Zablokowana Możliwość Instalacji

13 kwietnia 2010

Witajcie mam ten sam problem. Chcialem zainstalowac nowszego avasta. Odinstalowalem starego i nowego juz nie moglem wgrac a error wyglada tak :An erroe 1006(000003EE) has occured. Last performed operation was: opening the self-extract archiwe. Try to download setup file again. If you use Internet explorer, clear it's cachce before downloading : Start-> Control Panel -> Internet Options and Delete Temporary Internet files. Moj system operacyjny to vista home basic. Wykonalem czynnosci podane w erorze ale to nic nie dalo. Prosze o pilna pomoc.
[log]OTL logfile created on: 2010-04-13 09:03:26 - Run 1
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Users\Przemek\Documents\Downloads
Windows Vista Home Basic Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 56,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 147,38 Gb Total Space | 30,03 Gb Free Space | 20,37% Space Free | Partition Type: NTFS
Drive D: | 73,69 Gb Total Space | 9,83 Gb Free Space | 13,34% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 10,84 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: PRZEMEK-PC
Current User Name: Przemek
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-04-13 08:53:54 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Users\Przemek\Documents\Downloads\OTL.exe
PRC - [2010-03-28 05:13:16 | 000,530,416 | ---- | M] (Google Inc.) -- C:\Users\Przemek\AppData\Local\Google\Chrome\Application\chrome.exe
PRC - [2010-03-26 21:00:44 | 003,250,576 | ---- | M] (Xfire Inc.) -- C:\Program Files\Xfire\xfire.exe
PRC - [2010-03-19 08:53:53 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Users\Przemek\AppData\Local\Google\Update\1.2.183.23\GoogleCrashHandler.exe
PRC - [2010-02-02 00:32:16 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2010-02-02 00:32:14 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2009-09-30 21:44:36 | 000,133,104 | ---- | M] (Google Inc.) -- C:\Users\Przemek\AppData\Local\Google\Update\GoogleUpdate.exe
PRC - [2009-09-10 16:47:51 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe
PRC - [2009-05-30 11:47:02 | 000,114,688 | ---- | M] () -- C:\Program Files\PLAY ONLINE\PLAY ONLINE.exe
PRC - [2009-05-08 22:48:32 | 000,604,416 | ---- | M] (TuneUp Software) -- C:\Windows\System32\TUProgSt.exe
PRC - [2009-03-30 18:52:13 | 000,045,056 | ---- | M] (TMRG, Inc.) -- C:\Program Files\RelevantKnowledge\rlservice.exe
PRC - [2009-03-03 03:59:26 | 000,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe
PRC - [2008-10-29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008-09-21 10:43:43 | 001,232,896 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe
PRC - [2007-11-04 00:30:30 | 000,308,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe
PRC - [2007-11-04 00:30:30 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe
PRC - [2007-11-04 00:29:35 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe
PRC - [2007-11-04 00:14:38 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe
PRC - [2007-11-04 00:12:45 | 002,605,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe
PRC - [2007-11-04 00:01:27 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe
PRC - [2007-11-03 23:32:31 | 001,006,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007-10-12 00:00:16 | 000,610,304 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\Ati2evxx.exe
PRC - [2007-07-17 21:13:56 | 000,049,152 | ---- | M] (Advanced Micro Devices Inc.) -- c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
PRC - [2007-07-17 21:13:34 | 000,049,152 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
PRC - [2007-05-28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2007-04-10 17:01:32 | 004,431,872 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2006-11-22 18:31:26 | 000,630,784 | ---- | M] (Motorola Inc.) -- C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
PRC - [2006-11-02 14:34:59 | 000,895,488 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
PRC - [2006-11-02 14:34:59 | 000,201,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
PRC - [2006-11-02 14:34:02 | 000,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe
PRC - [2006-11-02 11:45:50 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
PRC - [2006-11-02 11:45:49 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskmgr.exe
PRC - [2006-11-02 11:45:48 | 000,166,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe
PRC - [2006-11-02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2006-11-02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2006-11-02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2006-11-02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2006-11-02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2006-11-02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2006-11-02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2006-11-02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2006-11-02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2006-11-02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2006-11-02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2006-11-02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2006-11-02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2006-11-02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2006-11-02 11:45:46 | 000,124,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe
PRC - [2006-11-02 11:45:40 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe
PRC - [2006-11-02 11:45:21 | 000,210,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe
PRC - [2006-11-02 11:45:00 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe
PRC - [2006-11-02 11:44:59 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe

[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-04-13 08:53:54 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Users\Przemek\Documents\Downloads\OTL.exe
MOD - [2010-03-26 21:00:54 | 000,956,816 | ---- | M] (Xfire Inc.) -- C:\Program Files\Xfire\xfire_toucan_42127.dll
MOD - [2009-10-19 16:39:09 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll
MOD - [2009-09-10 19:31:03 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll
MOD - [2009-07-17 16:52:41 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll
MOD - [2009-04-23 15:01:43 | 000,788,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll
MOD - [2009-02-13 09:26:37 | 000,875,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll
MOD - [2008-11-06 14:59:14 | 011,320,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll
MOD - [2008-10-21 07:16:20 | 000,297,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll
MOD - [2008-10-16 06:22:27 | 000,425,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll
MOD - [2008-09-21 10:45:59 | 001,585,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll
MOD - [2008-09-21 10:45:42 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll
MOD - [2008-09-21 10:45:39 | 000,559,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll
MOD - [2007-11-04 01:08:50 | 000,255,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv
MOD - [2007-11-04 01:02:39 | 000,339,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll
MOD - [2007-11-04 00:39:06 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.20656_none_463680b8218be5a3\comctl32.dll
MOD - [2007-11-04 00:31:19 | 001,314,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll
MOD - [2007-11-04 00:29:51 | 000,633,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll
MOD - [2007-11-04 00:29:09 | 000,454,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll
MOD - [2007-11-03 23:47:46 | 000,681,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll
MOD - [2006-11-02 14:35:02 | 000,138,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll
MOD - [2006-11-02 11:47:26 | 001,162,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll
MOD - [2006-11-02 11:46:16 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll
MOD - [2006-11-02 11:46:14 | 000,288,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll
MOD - [2006-11-02 11:46:14 | 000,193,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winmm.dll
MOD - [2006-11-02 11:46:14 | 000,178,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll
MOD - [2006-11-02 11:46:14 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wsock32.dll
MOD - [2006-11-02 11:46:13 | 001,064,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll
MOD - [2006-11-02 11:46:13 | 000,994,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll
MOD - [2006-11-02 11:46:13 | 000,502,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll
MOD - [2006-11-02 11:46:13 | 000,240,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll
MOD - [2006-11-02 11:46:13 | 000,107,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll
MOD - [2006-11-02 11:46:13 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll
MOD - [2006-11-02 11:46:13 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll
MOD - [2006-11-02 11:46:12 | 000,733,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll
MOD - [2006-11-02 11:46:12 | 000,214,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleacc.dll
MOD - [2006-11-02 11:46:12 | 000,120,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll
MOD - [2006-11-02 11:46:12 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll
MOD - [2006-11-02 11:46:12 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll
MOD - [2006-11-02 11:46:12 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll
MOD - [2006-11-02 11:46:12 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll
MOD - [2006-11-02 11:46:07 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msimg32.dll
MOD - [2006-11-02 11:46:06 | 000,805,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll
MOD - [2006-11-02 11:46:05 | 000,115,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll
MOD - [2006-11-02 11:46:05 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll
MOD - [2006-11-02 11:46:02 | 000,770,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll
MOD - [2006-11-02 11:46:02 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll
MOD - [2006-11-02 11:46:02 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll
MOD - [2006-11-02 11:46:02 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authz.dll
MOD - [2003-02-21 04:42:22 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcr71.dll

[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2009-06-30 21:16:56 | 000,054,760 | ---- | M] () [Auto | Stopped] -- C:\ProgramData\SeekappSrch\seekapp143.exe -- (SeekappSrch Service)
SRV - [2009-06-22 17:44:00 | 003,087,772 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2009-05-08 22:48:32 | 000,604,416 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\TUProgSt.exe -- (TuneUp.ProgramStatisticsSvc)
SRV - [2009-05-08 22:48:29 | 000,361,216 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Windows\System32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2009-04-27 14:21:36 | 000,028,928 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2009-03-30 18:52:13 | 000,045,056 | ---- | M] (TMRG, Inc.) [Auto | Running] -- C:\Program Files\RelevantKnowledge\rlservice.exe -- (RelevantKnowledge)
SRV - [2008-08-07 11:17:30 | 000,575,488 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007-11-03 23:32:31 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007-05-28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2009-09-23 10:41:58 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009-04-10 22:34:06 | 000,278,984 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2009-04-10 22:34:06 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2008-09-26 18:04:10 | 000,101,760 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008-09-21 12:49:23 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2007-11-04 01:07:49 | 000,020,152 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2007-11-04 01:07:49 | 000,019,128 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2007-11-04 01:07:49 | 000,017,592 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007-10-12 00:13:16 | 003,155,456 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2007-09-17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007-07-02 17:37:10 | 000,131,616 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvrd32.sys -- (nvrd32)
DRV - [2007-07-02 17:37:08 | 000,110,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2007-06-13 23:47:12 | 000,048,256 | ---- | M] (JMicron Technology Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\jraid.sys -- (JRAID)
DRV - [2007-05-02 12:11:18 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2007-05-02 12:11:18 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2007-05-02 12:11:16 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)
DRV - [2007-04-10 20:05:38 | 001,764,960 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007-04-04 05:57:00 | 000,046,592 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\itecir.sys -- (itecir)
DRV - [2007-02-25 06:14:00 | 002,216,448 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel(R)
DRV - [2007-02-16 16:18:38 | 000,070,144 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2007-02-12 14:36:54 | 000,277,784 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2006-11-22 18:35:00 | 000,982,272 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2006-11-02 11:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006-11-02 11:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006-11-02 11:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006-11-02 11:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006-11-02 11:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006-11-02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006-11-02 11:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006-11-02 11:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006-11-02 11:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006-11-02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006-11-02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006-11-02 11:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006-11-02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006-11-02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006-11-02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006-11-02 11:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006-11-02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006-11-02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006-11-02 11:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006-11-02 11:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006-11-02 11:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006-11-02 11:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006-11-02 11:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006-11-02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006-11-02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006-11-02 11:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006-11-02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006-11-02 11:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006-11-02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006-11-02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006-11-02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006-11-02 11:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006-11-02 10:57:06 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\irsir.sys -- (irsir)
DRV - [2006-11-02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006-11-02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006-11-02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006-11-02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006-11-02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006-11-02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006-11-02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006-11-02 09:30:54 | 001,781,760 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R)
DRV - [2006-11-02 09:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2006-07-24 17:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2002-07-17 15:20:32 | 000,084,832 | ---- | M] (Adaptec) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ASPI32.SYS -- (ASPI)
DRV - [1996-04-03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\drivers\giveio.sys -- (giveio)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Local Page = http://start.warez.com/

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1840288614-1321457493-1999016952-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1840288614-1321457493-1999016952-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1840288614-1321457493-1999016952-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: "Winamp Search"
FF - prefs.js..browser.search.defaulturl: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50-ff-shoutcast-chromesbox-en-us&query="
FF - prefs.js..browser.search.order.1: "Crawler Search"
FF - prefs.js..browser.search.selectedEngine: "Winamp Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.0.2
FF - prefs.js..extensions.enabledItems: en-GB@dictionaries.addons.mozilla.org:1.19
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.6
FF - prefs.js..extensions.enabledItems: {c50ca3c4-5656-43c2-a061-13e717f73fc8}:2.02
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.1.2
FF - prefs.js..extensions.enabledItems: foxyproxy@eric.h.jung:2.16.1
FF - prefs.js..extensions.enabledItems: {4548ECB8-DA60-439A-A00D-5C893F8E1F9A}:1.0
FF - prefs.js..extensions.enabledItems: NPDyyno@dyyno.com:1.0.0.26
FF - prefs.js..extensions.enabledItems: {12e4c684-c03e-4e4d-85bc-0c065e7a9489}:5.23.2.10
FF - prefs.js..extensions.enabledItems: {07b2a769-ed19-4483-87ce-c643914c81bb}:3.0.0.29
FF - prefs.js..keyword.URL: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50-ff-shoutcast-ab-en-us&query="

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-02-01 20:03:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-03-05 22:35:44 | 000,000,000 | ---D | M]

[2008-09-23 00:15:40 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\mozilla\Extensions
[2010-03-27 08:47:25 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\sennxc7k.default\extensions
[2009-04-26 02:48:21 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\sennxc7k.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2009-04-26 02:48:03 | 000,000,000 | ---D | M] (Vista-aero) -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\sennxc7k.default\extensions\{07b2a769-ed19-4483-87ce-c643914c81bb}
[2010-02-05 21:59:57 | 000,000,000 | ---D | M] (SHOUTcast Radio Toolbar) -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\sennxc7k.default\extensions\{12e4c684-c03e-4e4d-85bc-0c065e7a9489}
[2009-07-30 12:01:44 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\sennxc7k.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2008-10-23 22:57:28 | 000,000,000 | ---D | M] (Aero Fox) -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\sennxc7k.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}
[2009-07-30 12:23:19 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\sennxc7k.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2008-10-23 22:59:43 | 000,000,000 | ---D | M] (HalloFF) -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\sennxc7k.default\extensions\{bbf8fc30-5280-11db-b0de-0800200c9a66}
[2009-04-26 02:48:22 | 000,000,000 | ---D | M] (Fast Video Download) -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\sennxc7k.default\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}
[2009-05-08 22:52:07 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\sennxc7k.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009-04-09 00:20:41 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\sennxc7k.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2008-09-24 19:37:50 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\sennxc7k.default\extensions\bkmrksync@nokia.com
[2009-03-10 20:07:07 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\sennxc7k.default\extensions\brief@mozdev.org
[2009-04-09 00:25:49 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\sennxc7k.default\extensions\en-GB@dictionaries.addons.mozilla.org
[2009-12-20 17:52:11 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\sennxc7k.default\extensions\foxyproxy@eric.h.jung
[2009-04-26 02:48:02 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\sennxc7k.default\extensions\nasanightlaunch@example.com
[2009-08-02 09:40:25 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\sennxc7k.default\extensions\NPDyyno@dyyno.com
[2009-04-26 02:48:21 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\sennxc7k.default\extensions\treestyletab@piro.sakura.ne.jp
[2009-08-02 09:40:30 | 000,009,941 | ---- | M] () -- C:\Users\Przemek\AppData\Roaming\Mozilla\FireFox\Profiles\sennxc7k.default\searchplugins\mywebsearch.xml
[2008-05-04 15:34:38 | 000,001,048 | ---- | M] () -- C:\Users\Przemek\AppData\Roaming\Mozilla\FireFox\Profiles\sennxc7k.default\searchplugins\WarezSearch.xml
[2010-02-05 22:00:20 | 000,001,238 | ---- | M] () -- C:\Users\Przemek\AppData\Roaming\Mozilla\FireFox\Profiles\sennxc7k.default\searchplugins\winamp-search.xml
[2009-09-09 16:56:33 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009-07-01 22:31:10 | 000,000,000 | ---D | M] (Seekapp) -- C:\Program Files\Mozilla Firefox\extensions\{4548ECB8-DA60-439A-A00D-5C893F8E1F9A}
[2009-10-06 11:40:40 | 000,098,304 | ---- | M] (OGPlanet Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npOGPPlugin.dll
[2009-12-27 09:29:49 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2007-07-26 14:05:16 | 000,001,329 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
[2009-12-27 09:29:49 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2009-12-27 09:29:50 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2009-12-27 09:29:50 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2009-04-29 17:09:31 | 000,002,383 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seekapp137.xml
[2009-05-08 22:42:10 | 000,002,383 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seekapp139.xml
[2009-07-01 22:31:11 | 000,002,383 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seekapp143.xml
[2009-12-27 09:29:50 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2009-12-27 09:29:50 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2006-09-18 23:41:30 | 000,000,736 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\Przemek\AppData\Roaming\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-1840288614-1321457493-1999016952-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [recinfo863] c:\RecInfo\RecInfo.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - Startup: C:\Users\Krystyna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PLAY ONLINE.lnk = C:\Program Files\PLAY ONLINE\PLAY ONLINE.exe ()
O4 - Startup: C:\Users\Przemek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\Przemek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk = C:\Program Files\Xfire\xfire.exe (Xfire Inc.)
O7 - HKU\S-1-5-21-1840288614-1321457493-1999016952-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} http://www.acclaim.com/cabs/acclaim_v5.cab (GameLauncher Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697514} http://www.nullsoft.com/nsv/embed/nsvplayx_vp3_mp3.cab (NsvPlayX Control)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Przemek\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\Przemek\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008-04-24 15:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) - I:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2007-11-07 17:41:52 | 000,000,047 | R--- | M] () - I:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{773e60f3-f110-11dd-b55c-00030d84511d}\Shell - "" = AutoRun
O33 - MountPoints2\{773e60f3-f110-11dd-b55c-00030d84511d}\Shell\AutoRun\command - "" = H:\AUTORUN.EXE -- File not found
O33 - MountPoints2\{8c5f1b89-4cfd-11de-b2be-00030d84511d}\Shell - "" = AutoRun
O33 - MountPoints2\{8c5f1b89-4cfd-11de-b2be-00030d84511d}\Shell\AutoRun\command - "" = I:\AutoRun.exe -- [2008-04-24 15:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{8c5f1ba8-4cfd-11de-b2be-00030d84511d}\Shell - "" = AutoRun
O33 - MountPoints2\{8c5f1ba8-4cfd-11de-b2be-00030d84511d}\Shell\AutoRun\command - "" = I:\AutoRun.exe -- [2008-04-24 15:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\AutoRun.exe -- [2008-04-24 15:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (TuneUp Software)
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias [2006-11-02 13:18:47 | 000,000,000 | ---D | M]
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0

SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-04-11 11:44:04 | 000,000,000 | ---D | C] -- C:\ProgramData\TreeCardGames
[2010-04-11 11:43:38 | 000,000,000 | ---D | C] -- C:\Program Files\MahJong Suite
[2010-04-11 11:37:04 | 000,000,000 | ---D | C] -- C:\Program Files\MyPlayCity.com
[2010-04-05 16:31:05 | 000,000,000 | ---D | C] -- C:\Program Files\Tetriz
[2010-03-29 19:53:28 | 000,000,000 | ---D | C] -- C:\Users\Przemek\Desktop\dupa
[2010-03-19 12:56:22 | 000,000,000 | ---D | C] -- C:\Program Files\FLVPlayer
[2010-03-19 08:48:22 | 000,000,000 | ---D | C] -- C:\Users\Przemek\AppData\Roaming\EurekaLog
[2010-03-14 02:31:54 | 000,000,000 | ---D | C] -- C:\Users\Przemek\dwhelper
[2010-03-03 20:41:12 | 000,000,000 | ---D | C] -- C:\Users\Przemek\AppData\Roaming\Ferro Software
[2010-02-23 20:58:30 | 000,000,000 | ---D | C] -- C:\Infonetax
[2010-02-23 02:52:12 | 000,000,000 | ---D | C] -- C:\Users\Przemek\WapSter
[2010-02-23 02:51:38 | 000,000,000 | ---D | C] -- C:\Program Files\WapSter
[2010-02-23 02:40:05 | 000,000,000 | ---D | C] -- C:\Users\Przemek\AppData\Roaming\OpenOffice.org
[2010-02-23 02:38:01 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-04-13 09:04:28 | 003,932,160 | -HS- | M] () -- C:\Users\Przemek\ntuser.dat
[2010-04-13 09:00:00 | 000,000,508 | ---- | M] () -- C:\Windows\tasks\1-Click Maintenance.job
[2010-04-13 08:58:00 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1840288614-1321457493-1999016952-1000UA.job
[2010-04-13 08:28:23 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010-04-13 08:28:22 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010-04-13 08:28:22 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010-04-13 08:28:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010-04-13 08:27:11 | 004,789,213 | -H-- | M] () -- C:\Users\Przemek\AppData\Local\IconCache.db
[2010-04-12 19:12:49 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{5E089632-8E9B-44C4-A369-156C380EF725}.job
[2010-04-12 16:27:48 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{2D32B598-9AD8-42B2-B3BB-8AF182A35469}.job
[2010-04-11 11:43:42 | 000,000,763 | ---- | M] () -- C:\Users\Public\Desktop\MahJong Suite.lnk
[2010-04-11 11:37:07 | 000,001,855 | ---- | M] () -- C:\Users\Przemek\Desktop\Play Online Games.lnk
[2010-04-11 11:37:07 | 000,001,820 | ---- | M] () -- C:\Users\Przemek\Desktop\MyPlayCity Games.lnk
[2010-04-11 11:37:06 | 000,001,929 | ---- | M] () -- C:\Users\Przemek\Desktop\My Free Mahjong.lnk
[2010-04-07 07:58:00 | 000,001,014 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1840288614-1321457493-1999016952-1000Core.job
[2010-04-02 02:59:47 | 000,006,039 | ---- | M] () -- C:\Users\Przemek\Desktop\Bez tytułu.jpg
[2010-04-01 08:15:45 | 000,002,058 | ---- | M] () -- C:\Users\Przemek\Desktop\Google Chrome.lnk
[2010-03-29 07:52:56 | 001,353,382 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010-03-29 07:52:56 | 000,618,470 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010-03-29 07:52:56 | 000,544,794 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2010-03-29 07:52:56 | 000,107,614 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010-03-29 07:52:56 | 000,091,572 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2010-03-26 21:00:50 | 000,041,872 | ---- | M] () -- C:\Windows\System32\xfcodec.dll
[2010-03-26 08:07:31 | 004,746,794 | ---- | M] () -- C:\Users\Przemek\Desktop\pendulum - masochist.mp3
[2010-03-26 08:03:57 | 005,912,900 | ---- | M] () -- C:\Users\Przemek\Desktop\pendulum & freestylers - fasten your seatbelts.mp3.mp3
[2010-03-24 11:35:08 | 000,165,444 | ---- | M] () -- C:\Users\Przemek\Desktop\ban.jpg
[2010-03-10 17:33:25 | 000,128,611 | ---- | M] () -- C:\Users\Przemek\Desktop\oceny.jpg
[2010-03-05 10:53:21 | 000,001,001 | ---- | M] () -- C:\Users\Przemek\Desktop\WoW.lnk
[2010-03-04 21:15:09 | 000,034,004 | ---- | M] () -- C:\Users\Przemek\Desktop\2591_90_czacha_osemka_big.jpg
[2010-03-04 19:03:07 | 000,000,834 | ---- | M] () -- C:\Users\Przemek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk
[2010-03-04 15:42:11 | 000,056,320 | ---- | M] () -- C:\Users\Przemek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-03-03 21:03:52 | 000,000,189 | ---- | M] () -- C:\Windows\win.ini
[2010-02-25 20:24:32 | 000,077,720 | ---- | M] () -- C:\Users\Przemek\AppData\Local\GDIPFONTCACHEV1.DAT
[2010-02-25 15:47:47 | 000,326,248 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010-02-23 02:51:52 | 000,000,878 | ---- | M] () -- C:\Users\Przemek\Desktop\AQQ.lnk
[2010-02-23 02:47:20 | 000,002,432 | ---- | M] () -- C:\Users\Przemek\AppData\Local\TempYd5200.html
[2010-02-23 02:47:20 | 000,002,089 | ---- | M] () -- C:\Users\Przemek\AppData\Local\TempKE5200.html
[2010-02-23 02:41:02 | 000,000,994 | ---- | M] () -- C:\Users\Przemek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
[2010-02-23 02:39:08 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.2.lnk
[2010-02-23 02:09:03 | 000,002,432 | ---- | M] () -- C:\Users\Przemek\AppData\Local\TempbS5680.html
[2010-02-23 02:09:03 | 000,002,089 | ---- | M] () -- C:\Users\Przemek\AppData\Local\TempOm5680.html
[2010-02-22 16:58:02 | 000,002,432 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Tempxr2072.html
[2010-02-22 16:58:02 | 000,002,089 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Tempvz2072.html
[2010-02-20 01:13:56 | 000,002,432 | ---- | M] () -- C:\Users\Przemek\AppData\Local\TempDn4356.html
[2010-02-20 01:13:56 | 000,002,089 | ---- | M] () -- C:\Users\Przemek\AppData\Local\TempWs4356.html
[2010-02-19 21:36:36 | 000,002,432 | ---- | M] () -- C:\Users\Przemek\AppData\Local\TempVD2936.html
[2010-02-19 21:36:36 | 000,002,089 | ---- | M] () -- C:\Users\Przemek\AppData\Local\TempRm2936.html
[2010-02-19 11:48:36 | 000,002,432 | ---- | M] () -- C:\Users\Przemek\AppData\Local\TempfQ1340.html
[2010-02-19 11:48:36 | 000,002,089 | ---- | M] () -- C:\Users\Przemek\AppData\Local\TempAc1340.html
[2010-02-18 19:50:23 | 000,002,432 | ---- | M] () -- C:\Users\Przemek\AppData\Local\TempwG3224.html
[2010-02-18 19:50:23 | 000,002,089 | ---- | M] () -- C:\Users\Przemek\AppData\Local\TempuM3224.html
[2010-02-17 22:15:39 | 000,002,432 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Tempdt5204.html
[2010-02-17 22:15:39 | 000,002,089 | ---- | M] () -- C:\Users\Przemek\AppData\Local\TempDu5204.html
[2010-02-17 19:23:28 | 000,002,432 | ---- | M] () -- C:\Users\Przemek\AppData\Local\TempoO6112.html
[2010-02-17 19:23:28 | 000,002,089 | ---- | M] () -- C:\Users\Przemek\AppData\Local\TempJi6112.html
[2010-02-17 17:20:42 | 000,002,432 | ---- | M] () -- C:\Users\Przemek\AppData\Local\TempnX5528.html
[2010-02-17 17:20:41 | 000,002,089 | ---- | M] () -- C:\Users\Przemek\AppData\Local\TempVb5528.html
[2010-02-16 20:16:13 | 000,002,432 | ---- | M] () -- C:\Users\Przemek\AppData\Local\TempxT5672.html
[2010-02-16 20:16:13 | 000,002,089 | ---- | M] () -- C:\Users\Przemek\AppData\Local\TempRw5672.html
[2010-02-16 03:19:32 | 000,002,432 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Tempxp5608.html
[2010-02-16 03:19:32 | 000,002,089 | ---- | M] () -- C:\Users\Przemek\AppData\Local\TempGl5608.html
[2010-02-15 20:52:18 | 000,002,432 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Tempiq4256.html
[2010-02-15 20:52:18 | 000,002,089 | ---- | M] () -- C:\Users\Przemek\AppData\Local\TempCA4256.html
[2010-02-13 09:35:36 | 000,002,432 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Tempfl4720.html
[2010-02-13 09:35:36 | 000,002,089 | ---- | M] () -- C:\Users\Przemek\AppData\Local\TempeD4720.html
[2010-02-13 09:25:07 | 000,002,432 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Tempxx1440.html
[2010-02-13 09:25:07 | 000,002,089 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Tempqn1440.html
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-04-11 11:43:42 | 000,000,763 | ---- | C] () -- C:\Users\Public\Desktop\MahJong Suite.lnk
[2010-04-11 11:37:07 | 000,001,855 | ---- | C] () -- C:\Users\Przemek\Desktop\Play Online Games.lnk
[2010-04-11 11:37:07 | 000,001,820 | ---- | C] () -- C:\Users\Przemek\Desktop\MyPlayCity Games.lnk
[2010-04-11 11:37:06 | 000,001,929 | ---- | C] () -- C:\Users\Przemek\Desktop\My Free Mahjong.lnk
[2010-04-10 15:33:20 | 000,271,046 | ---- | C] () -- C:\Users\Przemek\Desktop\Silnik od esioka.amr
[2010-04-10 15:33:00 | 000,276,588 | ---- | C] () -- C:\Users\Przemek\Desktop\Music Has Power by jonny.nth
[2010-04-10 15:32:42 | 000,056,582 | ---- | C] () -- C:\Users\Przemek\Desktop\Budzik.amr
[2010-04-02 02:59:46 | 000,006,039 | ---- | C] () -- C:\Users\Przemek\Desktop\Bez tytułu.jpg
[2010-03-26 21:00:50 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2010-03-26 08:10:35 | 001,116,024 | ---- | C] () -- C:\Users\Przemek\Desktop\forumnokia.plmotywgif.nth
[2010-03-26 08:03:33 | 004,746,794 | ---- | C] () -- C:\Users\Przemek\Desktop\pendulum - masochist.mp3
[2010-03-26 08:02:18 | 005,912,900 | ---- | C] () -- C:\Users\Przemek\Desktop\pendulum & freestylers - fasten your seatbelts.mp3.mp3
[2010-03-24 11:35:08 | 000,165,444 | ---- | C] () -- C:\Users\Przemek\Desktop\ban.jpg
[2010-03-10 17:33:24 | 000,128,611 | ---- | C] () -- C:\Users\Przemek\Desktop\oceny.jpg
[2010-03-05 10:53:21 | 000,001,001 | ---- | C] () -- C:\Users\Przemek\Desktop\WoW.lnk
[2010-03-04 21:15:09 | 000,034,004 | ---- | C] () -- C:\Users\Przemek\Desktop\2591_90_czacha_osemka_big.jpg
[2010-03-04 19:03:07 | 000,000,834 | ---- | C] () -- C:\Users\Przemek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk
[2010-02-23 02:51:52 | 000,000,878 | ---- | C] () -- C:\Users\Przemek\Desktop\AQQ.lnk
[2010-02-23 02:42:06 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempYd5200.html
[2010-02-23 02:42:06 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempKE5200.html
[2010-02-23 02:41:02 | 000,000,994 | ---- | C] () -- C:\Users\Przemek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
[2010-02-23 02:39:08 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.2.lnk
[2010-02-23 01:51:29 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempbS5680.html
[2010-02-23 01:51:29 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempOm5680.html
[2010-02-22 16:42:30 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\Tempxr2072.html
[2010-02-22 16:42:30 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\Tempvz2072.html
[2010-02-19 21:50:31 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempDn4356.html
[2010-02-19 21:50:31 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempWs4356.html
[2010-02-19 19:16:57 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempVD2936.html
[2010-02-19 19:16:57 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempRm2936.html
[2010-02-19 11:06:14 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempfQ1340.html
[2010-02-19 11:06:14 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempAc1340.html
[2010-02-18 13:07:20 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempwG3224.html
[2010-02-18 13:07:20 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempuM3224.html
[2010-02-17 21:13:53 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\Tempdt5204.html
[2010-02-17 21:13:53 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempDu5204.html
[2010-02-17 19:18:33 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempoO6112.html
[2010-02-17 19:18:33 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempJi6112.html
[2010-02-17 13:38:02 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempnX5528.html
[2010-02-17 13:38:02 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempVb5528.html
[2010-02-16 19:58:21 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempxT5672.html
[2010-02-16 19:58:21 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempRw5672.html
[2010-02-16 02:50:42 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\Tempxp5608.html
[2010-02-16 02:50:42 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempGl5608.html
[2010-02-15 20:51:52 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\Tempiq4256.html
[2010-02-15 20:51:52 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempCA4256.html
[2010-02-13 09:26:57 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\Tempfl4720.html
[2010-02-13 09:26:57 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempeD4720.html
[2010-02-13 09:22:12 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\Tempxx1440.html
[2010-02-13 09:22:12 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\Tempqn1440.html
[2010-02-11 21:03:31 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempTP4664.html
[2010-02-11 21:03:31 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempMB4664.html
[2010-02-11 17:00:39 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\Templn3124.html
[2010-02-11 17:00:39 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TemprX3124.html
[2010-02-11 13:05:26 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempfQ2136.html
[2010-02-11 13:05:26 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempdH2136.html
[2010-02-10 17:42:59 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempzH2784.html
[2010-02-10 17:42:59 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempuJ2784.html
[2010-02-09 20:36:12 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\Templf2440.html
[2010-02-09 20:36:12 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempFh2440.html
[2010-02-09 14:58:52 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempVp2892.html
[2010-02-09 14:58:52 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempRo2892.html
[2010-02-08 20:44:01 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempnA5084.html
[2010-02-08 20:44:01 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempEy5084.html
[2010-02-07 20:02:24 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\Temppi3044.html
[2010-02-07 20:02:24 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\Tempet3044.html
[2010-02-06 10:15:19 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempIn2564.html
[2010-02-06 10:15:19 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempLP2564.html
[2010-02-05 22:00:04 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\Tempvo5508.html
[2010-02-05 22:00:04 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempNp5508.html
[2010-02-04 14:47:58 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempHQ4896.html
[2010-02-04 14:47:58 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempPd4896.html
[2010-02-03 20:58:46 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempML3064.html
[2010-02-03 20:58:46 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\Tempdi3064.html
[2010-02-02 18:26:57 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempJu1808.html
[2010-02-02 18:26:57 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempxD1808.html
[2010-02-01 19:07:57 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempKD4508.html
[2010-02-01 19:07:57 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempBQ4508.html
[2010-02-01 16:07:59 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempiZ4524.html
[2010-02-01 16:07:59 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempHK4524.html
[2010-01-31 13:55:40 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\Tempsu4596.html
[2010-01-31 13:55:40 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempJe4596.html
[2010-01-31 08:56:22 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TemptS4388.html
[2010-01-31 08:56:22 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempEO4388.html
[2010-01-30 21:51:27 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\Tempzg1384.html
[2010-01-30 21:51:27 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempkO1384.html
[2010-01-30 17:37:32 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempQF4980.html
[2010-01-30 17:37:32 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempkV4980.html
[2010-01-30 12:52:59 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempMP6132.html
[2010-01-30 12:52:59 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TemppQ6132.html
[2010-01-30 01:12:23 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempOm5660.html
[2010-01-30 01:12:23 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempxE5660.html
[2010-01-29 17:17:20 | 000,000,095 | ---- | C] () -- C:\Users\Przemek\AppData\Local\fusioncache.dat
[2010-01-28 19:59:59 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempUk5700.html
[2010-01-28 19:59:59 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempAK5700.html
[2010-01-27 11:50:50 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempBv3528.html
[2010-01-27 11:50:50 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempCh3528.html
[2010-01-26 09:41:22 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempSm4108.html
[2010-01-26 09:41:22 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\Tempvr4108.html
[2010-01-25 16:44:49 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempHS2688.html
[2010-01-25 16:44:49 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempTR2688.html
[2010-01-25 10:49:20 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempXk2556.html
[2010-01-25 10:49:20 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempKE2556.html
[2010-01-24 21:16:47 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempIm2220.html
[2010-01-24 21:16:47 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempAw2220.html
[2010-01-24 14:45:09 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempqF5848.html
[2010-01-24 14:45:09 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\Tempws5848.html
[2010-01-24 09:13:25 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\Templg2232.html
[2010-01-24 09:13:25 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempXM2232.html
[2010-01-23 21:49:23 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempRT3268.html
[2010-01-23 21:49:22 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempkV3268.html
[2010-01-23 15:41:22 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempDH3888.html
[2010-01-23 15:41:22 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempPW3888.html
[2010-01-22 16:59:34 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\Tempzd6096.html
[2010-01-22 16:59:34 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempfG6096.html
[2010-01-22 15:36:19 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempTB2484.html
[2010-01-22 15:36:19 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempNX2484.html
[2010-01-22 07:40:54 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempNp3200.html
[2010-01-22 07:40:54 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempId3200.html
[2010-01-22 00:45:46 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TemphTV824.html
[2010-01-22 00:45:46 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempDXp824.html
[2010-01-21 20:59:32 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempgK5332.html
[2010-01-21 20:59:32 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempPj5332.html
[2010-01-21 19:18:32 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempPN6044.html
[2010-01-21 19:18:32 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempQC6044.html
[2010-01-09 21:50:36 | 000,000,000 | ---- | C] () -- C:\Windows\iPlayer.INI
[2009-11-11 11:22:56 | 000,000,552 | ---- | C] () -- C:\Users\Przemek\AppData\Local\d3d8caps.dat
[2009-10-18 21:04:30 | 000,000,839 | ---- | C] () -- C:\Users\Przemek\.recently-used.xbel
[2009-09-06 20:36:02 | 000,061,440 | ---- | C] () -- C:\Windows\System32\wintab32.dll
[2009-06-22 18:04:45 | 000,524,288 | -HS- | C] () -- C:\Users\Przemek\ntuser.dat{30718fb1-5f2c-11de-aa86-00030d84511d}.TMContainer00000000000000000002.regtrans-ms
[2009-06-22 18:04:45 | 000,524,288 | -HS- | C] () -- C:\Users\Przemek\ntuser.dat{30718fb1-5f2c-11de-aa86-00030d84511d}.TMContainer00000000000000000001.regtrans-ms
[2009-06-22 18:04:45 | 000,065,536 | -HS- | C] () -- C:\Users\Przemek\ntuser.dat{30718fb1-5f2c-11de-aa86-00030d84511d}.TM.blf
[2009-04-30 00:44:20 | 004,647,319 | ---- | C] () -- C:\Users\Przemek\justin timberlake - cry me a river.mp3
[2009-04-10 22:34:06 | 000,278,984 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2009-04-10 22:34:06 | 000,025,416 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2009-04-07 11:27:11 | 000,146,529 | ---- | C] () -- C:\Users\Przemek\ŁQ buch.JPG
[2009-04-06 16:02:15 | 000,524,288 | -HS- | C] () -- C:\Users\Przemek\NTUSER.DAT{714ed39d-22b3-11de-9dd9-00030d84511d}.TMContainer00000000000000000002.regtrans-ms
[2009-04-06 16:02:15 | 000,524,288 | -HS- | C] () -- C:\Users\Przemek\NTUSER.DAT{714ed39d-22b3-11de-9dd9-00030d84511d}.TMContainer00000000000000000001.regtrans-ms
[2009-04-06 16:02:15 | 000,065,536 | -HS- | C] () -- C:\Users\Przemek\NTUSER.DAT{714ed39d-22b3-11de-9dd9-00030d84511d}.TM.blf
[2009-03-24 15:35:14 | 000,000,680 | ---- | C] () -- C:\Users\Przemek\AppData\Local\d3d9caps.dat
[2009-02-08 09:08:23 | 000,129,024 | ---- | C] () -- C:\Windows\System32\AVERM.dll
[2009-02-08 09:08:23 | 000,028,672 | ---- | C] () -- C:\Windows\System32\AVEQT.dll
[2009-02-05 14:36:41 | 000,000,266 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009-01-20 11:37:31 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2009-01-20 11:37:31 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2009-01-20 11:37:31 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2009-01-14 18:42:01 | 000,000,000 | ---- | C] () -- C:\Users\Przemek\AppData\Roaming\wklnhst.dat
[2009-01-08 23:07:38 | 000,021,508 | ---- | C] () -- C:\Users\Przemek\AppData\Roaming\UserTile.png
[2008-12-19 22:37:46 | 000,000,104 | ---- | C] () -- C:\Users\Przemek\Internet — skrót.lnk
[2008-11-19 00:06:30 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2008-11-06 23:58:45 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2008-11-06 23:06:07 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2008-11-03 23:12:02 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2008-10-20 19:08:36 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll
[2008-10-17 15:53:26 | 000,000,000 | ---- | C] () -- C:\Windows\System32\msexcr.ini
[2008-10-07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008-10-07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2008-09-24 20:11:48 | 000,017,530 | ---- | C] () -- C:\Users\Przemek\AppData\Roaming\ReplayConverterLog.log
[2008-09-21 12:49:23 | 000,717,296 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2008-09-19 21:03:57 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2008-09-19 21:03:47 | 000,056,320 | ---- | C] () -- C:\Users\Przemek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008-09-19 20:35:30 | 003,932,160 | -HS- | C] () -- C:\Users\Przemek\ntuser.dat
[2008-09-19 20:35:30 | 000,524,288 | -HS- | C] () -- C:\Users\Przemek\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000002.regtrans-ms
[2008-09-19 20:35:30 | 000,524,288 | -HS- | C] () -- C:\Users\Przemek\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000001.regtrans-ms
[2008-09-19 20:35:30 | 000,262,144 | -H-- | C] () -- C:\Users\Przemek\ntuser.dat.LOG1
[2008-09-19 20:35:30 | 000,065,536 | -HS- | C] () -- C:\Users\Przemek\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TM.blf
[2008-09-19 20:35:30 | 000,000,020 | -HS- | C] () -- C:\Users\Przemek\ntuser.ini
[2008-09-19 20:35:30 | 000,000,000 | -H-- | C] () -- C:\Users\Przemek\ntuser.dat.LOG2
[2007-11-27 16:26:20 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2007-03-29 23:00:40 | 000,203,264 | R--- | C] () -- C:\Windows\System32\CddbCdda.dll
[2006-11-02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006-08-11 19:52:02 | 000,012,288 | ---- | C] () -- C:\Windows\System32\EvOnlDiag.dll
[2005-06-18 17:00:52 | 000,070,018 | ---- | C] () -- C:\Windows\System32\akrip32.dll
[1996-04-03 21:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\drivers\giveio.sys

[color=#E56717]========== LOP Check ==========[/color]

[2008-09-20 14:37:56 | 000,000,000 | ---D | M] -- C:\Users\Gabrysia\AppData\Roaming\Gadu-Gadu
[2008-10-29 16:23:01 | 000,000,000 | ---D | M] -- C:\Users\Gabrysia\AppData\Roaming\Nowe Gadu-Gadu
[2008-09-24 18:56:26 | 000,000,000 | ---D | M] -- C:\Users\Gabrysia\AppData\Roaming\PC Suite
[2009-02-10 17:23:47 | 000,000,000 | ---D | M] -- C:\Users\Gabrysia\AppData\Roaming\Skinux
[2009-01-31 21:51:13 | 000,000,000 | ---D | M] -- C:\Users\Krystyna\AppData\Roaming\DAEMON Tools
[2008-12-08 20:56:03 | 000,000,000 | ---D | M] -- C:\Users\Krystyna\AppData\Roaming\Gadu-Gadu
[2010-04-11 12:12:25 | 000,000,000 | ---D | M] -- C:\Users\Krystyna\AppData\Roaming\MahJong Suite
[2009-02-28 13:56:40 | 000,000,000 | ---D | M] -- C:\Users\Krystyna\AppData\Roaming\Skinux
[2009-02-18 17:31:31 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\23doors
[2009-12-14 20:58:30 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Azureus
[2009-07-21 15:18:42 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\com.raptr.Raptr.848BBC53270CAC248E8FA0F339176201CDEB525F.1
[2009-06-23 00:55:57 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\DAEMON Tools
[2009-11-04 10:26:57 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Dark Sector
[2010-03-28 20:14:05 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\EurekaLog
[2010-03-03 21:03:52 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Ferro Software
[2009-06-18 12:10:46 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\FreeCall
[2008-09-20 12:58:45 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Gadu-Gadu
[2009-12-22 16:08:12 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Gadu-Gadu 10
[2009-11-20 22:00:14 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\GamesTool
[2009-01-28 13:58:59 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\GHISLER
[2009-10-18 20:42:36 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\gtk-2.0
[2009-07-21 14:22:35 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\ijjigame
[2009-11-22 19:57:08 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\ipla
[2009-05-02 02:05:32 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\IVONA Player
[2008-12-08 16:26:08 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Leadertech
[2008-09-24 18:45:27 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Nokia
[2008-10-23 19:38:12 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Nowe Gadu-Gadu
[2009-07-21 15:20:17 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\NPLUTO Corporation
[2009-08-31 00:25:22 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\OpenFM
[2010-02-23 02:40:05 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\OpenOffice.org
[2009-01-29 21:54:49 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Opera
[2008-12-14 11:55:24 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\OTSPW
[2008-09-24 18:45:13 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\PC Suite
[2009-01-08 23:07:38 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\PeerNetworking
[2009-09-06 20:38:17 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\progeSOFT
[2009-07-21 15:18:22 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Raptr
[2008-10-01 15:27:24 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Ringtone
[2009-09-16 07:31:56 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Samsung
[2009-06-24 16:08:38 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\SecondLife
[2009-02-08 01:51:49 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Skinux
[2009-01-27 11:13:28 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Tibia
[2009-04-09 01:06:09 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\TuneUp Software
[2010-01-29 17:19:44 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Turbine
[2009-01-27 11:49:42 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\WypasOTS Client
[2009-11-23 16:29:52 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\yess
[2009-08-11 21:09:24 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\ZOO Digital Publishing
[2010-04-13 09:00:00 | 000,000,508 | ---- | M] () -- C:\Windows\Tasks\1-Click Maintenance.job
[2010-04-13 08:27:25 | 000,032,568 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010-04-12 16:27:48 | 000,000,422 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{2D32B598-9AD8-42B2-B3BB-8AF182A35469}.job
[2010-04-12 19:12:49 | 000,000,424 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{5E089632-8E9B-44C4-A369-156C380EF725}.job

[color=#E56717]========== Purity Check ==========[/color]

[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2009-02-03 12:14:58 | 000,000,015 | ---- | M] () -- C:\ace.bat
[2006-09-18 23:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2007-01-05 13:29:34 | 000,000,030 | ---- | M] () -- C:\batch.wtc
[2006-11-02 11:53:57 | 000,438,840 | RHS- | M] () -- C:\bootmgr
[2007-11-27 16:14:34 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2006-09-18 23:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2009-02-18 16:59:54 | 000,006,458 | ---- | M] () -- C:\graph.log
[2008-09-19 21:46:57 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2008-09-19 21:46:57 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010-04-13 08:28:12 | 2459,762,688 | -HS- | M] () -- C:\pagefile.sys
[2000-01-02 22:09:21 | 000,023,738 | ---- | M] () -- C:\Prodlog.txt
[2010-01-22 20:31:47 | 000,522,866 | ---- | M] () -- C:\R0122__19_31_04.mp3
[2010-01-22 20:31:49 | 000,000,533 | ---- | M] () -- C:\Record 01_22.rze
[2009-05-25 16:37:28 | 000,000,159 | ---- | M] () -- C:\Setup.log
[2009-02-02 16:46:16 | 000,000,017 | ---- | M] () -- C:\simsreg.bat
[2009-02-02 16:46:16 | 000,001,207 | ---- | M] () -- C:\simsreg.reg
[2008-09-21 11:13:40 | 000,000,024 | ---- | M] () -- C:\url_history.xml

[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2007-11-04 00:40:05 | 000,056,504 | ---- | M] (Microsoft Corporation) MD5=198636E76971EBC96404547EC0FD5E75 -- C:\Windows\System32\drivers\AGP440.sys
[2007-11-04 00:40:05 | 000,056,504 | ---- | M] (Microsoft Corporation) MD5=198636E76971EBC96404547EC0FD5E75 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_cb7c81c7\AGP440.sys
[2007-11-04 00:40:05 | 000,056,504 | ---- | M] (Microsoft Corporation) MD5=198636E76971EBC96404547EC0FD5E75 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.20598_none_b85cfa98dae9b436\AGP440.sys
[2006-11-02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2007-11-04 01:07:49 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=0B77F93AB73798F97E8E0A0AA4CCBEEF -- C:\Windows\System32\drivers\atapi.sys
[2007-11-04 01:07:49 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=0B77F93AB73798F97E8E0A0AA4CCBEEF -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_44b6b0d0\atapi.sys
[2007-11-04 01:07:49 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=0B77F93AB73798F97E8E0A0AA4CCBEEF -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20694_none_db7e36353dc64123\atapi.sys
[2006-11-02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2006-11-02 10:51:03 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=AC3DD1708B22761EBD7CBE14DCC3B5D7 -- C:\Windows\System32\drivers\beep.sys
[2006-11-02 10:51:03 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=AC3DD1708B22761EBD7CBE14DCC3B5D7 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6000.16386_none_c1e9df570ab23787\beep.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2006-11-02 11:51:42 | 000,500,840 | ---- | M] (Microsoft Corporation) MD5=227C11E1E7CF6EF8AFB2A238D209760C -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.16386_none_a59069cb1f23fc44\ndis.sys
[2007-11-04 00:02:57 | 000,503,480 | ---- | M] (Microsoft Corporation) MD5=6E8DFFACE597629CEF5DF7D69217628F -- C:\Windows\System32\drivers\ndis.sys
[2007-11-04 00:02:57 | 000,503,480 | ---- | M] (Microsoft Corporation) MD5=6E8DFFACE597629CEF5DF7D69217628F -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.20548_none_a64748c0381f5c1f\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2006-11-02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2007-11-04 00:30:30 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=A3FEA6ED9FD3CF07219A632E4A716226 -- C:\Windows\System32\winlogon.exe
[2007-11-04 00:30:30 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=A3FEA6ED9FD3CF07219A632E4A716226 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.20593_none_6e080d01f12ed7fe\winlogon.exe

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:7E95B6FD
< End of report >
[/log]

Edytowane 13 kwietnia 2010 przez jesiona
wydzielam jako osobny tematm //jesiona

13 kwietnia 2010

Uruchom OTL i w oknie Custom Scans/Fixes wklej[code]
:Processes
explorer.exe

:OTL
O32 - AutoRun File - [2007-11-07 17:41:52 | 000,000,047 | R--- | M] () - I:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{773e60f3-f110-11dd-b55c-00030d84511d}\Shell - "" = AutoRun
O33 - MountPoints2\{773e60f3-f110-11dd-b55c-00030d84511d}\Shell\AutoRun\command - "" = H:\AUTORUN.EXE -- File not found
O33 - MountPoints2\{8c5f1b89-4cfd-11de-b2be-00030d84511d}\Shell - "" = AutoRun
O33 - MountPoints2\{8c5f1b89-4cfd-11de-b2be-00030d84511d}\Shell\AutoRun\command - "" = I:\AutoRun.exe -- [2008-04-24 15:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{8c5f1ba8-4cfd-11de-b2be-00030d84511d}\Shell - "" = AutoRun
O33 - MountPoints2\{8c5f1ba8-4cfd-11de-b2be-00030d84511d}\Shell\AutoRun\command - "" = I:\AutoRun.exe -- [2008-04-24 15:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\I\Shell - "" = AutoRun
SRV - [2009-06-30 21:16:56 | 000,054,760 | ---- | M] () [Auto | Stopped] -- C:\ProgramData\SeekappSrch\seekapp143.exe -- (SeekappSrch Service)

:Files
C:\Windows\SysWow64\sshnas21.DLL
C:\Windows\Lluhua.exe
C:\Users\Dawid\AppData\Local\Temp\Lsr.exe

:Commands
[emptytemp]
[Reboot][/code]Kliknij Run Fix. Zatwierdź restart komputera.
Po ponownym uruchomieniu komputera tworzysz nowy log i pokazujesz do kontroli.

Wykonaj: http://www.forumpc.pl/index.php?showtopic=107753
Usuwasz wszystko co znajdzie program, a raport pokazuje na forum.

Użyj CCleanera (koniecznie), wyczyść nim pliki tymczasowe (temp/temporary).

Wyłącz również na chwilę przywracanie systemu, aby wykluczyć wirusa w plikach przywracania systemu.

Polecam zainstalowanie innego antywirusa niż Avast.
Avira + Comodo.
Darmowa wersja Avast jest kompletnie do niczego.

13 kwietnia 2010

[log]OTL logfile created on: 2010-04-13 09:38:32 - Run 2
OTL by OldTimer - Version 3.2.1.1 Folder = c:\Users\Przemek\Documents\Downloads
Windows Vista Home Basic Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 56,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 147,38 Gb Total Space | 34,10 Gb Free Space | 23,14% Space Free | Partition Type: NTFS
Drive D: | 73,69 Gb Total Space | 9,83 Gb Free Space | 13,34% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 10,84 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: PRZEMEK-PC
Current User Name: Przemek
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-04-13 08:53:54 | 000,561,664 | ---- | M] (OldTimer Tools) -- c:\Users\Przemek\Documents\Downloads\OTL.exe
PRC - [2010-03-28 05:13:16 | 000,530,416 | ---- | M] (Google Inc.) -- C:\Users\Przemek\AppData\Local\Google\Chrome\Application\chrome.exe
PRC - [2010-03-26 21:00:44 | 003,250,576 | ---- | M] (Xfire Inc.) -- C:\Program Files\Xfire\xfire.exe
PRC - [2010-03-19 08:53:53 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Users\Przemek\AppData\Local\Google\Update\1.2.183.23\GoogleCrashHandler.exe
PRC - [2010-02-02 00:32:16 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2010-02-02 00:32:14 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2009-09-30 21:44:36 | 000,133,104 | ---- | M] (Google Inc.) -- C:\Users\Przemek\AppData\Local\Google\Update\GoogleUpdate.exe
PRC - [2009-09-10 16:47:51 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe
PRC - [2009-05-30 11:47:02 | 000,114,688 | ---- | M] () -- C:\Program Files\PLAY ONLINE\PLAY ONLINE.exe
PRC - [2009-05-08 22:48:32 | 000,604,416 | ---- | M] (TuneUp Software) -- C:\Windows\System32\TUProgSt.exe
PRC - [2009-03-30 18:52:13 | 000,045,056 | ---- | M] (TMRG, Inc.) -- C:\Program Files\RelevantKnowledge\rlservice.exe
PRC - [2009-03-03 03:59:26 | 000,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe
PRC - [2008-10-29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008-09-21 10:45:37 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\servicing\TrustedInstaller.exe
PRC - [2008-09-21 10:43:43 | 001,232,896 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe
PRC - [2007-11-04 00:30:30 | 000,308,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe
PRC - [2007-11-04 00:30:30 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe
PRC - [2007-11-04 00:29:35 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe
PRC - [2007-11-04 00:14:38 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe
PRC - [2007-11-04 00:12:45 | 002,605,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe
PRC - [2007-11-04 00:01:27 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe
PRC - [2007-11-03 23:32:31 | 001,006,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007-10-12 00:00:16 | 000,610,304 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\Ati2evxx.exe
PRC - [2007-05-28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2007-04-10 17:01:32 | 004,431,872 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2006-11-22 18:31:26 | 000,630,784 | ---- | M] (Motorola Inc.) -- C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
PRC - [2006-11-02 14:34:59 | 000,895,488 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
PRC - [2006-11-02 14:34:59 | 000,201,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
PRC - [2006-11-02 14:34:02 | 000,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe
PRC - [2006-11-02 14:33:51 | 000,151,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\notepad.exe
PRC - [2006-11-02 11:45:50 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
PRC - [2006-11-02 11:45:48 | 000,166,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe
PRC - [2006-11-02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2006-11-02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2006-11-02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2006-11-02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2006-11-02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2006-11-02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2006-11-02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2006-11-02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2006-11-02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2006-11-02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2006-11-02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2006-11-02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2006-11-02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2006-11-02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2006-11-02 11:45:46 | 000,124,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe
PRC - [2006-11-02 11:45:40 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe
PRC - [2006-11-02 11:45:21 | 000,210,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe
PRC - [2006-11-02 11:45:00 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe
PRC - [2006-11-02 11:44:59 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe

[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-04-13 08:53:54 | 000,561,664 | ---- | M] (OldTimer Tools) -- c:\Users\Przemek\Documents\Downloads\OTL.exe
MOD - [2010-03-26 21:00:54 | 000,956,816 | ---- | M] (Xfire Inc.) -- C:\Program Files\Xfire\xfire_toucan_42127.dll
MOD - [2009-10-19 16:39:09 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll
MOD - [2009-09-10 19:31:03 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll
MOD - [2009-07-17 16:52:41 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll
MOD - [2009-04-23 15:01:43 | 000,788,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll
MOD - [2009-02-13 09:26:37 | 000,875,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll
MOD - [2008-11-06 14:59:14 | 011,320,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll
MOD - [2008-10-21 07:16:20 | 000,297,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll
MOD - [2008-10-16 06:22:27 | 000,425,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll
MOD - [2008-09-21 10:45:59 | 001,585,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll
MOD - [2008-09-21 10:45:42 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll
MOD - [2008-09-21 10:45:39 | 000,559,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll
MOD - [2007-11-04 01:08:50 | 000,255,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv
MOD - [2007-11-04 01:02:39 | 000,339,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll
MOD - [2007-11-04 00:39:06 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.20656_none_463680b8218be5a3\comctl32.dll
MOD - [2007-11-04 00:31:19 | 001,314,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll
MOD - [2007-11-04 00:29:51 | 000,633,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll
MOD - [2007-11-04 00:29:09 | 000,454,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll
MOD - [2007-11-03 23:47:46 | 000,681,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll
MOD - [2006-11-02 14:35:02 | 000,138,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll
MOD - [2006-11-02 11:47:26 | 001,162,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll
MOD - [2006-11-02 11:46:16 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll
MOD - [2006-11-02 11:46:14 | 000,288,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll
MOD - [2006-11-02 11:46:14 | 000,193,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winmm.dll
MOD - [2006-11-02 11:46:14 | 000,178,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll
MOD - [2006-11-02 11:46:14 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wsock32.dll
MOD - [2006-11-02 11:46:13 | 001,064,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll
MOD - [2006-11-02 11:46:13 | 000,994,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll
MOD - [2006-11-02 11:46:13 | 000,502,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll
MOD - [2006-11-02 11:46:13 | 000,240,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll
MOD - [2006-11-02 11:46:13 | 000,107,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll
MOD - [2006-11-02 11:46:13 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll
MOD - [2006-11-02 11:46:13 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll
MOD - [2006-11-02 11:46:12 | 000,733,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll
MOD - [2006-11-02 11:46:12 | 000,214,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleacc.dll
MOD - [2006-11-02 11:46:12 | 000,120,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll
MOD - [2006-11-02 11:46:12 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll
MOD - [2006-11-02 11:46:12 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll
MOD - [2006-11-02 11:46:12 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll
MOD - [2006-11-02 11:46:12 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll
MOD - [2006-11-02 11:46:07 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msimg32.dll
MOD - [2006-11-02 11:46:06 | 000,805,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll
MOD - [2006-11-02 11:46:05 | 000,115,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll
MOD - [2006-11-02 11:46:05 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll
MOD - [2006-11-02 11:46:02 | 000,770,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll
MOD - [2006-11-02 11:46:02 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll
MOD - [2006-11-02 11:46:02 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll
MOD - [2006-11-02 11:46:02 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authz.dll
MOD - [2003-02-21 04:42:22 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcr71.dll

[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2009-08-24 14:47:07 | 000,378,368 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2009-06-22 17:44:00 | 003,087,772 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2009-05-08 22:48:32 | 000,604,416 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\TUProgSt.exe -- (TuneUp.ProgramStatisticsSvc)
SRV - [2009-05-08 22:48:29 | 000,361,216 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Windows\System32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2009-04-27 14:21:36 | 000,028,928 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2009-03-30 18:52:13 | 000,045,056 | ---- | M] (TMRG, Inc.) [Auto | Running] -- C:\Program Files\RelevantKnowledge\rlservice.exe -- (RelevantKnowledge)
SRV - [2008-08-07 11:17:30 | 000,575,488 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007-11-03 23:32:31 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007-05-28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2009-09-23 10:41:58 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009-04-10 22:34:06 | 000,278,984 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2009-04-10 22:34:06 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2008-09-26 18:04:10 | 000,101,760 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008-09-21 12:49:23 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2007-11-04 01:07:49 | 000,020,152 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2007-11-04 01:07:49 | 000,019,128 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2007-11-04 01:07:49 | 000,017,592 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007-10-12 00:13:16 | 003,155,456 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2007-09-17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007-07-02 17:37:10 | 000,131,616 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvrd32.sys -- (nvrd32)
DRV - [2007-07-02 17:37:08 | 000,110,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2007-06-13 23:47:12 | 000,048,256 | ---- | M] (JMicron Technology Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\jraid.sys -- (JRAID)
DRV - [2007-05-02 12:11:18 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2007-05-02 12:11:18 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2007-05-02 12:11:16 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)
DRV - [2007-04-10 20:05:38 | 001,764,960 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007-04-04 05:57:00 | 000,046,592 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\itecir.sys -- (itecir)
DRV - [2007-02-25 06:14:00 | 002,216,448 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel(R)
DRV - [2007-02-16 16:18:38 | 000,070,144 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2007-02-12 14:36:54 | 000,277,784 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2006-11-22 18:35:00 | 000,982,272 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2006-11-02 11:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006-11-02 11:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006-11-02 11:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006-11-02 11:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006-11-02 11:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006-11-02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006-11-02 11:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006-11-02 11:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006-11-02 11:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006-11-02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006-11-02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006-11-02 11:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006-11-02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006-11-02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006-11-02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006-11-02 11:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006-11-02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006-11-02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006-11-02 11:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006-11-02 11:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006-11-02 11:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006-11-02 11:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006-11-02 11:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006-11-02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006-11-02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006-11-02 11:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006-11-02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006-11-02 11:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006-11-02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006-11-02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006-11-02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006-11-02 11:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006-11-02 10:57:06 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\irsir.sys -- (irsir)
DRV - [2006-11-02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006-11-02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006-11-02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006-11-02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006-11-02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006-11-02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006-11-02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006-11-02 09:30:54 | 001,781,760 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R)
DRV - [2006-11-02 09:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2006-07-24 17:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2002-07-17 15:20:32 | 000,084,832 | ---- | M] (Adaptec) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ASPI32.SYS -- (ASPI)
DRV - [1996-04-03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\drivers\giveio.sys -- (giveio)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Local Page = http://start.warez.com/

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1840288614-1321457493-1999016952-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1840288614-1321457493-1999016952-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1840288614-1321457493-1999016952-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: "Winamp Search"
FF - prefs.js..browser.search.defaulturl: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50-ff-shoutcast-chromesbox-en-us&query="
FF - prefs.js..browser.search.order.1: "Crawler Search"
FF - prefs.js..browser.search.selectedEngine: "Winamp Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.0.2
FF - prefs.js..extensions.enabledItems: en-GB@dictionaries.addons.mozilla.org:1.19
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.6
FF - prefs.js..extensions.enabledItems: {c50ca3c4-5656-43c2-a061-13e717f73fc8}:2.02
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.1.2
FF - prefs.js..extensions.enabledItems: foxyproxy@eric.h.jung:2.16.1
FF - prefs.js..extensions.enabledItems: {4548ECB8-DA60-439A-A00D-5C893F8E1F9A}:1.0
FF - prefs.js..extensions.enabledItems: NPDyyno@dyyno.com:1.0.0.26
FF - prefs.js..extensions.enabledItems: {12e4c684-c03e-4e4d-85bc-0c065e7a9489}:5.23.2.10
FF - prefs.js..extensions.enabledItems: {07b2a769-ed19-4483-87ce-c643914c81bb}:3.0.0.29
FF - prefs.js..keyword.URL: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50-ff-shoutcast-ab-en-us&query="

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-02-01 20:03:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-03-05 22:35:44 | 000,000,000 | ---D | M]

[2008-09-23 00:15:40 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\mozilla\Extensions
[2010-03-27 08:47:25 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\sennxc7k.default\extensions
[2009-04-26 02:48:21 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\sennxc7k.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2009-04-26 02:48:03 | 000,000,000 | ---D | M] (Vista-aero) -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\sennxc7k.default\extensions\{07b2a769-ed19-4483-87ce-c643914c81bb}
[2010-02-05 21:59:57 | 000,000,000 | ---D | M] (SHOUTcast Radio Toolbar) -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\sennxc7k.default\extensions\{12e4c684-c03e-4e4d-85bc-0c065e7a9489}
[2009-07-30 12:01:44 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\sennxc7k.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2008-10-23 22:57:28 | 000,000,000 | ---D | M] (Aero Fox) -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\sennxc7k.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}
[2009-07-30 12:23:19 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\sennxc7k.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2008-10-23 22:59:43 | 000,000,000 | ---D | M] (HalloFF) -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\sennxc7k.default\extensions\{bbf8fc30-5280-11db-b0de-0800200c9a66}
[2009-04-26 02:48:22 | 000,000,000 | ---D | M] (Fast Video Download) -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\sennxc7k.default\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}
[2009-05-08 22:52:07 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\sennxc7k.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009-04-09 00:20:41 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\sennxc7k.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2008-09-24 19:37:50 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\sennxc7k.default\extensions\bkmrksync@nokia.com
[2009-03-10 20:07:07 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\sennxc7k.default\extensions\brief@mozdev.org
[2009-04-09 00:25:49 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\sennxc7k.default\extensions\en-GB@dictionaries.addons.mozilla.org
[2009-12-20 17:52:11 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\sennxc7k.default\extensions\foxyproxy@eric.h.jung
[2009-04-26 02:48:02 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\sennxc7k.default\extensions\nasanightlaunch@example.com
[2009-08-02 09:40:25 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\sennxc7k.default\extensions\NPDyyno@dyyno.com
[2009-04-26 02:48:21 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\sennxc7k.default\extensions\treestyletab@piro.sakura.ne.jp
[2009-08-02 09:40:30 | 000,009,941 | ---- | M] () -- C:\Users\Przemek\AppData\Roaming\Mozilla\FireFox\Profiles\sennxc7k.default\searchplugins\mywebsearch.xml
[2008-05-04 15:34:38 | 000,001,048 | ---- | M] () -- C:\Users\Przemek\AppData\Roaming\Mozilla\FireFox\Profiles\sennxc7k.default\searchplugins\WarezSearch.xml
[2010-02-05 22:00:20 | 000,001,238 | ---- | M] () -- C:\Users\Przemek\AppData\Roaming\Mozilla\FireFox\Profiles\sennxc7k.default\searchplugins\winamp-search.xml
[2009-09-09 16:56:33 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009-07-01 22:31:10 | 000,000,000 | ---D | M] (Seekapp) -- C:\Program Files\Mozilla Firefox\extensions\{4548ECB8-DA60-439A-A00D-5C893F8E1F9A}
[2009-10-06 11:40:40 | 000,098,304 | ---- | M] (OGPlanet Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npOGPPlugin.dll
[2009-12-27 09:29:49 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2007-07-26 14:05:16 | 000,001,329 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
[2009-12-27 09:29:49 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2009-12-27 09:29:50 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2009-12-27 09:29:50 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2009-04-29 17:09:31 | 000,002,383 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seekapp137.xml
[2009-05-08 22:42:10 | 000,002,383 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seekapp139.xml
[2009-07-01 22:31:11 | 000,002,383 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seekapp143.xml
[2009-12-27 09:29:50 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2009-12-27 09:29:50 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2006-09-18 23:41:30 | 000,000,736 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\Przemek\AppData\Roaming\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-1840288614-1321457493-1999016952-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [recinfo863] c:\RecInfo\RecInfo.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - Startup: C:\Users\Krystyna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PLAY ONLINE.lnk = C:\Program Files\PLAY ONLINE\PLAY ONLINE.exe ()
O4 - Startup: C:\Users\Przemek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\Przemek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk = C:\Program Files\Xfire\xfire.exe (Xfire Inc.)
O7 - HKU\S-1-5-21-1840288614-1321457493-1999016952-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} http://www.acclaim.com/cabs/acclaim_v5.cab (GameLauncher Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697514} http://www.nullsoft.com/nsv/embed/nsvplayx_vp3_mp3.cab (NsvPlayX Control)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Przemek\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\Przemek\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008-04-24 15:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) - I:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2007-11-07 17:41:52 | 000,000,047 | R--- | M] () - I:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0

SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-04-13 09:28:34 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010-04-13 09:23:40 | 000,000,000 | ---D | C] -- C:\_OTL
[2010-04-11 11:44:04 | 000,000,000 | ---D | C] -- C:\ProgramData\TreeCardGames
[2010-04-11 11:43:38 | 000,000,000 | ---D | C] -- C:\Program Files\MahJong Suite
[2010-04-11 11:37:04 | 000,000,000 | ---D | C] -- C:\Program Files\MyPlayCity.com
[2010-04-05 16:31:05 | 000,000,000 | ---D | C] -- C:\Program Files\Tetriz
[2010-03-29 19:53:28 | 000,000,000 | ---D | C] -- C:\Users\Przemek\Desktop\dupa
[2010-03-19 12:56:22 | 000,000,000 | ---D | C] -- C:\Program Files\FLVPlayer
[2010-03-19 08:48:22 | 000,000,000 | ---D | C] -- C:\Users\Przemek\AppData\Roaming\EurekaLog
[2010-03-14 02:31:54 | 000,000,000 | ---D | C] -- C:\Users\Przemek\dwhelper
[2010-03-03 20:41:12 | 000,000,000 | ---D | C] -- C:\Users\Przemek\AppData\Roaming\Ferro Software
[2010-02-23 20:58:30 | 000,000,000 | ---D | C] -- C:\Infonetax
[2010-02-23 02:52:12 | 000,000,000 | ---D | C] -- C:\Users\Przemek\WapSter
[2010-02-23 02:51:38 | 000,000,000 | ---D | C] -- C:\Program Files\WapSter
[2010-02-23 02:40:05 | 000,000,000 | ---D | C] -- C:\Users\Przemek\AppData\Roaming\OpenOffice.org
[2010-02-23 02:38:01 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-04-13 09:36:31 | 003,932,160 | -HS- | M] () -- C:\Users\Przemek\ntuser.dat
[2010-04-13 09:32:30 | 000,000,508 | ---- | M] () -- C:\Windows\tasks\1-Click Maintenance.job
[2010-04-13 09:32:23 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010-04-13 09:32:23 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010-04-13 09:32:22 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010-04-13 09:32:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010-04-13 09:28:35 | 000,001,636 | ---- | M] () -- C:\Users\Przemek\Desktop\CCleaner.lnk
[2010-04-13 08:58:00 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1840288614-1321457493-1999016952-1000UA.job
[2010-04-13 08:27:11 | 004,789,213 | -H-- | M] () -- C:\Users\Przemek\AppData\Local\IconCache.db
[2010-04-12 19:12:49 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{5E089632-8E9B-44C4-A369-156C380EF725}.job
[2010-04-12 16:27:48 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{2D32B598-9AD8-42B2-B3BB-8AF182A35469}.job
[2010-04-11 11:43:42 | 000,000,763 | ---- | M] () -- C:\Users\Public\Desktop\MahJong Suite.lnk
[2010-04-11 11:37:07 | 000,001,855 | ---- | M] () -- C:\Users\Przemek\Desktop\Play Online Games.lnk
[2010-04-11 11:37:07 | 000,001,820 | ---- | M] () -- C:\Users\Przemek\Desktop\MyPlayCity Games.lnk
[2010-04-11 11:37:06 | 000,001,929 | ---- | M] () -- C:\Users\Przemek\Desktop\My Free Mahjong.lnk
[2010-04-07 07:58:00 | 000,001,014 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1840288614-1321457493-1999016952-1000Core.job
[2010-04-02 02:59:47 | 000,006,039 | ---- | M] () -- C:\Users\Przemek\Desktop\Bez tytułu.jpg
[2010-04-01 08:15:45 | 000,002,058 | ---- | M] () -- C:\Users\Przemek\Desktop\Google Chrome.lnk
[2010-03-29 07:52:56 | 001,353,382 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010-03-29 07:52:56 | 000,618,470 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010-03-29 07:52:56 | 000,544,794 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2010-03-29 07:52:56 | 000,107,614 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010-03-29 07:52:56 | 000,091,572 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2010-03-26 21:00:50 | 000,041,872 | ---- | M] () -- C:\Windows\System32\xfcodec.dll
[2010-03-26 08:07:31 | 004,746,794 | ---- | M] () -- C:\Users\Przemek\Desktop\pendulum - masochist.mp3
[2010-03-26 08:03:57 | 005,912,900 | ---- | M] () -- C:\Users\Przemek\Desktop\pendulum & freestylers - fasten your seatbelts.mp3.mp3
[2010-03-24 11:35:08 | 000,165,444 | ---- | M] () -- C:\Users\Przemek\Desktop\ban.jpg
[2010-03-10 17:33:25 | 000,128,611 | ---- | M] () -- C:\Users\Przemek\Desktop\oceny.jpg
[2010-03-05 10:53:21 | 000,001,001 | ---- | M] () -- C:\Users\Przemek\Desktop\WoW.lnk
[2010-03-04 21:15:09 | 000,034,004 | ---- | M] () -- C:\Users\Przemek\Desktop\2591_90_czacha_osemka_big.jpg
[2010-03-04 19:03:07 | 000,000,834 | ---- | M] () -- C:\Users\Przemek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk
[2010-03-04 15:42:11 | 000,056,320 | ---- | M] () -- C:\Users\Przemek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-03-03 21:03:52 | 000,000,189 | ---- | M] () -- C:\Windows\win.ini
[2010-02-25 20:24:32 | 000,077,720 | ---- | M] () -- C:\Users\Przemek\AppData\Local\GDIPFONTCACHEV1.DAT
[2010-02-25 15:47:47 | 000,326,248 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010-02-23 02:51:52 | 000,000,878 | ---- | M] () -- C:\Users\Przemek\Desktop\AQQ.lnk
[2010-02-23 02:47:20 | 000,002,432 | ---- | M] () -- C:\Users\Przemek\AppData\Local\TempYd5200.html
[2010-02-23 02:47:20 | 000,002,089 | ---- | M] () -- C:\Users\Przemek\AppData\Local\TempKE5200.html
[2010-02-23 02:41:02 | 000,000,994 | ---- | M] () -- C:\Users\Przemek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
[2010-02-23 02:39:08 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.2.lnk
[2010-02-23 02:09:03 | 000,002,432 | ---- | M] () -- C:\Users\Przemek\AppData\Local\TempbS5680.html
[2010-02-23 02:09:03 | 000,002,089 | ---- | M] () -- C:\Users\Przemek\AppData\Local\TempOm5680.html
[2010-02-22 16:58:02 | 000,002,432 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Tempxr2072.html
[2010-02-22 16:58:02 | 000,002,089 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Tempvz2072.html
[2010-02-20 01:13:56 | 000,002,432 | ---- | M] () -- C:\Users\Przemek\AppData\Local\TempDn4356.html
[2010-02-20 01:13:56 | 000,002,089 | ---- | M] () -- C:\Users\Przemek\AppData\Local\TempWs4356.html
[2010-02-19 21:36:36 | 000,002,432 | ---- | M] () -- C:\Users\Przemek\AppData\Local\TempVD2936.html
[2010-02-19 21:36:36 | 000,002,089 | ---- | M] () -- C:\Users\Przemek\AppData\Local\TempRm2936.html
[2010-02-19 11:48:36 | 000,002,432 | ---- | M] () -- C:\Users\Przemek\AppData\Local\TempfQ1340.html
[2010-02-19 11:48:36 | 000,002,089 | ---- | M] () -- C:\Users\Przemek\AppData\Local\TempAc1340.html
[2010-02-18 19:50:23 | 000,002,432 | ---- | M] () -- C:\Users\Przemek\AppData\Local\TempwG3224.html
[2010-02-18 19:50:23 | 000,002,089 | ---- | M] () -- C:\Users\Przemek\AppData\Local\TempuM3224.html
[2010-02-17 22:15:39 | 000,002,432 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Tempdt5204.html
[2010-02-17 22:15:39 | 000,002,089 | ---- | M] () -- C:\Users\Przemek\AppData\Local\TempDu5204.html
[2010-02-17 19:23:28 | 000,002,432 | ---- | M] () -- C:\Users\Przemek\AppData\Local\TempoO6112.html
[2010-02-17 19:23:28 | 000,002,089 | ---- | M] () -- C:\Users\Przemek\AppData\Local\TempJi6112.html
[2010-02-17 17:20:42 | 000,002,432 | ---- | M] () -- C:\Users\Przemek\AppData\Local\TempnX5528.html
[2010-02-17 17:20:41 | 000,002,089 | ---- | M] () -- C:\Users\Przemek\AppData\Local\TempVb5528.html
[2010-02-16 20:16:13 | 000,002,432 | ---- | M] () -- C:\Users\Przemek\AppData\Local\TempxT5672.html
[2010-02-16 20:16:13 | 000,002,089 | ---- | M] () -- C:\Users\Przemek\AppData\Local\TempRw5672.html
[2010-02-16 03:19:32 | 000,002,432 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Tempxp5608.html
[2010-02-16 03:19:32 | 000,002,089 | ---- | M] () -- C:\Users\Przemek\AppData\Local\TempGl5608.html
[2010-02-15 20:52:18 | 000,002,432 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Tempiq4256.html
[2010-02-15 20:52:18 | 000,002,089 | ---- | M] () -- C:\Users\Przemek\AppData\Local\TempCA4256.html
[2010-02-13 09:35:36 | 000,002,432 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Tempfl4720.html
[2010-02-13 09:35:36 | 000,002,089 | ---- | M] () -- C:\Users\Przemek\AppData\Local\TempeD4720.html
[2010-02-13 09:25:07 | 000,002,432 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Tempxx1440.html
[2010-02-13 09:25:07 | 000,002,089 | ---- | M] () -- C:\Users\Przemek\AppData\Local\Tempqn1440.html

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-04-13 09:28:35 | 000,001,636 | ---- | C] () -- C:\Users\Przemek\Desktop\CCleaner.lnk
[2010-04-11 11:43:42 | 000,000,763 | ---- | C] () -- C:\Users\Public\Desktop\MahJong Suite.lnk
[2010-04-11 11:37:07 | 000,001,855 | ---- | C] () -- C:\Users\Przemek\Desktop\Play Online Games.lnk
[2010-04-11 11:37:07 | 000,001,820 | ---- | C] () -- C:\Users\Przemek\Desktop\MyPlayCity Games.lnk
[2010-04-11 11:37:06 | 000,001,929 | ---- | C] () -- C:\Users\Przemek\Desktop\My Free Mahjong.lnk
[2010-04-10 15:33:20 | 000,271,046 | ---- | C] () -- C:\Users\Przemek\Desktop\Silnik od esioka.amr
[2010-04-10 15:33:00 | 000,276,588 | ---- | C] () -- C:\Users\Przemek\Desktop\Music Has Power by jonny.nth
[2010-04-10 15:32:42 | 000,056,582 | ---- | C] () -- C:\Users\Przemek\Desktop\Budzik.amr
[2010-04-02 02:59:46 | 000,006,039 | ---- | C] () -- C:\Users\Przemek\Desktop\Bez tytułu.jpg
[2010-03-26 21:00:50 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2010-03-26 08:10:35 | 001,116,024 | ---- | C] () -- C:\Users\Przemek\Desktop\forumnokia.plmotywgif.nth
[2010-03-26 08:03:33 | 004,746,794 | ---- | C] () -- C:\Users\Przemek\Desktop\pendulum - masochist.mp3
[2010-03-26 08:02:18 | 005,912,900 | ---- | C] () -- C:\Users\Przemek\Desktop\pendulum & freestylers - fasten your seatbelts.mp3.mp3
[2010-03-24 11:35:08 | 000,165,444 | ---- | C] () -- C:\Users\Przemek\Desktop\ban.jpg
[2010-03-10 17:33:24 | 000,128,611 | ---- | C] () -- C:\Users\Przemek\Desktop\oceny.jpg
[2010-03-05 10:53:21 | 000,001,001 | ---- | C] () -- C:\Users\Przemek\Desktop\WoW.lnk
[2010-03-04 21:15:09 | 000,034,004 | ---- | C] () -- C:\Users\Przemek\Desktop\2591_90_czacha_osemka_big.jpg
[2010-03-04 19:03:07 | 000,000,834 | ---- | C] () -- C:\Users\Przemek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk
[2010-02-23 02:51:52 | 000,000,878 | ---- | C] () -- C:\Users\Przemek\Desktop\AQQ.lnk
[2010-02-23 02:42:06 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempYd5200.html
[2010-02-23 02:42:06 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempKE5200.html
[2010-02-23 02:41:02 | 000,000,994 | ---- | C] () -- C:\Users\Przemek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
[2010-02-23 02:39:08 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.2.lnk
[2010-02-23 01:51:29 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempbS5680.html
[2010-02-23 01:51:29 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempOm5680.html
[2010-02-22 16:42:30 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\Tempxr2072.html
[2010-02-22 16:42:30 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\Tempvz2072.html
[2010-02-19 21:50:31 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempDn4356.html
[2010-02-19 21:50:31 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempWs4356.html
[2010-02-19 19:16:57 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempVD2936.html
[2010-02-19 19:16:57 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempRm2936.html
[2010-02-19 11:06:14 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempfQ1340.html
[2010-02-19 11:06:14 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempAc1340.html
[2010-02-18 13:07:20 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempwG3224.html
[2010-02-18 13:07:20 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempuM3224.html
[2010-02-17 21:13:53 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\Tempdt5204.html
[2010-02-17 21:13:53 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempDu5204.html
[2010-02-17 19:18:33 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempoO6112.html
[2010-02-17 19:18:33 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempJi6112.html
[2010-02-17 13:38:02 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempnX5528.html
[2010-02-17 13:38:02 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempVb5528.html
[2010-02-16 19:58:21 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempxT5672.html
[2010-02-16 19:58:21 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempRw5672.html
[2010-02-16 02:50:42 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\Tempxp5608.html
[2010-02-16 02:50:42 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempGl5608.html
[2010-02-15 20:51:52 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\Tempiq4256.html
[2010-02-15 20:51:52 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempCA4256.html
[2010-02-13 09:26:57 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\Tempfl4720.html
[2010-02-13 09:26:57 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempeD4720.html
[2010-02-13 09:22:12 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\Tempxx1440.html
[2010-02-13 09:22:12 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\Tempqn1440.html
[2010-02-11 21:03:31 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempTP4664.html
[2010-02-11 21:03:31 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempMB4664.html
[2010-02-11 17:00:39 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\Templn3124.html
[2010-02-11 17:00:39 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TemprX3124.html
[2010-02-11 13:05:26 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempfQ2136.html
[2010-02-11 13:05:26 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempdH2136.html
[2010-02-10 17:42:59 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempzH2784.html
[2010-02-10 17:42:59 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempuJ2784.html
[2010-02-09 20:36:12 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\Templf2440.html
[2010-02-09 20:36:12 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempFh2440.html
[2010-02-09 14:58:52 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempVp2892.html
[2010-02-09 14:58:52 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempRo2892.html
[2010-02-08 20:44:01 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempnA5084.html
[2010-02-08 20:44:01 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempEy5084.html
[2010-02-07 20:02:24 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\Temppi3044.html
[2010-02-07 20:02:24 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\Tempet3044.html
[2010-02-06 10:15:19 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempIn2564.html
[2010-02-06 10:15:19 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempLP2564.html
[2010-02-05 22:00:04 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\Tempvo5508.html
[2010-02-05 22:00:04 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempNp5508.html
[2010-02-04 14:47:58 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempHQ4896.html
[2010-02-04 14:47:58 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempPd4896.html
[2010-02-03 20:58:46 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempML3064.html
[2010-02-03 20:58:46 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\Tempdi3064.html
[2010-02-02 18:26:57 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempJu1808.html
[2010-02-02 18:26:57 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempxD1808.html
[2010-02-01 19:07:57 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempKD4508.html
[2010-02-01 19:07:57 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempBQ4508.html
[2010-02-01 16:07:59 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempiZ4524.html
[2010-02-01 16:07:59 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempHK4524.html
[2010-01-31 13:55:40 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\Tempsu4596.html
[2010-01-31 13:55:40 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempJe4596.html
[2010-01-31 08:56:22 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TemptS4388.html
[2010-01-31 08:56:22 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempEO4388.html
[2010-01-30 21:51:27 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\Tempzg1384.html
[2010-01-30 21:51:27 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempkO1384.html
[2010-01-30 17:37:32 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempQF4980.html
[2010-01-30 17:37:32 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempkV4980.html
[2010-01-30 12:52:59 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempMP6132.html
[2010-01-30 12:52:59 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TemppQ6132.html
[2010-01-30 01:12:23 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempOm5660.html
[2010-01-30 01:12:23 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempxE5660.html
[2010-01-29 17:17:20 | 000,000,095 | ---- | C] () -- C:\Users\Przemek\AppData\Local\fusioncache.dat
[2010-01-28 19:59:59 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempUk5700.html
[2010-01-28 19:59:59 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempAK5700.html
[2010-01-27 11:50:50 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempBv3528.html
[2010-01-27 11:50:50 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempCh3528.html
[2010-01-26 09:41:22 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempSm4108.html
[2010-01-26 09:41:22 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\Tempvr4108.html
[2010-01-25 16:44:49 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempHS2688.html
[2010-01-25 16:44:49 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempTR2688.html
[2010-01-25 10:49:20 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempXk2556.html
[2010-01-25 10:49:20 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempKE2556.html
[2010-01-24 21:16:47 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempIm2220.html
[2010-01-24 21:16:47 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempAw2220.html
[2010-01-24 14:45:09 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempqF5848.html
[2010-01-24 14:45:09 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\Tempws5848.html
[2010-01-24 09:13:25 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\Templg2232.html
[2010-01-24 09:13:25 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempXM2232.html
[2010-01-23 21:49:23 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempRT3268.html
[2010-01-23 21:49:22 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempkV3268.html
[2010-01-23 15:41:22 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempDH3888.html
[2010-01-23 15:41:22 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempPW3888.html
[2010-01-22 16:59:34 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\Tempzd6096.html
[2010-01-22 16:59:34 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempfG6096.html
[2010-01-22 15:36:19 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempTB2484.html
[2010-01-22 15:36:19 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempNX2484.html
[2010-01-22 07:40:54 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempNp3200.html
[2010-01-22 07:40:54 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempId3200.html
[2010-01-22 00:45:46 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TemphTV824.html
[2010-01-22 00:45:46 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempDXp824.html
[2010-01-21 20:59:32 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempgK5332.html
[2010-01-21 20:59:32 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempPj5332.html
[2010-01-21 19:18:32 | 000,002,432 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempPN6044.html
[2010-01-21 19:18:32 | 000,002,089 | ---- | C] () -- C:\Users\Przemek\AppData\Local\TempQC6044.html
[2010-01-09 21:50:36 | 000,000,000 | ---- | C] () -- C:\Windows\iPlayer.INI
[2009-11-11 11:22:56 | 000,000,552 | ---- | C] () -- C:\Users\Przemek\AppData\Local\d3d8caps.dat
[2009-10-18 21:04:30 | 000,000,839 | ---- | C] () -- C:\Users\Przemek\.recently-used.xbel
[2009-09-06 20:36:02 | 000,061,440 | ---- | C] () -- C:\Windows\System32\wintab32.dll
[2009-06-22 18:04:45 | 000,524,288 | -HS- | C] () -- C:\Users\Przemek\ntuser.dat{30718fb1-5f2c-11de-aa86-00030d84511d}.TMContainer00000000000000000002.regtrans-ms
[2009-06-22 18:04:45 | 000,524,288 | -HS- | C] () -- C:\Users\Przemek\ntuser.dat{30718fb1-5f2c-11de-aa86-00030d84511d}.TMContainer00000000000000000001.regtrans-ms
[2009-06-22 18:04:45 | 000,065,536 | -HS- | C] () -- C:\Users\Przemek\ntuser.dat{30718fb1-5f2c-11de-aa86-00030d84511d}.TM.blf
[2009-04-30 00:44:20 | 004,647,319 | ---- | C] () -- C:\Users\Przemek\justin timberlake - cry me a river.mp3
[2009-04-10 22:34:06 | 000,278,984 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2009-04-10 22:34:06 | 000,025,416 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2009-04-07 11:27:11 | 000,146,529 | ---- | C] () -- C:\Users\Przemek\ŁQ buch.JPG
[2009-04-06 16:02:15 | 000,524,288 | -HS- | C] () -- C:\Users\Przemek\NTUSER.DAT{714ed39d-22b3-11de-9dd9-00030d84511d}.TMContainer00000000000000000002.regtrans-ms
[2009-04-06 16:02:15 | 000,524,288 | -HS- | C] () -- C:\Users\Przemek\NTUSER.DAT{714ed39d-22b3-11de-9dd9-00030d84511d}.TMContainer00000000000000000001.regtrans-ms
[2009-04-06 16:02:15 | 000,065,536 | -HS- | C] () -- C:\Users\Przemek\NTUSER.DAT{714ed39d-22b3-11de-9dd9-00030d84511d}.TM.blf
[2009-03-24 15:35:14 | 000,000,680 | ---- | C] () -- C:\Users\Przemek\AppData\Local\d3d9caps.dat
[2009-02-08 09:08:23 | 000,129,024 | ---- | C] () -- C:\Windows\System32\AVERM.dll
[2009-02-08 09:08:23 | 000,028,672 | ---- | C] () -- C:\Windows\System32\AVEQT.dll
[2009-02-05 14:36:41 | 000,000,266 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009-01-20 11:37:31 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2009-01-20 11:37:31 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2009-01-20 11:37:31 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2009-01-14 18:42:01 | 000,000,000 | ---- | C] () -- C:\Users\Przemek\AppData\Roaming\wklnhst.dat
[2009-01-08 23:07:38 | 000,021,508 | ---- | C] () -- C:\Users\Przemek\AppData\Roaming\UserTile.png
[2008-12-19 22:37:46 | 000,000,104 | ---- | C] () -- C:\Users\Przemek\Internet — skrót.lnk
[2008-11-19 00:06:30 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2008-11-06 23:58:45 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2008-11-06 23:06:07 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2008-11-03 23:12:02 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2008-10-20 19:08:36 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll
[2008-10-17 15:53:26 | 000,000,000 | ---- | C] () -- C:\Windows\System32\msexcr.ini
[2008-10-07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008-10-07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2008-09-24 20:11:48 | 000,017,530 | ---- | C] () -- C:\Users\Przemek\AppData\Roaming\ReplayConverterLog.log
[2008-09-21 12:49:23 | 000,717,296 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2008-09-19 21:03:57 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2008-09-19 21:03:47 | 000,056,320 | ---- | C] () -- C:\Users\Przemek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008-09-19 20:35:30 | 003,932,160 | -HS- | C] () -- C:\Users\Przemek\ntuser.dat
[2008-09-19 20:35:30 | 000,524,288 | -HS- | C] () -- C:\Users\Przemek\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000002.regtrans-ms
[2008-09-19 20:35:30 | 000,524,288 | -HS- | C] () -- C:\Users\Przemek\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000001.regtrans-ms
[2008-09-19 20:35:30 | 000,262,144 | -H-- | C] () -- C:\Users\Przemek\ntuser.dat.LOG1
[2008-09-19 20:35:30 | 000,065,536 | -HS- | C] () -- C:\Users\Przemek\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TM.blf
[2008-09-19 20:35:30 | 000,000,020 | -HS- | C] () -- C:\Users\Przemek\ntuser.ini
[2008-09-19 20:35:30 | 000,000,000 | -H-- | C] () -- C:\Users\Przemek\ntuser.dat.LOG2
[2007-11-27 16:26:20 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2007-03-29 23:00:40 | 000,203,264 | R--- | C] () -- C:\Windows\System32\CddbCdda.dll
[2006-11-02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006-08-11 19:52:02 | 000,012,288 | ---- | C] () -- C:\Windows\System32\EvOnlDiag.dll
[2005-06-18 17:00:52 | 000,070,018 | ---- | C] () -- C:\Windows\System32\akrip32.dll
[1996-04-03 21:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\drivers\giveio.sys

[color=#E56717]========== LOP Check ==========[/color]

[2008-09-20 14:37:56 | 000,000,000 | ---D | M] -- C:\Users\Gabrysia\AppData\Roaming\Gadu-Gadu
[2008-10-29 16:23:01 | 000,000,000 | ---D | M] -- C:\Users\Gabrysia\AppData\Roaming\Nowe Gadu-Gadu
[2008-09-24 18:56:26 | 000,000,000 | ---D | M] -- C:\Users\Gabrysia\AppData\Roaming\PC Suite
[2009-02-10 17:23:47 | 000,000,000 | ---D | M] -- C:\Users\Gabrysia\AppData\Roaming\Skinux
[2009-01-31 21:51:13 | 000,000,000 | ---D | M] -- C:\Users\Krystyna\AppData\Roaming\DAEMON Tools
[2008-12-08 20:56:03 | 000,000,000 | ---D | M] -- C:\Users\Krystyna\AppData\Roaming\Gadu-Gadu
[2010-04-11 12:12:25 | 000,000,000 | ---D | M] -- C:\Users\Krystyna\AppData\Roaming\MahJong Suite
[2009-02-28 13:56:40 | 000,000,000 | ---D | M] -- C:\Users\Krystyna\AppData\Roaming\Skinux
[2009-02-18 17:31:31 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\23doors
[2009-12-14 20:58:30 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Azureus
[2009-07-21 15:18:42 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\com.raptr.Raptr.848BBC53270CAC248E8FA0F339176201CDEB525F.1
[2009-06-23 00:55:57 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\DAEMON Tools
[2009-11-04 10:26:57 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Dark Sector
[2010-03-28 20:14:05 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\EurekaLog
[2010-03-03 21:03:52 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Ferro Software
[2009-06-18 12:10:46 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\FreeCall
[2008-09-20 12:58:45 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Gadu-Gadu
[2009-12-22 16:08:12 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Gadu-Gadu 10
[2009-11-20 22:00:14 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\GamesTool
[2009-01-28 13:58:59 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\GHISLER
[2009-10-18 20:42:36 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\gtk-2.0
[2009-07-21 14:22:35 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\ijjigame
[2009-11-22 19:57:08 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\ipla
[2009-05-02 02:05:32 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\IVONA Player
[2008-12-08 16:26:08 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Leadertech
[2008-09-24 18:45:27 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Nokia
[2008-10-23 19:38:12 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Nowe Gadu-Gadu
[2009-07-21 15:20:17 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\NPLUTO Corporation
[2009-08-31 00:25:22 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\OpenFM
[2010-02-23 02:40:05 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\OpenOffice.org
[2009-01-29 21:54:49 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Opera
[2008-12-14 11:55:24 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\OTSPW
[2008-09-24 18:45:13 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\PC Suite
[2009-01-08 23:07:38 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\PeerNetworking
[2009-09-06 20:38:17 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\progeSOFT
[2009-07-21 15:18:22 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Raptr
[2008-10-01 15:27:24 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Ringtone
[2009-09-16 07:31:56 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Samsung
[2009-06-24 16:08:38 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\SecondLife
[2009-02-08 01:51:49 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Skinux
[2009-01-27 11:13:28 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Tibia
[2009-04-09 01:06:09 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\TuneUp Software
[2010-01-29 17:19:44 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\Turbine
[2009-01-27 11:49:42 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\WypasOTS Client
[2009-11-23 16:29:52 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\yess
[2009-08-11 21:09:24 | 000,000,000 | ---D | M] -- C:\Users\Przemek\AppData\Roaming\ZOO Digital Publishing
[2010-04-13 09:32:30 | 000,000,508 | ---- | M] () -- C:\Windows\Tasks\1-Click Maintenance.job
[2010-04-13 09:31:25 | 000,032,568 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010-04-12 16:27:48 | 000,000,422 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{2D32B598-9AD8-42B2-B3BB-8AF182A35469}.job
[2010-04-12 19:12:49 | 000,000,424 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{5E089632-8E9B-44C4-A369-156C380EF725}.job

[color=#E56717]========== Purity Check ==========[/color]

[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< netsvc >[/color]

Invalid Environment Variable: systemfrive

[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2007-11-04 00:40:05 | 000,056,504 | ---- | M] (Microsoft Corporation) MD5=198636E76971EBC96404547EC0FD5E75 -- C:\Windows\System32\drivers\AGP440.sys
[2007-11-04 00:40:05 | 000,056,504 | ---- | M] (Microsoft Corporation) MD5=198636E76971EBC96404547EC0FD5E75 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_cb7c81c7\AGP440.sys
[2007-11-04 00:40:05 | 000,056,504 | ---- | M] (Microsoft Corporation) MD5=198636E76971EBC96404547EC0FD5E75 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.20598_none_b85cfa98dae9b436\AGP440.sys
[2006-11-02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2007-11-04 01:07:49 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=0B77F93AB73798F97E8E0A0AA4CCBEEF -- C:\Windows\System32\drivers\atapi.sys
[2007-11-04 01:07:49 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=0B77F93AB73798F97E8E0A0AA4CCBEEF -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_44b6b0d0\atapi.sys
[2007-11-04 01:07:49 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=0B77F93AB73798F97E8E0A0AA4CCBEEF -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20694_none_db7e36353dc64123\atapi.sys
[2006-11-02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2006-11-02 10:51:03 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=AC3DD1708B22761EBD7CBE14DCC3B5D7 -- C:\Windows\System32\drivers\beep.sys
[2006-11-02 10:51:03 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=AC3DD1708B22761EBD7CBE14DCC3B5D7 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6000.16386_none_c1e9df570ab23787\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2006-11-02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\drivers\cdrom.sys
[2006-11-02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2006-11-02 11:51:42 | 000,500,840 | ---- | M] (Microsoft Corporation) MD5=227C11E1E7CF6EF8AFB2A238D209760C -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.16386_none_a59069cb1f23fc44\ndis.sys
[2007-11-04 00:02:57 | 000,503,480 | ---- | M] (Microsoft Corporation) MD5=6E8DFFACE597629CEF5DF7D69217628F -- C:\Windows\System32\drivers\ndis.sys
[2007-11-04 00:02:57 | 000,503,480 | ---- | M] (Microsoft Corporation) MD5=6E8DFFACE597629CEF5DF7D69217628F -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.20548_none_a64748c0381f5c1f\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2006-11-02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2007-11-04 00:30:30 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=A3FEA6ED9FD3CF07219A632E4A716226 -- C:\Windows\System32\winlogon.exe
[2007-11-04 00:30:30 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=A3FEA6ED9FD3CF07219A632E4A716226 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.20593_none_6e080d01f12ed7fe\winlogon.exe

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:7E95B6FD
< End of report >
[/log] Malwarebytes jeszcze pracuje ale juz znalazl 19 zainfekowanych

Avira juz sciagam. A moglbym prosic o link do comoda bo nie chce znow czegos zepsuc. Wiem ze jak sie ma dwa antywirusy to trzeba je odpowiednio dobrac.

13 kwietnia 2010

Comodo to Firewall, można go spokojnie połączyć z Avirą.
Strona producenta: http://www.comodo.com/

Czekamy aż MBAM skończy skanowanie.

13 kwietnia 2010

[log]Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org

Wersja bazy: 3983

Windows 6.0.6000
Internet Explorer 8.0.6001.18904

2010-04-13 10:45:22
mbam-log-2010-04-13 (10-45-22).txt

Typ skanowania: Pełne skanowanie (C:\|D:\|)
Przeskanowano obiektów: 257140
Upłynęło: 1 godzin(y), 2 minut(y), 22 sekund(y)

Zainfekowanych procesów w pamięci: 1
Zainfekowanych modułów w pamięci: 0
Zainfekowanych kluczy rejestru: 23
Zainfekowanych wartości rejestru: 0
Zainfekowane informacje rejestru systemowego: 0
Zainfekowanych folderów: 9
Zainfekowanych plików: 7

Zainfekowanych procesów w pamięci:
C:\Program Files\RelevantKnowledge\rlservice.exe (Adware.RelevantKnowledge) -> No action taken.

Zainfekowanych modułów w pamięci:
(Nie znaleziono zagrożeń)

Zainfekowanych kluczy rejestru:
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.

Zainfekowanych wartości rejestru:
(Nie znaleziono zagrożeń)

Zainfekowane informacje rejestru systemowego:
(Nie znaleziono zagrożeń)

Zainfekowanych folderów:
C:\Program Files\FunWebProducts (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\ScreenSaver (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\ScreenSaver\Images (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\History (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> No action taken.
C:\Program Files\RelevantKnowledge (Spyware.MarketScore) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge (Spyware.MarketScore) -> No action taken.

Zainfekowanych plików:
C:\Program Files\RelevantKnowledge\rlservice.exe (Adware.RelevantKnowledge) -> No action taken.
C:\Users\Przemek\Desktop\gry\gta.sa\GTA San Andreas\trainer.exe (Trojan.Downloader) -> No action taken.
C:\Casino\Europa Casino\_EuropaSetup_500bdc.exe (Adware.Casino) -> No action taken.
C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\About RelevantKnowledge.lnk (Spyware.MarketScore) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Privacy Policy and User License Agreement.lnk (Spyware.MarketScore) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Support.lnk (Spyware.MarketScore) -> No action taken.
[/log] Usunolem wszystkie zainfekowane pliki.Zrestartowalem komputer , uzylem ccleanera i zainstalowalem nowego anty wirusa. Dziekuje za pomoc wszystko dziala bez zarzutu

13 kwietnia 2010

W logu zapomniałem umieścić właśnie Relevant, sprawdzałem przed Twoim logiem podobny, z tym samym problemem i mi się pomieszało.

Na szczęście MBAM zadziałał i wskazał Ci wirusy.

Odpal jeszcze opcję CleanUP w OTL.

Czysto.

Zaloguj się

Zablokowana Możliwość Instalacji

Lq1991

Mateusz J.

Lq1991

Mateusz J.

Lq1991

Mateusz J.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Strona główna

Powiadomienie o plikach cookie