chinczolek utworzono 19 maja 2010 utworzono 19 maja 2010 Prosze o sprawdzenie loga, po (chyba) udanej walce z tak slawnymi ostatnio wirusami z pendrivea. Dodam ze robale gniezdzily sie na wszystkich partycjach (prawdopodobnie w plikach autorun.inf) poniewaz po zrobienu formata systemu (myslalem ze to rozwiąze problem) wirus a konkretnie Hijack.System.Hidden powrócil i ciagle lokowal sie w HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue. Malwarebytes nie mogl sobie z nim poradzic, niby usuwal go do kwarantanny ale robal ciagle wracal. Avira wogule przestala dzialac przez (chyba) tego wirusa. Co jakis czas pojawialy sie równiez takie robale: \Ustawienia lokalne\Temp\dsoqq0.dll (Spyware.OnlineGames) \Ustawienia lokalne\Temp\dsoqq1.dll (Spyware.OnlineGames) \Ustawienia lokalne\Temp\dsoqq.exe (Spyware.OnlineGames) dsoqq.exe ciagle bylo w autostarcie, tak wogule co to za aplikacja? Objawy byly nastepujace: Brak mozliwosci zobaczenia ukrytych folderów, kazda partycja otwierala sie w nowym oknie, a takze wlasnie Avira przestala dzialac (nie moglem zeskanowac kompa, ani pobrac aktualizacji) Jedynym programem ktory sie z tym wszystkim uporal to Dr.Web, znalazl on równiez mnostwo robactwa w folderach System Volume Information, o których nie mialem nawet pojecia. Po usunieciu tego robactwa, nagle przestały mi sie owtierac partycje tzn wyskakiwal komunikat 'otwórz za pomocą' ale dostalem loga, sfixowalem go w OTL i wszystko dziala, przeskanowalem pozniej system wszelkimi skanerami i narazie nic nie wykrywa. Prosze o sprawdzenie loga czy naprawde jest wszystko ok. Chcialbym sie równiez zapytac czy tego typu infekcje nie uszkodza mi zadnych plików mp3 czy avi, bo posiadam spore zbiory muzyki i filmów wiec sie troche obawiam o ich bezpieczenstwo. [log]OTL logfile created on: 2010-05-19 16:26:39 - Run 1 OTL by OldTimer - Version 3.2.4.1 Folder = C:\Documents and Settings\Chinczol\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 68,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 85,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 75,13 Gb Total Space | 69,66 Gb Free Space | 92,72% Space Free | Partition Type: NTFS Drive D: | 195,31 Gb Total Space | 166,19 Gb Free Space | 85,09% Space Free | Partition Type: NTFS Drive E: | 195,32 Gb Total Space | 139,03 Gb Free Space | 71,18% Space Free | Partition Type: NTFS Drive F: | 488,19 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: CHINCZYK-2F5F8D Current User Name: Chinczol Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 60 Days Output = Standard [color=#E56717]========== Processes (All) ==========[/color] PRC - [2010-05-19 16:21:31 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Chinczol\Pulpit\OTL.exe PRC - [2010-05-17 22:31:29 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2010-05-17 22:31:29 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2009-11-20 19:01:18 | 000,832,296 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe PRC - [2009-08-06 09:44:34 | 000,168,004 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe PRC - [2009-08-04 17:29:54 | 000,219,360 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe PRC - [2009-08-04 17:29:52 | 000,346,320 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe PRC - [2009-07-30 17:51:02 | 000,068,136 | ---- | M] () -- C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe PRC - [2009-06-25 08:07:40 | 017,887,232 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE PRC - [2009-03-02 13:08:47 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2009-01-26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe PRC - [2008-04-14 22:51:52 | 000,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe PRC - [2008-04-14 22:51:52 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe PRC - [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2008-04-14 22:51:44 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2008-04-14 22:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2008-04-14 22:51:40 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2008-04-14 22:51:40 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe PRC - [2008-04-14 22:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008-04-14 22:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2008-04-14 22:51:04 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe PRC - [2007-11-14 12:54:24 | 002,131,392 | ---- | M] (Gadu-Gadu S.A.) -- C:\Program Files\Gadu-Gadu\gg.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-05-19 16:21:31 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Chinczol\Pulpit\OTL.exe MOD - [2009-08-21 20:08:24 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2008-04-14 22:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2008-04-14 22:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2008-04-14 22:50:58 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll MOD - [2008-04-14 22:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2008-04-14 22:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2008-04-14 22:50:48 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2008-04-14 22:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2008-04-14 22:50:48 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2008-04-14 22:50:46 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2008-04-14 22:50:46 | 000,584,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2008-04-14 22:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2008-04-14 22:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2008-04-14 22:50:46 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll MOD - [2008-04-14 22:50:46 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2008-04-14 22:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2008-04-14 22:50:42 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll MOD - [2008-04-14 22:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2008-04-14 22:50:36 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2008-04-14 22:50:32 | 000,285,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-04-14 22:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2008-04-14 22:50:16 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2008-04-14 22:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2008-04-14 22:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2008-04-14 22:50:00 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2008-04-14 22:49:16 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2008-04-14 22:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2008-04-14 22:29:10 | 001,054,208 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll MOD - [2006-12-21 14:30:44 | 000,102,400 | ---- | M] (Gadu-Gadu S.A.) -- C:\Program Files\Gadu-Gadu\ggwhook.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2010-05-17 22:31:29 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010-05-17 22:31:29 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2009-08-04 17:29:54 | 000,219,360 | ---- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe -- (BCUService) SRV - [2009-07-30 17:51:02 | 000,068,136 | ---- | M] () [Auto | Running] -- C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe -- (GEST Service) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010-05-19 09:22:45 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\gdrv.sys -- (gdrv) DRV - [2010-05-17 22:31:29 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt) DRV - [2010-05-17 22:31:29 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009-08-06 16:50:00 | 007,753,888 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2009-06-29 13:59:14 | 000,142,592 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp) DRV - [2009-06-25 08:07:44 | 005,095,936 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2009-06-25 08:07:40 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt) DRV - [2009-06-25 08:07:40 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt) DRV - [2009-03-30 10:33:07 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb) DRV - [2009-02-13 12:35:05 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - [2008-04-13 22:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1229272821-1647877149-682003330-1003\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.) IE - HKU\S-1-5-21-1229272821-1647877149-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 O1 HOSTS File: ([2010-05-18 18:41:22 | 000,395,202 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 13648 more lines... O2 - BHO: (Ask Toolbar BHO) - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL File not found O3 - HKLM\..\Toolbar: (Ask Toolbar) - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL File not found O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [BCU] C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.) O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe () O4 - HKU\S-1-5-21-1229272821-1647877149-682003330-1003..\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.) O4 - HKU\S-1-5-21-1229272821-1647877149-682003330-1003..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited) O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1229272821-1647877149-682003330-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1229272821-1647877149-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36 O7 - HKU\S-1-5-21-1229272821-1647877149-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data] O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.172.186.4 213.172.186.5 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-05-17 16:54:27 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2010-05-17 22:15:56 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010-05-17 22:15:57 | 000,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010-05-17 22:15:57 | 000,000,000 | RHSD | M] - E:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2002-10-08 02:07:28 | 000,000,112 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - C:\WINDOWS\system32\ias [2010-05-17 16:54:07 | 000,000,000 | ---D | M] NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-05-19 16:20:59 | 000,571,392 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Chinczol\Pulpit\OTL.exe [2010-05-18 19:09:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games [2010-05-18 18:38:53 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy [2010-05-18 18:38:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Spybot - Search & Destroy [2010-05-18 18:22:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chinczol\Ustawienia lokalne\Dane aplikacji\Ahead [2010-05-18 17:43:05 | 000,000,000 | ---D | C] -- C:\Program Files\GridinSoft Trojan Killer [2010-05-18 16:24:05 | 001,568,768 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagX7.dll [2010-05-18 16:24:05 | 000,476,320 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXpr7.dll [2010-05-18 16:24:05 | 000,471,040 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXRA7.dll [2010-05-18 16:24:05 | 000,364,544 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\TwnLib4.dll [2010-05-18 16:24:05 | 000,262,144 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXR7.dll [2010-05-18 16:24:05 | 000,106,496 | ---- | C] (Pegasus Software) -- C:\WINDOWS\System32\TwnLib20.dll [2010-05-18 16:24:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Ahead [2010-05-18 16:24:05 | 000,000,000 | ---D | C] -- C:\Program Files\Ahead [2010-05-17 23:28:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt [2010-05-17 23:28:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel [2010-05-17 23:15:44 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$ [2010-05-17 23:11:43 | 000,737,280 | ---- | C] (Indigo Rose Corporation) -- C:\WINDOWS\iun6002.exe [2010-05-17 23:11:41 | 000,000,000 | ---D | C] -- C:\Program Files\Tweak-XP Pro 4 [2010-05-17 23:01:33 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll [2010-05-17 23:01:32 | 000,000,000 | ---D | C] -- C:\Program Files\Real Alternative [2010-05-17 22:59:36 | 000,000,000 | ---D | C] -- C:\Program Files\Foxit Software [2010-05-17 22:59:10 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR [2010-05-17 22:34:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\Adobe [2010-05-17 22:18:25 | 000,096,104 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys [2010-05-17 22:18:25 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys [2010-05-17 22:18:25 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys [2010-05-17 22:18:25 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys [2010-05-17 22:18:24 | 000,000,000 | ---D | C] -- C:\Program Files\Avira [2010-05-17 22:18:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Avira [2010-05-17 22:15:56 | 000,000,000 | RHSD | C] -- C:\autorun.inf [2010-05-17 21:14:37 | 000,000,000 | ---D | C] -- C:\Program Files\Simpli Software [2010-05-17 21:12:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chinczol\DoctorWeb [2010-05-17 19:45:58 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2010-05-17 19:38:09 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys [2010-05-17 19:24:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Lavasoft [2010-05-17 19:04:49 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys [2010-05-17 18:45:59 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer [2010-05-17 18:45:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC [2010-05-17 18:45:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines [2010-05-17 18:45:55 | 000,000,000 | R--D | C] -- C:\Program Files [2010-05-17 18:45:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared [2010-05-17 18:45:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files [2010-05-17 18:45:25 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start [2010-05-17 18:45:25 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty [2010-05-17 18:45:25 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Szablony [2010-05-17 18:45:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Ulubione [2010-05-17 18:45:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Pulpit [2010-05-17 18:43:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2 [2010-05-17 18:43:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot [2010-05-17 18:43:32 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft [2010-05-17 18:43:32 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji [2010-05-17 18:43:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings [2010-05-17 18:43:11 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2010-05-17 18:39:10 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts [2010-05-17 18:39:10 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web [2010-05-17 18:39:10 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32 [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32 [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\system [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\security [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl-pl [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\Network Diagnostic [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\L2Schemas [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\java [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076 [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052 [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054 [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1045 [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042 [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041 [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037 [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033 [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031 [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028 [2010-05-17 18:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025 [2010-05-17 18:27:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2010-05-17 18:21:42 | 000,000,000 | ---D | C] -- C:\Program Files\Trojan Remover [2010-05-17 18:17:55 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro [2010-05-17 18:02:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chinczol\Dane aplikacji\Gadu-Gadu [2010-05-17 18:01:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chinczol\Gadu-Gadu [2010-05-17 18:01:35 | 000,000,000 | ---D | C] -- C:\Program Files\Gadu-Gadu [2010-05-17 17:49:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chinczol\Dane aplikacji\Macromedia [2010-05-17 17:49:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chinczol\Dane aplikacji\Adobe [2010-05-17 17:47:12 | 000,000,000 | ---D | C] -- C:\Program Files\HD Tune Pro [2010-05-17 17:43:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chinczol\Dane aplikacji\foobar2000 [2010-05-17 17:43:00 | 000,000,000 | ---D | C] -- C:\Program Files\foobar2000 [2010-05-17 17:42:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chinczol\Moje dokumenty\The KMPlayer [2010-05-17 17:41:46 | 000,000,000 | ---D | C] -- C:\Program Files\The KMPlayer [2010-05-17 17:22:50 | 000,056,816 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys [2010-05-17 17:13:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chinczol\Ustawienia lokalne\Dane aplikacji\Opera [2010-05-17 17:13:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chinczol\Dane aplikacji\Opera [2010-05-17 17:11:56 | 000,000,000 | ---D | C] -- C:\Program Files\Opera [2010-05-17 17:10:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chinczol\Dane aplikacji\Malwarebytes [2010-05-17 17:10:56 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010-05-17 17:10:55 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010-05-17 17:10:55 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010-05-17 17:10:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes [2010-05-17 17:09:45 | 000,142,592 | R--- | C] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\drivers\Rtenicxp.sys [2010-05-17 17:08:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Lang [2010-05-17 17:07:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss [2010-05-17 17:07:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\RTCOM [2010-05-17 17:07:25 | 000,290,816 | ---- | C] (Realtek Semiconductor Crop.) -- C:\WINDOWS\vncutil.exe [2010-05-17 17:07:24 | 000,122,880 | ---- | C] (Realtek Semiconductor) -- C:\WINDOWS\RtkAudioService.exe [2010-05-17 17:07:10 | 002,808,832 | ---- | C] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE [2010-05-17 17:07:09 | 001,684,736 | ---- | C] (Creative) -- C:\WINDOWS\System32\drivers\Ambfilt.sys [2010-05-17 17:07:09 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2010-05-17 17:04:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups [2010-05-17 17:04:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE [2010-05-17 17:04:49 | 000,053,248 | R--- | C] (Windows XP Bundled build C-Centric Single User) -- C:\WINDOWS\System32\CSVer.dll [2010-05-17 17:04:49 | 000,000,000 | ---D | C] -- C:\Program Files\Intel [2010-05-17 17:04:44 | 000,000,000 | ---D | C] -- C:\Intel [2010-05-17 17:04:21 | 000,000,000 | -H-D | C] -- C:\Program Files\DeviceVM [2010-05-17 17:04:01 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information [2010-05-17 17:04:01 | 000,000,000 | ---D | C] -- C:\Program Files\GIGABYTE [2010-05-17 17:03:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield [2010-05-17 17:00:36 | 000,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies [2010-05-17 17:00:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\AGEIA [2010-05-17 17:00:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard [2010-05-17 17:00:17 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation [2010-05-17 17:00:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NVIDIA Corporation [2010-05-17 16:56:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chinczol\Dane aplikacji\Identities [2010-05-17 16:56:51 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information [2010-05-17 16:56:49 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Chinczol\Moje dokumenty\Moje obrazy [2010-05-17 16:56:49 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Chinczol\Moje dokumenty\Moja muzyka [2010-05-17 16:56:40 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Chinczol\Dane aplikacji\Microsoft [2010-05-17 16:56:40 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Chinczol\Cookies [2010-05-17 16:56:40 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Chinczol\SendTo [2010-05-17 16:56:40 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Chinczol\Recent [2010-05-17 16:56:40 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Chinczol\Dane aplikacji [2010-05-17 16:56:40 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Chinczol\Ulubione [2010-05-17 16:56:40 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Chinczol\Moje dokumenty [2010-05-17 16:56:40 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Chinczol\Menu Start [2010-05-17 16:56:40 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Chinczol\Ustawienia lokalne [2010-05-17 16:56:40 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Chinczol\Szablony [2010-05-17 16:56:40 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Chinczol\PrintHood [2010-05-17 16:56:40 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Chinczol\NetHood [2010-05-17 16:56:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chinczol\Pulpit [2010-05-17 16:56:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chinczol\Ustawienia lokalne\Dane aplikacji\Microsoft [2010-05-17 16:55:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution [2010-05-17 16:55:54 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft [2010-05-17 16:55:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch [2010-05-17 16:55:53 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft [2010-05-17 16:55:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft [2010-05-17 16:55:40 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft [2010-05-17 16:55:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft [2010-05-17 16:54:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dllcache [2010-05-17 16:53:51 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM [2010-05-17 16:53:46 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files [2010-05-17 16:53:46 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages [2010-05-17 16:53:40 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate [2010-05-17 16:53:37 | 000,000,000 | ---D | C] -- C:\Program Files\Usługi online [2010-05-17 16:53:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX [2010-05-17 16:52:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services [2010-05-17 16:52:53 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks [2010-05-17 16:52:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap [2010-05-17 16:52:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst [2010-05-17 16:52:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed [2010-05-17 16:52:35 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker [2010-05-17 16:52:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore [2010-05-17 16:52:01 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting [2010-05-17 16:51:56 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express [2010-05-17 16:51:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System [2010-05-17 16:51:47 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer [2010-05-17 16:51:46 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje obrazy [2010-05-17 16:51:19 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications [2010-05-17 16:51:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration [2010-05-17 16:51:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moja muzyka [2010-05-17 16:51:07 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player [2010-05-17 16:50:59 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone [2010-05-17 16:50:25 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT [2010-05-17 16:50:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc [2010-05-17 16:50:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com [2010-05-17 16:50:01 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje wideo [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2010-05-19 16:21:31 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Chinczol\Pulpit\OTL.exe [2010-05-19 15:43:45 | 157,775,412 | ---- | M] () -- C:\Documents and Settings\Chinczol\Pulpit\Czysta.nauka.Wielkie.mrozy.-.National.Geographic.TVRip.XviD.LEKTOR.PL-krzychu18.avi [2010-05-19 15:34:46 | 064,763,904 | ---- | M] () -- C:\Documents and Settings\Chinczol\Pulpit\Dragon Ball 094 dbp.avi [2010-05-19 15:06:38 | 065,841,152 | ---- | M] () -- C:\Documents and Settings\Chinczol\Pulpit\Dragon Ball 095 dbp.avi [2010-05-19 14:29:21 | 000,248,739 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml [2010-05-19 10:23:59 | 005,505,024 | -H-- | M] () -- C:\Documents and Settings\Chinczol\NTUSER.DAT [2010-05-19 10:23:59 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Chinczol\ntuser.ini [2010-05-19 10:23:43 | 003,731,992 | -H-- | M] () -- C:\Documents and Settings\Chinczol\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-05-19 10:18:00 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2010-05-19 09:46:12 | 061,532,160 | ---- | M] () -- C:\Documents and Settings\Chinczol\Pulpit\Dragon Ball 093 dbp.avi [2010-05-19 09:22:35 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-05-19 09:22:30 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-05-18 22:51:55 | 040,588,952 | ---- | M] () -- C:\Documents and Settings\Chinczol\Pulpit\Dr Web.exe [2010-05-18 22:34:12 | 064,235,520 | ---- | M] () -- C:\Documents and Settings\Chinczol\Pulpit\Dragon Ball 092 dbp.avi [2010-05-18 21:55:44 | 000,016,384 | ---- | M] () -- C:\Documents and Settings\Chinczol\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-05-18 19:27:13 | 000,095,864 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-05-18 19:21:52 | 000,001,773 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Age of Mythology.lnk [2010-05-18 19:20:34 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-05-18 18:56:40 | 000,000,105 | ---- | M] () -- C:\WINDOWS\wininit.ini [2010-05-18 18:41:22 | 000,395,202 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2010-05-18 18:38:57 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\Chinczol\Pulpit\Spybot - Search & Destroy.lnk [2010-05-18 16:24:36 | 000,001,239 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nero StartSmart.lnk [2010-05-18 16:18:52 | 064,710,656 | ---- | M] () -- C:\Documents and Settings\Chinczol\Pulpit\Dragon Ball 091 dbp.avi [2010-05-17 23:11:28 | 000,737,280 | ---- | M] (Indigo Rose Corporation) -- C:\WINDOWS\iun6002.exe [2010-05-17 22:31:29 | 000,056,816 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys [2010-05-17 22:31:29 | 000,028,520 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys [2010-05-17 21:14:37 | 000,000,821 | ---- | M] () -- C:\Documents and Settings\Chinczol\Pulpit\HD Tach.lnk [2010-05-17 19:38:08 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys [2010-05-17 19:10:23 | 000,012,328 | ---- | M] () -- C:\Documents and Settings\Chinczol\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2010-05-17 19:04:52 | 000,000,787 | ---- | M] () -- C:\Documents and Settings\Chinczol\Pulpit\EVEREST Ultimate Edition.lnk [2010-05-17 18:46:02 | 000,004,444 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF [2010-05-17 18:45:54 | 000,000,231 | ---- | M] () -- C:\WINDOWS\system.ini [2010-05-17 17:47:12 | 000,000,650 | ---- | M] () -- C:\Documents and Settings\Chinczol\Pulpit\HD Tune Pro.lnk [2010-05-17 17:43:00 | 000,000,706 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\foobar2000.lnk [2010-05-17 17:41:50 | 000,000,710 | ---- | M] () -- C:\Documents and Settings\Chinczol\Pulpit\KMPlayer.lnk [2010-05-17 17:11:57 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk [2010-05-17 17:10:58 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2010-05-17 17:08:58 | 000,940,794 | ---- | M] () -- C:\WINDOWS\System32\LoopyMusic.wav [2010-05-17 17:08:58 | 000,146,650 | ---- | M] () -- C:\WINDOWS\System32\BuzzingBee.wav [2010-05-17 17:08:54 | 000,000,010 | ---- | M] () -- C:\WINDOWS\GSetup.ini [2010-05-17 16:57:22 | 000,763,990 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010-05-17 16:57:22 | 000,355,830 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2010-05-17 16:57:22 | 000,311,740 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010-05-17 16:57:22 | 000,049,712 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2010-05-17 16:57:22 | 000,040,128 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010-05-17 16:55:43 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD [2010-05-17 16:54:47 | 000,000,710 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf [2010-05-17 16:54:27 | 000,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2010-05-17 16:54:27 | 000,000,477 | ---- | M] () -- C:\WINDOWS\win.ini [2010-05-17 16:54:27 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2010-05-17 16:54:27 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010-05-17 16:54:27 | 000,000,000 | ---- | M] () -- C:\WINDOWS\control.ini [2010-05-17 16:54:27 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2010-05-17 16:54:27 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2010-05-17 16:54:25 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx [2010-05-17 16:54:25 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb [2010-05-17 16:54:25 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb [2010-05-17 16:54:18 | 000,004,293 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI [2010-05-17 16:53:46 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest [2010-05-17 16:53:46 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest [2010-05-17 16:53:43 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest [2010-05-17 16:53:43 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest [2010-05-17 16:53:43 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest [2010-05-17 16:53:43 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest [2010-05-17 16:53:43 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest [2010-05-17 16:53:43 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest [2010-05-17 16:51:27 | 000,021,856 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat [2010-05-17 16:51:17 | 000,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini [2010-05-17 16:51:17 | 000,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini [2010-05-17 16:49:22 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2010-04-29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010-04-29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-05-19 15:43:45 | 157,427,364 | ---- | C] () -- C:\Documents and Settings\Chinczol\Pulpit\Czysta.nauka.Wielkie.mrozy.-.National.Geographic.TVRip.XviD.LEKTOR.PL-krzychu18.avi [2010-05-19 15:17:18 | 064,763,904 | ---- | C] () -- C:\Documents and Settings\Chinczol\Pulpit\Dragon Ball 094 dbp.avi [2010-05-19 14:48:14 | 065,841,152 | ---- | C] () -- C:\Documents and Settings\Chinczol\Pulpit\Dragon Ball 095 dbp.avi [2010-05-19 09:28:44 | 061,532,160 | ---- | C] () -- C:\Documents and Settings\Chinczol\Pulpit\Dragon Ball 093 dbp.avi [2010-05-18 22:40:58 | 040,588,952 | ---- | C] () -- C:\Documents and Settings\Chinczol\Pulpit\Dr Web.exe [2010-05-18 22:16:07 | 064,235,520 | ---- | C] () -- C:\Documents and Settings\Chinczol\Pulpit\Dragon Ball 092 dbp.avi [2010-05-18 19:21:52 | 000,001,773 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Age of Mythology.lnk [2010-05-18 18:56:40 | 000,000,105 | ---- | C] () -- C:\WINDOWS\wininit.ini [2010-05-18 18:41:22 | 000,000,742 | ---- | C] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100518-184122.backup [2010-05-18 18:38:57 | 000,000,933 | ---- | C] () -- C:\Documents and Settings\Chinczol\Pulpit\Spybot - Search & Destroy.lnk [2010-05-18 16:41:32 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2010-05-18 16:24:36 | 000,001,239 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nero StartSmart.lnk [2010-05-18 16:00:18 | 064,710,656 | ---- | C] () -- C:\Documents and Settings\Chinczol\Pulpit\Dragon Ball 091 dbp.avi [2010-05-17 21:14:37 | 000,000,821 | ---- | C] () -- C:\Documents and Settings\Chinczol\Pulpit\HD Tach.lnk [2010-05-17 19:04:52 | 000,000,787 | ---- | C] () -- C:\Documents and Settings\Chinczol\Pulpit\EVEREST Ultimate Edition.lnk [2010-05-17 18:46:02 | 000,004,444 | ---- | C] () -- C:\WINDOWS\System32\pid.PNF [2010-05-17 18:45:54 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls [2010-05-17 18:45:51 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls [2010-05-17 18:45:51 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls [2010-05-17 18:45:51 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls [2010-05-17 18:45:49 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS [2010-05-17 18:45:49 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls [2010-05-17 18:45:49 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls [2010-05-17 18:45:47 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls [2010-05-17 18:45:47 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls [2010-05-17 18:45:47 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls [2010-05-17 18:45:47 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS [2010-05-17 18:45:47 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls [2010-05-17 18:45:45 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls [2010-05-17 18:45:45 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls [2010-05-17 18:45:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS [2010-05-17 18:45:41 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls [2010-05-17 18:45:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls [2010-05-17 18:45:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls [2010-05-17 18:45:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls [2010-05-17 18:45:34 | 000,001,734 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT [2010-05-17 18:43:11 | 000,095,864 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-05-17 18:42:23 | 000,000,211 | -HS- | C] () -- C:\boot.ini [2010-05-17 18:42:20 | 000,000,710 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf [2010-05-17 17:47:12 | 000,000,650 | ---- | C] () -- C:\Documents and Settings\Chinczol\Pulpit\HD Tune Pro.lnk [2010-05-17 17:46:43 | 000,016,384 | ---- | C] () -- C:\Documents and Settings\Chinczol\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-05-17 17:43:00 | 000,000,706 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\foobar2000.lnk [2010-05-17 17:41:50 | 000,000,710 | ---- | C] () -- C:\Documents and Settings\Chinczol\Pulpit\KMPlayer.lnk [2010-05-17 17:11:57 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk [2010-05-17 17:10:58 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2010-05-17 17:09:45 | 000,073,728 | R--- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll [2010-05-17 17:08:58 | 000,940,794 | ---- | C] () -- C:\WINDOWS\System32\LoopyMusic.wav [2010-05-17 17:08:58 | 000,146,650 | ---- | C] () -- C:\WINDOWS\System32\BuzzingBee.wav [2010-05-17 17:03:12 | 000,207,400 | R--- | C] () -- C:\WINDOWS\GSetup.exe [2010-05-17 17:03:12 | 000,000,010 | ---- | C] () -- C:\WINDOWS\GSetup.ini [2010-05-17 16:59:55 | 000,019,495 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu [2010-05-17 16:56:41 | 000,024,576 | -H-- | C] () -- C:\Documents and Settings\Chinczol\ntuser.dat.LOG [2010-05-17 16:56:41 | 000,000,188 | -HS- | C] () -- C:\Documents and Settings\Chinczol\ntuser.ini [2010-05-17 16:56:40 | 005,505,024 | -H-- | C] () -- C:\Documents and Settings\Chinczol\NTUSER.DAT [2010-05-17 16:55:43 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD [2010-05-17 16:54:47 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2010-05-17 16:54:27 | 000,002,596 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT [2010-05-17 16:54:27 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS [2010-05-17 16:54:27 | 000,000,000 | RHS- | C] () -- C:\IO.SYS [2010-05-17 16:54:27 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS [2010-05-17 16:54:27 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT [2010-05-17 16:54:25 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb [2010-05-17 16:54:25 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb [2010-05-17 16:54:24 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx [2010-05-17 16:53:46 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest [2010-05-17 16:53:46 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest [2010-05-17 16:53:43 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest [2010-05-17 16:53:43 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest [2010-05-17 16:53:43 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest [2010-05-17 16:53:43 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest [2010-05-17 16:53:43 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest [2010-05-17 16:53:43 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest [2010-05-17 16:53:07 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp [2010-05-17 16:53:07 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp [2010-05-17 16:51:27 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2010-05-17 16:50:41 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Pod mikroskopem.bmp [2010-05-17 16:50:41 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Stiuk z Santa Fe.bmp [2010-05-17 16:50:41 | 000,026,680 | ---- | C] () -- C:\WINDOWS\Wachlarze.bmp [2010-05-17 16:50:41 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rododendron.bmp [2010-05-17 16:50:41 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Indiański pled.bmp [2010-05-17 16:50:40 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Bąbelki.bmp [2010-05-17 16:50:40 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Nefryt.bmp [2010-05-17 16:50:40 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Na rybkach.bmp [2010-05-17 16:50:40 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Kawa.bmp [2010-05-17 16:50:40 | 000,016,730 | ---- | C] () -- C:\WINDOWS\Puch.bmp [2010-05-17 16:50:40 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Niebieska koronka 16.bmp [2010-05-17 16:50:39 | 000,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce [2010-05-17 16:50:39 | 000,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce [2010-05-17 16:50:39 | 000,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce [2010-05-17 16:50:39 | 000,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce [2010-05-17 16:50:39 | 000,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce [2010-05-17 16:50:39 | 000,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce [2010-05-17 16:50:38 | 000,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce [2010-05-17 16:50:38 | 000,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce [2010-05-17 16:50:36 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h [2010-05-17 16:50:36 | 000,001,225 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd [2010-05-17 16:50:34 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h [2010-05-17 16:50:28 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc [2009-08-03 00:21:54 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll [2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2009-08-03 00:21:52 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2009-08-03 00:21:52 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2008-05-04 18:08:49 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\CPUINFO2.DLL [color=#E56717]========== LOP Check ==========[/color] [2010-05-17 18:43:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2010-05-19 15:37:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chinczol\Dane aplikacji\foobar2000 [2010-05-17 18:02:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chinczol\Dane aplikacji\Gadu-Gadu [2010-05-17 17:13:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chinczol\Dane aplikacji\Opera [2010-05-18 10:31:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grubas\Dane aplikacji\foobar2000 [2010-05-18 10:07:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grubas\Dane aplikacji\Opera [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2010-05-18 17:58:11 | 000,000,693 | ---- | M] () -- C:\1.log [2010-05-17 22:03:19 | 000,000,444 | ---- | M] () -- C:\aaw7boot.log [2010-05-17 16:54:27 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2010-05-17 16:49:22 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2001-07-22 00:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2010-05-17 16:54:27 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2010-05-17 17:10:02 | 000,000,010 | ---- | M] () -- C:\csb.log [2010-05-17 17:09:51 | 000,000,197 | ---- | M] () -- C:\Install.log [2010-05-17 16:54:27 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010-05-17 16:54:27 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2008-04-13 22:13:04 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2008-04-14 00:02:00 | 000,251,152 | RHS- | M] () -- C:\ntldr [2010-05-19 09:22:28 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys [2010-05-17 17:07:49 | 000,001,769 | ---- | M] () -- C:\RHDSetup.log [2010-05-19 16:27:12 | 000,250,418 | ---- | M] () -- C:\service.log [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys [2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2001-08-17 23:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys [2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:CB0AACC9 < End of report > [/log]
Tomek01 komentarz 19 maja 2010 komentarz 19 maja 2010 Przecież uzyskałeś już pomoc: http://forum.pclab.pl/lofiversion/index.php?t589625.html
chinczolek komentarz 19 maja 2010 Autor komentarz 19 maja 2010 Wiem. Ale chcialem sprawdzic czy log jest czysty.
Tomek01 komentarz 19 maja 2010 komentarz 19 maja 2010 To czemu nie sprawdzisz tam gdzie tą pomoc uzyskałeś ?
chinczolek komentarz 19 maja 2010 Autor komentarz 19 maja 2010 Poprostu chcialem zaczerpnąc kilku porad na ten temat.
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.