x-kom hosting

Hidden objects i zwiechy kompa

Buster
utworzono
utworzono

Ostatnio przy podnoszeniu systemu zawiesza mi się komputer, po przeskanowaniu avira znalazła 50 tzw. hidden objects, których nie może usunąć. Prosze o analize logu

[log]OTL logfile created on: 2010-04-04 13:00:16 - Run 2
OTL by OldTimer - Version 3.2.1.0 Folder = C:\Documents and Settings\Kuba\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 69,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 86,00% Paging File free
Paging file location(s): c:\pagefile.sys 3072 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48,83 Gb Total Space | 15,77 Gb Free Space | 32,29% Space Free | Partition Type: NTFS
Drive D: | 184,05 Gb Total Space | 84,74 Gb Free Space | 46,04% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DOMOWY
Current User Name: Kuba
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-04-04 12:58:58 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kuba\Pulpit\OTL.exe
PRC - [2010-03-16 16:36:32 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010-03-09 04:28:30 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2010-03-02 11:28:31 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010-02-24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010-02-18 11:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2010-02-03 05:21:20 | 000,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
PRC - [2010-01-14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009-08-05 21:54:13 | 000,908,280 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-05-07 14:59:00 | 000,098,304 | ---- | M] (Wireless Service) -- C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
PRC - [2009-04-09 09:24:27 | 000,075,064 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe
PRC - [2009-02-09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008-12-09 18:01:50 | 000,405,504 | ---- | M] () -- C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe
PRC - [2008-10-21 20:51:02 | 000,352,256 | ---- | M] (AVerMedia) -- C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe
PRC - [2008-06-10 18:34:02 | 000,159,744 | ---- | M] () -- C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
PRC - [2008-05-02 03:44:08 | 000,805,392 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe
PRC - [2008-05-02 03:40:56 | 000,076,304 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
PRC - [2008-04-14 19:21:49 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe
PRC - [2008-04-14 19:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-14 19:21:43 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [WUDFSERVICEGROUP]
PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPZ12]
PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPZ12]
PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPDEVMGMT]
PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-14 19:21:42 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-14 19:21:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-14 19:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 19:21:10 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2008-04-14 19:21:10 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 19:21:02 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2008-03-20 12:04:46 | 002,127,296 | ---- | M] (Gadu-Gadu S.A.) -- C:\Program Files\Gadu-Gadu\gg.exe
PRC - [2007-06-27 12:31:28 | 000,079,136 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2007-04-14 15:50:30 | 001,556,480 | ---- | M] (D-Link) -- C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
PRC - [2007-03-11 21:34:40 | 000,049,152 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
PRC - [2006-12-19 11:12:00 | 016,062,464 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe
PRC - [2005-01-14 11:00:24 | 000,339,968 | ---- | M] (Sonix) -- C:\WINDOWS\vsnpstd3.exe
PRC - [2004-12-13 04:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2004-06-16 06:03:04 | 000,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-04-04 12:58:58 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kuba\Pulpit\OTL.exe
MOD - [2009-12-08 11:25:45 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2009-07-12 02:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
MOD - [2009-06-25 10:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2009-04-15 16:54:38 | 000,585,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2009-03-21 16:08:59 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2009-02-09 12:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2009-02-09 12:53:43 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2008-10-23 14:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-06-17 21:03:15 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2008-05-02 03:42:50 | 000,045,584 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\lgscroll.dll
MOD - [2008-04-14 22:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 19:21:56 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 19:20:57 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
MOD - [2008-04-14 19:20:57 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 19:20:56 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 19:20:56 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-14 19:20:56 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 19:20:45 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2008-04-14 19:20:44 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2008-04-14 19:20:44 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 19:20:44 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 19:20:44 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 19:20:41 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
MOD - [2008-04-14 19:20:39 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 19:20:36 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll
MOD - [2008-04-14 19:20:32 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2008-04-14 19:20:31 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-14 19:20:13 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-14 19:12:58 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctfime.ime
MOD - [2008-04-14 18:59:08 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
MOD - [2006-12-21 14:30:44 | 000,102,400 | ---- | M] (Gadu-Gadu S.A.) -- C:\Program Files\Gadu-Gadu\ggwhook.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2010-03-16 16:36:32 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010-02-24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009-06-02 10:10:08 | 000,637,952 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008-12-09 18:01:50 | 000,405,504 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe -- (AVerScheduleService)
SRV - [2008-10-21 20:51:02 | 000,352,256 | ---- | M] (AVerMedia) [Auto | Running] -- C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe -- (AVerRemote)
SRV - [2008-05-02 03:42:06 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2005-02-09 12:59:00 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) [Auto | Stopped] -- C:\WINDOWS\system32\drivers\Pclepci.sys -- (PCLEPCI)
SRV - [2004-12-13 04:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2010-03-01 10:05:24 | 000,124,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2010-02-16 14:24:01 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010-02-03 06:52:08 | 004,605,952 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009-05-11 12:49:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009-05-11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009-04-15 14:32:36 | 000,715,520 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt2870.sys -- (rt2870)
DRV - [2009-03-18 14:56:06 | 000,087,536 | ---- | M] (CyberLink Corp.) [2009/07/25 13:22:12] [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerDVD\000.fcl -- ({95808DC4-FA4A-4C74-92FE-5B863F82066B})
DRV - [2009-02-09 18:10:04 | 000,029,411 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\ANIO.sys -- (ANIO)
DRV - [2008-11-15 20:21:36 | 000,055,216 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750bus.sys -- (k750bus) Sony Ericsson 750 driver (WDM)
DRV - [2008-11-15 20:16:26 | 000,021,672 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2008-11-15 20:16:26 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)
DRV - [2008-11-10 22:54:32 | 000,102,664 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmcomm.sys -- (tmcomm)
DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008-05-20 10:01:00 | 000,288,896 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2008-04-13 21:46:20 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\61883.sys -- (61883)
DRV - [2008-04-13 21:46:20 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avc.sys -- (Avc)
DRV - [2008-04-13 21:46:10 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msdv.sys -- (MSDV)
DRV - [2008-04-13 20:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2008-04-13 20:45:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008-04-13 18:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008-02-29 04:13:36 | 000,079,120 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2008-02-29 04:13:24 | 000,036,880 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2008-02-29 04:13:16 | 000,035,344 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2008-02-29 04:12:56 | 000,063,120 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042mou.Sys -- (L8042mou)
DRV - [2007-11-29 11:39:52 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2007-11-29 11:39:42 | 000,016,896 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2007-11-29 11:39:42 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2007-11-29 11:39:40 | 000,019,328 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2007-09-07 05:36:20 | 000,304,512 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\averhbtv.sys -- (AVerHybrid) AVerMedia Hybrid Tuner (NTSC/PAL/SECAM/DVB-T/FM)
DRV - [2007-06-04 18:25:14 | 000,016,048 | ---- | M] (Cyberlink Co.,Ltd.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\CLBStor.sys -- (CLBStor)
DRV - [2007-06-04 18:25:12 | 000,162,096 | ---- | M] (CyberLink Corporation.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\CLBUDF.sys -- (CLBUDF)
DRV - [2007-01-04 10:07:00 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2006-12-21 16:26:00 | 004,405,248 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006-09-24 15:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2005-04-25 14:30:19 | 000,025,424 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\iteatapi.sys -- (iteatapi)
DRV - [2005-04-25 14:30:01 | 000,005,824 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ASUSHWIO.SYS -- (Asushwio)
DRV - [2005-03-12 19:48:00 | 000,243,456 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt2500usb.sys -- (rt2500usb) DWL-G122(rev.B)
DRV - [2005-02-21 17:48:38 | 000,452,992 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3)
DRV - [2004-12-23 17:27:56 | 000,027,392 | ---- | M] (Ulead Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ULCDRHlp.sys -- (ULCDRHlp)
DRV - [2004-08-22 16:31:48 | 000,005,248 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\d347prt.sys -- (d347prt)
DRV - [2004-08-22 16:31:10 | 000,155,136 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\d347bus.sys -- (d347bus)
DRV - [2004-08-13 04:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2004-03-08 12:55:50 | 000,013,567 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2001-08-17 22:02:32 | 000,008,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hidgame.sys -- (hidgame)
DRV - [2001-08-17 22:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [1996-04-03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1229272821-1060284298-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1229272821-1060284298-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.onet.pl"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.1
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {eaf8a4ef-d221-45ca-9deb-d0934b45fa34}:1.3.0.3

FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009-08-14 14:18:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-01-07 19:07:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-01-07 19:07:22 | 000,000,000 | ---D | M]

[2008-07-28 21:06:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\Mozilla\Extensions
[2010-03-31 18:39:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\Mozilla\Firefox\Profiles\z7r0ln27.default\extensions
[2009-07-12 20:08:16 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Kuba\Dane aplikacji\Mozilla\Firefox\Profiles\z7r0ln27.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009-08-19 10:39:11 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Kuba\Dane aplikacji\Mozilla\Firefox\Profiles\z7r0ln27.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009-09-18 20:20:24 | 000,000,000 | ---D | M] (OggX (powered by TIME S.A.)) -- C:\Documents and Settings\Kuba\Dane aplikacji\Mozilla\Firefox\Profiles\z7r0ln27.default\extensions\{eaf8a4ef-d221-45ca-9deb-d0934b45fa34}
[2009-01-09 23:19:34 | 000,001,994 | ---- | M] () -- C:\Documents and Settings\Kuba\Dane aplikacji\Mozilla\Firefox\Profiles\z7r0ln27.default\searchplugins\wrzuta.xml
[2008-12-03 20:37:53 | 000,002,126 | ---- | M] () -- C:\Documents and Settings\Kuba\Dane aplikacji\Mozilla\Firefox\Profiles\z7r0ln27.default\searchplugins\wyszukiwanie-filmw-wideo-w-youtube.xml
[2010-03-31 18:39:41 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009-01-28 20:46:54 | 000,307,200 | ---- | M] (ESKA) -- C:\Program Files\Mozilla Firefox\plugins\npOggX.dll
[2009-08-05 21:54:23 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2009-08-05 21:54:23 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2009-08-05 21:54:23 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2009-08-05 21:54:23 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2009-08-05 21:54:23 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2009-08-05 21:54:23 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2009-05-12 21:50:26 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe (Wireless Service)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe (D-Link)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [LGODDFU] C:\Program Files\lg_fwupdate\fwupdate.exe (BitLeader)
O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe (Sonix)
O4 - HKU\.DEFAULT..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\AVer HID Receiver.lnk = C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\AVerQuick.lnk = C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe (AVerMedia TECHNOLOGIES, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1229272821-1060284298-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1229272821-1060284298-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1229272821-1060284298-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1249662866375 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logitech\bluetooth\LBTWlgn.dll - c:\Program Files\Common Files\Logitech\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-07-16 16:08:43 | 000,000,095 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{4b5dd0ba-9174-11dd-885f-001195d030cf}\Shell - "" = AutoRun
O33 - MountPoints2\{4b5dd0ba-9174-11dd-885f-001195d030cf}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -- File not found
O33 - MountPoints2\{7a7c26a5-9ae7-11dd-8871-001195d030cf}\Shell - "" = AutoRun
O33 - MountPoints2\{7a7c26a5-9ae7-11dd-8871-001195d030cf}\Shell\AutoRun\command - "" = E:\_AUTORUN\AUTORUN.EXE -- File not found
O33 - MountPoints2\{7a7c26a5-9ae7-11dd-8871-001195d030cf}\Shell\instDX\command - "" = E:\directX\dxsetup.exe -- File not found
O33 - MountPoints2\{7a7c26a5-9ae7-11dd-8871-001195d030cf}\Shell\readme\command - "" = notepad readme.txt
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2009-08-07 15:07:13 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^AVerQuick.lnk - C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe - (AVerMedia TECHNOLOGIES, Inc.)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe - (Hewlett-Packard Co.)
MsConfig - StartUpFolder: C:^Documents and Settings^Kuba^Menu Start^Programy^Autostart^Rejestracja FIFA 09.lnk - D:\PROGRA~1\EASPOR~1\FIFA09~1\Support\EAREGI~1.EXE - File not found
MsConfig - StartUpReg: [b]Ad-Watch[/b] - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: [b]BDRegion[/b] - hkey= - key= - C:\Program Files\CyberLink\Shared Files\brs.exe (cyberlink)
MsConfig - StartUpReg: [b]InstantBurn[/b] - hkey= - key= - C:\Program Files\CyberLink\InstantBurn\Win2K\IBurn.exe (CyberLink Corporation.)
MsConfig - StartUpReg: [b]LanguageShortcut[/b] - hkey= - key= - C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
MsConfig - StartUpReg: [b]NeroFilterCheck[/b] - hkey= - key= - C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
MsConfig - StartUpReg: [b]OM_Monitor[/b] - hkey= - key= - C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe (OLYMPUS IMAGING CORP.)
MsConfig - StartUpReg: [b]RemoteControl[/b] - hkey= - key= - C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: WdfLoadGroup -
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: WdfLoadGroup -
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-04-04 12:58:53 | 000,561,664 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Kuba\Pulpit\OTL.exe
[2010-04-03 22:17:52 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010-04-03 22:17:48 | 000,020,824 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010-04-03 22:17:48 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010-04-02 21:27:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2010-03-31 15:30:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sun
[2010-03-30 16:47:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Pulpit\fwdpolski
[2010-03-24 23:45:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Dane aplikacji\Avira
[2010-03-24 22:30:54 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2010-03-24 22:30:53 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010-03-24 22:30:53 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010-03-24 22:30:53 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2010-03-24 22:30:53 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2010-03-24 22:30:52 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2010-03-24 22:30:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Avira
[2010-03-20 16:55:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\MetaGeek,_LLC
[2010-03-20 16:52:10 | 000,000,000 | ---D | C] -- C:\Program Files\MetaGeek
[2010-03-18 23:15:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Pulpit\powtórzenie
[2010-03-14 21:23:37 | 000,000,000 | ---D | C] -- C:\Program Files\Wise Disk Cleaner
[2010-03-14 21:21:59 | 000,000,000 | ---D | C] -- C:\Program Files\Wise Registry Cleaner
[2010-03-08 15:54:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Pulpit\tn_mp 434
[2010-03-07 11:43:18 | 020,232,288 | ---- | C] ( ) -- C:\Documents and Settings\Kuba\Pulpit\Setup_Nokia_Maps_Updater_1.0.12.exe
[2010-03-02 22:09:18 | 000,000,000 | ---D | C] -- C:\Program Files\Grupa IMAGE
[2010-03-02 22:08:07 | 000,000,000 | ---D | C] -- C:\Program Files\Prawo Jazdy 2010
[2010-02-20 15:55:52 | 000,155,648 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\Oemdspif.dll
[2010-02-20 15:55:51 | 000,208,896 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atipdlxx.dll
[2010-02-20 15:55:51 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\ati2edxx.dll
[2010-02-20 15:55:51 | 000,026,112 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\Ati2mdxx.exe
[2010-02-20 15:55:51 | 000,024,064 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\ativcoxx.dll
[2010-02-20 15:55:38 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2009-07-22 14:24:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2008-10-15 20:31:29 | 000,155,136 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347bus.sys
[2008-10-15 20:31:29 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347prt.sys
[2008-09-14 12:08:50 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll
[2008-09-14 12:08:50 | 000,057,344 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd3.dll
[2008-09-14 12:08:50 | 000,036,864 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll
[2008-07-28 20:33:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2008-07-28 18:41:44 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[2008-07-28 18:41:44 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[14 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-04-04 13:00:00 | 000,000,460 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{AB205C06-67A9-4978-B986-F638E4B8C403}.job
[2010-04-04 12:59:04 | 006,815,744 | ---- | M] () -- C:\Documents and Settings\Kuba\NTUSER.DAT
[2010-04-04 12:58:58 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kuba\Pulpit\OTL.exe
[2010-04-04 12:32:30 | 000,000,390 | ---- | M] () -- C:\WINDOWS\lgfwup.ini
[2010-04-04 12:32:15 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-04-04 12:32:07 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-04-04 12:32:05 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-04-03 22:26:27 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Kuba\ntuser.ini
[2010-04-03 22:17:55 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2010-04-03 17:33:31 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010-04-02 15:13:40 | 000,069,120 | ---- | M] () -- C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-03-31 20:32:42 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010-03-29 15:24:58 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010-03-29 15:24:46 | 000,020,824 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010-03-28 20:31:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010-03-25 00:39:35 | 001,583,616 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\LJ15.xls
[2010-03-24 22:31:05 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Avira AntiVir Control Center.lnk
[2010-03-24 22:26:27 | 000,015,511 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\bio.docx
[2010-03-24 16:02:00 | 001,114,778 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-03-24 16:02:00 | 000,499,854 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2010-03-24 16:02:00 | 000,440,820 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-03-24 16:02:00 | 000,089,036 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2010-03-24 16:02:00 | 000,071,138 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-03-21 21:45:52 | 003,828,544 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\Jimmy Eat World-The Middle.mp3
[2010-03-21 21:31:50 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010-03-14 21:23:40 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\Wise Disk Cleaner Free.lnk
[2010-03-14 21:22:03 | 000,000,828 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Wise Registry Cleaner.lnk
[2010-03-14 18:01:56 | 003,414,528 | ---- | M] (Karol Winnicki) -- C:\Documents and Settings\Kuba\Pulpit\BESTplayer.exe
[2010-03-10 19:01:29 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010-03-09 23:37:29 | 002,113,306 | -H-- | M] () -- C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-03-09 17:42:39 | 000,012,777 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\2012.docx
[2010-03-09 15:42:56 | 000,000,349 | ---- | M] () -- C:\Documents and Settings\All Users\Dokumenty\PCLECHAL.INI
[2010-03-07 11:46:03 | 020,232,288 | ---- | M] ( ) -- C:\Documents and Settings\Kuba\Pulpit\Setup_Nokia_Maps_Updater_1.0.12.exe
[2010-03-02 22:09:34 | 000,000,867 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\Prawo Jazdy ABCDT - egzamin wewnętrzny.lnk
[2010-03-02 22:08:33 | 000,001,648 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\Prawo Jazdy 2010.lnk
[2010-03-01 10:05:24 | 000,124,784 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010-02-27 19:55:41 | 000,069,632 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\bez tytuł1.JPG
[2010-02-27 19:51:36 | 000,054,774 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\czupi.JPG
[2010-02-24 22:13:26 | 000,001,502 | ---- | M] () -- C:\Documents and Settings\Kuba\.recently-used.xbel
[2010-02-20 15:56:08 | 000,001,775 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Play The Lord of the Rings Online™ - FREE for 10 Days!.lnk
[2010-02-20 15:49:37 | 000,000,010 | ---- | M] () -- C:\WINDOWS\WININIT.INI
[2010-02-20 13:02:42 | 000,016,384 | ---- | M] (BitLeader) -- C:\WINDOWS\System32\lgfwunis.exe
[2010-02-19 00:17:16 | 000,000,108 | ---- | M] () -- C:\WINDOWS\AVerText.ini
[2010-02-16 19:52:05 | 000,136,709 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\bez tytułu22.JPG
[2010-02-16 19:51:41 | 000,132,650 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\bez tytułu2.JPG
[2010-02-16 14:24:01 | 000,060,936 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010-02-03 15:55:29 | 006,815,744 | -H-- | M] () -- C:\Documents and Settings\Kuba\NTUSER.bak
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[14 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-04-03 22:17:55 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2010-03-24 23:46:43 | 001,583,616 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\LJ15.xls
[2010-03-24 22:31:05 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Avira AntiVir Control Center.lnk
[2010-03-24 21:05:52 | 000,015,511 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\bio.docx
[2010-03-21 21:45:23 | 003,828,544 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\Jimmy Eat World-The Middle.mp3
[2010-03-14 21:23:40 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\Wise Disk Cleaner Free.lnk
[2010-03-14 21:22:03 | 000,000,828 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Wise Registry Cleaner.lnk
[2010-03-09 17:37:20 | 000,012,777 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\2012.docx
[2010-03-02 22:09:34 | 000,000,867 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\Prawo Jazdy ABCDT - egzamin wewnętrzny.lnk
[2010-03-02 22:08:33 | 000,001,648 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\Prawo Jazdy 2010.lnk
[2010-02-27 19:46:55 | 000,054,774 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\czupi.JPG
[2010-02-24 22:13:26 | 000,001,502 | ---- | C] () -- C:\Documents and Settings\Kuba\.recently-used.xbel
[2010-02-20 15:56:08 | 000,001,775 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Play The Lord of the Rings Online™ - FREE for 10 Days!.lnk
[2010-02-20 15:55:52 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2010-02-20 15:55:51 | 000,455,520 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.cap
[2010-02-20 15:55:51 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe
[2010-02-20 15:55:51 | 000,198,341 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2010-02-20 15:55:51 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe
[2010-02-20 15:55:51 | 000,031,240 | ---- | C] () -- C:\WINDOWS\System32\atiapfxx.blb
[2010-02-20 15:55:51 | 000,020,274 | ---- | C] () -- C:\WINDOWS\atiogl.xml
[2010-02-20 15:55:51 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2010-02-16 19:52:05 | 000,136,709 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\bez tytułu22.JPG
[2010-02-16 19:51:41 | 000,132,650 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\bez tytułu2.JPG
[2010-02-16 19:51:02 | 000,069,632 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\bez tytuł1.JPG
[2010-02-03 11:41:47 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Kuba\NTUSER.rhk.LOG
[2010-01-19 17:58:00 | 000,076,407 | ---- | C] () -- C:\Documents and Settings\Kuba\Dane aplikacji\Smiley.ico
[2009-08-17 21:30:48 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\AVerIO.dll
[2009-08-17 21:30:48 | 000,003,456 | ---- | C] () -- C:\WINDOWS\System32\AVerIO.sys
[2009-08-17 21:30:42 | 000,565,248 | ---- | C] () -- C:\WINDOWS\System32\sptlib21.dll
[2009-08-17 21:30:42 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\sptlib11.dll
[2009-08-17 21:30:42 | 000,290,816 | ---- | C] () -- C:\WINDOWS\System32\sptlib22.dll
[2009-08-17 21:30:42 | 000,249,856 | ---- | C] () -- C:\WINDOWS\System32\sptlib01.dll
[2009-08-17 21:30:42 | 000,245,760 | ---- | C] () -- C:\WINDOWS\System32\sptlib03.dll
[2009-08-17 21:30:42 | 000,241,664 | ---- | C] () -- C:\WINDOWS\System32\sptlib02.dll
[2009-08-17 21:30:42 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\sptlib12.dll
[2009-08-07 22:36:57 | 000,262,144 | ---- | C] () -- C:\Documents and Settings\All Users\ntuser.dat
[2009-08-07 22:36:57 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\All Users\ntuser.dat.LOG
[2009-08-05 22:09:51 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009-08-05 22:09:48 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009-08-02 00:22:28 | 000,157,352 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2009-07-16 16:08:43 | 000,196,096 | ---- | C] () -- C:\WINDOWS\System32\macd32.dll
[2009-07-16 16:08:43 | 000,138,752 | ---- | C] () -- C:\WINDOWS\System32\mase32.dll
[2009-07-16 16:08:43 | 000,136,192 | ---- | C] () -- C:\WINDOWS\System32\mamc32.dll
[2009-07-16 16:08:43 | 000,057,856 | ---- | C] () -- C:\WINDOWS\System32\masd32.dll
[2009-07-16 16:08:43 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\ma32.dll
[2009-07-15 22:08:31 | 000,003,339 | ---- | C] () -- C:\Documents and Settings\Kuba\mercalli-protocol.txt
[2009-07-15 22:08:22 | 000,003,359 | ---- | C] () -- C:\Documents and Settings\Kuba\heroglyph-protocol.txt
[2009-07-15 17:00:54 | 000,000,390 | ---- | C] () -- C:\WINDOWS\lgfwup.ini
[2009-07-14 18:15:00 | 000,178,432 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009-05-22 22:27:15 | 000,000,108 | ---- | C] () -- C:\WINDOWS\AVerText.ini
[2009-04-23 16:15:21 | 000,815,104 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009-04-23 16:15:21 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009-04-10 12:48:27 | 000,000,028 | ---- | C] () -- C:\WINDOWS\System32\WFD_List.ini
[2008-12-20 21:34:11 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2008-12-20 21:34:02 | 000,005,937 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2008-09-20 09:16:04 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2008-09-15 19:17:08 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\qtmlClient.dll
[2008-09-15 19:17:08 | 000,002,343 | ---- | C] () -- C:\WINDOWS\Graffiti5.2Pin.ini
[2008-09-15 18:55:50 | 000,000,024 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\__FileUploader.log
[2008-09-14 12:08:52 | 000,015,498 | ---- | C] () -- C:\WINDOWS\snpstd3.ini
[2008-09-14 12:08:51 | 000,452,992 | ---- | C] () -- C:\WINDOWS\System32\drivers\snpstd3.sys
[2008-08-28 21:44:06 | 000,860,211 | ---- | C] () -- C:\WINDOWS\System32\XSIFtk-3.6.2.1.dll
[2008-08-22 10:31:38 | 000,000,414 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2008-08-20 14:45:54 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
[2008-08-14 14:18:03 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008-08-13 20:22:44 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\DVResampleru.dll
[2008-08-13 20:06:02 | 000,000,017 | ---- | C] () -- C:\WINDOWS\MovingPicture.ini
[2008-08-13 18:50:52 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
[2008-07-29 16:41:54 | 000,138,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008-07-28 21:07:50 | 000,005,784 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log
[2008-07-28 20:41:13 | 000,069,120 | ---- | C] () -- C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008-07-28 19:29:03 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\JJAKEn.dll
[2008-07-28 19:28:47 | 000,048,640 | ---- | C] () -- C:\WINDOWS\System32\ANIO64.sys
[2008-07-28 19:04:18 | 000,005,810 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2008-07-28 19:04:10 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2008-07-28 18:59:54 | 000,258,048 | ---- | C] () -- C:\WINDOWS\System32\wlanapp.dll
[2008-07-28 18:59:54 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\aIPH.dll
[2008-07-28 18:59:54 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\AQCKGen.dll
[2008-07-28 18:59:54 | 000,045,115 | ---- | C] () -- C:\WINDOWS\System32\ANICtl.dll
[2008-07-28 18:59:45 | 000,315,392 | ---- | C] () -- C:\WINDOWS\System32\ANIOApi.dll
[2008-07-28 18:59:45 | 000,029,411 | ---- | C] () -- C:\WINDOWS\System32\ANIO.sys
[2008-07-28 18:45:31 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\Kuba\ntuser.dat.LOG
[2008-07-28 18:45:31 | 000,000,188 | -HS- | C] () -- C:\Documents and Settings\Kuba\ntuser.ini
[2008-07-28 18:45:30 | 006,815,744 | -H-- | C] () -- C:\Documents and Settings\Kuba\NTUSER.bak
[2008-07-28 18:45:30 | 006,815,744 | ---- | C] () -- C:\Documents and Settings\Kuba\NTUSER.DAT
[2004-08-22 17:04:56 | 000,069,120 | ---- | C] () -- C:\WINDOWS\daemon.dll
[2004-08-04 02:44:10 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[1996-04-03 21:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

[color=#E56717]========== LOP Check ==========[/color]

[2009-09-21 21:35:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVerTV
[2009-08-19 10:48:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Azureus
[2010-02-02 11:42:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Codemasters
[2009-11-26 18:09:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations
[2009-07-15 17:30:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\LightScribe
[2008-12-20 21:35:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MAGIX
[2009-11-26 18:13:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia
[2009-06-15 20:58:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
[2008-08-13 18:54:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Pinnacle
[2008-08-13 18:54:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Pinnacle Studio
[2009-07-16 17:53:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Pinnacle Studio Plus
[2009-07-14 23:04:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Pinnacle Studio Ultimate
[2009-07-16 17:53:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Studio 12
[2010-02-11 12:05:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2009-11-28 11:43:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TrackMania
[2008-07-28 21:54:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ulead Systems
[2009-08-28 22:23:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\Azureus
[2010-02-11 17:14:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\BESTplayer
[2008-08-30 14:13:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\fltk.org
[2008-07-28 22:56:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\Gadu-Gadu
[2010-02-24 22:13:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\gtk-2.0
[2009-01-01 21:59:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\Leadertech
[2009-06-15 20:47:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\Nokia
[2008-08-10 21:06:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\OLYMPUS
[2009-06-15 20:59:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\PC Suite
[2009-07-16 16:49:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\proDAD
[2008-11-15 20:24:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\Teleca
[2010-03-28 20:31:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2010-04-04 13:00:00 | 000,000,460 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{AB205C06-67A9-4978-B986-F638E4B8C403}.job
[2009-03-27 20:54:59 | 000,000,430 | ---- | M] () -- C:\WINDOWS\Tasks\Wise Disk Cleaner 4.job
[2009-02-21 14:13:17 | 000,000,470 | ---- | M] () -- C:\WINDOWS\Tasks\Wise Registry Cleaner 4.job

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2009-08-05 20:26:52 | 000,092,034 | ---- | M] () -- C:\aaw7boot.log
[2008-08-13 19:58:11 | 000,898,018 | ---- | M] () -- C:\adorage-protocol.txt
[2009-07-16 16:08:43 | 000,000,095 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009-07-20 19:47:27 | 000,000,282 | -HS- | M] () -- C:\Boot.BAK
[2009-09-13 21:44:35 | 000,000,282 | -HS- | M] () -- C:\boot.ini
[2004-08-04 14:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2009-04-22 07:28:23 | 000,383,200 | RHS- | M] () -- C:\bootmgr
[2009-07-23 05:35:56 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2004-08-04 00:00:14 | 000,262,400 | ---- | M] () -- C:\cmldr
[2008-07-28 18:41:47 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2008-07-28 18:41:47 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2009-07-15 17:00:14 | 000,000,177 | ---- | M] () -- C:\ITB.log
[2010-04-03 14:37:30 | 000,000,109 | ---- | M] () -- C:\mbam-error.txt
[2008-07-28 18:41:47 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004-08-04 14:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008-07-28 20:24:53 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2010-04-04 12:32:00 | 3221,225,472 | -HS- | M] () -- C:\pagefile.sys


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2004-08-04 14:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys
[2009-08-07 22:48:02 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys
[2009-08-07 22:48:02 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys
[2008-04-13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008-04-13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2004-08-04 14:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009-08-07 22:48:02 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2009-08-07 22:48:02 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008-04-13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008-04-13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2004-08-04 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2004-08-04 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\cache\beep.sys
[2004-08-04 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2004-08-04 14:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2009-08-07 22:48:02 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2009-08-07 22:48:02 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008-04-13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008-04-13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2008-04-14 19:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008-04-14 19:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008-04-13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\cache\ndis.sys
[2008-04-13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2008-04-14 19:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008-04-14 19:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\dllcache\cache\winlogon.exe
[2008-04-14 19:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 489 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:05EE1EEF
< End of report >
[/log]

Mateusz J.
komentarz
komentarz

Uruchom OTL i w oknie Custom Scans/Fixes wklej[code]
:Processes
explorer.exe

:OTL
O33 - MountPoints2\{4b5dd0ba-9174-11dd-885f-001195d030cf}\Shell - "" = AutoRun
O33 - MountPoints2\{4b5dd0ba-9174-11dd-885f-001195d030cf}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -- File not found
O33 - MountPoints2\{7a7c26a5-9ae7-11dd-8871-001195d030cf}\Shell - "" = AutoRun
O33 - MountPoints2\{7a7c26a5-9ae7-11dd-8871-001195d030cf}\Shell\AutoRun\command - "" = E:\_AUTORUN\AUTORUN.EXE -- File not found
O33 - MountPoints2\{7a7c26a5-9ae7-11dd-8871-001195d030cf}\Shell\instDX\command - "" = E:\directX\dxsetup.exe -- File not found
O33 - MountPoints2\{7a7c26a5-9ae7-11dd-8871-001195d030cf}\Shell\readme\command - "" = notepad readme.txt
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\LaunchU3.exe -- File not found

:Commands
[emptytemp]
[Reboot][/code]Kliknij Run Fix. Zatwierdź restart komputera.
Po ponownym uruchomieniu komputera tworzysz nowy log i pokazujesz do kontroli.


Wykonaj: http://www.forumpc.pl/index.php?showtopic=107753
Usuwasz wszystko co znajdzie program, a raport pokazuje na forum.

Buster
komentarz
komentarz

OTL
[log]OTL logfile created on: 2010-04-06 08:23:24 - Run 3
OTL by OldTimer - Version 3.2.1.0 Folder = C:\Documents and Settings\Kuba\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 74,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 89,00% Paging File free
Paging file location(s): c:\pagefile.sys 3072 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48,83 Gb Total Space | 16,90 Gb Free Space | 34,61% Space Free | Partition Type: NTFS
Drive D: | 184,05 Gb Total Space | 84,74 Gb Free Space | 46,04% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DOMOWY
Current User Name: Kuba
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-04-04 12:58:58 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kuba\Pulpit\OTL.exe
PRC - [2010-03-16 16:36:32 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010-03-09 04:28:30 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2010-03-02 11:28:31 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010-02-24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010-02-20 13:00:35 | 000,557,056 | ---- | M] (BitLeader) -- C:\Program Files\lg_fwupdate\fwupdate.exe
PRC - [2010-02-18 11:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2010-02-03 05:21:20 | 000,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
PRC - [2010-01-14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009-08-05 21:54:13 | 000,908,280 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-05-07 14:59:00 | 000,098,304 | ---- | M] (Wireless Service) -- C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
PRC - [2009-04-09 09:24:27 | 000,075,064 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe
PRC - [2009-02-09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008-12-09 18:01:50 | 000,405,504 | ---- | M] () -- C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe
PRC - [2008-10-21 20:57:12 | 000,663,552 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) -- C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
PRC - [2008-10-21 20:51:02 | 000,352,256 | ---- | M] (AVerMedia) -- C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe
PRC - [2008-06-10 18:34:02 | 000,159,744 | ---- | M] () -- C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
PRC - [2008-05-02 03:44:08 | 000,805,392 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe
PRC - [2008-05-02 03:40:56 | 000,076,304 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
PRC - [2008-04-14 19:21:49 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe
PRC - [2008-04-14 19:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-14 19:21:43 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [WUDFSERVICEGROUP]
PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPZ12]
PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPZ12]
PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPDEVMGMT]
PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-14 19:21:42 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-14 19:21:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-14 19:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 19:21:10 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2008-04-14 19:21:10 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 19:21:02 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2007-06-27 12:31:28 | 000,079,136 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2007-04-14 15:50:30 | 001,556,480 | ---- | M] (D-Link) -- C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
PRC - [2007-03-11 21:34:40 | 000,049,152 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
PRC - [2006-12-19 11:12:00 | 016,062,464 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe
PRC - [2005-01-14 11:00:24 | 000,339,968 | ---- | M] (Sonix) -- C:\WINDOWS\vsnpstd3.exe
PRC - [2004-12-13 04:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2004-06-16 06:03:04 | 000,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-04-04 12:58:58 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kuba\Pulpit\OTL.exe
MOD - [2009-12-08 11:25:45 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2009-07-12 02:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
MOD - [2009-06-25 10:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2009-04-15 16:54:38 | 000,585,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2009-03-21 16:08:59 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2009-02-09 12:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2009-02-09 12:53:43 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2008-10-23 14:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-06-17 21:03:15 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2008-05-02 03:42:50 | 000,045,584 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\lgscroll.dll
MOD - [2008-04-14 22:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 19:21:56 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 19:20:57 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
MOD - [2008-04-14 19:20:57 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 19:20:56 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 19:20:56 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-14 19:20:56 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 19:20:45 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2008-04-14 19:20:44 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2008-04-14 19:20:44 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 19:20:44 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 19:20:44 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 19:20:41 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
MOD - [2008-04-14 19:20:39 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 19:20:36 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll
MOD - [2008-04-14 19:20:32 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2008-04-14 19:20:31 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-14 19:20:13 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-14 19:12:58 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctfime.ime
MOD - [2008-04-14 18:59:08 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2010-03-16 16:36:32 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010-02-24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009-06-02 10:10:08 | 000,637,952 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008-12-09 18:01:50 | 000,405,504 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe -- (AVerScheduleService)
SRV - [2008-10-21 20:51:02 | 000,352,256 | ---- | M] (AVerMedia) [Auto | Running] -- C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe -- (AVerRemote)
SRV - [2008-05-02 03:42:06 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2005-02-09 12:59:00 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) [Auto | Stopped] -- C:\WINDOWS\system32\drivers\Pclepci.sys -- (PCLEPCI)
SRV - [2004-12-13 04:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2010-03-01 10:05:24 | 000,124,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2010-02-16 14:24:01 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010-02-03 06:52:08 | 004,605,952 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009-05-11 12:49:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009-05-11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009-04-15 14:32:36 | 000,715,520 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt2870.sys -- (rt2870)
DRV - [2009-03-18 14:56:06 | 000,087,536 | ---- | M] (CyberLink Corp.) [2009/07/25 13:22:12] [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerDVD\000.fcl -- ({95808DC4-FA4A-4C74-92FE-5B863F82066B})
DRV - [2009-02-09 18:10:04 | 000,029,411 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\ANIO.sys -- (ANIO)
DRV - [2008-11-15 20:21:36 | 000,055,216 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750bus.sys -- (k750bus) Sony Ericsson 750 driver (WDM)
DRV - [2008-11-15 20:16:26 | 000,021,672 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2008-11-15 20:16:26 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)
DRV - [2008-11-10 22:54:32 | 000,102,664 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmcomm.sys -- (tmcomm)
DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008-05-20 10:01:00 | 000,288,896 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2008-04-13 21:46:20 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\61883.sys -- (61883)
DRV - [2008-04-13 21:46:20 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avc.sys -- (Avc)
DRV - [2008-04-13 21:46:10 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msdv.sys -- (MSDV)
DRV - [2008-04-13 20:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2008-04-13 20:45:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008-04-13 18:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008-02-29 04:13:36 | 000,079,120 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2008-02-29 04:13:24 | 000,036,880 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2008-02-29 04:13:16 | 000,035,344 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2008-02-29 04:12:56 | 000,063,120 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042mou.Sys -- (L8042mou)
DRV - [2007-11-29 11:39:52 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2007-11-29 11:39:42 | 000,016,896 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2007-11-29 11:39:42 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2007-11-29 11:39:40 | 000,019,328 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2007-09-07 05:36:20 | 000,304,512 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\averhbtv.sys -- (AVerHybrid) AVerMedia Hybrid Tuner (NTSC/PAL/SECAM/DVB-T/FM)
DRV - [2007-06-04 18:25:14 | 000,016,048 | ---- | M] (Cyberlink Co.,Ltd.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\CLBStor.sys -- (CLBStor)
DRV - [2007-06-04 18:25:12 | 000,162,096 | ---- | M] (CyberLink Corporation.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\CLBUDF.sys -- (CLBUDF)
DRV - [2007-01-04 10:07:00 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2006-12-21 16:26:00 | 004,405,248 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006-09-24 15:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2005-04-25 14:30:19 | 000,025,424 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\iteatapi.sys -- (iteatapi)
DRV - [2005-04-25 14:30:01 | 000,005,824 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ASUSHWIO.SYS -- (Asushwio)
DRV - [2005-03-12 19:48:00 | 000,243,456 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt2500usb.sys -- (rt2500usb) DWL-G122(rev.B)
DRV - [2005-02-21 17:48:38 | 000,452,992 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3)
DRV - [2004-12-23 17:27:56 | 000,027,392 | ---- | M] (Ulead Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ULCDRHlp.sys -- (ULCDRHlp)
DRV - [2004-08-22 16:31:48 | 000,005,248 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\d347prt.sys -- (d347prt)
DRV - [2004-08-22 16:31:10 | 000,155,136 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\d347bus.sys -- (d347bus)
DRV - [2004-08-13 04:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2004-03-08 12:55:50 | 000,013,567 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2001-08-17 22:02:32 | 000,008,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hidgame.sys -- (hidgame)
DRV - [2001-08-17 22:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [1996-04-03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1229272821-1060284298-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1229272821-1060284298-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.onet.pl"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.1
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {eaf8a4ef-d221-45ca-9deb-d0934b45fa34}:1.3.0.3

FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009-08-14 14:18:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-01-07 19:07:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-01-07 19:07:22 | 000,000,000 | ---D | M]

[2008-07-28 21:06:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\Mozilla\Extensions
[2010-03-31 18:39:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\Mozilla\Firefox\Profiles\z7r0ln27.default\extensions
[2009-07-12 20:08:16 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Kuba\Dane aplikacji\Mozilla\Firefox\Profiles\z7r0ln27.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009-08-19 10:39:11 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Kuba\Dane aplikacji\Mozilla\Firefox\Profiles\z7r0ln27.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009-09-18 20:20:24 | 000,000,000 | ---D | M] (OggX (powered by TIME S.A.)) -- C:\Documents and Settings\Kuba\Dane aplikacji\Mozilla\Firefox\Profiles\z7r0ln27.default\extensions\{eaf8a4ef-d221-45ca-9deb-d0934b45fa34}
[2009-01-09 23:19:34 | 000,001,994 | ---- | M] () -- C:\Documents and Settings\Kuba\Dane aplikacji\Mozilla\Firefox\Profiles\z7r0ln27.default\searchplugins\wrzuta.xml
[2008-12-03 20:37:53 | 000,002,126 | ---- | M] () -- C:\Documents and Settings\Kuba\Dane aplikacji\Mozilla\Firefox\Profiles\z7r0ln27.default\searchplugins\wyszukiwanie-filmw-wideo-w-youtube.xml
[2010-03-31 18:39:41 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009-01-28 20:46:54 | 000,307,200 | ---- | M] (ESKA) -- C:\Program Files\Mozilla Firefox\plugins\npOggX.dll
[2009-08-05 21:54:23 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2009-08-05 21:54:23 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2009-08-05 21:54:23 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2009-08-05 21:54:23 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2009-08-05 21:54:23 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2009-08-05 21:54:23 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2009-05-12 21:50:26 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe (Wireless Service)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe (D-Link)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [LGODDFU] C:\Program Files\lg_fwupdate\fwupdate.exe (BitLeader)
O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe (Sonix)
O4 - HKU\.DEFAULT..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\AVer HID Receiver.lnk = C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\AVerQuick.lnk = C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe (AVerMedia TECHNOLOGIES, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1229272821-1060284298-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1229272821-1060284298-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1229272821-1060284298-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1249662866375 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logitech\bluetooth\LBTWlgn.dll - c:\Program Files\Common Files\Logitech\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2009-08-07 15:07:13 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^AVerQuick.lnk - C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe - (AVerMedia TECHNOLOGIES, Inc.)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe - (Hewlett-Packard Co.)
MsConfig - StartUpFolder: C:^Documents and Settings^Kuba^Menu Start^Programy^Autostart^Rejestracja FIFA 09.lnk - D:\PROGRA~1\EASPOR~1\FIFA09~1\Support\EAREGI~1.EXE - File not found
MsConfig - StartUpReg: [b]Ad-Watch[/b] - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: [b]BDRegion[/b] - hkey= - key= - C:\Program Files\CyberLink\Shared Files\brs.exe (cyberlink)
MsConfig - StartUpReg: [b]InstantBurn[/b] - hkey= - key= - C:\Program Files\CyberLink\InstantBurn\Win2K\IBurn.exe (CyberLink Corporation.)
MsConfig - StartUpReg: [b]LanguageShortcut[/b] - hkey= - key= - C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
MsConfig - StartUpReg: [b]NeroFilterCheck[/b] - hkey= - key= - C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
MsConfig - StartUpReg: [b]OM_Monitor[/b] - hkey= - key= - C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe (OLYMPUS IMAGING CORP.)
MsConfig - StartUpReg: [b]RemoteControl[/b] - hkey= - key= - C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: WdfLoadGroup -
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: WdfLoadGroup -
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-04-06 08:13:33 | 000,000,000 | ---D | C] -- C:\_OTL
[2010-04-04 12:58:53 | 000,561,664 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Kuba\Pulpit\OTL.exe
[2010-04-03 22:17:52 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010-04-03 22:17:48 | 000,020,824 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010-04-03 22:17:48 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010-04-02 21:27:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2010-03-31 15:30:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sun
[2010-03-30 16:47:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Pulpit\fwdpolski
[2010-03-24 23:45:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Dane aplikacji\Avira
[2010-03-24 22:30:54 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2010-03-24 22:30:53 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010-03-24 22:30:53 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010-03-24 22:30:53 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2010-03-24 22:30:53 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2010-03-24 22:30:52 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2010-03-24 22:30:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Avira
[2010-03-20 16:55:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\MetaGeek,_LLC
[2010-03-20 16:52:10 | 000,000,000 | ---D | C] -- C:\Program Files\MetaGeek
[2010-03-18 23:15:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Pulpit\powtórzenie
[2010-03-14 21:23:37 | 000,000,000 | ---D | C] -- C:\Program Files\Wise Disk Cleaner
[2010-03-14 21:21:59 | 000,000,000 | ---D | C] -- C:\Program Files\Wise Registry Cleaner
[2010-03-08 15:54:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Pulpit\tn_mp 434
[2010-03-07 11:43:18 | 020,232,288 | ---- | C] ( ) -- C:\Documents and Settings\Kuba\Pulpit\Setup_Nokia_Maps_Updater_1.0.12.exe
[2010-03-02 22:09:18 | 000,000,000 | ---D | C] -- C:\Program Files\Grupa IMAGE
[2010-03-02 22:08:07 | 000,000,000 | ---D | C] -- C:\Program Files\Prawo Jazdy 2010
[2010-02-20 15:55:52 | 000,155,648 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\Oemdspif.dll
[2010-02-20 15:55:51 | 000,208,896 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atipdlxx.dll
[2010-02-20 15:55:51 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\ati2edxx.dll
[2010-02-20 15:55:51 | 000,026,112 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\Ati2mdxx.exe
[2010-02-20 15:55:51 | 000,024,064 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\ativcoxx.dll
[2010-02-20 15:55:38 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2009-07-22 14:24:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2008-10-15 20:31:29 | 000,155,136 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347bus.sys
[2008-10-15 20:31:29 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347prt.sys
[2008-09-14 12:08:50 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll
[2008-09-14 12:08:50 | 000,057,344 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd3.dll
[2008-09-14 12:08:50 | 000,036,864 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll
[2008-07-28 20:33:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2008-07-28 18:41:44 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[2008-07-28 18:41:44 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-04-06 08:25:00 | 000,000,460 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{AB205C06-67A9-4978-B986-F638E4B8C403}.job
[2010-04-06 08:19:00 | 000,000,390 | ---- | M] () -- C:\WINDOWS\lgfwup.ini
[2010-04-06 08:18:19 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-04-06 08:18:11 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-04-06 08:18:09 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-04-06 08:17:14 | 006,815,744 | ---- | M] () -- C:\Documents and Settings\Kuba\NTUSER.DAT
[2010-04-06 08:17:14 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Kuba\ntuser.ini
[2010-04-04 12:58:58 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kuba\Pulpit\OTL.exe
[2010-04-03 22:17:55 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2010-04-03 17:33:31 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010-04-02 15:13:40 | 000,069,120 | ---- | M] () -- C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-03-31 20:32:42 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010-03-29 15:24:58 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010-03-29 15:24:46 | 000,020,824 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010-03-28 20:31:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010-03-25 00:39:35 | 001,583,616 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\LJ15.xls
[2010-03-24 22:31:05 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Avira AntiVir Control Center.lnk
[2010-03-24 22:26:27 | 000,015,511 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\bio.docx
[2010-03-24 16:02:00 | 001,114,778 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-03-24 16:02:00 | 000,499,854 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2010-03-24 16:02:00 | 000,440,820 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-03-24 16:02:00 | 000,089,036 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2010-03-24 16:02:00 | 000,071,138 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-03-21 21:45:52 | 003,828,544 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\Jimmy Eat World-The Middle.mp3
[2010-03-21 21:31:50 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010-03-14 21:23:40 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\Wise Disk Cleaner Free.lnk
[2010-03-14 21:22:03 | 000,000,828 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Wise Registry Cleaner.lnk
[2010-03-14 18:01:56 | 003,414,528 | ---- | M] (Karol Winnicki) -- C:\Documents and Settings\Kuba\Pulpit\BESTplayer.exe
[2010-03-10 19:01:29 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010-03-09 23:37:29 | 002,113,306 | -H-- | M] () -- C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-03-09 17:42:39 | 000,012,777 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\2012.docx
[2010-03-09 15:42:56 | 000,000,349 | ---- | M] () -- C:\Documents and Settings\All Users\Dokumenty\PCLECHAL.INI
[2010-03-07 11:46:03 | 020,232,288 | ---- | M] ( ) -- C:\Documents and Settings\Kuba\Pulpit\Setup_Nokia_Maps_Updater_1.0.12.exe
[2010-03-02 22:09:34 | 000,000,867 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\Prawo Jazdy ABCDT - egzamin wewnętrzny.lnk
[2010-03-02 22:08:33 | 000,001,648 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\Prawo Jazdy 2010.lnk
[2010-03-01 10:05:24 | 000,124,784 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010-02-27 19:55:41 | 000,069,632 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\bez tytuł1.JPG
[2010-02-27 19:51:36 | 000,054,774 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\czupi.JPG
[2010-02-24 22:13:26 | 000,001,502 | ---- | M] () -- C:\Documents and Settings\Kuba\.recently-used.xbel
[2010-02-20 15:56:08 | 000,001,775 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Play The Lord of the Rings Online™ - FREE for 10 Days!.lnk
[2010-02-20 15:49:37 | 000,000,010 | ---- | M] () -- C:\WINDOWS\WININIT.INI
[2010-02-20 13:02:42 | 000,016,384 | ---- | M] (BitLeader) -- C:\WINDOWS\System32\lgfwunis.exe
[2010-02-19 00:17:16 | 000,000,108 | ---- | M] () -- C:\WINDOWS\AVerText.ini
[2010-02-16 19:52:05 | 000,136,709 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\bez tytułu22.JPG
[2010-02-16 19:51:41 | 000,132,650 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\bez tytułu2.JPG
[2010-02-16 14:24:01 | 000,060,936 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-04-03 22:17:55 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2010-03-24 23:46:43 | 001,583,616 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\LJ15.xls
[2010-03-24 22:31:05 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Avira AntiVir Control Center.lnk
[2010-03-24 21:05:52 | 000,015,511 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\bio.docx
[2010-03-21 21:45:23 | 003,828,544 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\Jimmy Eat World-The Middle.mp3
[2010-03-14 21:23:40 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\Wise Disk Cleaner Free.lnk
[2010-03-14 21:22:03 | 000,000,828 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Wise Registry Cleaner.lnk
[2010-03-09 17:37:20 | 000,012,777 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\2012.docx
[2010-03-02 22:09:34 | 000,000,867 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\Prawo Jazdy ABCDT - egzamin wewnętrzny.lnk
[2010-03-02 22:08:33 | 000,001,648 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\Prawo Jazdy 2010.lnk
[2010-02-27 19:46:55 | 000,054,774 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\czupi.JPG
[2010-02-24 22:13:26 | 000,001,502 | ---- | C] () -- C:\Documents and Settings\Kuba\.recently-used.xbel
[2010-02-20 15:56:08 | 000,001,775 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Play The Lord of the Rings Online™ - FREE for 10 Days!.lnk
[2010-02-20 15:55:52 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2010-02-20 15:55:51 | 000,455,520 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.cap
[2010-02-20 15:55:51 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe
[2010-02-20 15:55:51 | 000,198,341 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2010-02-20 15:55:51 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe
[2010-02-20 15:55:51 | 000,031,240 | ---- | C] () -- C:\WINDOWS\System32\atiapfxx.blb
[2010-02-20 15:55:51 | 000,020,274 | ---- | C] () -- C:\WINDOWS\atiogl.xml
[2010-02-20 15:55:51 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2010-02-16 19:52:05 | 000,136,709 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\bez tytułu22.JPG
[2010-02-16 19:51:41 | 000,132,650 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\bez tytułu2.JPG
[2010-02-16 19:51:02 | 000,069,632 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\bez tytuł1.JPG
[2010-02-03 11:41:47 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Kuba\NTUSER.rhk.LOG
[2010-01-19 17:58:00 | 000,076,407 | ---- | C] () -- C:\Documents and Settings\Kuba\Dane aplikacji\Smiley.ico
[2009-08-17 21:30:48 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\AVerIO.dll
[2009-08-17 21:30:48 | 000,003,456 | ---- | C] () -- C:\WINDOWS\System32\AVerIO.sys
[2009-08-17 21:30:42 | 000,565,248 | ---- | C] () -- C:\WINDOWS\System32\sptlib21.dll
[2009-08-17 21:30:42 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\sptlib11.dll
[2009-08-17 21:30:42 | 000,290,816 | ---- | C] () -- C:\WINDOWS\System32\sptlib22.dll
[2009-08-17 21:30:42 | 000,249,856 | ---- | C] () -- C:\WINDOWS\System32\sptlib01.dll
[2009-08-17 21:30:42 | 000,245,760 | ---- | C] () -- C:\WINDOWS\System32\sptlib03.dll
[2009-08-17 21:30:42 | 000,241,664 | ---- | C] () -- C:\WINDOWS\System32\sptlib02.dll
[2009-08-17 21:30:42 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\sptlib12.dll
[2009-08-07 22:36:57 | 000,262,144 | ---- | C] () -- C:\Documents and Settings\All Users\ntuser.dat
[2009-08-07 22:36:57 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\All Users\ntuser.dat.LOG
[2009-08-05 22:09:51 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009-08-05 22:09:48 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009-08-02 00:22:28 | 000,157,352 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2009-07-16 16:08:43 | 000,196,096 | ---- | C] () -- C:\WINDOWS\System32\macd32.dll
[2009-07-16 16:08:43 | 000,138,752 | ---- | C] () -- C:\WINDOWS\System32\mase32.dll
[2009-07-16 16:08:43 | 000,136,192 | ---- | C] () -- C:\WINDOWS\System32\mamc32.dll
[2009-07-16 16:08:43 | 000,057,856 | ---- | C] () -- C:\WINDOWS\System32\masd32.dll
[2009-07-16 16:08:43 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\ma32.dll
[2009-07-15 22:08:31 | 000,003,339 | ---- | C] () -- C:\Documents and Settings\Kuba\mercalli-protocol.txt
[2009-07-15 22:08:22 | 000,003,359 | ---- | C] () -- C:\Documents and Settings\Kuba\heroglyph-protocol.txt
[2009-07-15 17:00:54 | 000,000,390 | ---- | C] () -- C:\WINDOWS\lgfwup.ini
[2009-07-14 18:15:00 | 000,178,432 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009-05-22 22:27:15 | 000,000,108 | ---- | C] () -- C:\WINDOWS\AVerText.ini
[2009-04-23 16:15:21 | 000,815,104 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009-04-23 16:15:21 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009-04-10 12:48:27 | 000,000,028 | ---- | C] () -- C:\WINDOWS\System32\WFD_List.ini
[2008-12-20 21:34:11 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2008-12-20 21:34:02 | 000,005,937 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2008-09-20 09:16:04 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2008-09-15 19:17:08 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\qtmlClient.dll
[2008-09-15 19:17:08 | 000,002,343 | ---- | C] () -- C:\WINDOWS\Graffiti5.2Pin.ini
[2008-09-15 18:55:50 | 000,000,024 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\__FileUploader.log
[2008-09-14 12:08:52 | 000,015,498 | ---- | C] () -- C:\WINDOWS\snpstd3.ini
[2008-09-14 12:08:51 | 000,452,992 | ---- | C] () -- C:\WINDOWS\System32\drivers\snpstd3.sys
[2008-08-28 21:44:06 | 000,860,211 | ---- | C] () -- C:\WINDOWS\System32\XSIFtk-3.6.2.1.dll
[2008-08-22 10:31:38 | 000,000,414 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2008-08-20 14:45:54 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
[2008-08-14 14:18:03 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008-08-13 20:22:44 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\DVResampleru.dll
[2008-08-13 20:06:02 | 000,000,017 | ---- | C] () -- C:\WINDOWS\MovingPicture.ini
[2008-08-13 18:50:52 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
[2008-07-29 16:41:54 | 000,138,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008-07-28 21:07:50 | 000,005,784 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log
[2008-07-28 20:41:13 | 000,069,120 | ---- | C] () -- C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008-07-28 19:29:03 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\JJAKEn.dll
[2008-07-28 19:28:47 | 000,048,640 | ---- | C] () -- C:\WINDOWS\System32\ANIO64.sys
[2008-07-28 19:04:18 | 000,005,810 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2008-07-28 19:04:10 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2008-07-28 18:59:54 | 000,258,048 | ---- | C] () -- C:\WINDOWS\System32\wlanapp.dll
[2008-07-28 18:59:54 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\aIPH.dll
[2008-07-28 18:59:54 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\AQCKGen.dll
[2008-07-28 18:59:54 | 000,045,115 | ---- | C] () -- C:\WINDOWS\System32\ANICtl.dll
[2008-07-28 18:59:45 | 000,315,392 | ---- | C] () -- C:\WINDOWS\System32\ANIOApi.dll
[2008-07-28 18:59:45 | 000,029,411 | ---- | C] () -- C:\WINDOWS\System32\ANIO.sys
[2008-07-28 18:45:31 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\Kuba\ntuser.dat.LOG
[2008-07-28 18:45:31 | 000,000,188 | -HS- | C] () -- C:\Documents and Settings\Kuba\ntuser.ini
[2008-07-28 18:45:30 | 006,815,744 | -H-- | C] () -- C:\Documents and Settings\Kuba\NTUSER.bak
[2008-07-28 18:45:30 | 006,815,744 | ---- | C] () -- C:\Documents and Settings\Kuba\NTUSER.DAT
[2004-08-22 17:04:56 | 000,069,120 | ---- | C] () -- C:\WINDOWS\daemon.dll
[2004-08-04 02:44:10 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[1996-04-03 21:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

[color=#E56717]========== LOP Check ==========[/color]

[2009-09-21 21:35:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVerTV
[2009-08-19 10:48:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Azureus
[2010-02-02 11:42:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Codemasters
[2009-11-26 18:09:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations
[2009-07-15 17:30:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\LightScribe
[2008-12-20 21:35:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MAGIX
[2009-11-26 18:13:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia
[2009-06-15 20:58:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
[2008-08-13 18:54:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Pinnacle
[2008-08-13 18:54:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Pinnacle Studio
[2009-07-16 17:53:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Pinnacle Studio Plus
[2009-07-14 23:04:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Pinnacle Studio Ultimate
[2009-07-16 17:53:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Studio 12
[2010-02-11 12:05:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2009-11-28 11:43:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TrackMania
[2008-07-28 21:54:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ulead Systems
[2009-08-28 22:23:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\Azureus
[2010-02-11 17:14:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\BESTplayer
[2008-08-30 14:13:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\fltk.org
[2008-07-28 22:56:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\Gadu-Gadu
[2010-02-24 22:13:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\gtk-2.0
[2009-01-01 21:59:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\Leadertech
[2009-06-15 20:47:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\Nokia
[2008-08-10 21:06:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\OLYMPUS
[2009-06-15 20:59:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\PC Suite
[2009-07-16 16:49:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\proDAD
[2008-11-15 20:24:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\Teleca
[2010-03-28 20:31:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2010-04-06 08:25:00 | 000,000,460 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{AB205C06-67A9-4978-B986-F638E4B8C403}.job
[2009-03-27 20:54:59 | 000,000,430 | ---- | M] () -- C:\WINDOWS\Tasks\Wise Disk Cleaner 4.job
[2009-02-21 14:13:17 | 000,000,470 | ---- | M] () -- C:\WINDOWS\Tasks\Wise Registry Cleaner 4.job

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2009-08-05 20:26:52 | 000,092,034 | ---- | M] () -- C:\aaw7boot.log
[2008-08-13 19:58:11 | 000,898,018 | ---- | M] () -- C:\adorage-protocol.txt
[2009-07-20 19:47:27 | 000,000,282 | -HS- | M] () -- C:\Boot.BAK
[2009-09-13 21:44:35 | 000,000,282 | -HS- | M] () -- C:\boot.ini
[2004-08-04 14:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2009-04-22 07:28:23 | 000,383,200 | RHS- | M] () -- C:\bootmgr
[2009-07-23 05:35:56 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2004-08-04 00:00:14 | 000,262,400 | ---- | M] () -- C:\cmldr
[2008-07-28 18:41:47 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2008-07-28 18:41:47 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2009-07-15 17:00:14 | 000,000,177 | ---- | M] () -- C:\ITB.log
[2010-04-03 14:37:30 | 000,000,109 | ---- | M] () -- C:\mbam-error.txt
[2008-07-28 18:41:47 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004-08-04 14:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008-07-28 20:24:53 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2010-04-06 08:18:01 | 3221,225,472 | -HS- | M] () -- C:\pagefile.sys


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2004-08-04 14:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys
[2009-08-07 22:48:02 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys
[2009-08-07 22:48:02 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys
[2008-04-13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008-04-13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2004-08-04 14:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009-08-07 22:48:02 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2009-08-07 22:48:02 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008-04-13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008-04-13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2004-08-04 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2004-08-04 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\cache\beep.sys
[2004-08-04 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2004-08-04 14:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2009-08-07 22:48:02 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2009-08-07 22:48:02 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008-04-13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008-04-13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2008-04-14 19:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008-04-14 19:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008-04-13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\cache\ndis.sys
[2008-04-13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2008-04-14 19:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008-04-14 19:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\dllcache\cache\winlogon.exe
[2008-04-14 19:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 489 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:05EE1EEF
< End of report >
[/log]

I MBAM
[log]Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org

Wersja bazy: 3958

Windows 5.1.2600 Dodatek Service Pack 3
Internet Explorer 8.0.6001.18702

2010-04-06 09:41:59
mbam-log-2010-04-06 (09-41-59).txt

Typ skanowania: Pełne skanowanie (C:\|D:\|)
Przeskanowano obiektów: 278271
Upłynęło: 1 godzin(y), 11 minut(y), 54 sekund(y)

Zainfekowanych procesów w pamięci: 0
Zainfekowanych modułów w pamięci: 0
Zainfekowanych kluczy rejestru: 0
Zainfekowanych wartości rejestru: 0
Zainfekowane informacje rejestru systemowego: 0
Zainfekowanych folderów: 0
Zainfekowanych plików: 1

Zainfekowanych procesów w pamięci:
(Nie znaleziono zagrożeń)

Zainfekowanych modułów w pamięci:
(Nie znaleziono zagrożeń)

Zainfekowanych kluczy rejestru:
(Nie znaleziono zagrożeń)

Zainfekowanych wartości rejestru:
(Nie znaleziono zagrożeń)

Zainfekowane informacje rejestru systemowego:
(Nie znaleziono zagrożeń)

Zainfekowanych folderów:
(Nie znaleziono zagrożeń)

Zainfekowanych plików:
C:\Documents and Settings\Kuba\Pulpit\super_pi_mod-1.5\super_pi_mod.exe (Malware.Packer.Krunchy) -> Quarantined and deleted successfully.
[/log]

Mateusz J.
komentarz
komentarz

Czysto.
Odpal opcję CleanUP w oknie OTL.

Buster
komentarz
komentarz

Dzięki bardzo ;)

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.