\documents and settings\Mateusz\Dane aplikacji\Nokia
2010-03-19 07:43 . 2009-12-15 12:54 -------- d-----w- c:\program files\Google
2010-03-17 21:38 . 2009-06-23 08:54 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Spybot - Search & Destroy
2010-03-17 21:19 . 2009-09-24 14:10 -------- d-----w- c:\documents and settings\Mateusz\Dane aplikacji\Skype
2010-03-17 21:10 . 2009-09-24 14:19 -------- d-----w- c:\documents and settings\Mateusz\Dane aplikacji\skypePM
2010-03-17 19:38 . 2009-06-17 12:22 -------- d-----w- c:\program files\Common Files\Java
2010-03-17 19:37 . 2009-06-17 12:22 -------- d-----w- c:\program files\Java
2010-03-15 22:43 . 2009-06-16 21:48 30592 ----a-w- c:\documents and settings\Mateusz\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
2010-03-15 22:09 . 2009-06-17 12:09 -------- d-----w- c:\documents and settings\Mateusz\Dane aplikacji\PC Suite
2010-03-15 21:52 . 2009-07-03 21:47 -------- d-----w- c:\documents and settings\Mateusz\Dane aplikacji\Datalayer
2010-03-15 13:21 . 2010-03-15 13:21 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2010-03-15 13:21 . 2010-03-15 13:21 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2010-03-15 13:17 . 2009-06-17 12:09 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\PC Suite
2010-03-15 11:30 . 2009-06-17 12:09 -------- d-----w- c:\program files\Common Files\Nokia
2010-03-15 11:25 . 2009-06-17 12:10 -------- d-----w- c:\program files\DIFX
2010-03-15 11:24 . 2009-06-17 12:09 -------- d-----w- c:\program files\Common Files\PCSuite
2010-03-09 19:24 . 2009-10-06 19:12 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Creative
2010-03-09 19:24 . 2009-06-23 10:32 -------- d-----w- c:\documents and settings\Mateusz\Dane aplikacji\VSO
2010-03-08 15:26 . 2010-02-15 19:48 -------- d-----w- c:\program files\Panda Security
2010-03-08 15:26 . 2009-06-16 21:18 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-03-08 08:26 . 2010-02-20 13:27 105088 ----a-w- c:\windows\system32\drivers\av5flt.sys
2010-02-17 12:04 . 2010-02-17 11:55 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-02-16 11:38 . 2010-02-16 11:38 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\ESET
2010-02-16 11:18 . 2010-02-15 18:41 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-02-15 18:42 . 2010-02-15 18:42 52224 ----a-w- c:\documents and settings\Mateusz\Dane aplikacji\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-02-15 18:42 . 2010-02-15 18:42 117760 ----a-w- c:\documents and settings\Mateusz\Dane aplikacji\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-02-15 18:41 . 2010-02-15 18:41 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\SUPERAntiSpyware.com
2010-02-15 18:41 . 2010-02-15 18:41 -------- d-----w- c:\documents and settings\Mateusz\Dane aplikacji\SUPERAntiSpyware.com
2010-02-15 18:19 . 2010-02-15 18:06 -------- d-----w- c:\program files\SkanerOnline
2010-02-15 17:17 . 2009-06-19 06:55 -------- d-----w- c:\program files\Common Files\Adobe
2010-01-24 13:00 . 2010-01-24 12:43 -------- d-----w- c:\documents and settings\Mateusz\Dane aplikacji\TS3Client
2010-01-24 12:43 . 2010-01-24 12:43 -------- d-----w- c:\program files\TeamSpeak 3 Client
2010-01-21 17:20 . 2010-01-21 17:20 -------- d-----w- c:\program files\Allegro Image Resizer
2010-01-13 15:20 . 2010-01-13 15:20 54272 ----a-w- c:\documents and settings\Mateusz\Dane aplikacji\GanymedeNet\Online Games\Common\ielauncher.exe
2010-01-13 15:20 . 2010-01-13 15:20 4 ----a-w- c:\windows\system32\proc625010911.bin
2010-01-09 22:33 . 2010-01-09 22:33 0 ----a-w- c:\windows\nsreg.dat
2010-01-09 18:31 . 2010-01-09 18:31 44384 ----a-w- c:\windows\system32\drivers\tifsfilt.sys
2010-01-09 18:31 . 2009-12-02 11:33 441760 ----a-w- c:\windows\system32\drivers\timntr.sys
2010-01-09 18:31 . 2010-01-09 18:31 129248 ----a-w- c:\windows\system32\drivers\snapman.sys
2010-01-09 18:30 . 2010-01-09 18:30 368480 ----a-w- c:\windows\system32\drivers\tdrpman.sys
2009-12-31 16:50 . 2004-08-04 12:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-30 10:30 . 2009-06-17 12:09 91136 ----a-w- c:\windows\system32\nmwcdcls.dll
2009-06-24 07:42 . 2009-06-17 20:46 10 ----a-w- c:\program files\eula.txt
.

((((((((((((((((((((((((((((( SnapShot@2010-03-19_12.34.57 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-03-22 15:02 . 2010-03-22 15:02 16384 c:\windows\Temp\Perflib_Perfdata_688.dat
+ 2004-08-04 12:00 . 2010-03-22 13:27 92048 c:\windows\system32\perfc009.dat
- 2004-08-04 12:00 . 2010-03-17 19:37 92048 c:\windows\system32\perfc009.dat
+ 2009-11-16 08:06 . 2009-11-16 08:06 96408 c:\windows\system32\drivers\epfwtdir.sys
+ 2010-03-19 22:06 . 2010-03-19 22:06 10134 c:\windows\Installer\{1871FE54-36AA-478F-B374-A46BA54474CC}\callmsi.exe
+ 2010-03-21 10:46 . 2010-03-21 10:46 5120 c:\windows\Installer\{D3E29D5A-B772-4578-9075-4272569504E2}\IconCA8CA8DE.exe
+ 2004-08-04 12:00 . 2010-03-22 13:27 496294 c:\windows\system32\perfh009.dat
- 2004-08-04 12:00 . 2010-03-17 19:37 496294 c:\windows\system32\perfh009.dat
+ 2009-11-16 08:03 . 2009-11-16 08:03 108792 c:\windows\system32\drivers\ehdrv.sys
+ 2009-11-16 07:56 . 2009-11-16 07:56 116520 c:\windows\system32\drivers\eamon.sys
+ 2010-03-21 10:46 . 2010-03-21 10:46 854016 c:\windows\Installer\70a51.msi
+ 2010-03-19 22:06 . 2010-03-19 22:06 101480 c:\windows\Installer\{1871FE54-36AA-478F-B374-A46BA54474CC}\egui.exe
+ 2010-03-19 22:05 . 2010-03-19 22:06 1139200 c:\windows\Installer\5e0b6.msi
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-02-28 1828136]
"PcSync"="d:\nokia\Nokia PC Suite 6\PcSync2.exe" [2006-04-11 1409024]
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2007-09-04 95536]
"Nowe Gadu-Gadu"="d:\nowe gadu-gadu\gg.exe" [2009-08-31 11391592]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2009-10-28 289072]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"NokiaOviSuite2"="c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe" [2010-02-24 385928]
"Orb"="c:\program files\Orb Networks\Orb\bin\OrbTray.exe" [2008-05-14 507904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"RTHDCPL"="RTHDCPL.EXE" [2006-07-21 16261632]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-06-01 7618560]
"nwiz"="nwiz.exe" [2006-06-01 1519616]
"NvMediaCenter"="NvMCTray.dll" [2006-06-01 86016]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2008-02-28 570664]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-02-18 2221352]
"MULTIMEDIA KEYBOARD"="c:\program files\Netropa\Multimedia Keyboard\MMKeybd.exe" [2002-07-11 176128]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-09-01 282624]
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" [2007-09-04 54576]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd.exe" [2003-08-04 49152]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2003-12-22 241664]
"Live! Central"="c:\program files\Creative\Creative Live! Cam\Live! Central\CTLVCentral.exe" [2008-05-08 438399]
"TrueImageMonitor.exe"="c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2008-02-27 2611368]
"AcronisTimounterMonitor"="c:\program files\Acronis\TrueImageHome\TimounterMonitor.exe" [2008-02-27 910088]
"Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2008-02-27 140568]
"Adobe Reader Speed Launcher"="d:\adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"WinampAgent"="d:\winamp\winampa.exe" [2010-01-13 37888]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"NokiaMusic FastStart"="c:\program files\Nokia\Ovi Player\NokiaOviPlayer.exe" [2010-03-04 2192672]
"cFosSpeed"="c:\program files\cFosSpeed\cFosSpeed.exe" [2010-03-17 819416]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-11-16 2054360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"VF0560Inst"="c:\windows\system32\V0560Pin.dll" [2008-06-02 40960]

c:\documents and settings\Mateusz\Menu Start\Programy\Autostart\
·éăQQ.lnk - c:\windows\system32\wscript.exe [2004-8-4 155648]

c:\documents and settings\All Users\Menu Start\Programy\Autostart\
HP Digital Imaging Monitor.lnk - c:\program files\HP\digital imaging\bin\hpqtra08.exe [2003-9-16 237568]
Microsoft Office.lnk - d:\microsoft office\Office10\OSA.EXE [2001-2-13 83360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"e:\\Codemasters\\Worms 4 Mayhem\\WORMS 4 MAYHEM.EXE"=
"d:\\Nowe Gadu-Gadu\\gg.exe"=
"d:\\eMule\\emule.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Nokia\\Nokia Home Media Server\\Media Server\\twonkymedia.exe"=
"c:\\Program Files\\Nokia\\Nokia Home Media Server\\Media Server\\twonkymediaserver.exe"=
"c:\\Program Files\\Orb Networks\\Orb\\bin\\Orb.exe"=
"c:\\Program Files\\Orb Networks\\Orb\\bin\\OrbTray.exe"=
"c:\\Program Files\\Orb Networks\\Orb\\bin\\OrbStreamerClient.exe"=
"c:\\Program Files\\Orb Networks\\Orb\\bin\\xmltv.exe"=
"c:\\Program Files\\Orb Networks\\Orb\\bin\\OrbChannelScan.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Nokia\\Nokia Ovi Suite\\NokiaOviSuite.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Wolfenstein - Enemy Territory\\ET.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"4662:TCP"= 4662:TCP:eMule
"4672:UDP"= 4672:UDP:eMule

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2009-11-16 108792]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2009-11-16 96408]
R1 msikbd2k;Multimedia Keyboard Filter Driver;c:\windows\system32\drivers\Msikbd2k.sys [2009-06-17 6656]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-11-16 735960]
R2 MSSQL$ACRONIS;SQL Server (ACRONIS);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2009-05-27 29262680]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\drivers\CtClsFlt.sys [2009-10-06 145952]
R3 RLDesignVirtualAudioCableWdm;Live! Cam Virtual;c:\windows\system32\drivers\livecamv.sys [2009-10-06 31616]
R3 V0560Afx;Creative Camera VF0560 Audio Effects Driver;c:\windows\system32\drivers\V0560Afx.sys [2009-10-06 160768]
R3 V0560Vid;Creative Live! Cam Optia AF Driver;c:\windows\system32\drivers\V0560Vid.sys [2009-10-06 286592]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2009-06-18 721904]
S2 nhksrv;Netropa NHK Server;c:\program files\Netropa\Multimedia Keyboard\nhksrv.exe [2009-06-17 28672]
S2 TwonkyMedia;TwonkyMedia;c:\program files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -serviceversion 0 --> c:\program files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -serviceversion 0 [?]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2010-03-15 137344]
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www.onet.pl/
IE: E&ksport do programu Microsoft Excel - d:\micros~1\Office10\EXCEL.EXE/3000
IE: Funkcja Google Sidewiki - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
DPF: {4B4513E2-43DF-4E57-9496-FCD37E9DFA64} - hxxp://cached.gamedesire.com/g_bin/pl/navy_2_0_0_33.cab
FF - ProfilePath - c:\documents and settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\kwauy9xv.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.onet.pl/
FF - plugin: c:\program files\Mozilla Firefox\plugins\npwachk.dll
FF - plugin: d:\adobe\Reader 9.0\Reader\browser\nppdf32.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - USUNIĘTO PUSTE WPISY - - - -

HKLM-Run-UnlockerAssistant - c:\program files\Unlocker\UnlockerAssistant.exe
AddRemove-eBay Icon - c:\documents and settings\Mateusz\Dane aplikacji\Desktopicon\uninst.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-22 16:14
Windows 5.1.2600 Dodatek Service Pack 3 NTFS

skanowanie ukrytych procesów ...

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ...

skanowanie pomyślnie ukończone
ukryte pliki: 0

**************************************************************************
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,e1,cc,6d,5c,3f,d1,1e,44,bc,e7,01,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,e1,cc,6d,5c,3f,d1,1e,44,bc,e7,01,\
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------

- - - - - - - > 'lsass.exe'(1368)
c:\windows\system32\relog_ap.dll
.
Czas ukończenia: 2010-03-22 16:17:03
ComboFix-quarantined-files.txt 2010-03-22 15:17
ComboFix2.txt 2010-03-20 10:21
ComboFix3.txt 2010-03-20 00:12
ComboFix4.txt 2010-03-19 12:45
ComboFix5.txt 2010-03-22 15:06

Przed: 317 464 178 688 bajtów wolnych
Po: 318 516 023 296 bajtów wolnych

- - End Of File - - 33DBF6AF02B8AC31D2E87F8AEA440D66[/log]

Psycholandia
komentarz
komentarz

Jest czysto. Plik przeskanuj tu: http://www.virustotal.com/pl/ i daj wynik.

artega7
komentarz
komentarz

Nie mogę tego przeskanować, ponieważ program tego nie widzi, miałem ten sam problem jak chciałem go usunąć specjalnymi programami.

Psycholandia
komentarz
komentarz

Spróbuj usunąć plik za pomocą tego: [u][b][url="http://www.programosy.pl/program,pocket-killbox.html"]KLIK[/url][/b][/u] log wygląda na czysty, więc to nie wina wirusów.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.